123456 |
123456 |
0 |
123456 |
123456 |
0 |
../../../../../../etc/passwd |
123456 |
0 |
123456 |
123456 |
0 |
123456 |
123456 |
0 |
../../../../../../etc/passwd 123456 |
123456 |
0 |
123456 |
123456 |
0 |
123456 |
123456 |
0 |
123456 |
123456 |
0 |
%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2fetc%2fpasswd |
123456 |
0 |
123456 |
123456 |
0 |
123456 |
123456 |
0 |
%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u0 |
123456 |
0 |
123456 |
123456 |
0 |
123456 |
123456'"\( |
0 |
../../../../../../../../../../../../../../../../../../etc/passwd |
123456 |
0 |
123456 |
123456 |
0 |
123456 |
123456 |
0 |
../../../../../../../../../../../../../../../../../../etc/passwd 123456 |
123456 |
0 |
123456 |
123456 |
0 |
123456 |
123456 |
0 |
./../../../../../../../../../../../../../../../../../../etc/passwd |
123456 |
0 |
123456 |
123456/**/and/**/0=DBMS_PIPE.RECEIVE_MESSAGE('t',2) |
0 |
123456 |
123456/**/and/**/cast(md5('1040685624')as/**/int)>0 |
0 |
123456 |
123456'/**/and/**/DBMS_PIPE.RECEIVE_MESSAGE('g',0)='g |
0 |
123456 |
convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1702002751'))) |
0 |
123456 |
123456'/**/and/**/DBMS_PIPE.RECEIVE_MESSAGE('s',2)='s |
0 |
123456 |
123456'and/**/convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1518707805')))>'0 |
0 |
123456 |
123456鎈'"\( |
0 |
123456 |
123456'and(select+1)>0waitfor/**/delay'0:0:0 |
0 |
123456 |
123456"and/**/extractvalue(1,concat(char(126),md5(1025897023)))and" |
0 |
123456 |
123456'and(select+1)>0waitfor/**/delay'0:0:2 |
0 |
123456 |
extractvalue(1,concat(char(126),md5(1296297196))) |
0 |
123456 |
123456/**/and/**/2=DBMS_PIPE.RECEIVE_MESSAGE('u',0) |
0 |
123456 |
123456'and(select'1'from/**/cast(md5(1854341252)as/**/int))>'0 |
0 |
123456 |
123456 |
0 |
123456 |
123456/**/and(select+1/**/from/**/pg_sleep(2))>0/**/ |
0 |
123456 |
123456 |
0 |
123456 |
123456'/**/and(select'1'from/**/pg_sleep(0))::text>'0 |
0 |
123456 |
123456'/**/and(select'1'from/**/pg_sleep(2))::text>'0 |
0 |
123456 |
123456/**/and(select+1)>0waitfor/**/delay'0:0:0'/**/ |
0 |
123456 |
123456/**/and(select+1)>0waitfor/**/delay'0:0:2'/**/ |
0 |
123456 |
123456'and/**/extractvalue(1,concat(char(126),md5(1462908897)))and' |
0 |
123456'"\( |
123456 |
0 |
123456 |
123456'and(select*from(select+sleep(2))a/**/union/**/select+1)=' |
0 |
123456 |
123456 |
0 |
123456 |
123456"and(select*from(select+sleep(0))a/**/union/**/select+1)=" |
0 |
123456 |
123456 |
0 |
123456 |
123456 |
0 |
123456 |
123456"and(select*from(select+sleep(2))a/**/union/**/select+1)=" |
0 |
123456 |
123456 |
0 |
123456 |
123456/**/and(select+1/**/from/**/pg_sleep(0))>0/**/ |
0 |
123456 |
(select*from(select+sleep(0)union/**/select+1)a) |
0 |
123456 |
123456 |
0 |
123456'and/**/convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1132703003')))>'0 |
123456 |
0 |
123456 |
(select*from(select+sleep(2)union/**/select+1)a) |
0 |
123456 |
123456 |
0 |
123456鎈'"\( |
123456 |
0 |
123456 |
