Cатсн²² (in)sесuяitу / ChrisJohnRiley

Because we're damned if we do, and we're damned if we don't!

A little bit of fuzz

Original by Boon Lee Fam (fam89)

A few weeks back I was on the search for a list of valid Linux commands to help with a weird fuzzing task I had. As  I couldn’t find anything that did the job, I ended up creating a few files with valid operating system commands for this purpose.

Not wanting them to disappear (as these things tend to do) I thought I’d share them here with you along with a few other files I created. Who know, they might come in useful for people in the lookout for these sort of things, or who come across weird fuzzing scenarios. It happens more often than you’d think 😉

These operating system command lists were gathered from openly available sources and converted to lowercase, 1 command per line, for ease of use with programs like Burp Suite. If you have any additions to these, please feel free to let me know.

In addition to these command lists I also put together a few other lists that might come in useful.

I’d like to thank Gareth Heyes for linking me to his JavaScript Functions list and paradoxengine, timb_machine for there help getting the Action list together. The WSDL list is an accumulation from 125 openly available .wsdl files found using the simple Google dork filetype:wsdl

* I’m currently working to get these included and maintained as part of the excellent FuzzDB project from Adam Muntner.

Comments are closed.

%d bloggers like this: