-page-....-2f-2f....-2f-2f....-2f-2fetc-2fpasswd

The string you've provided, -page-....-2F-2F....-2F-2F....-2F-2Fetc-2Fpasswd, is a classic example of a Path Traversal or Local File Inclusion (LFI) attack payload.

Below is a short draft. You can expand it into a full paper by adding an introduction, methodology, countermeasures, references, and academic formatting. -page-....-2F-2F....-2F-2F....-2F-2Fetc-2Fpasswd

An attacker submits ?page=....-2F-2F....-2F-2F....-2F-2Fetc-2Fpasswd. After URL decoding, the server builds:
/var/www/html/../../../../etc/passwd → normalized to /etc/passwd. The string you've provided, -page-

$page = $_GET['page'];
include("/var/www/pages/" . $page . ".php");

Custom evasion to bypass WAF rules looking for %2F or ../
Logging artifact where a WAF or proxy replaced / with -2F to avoid injection
Application-specific encoding (poorly designed custom encoding scheme)

3. Impact

Successful exploitation exposes sensitive system files (e.g., /etc/passwd, /etc/shadow, application config files). Combined with other flaws, it can lead to remote code execution. Custom evasion to bypass WAF rules looking for %2F or

Use Whitelists: Only allow specific, predefined values for parameters like page.

Chroot Jails: Running a web application in a chroot jail can significantly limit the damage by restricting file system access to a specific directory.

Sun Altitude:	0° - 90°
Sun Azimuth:	0° - 360°
Period calculation: