From 409a74e2226d0162a08d3a773679014384c788fc Mon Sep 17 00:00:00 2001 From: Max Woolf Date: Tue, 11 Aug 2015 21:05:10 -0700 Subject: [PATCH] #30; updated blns.json to latest --- blns.json | 75 +++++++++++++++++++++++++++++++++++++++++++++++++------ blns.txt | 6 +++++ 2 files changed, 73 insertions(+), 8 deletions(-) diff --git a/blns.json b/blns.json index 4c4d078..b8f0d2c 100644 --- a/blns.json +++ b/blns.json @@ -1,11 +1,16 @@ [ "", "undefined", - "undef", + "undef", "null", "NULL", "nil", "NIL", + "true", + "false", + "True", + "False", + "None", "0", "1", "1.00", @@ -31,6 +36,11 @@ "0,,0", ",", "0,0,0", + "0.0/0", + "1.0/0.0", + "0.0/0.0", + "1,0/0,0", + "0,0/0,0", "--1", "-", "-.", @@ -39,6 +49,10 @@ "NaN", "Infinity", "-Infinity", + "0x0", + "0xffffffff", + "0xffffffffffffffff", + "0xabad1dea", ",./;'[]\\-=", "<>?:\"{}|_+", "!@#$%^&*()`", @@ -103,12 +117,6 @@ "
test
", "test⁠test‫", "⁦test⁧", - "test\u0000", - "test\u001b", - "test…", - "test
test
test", - "testကtest", - "test﷐", "Ṱ̺̺̕o͞ ̷i̲̬͇̪͙n̝̗͕v̟̜̘̦͟o̶̙̰̠kè͚̮̺̪̹̱̤ ̖t̝͕̳̣̻̪͞h̼͓̲̦̳̘̲e͇̣̰̦̬͎ ̢̼̻̱̘h͚͎͙̜̣̲ͅi̦̲̣̰̤v̻͍e̺̭̳̪̰-m̢iͅn̖̺̞̲̯̰d̵̼̟͙̩̼̘̳ ̞̥̱̳̭r̛̗̘e͙p͠r̼̞̻̭̗e̺̠̣͟s̘͇̳͍̝͉e͉̥̯̞̲͚̬͜ǹ̬͎͎̟̖͇̤t͍̬̤͓̼̭͘ͅi̪̱n͠g̴͉ ͏͉ͅc̬̟h͡a̫̻̯͘o̫̟̖͍̙̝͉s̗̦̲.̨̹͈̣", "̡͓̞ͅI̗̘̦͝n͇͇͙v̮̫ok̲̫̙͈i̖͙̭̹̠̞n̡̻̮̣̺g̲͈͙̭͙̬͎ ̰t͔̦h̞̲e̢̤ ͍̬̲͖f̴̘͕̣è͖ẹ̥̩l͖͔͚i͓͚̦͠n͖͍̗͓̳̮g͍ ̨o͚̪͡f̘̣̬ ̖̘͖̟͙̮c҉͔̫͖͓͇͖ͅh̵̤̣͚͔á̗̼͕ͅo̼̣̥s̱͈̺̖̦̻͢.̛̖̞̠̫̰", "̗̺͖̹̯͓Ṯ̤͍̥͇͈h̲́e͏͓̼̗̙̼̣͔ ͇̜̱̠͓͍ͅN͕͠e̗̱z̘̝̜̺͙p̤̺̹͍̯͚e̠̻̠͜r̨̤͍̺̖͔̖̖d̠̟̭̬̝͟i̦͖̩͓͔̤a̠̗̬͉̙n͚͜ ̻̞̰͚ͅh̵͉i̳̞v̢͇ḙ͎͟-҉̭̩̼͔m̤̭̫i͕͇̝̦n̗͙ḍ̟ ̯̲͕͞ǫ̟̯̰̲͙̻̝f ̪̰̰̗̖̭̘͘c̦͍̲̞͍̩̙ḥ͚a̮͎̟̙͜ơ̩̹͎s̤.̝̝ ҉Z̡̖̜͖̰̣͉̜a͖̰͙̬͡l̲̫̳͍̩g̡̟̼̱͚̞̬ͅo̗͜.̟", @@ -116,6 +124,14 @@ "Z̮̞̠͙͔ͅḀ̗̞͈̻̗Ḷ͙͎̯̹̞͓G̻O̭̗̮", "˙ɐnbᴉlɐ ɐuƃɐɯ ǝɹolop ʇǝ ǝɹoqɐl ʇn ʇunpᴉpᴉɔuᴉ ɹodɯǝʇ poɯsnᴉǝ op pǝs 'ʇᴉlǝ ƃuᴉɔsᴉdᴉpɐ ɹnʇǝʇɔǝsuoɔ 'ʇǝɯɐ ʇᴉs ɹolop ɯnsdᴉ ɯǝɹo˥", "00˙Ɩ$-", + "The quick brown fox jumps over the lazy dog", + "𝐓𝐡𝐞 𝐪𝐮𝐢𝐜𝐤 𝐛𝐫𝐨𝐰𝐧 𝐟𝐨𝐱 𝐣𝐮𝐦𝐩𝐬 𝐨𝐯𝐞𝐫 𝐭𝐡𝐞 𝐥𝐚𝐳𝐲 𝐝𝐨𝐠", + "𝕿𝖍𝖊 𝖖𝖚𝖎𝖈𝖐 𝖇𝖗𝖔𝖜𝖓 𝖋𝖔𝖝 𝖏𝖚𝖒𝖕𝖘 𝖔𝖛𝖊𝖗 𝖙𝖍𝖊 𝖑𝖆𝖟𝖞 𝖉𝖔𝖌", + "𝑻𝒉𝒆 𝒒𝒖𝒊𝒄𝒌 𝒃𝒓𝒐𝒘𝒏 𝒇𝒐𝒙 𝒋𝒖𝒎𝒑𝒔 𝒐𝒗𝒆𝒓 𝒕𝒉𝒆 𝒍𝒂𝒛𝒚 𝒅𝒐𝒈", + "𝓣𝓱𝓮 𝓺𝓾𝓲𝓬𝓴 𝓫𝓻𝓸𝔀𝓷 𝓯𝓸𝔁 𝓳𝓾𝓶𝓹𝓼 𝓸𝓿𝓮𝓻 𝓽𝓱𝓮 𝓵𝓪𝔃𝔂 𝓭𝓸𝓰", + "𝕋𝕙𝕖 𝕢𝕦𝕚𝕔𝕜 𝕓𝕣𝕠𝕨𝕟 𝕗𝕠𝕩 𝕛𝕦𝕞𝕡𝕤 𝕠𝕧𝕖𝕣 𝕥𝕙𝕖 𝕝𝕒𝕫𝕪 𝕕𝕠𝕘", + "𝚃𝚑𝚎 𝚚𝚞𝚒𝚌𝚔 𝚋𝚛𝚘𝚠𝚗 𝚏𝚘𝚡 𝚓𝚞𝚖𝚙𝚜 𝚘𝚟𝚎𝚛 𝚝𝚑𝚎 𝚕𝚊𝚣𝚢 𝚍𝚘𝚐", + "⒯⒣⒠ ⒬⒰⒤⒞⒦ ⒝⒭⒪⒲⒩ ⒡⒪⒳ ⒥⒰⒨⒫⒮ ⒪⒱⒠⒭ ⒯⒣⒠ ⒧⒜⒵⒴ ⒟⒪⒢", "", "", " ", @@ -129,11 +145,54 @@ "' onfocus=alert(document.title) autofocus ", "<script>alert(document.title)</script>", "ript>alert('XSS')ript>", + "-->", + "\";alert(0);t=\"", + "';alert(0);t='", + "JavaSCript:alert(0)", + ";alert(0);", + "src=JaVaSCript:prompt(9)", "1;DROP TABLE users", "1'; DROP TABLE users--", + "-", + "--", + "--version", + "--help", + "$USER", "/dev/null; touch /tmp/blns.fail ; echo", + "`touch /tmp/blns.fail`", + "$(touch /tmp/blns.fail)", + "@{[system \"touch /tmp/blns.fail\"]}", + "eval(\"puts 'hello world'\")", + "System(\"ls -al /\")", + "`ls -al /`", + "Kernel.exec(\"ls -al /\")", + "Kernel.exit(1)", + "%x('ls -al /')", + "$HOME", + "$ENV{'HOME'}", + "%d", + "%s", + "%*.*s", "../../../../../../../../../../../etc/passwd%00", "../../../../../../../../../../../etc/hosts", "() { 0; }; touch /tmp/blns.shellshock1.fail;", - "() { _; } >_[$($())] { touch /tmp/blns.shellshock2.fail; }" + "() { _; } >_[$($())] { touch /tmp/blns.shellshock2.fail; }", + "CON", + "PRN", + "AUX", + "CLOCK$", + "NUL", + "A:", + "ZZ:", + "COM1", + "LPT1", + "LPT2", + "LPT3", + "COM2", + "COM3", + "COM4", + "If you're reading this, you've been in coma for almost 20 years now. We're trying a new technique. We don't know where this message will end up in your dream, but we hope it works. Please wake up, we miss you.", + "Roses are \u001b[0;31mred\u001b[0m, violets are \u001b[0;34mblue. Hope you enjoy terminal hue", + "But now...\u001b[20Cfor my greatest trick...\u001b[8m", + "Powerلُلُصّبُلُلصّبُررً ॣ ॣh ॣ ॣ冗" ] \ No newline at end of file diff --git a/blns.txt b/blns.txt index f4ce82e..05cc85a 100644 --- a/blns.txt +++ b/blns.txt @@ -227,6 +227,12 @@ Z̮̞̠͙͔ͅḀ̗̞͈̻̗Ḷ͙͎̯̹̞͓G̻O̭̗̮ ' onfocus=alert(document.title) autofocus <script>alert(document.title)</script> ript>alert('XSS')ript> +--> +";alert(0);t=" +';alert(0);t=' +JavaSCript:alert(0) +;alert(0); +src=JaVaSCript:prompt(9) # SQL Injection #