123456'and(select*from(select+sleep(0))a/**/union/**/select+1)=' |
0 |
123456 |
123456 |
0 |
123456 |
123456 |
0 |
123456 |
123456 |
0 |
123456'and(select'1'from/**/cast(md5(1331232837)as/**/int))>'0 |
123456 |
0 |
123456 |
123456 |
0 |
123456 |
123456 |
0 |
123456/**/and/**/cast(md5('1790432415')as/**/int)>0 |
123456 |
0 |
123456 |
123456 |
0 |
123456 |
123456 |
0 |
convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1098928359'))) |
123456 |
0 |
123456 |
123456'and'h'='h |
0 |
123456 |
123456 |
0 |
123456 |
123456'and'y'='m |
0 |
123456'and/**/extractvalue(1,concat(char(126),md5(1321271812)))and' |
123456 |
0 |
123456 |
123456"and"s"="s |
0 |
123456"and/**/extractvalue(1,concat(char(126),md5(1036732412)))and" |
123456 |
0 |
123456 |
123456"and"i"="o |
0 |
extractvalue(1,concat(char(126),md5(1489837169))) |
123456 |
0 |
123456 |
123456 |
0 |
123456 |
123456 |
0 |
123456 |
123456 |
0 |
123456 |
123456 |
0 |
123456 |
123456/**/and+3=3 |
0 |
123456 |
123456 |
0 |
123456 |
123456/**/and+3=7 |
0 |
123456 |
123456 |
0 |
123456 |
123456 |
0 |
123456 |
123456 |
0 |
123456 |
123456 |
0 |
123456 |
123456 |
0 |
123456 |
123456 |
0 |
123456 |
123456 |
0 |
123456 |
123456 |
0 |
123456 |
123456 |
0 |
123456 |
123456 |
0 |
ขอซ่อมไฟกิ่ง |
วิจิตร |
1 |
กีฬาประชาชน |
ประชาชนซอย 32 |
1 |
123456 |
123456 |
0 |
./../../../../../../etc/passwd |
123456 |
0 |
123456 |
123456 |
0 |
%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2fetc%2fpasswd |
123456 |
0 |
123456 |
123456 |
0 |
123456 |
123456 |
0 |
%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215etc%u2215passwd |
123456 |
0 |
123456 |
123456 |
0 |
/etc/passwd |
123456 |
0 |
123456 |
123456 |
0 |
/etc/passwd 123456 |
123456 |
0 |
123456 |
123456 |
0 |
%2fetc%2fpasswd |
123456 |
0 |
123456 |
123456 |
0 |
%u2215etc%u2215passwd |
123456 |
0 |
123456 |
123456 |
0 |
..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\Windows\win.ini |
123456 |
0 |
123456 |
123456 |
0 |
.\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\Windows\win.ini |
123456 |
0 |
123456 |
123456 |
0 |
..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\Windows\win.ini 123456 |
123456 |
0 |
%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cWindows%5cwin%2eini |
123456 |
0 |
123456 |
123456 |
0 |
123456 |
123456 |
0 |
%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u0 |
123456 |
0 |
123456 |
123456 |
0 |
..\..\..\..\..\..\Windows\win.ini |
123456 |
0 |
123456 |
123456 |
0 |
.\..\..\..\..\..\..\Windows\win.ini |
123456 |
0 |
123456 |
123456 |
0 |
..\..\..\..\..\..\Windows\win.ini 123456 |
123456 |
0 |
123456 |
123456 |
0 |
%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cWindows%5cwin%2eini |
123456 |
0 |
123456 |
123456 |
0 |
%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216Windows%u2216win%u002eini |
123456 |
0 |
../../../../../../../../../../../../../../../../../../Windows/win.ini |
123456 |
0 |
123456 |
123456 |
0 |
./../../../../../../../../../../../../../../../../../../Windows/win.ini |
123456 |
0 |
123456/**/and+2=2 |
123456 |
0 |
../../../../../../../../../../../../../../../../../../Windows/win.ini 123456 |
123456 |
0 |
123456/**/and+1=8 |
123456 |
0 |
%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2fWindows%2fwin%2eini |
123456 |
0 |
123456'and'g'='g |
123456 |
0 |
%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u0 |
123456 |
0 |
123456'and'o'='b |
123456 |
0 |
../../../../../../Windows/win.ini |
123456 |
0 |
123456"and"s"="s |
123456 |
0 |
./../../../../../../Windows/win.ini |
123456 |
0 |
123456"and"p"="v |
123456 |
0 |
../../../../../../Windows/win.ini 123456 |
123456 |
0 |
(select*from(select+sleep(0)union/**/select+1)a) |
123456 |
0 |
%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2fWindows%2fwin%2eini |
123456 |
0 |
(select*from(select+sleep(2)union/**/select+1)a) |
123456 |
0 |
%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215Windows%u2215win%u002eini |
123456 |
0 |
123456'and(select*from(select+sleep(0))a/**/union/**/select+1)=' |
123456 |
0 |
WEB-INF/web.xml |
123456 |
0 |
123456'and(select*from(select+sleep(2))a/**/union/**/select+1)=' |
123456 |
0 |
WEB-INF/web.xml;123456 |
123456 |
0 |
123456"and(select*from(select+sleep(0))a/**/union/**/select+1)=" |
123456 |
0 |
../WEB-INF/web.xml |
123456 |
0 |
123456"and(select*from(select+sleep(2))a/**/union/**/select+1)=" |
123456 |
0 |
../WEB-INF/web.xml;123456 |
123456 |
0 |
../../WEB-INF/web.xml |
123456 |
0 |
123456/**/and(select+1/**/from/**/pg_sleep(0))>0/**/ |
123456 |
0 |
../../WEB-INF/web.xml;123456 |
123456 |
0 |
123456/**/and(select+1/**/from/**/pg_sleep(2))>0/**/ |
123456 |
0 |
123456'/**/and(select'1'from/**/pg_sleep(0))::text>'0 |
123456 |
0 |
../../../WEB-INF/web.xml |
123456 |
0 |
../../../WEB-INF/web.xml;123456 |
123456 |
0 |
123456'/**/and(select'1'from/**/pg_sleep(2))::text>'0 |
123456 |
0 |
../../../../WEB-INF/web.xml |
123456 |
0 |
123456/**/and(select+1)>0waitfor/**/delay'0:0:0'/**/ |
123456 |
0 |
../../../../WEB-INF/web.xml;123456 |
123456 |
0 |
123456/**/and(select+1)>0waitfor/**/delay'0:0:2'/**/ |
123456 |
0 |
123456'and(select+1)>0waitfor/**/delay'0:0:0 |
123456 |
0 |
123456'and(select+1)>0waitfor/**/delay'0:0:2 |
123456 |
0 |
123456/**/and/**/2=DBMS_PIPE.RECEIVE_MESSAGE('p',0) |
123456 |
0 |
123456/**/and/**/1=DBMS_PIPE.RECEIVE_MESSAGE('l',2) |
123456 |
0 |
123456'/**/and/**/DBMS_PIPE.RECEIVE_MESSAGE('r',0)='r |
123456 |
0 |
123456'/**/and/**/DBMS_PIPE.RECEIVE_MESSAGE('u',2)='u |
123456 |
0 |
123456 |
123456 |
0 |
123456 |
123456 |
0 |
123456 |
123456 |
0 |
123456 |
123456 |
0 |
123456 |
123456 |
0 |
123456
expr 865781264 + 862471613 |
123456 |
0 |
123456|expr 989539702 + 971388272 |
123456 |
0 |
123456$(expr 966782955 + 912429909) |
123456 |
0 |
123456&set /A 843692175+959916883 |
123456 |
0 |
expr 854924467 + 818717374 |
123456 |
0 |
${@var_dump(md5(973769687))}; |
123456 |
0 |
'-var_dump(md5(955481546))-' |
123456 |
0 |
123456 |
123456
expr 815214690 + 826446002 |
0 |
123456 |
123456|expr 807441020 + 802178441 |
0 |
123456 |
${@var_dump(md5(220663885))}; |
0 |
123456 |
123456$(expr 800029978 + 888305094) |
0 |
123456 |
'-var_dump(md5(848259520))-' |
0 |
123456 |
123456&set /A 830920830+902207079 |
0 |
123456 |
123456 |
0 |
123456 |
expr 828893781 + 925366534 |
0 |
123456 |
123456 |
0 |
123456 |
123456 |
0 |
123456 |
'+(42548*41783)+' |
0 |
123456 |
123456 |
0 |
123456 |
123456 |
0 |
${984926974+812882132} |
123456 |
0 |
123456 |
123456 |
0 |
'+(40696*41686)+' |
123456 |
0 |
123456 |
123456 |
0 |
123456 |
123456 |
0 |
123456 |
${990347343+967320449} |
0 |
/*1*/{{870296509+903049241}} |
123456 |
0 |
123456 |
123456 |
0 |
123456 |
pjwuanporrzxehjbyjox |
0 |
${912609643+970115804} |
123456 |
0 |
123456 |
123456 |
0 |
${(895449091+846037243)?c} |
123456 |
0 |
#set($c=832432261+951709539)${c}$c |
123456 |
0 |
pjwuanporrzxehjbyjox |
123456 |
0 |
<%- 970532150+900300868 %> |
123456 |
0 |
123456 |
123456 |
0 |
123456 |
123456 |
0 |
123456 |
123456 |
0 |
123456 |
/*1*/{{805675447+958481126}} |
0 |
123456 |
123456 |
0 |
123456 |
123456 |
0 |
123456 |
${892537338+856535160} |
0 |
123456 |
123456 |
0 |
123456 |
${(910206686+880352412)?c} |
0 |
123456 |
123456 |
0 |
123456 |
#set($c=897064872+986224671)${c}$c |
0 |
123456 |
123456 |
0 |
123456 |
<%- 984314413+981273354 %> |
0 |
123456 |
123456 |
0 |
123456 |
123456 |
0 |
123456 |
123456 |
0 |
123456 |
123456 |
0 |
123456 |
123456 |
0 |
123456 |
123456 |
0 |
123456 |
123456 |
0 |
123456 |
123456 |
0 |
123456 |
123456 |
0 |
123456 |
123456 |
0 |
123456 |
123456 |
0 |
123456 |
123456 |
0 |
123456 |
123456 |
0 |
123456 |
123456 |
0 |
123456 |
123456 |
0 |
123456 |
123456 |
0 |
123456 |
123456 |
0 |
123456 |
123456 |
0 |
123456 |
123456 |
0 |
123456 |
123456 |
0 |
123456 |
123456 |
0 |
123456 |
123456 |
0 |
123456 |
123456 |
0 |
123456 |
123456 |
0 |
123456 |
123456 |
0 |
123456 |
123456 |
0 |
123456'and/**/extractvalue(1,concat(char(126),md5(1043006928)))and' |
123456 |
0 |
123456 |
123456 |
0 |
123456 |
123456 |
0 |
123456"and/**/extractvalue(1,concat(char(126),md5(1106095540)))and" |
123456 |
0 |
123456 |
123456 |
0 |
extractvalue(1,concat(char(126),md5(1459605055))) |
123456 |
0 |
123456 |
123456 |
0 |
123456 |
123456 |
0 |
123456'and(select'1'from/**/cast(md5(1650016002)as/**/int))>'0 |
123456 |
0 |
123456 |
123456 |
0 |
123456 |
123456 |
0 |
123456/**/and/**/cast(md5('1604686708')as/**/int)>0 |
123456 |
0 |
123456 |
123456 |
0 |
123456 |
123456 |
0 |
123456 |
123456 |
0 |
convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1936501508'))) |
123456 |
0 |
123456 |
123456 |
0 |
123456'and/**/convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1731291765')))>'0 |
123456 |
0 |
123456 |
123456 |
0 |
123456 |
123456 |
0 |
123456鎈'"\( |
123456 |
0 |
123456 |
123456 |
0 |
123456 |
123456 |
0 |
123456'"\( |
123456 |
0 |
123456 |
123456 |
0 |
123456 |
123456 |
0 |
123456 |
123456 |
0 |
123456 |
123456 |
0 |
123456 |
123456 |
0 |
123456 |
123456 |
0 |
123456 |
123456 |
0 |
123456 |
123456 |
0 |
123456 |
123456 |
0 |
123456 |
123456 |
0 |
123456 |
123456 |
0 |
123456 |
123456 |
0 |
123456 |
123456 |
0 |
123456 |
123456 |
0 |
123456 |
123456 |
0 |
123456 |
123456'and/**/extractvalue(1,concat(char(126),md5(1949838372)))and' |
0 |
123456 |
123456 |
0 |
123456 |
123456"and/**/extractvalue(1,concat(char(126),md5(1491479832)))and" |
0 |
123456 |
123456 |
0 |
123456 |
extractvalue(1,concat(char(126),md5(1688673867))) |
0 |
123456 |
123456 |
0 |
123456 |
123456'and(select'1'from/**/cast(md5(1319110266)as/**/int))>'0 |
0 |
123456 |
123456/**/and/**/cast(md5('1393347756')as/**/int)>0 |
0 |
123456 |
123456 |
0 |
123456 |
convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1385239996'))) |
0 |
123456 |
123456 |
0 |
123456 |
123456 |
0 |
123456 |
123456'and/**/convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1085144882')))>'0 |
0 |
123456 |
123456 |
0 |
123456 |
123456 |
0 |
123456 |
123456鎈'"\( |
0 |
123456 |
123456 |
0 |
123456 |
123456 |
0 |
123456 |
123456 |
0 |
123456/**/and+1=1 |
123456 |
0 |
123456 |
123456'"\( |
0 |
123456 |
123456 |
0 |
123456/**/and+4=6 |
123456 |
0 |
123456 |
123456 |
0 |
123456'and'f'='f |
123456 |
0 |
123456 |
123456 |
0 |
123456'and'g'='q |
123456 |
0 |
123456 |
123456 |
0 |
../../../../../../../../../../../../../../../../../../etc/passwd |
123456 |
0 |
123456"and"n"="n |
123456 |
0 |
123456 |
123456 |
0 |
../../../../../../../../../../../../../../../../../../etc/passwd 123456 |
123456 |
0 |
123456"and"z"="v |
123456 |
0 |
./../../../../../../../../../../../../../../../../../../etc/passwd |
123456 |
0 |
(select*from(select+sleep(0)union/**/select+1)a) |
123456 |
0 |
%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2fetc%2fpasswd |
123456 |
0 |
(select*from(select+sleep(2)union/**/select+1)a) |
123456 |
0 |
%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u0 |
123456 |
0 |
123456'and(select*from(select+sleep(0))a/**/union/**/select+1)=' |
123456 |
0 |
../../../../../../etc/passwd |
123456 |
0 |
123456'and(select*from(select+sleep(2))a/**/union/**/select+1)=' |
123456 |
0 |
../../../../../../etc/passwd 123456 |
123456 |
0 |
123456"and(select*from(select+sleep(0))a/**/union/**/select+1)=" |
123456 |
0 |
./../../../../../../etc/passwd |
123456 |
0 |
123456"and(select*from(select+sleep(2))a/**/union/**/select+1)=" |
123456 |
0 |
%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2fetc%2fpasswd |
123456 |
0 |
123456/**/and(select+1/**/from/**/pg_sleep(0))>0/**/ |
123456 |
0 |
%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215etc%u2215passwd |
123456 |
0 |
/etc/passwd |
123456 |
0 |
123456/**/and(select+1/**/from/**/pg_sleep(2))>0/**/ |
123456 |
0 |
123456'/**/and(select'1'from/**/pg_sleep(0))::text>'0 |
123456 |
0 |
/etc/passwd 123456 |
123456 |
0 |
123456'/**/and(select'1'from/**/pg_sleep(2))::text>'0 |
123456 |
0 |
%2fetc%2fpasswd |
123456 |
0 |
123456/**/and(select+1)>0waitfor/**/delay'0:0:0'/**/ |
123456 |
0 |
%u2215etc%u2215passwd |
123456 |
0 |
123456/**/and(select+1)>0waitfor/**/delay'0:0:2'/**/ |
123456 |
0 |
..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\Windows\win.ini |
123456 |
0 |
123456'and(select+1)>0waitfor/**/delay'0:0:0 |
123456 |
0 |
.\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\Windows\win.ini |
123456 |
0 |
123456'and(select+1)>0waitfor/**/delay'0:0:2 |
123456 |
0 |
..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\Windows\win.ini 123456 |
123456 |
0 |
123456/**/and/**/2=DBMS_PIPE.RECEIVE_MESSAGE('a',0) |
123456 |
0 |
%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cWindows%5cwin%2eini |
123456 |
0 |
%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u0 |
123456 |
0 |
123456/**/and/**/0=DBMS_PIPE.RECEIVE_MESSAGE('n',2) |
123456 |
0 |
..\..\..\..\..\..\Windows\win.ini |
123456 |
0 |
123456'/**/and/**/DBMS_PIPE.RECEIVE_MESSAGE('m',0)='m |
123456 |
0 |
.\..\..\..\..\..\..\Windows\win.ini |
123456 |
0 |
123456'/**/and/**/DBMS_PIPE.RECEIVE_MESSAGE('i',2)='i |
123456 |
0 |
..\..\..\..\..\..\Windows\win.ini 123456 |
123456 |
0 |
%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cWindows%5cwin%2eini |
123456 |
0 |
%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216Windows%u2216win%u002eini |
123456 |
0 |
../../../../../../../../../../../../../../../../../../Windows/win.ini |
123456 |
0 |
./../../../../../../../../../../../../../../../../../../Windows/win.ini |
123456 |
0 |
../../../../../../../../../../../../../../../../../../Windows/win.ini 123456 |
123456 |
0 |
%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2fWindows%2fwin%2eini |
123456 |
0 |
%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u0 |
123456 |
0 |
../../../../../../Windows/win.ini |
123456 |
0 |
./../../../../../../Windows/win.ini |
123456 |
0 |
../../../../../../Windows/win.ini 123456 |
123456 |
0 |
%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2fWindows%2fwin%2eini |
123456 |
0 |
123456 |
123456/**/and+2=2 |
0 |
%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215Windows%u2215win%u002eini |
123456 |
0 |
123456 |
123456/**/and+0=6 |
0 |
WEB-INF/web.xml |
123456 |
0 |
123456 |
123456'and'z'='z |
0 |
WEB-INF/web.xml;123456 |
123456 |
0 |
123456 |
123456'and'v'='i |
0 |
../WEB-INF/web.xml |
123456 |
0 |
123456 |
123456"and"h"="h |
0 |
../WEB-INF/web.xml;123456 |
123456 |
0 |
123456 |
123456"and"r"="l |
0 |
../../WEB-INF/web.xml |
123456 |
0 |
123456 |
(select*from(select+sleep(0)union/**/select+1)a) |
0 |
../../WEB-INF/web.xml;123456 |
123456 |
0 |
123456 |
(select*from(select+sleep(2)union/**/select+1)a) |
0 |
../../../WEB-INF/web.xml |
123456 |
0 |
123456 |
123456'and(select*from(select+sleep(0))a/**/union/**/select+1)=' |
0 |
../../../WEB-INF/web.xml;123456 |
123456 |
0 |
123456 |
123456'and(select*from(select+sleep(2))a/**/union/**/select+1)=' |
0 |
../../../../WEB-INF/web.xml |
123456 |
0 |
123456 |
123456"and(select*from(select+sleep(0))a/**/union/**/select+1)=" |
0 |
../../../../WEB-INF/web.xml;123456 |
123456 |
0 |
123456 |
123456"and(select*from(select+sleep(2))a/**/union/**/select+1)=" |
0 |
123456 |
123456/**/and(select+1/**/from/**/pg_sleep(0))>0/**/ |
0 |
123456 |
123456/**/and(select+1/**/from/**/pg_sleep(2))>0/**/ |
0 |
123456 |
123456'/**/and(select'1'from/**/pg_sleep(0))::text>'0 |
0 |
123456 |
123456'/**/and(select'1'from/**/pg_sleep(2))::text>'0 |
0 |
123456 |
123456/**/and(select+1)>0waitfor/**/delay'0:0:0'/**/ |
0 |
123456 |
123456/**/and(select+1)>0waitfor/**/delay'0:0:2'/**/ |
0 |
123456 |
123456'and(select+1)>0waitfor/**/delay'0:0:0 |
0 |
123456 |
123456'and(select+1)>0waitfor/**/delay'0:0:2 |
0 |
123456 |
123456/**/and/**/3=DBMS_PIPE.RECEIVE_MESSAGE('k',0) |
0 |
123456 |
123456/**/and/**/1=DBMS_PIPE.RECEIVE_MESSAGE('x',2) |
0 |
123456 |
123456'/**/and/**/DBMS_PIPE.RECEIVE_MESSAGE('l',0)='l |
0 |
123456 |
123456'/**/and/**/DBMS_PIPE.RECEIVE_MESSAGE('x',2)='x |
0 |
123456 |
123456
expr 846367565 + 830869573 |
0 |
123456 |
123456|expr 844359656 + 921109248 |
0 |
123456 |
123456$(expr 825985713 + 833249865) |
0 |
123456 |
123456&set /A 905737463+834678300 |
0 |
123456 |
expr 991036797 + 866951250 |
0 |
123456 |
123456 |
0 |
123456 |
123456 |
0 |
123456 |
123456 |
0 |
123456 |
123456 |
0 |
123456 |
123456 |
0 |
123456
expr 817445487 + 880933543 |
123456 |
0 |
123456|expr 873348868 + 879582894 |
123456 |
0 |
123456$(expr 943192592 + 928806269) |
123456 |
0 |
123456&set /A 815519737+868187658 |
123456 |
0 |
expr 992701006 + 974621436 |
123456 |
0 |
123456 |
123456 |
0 |
123456 |
123456 |
0 |
${@var_dump(md5(220483759))}; |
123456 |
0 |
'-var_dump(md5(982771225))-' |
123456 |
0 |
123456 |
${@var_dump(md5(701465989))}; |
0 |
123456 |
'-var_dump(md5(181000931))-' |
0 |
123456 |
123456 |
0 |
123456 |
'+(44023*41985)+' |
0 |
123456 |
123456 |
0 |
123456 |
123456 |
0 |
123456 |
123456 |
0 |
123456 |
123456 |
0 |
123456 |
${946887571+963775633} |
0 |
'+(41390*44275)+' |
123456 |
0 |
123456 |
123456 |
0 |
123456 |
123456 |
0 |
${841000514+837406364} |
123456 |
0 |
/*1*/{{958901114+894877593}} |
123456 |
0 |
${992827264+994324658} |
123456 |
0 |
123456 |
cmeztqrfmsnffigvddkh |
0 |
${(810302554+833243751)?c} |
123456 |
0 |
123456 |
123456 |
0 |
#set($c=856037382+942245279)${c}$c |
123456 |
0 |
cmeztqrfmsnffigvddkh |
123456 |
0 |
<%- 856270169+960890309 %> |
123456 |
0 |
123456 |
123456 |
0 |
123456 |
123456 |
0 |
123456 |
123456 |
0 |
123456 |
/*1*/{{887637790+972306491}} |
0 |
123456 |
${825452231+893712958} |
0 |
123456 |
${(907020959+948497423)?c} |
0 |
123456 |
#set($c=959630035+983517687)${c}$c |
0 |
123456 |
<%- 955485471+927384224 %> |
0 |
123456 |
123456 |
0 |
123456 |
123456 |
0 |
123456 |
123456 |
0 |
123456 |
123456 |
0 |
123456 |
123456 |
0 |
123456 |
123456 |
0 |
123456 |
123456 |
0 |
123456 |
123456 |
0 |
123456 |
123456 |
0 |
123456 |
123456 |
0 |
123456 |
123456 |
0 |
123456 |
123456 |
0 |
123456 |
123456 |
0 |