[VIM] VDB nightmares come to life

security curmudgeon jericho at attrition.org
Sat Jan 30 00:37:13 UTC 2010

[At first, I thought this was 1000 new and was curious how VDBs would
  handle. Reading the .dat file though, says that they are *mostly*
  compiled from advisories and milw0rm. Ugh..]


Large List of RFIs (1000+)

I started on this project over a year ago, and then I stopped, and then I 
started it again, and then I stopped again, and finally today, I mostly 
got it finished (or as far as I.m willing to take it for today). I wanted 
to create a master list of a mess load of RFI (remote file include) 
attacks. I got the list from various sources and I.m sure I.m missing a 
ton so yes, if you think there.s some I.ve missed, go ahead and forward 
them on to me and I.ll add them in.

You can download the full list here (1002 RFIs at the time of writing).

But because of how I built this it.s got a few issues. The first one is 
that it doesn.t take into account the path to the vulnerable function. So 
if it.s http://www.vulnerable.com/bob/something. you have to add that in. 
The second issue is that sometimes the trailing question mark is needed 
but it.s not added in the string. But you may require the additional 
question mark so that you don.t get /r57.txt.somegarbage but rather 
/r57.txt?.somegarbage which will work. So if you use this, you may have to 
add in your own question marks after your RFI URL. Anyway, thoughts are 
welcome, and big thanks for the hundreds of people who found these in the 
first place!

More information about the VIM mailing list