source: http://www.securityfocus.com/bid/5226/info BadBlue is a P2P file sharing application distributed by Working Resources. It is available for Microsoft Windows operating systems. It has been discovered that a request passed to a BadBlue server containing a null byte at the end of a file name will return the contents of the file. This type of request can be applied to gain access to sensitive information, such as the BadBlue configuration file. GET /ext.ini.% 00.txt HTTP/1.0